Security Incidents mailing list archives
how to close security holes from nessus vulnerability scan report ?
From: pcchew () CSAH COM (Chew Poh Chang (CAPL))
Date: Thu, 6 Jul 2000 17:13:37 +0800
Hi, I used nessus to scan for vulnerability on our web server from our internal net. Some of the extract from the report are listed below. I would like to know how I can close the security holes presented below. Look forward to any comment. Best regards, Chew Poh Chang ---------------------------------------------------------------------------- ----------------------------------------- 1. Vulnerability found on port snmp (161/udp) SNMP Agent responded as expected with community name: private\ CVE : CAN-1999-0517 2. Vulnerability found on port unknown (32773/udp) The sadmin RPC service is running. There is a bug in Solaris versions of this service that allow an intruder to execute arbitrary commands on your system. Solution : disable this service Risk factor : High 3. Vulnerability found on port unknown (8087/tcp) The Sambar webserver is running. It provides a webinterface for configuration purposes. The admin user has no password and there are some other default users without passwords Everyone could set the HTTP-Root to c:\ and delete your files! Solution : Change the passwords via the webinterface or use a real webserver like Apache. Risk factor : High
Current thread:
- scan log and subsequent response from the host's ISP Bradley Woodward (Jul 02)
- Fwd: [Fw: Ive been broken into ] JEFF WATSON (Jul 05)
- version.bind from zen.isi.edu Patrick Oonk (Jul 05)
- Re: scan log and subsequent response from the host's ISP Patrick Oonk (Jul 05)
- Re: scan log and subsequent response from the host's ISP Dan Hollis (Jul 05)
- Re: scan log and subsequent response from the host's ISP Dan Hollis (Jul 05)
- Re: scan log and subsequent response from the host's ISP Talisker (Jul 10)
- Re: scan log and subsequent response from the host's ISP Pauel Loshkin (Jul 05)
- how to close security holes from nessus vulnerability scan report ? Chew Poh Chang (CAPL) (Jul 06)
- Snort SMTP expn-root Oxenreider, Jeff (Jul 06)
- Re: Snort SMTP expn-root Joe McAlerney (Jul 06)
- Re: Snort SMTP expn-root Bill Pennington (Jul 06)
- Re: Snort SMTP expn-root dyer (Jul 06)
- Simultaneous Attacks Harlan S. Barney, Jr. (Jul 06)
- Re: Simultaneous Attacks Valdis Kletnieks (Jul 07)
- Re: Simultaneous Attacks Ryan Russell (Jul 07)
- Ehm... what? (Re: Simultaneous Attacks) Martin Macok (Jul 11)
- Re: Simultaneous Attacks Richard Bejtlich (Jul 11)
- Re: scan log and subsequent response from the host's ISP Ejovi Nuwere (Jul 06)