|
 | 作者: heero [heero]
 论坛用户 |
登录 |
| 提示auth (113/tcp)An identd server is running on this port NESSUS_ID : 10330 提示ssh (22/tcp)A ssh server is running on this port NESSUS_ID : 10330 提示ssh (22/tcp)通过登陆目标服务器并经过缓冲器接收可查出SSH服务的类型和版本。这些信息给予潜在的攻击者们关于他们要攻击的系统的额外信息。版本和类型会在可能的地方被泄露。 解决方案:运用过滤器拒绝信息从不被信赖的主机进入此端口。 风险等级:低 ___________________________________________________________________ Remote SSH version : SSH-1.99-OpenSSH_3.1p1 NESSUS_ID : 10267 漏洞www (80/tcp)根据远程主机Apache版本信息判断,此服务存在分块编码(chunked encoding)漏洞。 如果安全检测开关打开则此判断是不准确的。 Apache 1.2.2版,1.3 - 1.3.24 版,及2.0 - 2.0.36版都受该漏洞影响。 译者注:Apache 2.0x版本错误条件会正确的被探测,不会让攻击者有机会执行任意代码. Apache 1.3x会引起缓冲溢出,但由于需处理非常大的内存拷贝, 能否被攻击者利用取决于目标OS类型,目前已知BSD/Windows系统能执行任意代码, Linux不受影响,其他商用Unix不详。 解决方案 : 升级Apache到 1.3.26 (针对使用1.x系列的用户)或 2.0.39及更高版本。 详情参考 : http://httpd.apache.org/info/security_bulletin_20020617.txt http://httpd.apache.org/info/security_bulletin_20020620.txt 风险等级 : 高 ___________________________________________________________________ The remote host appears to be vulnerable to the Apache Web Server Chunk Handling Vulnerability. If Safe Checks are enabled, this may be a false positive since it is based on the version of Apache. Although unpatched Apache versions 1.2.2 and above, 1.3 through 1.3.24 and 2.0 through 2.0.36, the remote server may be running a patched version of Apache *** Note : as safe checks are enabled, Nessus solely relied on the banner to issue this alert Solution : Upgrade to version 1.3.26 or 2.0.39 or newer See also : http://httpd.apache.org/info/security_bulletin_20020617.txt http://httpd.apache.org/info/security_bulletin_20020620.txt Risk factor : High CVE_ID : CVE-2002-0392 BUGTRAQ_ID : 5033 NESSUS_ID : 11030 Other references : IAVA:2002-A-0008 警告www (80/tcp)CGI漏洞: http://*.*.*.*/cgi-bin警告www (80/tcp)CGI漏洞: http://*.*.*.*/down/警告www (80/tcp)CGI漏洞: http://*.*.*.*/log.txt提示www (80/tcp)The remote web server type is : Apache/1.3.20 (Unix) PHP/4.3.2 Solution : You can set the directive 'ServerTokens Prod' to limit the information emanating from the server in its response headers. NESSUS_ID : 10107 提示www (80/tcp)这个脚本检测远程主机是否运行Open WebMail并得到其版本。Open WebMail是一个用perl写的提供用户pop3和IMAP服务的WebMail程序。 风险等级:无 ___________________________________________________________________ The remote host is running Open WebMail = parseFloat(vers) under . Open WebMail is a webmail package written in Perl that provides access to mail accounts via POP3 or IMAP see <">http://www.openwebmail.org/> for more information. Risk factor : None NESSUS_ID : 12644 提示unknown (3306/tcp)Maybe the "MySql" service running on this port. Here is its banner: 28 ( NESSUS_ID : 10330 提示unknown (3306/tcp)Remote MySQL version : 3.23.40 NESSUS_ID : 10719 提示ftp (21/tcp) Maybe the "ftp" service running on this port. NESSUS_ID : 10330 请问这样的系统有入侵的可能吗? 还有,有人知道vBulletin 2.3.0论坛的漏洞吗? 欢迎各位来此讨论,可以和我联系squall-leonhart0@163.com或在此留言! |
| 地主 发表时间: 04-12-09 22:41 |
|
20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon
粤ICP备05087286号
论坛: 菜鸟乐园 标题: 我的系统安全吗?