Forum

This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Sentora Support Forums Sentora Forum Archives Sentora Public Support Forums v1.0.x Sentora on Windows (Un-Official) v1.0 v Security

Security
ccr1969 Offline
Sentora Member
*
OS: Server OS: Ubuntu 20.04
Version: 2.0.1
Server: Dedicated, VPS, Home,
Posts: 110
Threads: 14
Joined: Aug 2015
Reputation: 8
Sex: Male
Thanks: 3
Given 15 thank(s) in 12 post(s)
#1
Security
 01-28-2016, 10:06 AM
I run a test on my server to test its vulnerabilities the score was 90 out of a possible 100 and as you can see it is fairly secure biggest issue open ssl which i will fix this is sentora running
Code:
Server OS:

Windows

Apache version:

2.4.17

PHP version:

5.6.15

PERL version:

5.20.2

MySQL version:

5.5.41

Sentora version:

1.0.0

Quote:Score ranges between 0 and 100.
A low score means you are vulnerable to attack.
Score is calculated by the number of high and medium risks vulnerabilities that you have, where high risks are obviously weighed more.
A public server should not have ANY high risk vulnerabilities, since they are clear and immediate danger - plain and simple.
Medium risk vulnerabilities are also important, but here we are willing to "debate" on how critical they really are.
Low risk vulnerabilities are for purists and can safely be ignored unless you are running for the "most secure web server ever" contest. You can have 1,000 low risk vulnerabilities and your score will be "A+", so really - don't worry about it.
That said, if you see any low risks that can be easily fixed (and we are stressing "easily"), fix them. Some day maybe an attack will develop using these seemingly trivial weaknesses.


Code:
Scan Results
Hostname     
Scan date     2016-01-27
Scan Status     Done
Vulnerability Score     
90.00 (B)
Vulnerability Summary
High     
0
    
Medium     
1
    OpenSSL Running Version Prior to 1.0.2e
Low     
23
    SMTP Service Cleartext Login Permitted
OpenSSL Version Detection
SMTP Authentication Methods
HTTP Packet Inspection
Supported SSL Ciphers Suites
Identify Unknown Services via GET Requests
Identify Unknown Services via GET Requests
SSL Verification Test
ICMP OS Identification
IMAP Banner
HTTP TRACE Method XSS Vulnerability
HELP Information Gathering
Directory Scanner
Nmap
Nmap
HTTP Server Detection
SMTP Server Detection
Services
Services
Services
Services
Services
Services
Total     24
Vulnerability by Risk Level     Vulnerability by Service     Vulnerability Count
    
(Displays High and Medium risk vulnerabilities)
    
Security Testing
Type     Tests     Failed     Passed
Infrastructure Tests     12907     31     12876
Blind SQL Injection     224     0     224
SQL Injection     272     0     272
Cross Site Scripting     464     0     464
Source Disclosure     272     0     272
PHP Code Injection     128     0     128
Windows Command Execution     192     0     192
UNIX Command Execution     208     0     208
UNIX File Disclosure     128     0     128
Windows File Disclosure     432     0     432
Directory Disclosure     272     0     272
Remote File Inclusion     16     0     16
HTTP Header Injection     144     0     144


Medium risk vulnerabilities results for:
1. OpenSSL Running Version Prior to 1.0.2e (Medium)
back
Port:     https (443/tcp)
Summary:
Multiple vulnerabilities have been found in OpenSSL:
* The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.

* The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a Diffie-Hellman (DH) or Diffie-Hellman Ephemeral (DHE) ciphersuite.

* crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.

* The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCSInstall Docs-ISPconfig or CMS application.

Banner: Server: Apache/2.4.17 (Win32) mod_antiloris/0.6.0 OpenSSL/1.0.2d PHP/5.6.15
Installed version: 1.0.2d
Fixed version: 1.0.2e
Recommended Solution:
Upgrade to OpenSSL version 1.0.2e or newer.
More information:     https://www.openssl.org/news/secadv/20151203.txt, and https://mta.openssl.org/pipermail/openssl-commits/2015-August/001540.html
CVE:     CVE-2015-1794
CVE:     CVE-2015-3193
CVE:     CVE-2015-3194
CVE:     CVE-2015-3195
Test ID:     18638
Find
Reply
Thanks given by:


Forum Jump:


Users browsing this thread: 2 Guest(s)