Nessus Plugin Family
Total Page:16
File Type:pdf, Size:1020Kb
SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 TENABLE NETWORK SECURITY Nessus Plugin Family March 14, 2012 at 7:22pm CDT Dave Breslin [dlbreslin] Confidential: The following report contains confidential information. Do not distribute, email, fax, or transfer via any electronic mechanism unless it has been approved by the recipient company's security policy. All copies and backups of this document should be saved on protected storage at all times. Do not share any of the information contained within this report with anyone unless they are authorized to view the information. Violating any of the previous instructions is grounds for termination. Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 Table of Contents Plugin Family Summary ...............................................................................................................1 AIX Local Security Checks .......................................................................................................3 Backdoors .....................................................................................................................................................4 CentOS Local Security Checks ...........................................................................................5 CGI abuses .................................................................................................................................................. 6 CGI abuses : XSS ................................................................................................................................ 8 CISCO ............................................................................................................................................................. 10 Databases .................................................................................................................................................. 12 Debian Local Security Checks ......................................................................................... 14 Default Unix Accounts ............................................................................................................... 16 Denial of Service ...............................................................................................................................18 DNS ....................................................................................................................................................................20 Fedora Local Security Checks ......................................................................................... 22 Firewalls .......................................................................................................................................................23 FreeBSD Local Security Checks .................................................................................... 25 FTP .....................................................................................................................................................................27 Gain a shell remotely .................................................................................................................. 29 Table of Contents Tenable Network Security i Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 General ..........................................................................................................................................................31 Gentoo Local Security Checks ........................................................................................ 33 HP-UX Local Security Checks ...........................................................................................35 Junos Local Security Checks ............................................................................................38 MacOS X Local Security Checks ................................................................................... 40 Mandriva Local Security Checks ................................................................................... 42 Misc. ................................................................................................................................................................. 43 Netware .........................................................................................................................................................45 Peer-To-Peer File Sharing ...................................................................................................... 46 Policy Compliance .......................................................................................................................... 48 Port scanners ........................................................................................................................................49 Red Hat Local Security Checks ...................................................................................... 50 RPC ....................................................................................................................................................................51 SCADA ........................................................................................................................................................... 53 Service detection .............................................................................................................................. 55 Settings .........................................................................................................................................................56 Slackware Local Security Checks ................................................................................ 57 SMTP problems .................................................................................................................................. 58 SNMP ...............................................................................................................................................................60 Table of Contents Tenable Network Security ii Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 Solaris Local Security Checks ......................................................................................... 62 SuSE Local Security Checks ..............................................................................................63 Ubuntu Local Security Checks ........................................................................................ 65 VMware ESX Local Security Checks ......................................................................... 67 Web Servers ........................................................................................................................................... 69 Windows ...................................................................................................................................................... 71 Windows : Microsoft Bulletins ..........................................................................................73 Windows : User management ............................................................................................75 Table of Contents Tenable Network Security iii Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 Plugin Family Summary Plugin Family Severity Counts Family Total Info Low Med. High Crit. Misc. 956 327 94 0 0 535 VMware ESX Local Security 954 0 0 162 487 305 Checks Fedora Local Security Checks 948 0 449 0 0 499 Gentoo Local Security Checks 927 0 432 0 0 495 Mandriva Local Security Checks 926 0 434 0 0 492 AIX Local Security Checks 920 0 0 0 920 0 Red Hat Local Security Checks 920 0 475 0 0 445 Gain a shell remotely 919 0 13 300 91 515 General 897 492 76 221 103 5 Firewalls 895 195 40 189 347 124 Solaris Local Security Checks 893 0 0 0 893 0 SMTP problems 885 50 105 299 0 431 CGI abuses 880 396 0 0 0 484 Web Servers 874 415 0 0 0 459 FTP 868 167 37 236 0 428 SuSE Local Security Checks 868 0 436 0 0 432 Denial of Service 861 0 39 349 464 9 CGI abuses : XSS 858 0 154 680 24 0 Windows : Microsoft Bulletins 851 46 78 349 0 378 DNS 846 146 58 299 226 117 Default Unix Accounts 846 0 0 0 366 480 Peer-To-Peer File Sharing 840 351 66 132 291 0 Service detection 828 383 223 113 42 67 Ubuntu Local Security Checks 825 0 423 0 0 402 Slackware Local Security Checks 824 0 145 291 0 388 CentOS Local Security Checks 813 0 352 0 0 461 Backdoors 807 32 0 80 199 496 Windows 807 408 0 0 0 399 CISCO 805 0 60 324 58 363 Databases 799 160 173 64 0 402 Debian Local Security Checks 784 0 431 0 0 353 FreeBSD Local Security Checks 779 0 381 0 0 398 HP-UX Local Security Checks 768 0 0 430 0 338 SNMP 740 362 73 69 159 77 MacOS X Local Security Checks 724 196 30 131 0 367 Windows : User management 694 634 0 29 31 0 Plugin Family Summary Tenable Network Security 1 Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 Family Total Info Low Med. High Crit. RPC 597 186 13 269 77 52 Junos Local Security Checks 520 21 70 269 115 45 SCADA 431 105 0 96 149 81 Netware 361 0 43 191 127 0 Settings 310 237 73 0 0 0 Policy Compliance 101 35 0 33 33 0 Port scanners 45 10 35 0 0 0 Plugin Family Summary Tenable Network Security 2 Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 AIX Local Security Checks Top 25 Most Common Plugin Results Plugin Total Severity Plugin Name 55384 52 High AIX 530011 : U843402 55372 50 High AIX