CRITICAL (1)
Oracle Database Unsupported Version Detection
Plugin ID: 55786
Port: tcp/1521
According to its version, the installation of Oracle Database running
on the remote host is no longer supported.
Lack of support implies that no new security patches for the product
will be released by the vendor. As a result, it is likely to contain
security vulnerabilities.
Javasolt megoldás
Upgrade to a version of Oracle Database that is currently supported.
HIGH (1)
Oracle TNS Listener Remote Poisoning
The remote Oracle TNS listener allows service registration from a
remote host. An attacker can exploit this issue to divert data from a
legitimate database server or client to an attacker-specified system.
Successful exploits will allow the attacker to manipulate database
instances, potentially facilitating man-in-the-middle, session-
hijacking, or denial of service attacks on a legitimate database
server.
Javasolt megoldás
Apply the workaround in Oracle's advisory.
MEDIUM (2)
SMB Signing not required
Plugin ID: 57608
Port: tcp/445
Signing is not required on the remote SMB server. An unauthenticated,
remote attacker can exploit this to conduct man-in-the-middle attacks
against the SMB server.
Javasolt megoldás
Enforce message signing in the host's configuration. On Windows, this
is found in the policy setting 'Microsoft network server: Digitally
sign communications (always)'. On Samba, the setting is called 'server
signing'. See the 'see also' links for further details.
SSH Weak Algorithms Supported
Plugin ID: 90317
Port: tcp/22
Nessus has detected that the remote SSH server is configured to use
the Arcfour stream cipher or no cipher at all. RFC 4253 advises
against using Arcfour due to an issue with weak keys.
Javasolt megoldás
Contact the vendor or consult product documentation to remove the weak
ciphers.
LOW (4)
ICMP Timestamp Request Remote Date Disclosure
The remote host answers to an ICMP timestamp request. This allows an
attacker to know the date that is set on the targeted machine, which
may assist an unauthenticated, remote attacker in defeating time-based
authentication protocols.
Timestamps returned from machines running Windows Vista / 7 / 2008 /
2008 R2 are deliberately incorrect, but usually within 1000 seconds of
the actual system time.
Javasolt megoldás
Filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).
SSH Server CBC Mode Ciphers Enabled
The SSH server is configured to support Cipher Block Chaining (CBC)
encryption. This may allow an attacker to recover the plaintext message
from the ciphertext.
Note that this plugin only checks for the options of the SSH server and
does not check for vulnerable software versions.
Javasolt megoldás
Contact the vendor or consult product documentation to disable CBC mode
cipher encryption, and enable CTR or GCM cipher mode encryption.
SSH Weak MAC Algorithms Enabled
Plugin ID: 71049
Port: tcp/22
The remote SSH server is configured to allow either MD5 or 96-bit MAC
algorithms, both of which are considered weak.
Note that this plugin only checks for the options of the SSH server,
and it does not check for vulnerable software versions.
Javasolt megoldás
Contact the vendor or consult product documentation to disable MD5 and
96-bit MAC algorithms.
SSH Weak Key Exchange Algorithms Enabled
Plugin ID: 153953
Port: tcp/22
The remote SSH server is configured to allow key exchange algorithms which are considered weak.
This is based on the IETF draft document Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)
RFC9142. Section 4 lists guidance on key exchange algorithms that SHOULD NOT and MUST NOT be
enabled. This includes:
diffie-hellman-group-exchange-sha1
diffie-hellman-group1-sha1
gss-gex-sha1-*
gss-group1-sha1-*
gss-group14-sha1-*
rsa1024-sha1
Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software
versions.
Javasolt megoldás
Contact the vendor or consult product documentation to disable the weak algorithms.