VLAN764_ELET – 10.114.113.223

VLAN: 764CIDR: 10.114.112.0/22NAT: 193.224.49.128Nessus mappa: 1472
Scan: VLAN764_-_ELET_10.114.112.0_22Dátum: 2026-01-30 16:08
Ollama alapú vezetői elemzés

Összkép: A vizsgált rendszerben magas kockázatú sérülékenység van jelen, amely sürgős kezelést igényel a következő 0-7 napon belül.

Fő kockázati témák: Az Apple AirPort Base Station Authentication Credential Encryption Weakness és az SNMP Agent Default Community Name (public) sérülékenység jelentős veszélyt jelent, amelyet sürgősen kell kezelni. Ezek a sérülékenységek lehetővé teszik az adatok ellopását vagy a rendszer megsértését.

Ajánlott 0-7 nap: Azonnal blokkoljuk a TCP port 5009-es forgalmát, és csak akkor adminisztráljunk az Apple AirPort Base Stationon, ha kereszbszállító Ethernet-kábellel csatlakozunk hozzá. A SNMP szolgáltatást is sürgősen le kell tiltani vagy korlátoznia.

Ajánlott 7-30 nap: Rendszerszintű megelőzési intézkedéseket kell tennünk, például a rendszer újraszkennelését és hardeningjét.

Magas (2 típus / 2 összes)
  1. Apple AirPort Base Station Authentication Credential Encryption Weakness
  2. SNMP Agent Default Community Name (public)
Közepes (2 típus / 2 összes)
  1. Airport Administrative Traffic Detection (192/UDP)
  2. SNMP 'GETBULK' Reflection DDoS
Ollama: llama3.1:8b | ollama version is 0.14.2 | 2026-01-31 01:26

HIGH (2)

Apple AirPort Base Station Authentication Credential Encryption Weakness
Plugin ID: 11620 Port: tcp/5009 CVE: CVE-2003-0270
The remote host is an Apple Airport Wireless Access Point which can be administrated on top of TCP port 5009. There is a design flaw in the administrative protocol which makes the clients which connect to this port send the password in cleartext (although slightly obsfuscated). An attacker who has the ability to sniff the data going to this device may use this flaw to gain its administrative password and gain its control. Since the airport base station does not keep any log, it will be difficult to determine that administrative access has been stolen.
Javasolt megoldás
Block incoming traffic to this port, and only administer this base station when connected to it using a cross-over ethernet cable.
SNMP Agent Default Community Name (public)
Plugin ID: 41028 Port: udp/161 CVE: CVE-1999-0517
It is possible to obtain the default community name of the remote SNMP server. An attacker may use this information to gain more knowledge about the remote host, or to change the configuration of the remote system (if the default community allows such modifications).
Javasolt megoldás
Disable the SNMP service on the remote host if you do not use it. Either filter incoming UDP packets going to this port, or change the default community string.

MEDIUM (2)

Airport Administrative Traffic Detection (192/UDP)
Plugin ID: 20345 Port: udp/192
The remote host is an Airport, Airport Extreme or Airport Express wireless access point. It is possible to gather information about the remote base station (such as its connection type or connection time) by sending packets to UDP port 192. An attacker connected to this network may also use this protocol to force the base station to disconnect from the network if it is using PPPoE, thus causing a denial of service for the other users.
Javasolt megoldás
Filter incoming traffic to this port and make sure only authorized hosts can connect to the wireless network this base station listens on.
SNMP 'GETBULK' Reflection DDoS
Plugin ID: 76474 Port: udp/161 CVE: CVE-2008-4309
The remote SNMP daemon is responding with a large amount of data to a 'GETBULK' request with a larger than normal value for 'max-repetitions'. A remote attacker can use this SNMP server to conduct a reflected distributed denial of service attack on an arbitrary remote host.
Javasolt megoldás
Disable the SNMP service on the remote host if you do not use it. Otherwise, restrict and monitor access to this service, and consider changing the default 'public' community string.

LOW (1)

ICMP Timestamp Request Remote Date Disclosure
Plugin ID: 10114 Port: icmp/0 CVE: CVE-1999-0524
The remote host answers to an ICMP timestamp request. This allows an attacker to know the date that is set on the targeted machine, which may assist an unauthenticated, remote attacker in defeating time-based authentication protocols. Timestamps returned from machines running Windows Vista / 7 / 2008 / 2008 R2 are deliberately incorrect, but usually within 1000 seconds of the actual system time.
Javasolt megoldás
Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).