List of PlugIn IDs

>print



The following plugin IDs have problems associated with them. Select the ID to review more detail.

Plugin id#arrow# of issuesarrowPlugin namearrowSeverityarrow
11013 2 Cisco VoIP Phone Multiple Script Malformed Request DoS High Severity problem(s) found
42411 1 Microsoft Windows SMB Shares Unprivileged Access High Severity problem(s) found
10204 1 Microsoft Windows NT SCM Malformed Resource Enumeration Request DoS High Severity problem(s) found
11157 1 Trojan Horse Detection Medium Severity problem(s) found
12218 1 mDNS Detection Medium Severity problem(s) found
10736 7 DCE Services Enumeration Low Severity problem(s) found
19506 3 Nessus Scan Information Low Severity problem(s) found
35716 3 Ethernet Card Manufacturer Detection Low Severity problem(s) found
10287 2 Traceroute Information Low Severity problem(s) found
22964 2 Service Detection Low Severity problem(s) found
11936 2 OS Identification Low Severity problem(s) found
11011 2 Microsoft Windows SMB Service Detection Low Severity problem(s) found
27576 2 Firewall Detection Low Severity problem(s) found
10150 1 Windows NetBIOS / SMB Remote Host Information Disclosure Low Severity problem(s) found
35712 1 Web Server UPnP Detection Low Severity problem(s) found
35711 1 Universal Plug and Play (UPnP) Protocol Detection Low Severity problem(s) found
25220 1 TCP/IP Timestamps Supported Low Severity problem(s) found
10860 1 SMB Use Host SID to Enumerate Local Users Low Severity problem(s) found
11153 1 Service Detection (HELP Request) Low Severity problem(s) found
35713 1 Scan for UPnP hosts (multicast) Low Severity problem(s) found
24786 1 Nessus Windows Scan Not Performed with Admin Privileges Low Severity problem(s) found
10395 1 Microsoft Windows SMB Shares Enumeration Low Severity problem(s) found
26917 1 Microsoft Windows SMB Registry : Nessus Cannot Access the Windows Registry Low Severity problem(s) found
10785 1 Microsoft Windows SMB NativeLanManager Remote System Information Disclosure Low Severity problem(s) found
10859 1 Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration Low Severity problem(s) found
10394 1 Microsoft Windows SMB Log In Possible Low Severity problem(s) found
17651 1 Microsoft Windows SMB : Obtains the Password Policy Low Severity problem(s) found
10915 1 Microsoft Windows - Local Users Information : User has never logged on Low Severity problem(s) found
10916 1 Microsoft Windows - Local Users Information : Passwords never expire Low Severity problem(s) found
10913 1 Microsoft Windows - Local Users Information : Disabled accounts Low Severity problem(s) found
10902 1 Microsoft Windows 'Administrators' Group User List Low Severity problem(s) found
46215 1 Inconsistent Hostname and IP Address Low Severity problem(s) found
10114 1 ICMP Timestamp Request Remote Date Disclosure Low Severity problem(s) found
24260 1 HyperText Transfer Protocol (HTTP) Information Low Severity problem(s) found
10107 1 HTTP Server Type and Version Low Severity problem(s) found
12053 1 Host Fully Qualified Domain Name (FQDN) Resolution Low Severity problem(s) found
54615 1 Device Type Low Severity problem(s) found
45590 1 Common Platform Enumeration (CPE) Low Severity problem(s) found

Port cifs (445/tcp)

Plugin ID: 10785

Microsoft Windows SMB NativeLanManager Remote System Information Disclosure


Synopsis
It is possible to obtain information about the remote operating system.

List of Hosts

192.168.2.193

Plugin Output
The remote Operating System is : Windows 7 Professional 7601 Service Pack 1
The remote native lan manager is : Windows 7 Professional 6.1
The remote SMB Domain Name is : WIN7-64



Description
It is possible to get the remote operating system name and
version (Windows and/or Samba) by sending an authentication
request to port 139 or 445.


Solution
n/a


Risk Factor
None


Plugin publication date: 2001/10/17
Plugin last modification date: 2011/03/17

Port cifs (445/tcp)

Plugin ID: 17651

Microsoft Windows SMB : Obtains the Password Policy


Synopsis
It is possible to retrieve the remote host's password policy using the supplied credentials.

List of Hosts

192.168.2.193

Plugin Output
The following password policy is defined on the remote host:

Minimum password len: 0
Password history len: 0
Maximum password age (d): 42
Password must meet complexity requirements: Disabled
Minimum password age (d): 0
Forced logoff time (s): Not set
Locked account time (s): 1800
Time between failed logon (s): 1800
Number of invalid logon before locked out (s): 0



Description
Using the supplied credentials it was possible to extract the
password policy for the remote Windows host. The password policy must
conform to the Informational System Policy.


Solution
n/a


Risk Factor
None


Plugin publication date: 2005/03/30
Plugin last modification date: 2011/03/04

Port (17500/tcp)

Plugin ID: 11157

Trojan Horse Detection


Synopsis
The remote host might be infected by a Trojan / worm.

List of Hosts

192.168.2.193

Plugin Output
An unknown service runs on this port.
It is sometimes opened by this/these Trojan horse(s):
CrazzyNet

Unless you know for sure what is behind it, you'd better
check your system

*** Anyway, don't panic, Nessus only found an open port. It may
*** have been dynamically allocated to some service (e.g., RPC)



Description
An unknown service was found running on this port. Trojan Horses and
other malware may sometimes open these ports to allow remote access
to the machine.

Ensure that this port is intended to be open and controlled by
legitimate software installed by the administrator.


Solution
If a Trojan Horse is found running, it is highly recommended that the
operating system be reinstalled to ensure removal.


Risk Factor
Medium


Plugin publication date: 2002/11/19
Plugin last modification date: 2011/12/01

Port www (10243/tcp)

Plugin ID: 22964

Service Detection


Synopsis
The remote service could be identified.

List of Hosts

192.168.2.193

Plugin Output
A web server is running on this port.



Description
It was possible to identify the remote service by its banner or by looking
at the error message it sends when it receives an HTTP request.


Solution
n/a


Risk Factor
None


Plugin publication date: 2007/08/19
Plugin last modification date: 2011/12/02

Port www (5357/tcp)

Plugin ID: 22964

Service Detection


Synopsis
The remote service could be identified.

List of Hosts

192.168.2.193

Plugin Output
A web server is running on this port.



Description
It was possible to identify the remote service by its banner or by looking
at the error message it sends when it receives an HTTP request.


Solution
n/a


Risk Factor
None


Plugin publication date: 2007/08/19
Plugin last modification date: 2011/12/02

Port (0/tcp)

Plugin ID: 45590

Common Platform Enumeration (CPE)


Synopsis
It is possible to enumerate CPE names that matched on the remote system.

List of Hosts

192.168.2.193

Plugin Output

The remote operating system matched the following CPE :

cpe:/o:microsoft:windows_7:::professional



Description
By using information obtained from a Nessus scan, this plugin reports
CPE (Common Platform Enumeration) matches for various hardware and
software products found on a host.

Note that if an official CPE is not available for the product, this
plugin computes the best possible CPE based on the information
available from the scan.


Solution
n/a



Risk Factor
None


Plugin publication date: 2010/04/21
Plugin last modification date: 2011/10/20

Port mdns (5353/udp)

Plugin ID: 12218

mDNS Detection


Synopsis
It is possible to obtain information about the remote host.

List of Hosts

192.168.2.195

Plugin Output
Nessus was able to extract the following information :

- mDNS hostname : Ubuntu.local.

- Advertised services :
o Service name : Ubuntu [08:00:27:94:5b:26]._workstation._tcp.local.
Port number : 9
o Service name : Ubuntu._udisks-ssh._tcp.local.
Port number : 22

- CPU type : I686
- OS : LINUX



Description
The remote service understands the Bonjour (also known as ZeroConf or
mDNS) protocol, which allows anyone to uncover information from the
remote host such as its operating system type and exact version, its
hostname, and the list of services it is running.


Solution
Filter incoming traffic to UDP port 5353 if desired.


Risk Factor
Medium/ CVSS Base Score: 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)


Plugin publication date: 2004/04/28
Plugin last modification date: 2011/03/11

Port (0/tcp)

Plugin ID: 24786

Nessus Windows Scan Not Performed with Admin Privileges


Synopsis
The Nessus scan of this host may be incomplete due to insufficient privileges provided.

List of Hosts

192.168.2.193

Plugin Output
It was not possible to connect to \\WIN7-64\ADMIN$



Description
The Nessus scanner testing the remote host has been given SMB
credentials to log into the remote host, however these credentials
do not have administrative privileges.

Typically, when Nessus performs a patch audit, it logs into the
remote host and reads the version of the DLLs on the remote host
to determine if a given patch has been applied or not. This is
the method Microsoft recommends to determine if a patch has been
applied.

If your Nessus scanner does not have administrative privileges when
doing a scan, then Nessus has to fall back to perform a patch audit
through the registry which may lead to false positives (especially
when using third party patch auditing tools) or to false negatives
(not all patches can be detected thru the registry).


Solution
Reconfigure your scanner to use credentials with administrative
privileges.


Risk Factor
None


Plugin publication date: 2007/03/12
Plugin last modification date: 2011/03/04

Port cifs (445/tcp)

Plugin ID: 10395

Microsoft Windows SMB Shares Enumeration


Synopsis
It is possible to enumerate remote network shares.

List of Hosts

192.168.2.193

Plugin Output

Here are the SMB shares available on the remote host when logged as Nessus:

- ADMIN$
- C$
- IPC$
- Users



Description
By connecting to the remote host, Nessus was able to enumerate
the network share names.


Solution
N/A


Risk Factor
None


Plugin publication date: 2000/05/09
Plugin last modification date: 2011/09/14

Port (0/tcp)

Plugin ID: 11936

OS Identification


Synopsis
It is possible to guess the remote operating system.

List of Hosts

192.168.2.195

Plugin Output

Remote operating system : Linux Kernel
Confidence Level : 30
Method : mDNS


The remote host is running Linux Kernel


192.168.2.193

Plugin Output

Remote operating system : Windows 7 Professional
Confidence Level : 99
Method : MSRPC


The remote host is running Windows 7 Professional



Description
Using a combination of remote probes, (TCP/IP, SMB, HTTP, NTP, SNMP, etc...)
it is possible to guess the name of the remote operating system in use, and
sometimes its version.


Solution
N/A


Risk Factor
None


Plugin publication date: 2003/12/09
Plugin last modification date: 2011/09/23

Port netbios-ns (137/udp)

Plugin ID: 10150

Windows NetBIOS / SMB Remote Host Information Disclosure


Synopsis
It is possible to obtain the network name of the remote host.

List of Hosts

192.168.2.193

Plugin Output
The following 4 NetBIOS names have been gathered :

WIN7-64 = Computer name
WORKGROUP = Workgroup / Domain name
WIN7-64 = File Server Service
WORKGROUP = Browser Service Elections

The remote host has the following MAC address on its adapter :
08:00:27:87:22:91



Description
The remote host listens on UDP port 137 or TCP port 445 and replies to
NetBIOS nbtscan or SMB requests.

Note that this plugin gathers information to be used in other plugins
but does not itself generate a report.


Solution
n/a


Risk Factor
None


Plugin publication date: 1999/10/12
Plugin last modification date: 2011/05/24

Port (0/tcp)

Plugin ID: 10902

Microsoft Windows 'Administrators' Group User List


Synopsis
There is at least one user in the 'Administrators' group.

List of Hosts

192.168.2.193

Plugin Output

The following users are members of the 'Administrators' group :

- Win7-64\Administrator (User)
- Win7-64\Obi Wan (User)
- Win7-64\Nessus (User)



Description
Using the supplied credentials, it is possible to extract the member
list of the 'Administrators' group. Members of this group have
complete access to the remote system.


Solution
Verify that each member of the group should have this type of access.


Risk Factor
None


Plugin publication date: 2002/03/15
Plugin last modification date: 2011/03/04

Port upnp-client (1900/udp)

Plugin ID: 35713

Scan for UPnP hosts (multicast)


Synopsis
This machine is a UPnP client.

List of Hosts

192.168.2.193


Description
This machine answered to a multicast UPnP NOTIFY packet by trying to
fetch the XML description that Nessus advertised.


Solution
n/a


Risk Factor
None


Plugin publication date: 2009/02/19
Plugin last modification date: 2011/03/17

Port (0/tcp)

Plugin ID: 10915

Microsoft Windows - Local Users Information : User has never logged on


Synopsis
At least one local user has never logged in to his / her account.

List of Hosts

192.168.2.193

Plugin Output

The following local users have never logged in :

- Guest
- HomeGroupUser$


Note that, in addition to the Administrator and Guest accounts, Nessus
has only checked for local users with UIDs between 1000 and 1200.
To use a different range, edit the scan policy and change the 'Start
UID' and/or 'End UID' preferences for 'SMB use host SID to enumerate
local users' setting, and then re-run the scan.



Description
Using the supplied credentials, it is possible to list local users who
have never logged into their accounts.


Solution
Delete accounts that are not needed.


Risk Factor
None


Other references
OSVDB:754


Vulnerability publication date: 1980/01/01
Plugin publication date: 2002/03/17
Plugin last modification date: 2011/03/21

Port (0/tcp)

Plugin ID: 35716

Ethernet Card Manufacturer Detection


Synopsis
The manufacturer can be deduced from the Ethernet OUI.

List of Hosts

192.168.2.195

Plugin Output

The following card manufacturers were identified :

08:00:27:94:5b:26 : CADMUS COMPUTER SYSTEMS


192.168.2.194

Plugin Output

The following card manufacturers were identified :

08:00:27:8c:41:5f : CADMUS COMPUTER SYSTEMS


192.168.2.193

Plugin Output

The following card manufacturers were identified :

08:00:27:87:22:91 : CADMUS COMPUTER SYSTEMS



Description
Each ethernet MAC address starts with a 24-bit 'Organizationally
Unique Identifier'.
These OUI are registered by IEEE.


Solution
n/a



Risk Factor
None


Plugin publication date: 2009/02/19
Plugin last modification date: 2011/03/27

Port cifs (445/tcp)

Plugin ID: 10859

Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration


Synopsis
It is possible to obtain the host SID for the remote host.

List of Hosts

192.168.2.193

Plugin Output

The remote host SID value is :

1-5-21-2173961986-3163467548-3695327060

The value of 'RestrictAnonymous' setting is : unknown



Description
By emulating the call to LsaQueryInformationPolicy(), it was possible
to obtain the host SID (Security Identifier).

The host SID can then be used to get the list of local users.


Solution
You can prevent anonymous lookups of the host SID by setting the
'RestrictAnonymous' registry setting to an appropriate value.

Refer to the 'See also' section for guidance.



Risk Factor
None


Vulnerability publication date: 2000/01/31
Plugin publication date: 2002/02/13
Plugin last modification date: 2011/09/15
Ease of exploitability: Exploits are available

Port cifs (445/tcp)

Plugin ID: 26917

Microsoft Windows SMB Registry : Nessus Cannot Access the Windows Registry


Synopsis
Nessus is not able to access the remote Windows Registry.

List of Hosts

192.168.2.193

Plugin Output
Could not connect to the registry because:
Could not connect to \winreg



Description
It was not possible to connect to PIPE\winreg on the remote host.

If you intend to use Nessus to perform registry-based checks, the
registry checks will not work because the 'Remote Registry Access'
service (winreg) has been disabled on the remote host or can not be
connected to with the supplied credentials.


Solution
n/a


Risk Factor
None


Plugin publication date: 2007/10/04
Plugin last modification date: 2011/03/27

Port www (2869/tcp)

Plugin ID: 35712

Web Server UPnP Detection


Synopsis
The remote web server provides UPnP information.

List of Hosts

192.168.2.193

Plugin Output

Here is a summary of http://192.168.2.193:2869/upnphost/udhisapi.dll?content=uuid:977c50c7-7ed0-4f36-8e31-44da14188ec4 :

friendlyName:WIN7-64: Obi Wan:
deviceType:urn:schemas-upnp-org:device:MediaServer:1
manufacturer:Microsoft Corporation
manufacturerURL:http://www.microsoft.com
modelName:Windows Media Player Sharing
modelNumber:12.0
modelURL:http://go.microsoft.com/fwlink/?LinkId=105926
serialNumber:{ACCC07C9-4E3A-4018-80C7-B143552F2500}



Description
It was possible to extract some information about the UPnP-enabled
device by querying this web server.
Services may also be reachable through SOAP requests.


Solution
Filter incoming traffic to this port if desired.



Risk Factor
None


Plugin publication date: 2009/02/19
Plugin last modification date: 2011/03/14

Port cifs (445/tcp)

Plugin ID: 11011

Microsoft Windows SMB Service Detection


Synopsis
A file / print sharing service is listening on the remote host.

List of Hosts

192.168.2.193

Plugin Output

A CIFS server is running on this port.



Description
The remote service understands the CIFS (Common Internet File System)
or Server Message Block (SMB) protocol, used to provide shared access
to files, printers, etc between nodes on a network.


Solution
n/a


Risk Factor
None


Plugin publication date: 2002/06/05
Plugin last modification date: 2011/03/11

Port smb (139/tcp)

Plugin ID: 11011

Microsoft Windows SMB Service Detection


Synopsis
A file / print sharing service is listening on the remote host.

List of Hosts

192.168.2.193

Plugin Output

An SMB server is running on this port.



Description
The remote service understands the CIFS (Common Internet File System)
or Server Message Block (SMB) protocol, used to provide shared access
to files, printers, etc between nodes on a network.


Solution
n/a


Risk Factor
None


Plugin publication date: 2002/06/05
Plugin last modification date: 2011/03/11

Port (0/tcp)

Plugin ID: 10916

Microsoft Windows - Local Users Information : Passwords never expire


Synopsis
At least one local user has a password that never expires.

List of Hosts

192.168.2.193

Plugin Output

The following local users have passwords that never expire :

- Administrator
- Guest
- Obi Wan
- HomeGroupUser$
- Nessus


Note that, in addition to the Administrator and Guest accounts, Nessus
has only checked for local users with UIDs between 1000 and 1200.
To use a different range, edit the scan policy and change the 'Start
UID' and/or 'End UID' preferences for this plugin, then re-run the
scan.



Description
Using the supplied credentials, it is possible to list local users
whose passwords never expire.


Solution
Allow / require users to change their passwords regularly.


Risk Factor
None


Other references
OSVDB:755


Vulnerability publication date: 1980/01/01
Plugin publication date: 2002/03/17
Plugin last modification date: 2011/03/21

Port (0/tcp)

Plugin ID: 46215

Inconsistent Hostname and IP Address


Synopsis
The remote host's hostname is not consistent with DNS information.

List of Hosts

192.168.2.193

Plugin Output
The host name 'Win7-64' resolves to 67.215.65.132, not to 192.168.2.193



Description
The name of this machine either does not resolve or resolves to a
different IP address.

This may come from a badly configured reverse DNS or from a host file
in use on the Nessus scanning host.

As a result, URLs in plugin output may not be directly usable in a web
browser and some web tests may be incomplete.


Solution
Fix the reverse DNS or host file.


Risk Factor
None


Plugin publication date: 2010/05/03
Plugin last modification date: 2011/10/06

Port (0/tcp)

Plugin ID: 27576

Firewall Detection


Synopsis
The remote host is behind a firewall

List of Hosts

192.168.2.194

192.168.2.193


Description
Based on the responses obtained by the SYN or TCP port scanner, it was
possible to determine that the remote host seems to be protected by a
firewall.


Solution
n/a


Risk Factor
None


Plugin publication date: 2007/10/26
Plugin last modification date: 2011/03/21

Port (0/tcp)

Plugin ID: 54615

Device Type


Synopsis
It is possible to guess the remote device type.

List of Hosts

192.168.2.193

Plugin Output
Remote device type : general-purpose
Confidence level : 99



Description
Based on the remote operating system, it is possible to determine
what the remote system type is (eg: a printer, router, general-purpose
computer, etc).


Solution
n/a


Risk Factor
None


Plugin publication date: 2011/05/23
Plugin last modification date: 2011/05/23

Port (0/tcp)

Plugin ID: 12053

Host Fully Qualified Domain Name (FQDN) Resolution


Synopsis
It was possible to resolve the name of the remote host.

List of Hosts

192.168.2.193

Plugin Output

192.168.2.193 resolves as Win7-64.



Description
Nessus was able to resolve the FQDN of the remote host.


Solution
n/a


Risk Factor
None


Plugin publication date: 2004/02/11
Plugin last modification date: 2011/07/14

Port www (10243/tcp)

Plugin ID: 24260

HyperText Transfer Protocol (HTTP) Information


Synopsis
Some information about the remote HTTP configuration can be extracted.

List of Hosts

192.168.2.193

Plugin Output

Protocol version : HTTP/1.1
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 03 Dec 2011 23:18:28 GMT
Connection: close
Content-Length: 315



Description
This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive and HTTP pipelining are enabled,
etc...

This test is informational only and does not denote any security
problem.


Solution
n/a


Risk Factor
None


Plugin publication date: 2007/01/30
Plugin last modification date: 2011/05/31

Port www (2869/tcp)

Plugin ID: 11153

Service Detection (HELP Request)


Synopsis
The remote service could be identified.

List of Hosts

192.168.2.193

Plugin Output
A web server seems to be running on this port.



Description
It was possible to identify the remote service by its banner or by looking
at the error message it sends when it receives a 'HELP' request.


Solution
n/a


Risk Factor
None


Plugin publication date: 2002/11/18
Plugin last modification date: 2011/11/28

Port www (10243/tcp)

Plugin ID: 10107

HTTP Server Type and Version


Synopsis
A web server is running on the remote host.

List of Hosts

192.168.2.193

Plugin Output
The remote web server type is :

Microsoft-HTTPAPI/2.0



Description
This plugin attempts to determine the type and the version of the
remote web server.


Solution
n/a


Risk Factor
None


Plugin publication date: 2000/01/04
Plugin last modification date: 2011/11/30

Port dce-rpc (49156/tcp)

Plugin ID: 10736

DCE Services Enumeration


Synopsis
A DCE/RPC service is running on the remote host.

List of Hosts

192.168.2.193

Plugin Output

The following DCERPC services are available on TCP port 49156 :

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 367abb81-9844-35f1-ad32-98f038001003, version 2.0
Description : Unknown RPC service
Type : Remote RPC service
TCP Port : 49156
IP : 192.168.2.193



Description
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.


Solution
N/A


Risk Factor
None


Plugin publication date: 2001/08/26
Plugin last modification date: 2011/03/04

Port dce-rpc (49155/tcp)

Plugin ID: 10736

DCE Services Enumeration


Synopsis
A DCE/RPC service is running on the remote host.

List of Hosts

192.168.2.193

Plugin Output

The following DCERPC services are available on TCP port 49155 :

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0
Description : Unknown RPC service
Annotation : IP Transition Configuration endpoint
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0
Description : Unknown RPC service
Annotation : XactSrv service
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 58e604e8-9adb-4d2e-a464-3b0683fb1480, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
TCP Port : 49155
IP : 192.168.2.193



Description
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.


Solution
N/A


Risk Factor
None


Plugin publication date: 2001/08/26
Plugin last modification date: 2011/03/04

Port dce-rpc (49154/tcp)

Plugin ID: 10736

DCE Services Enumeration


Synopsis
A DCE/RPC service is running on the remote host.

List of Hosts

192.168.2.193

Plugin Output

The following DCERPC services are available on TCP port 49154 :

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Remote RPC service
TCP Port : 49154
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Remote RPC service
TCP Port : 49154
IP : 192.168.2.193



Description
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.


Solution
N/A


Risk Factor
None


Plugin publication date: 2001/08/26
Plugin last modification date: 2011/03/04

Port dce-rpc (49153/tcp)

Plugin ID: 10736

DCE Services Enumeration


Synopsis
A DCE/RPC service is running on the remote host.

List of Hosts

192.168.2.193

Plugin Output

The following DCERPC services are available on TCP port 49153 :

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0
Description : Unknown RPC service
Annotation : Event log TCPIP
Type : Remote RPC service
TCP Port : 49153
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Remote RPC service
TCP Port : 49153
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Remote RPC service
TCP Port : 49153
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Remote RPC service
TCP Port : 49153
IP : 192.168.2.193

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0
Description : Unknown RPC service
Annotation : NRP server endpoint
Type : Remote RPC service
TCP Port : 49153
IP : 192.168.2.193



Description
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.


Solution
N/A


Risk Factor
None


Plugin publication date: 2001/08/26
Plugin last modification date: 2011/03/04

Port dce-rpc (49152/tcp)

Plugin ID: 10736

DCE Services Enumeration


Synopsis
A DCE/RPC service is running on the remote host.

List of Hosts

192.168.2.193

Plugin Output

The following DCERPC services are available on TCP port 49152 :

Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91
UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
TCP Port : 49152
IP : 192.168.2.193



Description
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.


Solution
N/A


Risk Factor
None


Plugin publication date: 2001/08/26
Plugin last modification date: 2011/03/04

Port cifs (445/tcp)

Plugin ID: 10736

DCE Services Enumeration


Synopsis
A DCE/RPC service is running on the remote host.

List of Hosts

192.168.2.193

Plugin Output

The following DCERPC services are available remotely :

Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91
UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : \PIPE\InitShutdown
Netbios name : \\WIN7-64

Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000
UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : \PIPE\InitShutdown
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : \pipe\trkwks
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Remote RPC service
Named pipe : \pipe\lsass
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Remote RPC service
Named pipe : \PIPE\protected_storage
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Remote RPC service
Named pipe : \pipe\lsass
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Remote RPC service
Named pipe : \PIPE\protected_storage
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0
Description : Unknown RPC service
Annotation : IP Transition Configuration endpoint
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0
Description : Unknown RPC service
Annotation : XactSrv service
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\srvsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\browser
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\srvsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\browser
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\srvsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\browser
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 58e604e8-9adb-4d2e-a464-3b0683fb1480, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\atsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 58e604e8-9adb-4d2e-a464-3b0683fb1480, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\srvsvc
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 58e604e8-9adb-4d2e-a464-3b0683fb1480, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Remote RPC service
Named pipe : \PIPE\browser
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0
Description : Unknown RPC service
Annotation : Event log TCPIP
Type : Remote RPC service
Named pipe : \pipe\eventlog
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Remote RPC service
Named pipe : \pipe\eventlog
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Remote RPC service
Named pipe : \pipe\eventlog
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Remote RPC service
Named pipe : \pipe\eventlog
Netbios name : \\WIN7-64

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0
Description : Unknown RPC service
Annotation : NRP server endpoint
Type : Remote RPC service
Named pipe : \pipe\eventlog
Netbios name : \\WIN7-64



Description
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.


Solution
N/A


Risk Factor
None


Plugin publication date: 2001/08/26
Plugin last modification date: 2011/03/04

Port epmap (135/tcp)

Plugin ID: 10736

DCE Services Enumeration


Synopsis
A DCE/RPC service is running on the remote host.

List of Hosts

192.168.2.193

Plugin Output

The following DCERPC services are available locally :

Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91
UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : WindowsShutdown

Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91
UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : WMsgKRpc05F340

Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000
UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : WindowsShutdown

Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000
UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : WMsgKRpc05F340

Object UUID : 6d726574-7273-0076-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : LRPC-40aacb0c66a36d17d2

Object UUID : 52ef130c-08fd-4388-86b3-6edf00000001
UUID : 12e65dd8-887f-41ef-91bf-8d816c42c2e7, version 1.0
Description : Unknown RPC service
Annotation : Secure Desktop LRPC interface
Type : Local RPC service
Named pipe : WMsgKRpc061AD1

Object UUID : b08669ee-8cb5-43a5-a017-84fe00000001
UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : WMsgKRpc061AD1

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0
Description : SSDP service
Windows process : unknow
Type : Local RPC service
Named pipe : LRPC-326fd53a4d3507de30

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 8174bb16-571b-4c38-8386-1102b449044a, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : LRPC-ab00a450403a0df208

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : a2d47257-12f7-4beb-8981-0ebfa935c407, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : LRPC-ab00a450403a0df208

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3f31c91e-2545-4b7b-9311-9529e8bffef6, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : LRPC-ab00a450403a0df208

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0767a036-0d22-48aa-ba69-b619480f38cb, version 1.0
Description : Unknown RPC service
Annotation : PcaSvc
Type : Local RPC service
Named pipe : OLE26A7B2D67CB24E27BA6EB5A5BCC9

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0767a036-0d22-48aa-ba69-b619480f38cb, version 1.0
Description : Unknown RPC service
Annotation : PcaSvc
Type : Local RPC service
Named pipe : LRPC-79ce2df4d9a78dd8ae

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : OLE26A7B2D67CB24E27BA6EB5A5BCC9

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : LRPC-79ce2df4d9a78dd8ae

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : trkwks

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : dd490425-5325-4565-b774-7e27d6c09c24, version 1.0
Description : Unknown RPC service
Annotation : Base Firewall Engine API
Type : Local RPC service
Named pipe : LRPC-0b38339698048a9e96

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03, version 1.0
Description : Unknown RPC service
Annotation : Fw APIs
Type : Local RPC service
Named pipe : LRPC-0b38339698048a9e96

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 2fb92682-6599-42dc-ae13-bd2ca89bd11c, version 1.0
Description : Unknown RPC service
Annotation : Fw APIs
Type : Local RPC service
Named pipe : LRPC-0b38339698048a9e96

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1, version 1.0
Description : Unknown RPC service
Annotation : Spooler function endpoint
Type : Local RPC service
Named pipe : spoolss

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : ae33069b-a2a8-46ee-a235-ddfd339be281, version 1.0
Description : Unknown RPC service
Annotation : Spooler base remote object endpoint
Type : Local RPC service
Named pipe : spoolss

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 4a452661-8290-4b36-8fbe-7f4093a94978, version 1.0
Description : Unknown RPC service
Annotation : Spooler function endpoint
Type : Local RPC service
Named pipe : spoolss

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : LRPC-b4f8505480a27e5796

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : audit

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : securityevent

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : LSARPC_ENDPOINT

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : lsapolicylookup

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : lsasspirpc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : protected_storage

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0
Description : Security Account Manager
Windows process : lsass.exe
Type : Local RPC service
Named pipe : samss lpc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : LRPC-b4f8505480a27e5796

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : audit

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : securityevent

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : LSARPC_ENDPOINT

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : lsapolicylookup

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : lsasspirpc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : protected_storage

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 1.0
Description : Unknown RPC service
Annotation : KeyIso
Type : Local RPC service
Named pipe : samss lpc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 7ea70bcf-48af-4f6a-8968-6a440754d5fa, version 1.0
Description : Unknown RPC service
Annotation : NSI server endpoint
Type : Local RPC service
Named pipe : OLE94A7D19B3D614428A6032DE1D884

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 7ea70bcf-48af-4f6a-8968-6a440754d5fa, version 1.0
Description : Unknown RPC service
Annotation : NSI server endpoint
Type : Local RPC service
Named pipe : LRPC-4b3e250bdd1b9ec71c

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
Type : Local RPC service
Named pipe : OLE94A7D19B3D614428A6032DE1D884

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0
Description : Unknown RPC service
Annotation : WinHttp Auto-Proxy Service
Type : Local RPC service
Named pipe : LRPC-4b3e250bdd1b9ec71c

Object UUID : 666f7270-6c69-7365-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 6c637067-6569-746e-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 6c637067-6569-746e-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 24d1f7c7-76af-4f28-9ccd-7f6cb6468601
UUID : 2eb08e3e-639f-4fba-97b1-14f878961076, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 24d1f7c7-76af-4f28-9ccd-7f6cb6468601
UUID : 2eb08e3e-639f-4fba-97b1-14f878961076, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 736e6573-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 736e6573-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 736e6573-0000-0000-0000-000000000000
UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0
Description : Unknown RPC service
Annotation : Impl friendly name
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0
Description : Scheduler Service
Windows process : svchost.exe
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0
Description : Unknown RPC service
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0
Description : Unknown RPC service
Annotation : IP Transition Configuration endpoint
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0
Description : Unknown RPC service
Annotation : IP Transition Configuration endpoint
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0
Description : Unknown RPC service
Annotation : IP Transition Configuration endpoint
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0
Description : Unknown RPC service
Annotation : XactSrv service
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0
Description : Unknown RPC service
Annotation : XactSrv service
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0
Description : Unknown RPC service
Annotation : XactSrv service
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 58e604e8-9adb-4d2e-a464-3b0683fb1480, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : IUserProfile2

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 58e604e8-9adb-4d2e-a464-3b0683fb1480, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : OLE084FDC65250547A0A958E057176D

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 58e604e8-9adb-4d2e-a464-3b0683fb1480, version 1.0
Description : Unknown RPC service
Annotation : AppInfo
Type : Local RPC service
Named pipe : senssvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0
Description : Unknown RPC service
Annotation : Event log TCPIP
Type : Local RPC service
Named pipe : eventlog

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : eventlog

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : AudioClientRpc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : Audiosrv

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0
Description : DHCP Client Service
Windows process : svchost.exe
Annotation : DHCP Client LRPC Endpoint
Type : Local RPC service
Named pipe : dhcpcsvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : eventlog

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : AudioClientRpc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : Audiosrv

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : dhcpcsvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0
Description : Unknown RPC service
Annotation : DHCPv6 Client LRPC Endpoint
Type : Local RPC service
Named pipe : dhcpcsvc6

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : eventlog

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : AudioClientRpc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : Audiosrv

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : dhcpcsvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : dhcpcsvc6

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0
Description : Unknown RPC service
Annotation : Security Center
Type : Local RPC service
Named pipe : OLE310D9BEE2EF54A5FA43F101043EB

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0
Description : Unknown RPC service
Annotation : NRP server endpoint
Type : Local RPC service
Named pipe : eventlog

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0
Description : Unknown RPC service
Annotation : NRP server endpoint
Type : Local RPC service
Named pipe : AudioClientRpc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0
Description : Unknown RPC service
Annotation : NRP server endpoint
Type : Local RPC service
Named pipe : Audiosrv

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0
Description : Unknown RPC service
Annotation : NRP server endpoint
Type : Local RPC service
Named pipe : dhcpcsvc

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0
Description : Unknown RPC service
Annotation : NRP server endpoint
Type : Local RPC service
Named pipe : dhcpcsvc6

Object UUID : 00000000-0000-0000-0000-000000000000
UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0
Description : Unknown RPC service
Annotation : NRP server endpoint
Type : Local RPC service
Named pipe : OLE310D9BEE2EF54A5FA43F101043EB



Description
By sending a Lookup request to the portmapper (TCP 135 or epmapper
PIPE) it was possible to enumerate the Distributed Computing Environment
(DCE) services running on the remote port.
Using this information it is possible to connect and bind to
each service by sending an RPC request to the remote port/pipe.


Solution
N/A


Risk Factor
None


Plugin publication date: 2001/08/26
Plugin last modification date: 2011/03/04

Port (0/tcp)

Plugin ID: 19506

Nessus Scan Information


Synopsis
Information about the Nessus scan.

List of Hosts

192.168.2.195

Plugin Output
Information about this scan :

Nessus version : 4.4.1 (Build 15078)
Plugin feed version : 201112022238
Type of plugin feed : HomeFeed (Non-commercial use only)
Scanner IP : 192.168.2.223
Port scanner(s) : nessus_syn_scanner
Port range : 1-65535
Thorough tests : no
Experimental tests : no
Paranoia level : 2
Report Verbosity : 1
Safe checks : no
Optimize the test : yes
CGI scanning : enabled
Web application tests : disabled
Max hosts : 80
Max checks : 5
Recv timeout : 5
Backports : None
Scan Start Date : 2011/12/3 15:47
Scan duration : 345 sec


192.168.2.194

Plugin Output
Information about this scan :

Nessus version : 4.4.1 (Build 15078)
Plugin feed version : 201112022238
Type of plugin feed : HomeFeed (Non-commercial use only)
Scanner IP : 192.168.2.223
Port scanner(s) : nessus_syn_scanner
Port range : 1-65535
Thorough tests : no
Experimental tests : no
Paranoia level : 2
Report Verbosity : 1
Safe checks : no
Optimize the test : yes
CGI scanning : enabled
Web application tests : disabled
Max hosts : 80
Max checks : 5
Recv timeout : 5
Backports : None
Scan Start Date : 2011/12/3 15:47
Scan duration : 543 sec


192.168.2.193

Plugin Output
Information about this scan :

Nessus version : 4.4.1 (Build 15078)
Plugin feed version : 201112022238
Type of plugin feed : HomeFeed (Non-commercial use only)
Scanner IP : 192.168.2.223
Port scanner(s) : nessus_syn_scanner
Port range : 1-65535
Thorough tests : no
Experimental tests : no
Paranoia level : 2
Report Verbosity : 1
Safe checks : no
Optimize the test : yes
CGI scanning : enabled
Web application tests : disabled
Max hosts : 80
Max checks : 5
Recv timeout : 5
Backports : None
Scan Start Date : 2011/12/3 15:47
Scan duration : 3618 sec



Description
This script displays, for each tested host, information about the scan itself:

- The version of the plugin set
- The type of plugin feed (HomeFeed or ProfessionalFeed)
- The version of the Nessus Engine
- The port scanner(s) used
- The port range scanned
- The date of the scan
- The duration of the scan
- The number of hosts scanned in parallel
- The number of checks done in parallel


Solution
n/a


Risk Factor
None


Plugin publication date: 2005/08/26
Plugin last modification date: 2011/09/21

Port www (10243/tcp)

Plugin ID: 11013

Cisco VoIP Phone Multiple Script Malformed Request DoS


Synopsis
The remote IP phone has multiple vulnerabilities.

List of Hosts

192.168.2.193


Description
The remote host appears to be a Cisco IP phone. It was possible to
reboot this device by requesting :

http://<phone-ip>/StreamingStatistics?120000

This device likely has other vulnerabilities that Nessus has not
checked for.


Solution
Apply the fix referenced in the vendor's advisory.



Risk Factor
High/ CVSS Base Score: 8.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C)
CVSS Temporal Score: 7.4(CVSS2#E:H/RL:OF/RC:C)



Bugtraq ID
4794
4798


Other references
OSVDB:14855
OSVDB:14856


Vulnerability publication date: 2002/05/23
Plugin publication date: 2002/06/05
Plugin last modification date: 2011/03/14
Ease of exploitability: No exploit is required

Port www (2869/tcp)

Plugin ID: 11013

Cisco VoIP Phone Multiple Script Malformed Request DoS


Synopsis
The remote IP phone has multiple vulnerabilities.

List of Hosts

192.168.2.193


Description
The remote host appears to be a Cisco IP phone. It was possible to
reboot this device by requesting :

http://<phone-ip>/StreamingStatistics?120000

This device likely has other vulnerabilities that Nessus has not
checked for.


Solution
Apply the fix referenced in the vendor's advisory.



Risk Factor
High/ CVSS Base Score: 8.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C)
CVSS Temporal Score: 7.4(CVSS2#E:H/RL:OF/RC:C)



Bugtraq ID
4794
4798


Other references
OSVDB:14855
OSVDB:14856


Vulnerability publication date: 2002/05/23
Plugin publication date: 2002/06/05
Plugin last modification date: 2011/03/14
Ease of exploitability: No exploit is required

Port (0/tcp)

Plugin ID: 25220

TCP/IP Timestamps Supported


Synopsis
The remote service implements TCP timestamps.

List of Hosts

192.168.2.193


Description
The remote host implements TCP timestamps, as defined by RFC1323. A
side effect of this feature is that the uptime of the remote host can
sometimes be computed.


Solution
n/a



Risk Factor
None


Plugin publication date: 2007/05/16
Plugin last modification date: 2011/03/20

Port cifs (445/tcp)

Plugin ID: 42411

Microsoft Windows SMB Shares Unprivileged Access


Synopsis
It is possible to access a network share.

List of Hosts

192.168.2.193

Plugin Output

The following shares can be accessed as Nessus :

- Users - (readable)
+ Content of this share :
..
Default
desktop.ini
Obi Wan
Public



Description
The remote has one or more Windows shares that can be accessed through
the network with the given credentials.

Depending on the share rights, it may allow an attacker to read/write
confidential data.


Solution
To restrict access under Windows, open Explorer, do a right click on
each share, go to the 'sharing' tab, and click on 'permissions'.


Risk Factor
High/ CVSS Base Score: 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score: 7.5(CVSS2#E:H/RL:U/RC:ND)



Bugtraq ID
8026


Other references
OSVDB:299


Vulnerability publication date: 1999/07/14
Plugin publication date: 2009/11/06
Plugin last modification date: 2011/03/27
Ease of exploitability: No exploit is required

Port cifs (445/tcp)

Plugin ID: 10394

Microsoft Windows SMB Log In Possible


Synopsis
It is possible to log into the remote host.

List of Hosts

192.168.2.193

Plugin Output
- NULL sessions are enabled on the remote host
- The SMB tests will be done as 'Nessus'/'******'



Description
The remote host is running Microsoft Windows operating
system or Samba, a CIFS/SMB server for Unix. It was
possible to log into it using one of the following
accounts :

- NULL session
- Guest account
- Given Credentials


Solution
n/a



Risk Factor
None


Vulnerability publication date: 1999/01/01
Plugin publication date: 2000/05/09
Plugin last modification date: 2011/09/15
Ease of exploitability: Exploits are available
Exploitable with: Metasploit (Microsoft Windows Authenticated User Code Execution)

Port (0/tcp)

Plugin ID: 10913

Microsoft Windows - Local Users Information : Disabled accounts


Synopsis
At least one local user account has been disabled.

List of Hosts

192.168.2.193

Plugin Output

The following local user accounts have been disabled :

- Administrator
- Guest


Note that, in addition to the Administrator and Guest accounts, Nessus
has only checked for local users with UIDs between 1000 and 1200.
To use a different range, edit the scan policy and change the 'Start
UID' and/or 'End UID' preferences for 'SMB use host SID to enumerate
local users' setting, and then re-run the scan.



Description
Using the supplied credentials, it is possible to list local user
accounts that have been disabled.


Solution
Delete accounts that are no longer needed.


Risk Factor
None


Other references
OSVDB:752


Vulnerability publication date: 1980/01/01
Plugin publication date: 2002/03/17
Plugin last modification date: 2011/03/21

Port cifs (445/tcp)

Plugin ID: 10860

SMB Use Host SID to Enumerate Local Users


Synopsis
It is possible to enumerate local users.

List of Hosts

192.168.2.193

Plugin Output

- Administrator (id 500, Administrator account)
- Guest (id 501, Guest account)
- HomeUsers (id 1000)
- Obi Wan (id 1001)
- HomeGroupUser$ (id 1002)
- Nessus (id 1003)

Note that, in addition to the Administrator and Guest accounts, Nessus
has enumerated only those local users with IDs between 1000 and 1200.
To use a different range, edit the scan policy and change the 'Start
UID' and/or 'End UID' preferences for this plugin, then re-run the
scan.



Description
Using the host security identifier (SID), it is possible to enumerate local users
on the remote Windows system.


Solution
n/a


Risk Factor
None


Vulnerability publication date: 1998/04/28
Plugin publication date: 2002/02/13
Plugin last modification date: 2011/09/15
Ease of exploitability: Exploits are available

Port (0/icmp)

Plugin ID: 10114

ICMP Timestamp Request Remote Date Disclosure


Synopsis
It is possible to determine the exact time set on the remote host.

List of Hosts

192.168.2.195

Plugin Output
The difference between the local and remote clocks is -8 seconds.



Description
The remote host answers to an ICMP timestamp request. This allows an
attacker to know the date that is set on the targeted machine.

This may help an attacker to defeat all time-based authentication
protocols.


Solution
Filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).


Risk Factor
None



Other references
OSVDB:94
CWE:200


Vulnerability publication date: 1995/01/01
Plugin publication date: 1999/08/01
Plugin last modification date: 2011/11/15

Port upnp-client (1900/udp)

Plugin ID: 35711

Universal Plug and Play (UPnP) Protocol Detection


Synopsis
The remote device supports UPnP.

List of Hosts

192.168.2.193

Plugin Output

The device answered :

HTTP/1.1 200 OK
ST:upnp:rootdevice
USN:uuid:977c50c7-7ed0-4f36-8e31-44da14188ec4::upnp:rootdevice
Location:http://192.168.2.193:2869/upnphost/udhisapi.dll?content=uuid:977c50c7-7ed0-4f36-8e31-44da14188ec4
OPT:"http://schemas.upnp.org/upnp/1/0/"; ns=01
01-NLS:dc1b86c620aad96bdd480a3b18f920d9
Cache-Control:max-age=900
Server:Microsoft-Windows-NT/5.1 UPnP/1.0 UPnP-Device-Host/1.0
Ext:



Description
The remote device answered to an SSDP M-SEARCH request. This means that
it supports 'Universal Plug and Play' aka UPnP. This protocol provides
automatic configuration and device discovery. It is primiraly intended
for home networks.

Keep in mind that it could help an intruder discover your network
architecture and speed an attack up.


Solution
Filter access to this port if desired.



Risk Factor
None


Plugin publication date: 2009/02/19
Plugin last modification date: 2011/03/17

Port (0/udp)

Plugin ID: 10287

Traceroute Information


Synopsis
It was possible to obtain traceroute information.

List of Hosts

192.168.2.195

Plugin Output
For your information, here is the traceroute from 192.168.2.223 to 192.168.2.195 :
192.168.2.223
192.168.2.195


192.168.2.193

Plugin Output
For your information, here is the traceroute from 192.168.2.223 to 192.168.2.193 :
192.168.2.223
192.168.2.193



Description
Makes a traceroute to the remote host.


Solution
n/a


Risk Factor
None


Plugin publication date: 1999/11/27
Plugin last modification date: 2011/03/21

Port smb (139/tcp)

Plugin ID: 10204

Microsoft Windows NT SCM Malformed Resource Enumeration Request DoS


Synopsis
The remote host is vulnerable to a denial of service.

List of Hosts

192.168.2.193


Description
An 'rfpoison' packet has been sent to the remote host.
This packet is supposed to crash the 'services.exe' process, making
the system unstable.


Solution
Apply NT4 last service pack, or better, upgrade to Windows last version.



Risk Factor
High/ CVSS Base Score: 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score: 6.4(CVSS2#E:F/RL:OF/RC:C)



Bugtraq ID
754


Other references
OSVDB:11264


Vulnerability publication date: 1999/10/31
Plugin publication date: 1999/11/01
Plugin last modification date: 2011/03/11
192.168.2.195
Scan Time
Start time: Sat Dec 03 15:47:52 2011
End time: Sat Dec 03 15:53:37 2011
Number of vulnerabilities
High0
Medium1
Low5
Remote Host Information
Operating System:Linux Kernel
IP address:192.168.2.195
MAC address:08:00:27:94:5b:26
^Back
192.168.2.194
Scan Time
Start time: Sat Dec 03 15:47:52 2011
End time: Sat Dec 03 15:56:55 2011
Number of vulnerabilities
High0
Medium0
Low3
Remote Host Information
IP address:192.168.2.194
MAC address:08:00:27:8c:41:5f
^Back
192.168.2.193
Scan Time
Start time: Sat Dec 03 15:47:51 2011
End time: Sat Dec 03 16:48:09 2011
Number of vulnerabilities
High4
Medium1
Low40
Remote Host Information
Operating System:Windows 7 Professional
NetBIOS name:WIN7-64
DNS name:Win7-64
IP address:192.168.2.193
MAC address:08:00:27:87:22:91
^Back