论坛: 菜鸟乐园 标题: 看看这个安全吗?请高手分析! 复制本贴地址    
作者: jglzxs [jglzxs]    论坛用户   登录

主机列表
61.xxx.xxx.90 (发现安全漏洞)
. OS: Windows 2003 or IBM AIX 4.3.2.0-4.3.3.0 on an IBM RS/*; PORT/TCP: 21, 80, 6000

详细资料
+ 61.xxx.xxx.90 :
. 开放端口列表 :
  o ftp (21/tcp) (发现安全漏洞)
  o www (80/tcp) (发现安全提示)
  o unknown (6000/tcp) (发现安全提示)

. 端口"ftp (21/tcp)"发现安全漏洞 :


    FTP弱口令:
    "ftp/[空口令]"


. 端口"ftp (21/tcp)"发现安全漏洞 :


    FTP弱口令:
    "anonymous/[口令与用户名相同]"


. 端口"ftp (21/tcp)"发现安全警告 :

   
    This FTP service allows anonymous logins. If you do not want to share data
    with anyone you do not know, then you should deactivate the anonymous
    account,
    since it may only cause troubles.
     
   
    Risk factor : Low
    CVE_ID : CAN-1999-0497
    NESSUS_ID : 10079

. 端口"ftp (21/tcp)"发现安全提示 :


    A FTP server is running on this port.
    Here is its banner :
    220 Serv-U FTP Server v5.0 for WinSock ready...
    NESSUS_ID : 10330

. 端口"ftp (21/tcp)"发现安全提示 :

    Remote FTP server banner :
    220 Serv-U FTP Server v5.0 for WinSock ready...
    NESSUS_ID : 10092

. 端口"www (80/tcp)"发现安全提示 :


    A web server is running on this port
    NESSUS_ID : 10330

. 端口"www (80/tcp)"发现安全提示 :
    The following directories were discovered:
    /css, /data, /image, /images, /img, /inc
   
    While this is not, in and of itself, a bug, you should manually inspect
    these directories to ensure that they are in compliance with company
    security standards
   
    The following directories require authentication:
    /printers
    NESSUS_ID : 11032

. 端口"www (80/tcp)"发现安全提示 :


    The following CGI have been discovered :
   
    Syntax : cginame (arguments [default value])
   
    /movie.asp (id [380] )
    /list.asp (id [1] )
   
    NESSUS_ID : 10662

. 端口"www (80/tcp)"发现安全提示 :


    This web server was fingerprinted as MS IIS 5.0 on Win2000 SP4 or 5.1 on
    WinXP SP1
    which is consistent with the displayed banner: Microsoft-IIS/5.0
    NESSUS_ID : 11919

. 端口"www (80/tcp)"发现安全提示 :


    The remote web server type is :
   
    Microsoft-IIS/5.0
   
    Solution : You can use urlscan to change reported server for IIS.
    NESSUS_ID : 10107

. 端口"unknown (6000/tcp)"发现安全提示 :


    Maybe the "x11 X Window System" service running on this port.
   
    NESSUS_ID : 10330


地主 发表时间: 04-05-25 19:12

论坛: 菜鸟乐园

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon

粤ICP备05087286号