Nessus Report

Nessus Scan Report

27/Jun/2013:05:00:42

Table Of Contents
Remediations
Suggested Remediations
Vulnerabilities By Host
192.168.1.146

Remediations

[-] Collapse All
[+] Expand All

Suggested Remediations

Taking the following actions across 1 hosts would resolve 16% of the vulnerabilities on the network:
Action to take Vulns Hosts
MS05-051: Vulnerabilities in MSDTC Could Allow Remote Code Execution (902400) (uncredentialed check): Microsoft has released a set of patches for Windows 2000, XP and 2003. 4 1
MS05-027: Vulnerability in SMB Could Allow Remote Code Execution (896422) (uncredentialed check): Microsoft has released a set of patches for Windows 2000, XP and 2003. 1 1
MS05-039: Vulnerability in Plug and Play Service Could Allow Remote Code Execution (899588) (uncredentialed check): Microsoft has released a set of patches for Windows 2000, XP and 2003. 1 1

Vulnerabilities By Host

[-] Collapse All
[+] Expand All

192.168.1.146

Scan Information

Start time: Thu Jun 27 04:59:07 2013
End time: Thu Jun 27 05:00:34 2013

Host Information

DNS Name: windows2000
Netbios Name: WINDOWS2000
IP: 192.168.1.146
OS: Microsoft Windows 2000 Service Pack 4

Results Summary

Critical High Medium Low Info Total
17 1 5 0 37 60

Results Details

0/tcp

47709 - Microsoft Windows 2000 Unsupported Installation Detection [-/+]

24269 - Windows Management Instrumentation (WMI) Available [-/+]

10915 - Microsoft Windows - Local Users Information : User has never logged on [-/+]

10914 - Microsoft Windows - Local Users Information : Never changed passwords [-/+]

10916 - Microsoft Windows - Local Users Information : Passwords never expire [-/+]

10913 - Microsoft Windows - Local Users Information : Disabled accounts [-/+]

10904 - Microsoft Windows 'Backup Operators' Group User List [-/+]

10902 - Microsoft Windows 'Administrators' Group User List [-/+]

21745 - Authentication Failure - Local Checks Not Run [-/+]

66334 - Patch Report [-/+]

21/tcp

11219 - Nessus SYN scanner [-/+]

25/tcp

11219 - Nessus SYN scanner [-/+]

80/tcp

11219 - Nessus SYN scanner [-/+]

135/tcp

21655 - MS04-012: Cumulative Update for Microsoft RPC/DCOM (828741) (uncredentialed check) [-/+]

10736 - DCE Services Enumeration [-/+]

11219 - Nessus SYN scanner [-/+]

135/udp

11890 - MS03-043: Buffer Overrun in Messenger Service (828035) (uncredentialed check) [-/+]

137/udp

10150 - Windows NetBIOS / SMB Remote Host Information Disclosure [-/+]

139/tcp

11011 - Microsoft Windows SMB Service Detection [-/+]

443/tcp

11219 - Nessus SYN scanner [-/+]

445/tcp

21193 - MS05-047: Plug and Play Remote Code Execution and Local Privilege Elevation (905749) (uncredentialed check) [-/+]

22194 - MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution (921883) (uncredentialed check) [-/+]

19408 - MS05-039: Vulnerability in Plug and Play Service Could Allow Remote Code Execution (899588) (uncredentialed check) [-/+]

35362 - MS09-001: Microsoft Windows SMB Vulnerabilities Remote Code Execution (958687) (uncredentialed check) [-/+]

12209 - MS04-011: Security Update for Microsoft Windows (835732) (uncredentialed check) [-/+]

19407 - MS05-043: Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423) (uncredentialed check) [-/+]

11835 - MS03-039: Microsoft RPC Interface Buffer Overrun (824146) (uncredentialed check) [-/+]

12054 - MS04-007: ASN.1 Vulnerability Could Allow Code Execution (828028) (uncredentialed check) (NTLM) [-/+]

11808 - MS03-026: Microsoft RPC Interface Buffer Overrun (823980) (uncredentialed check) [-/+]

18502 - MS05-027: Vulnerability in SMB Could Allow Remote Code Execution (896422) (uncredentialed check) [-/+]

34477 - MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (uncredentialed check) [-/+]

22034 - MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159) (uncredentialed check) [-/+]

56210 - Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration Without Credentials [-/+]

56211 - SMB Use Host SID to Enumerate Local Users Without Credentials [-/+]

26920 - Microsoft Windows SMB NULL Session Authentication [-/+]

18585 - Microsoft Windows SMB Service Enumeration via \srvsvc [-/+]

18602 - Microsoft Windows SMB svcctl MSRPC Interface SCM Service Enumeration [-/+]

11011 - Microsoft Windows SMB Service Detection [-/+]

10736 - DCE Services Enumeration [-/+]

10785 - Microsoft Windows SMB NativeLanManager Remote System Information Disclosure [-/+]

10394 - Microsoft Windows SMB Log In Possible [-/+]

26917 - Microsoft Windows SMB Registry : Nessus Cannot Access the Windows Registry [-/+]

10859 - Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration [-/+]

10860 - SMB Use Host SID to Enumerate Local Users [-/+]

10395 - Microsoft Windows SMB Shares Enumeration [-/+]

10397 - Microsoft Windows SMB LanMan Pipe Server Listing Disclosure [-/+]

17651 - Microsoft Windows SMB : Obtains the Password Policy [-/+]

1025/tcp

13852 - MS04-022: Microsoft Windows Task Scheduler Remote Overflow (841873) (uncredentialed check) [-/+]

10736 - DCE Services Enumeration [-/+]

11219 - Nessus SYN scanner [-/+]

1026/tcp

10736 - DCE Services Enumeration [-/+]

11219 - Nessus SYN scanner [-/+]

1027/udp

10736 - DCE Services Enumeration [-/+]

1028/udp

10736 - DCE Services Enumeration [-/+]

1030/tcp

11219 - Nessus SYN scanner [-/+]

1086/tcp

20008 - MS05-051: Vulnerabilities in MSDTC Could Allow Remote Code Execution (902400) (uncredentialed check) [-/+]

21334 - MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow DoS (913580) (uncredentialed check) [-/+]

10736 - DCE Services Enumeration [-/+]

11219 - Nessus SYN scanner [-/+]

3372/tcp

11219 - Nessus SYN scanner [-/+]