Copia de SRV APLICACIONES-08072014

Vuln.
Cerradas IP Address DNS Name NetBios Nam Asset Label Asset Criticali Operating Sy
NO 192.168.10.21flamencos.comFLAMENCOS 10000133 4 Windows Server 2003 (Service Pac
NO 192.168.10.62canoas.compenCANOAS 10000143 4 Windows Server 2003 R2 (Service
NO 192.168.10.62canoas.compen
CANOAS 10000143 4 Windows Server 2003 R2 (Service
NO 192.168.10.15vmpmachado.cVMPMACHAD 10000147 4 Windows Server 2003 R2 (Service
SI 192.168.10.15vmpmachado.cVMPMACHAD 10000147 4 Windows Server 2003 R2 (Service
NO 192.168.10.34picachos.compPICACHOS 10000188 4 Windows Server 2003 R2 (Service
SI 192.168.10.34picachos.compPICACHOS 10000188 4 Windows Server 2003 R2 (Service
NO 192.168.10.66pure.compensaPURE 10000197 4 Windows Server 2003 R2 (Service
NO 192.168.10.66pure.compensa
PURE 10000197 4 Windows Server 2003 R2 (Service
NO 192.168.10.70malibu.compen
MALIBU 10000205 4 Windows Server 2003 R2 (Service
NO 192.168.10.87vmpruiz.compe
VMPRUIZ 10000213 4 Windows Server 2003 R2 (Service
SI 192.168.10.87vmpruiz.compe
NO 192.168.10.87vmpruiz.compeVMPRUIZ 10000213 4 Windows Server 2003 R2 (Service
NO 192.168.10.94guajaro.compeGUAJARO 10000214 4 Windows Server 2003 R2 (Service
NO 192.168.10.58vmpdeneb.com VMPDENEB 10003204 0 Windows Server 2003 (Service Pac
NO 192.168.10.58vmpdeneb.com
VMPDENEB 10003204 0 Windows Server 2003 (Service Pac
NO 192.168.10.58vmpdeneb.comVMPDENEB 10003204 0 Windows Server 2003 (Service Pac
NO 192.168.10.11vmpcancer.com
VMPCANCER 10003720 4 Windows Server 2008 R2 (Service
SI 192.168.10.11vmpcancer.com
NO 192.168.10.76vmpcamaleon.VMPCAMALEO 10004983 4 Windows Server 2008 R2 (Server,
NO 192.168.10.64ayapel.compenAYAPEL 0 Windows Server 2003 (Service Pac
NO 192.168.10.19colorados.comCOLORADOS 4 Windows Server 2003 (Service Pac
NO 192.168.10.93vmpsirius.comVMPSIRIUS 10005616 4 Windows Server 2008 R2 (Service
SI 192.168.10.93vmpsirius.comVMPSIRIUS 10005616 4 Windows Server 2008 R2 (Service
NO 192.168.10.68vmpalbali.comVMPALBALI 10005617 4 Windows Server 2008 R2 (Service
NO 192.168.10.92vmppropus.coVMPPROPUS 10005618 0 Windows Server 2008 R2 (Service
SI 192.168.10.92vmppropus.coVMPPROPUS 10005618 0 Windows Server 2008 R2 (Service
NO 192.168.10.15vmpcompas.co[Unknown] 4 Linux 2.6.x
NO 192.168.10.13vmplibra.compVMPLIBRA 4 Windows Server 2003 R2 (Service
NO 192.168.10.17vmpsagitta.coVMPSAGITTA 4 Windows Server 2003 R2 (Service
NO 192.168.10.15vmpkraz.compeVMPKRAZ 4 Windows Server 2003 R2 (Service
NO 192.168.10.15vmpkraz.compe
VMPKRAZ 4 Windows Server 2003 R2 (Service
NO 192.168.10.15vmpkraz.compe VMPKRAZ 4 Windows Server 2003 R2 (Service
NO 192.168.19.10vmprusierra.c VMPRUSIERRA 0 Windows Server 2008 R2 (Server,
NO 192.168.10.15vmperidanus.cVMPERIDANUS 4 Windows Server 2008 R2 (Service
SI 192.168.10.15vmperidanus.cVMPERIDANUS 4 Windows Server 2008 R2 (Service
NO 192.168.10.15vmppastor.com[Unknown] 4 Linux 2.6.x
NO 192.168.10.11vmpmartinica.VMPMARTINICA 4 Windows Server 2003 R2 (Service
SI 192.168.10.11vmpmartinica.VMPMARTINICA 4 Windows Server 2003 R2 (Service
NO 192.168.10.13vmpformax.coVMPFORMAX 4 Windows Server 2008 R2 (Service
SI 192.168.10.13vmpformax.coVMPFORMAX 4 Windows Server 2008 R2 (Service
NO 192.168.10.18vmppictor.comVMPPICTOR 0 Windows Server 2003 R2 (Service
SI 192.168.10.18vmppictor.comVMPPICTOR 0 Windows Server 2003 R2 (Service
SI 192.168.10.18vmppictor.comVMPPICTOR 0 Windows Server 2003 R2 (Service
NO 192.168.10.13vmpcetus.compVMPCETUS 4 Windows Server 2008 R2 (Service
NO 192.168.10.13vmpcetus.comp
VMPCETUS 4 Windows Server 2008 R2 (Service
NO 192.168.10.38vmpedas.compVMPEDAS 0 Windows Server 2003 R2 (Service
SI 192.168.10.38vmpedas.compVMPEDAS 0 Windows Server 2003 R2 (Service
NO 192.168.18.15vmpmimosa.coVMPMIMOSA 0 Windows Server 2008 (Service Pac
NO 192.168.18.48vmpatik.compe
VMPATIK 0 Windows Server 2008 R2 (Service
NO 192.168.18.38vmpgemini.coVMPGEMINI 0 Windows Server 2003 R2 (Service
Grupo: SRV APLICACIONES Vulnerabilidades: Vul. Cerradas
Responsables: Fernando Torres Altas: 886 6
Fecha Escaneo: 6/10/2014 Medias: 913 3
Herramienta: Vulnerability Manager Bajas: 208 0
Informativas: 5736 11
Asset Owner Vulnerability Vulnerability Na Vulnerability Risk Rating Observation Common Vulnerab
_x000D_
indows Server 2003 (Service Pac 864 NetBIOS NBTSTATIt is possible Informational Where target_system
CVE-MAP-NOMA
is the IP address or ho
indows Server 2003 (Service Pac 1615 Microsoft WindowThe ComputerInformational
B Maintains an uCVE-MAP-NOMA
indows Server 2003 (Service Pac 1623 Microsoft WindowThe Network Co Informational Manages object CVE-MAP-NOMA
indows Server 2003 (Service Pac 1618 Microsoft WindowThe IIS Admin Informational Necessary for CVE-MAP-NOMA
indows Server 2003 (Service Pac 1631 Microsoft WindowThe Server serInformational Supports file, CVE-MAP-NOMA
indows Server 2003 (Service Pac 1628 Microsoft WindowThe Remote Reg Informational Enables remote CVE-MAP-NOMA
indows Server 2003 (Service Pac 1627 Microsoft WindowThe Remote Acc Informational Creates a con CVE-MAP-NOMA
indows Server 2003 (Service Pac 1625 Microsoft WindowThe Print SpoolInformational Loads files to CVE-MAP-NOMA
indows Server 2003 (Service Pac 1632 Microsoft WindowThe System Eve Informational Tracks system CVE-MAP-NOMA
indows Server 2003 (Service Pac 1644 Microsoft WindowThe Terminal SInformational Allows multiplCVE-MAP-NOMA
indows Server 2003 (Service Pac 1641 Microsoft Windo The SNMP servi Informational Includes agentCVE-MAP-NOMA
indows Server 2003 (Service Pac 1657 Microsoft WindowThe Help and SInformational Enables Help aCVE-MAP-NOMA
indows Server 2003 (Service Pac 1642 Microsoft WindowThe SNMP Trap Informational Receives trap CVE-MAP-NOMA
indows Server 2003 (Service Pac 1660 Microsoft WindowThe DNS ClientInformational Resolves and cCVE-MAP-NOMA
indows Server 2003 (Service Pac 1635 Microsoft WindowThe TCP/IP NetInformational Enables supporCVE-MAP-NOMA
indows Server 2003 (Service Pac 1634 Microsoft WindowThe Task SchedInformational Enables a userCVE-MAP-NOMA
indows Server 2003 (Service Pac 1640 Microsoft WindowThe Simple Mai Informational Transports eleCVE-MAP-NOMA
indows Server 2003 (Service Pac 1661 Microsoft WindowThe DHCP Clien Informational Manages netwo CVE-MAP-NOMA
indows Server 2003 (Service Pac 1653 Microsoft WindowThe Event Log Informational Enables eventCVE-MAP-NOMA
indows Server 2003 (Service Pac 1633 Microsoft WinNT/A list of the s Informational The services l CVE-MAP-NOMA
indows Server 2003 (Service Pac 1638 Microsoft WindowThe SecondaryInformational Enables starti CVE-MAP-NOMA
indows Server 2003 (Service Pac 1659 Microsoft WindowThe Error RepoInformational Allows error r CVE-MAP-NOMA
indows Server 2003 (Service Pac 1701 Do Not Display LaThe Microsoft Informational With this poli CVE-MAP-NOMA
indows Server 2003 (Service Pac 1675 Microsoft WindowDetermine if MInformational Provides
_x000D_ Telephony API (TAPI)
indows Server 2003 (Service Pac 1731 Microsoft Windows The Unsigned Idnformational CVE-MAP-NOMA
indows Server 2003 (Service Pac 1695 Allow Undock WitThe Microsoft Informational Determines whe CVE-2002-0157 C
indows Server 2003 (Service Pac 1663 Microsoft WindowThe COM+ Syste Informational Manages the cCVE-MAP-NOMA
indows Server 2003 (Service Pac 1740 Microsoft WindowThe Do not al Informational This setting c CVE-MAP-NOMA
indows Server 2003 (Service Pac 1699 Microsoft WindowThe Microsoft Informational Microsoft
_x000D_ Jet CVE-MAP-NOMA
indows Server 2003 (Service Pac 1730 Microsoft WindowThe Require StInformational Default: Disabled
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1680 Microsoft WindowThe Windows Informational
Ti Maintains dateCVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 1703 Clear Pagefile On The Microsoft Informational Default: Disabled.
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1681 Microsoft Windo The Management Informational Provides a comCVE-MAP-NOMA
indows Server 2003 (Service Pac 1668 Microsoft WindowThe Network Lo Informational Collects
_x000D_and s CVE-MAP-NOMA
indows Server 2003 (Service Pac 1722 Microsoft Windo The host has tInformational If the two or more network interfaces are co
indows Server 2003 (Service Pac 1670 Microsoft WindowThe ProtectedInformational Provides
_x000D_ proteCVE-MAP-NOMA
indows Server 2003 (Service Pac 1714 Microsoft WindowThe version ofInformational Microsoft releases CVE-MAP-NOMA
new versions of IE, usually
indows Server 2003 (Service Pac 1662 Microsoft WindowThe Cryptograp Informational Provides threeCVE-MAP-NOMA
indows Server 2003 (Service Pac 1694 Microsoft Windo The Microsoft Informational Active Data ObCVE-MAP-NOMA
indows Server 2003 (Service Pac 1737 Microsoft Windows The Digitally Informational When enabled,CVE-MAP-NOMA
indows Server 2003 (Service Pac 1671 Microsoft WindowThe Security AInformational Stores securityCVE-MAP-NOMA
indows Server 2003 (Service Pac 2874 Microsoft WindowFor new users,Informational The autorun orCVE-MAP-NOMA
indows Server 2003 (Service Pac 2875 Drive Autorun PolThe system is Informational The autorun orCVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 1759 Microsoft WindowThe minimum Informational
p The minimum CVE-1999-0535
_x000D_ password age setting on the h
indows Server 2003 (Service Pac 1765 Microsoft WindowThe LAN Manage Informational _x000D_
NTLMv2 is a more
CVE-2001-0705
robust version of NTLM av
indows Server 2003 (Service Pac 2880 Microsoft Windows The "Network Informational
S Ensure permissions
CVE-MAP-NOMA
comply with enterprise p
indows Server 2003 (Service Pac 2443 Microsoft WindowThe DistributeInformational This service coCVE-MAP-NOMA
indows Server 2003 (Service Pac 2872 Bluescreen Auto The system is Informational The blue screeCVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2836 Unsigned Non-driv The unsigned nInformational Default:
_x000D_Warn CVE-MAP-NOMA
but allow installation
indows Server 2003 (Service Pac 1749 .NET Passport CreThe Do not all Informational Default:
_x000D_ Disabled
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2878 Microsoft WindowThe Dr. Watson Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
B Ensure permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2415 Microsoft WindowThe COM+ Event Informational This service prCVE-MAP-NOMA
indows Server 2003 (Service Pac 1743 Microsoft WindowThe Send unenc Informational Disabling
_x000D_ this CVE-MAP-NOMA
indows Server 2003 (Service Pac 2414 Microsoft WindowThe AutomaticInformational The AutomaticCVE-MAP-NOMA
Updates/Windows Update se
indows Server 2003 (Service Pac 1850 Microsoft WindowThe maximumInformational
se The MaximumCVE-MAP-NOMA
Se
indows Server 2003 (Service Pac 2444 Microsoft WindowThe Net LogonInformational This service prCVE-MAP-NOMA
indows Server 2003 (Service Pac 1754 Restrict Floppy A The restrict fl Informational This setting d CVE-1999-0594
indows Server 2003 (Service Pac 1785 Microsoft WindowMicrosoft Wind Informational The number ofCVE-1999-0582
indows Server 2003 (Service Pac 1803 Microsoft WindowThe Microsoft Informational This policy se CVE-1999-0535
indows Server 2003 (Service Pac 2441 Microsoft WindowThe Shell HardInformational This service prCVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 1758 Microsoft WindowThe Smart cardInformational Force Logoff - Users are automatically logged
indows Server 2003 (Service Pac 1756 Require DC authen The Require Do Informational When enabled,CVE-2002-0157
indows Server 2003 (Service Pac 1752 Restrict CD-ROM TAhe restrict C Informational _x000D_
By default, an CVE-1999-0594
indows Server 2003 (Service Pac 2879 Microsoft WindowThe "System CrInformational Ensure permissions CVE-MAP-NOMA
indows Server 2003 (Service Pac 2873 Microsoft WindowThe system is Informational The cdrom auto CVE-2000-0155
indows Server 2003 (Service Pac 2828 Default Guest Ac The guest accoInformational An account nam CVE-MAP-NOMA
indows Server 2003 (Service Pac 2436 Microsoft WindowThe IPSEC Serv Informational This service prCVE-MAP-NOMA
The Do not store LAN Manager hash value on next password change policy s
indows Server 2003 (Service Pac 1744 Microsoft Window Informational Enabling
indows Server 2003 (Service Pac 1794 Enable ICMP RediThe Enable ICM Informational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
_x000D_ CVE-MAP-NOMA
indows Server 2003 (Service Pac 1792 Microsoft Windows The Enable SecInformational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2439 Microsoft WindowThe Remote Pro Informational _x000D_
This service prCVE-MAP-NOMA
indows Server 2003 (Service Pac 2838 Microsoft Windo One or more na Informational At least one anonymously-accessible
CVE-MAP-NOMA named
Au This service prCVE-MAP-NOMA
indows Server 2003 (Service Pac 2442 Microsoft Windows The Distributed Informational This service maCVE-MAP-NOMA
indows Server 2003 (Service Pac 2430 Microsoft WindowThe WorkstatioInformational This service roCVE-MAP-NOMA
indows Server 2003 (Service Pac 1804 Microsoft Windows The Microsoft Informational This policy s CVE-MAP-NOMA
indows Server 2003 (Service Pac 1755 Number Of PrevioThe Number ofInformational Determines the CVE-MAP-NOMA
indows Server 2003 (Service Pac 1787 Microsoft WindowThe Lockout ThInformational Determines
_x000D_ the number of failed
indows Server 2003 (Service Pac 4005 Microsoft Windows The "Log on asInformational NOTE:
_x000D_ This check
CVE-1999-0534
requires at least Foundston
indows Server 2003 (Service Pac 4007 Microsoft WindowThe "Adjust meInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2961 User Rights Profil The User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 4124 Windows FirewallThe Microsoft Informational The Microsoft CVE-MAP-NOMA
indows Server 2003 (Service Pac 4108 Security Center i The Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2963 User Rights RemoThe User Righ Informational NOTE: _x000D_ CVE-MAP-NOMA
This check requires at least Foundston
indows Server 2003 (Service Pac 2917 User Rights AllowThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2970 User Rights LogonThe User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 4126 Windows FirewallThe Microsoft Informational The Microsoft
indows Server 2003 (Service Pac 3976 Microsoft Windows The permissionInformational _x000D_ CVE-MAP-NOMA
indows Server 2003 (Service Pac 2913 Audit Privilege UsThe Audit Pri Informational NOTE: This check CVE-1999-0575
_x000D_
indows Server 2003 (Service Pac 2908 Microsoft WindowThe Audit Acc Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2909 Audit Account MaThe Audit Acc Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 4104 USB Block StorageThe Microsoft Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2003 (Service Pac 2910 Audit Logon EventThe Audit Log Informational The Audit LogoCVE-1999-0575
indows Server 2003 (Service Pac 4136 Windows FirewallThe S Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2912 Audit Policy ChanThe Audit Pol Informational _x000D_
NOTE: This check CVE-1999-0575
indows Server 2003 (Service Pac 2915 User Rights Acce The User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 3984 Microsoft Windows The permissionInformational CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2916 User Rights Act AsThe User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 3316 Microsoft WindowIt was possibl Informational Microsoft
_x000D_ Wind C VE-MAP-NOMA
indows Server 2003 (Service Pac 2920 User Rights Chan The User Righ Informational NOTE:
Autoplay is not disabled on all drive
_x000D_ This for
types check
CVE-MAP-NOMA
requires
all local at least
accounts andFoundston
therefor
indows Server 2003 (Service Pac 2986 Disable Autoplay Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2964 User Rights ReplaThe User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 3553 Real-Time DetectMcAfee VirusSc Informational McAfee VirusSc CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2918 User Rights Backup The User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2883 Microsoft Windows The legal noti Informational Ensure
_x000D_ that the legal notice text and caption
indows Server 2003 (Service Pac 2919 User Rights BypasThe User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2891 Microsoft WindowThe "System Ob Informational _x000D_
Ensure permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 3995 Microsoft WindowAnonymous user Informational http://www.microsoft.com/resources/docum
CVE-MAP-NOMA
indows Server 2003 (Service Pac 4102 WebDAV Basic Aut The Microsoft Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2003 (Service Pac 4103 Basic AuthenticatThe Microsoft Informational Microsoft
_x000D_ Wind CVE-MAP-NOMA
indows Server 2003 (Service Pac 3994 Microsoft Windows The file permi Informational CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2966 User Rights Shut The User Righ Informational NOTE: This checkCVE-MAP-NOMA
indows Server 2003 (Service Pac 3959 Microsoft Windows The AdministrInformational The users detected within the
indows Server 2003 (Service Pac 4018 Microsoft WindowOne or more Mi Informational Microsoft
indows Server 2003 (Service Pac 2888 Microsoft WindowThe Perform Ro
_x000D_ Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2987 Power Users Grou Informational NOTE: This checkCVE-MAP-NOMA
indows Server 2003 (Service Pac 4105 MSDTC Inbound Ac The Microsoft Informational Microsoft Wind
indows Server 2003 (Service Pac 4008 Microsoft WindowThe Microsoft Informational The value
_x000D_ for this
CVE-MAP-NOMA
security option does not m
indows Server 2003 (Service Pac 4010 Microsoft WindowThe Microsoft Informational The value for this
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2914 Audit System EvenThe Audit Sys Informational NOTE:
_x000D_ This check
CVE-1999-0575
indows Server 2003 (Service Pac 2885 Microsoft WindowThe Name-poliInformational Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2947 User Rights Deny The User Righ Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 4004 Microsoft Windows The "Impersona Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2911 Audit Object AcceThe Audit Obj Informational NOTE:
_x000D_ This check
CVE-1999-0575
requires at least
C Foundston
indows Server 2003 (Service Pac 2887 Microsoft WindowThe Remove Adm Informational Ensure permissions
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2965 User Rights RestorThe User RightInformational NOTE: This checkCVE-MAP-NOMA
indows Server 2003 (Service Pac 4113 Windows FirewallTheS Microsoft Informational The Microsoft CVE-MAP-NOMA
indows Server 2003 (Service Pac 3539 Simple TCP/IP SerThe Simple TCPInformational This service p CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2957 User Rights Log OnThe User RightInformational NOTE: This checkCVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 9793 SMTP Server ConnSMTP server cInformational SMTP
_x000D_server connection was allowed on the
indows Server 2003 (Service Pac 9772 SMTP Server DeteSMTP service w Informational SMTP service was detected on the host.
indows Server 2003 (Service Pac 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS
_x000D_RPC Interface Detected.
indows Server 2003 (Service Pac 11192 Microsoft RemoteMicrosoft Remo Informational Microsoft
_x000D_ Remote Procedure Call Service wa
indows Server 2003 (Service Pac 11147 Quote Of The DayA denial of serMedium A denial of service
_x000D_ CVE-1999-0103
vulnerability is present in
indows Server 2003 (Service Pac 11418 SSL Supported CipSSL supportedInformational SSL supported
_x000D_ cipher suite was detected on t
indows Server 2003 (Service Pac 8709 Discard Service R Discard servic Informational Discard service
A hosts file CVE-1999-0636
was detected
configuration of a on the host.
Windows An
Oper
indows Server 2003 (Service Pac 13430 Windows Hosts FiA hosts file c Informational
indows Server 2003 (Service Pac 6606 (MS09-014) Micros A vulnerabilit High A vulnerabilit CVE-2009-0551
_x000D_
indows Server 2003 (Service Pac 7724 (MS10-002) Micros A remote codeHigh A remote
The code
flaw lies inCVE-2010-0027
execution
the accessvulnerability
to an object is
in pres
me
indows Server 2003 (Service Pac 14165 (MS12-063) MicroA code executiHigh _x000D_ CVE-2012-2557
indows Server 2003 (Service Pac 12227 (MS11-052) VulneA remote codeHigh Microsoft
_x000D_ has provided
CVE-2011-1266
MS11-052 to address
indows Server 2003 (Service Pac 9410 Microsoft InterneA remote denial Low A remote denial of service vulnerability is pre
_x000D_
indows Server 2003 (Service Pac 13872 (MS12-046) Vulner A vulnerabilityHigh Microsoft
CVE-2012-1854MS12-046 to address
indows Server 2003 (Service Pac 13519 (MS12-023) MicroA remote codeHigh The flaw lies
A memory inCVE-2012-0172
the wayvulnerability
corruption the program access
exists a
in M
indows Server 2003 (Service Pac 6286 (MS08-073) Micros A memory corru High The flaw
_x000D_ is specific
CVE-2008-4260
to the manner in which In
indows Server 2003 (Service Pac 12757 (MS11-081) Micros A remote codeHigh The flaw is specific
_x000D_ CVE-2011-2001
to the way the application
indows Server 2003 (Service Pac 7729 (MS10-002) MicroA remote codeHigh A remote codeCVE-2010-0248
_x000D_ execution vulnerability is pres
indows Server 2003 (Service Pac 11534 Microsoft InterneA spoofing vulnMedium The flaw is specific to a weakness when upda
_x000D_
indows Server 2003 (Service Pac 13392 Microsoft InterneA denial of serMedium The lies in a memory
_x000D_ CVE-2012-1545
corruption condition, in
indows Server 2003 (Service Pac 14505 Microsoft XML CorAn obsolete veInformational An obsolete version of Microsoft XML Core S
_x000D_
indows Server 2003 (Service Pac 13297 (MS12-010) MicroA remote codeHigh The flaw lies inCVE-2012-0011
an error with the use of an ob
indows Server 2003 (Service Pac 15212 Update Rollup forUnknown vulner Medium Unknown
_x000D_ vulnerabilities are pre
indows Server 2003 (Service Pac 15162 (MS13-047) Cumula Multiple vulnerHigh Microsoft CVE-2013-3110
_x000D_ has provided MS13-047C to address
indows Server 2003 (Service Pac 13077 (MS11-099) Cumula Multiple vulnerHigh Microsoft
CVE-2011-1992MS11-099C to address
indows Server 2003 (Service Pac 11250 (MS11-003) Micros A remote codeHigh The vulnerability
A remote codeCVE-2011-0036
is specificvulnerability
execution to the use ofis an
preso
indows Server 2003 (Service Pac 15165 (MS13-047) Micros A remote codeHigh The flaw lies inCVE-2013-3112
_x000D_ a user-after-free error. Succe
indows Server 2003 (Service Pac 6905 (MS09-034) MicroA vulnerabilit High The flaw
_x000D_ lies inCVE-2009-1918
the method used by Microsoft
indows Server 2003 (Service Pac 6608 (MS09-014) Micros A vulnerabilit High The
The flaw
flaw is specific
lies inCVE-2009-0553
the to the method used
drag-and-drop by IE
operation.
indows Server 2003 (Service Pac 12236 (MS11-050) MicroA remote codeHigh _x000D_ CVE-2011-1254
indows Server 2003 (Service Pac 12756 (MS11-081) MicroA remote codeHigh The flaw is specific
_x000D_ CVE-2011-2000
indows Server 2003 (Service Pac 6744 (MS09-019) Micros A vulnerabilityMedium _x000D_ CVE-2009-1140
indows Server 2003 (Service Pac 7346 (MS09-014) Cumula Multiple vulneHigh The update provided
_x000D_ CVE-2008-2540
by Microsoft
C bulletin M
indows Server 2003 (Service Pac 9723 (MS10-053) Cumula A remote codeHigh Microsoft
The flaw lieshasinreleased
CVE-2010-1258
the TimeMS10-053 C to
element. address
Successful
indows Server 2003 (Service Pac 7459 (MS09-072) UninitA vulnerabilit High The vulnerability
_x000D_ CVE-2009-3673
is in the way Internet Explo
indows Server 2003 (Service Pac 6746 (MS09-019) MicroA vulnerabilit High _x000D_ CVE-2009-1528
_x000D_ has release
CVE-2010-0808
MS10-071 C to address t
indows Server 2003 (Service Pac 7139 Microsoft InterneA vulnerabilit Medium A vulnerabilityCVE-2009-3003
_x000D_ in Micrsoft Internet Explorer m
indows Server 2003 (Service Pac 5921 (MS08-031) Micros A vulnerabilityHigh A vulnerability CVE-2008-1544
existsa in
4. A service is using Microsoft
user C Internet
account not perm Ex
indows Server 2003 (Service Pac 4617 Microsoft Windows A Microsoft WiInformational 5. A service is installed that should not be ins
indows Server 2003 (Service Pac 5474 Display all detec Informational Informational Informational
_x000D_ script to display
indows Server 2003 (Service Pac 5417 (MS07-045) Micros A vulnerabilit High A vulnerability
_x000D_ CVE-2007-0943
in Microsoft Internet
C Explorer
indows Server 2003 (Service Pac 5703 (MS08-010) MicroA vulnerabilit High A vulnerabilityCVE-2007-4790
_x000D_ exists in Microsoft C Internet Ex
_x000D_ the way the program access a
indows Server 2003 (Service Pac 8937 Microsoft InternetA cross site sc Medium A cross site scripting
_x000D_ CVE-2007-1114
vulnerability is present i
indows Server 2003 (Service Pac 6652 Microsoft WindowThe "PasswordInformational The setting
_x000D_ on the host does not comply with
indows Server 2003 (Service Pac 13043 Microsoft InterneAn informationLow An informationCVE-2002-2435
_x000D_ disclosure vulnerability is pre
indows Server 2003 (Service Pac 7804 (MS08-031) Cumula Multiple vulneHigh Multiple
The flaw vulnerabilities
the Link are present
C
Properties. in some v
Successfu
indows Server 2003 (Service Pac 12233 (MS11-050) Micros A remote codeHigh _x000D_ CVE-2011-1250
indows Server 2003 (Service Pac 9078 (MS10-035) Micros A vulnerabilityHigh The vulnerability
_x000D_ CVE-2010-1259
is in the way that Internet E
indows Server 2003 (Service Pac 10354 (MS10-071) Micros A remote codeHigh An attacker could
_x000D_ CVE-2010-3331
exploit the vulnerability by
indows Server 2003 (Service Pac 8331 (MS10-018) Micros An informationMedium The flaw can
A memory occur
CVE-2010-0488
corruption upon handling ofexists
vulnerability contentin In
indows Server 2003 (Service Pac 6283 (MS08-073) MicroA memory corru High The
A flaw is theCVE-2008-4259
vulnerability result in
exists of Internet
Internet Explorer
Explorer whe acc
indows Server 2003 (Service Pac 6177 (MS08-058) Micros A vulnerabilit High _x000D_ CVE-2008-3472
indows Server 2003 (Service Pac 5354 (MS07-057) Micros A vulnerabilityHigh A vulnerabilityCVE-2007-3826
_x000D_ in Microsoft Internet Explorer
indows Server 2003 (Service Pac 10894 (MS10-090) MicroA remote codeHigh The vulnerability CVE-2010-3346
is specific to the access to a
_x000D_
indows Server 2003 (Service Pac 7377 (MS09-019) CumulaMultiple vulnerHigh The update provided
_x000D_ CVE-2009-1532
by Microsoft
C bulletin M
indows Server 2003 (Service Pac 5231 (MS07-033) MicrosA vulnerabilit High A vulnerabilityCVE-2007-0218
_x000D_ in Microsoft Internet
C Explorer
indows Server 2003 (Service Pac 7725 (MS10-002) MicrosA remote codeHigh A remote
_x000D_ code CVE-2010-0244
execution vulnerability is pres
indows Server 2003 (Service Pac 6609 (MS09-014) MicrosA vulnerabilit High The flaw is specific
_x000D_ CVE-2009-0554
to the method used by IE
indows Server 2003 (Service Pac 7405 Microsoft InterneA vulnerabilityInformational The printing functionality
_x000D_ CVE-2009-4073 in Microsoft Intern
_x000D_ has released
CVE-2013-1335
MS13-043 to address
indows Server 2003 (Service Pac 11789 (MS11-018) MicrosAn informationMedium The flaw
_x000D_ can beCVE-2011-1244
exploited via a specially-craft
indows Server 2003 (Service Pac 10350 (MS10-071) MicrosA remote codeHigh An attacker could
_x000D_ CVE-2010-3328
indows Server 2003 (Service Pac 5256 Microsoft WindowsScreen saver gInformational Ensure
_x000D_ permissions comply with enterprise p
exists in Microsoft C Internet Ex
http://support.microsoft.com/default.aspx?s
indows Server 2003 (Service Pac 7232 Microsoft Windo The target's Informational _x000D_ CVE-MAP-NOMA
indows Server 2003 (Service Pac 14017 (MS12-052) CumulaMultiple remotHigh Microsoft has provided
CVE-2012-2522
MS12-052 C to address
indows Server 2003 (Service Pac 5265 Microsoft WindowsInternet ExploInformational Internet
_x000D_Explorer Enhanced Secu
indows Server 2003 (Service Pac 6054 (MS08-045) MicrosA vulnerabilityHigh A vulnerabilityCVE-2008-2256
_x000D_ exists in Microsoft C Internet Ex
indows Server 2003 (Service Pac 7825 (MS08-010) CumulaMultiple vulneHigh Multiple
_x000D_ vulnerabilities
CVE-2008-0076
exist inCMicrosoft Inte
indows Server 2003 (Service Pac 7196 (MS09-054) HTMLA vulnerabilit High An attacker could
_x000D_ CVE-2009-2529
indows Server 2003 (Service Pac 11788 (MS11-018) MicroA remote codeHigh The flaw resides
_x000D_ CVE-2011-0346
in the mshtml.dll componen
indows Server 2003 (Service Pac 6751 (MS09-019) MicrosA vulnerabilit High _x000D_ CVE-2009-1529
indows Server 2003 (Service Pac 8332 (MS10-018) MicrosA remote codeHigh The flaw can occur
_x000D_ CVE-2010-0267
upon accessing specific ob
indows Server 2003 (Service Pac 8535 (MS10-022) MicrosA remote codeHigh If a malicious Web
_x000D_ CVE-2010-0483
site displayed a specially c
indows Server 2003 (Service Pac 13295 (MS12-010) CumulaVulnerabilitiesHigh Microsoft
CVE-2012-0010
indows Server 2003 (Service Pac 7224 (MS09-054) CumulaMultiple vulneHigh The update
_x000D_ provided
CVE-2009-1547
by Microsoft
C bulletin M
indows Server 2003 (Service Pac 14175 Update Rollup forMultiple remotMedium Multiple
_x000D_ remote code execution vulnerabiliti
indows Server 2003 (Service Pac 8333 (MS10-018) CumulaMultiple vulnerHigh The vendor hasCVE-2010-0490
_x000D_ released patchCMS10-018 to
indows Server 2003 (Service Pac 7817 (MS10-035) MicrosA vulnerabilit Medium A vulnerabilityCVE-2010-0255
_x000D_ exists in multiple versions Mic
indows Server 2003 (Service Pac 14166 (MS12-063) CumulaA code executiHigh Microsoft
CVE-2012-1529
indows Server 2003 (Service Pac 7194 (MS09-054) Data A remote codeHigh An attacker couldCVE-2009-1547
indows Server 2003 (Service Pac 5590 Microsoft WindowsThe User RightInformational The User Rights "Deny log on loc
_x000D_
_x000D_ CVE-2009-0550
to the method use by Win
indows Server 2003 (Service Pac 8389 (MS08-073) CumulaA memory corru High A memory
_x000D_ corruption
CVE-2008-4261
vulnerability
C exists in M
indows Server 2003 (Service Pac 4916 Microsoft WindowsThe legal noticInformational Ensure
_x000D_ that bothCVE-1999-0590
legal notice text and captio
indows Server 2003 (Service Pac 4871 (MS07-004) MicrosA buffer-overfHigh A vulnerabilityCVE-2007-0024
_x000D_ exists in Microsoft Internet Ex
_x000D_ is present in Microsoft
C Interne
indows Server 2003 (Service Pac 5520 (MS07-057) MicrosA vulnerabilityHigh A vulnerability CVE-2007-1091
C Explorer
A vulnerability in Microsoft Internet Explorer
indows Server 2003 (Service Pac 5517 (MS07-057) MicrosA vulnerabilityHigh The flaw lays inCVE-2007-1091
_x000D_ the handling ofC script errors w
indows Server 2003 (Service Pac 9065 (MS10-035) CumulaA vulnerabilityHigh The vulnerability
_x000D_ CVE-2010-1262
is in the way Cthat Internet E
indows Server 2003 (Service Pac 13515 (MS12-023) MicrosA remote codeHigh The flaw lies inCVE-2012-0168
a error inside the print comm
indows Server 2003 (Service Pac 5595 Microsoft WindowsThe "DCOM: Mac Informational The "DCOM: Machine Access Rest
_x000D_
indows Server 2003 (Service Pac 9704 (MS10-053) MicrosAn informationMedium An attacker could
_x000D_ CVE-2010-1258
_x000D_ is present in Microsoft
C Interne
_x000D_ CVE-2010-3329
indows Server 2003 (Service Pac 6053 (MS08-045) MicroA vulnerabilit High A vulnerability
_x000D_ CVE-2008-2255
exists in Microsoft Internet Ex
indows Server 2003 (Service Pac 12446 (MS11-057) MicrosAn informationMedium The flaw lies inCVE-2011-1960
_x000D_ an error with the handling of
indows Server 2003 (Service Pac 10895 (MS10-090) MicrosAn informationMedium The vulnerabilityCVE-2010-3348
is specific to the access to t
A remote code execution vulnerability is pres
indows Server 2003 (Service Pac 9069 (MS10-041) VulnerA vulnerabilit Medium The vulnerability
_x000D_ CVE-2009-0217
is due to the way in which t
indows Server 2003 (Service Pac 13855 (MS12-043) VulnerA vulnerabilit High Microsoft
The flaw lies in the HTTPMS12-043
has provided
CVE-2012-1889 to address
redirect operation.
indows Server 2003 (Service Pac 5230 (MS07-033) MicrosA vulnerabilit High _x000D_ CVE-2007-0218 C
indows Server 2003 (Service Pac 11580 (MS11-018) MicroA remote codeHigh The flaw can be
_x000D_ CVE-2011-1345
indows Server 2003 (Service Pac 5132 (MS07-027) MicrosA vulnerabilit High A vulnerability
_x000D_ CVE-2007-0323
C Explorer
indows Server 2003 (Service Pac 12753 (MS11-081) MicroA remote codeHigh The flaw ishas
Microsoft specific
CVE-2011-1996
to the
provided way the application
MS11-057 to address
indows Server 2003 (Service Pac 12466 (MS11-057) CumulaA remote codeHigh _x000D_ CVE-2011-1257 C
indows Server 2003 (Service Pac 5859 Windows User ProUser profiles Informational User profiles were found on the Windows ho
indows Server 2003 (Service Pac 5543 Enumerate EnableMicrosoft WinInformational Administrative
_x000D_ shares are crea
indows Server 2003 (Service Pac 9081 (MS10-035) MicrosA vulnerabilityHigh The vulnerability
_x000D_ CVE-2010-1262
indows Server 2003 (Service Pac 6056 (MS08-045) MicroA vulnerabilityHigh A vulnerabilityCVE-2007-2258
_x000D_ exists in MicrosoftC Internet Ex
indows Server 2003 (Service Pac 6747 (MS09-019) MicroA vulnerabilit High _x000D_ CVE-2009-1530
indows Server 2003 (Service Pac 15039 (MS13-037) CriticMultiple vulneHigh Microsoft
CVE-2013-0811
MS13-037C to address
indows Server 2003 (Service Pac 11754 (MS11-018) CumulaVulnerabilitie High Microsoft
CVE-2011-0094
MS11-018C to adress t
_x000D_ a use-after-free condition. Su
indows Server 2003 (Service Pac 12840 Microsoft WindowsMultiple DNS pLow Multiple
_x000D_ DNS poisoning vulnerabilities are pr
_x000D_ a memory corruption in the e
indows Server 2003 (Service Pac 5016 (MS07-033) MicrosA vulnerabilityMedium Microsoft
The flaw liesInternet
inCVE-2007-1499
the Explorer 7 isC vulnerable
VML object. to
Successful ex
indows Server 2003 (Service Pac 12246 (MS11-052) MicroA remote codeHigh A DNS configurationCVE-2011-1266
of a Windows Operating
indows Server 2003 (Service Pac 13429 Windows DNS Conf A DNS configuInformational Multiple vulnerabilities exist in Internet Explo
indows Server 2003 (Service Pac 8020 (MS08-058) CumulaMultiple vulneHigh _x000D_ CVE-2008-2947 C
C Explorer
indows Server 2003 (Service Pac 5135 (MS07-027) MicrosA vulnerabilit High A
Thevulnerability
in Microsoft
the Internet
DOM object. C Successful
Explorere
indows Server 2003 (Service Pac 12239 (MS11-050) MicroA remote codeHigh CVE-2011-1256
indows Server 2003 (Service Pac 10804 Windows Installe It was possibl Informational It was possible to enumerate i
indows Server 2003 (Service Pac 5685 Microsoft WindowThe usernameInformational
o The username
A remote codeof the last user
indows Server 2003 (Service Pac 15167 (MS13-047) MicrosA remote codeHigh The
A privilege escalation vulnerability flaw lies in
Theisvulnerability CVE-2013-3113
present some a user-after-free
canversions
be exploited error.
by a Succe
of Microsoftproce
Wi
indows Server 2003 (Service Pac 9839 Microsoft Windows Medium _x000D_ CVE-2010-1886
indows Server 2003 (Service Pac 6936 Microsoft InterneA vulnerabilityLow A vulnerabilityCVE-2009-2433
_x000D_ is present in Microsoft Interne
indows Server 2003 (Service Pac 10353 (MS10-071) MicrosAn informationMedium This vulnerability
_x000D_ CVE-2010-3330
can be explioted by constru
indows Server 2003 (Service Pac 10618 Microsoft InterneA remote codeHigh Exploitation
_x000D_ requires
CVE-2010-3962
an attacker to convince
indows Server 2003 (Service Pac 8394 (MS08-078) SecuriA vulnerabilit High The vulnerability
The flaw lies inCVE-2008-4844
anisinvalid
specificpointer
to thereference
use of an ow
indows Server 2003 (Service Pac 5007 Microsoft WindowsA vulnerabilit Low Microsoft
_x000D_ Windows 2000, XP, and Vista are a
_x000D_ the handling of the Shift JIS ch
_x000D_ CVE-2007-0323
C Explorer
indows Server 2003 (Service Pac 7197 (MS09-054) UninitA vulnerabilityHigh An attacker could
_x000D_ CVE-2009-2531
indows Server 2003 (Service Pac 13520 (MS12-023) CumulaMultiple remotHigh Microsoft has provided
CVE-2012-0170
indows Server 2003 (Service Pac 6172 (MS08-058) MicroA vulnerabilit High A vulnerabilit CVE-2008-3472
_x000D_
indows Server 2003 (Service Pac 6055 (MS08-045) MicrosA vulnerabilityHigh A vulnerabilityCVE-2008-2257
indows Server 2003 (Service Pac 12454 (MS11-057) MicroA remote codeHigh The flaw
_x000D_ lies inCVE-2011-1963
an error when accessing an o
C Explorer
indows Server 2003 (Service Pac 11267 (MS11-003) CumulaMultiple vulneHigh The vendor hasCVE-2010-3971
provided MS11-003C to addre
_x000D_
indows Server 2003 (Service Pac 11767 (MS11-031) Vulner A vulnerabilit High _x000D_ CVE-2011-0663
indows Server 2003 (Service Pac 7172 (MS09-045) Vulner A vulnerabilityHigh The update provided
_x000D_ CVE-2009-1920
by Microsoft bulletin M
indows Server 2003 (Service Pac 6904 (MS09-034) Micros A vulnerabilit High The flaw
_x000D_ lies inCVE-2009-1919
the method used by Microsoft
indows Server 2003 (Service Pac 5131 (MS07-027) Micros A vulnerabilit High A vulnerabilityCVE-2007-0323
C Explorer
indows Server 2003 (Service Pac 11913 Microsoft Word 20 A denial of se Medium A denial of service
_x000D_ CVE-2010-3200
_x000D_ an error with the use of an ob
indows Server 2003 (Service Pac 8328 (MS10-018) Micros A remote codeHigh The flaw can occur CVE-2010-0490
during processing of obje
indows Server 2003 (Service Pac 4434 Enumerate Admini List the users Informational Under_x000D_ Microsoft Windows role-b
indows Server 2003 (Service Pac 14579 (MS13-002) Vulner A
A remote codeHigh
vulnerability exists in InternetMicrosoft
AExplorer has released
vulnerability
which CVE-2013-0007
exists
allows in MS13-002
for
InternetC Explorer
to address
information disclo
whi
indows Server 2003 (Service Pac 6174 (MS08-058) Micros High _x000D_ CVE-2008-2947
indows Server 2003 (Service Pac 4658 Microsoft IIS Det Microsoft InteInformational If the DisplayName and ImagePath keys exist
_x000D_
indows Server 2003 (Service Pac 6750 (MS09-019) Micros A vulnerabilityHigh _x000D_ CVE-2007-3091
a memory error in the COmW
indows Server 2003 (Service Pac 5578 Enumerate Instal VMware images Informational _x000D_
VMware images were found to b
indows Server 2003 (Service Pac 10938 (MS11-003) MicroA remote codeHigh The flaw occurs
_x000D_ CVE-2010-3971
due to Internet Explorer han
indows Server 2003 (Service Pac 5516 (MS07-057) Micros A vulnerabilityHigh A vulnerabilityCVE-2007-1091
C Explorer
indows Server 2003 (Service Pac 5250 Microsoft WindowAllow ICMP redInformational Ensure _x000D_ permissions comply with enterprise p
_x000D_ Microsoft Internet C Explorer m
indows Server 2003 (Service Pac 13871 (MS12-046) Micros A remote codeMedium The flaw
_x000D_ lies inCVE-2012-1854
the loading of DLL files. Succe
C Explorer
indows Server 2003 (Service Pac 5533 Microsoft WindowA list of loca Informational A list of local groups was obta
_x000D_
indows Server 2003 (Service Pac 7743 (MS10-002) Cumula A remote codeHigh The update provided
A vulnerability exists in byMicrosoft
MicrosoftInternet
bulletin Ex
M
indows Server 2003 (Service Pac 6301 (MS08-078) SecuriA vulnerabilit High The flaw
_x000D_ is lies CVE-2008-4844
in an invalid pointer reference
indows Server 2003 (Service Pac 9086 (MS10-041) MicroA vulnerabilit Medium The vulnerability CVE-2009-0217
indows Server 2003 (Service Pac 5591 Microsoft Windows The User RightInformational _x000D_
The User Rights "Deny log on t
indows Server 2003 (Service Pac 5138 (MS07-027) Micros A vulnerabilityHigh Microsoft
_x000D_ Internet CVE-2007-0323
Explorer contains
C a flaw d
indows Server 2003 (Service Pac 8099 (MS08-045) Cumula Multiple vulneHigh Multiple
CVE-2008-2256are present
C in Micros
indows Server 2003 (Service Pac 7458 (MS09-072) HTMLA vulnerabilit High The vulnerability
_x000D_ CVE-2009-3672
indows Server 2003 (Service Pac 5606 Microsoft WindowThe Security EInformational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
indows Server 2003 (Service Pac 5254 Microsoft Windows Windows file nInformational Ensure_x000D_ permissions comply with enterprise p
indows Server 2003 (Service Pac 7731 (MS08-024) Cumula A VulnerabilityHigh A VulnerabilityCVE-2008-1085
indows Server 2003 (Service Pac 14926 (MS13-028) Micros A remote codeHigh The flaw
_x000D_ lies inCVE-2013-1303
a use-after-free condition. Su
indows Server 2003 (Service Pac 8330 (MS10-018) Micros A remote codeHigh The flaw can occur
_x000D_ CVE-2010-0489
_x000D_ CVE-2011-1993
indows Server 2003 (Service Pac 5416 (MS07-045) Micros A vulnerabilit High A vulnerability
_x000D_ CVE-2007-0943
C Explorer
exists in Microsoft C Internet Ex
indows Server 2003 (Service Pac 4427 Check users who Determined tha Informational Some _x000D_ accounts password was fo
indows Server 2003 (Service Pac 9518 Mcafee VirusScanMcAfee VirusSc Informational McAfee
_x000D_VirusScan is installed on the host and
indows Server 2003 (Service Pac 5629 (MS07-069) Micros A vulnerabilit High A vulnerabilityCVE-2007-3902
_x000D_ Microsoft Internet C Explorer m
indows Server 2003 (Service Pac 5971 Microsoft InternetA vulnerabilityHigh A vulnerability
_x000D_ CVE-2008-2949
exists in Microsoft
C Internet Ex
indows Server 2003 (Service Pac 7466 (MS09-072) Cumula Multiple vulneHigh The update provided
_x000D_ CVE-2009-2493
by Microsoft
C bulletin M
indows Server 2003 (Service Pac 10348 (MS10-071) Micros An informationMedium An attacker could CVE-2010-3325
_x000D_
indows Server 2003 (Service Pac 15051 (MS13-037) MicrosAn informationMedium The flaw is dueCVE-2013-1297
_x000D_ to how access to JSON data fi
indows Server 2003 (Service Pac 7098 (MS09-045) MicrosA vulnerabilit High The vulnerability
_x000D_ CVE-2009-1920
exists in the way that the JS
indows Server 2003 (Service Pac 9701 (MS10-053) MicrosA remote codeHigh An attacker
_x000D_ could
CVE-2010-2558
exploit this by constructing
_x000D_ the handling of null bytes. Su
indows Server 2003 (Service Pac 14347 Microsoft .NET F An obsolete veInformational An obsolete version of Microsoft .NET Frame
_x000D_
_x000D_ CVE-2011-1995
indows Server 2003 (Service Pac 7677 (MS10-002) MicrosA code executiHigh Disabling
_x000D_ JavaScipt,
CVE-2010-0249
while enabling DEP, will i
indows Server 2003 (Service Pac 14617 (MS13-008) SecuriA use-after-freHigh Microsoft
CVE-2012-4792
MS13-008 to address
indows Server 2003 (Service Pac 7828 (MS08-036) VulnerMultiple vulneMedium Multiple vulnerabilities
CVE-2008-1441
are present
C in Micros
indows Server 2003 (Service Pac 6821 Microsoft InterneInternet ExploInformational The
. An Microsoft Internet
attacker could Explore
exploit the vulnerability b
indows Server 2003 (Service Pac 7195 (MS09-054) UninitA vulnerabilityHigh _x000D_ CVE-2009-2530
_x000D_ CVE-2010-2556
indows Server 2003 (Service Pac 10351 (MS10-071) MicrosAn informationMedium Successful
The exploitation
of thisobject.
the Selection vulnerability co
Successf
indows Server 2003 (Service Pac 12242 (MS11-050) MicrosA remote codeHigh _x000D_ CVE-2011-1261
indows Server 2003 (Service Pac 14492 (MS12-077) CumulaMultiple vulnerHigh Microsoft
An obsolete hasversion
provided
CVE-2012-4781
MS12-077
C Outlook
of Microsoft to address
is d
indows Server 2003 (Service Pac 14345 Microsoft OutlookAn obsolete veInformational _x000D_
_x000D_ an error when accessing an o
indows Server 2003 (Service Pac 12215 (MS11-050) CumulaMultiple vulnerHigh Succesful
_x000D_ exploitation
CVE-2011-1246
requiresCthat an attack
indows Server 2003 (Service Pac 8325 (MS10-018) MicroA remote codeHigh The flaw can occur
_x000D_ CVE-2010-0807
during processing of an o
_x000D_ an error with the use of Telne
_x000D_ CVE-2007-0323
C Explorer
indows Server 2003 (Service Pac 14914 Microsoft EnhanceMicrosoft EnhaInformational _x000D_
indows Server 2003 (Service Pac 9381 Microsoft InterneA vulnerabilityMedium A vulnerabilityCVE-2010-3886
indows Server 2003 (Service Pac 5228 (MS07-033) MicroA vulnerabilit High A vulnerability
_x000D_ CVE-2007-0218
C Explorer
C Explorer
_x000D_ exists in Microsoft
C Internet Ex
indows Server 2003 (Service Pac 11828 (MS11-018) MicrosAn informationMedium The flaw can be
_x000D_ CVE-2011-1245
indows Server 2003 (Service Pac 9699 (MS10-053) MicroA remote codeHigh An attacker could CVE-2010-2560
indows Server 2003 (Service Pac 5596 Microsoft WindowsThe
The "DCOM: Mac
Informational
Digitally sign The
communications "DCOM:policy
Machine Launch
wasRest
HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
(always) setting detected on th
indows Server 2003 (Service Pac 5610 Microsoft Windows Informational The flaw lies in the toStaticHTML API. Succes
indows Server 2003 (Service Pac 12235 (MS11-050) MicrosAn informationMedium _x000D_ CVE-2011-1252
_x000D_ CVE-2007-3902
Microsoft InternetC Explorer m
indows Server 2003 (Service Pac 6424 (MS09-002) MicroA vulnerabilit High The flaw is specific
_x000D_ CVE-2009-0075
to the method used, by In
indows Server 2003 (Service Pac 8327 (MS10-018) MicroAn informationMedium The flaw allowsCVE-2010-0494
_x000D_ an attacker to run a script wh
_x000D_ provided
CVE-2009-0075
by Microsoft
C bulletin M
indows Server 2003 (Service Pac 13518 (MS12-023) MicrosA remote codeHigh The
The flaw
is due the waythe
to how theapplication
program access
handlea
indows Server 2003 (Service Pac 13106 Microsoft InterneAn informationMedium _x000D_ CVE-2011-4689
indows Server 2003 (Service Pac 8546 (MS10-022) VulnerA remote codeHigh If
Thea malicious Web
CVE-2010-0483
registry values site displayed
under this keyawere
specially
obtaic
indows Server 2003 (Service Pac 7555 Microsoft WindowThe registry Informational _x000D_
indows Server 2003 (Service Pac 8115 (MS10-018) MicrosA code executiHigh The flaw can occur
_x000D_ CVE-2010-0806
upon processing objects w
indows Server 2003 (Service Pac 15159 (MS13-051) VulnerA remote codeHigh Microsoft
CVE-2013-1331
MS13-051 to address
indows Server 2003 (Service Pac 6425 (MS09-002) MicroA vulnerabilit High The flaw is specific
CVE-2009-0076
to the method used by In
_x000D_
indows Server 2003 (Service Pac 9822 Microsoft Windows A security bypLow A security bypass vulnerability is present in s
indows Server 2003 (Service Pac 6173 (MS08-058) Micros A vulnerabilit High A vulnerabilit CVE-2008-3473
_x000D_
indows Server 2003 (Service Pac 12763 (MS11-081) Cumula Mutiple remote High Microsoft
CVE-2011-1993
MS11-081
C to address
indows Server 2003 (Service Pac 6982 Microsoft InternetA vulnerabilit Medium The flaw is specific
_x000D_ CVE-2009-2655
to a null pointer deferenc
indows Server 2003 (Service Pac 6906 (MS09-034) Micros A vulnerabilit High The flaw is specific
_x000D_ CVE-2009-1917
to a memory corruption c
indows Server 2003 (Service Pac 9671 Microsoft InterneA denial of serMedium A denial of service vulnerability is present in
_x000D_
indows Server 2003 (Service Pac 11249 (MS11-003) Micros A remote codeHigh The vulnerability
_x000D_ CVE-2011-0035
is specific to the use of an o
indows Server 2003 (Service Pac 10797 McAfee VirusScanMcAfee VirusSc Informational _x000D_
indows Server 2003 (Service Pac 6748 (MS09-019) Micros A vulnerabilit High _x000D_ CVE-2009-1531
indows Server 2003 (Service Pac 13462 Microsoft Windows A privilege es Medium The flaw lies inCVE-2010-1886
the way that the Windows Te
indows Server 2003 (Service Pac 6879 Microsoft WindowThe Microsoft Informational The Microsoft Windows computer
indows Server 2003 (Service Pac 4138 Windows FirewallThe Microsoft Informational
W The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 10890 (MS10-090) MicroAn remote code High The vulnerability
_x000D_ CVE-2010-3340
indows Server 2003 (Service Pac 10855 (MS10-090) Cumula Multiple vulneHigh Microsoft
This checkhasonlyissued
CVE-2010-3340
MS10-090
attempts C to resolve
to establish th
a NetBI
indows Server 2003 (Service Pac 13017 NetBIOS Null SessNetBIOS Null sInformational
indows Server 2003 (Service Pac 11141 Microsoft Windo The Microsoft Informational The Microsoft Windows computer
_x000D_
indows Server 2003 (Service Pac 11096 Daytime Service Daytime servicInformational Daytime_x000D_ service was detected on the host.
indows Server 2003 (Service Pac 8490 NetBIOS Names InMicrosoft Net Informational Microsoft
_x000D_ NetBIOS names information was d
indows Server 2003 (Service Pac 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS_x000D_ bindings information was detected
indows Server 2003 (Service Pac 12006 ICMP Timestamp An Re informationLow An informationCVE-1999-0524
disclosure vulnerability is pre
indows Server 2003 (Service Pac 8966 Raw Socket Test Detect for ICMInformational Detect for ICMP reply from tar
indows Server 2003 (Service Pac 8969 Raw Socket Test Detect for opeInformational Detect _x000D_ for opened TCP port on
indows Server 2003 (Service Pac 7783 Microsoft WindowThe server is Informational The _x000D_ is running the Microsoft Windows
server
indows Server 2003 (Service Pac 7897 Microsoft ASP.NEA list of file Informational A list of file extensions handled by the ASP.N
_x000D_
indows Server 2003 (Service Pac 8239 Microsoft IIS Ser Microsoft InteInformational Microsoft
_x000D_ IIS was detected on the host.
indows Server 2003 (Service Pac 8323 Microsoft IIS NTL Microsoft InteInformational _x000D_
Microsoft IIS NTLM Authentication is disabled
indows Server 2003 (Service Pac 8342 Microsoft IIS An Microsoft InteInformational Microsoft
_x000D_ IIS anonymous access is enabled.
indows Server 2003 (Service Pac 8344 Microsoft IIS Bas Microsoft InteInformational Microsoft
_x000D_ IIS Basic Authentication scheme is
indows Server 2003 (Service Pac 8385 Microsoft IIS Ho Microsoft InteInformational Microsoft
_x000D_ IIS "Use Host Header Name" settin
_x000D_ IIS server extensions were enumer
indows Server 2003 (Service Pac 9832 HTTP Proxy ServeHTTP proxy serInformational HTTP _x000D_proxy server allows CONNECT requests
indows Server 2003 (Service Pac 11218 Web Server HTTPHTTP protocolInformational HTTP _x000D_protocol version was obtained from the
indows Server 2003 (Service Pac 12256 Web Server HTTPHTTPThereDELETE m
Informational
is an information HTTP
disclosure DELETE
Thevulnerability
same method
vulnerability
presentaccess
could was
in some allowed
alsoversions on
cause a de
of
indows Server 2003 (Service Pac 13846 Microsoft IIS Tild Low _x000D_
indows Server 2003 R2 (Service 864 NetBIOS NBTSTATIt is possible Informational Where target_system CVE-MAP-NOMA
indows Server 2003 R2 (Service 1615 Microsoft WindowThe ComputerInformational
indows Server 2003 R2 (Service 1623 Microsoft WindowThe Network Co Informational Manages object CVE-MAP-NOMA
indows Server 2003 R2 (Service 1618 Microsoft WindowThe IIS Admin Informational Necessary for CVE-MAP-NOMA
indows Server 2003 R2 (Service 1627 Microsoft WindowThe Remote Acc Informational Creates a con CVE-MAP-NOMA
indows Server 2003 R2 (Service 1632 Microsoft WindowThe System Eve Informational Tracks system CVE-MAP-NOMA
indows Server 2003 R2 (Service 1631 Microsoft WindowThe Server serInformational Supports file, CVE-MAP-NOMA
indows Server 2003 R2 (Service 1628 Microsoft WindowThe Remote Reg Informational Enables remote CVE-MAP-NOMA
indows Server 2003 R2 (Service 1625 Microsoft WindowThe Print SpoolInformational Loads files to CVE-MAP-NOMA
indows Server 2003 R2 (Service 1659 Microsoft WindowThe Error RepoInformational Allows error r CVE-MAP-NOMA
indows Server 2003 R2 (Service 1634 Microsoft WindowThe Task SchedInformational Enables a userCVE-MAP-NOMA
indows Server 2003 R2 (Service 1660 Microsoft WindowThe DNS ClientInformational Resolves
Microsoftand cCVE-MAP-NOMA
Security Bulletin MS03-011:_x000D
indows Server 2003 R2 (Service 1651 (MS03-011) MicroA vulnerabilit High http://www.microsoft.com/technet/security
CVE-2003-0111
indows Server 2003 R2 (Service 1638 Microsoft WindowThe SecondaryInformational Enables starti CVE-MAP-NOMA
indows Server 2003 R2 (Service 1657 Microsoft WindowThe Help and SInformational Enables Help aCVE-MAP-NOMA
indows Server 2003 R2 (Service 1633 Microsoft WinNT/A list of the s Informational The services l CVE-MAP-NOMA
indows Server 2003 R2 (Service 1635 Microsoft WindowThe TCP/IP NetInformational Enables supporCVE-MAP-NOMA
indows Server 2003 R2 (Service 1661 Microsoft WindowThe DHCP Clien Informational Manages netwo CVE-MAP-NOMA
indows Server 2003 R2 (Service 1644 Microsoft WindowThe Terminal SInformational Allows multiplCVE-MAP-NOMA
indows Server 2003 R2 (Service 1653 Microsoft WindowThe Event Log Informational Enables
_x000D_eventCVE-MAP-NOMA
indows Server 2003 R2 (Service 1703 Clear Pagefile On The Microsoft Informational Default: Disabled.
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1694 Microsoft Windo The Microsoft Informational Active Data ObCVE-MAP-NOMA
indows Server 2003 R2 (Service 1713 Microsoft WindowThe ASP .NET vInformational ASP .NET proviCVE-MAP-NOMA
indows Server 2003 R2 (Service 1737 Microsoft Windows The Digitally Informational When enabled,CVE-MAP-NOMA
indows Server 2003 R2 (Service 1664 Microsoft Windows The BackgroundInformational Uses idle netwCVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1730 Microsoft WindowThe Require StInformational Default: Disabled
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1663 Microsoft WindowThe COM+ Syste Informational Manages the cCVE-MAP-NOMA
indows Server 2003 R2 (Service 1695 Allow Undock WitThe Microsoft Informational Determines whe CVE-2002-0157 C
indows Server 2003 R2 (Service 1671 Microsoft WindowThe Security AInformational Stores securityCVE-MAP-NOMA
indows Server 2003 R2 (Service 1670 Microsoft WindowThe ProtectedInformational Provides
indows Server 2003 R2 (Service 1714 Microsoft WindowThe version ofInformational Microsoft releases
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1681 Microsoft Windo The Management Informational Provides a comCVE-MAP-NOMA
indows Server 2003 R2 (Service 1662 Microsoft WindowThe Cryptograp Informational Provides threeCVE-MAP-NOMA
indows Server 2003 R2 (Service 1668 Microsoft WindowThe Network Lo Informational Collects and s CVE-MAP-NOMA
indows Server 2003 R2 (Service 1680 Microsoft WindowThe Windows Informational
indows Server 2003 R2 (Service 1699 Microsoft WindowThe Microsoft Informational Microsoft Jet CVE-MAP-NOMA
indows Server 2003 R2 (Service 1740 Microsoft WindowThe Do not al Informational This setting c CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1722 Microsoft Windo The host has tInformational If the two or more network interfaces are co
indows Server 2003 R2 (Service 1675 Microsoft WindowDetermine if MInformational Provides Telephony API (TAPI)
indows Server 2003 R2 (Service 1701 Do Not Display LaThe Microsoft Informational With this poli CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2836 Unsigned Non-driv The unsigned nInformational Default: Warn CVE-MAP-NOMA
indows Server 2003 R2 (Service 2430 Microsoft WindowThe WorkstatioInformational This service
_x000D_ roCVE-MAP-NOMA
indows Server 2003 R2 (Service 2880 Microsoft Windows The "Network Informational
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2873 Microsoft WindowThe system is Informational The cdrom auto CVE-2000-0155
indows Server 2003 R2 (Service 1787 Microsoft WindowThe Lockout ThInformational Determines the number of failed
indows Server 2003 R2 (Service 1785 Microsoft WindowMicrosoft Wind Informational The number ofCVE-1999-0582
indows Server 2003 R2 (Service 2874 Microsoft WindowFor new users,Informational The autorun orCVE-MAP-NOMA
indows Server 2003 R2 (Service 1804 Microsoft Windows The Microsoft Informational This policy s CVE-MAP-NOMA
indows Server 2003 R2 (Service 1803 Microsoft WindowThe Microsoft Informational This policy se CVE-1999-0535
indows Server 2003 R2 (Service 2442 Microsoft Windows The Distributed
Informational This service maCVE-MAP-NOMA
indows Server 2003 R2 (Service 2444 Microsoft WindowThe Net LogonInformational This service prCVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1765 Microsoft WindowThe LAN Manage Informational NTLMv2
_x000D_is a moreCVE-2001-0705
indows Server 2003 R2 (Service 2838 Microsoft Windo One or more na Informational At least one anonymously-accessible
_x000D_ CVE-MAP-NOMA named
indows Server 2003 R2 (Service 1792 Microsoft Windows The Enable SecInformational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2875 Drive Autorun PolThe system is Informational The autorun orCVE-MAP-NOMA
indows Server 2003 R2 (Service 2436 Microsoft WindowThe IPSEC ServInformational This service prCVE-MAP-NOMA
indows Server 2003 R2 (Service 1752 Restrict CD-ROM TAhe restrict C Informational By default, an CVE-1999-0594
indows Server 2003 R2 (Service 2443 Microsoft WindowThe DistributeInformational This service coCVE-MAP-NOMA
indows Server 2003 R2 (Service 2872 Bluescreen Auto The system is Informational The blue screeCVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1759 Microsoft WindowThe minimum Informational
password age setting on the h
indows Server 2003 R2 (Service 1755 Number Of PrevioThe Number ofInformational Determines
_x000D_ the CVE-MAP-NOMA
indows Server 2003 R2 (Service 1758 Microsoft WindowThe Smart cardInformational Force Logoff - Users are automatically logged
_x000D_
indows Server 2003 R2 (Service 1794 Enable ICMP RediTheThe Enable
Do not ICM Informational
store LAN Manager HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
hash value onCVE-MAP-NOMA
next password change policy s
indows Server 2003 R2 (Service 1744 Microsoft Window Informational Enabling
indows Server 2003 R2 (Service 1749 .NET Passport CreThe Do not all Informational Default: Disabled CVE-MAP-NOMA
indows Server 2003 R2 (Service 2441 Microsoft WindowThe Shell HardInformational This service prCVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2879 Microsoft WindowThe "System CrInformational Ensure permissions CVE-MAP-NOMA
indows Server 2003 R2 (Service 1754 Restrict Floppy A The restrict fl Informational This setting d CVE-1999-0594
indows Server 2003 R2 (Service 2828 Default Guest Ac The guest accoInformational An account nam
indows Server 2003 R2 (Service 2878 Microsoft WindowThe Dr. Watson Informational Ensure permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1756 Require DC authen The Require Do Informational When
_x000D_enabled,CVE-2002-0157
indows Server 2003 R2 (Service 2414 Microsoft WindowThe AutomaticInformational The AutomaticCVE-MAP-NOMA
indows Server 2003 R2 (Service 2439 Microsoft WindowThe Remote Pro Informational This service prCVE-MAP-NOMA
indows Server 2003 R2 (Service 2415 Microsoft WindowThe COM+ Event Informational This service prCVE-MAP-NOMA
indows Server 2003 R2 (Service 1850 Microsoft WindowThe maximumInformational
_x000D_ Se
B Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 3995 Microsoft WindowAnonymous user Informational http://www.microsoft.com/resources/docum
indows Server 2003 R2 (Service 2908 Microsoft WindowThe Audit Acc Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2961 User Rights Profil The User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 4135 Windows FirewallThe Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2917 User Rights AllowThe User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 4103 Basic AuthenticatThe Microsoft Informational Microsoft
indows Server 2003 R2 (Service 2918 User Rights Backup The User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 4102 WebDAV Basic Aut The Microsoft Informational Microsoft
indows Server 2003 R2 (Service 2888 Microsoft WindowThe Perform Ro Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2912 Audit Policy ChanThe Audit Pol Informational NOTE: This check CVE-1999-0575
indows Server 2003 R2 (Service 4126 Windows FirewallThe Microsoft Informational The Microsoft
indows Server 2003 R2 (Service 2883 Microsoft Windows The legal noti Informational Ensure that the legal notice text and caption
_x000D_
indows Server 2003 R2 (Service 2913 Audit Privilege UsThe Audit Pri Informational NOTE: This check CVE-1999-0575
_x000D_
indows Server 2003 R2 (Service 2909 Audit Account MaThe Audit Acc Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 3959 Microsoft Windows The AdministrInformational The users detected within the
indows Server 2003 R2 (Service 4136 Windows FirewallThe S Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2966 User Rights Shut The User Righ Informational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2887 Microsoft WindowThe Remove Adm Informational Ensure permissions CVE-MAP-NOMA
indows Server 2003 R2 (Service 2964 User Rights ReplaThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4008 Microsoft WindowThe Microsoft Informational The value for this
indows Server 2003 R2 (Service 3976 Microsoft Windows The permissionInformational CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2957 User Rights Log OnThe User RightInformational NOTE:_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4025 Microsoft Windows The Microsoft Informational NOTE: This check CVE-1999-0575
indows Server 2003 R2 (Service 4104 USB Block StorageThe Microsoft Informational Microsoft
indows Server 2003 R2 (Service 4005 Microsoft Windows The "Log
_x000D_ on asInformational NOTE:
_x000D_ This check
CVE-1999-0534
indows Server 2003 R2 (Service 2987 Power Users Grou Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 4108 Security Center i Autoplay
The Microsoft
is notInformational The Microsoft
disabled on all drive types for CVE-MAP-NOMA
_x000D_ all local accounts and therefor
indows Server 2003 R2 (Service 2986 Disable Autoplay Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2914 Audit System EvenThe Audit Sys Informational NOTE: This check CVE-1999-0575
indows Server 2003 R2 (Service 4105 MSDTC Inbound Ac The Microsoft Informational Microsoft Wind CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4004 Microsoft Windows The "Impersona Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2970 User Rights LogonThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2891 Microsoft WindowThe "System Ob Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2911 Audit Object AcceThe Audit Obj Informational _x000D_
NOTE: This checkCVE-1999-0575
requires at least
C Foundston
_x000D_
indows Server 2003 R2 (Service 2919 User Rights BypasThe User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2963 User Rights RemoThe User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2965 User Rights RestorThe User RightInformational NOTE:_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2885 Microsoft WindowThe Name-poliInformational Ensure permissions CVE-MAP-NOMA
indows Server 2003 R2 (Service 4018 Microsoft WindowOne or more Mi Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2003 R2 (Service 2910 Audit Logon EventThe Audit Log Informational The Audit LogoCVE-1999-0575
_x000D_
indows Server 2003 R2 (Service 2920 User Rights Chan The User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2915 User Rights Acce The User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2947 User Rights Deny The User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 3316 Microsoft WindowIt was possibl Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2003 R2 (Service 4007 Microsoft WindowThe "Adjust meInformational NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 4113 Windows FirewallTheS Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 3994 Microsoft Windows The file permi Informational CVE-MAP-NOMA
indows Server 2003 R2 (Service 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS_x000D_ RPC Interface Detected.
indows Server 2003 R2 (Service 11192 Microsoft RemoteMicrosoft Remo Informational Microsoft
indows Server 2003 R2 (Service 12464 (MS11-066) Micros A information Medium The flawfile
A hosts is due CVE-2011-1977
to the incorrect
configuration verifyingOper
of a Windows of fu
indows Server 2003 R2 (Service 13430 Windows Hosts FiA hosts file c Informational _x000D_
indows Server 2003 R2 (Service 13043 Microsoft InterneAn informationLow An
A DNSinformation CVE-2002-2435
configuration disclosure vulnerability
of a Windows is pre
Operating
indows Server 2003 R2 (Service 13429 Windows DNS Conf A DNS configuInformational _x000D_
indows Server 2003 R2 (Service 12840 Microsoft Windows Multiple DNS pLow Multiple DNS poisoning vulnerabilities are pr
indows Server 2003 R2 (Service 5685 Microsoft WindowThe usernameInformational
o The username of the last user
_x000D_
indows Server 2003 R2 (Service 6982 Microsoft InternetA vulnerabilit Medium The flaw is specific
_x000D_ CVE-2009-2655
indows Server 2003 R2 (Service 5256 Microsoft Windows Screen saver gInformational Ensure permissions comply with enterprise p
indows Server 2003 R2 (Service 4615 Administrator Us Members of the High Under
_x000D_ Microsof CVE-1999-0535
indows Server 2003 R2 (Service 6936 Microsoft InterneA vulnerabilityLow A
Thevulnerability
flaw is dueCVE-2009-2433
istopresent
when the in Microsoft Interne
Proxy address an
indows Server 2003 R2 (Service 14656 Microsoft InternetA denial of serMedium _x000D_ CVE-2013-1451
indows Server 2003 R2 (Service 5859 Windows User ProUser profiles Informational User _x000D_ profiles were found on the Windows ho
indows Server 2003 R2 (Service 13735 Microsoft Wordpad A denial of se High The
A remotelies
flaw codein aexecution
null pointer reference.exists
vulnerability Succ
indows Server 2003 R2 (Service 12259 (MS11-039) MicroA remote codeHigh The flaw is caused CVE-2011-0664
when the .NET Framework
indows Server 2003 R2 (Service 13144 Microsoft Windows A denial of serHigh A
Thedenial
flaw of service
is due vulnerabilit
to how the application handle
indows Server 2003 R2 (Service 13106 Microsoft InterneAn informationMedium CVE-2011-4689
indows Server 2003 R2 (Service 10804 Windows Installe It was possibl Informational It was possible to enumerate i
_x000D_
indows Server 2003 R2 (Service 10000 Microsoft Java Vi A URL parsing High A URL parsing CVE-2002-1286
vulnerability is present in some
indows Server 2003 R2 (Service 5265 Microsoft Windows Internet ExploInformational Internet
4. A serviceExplorer
is using Enhanced Secu not perm
a user account
indows Server 2003 R2 (Service 4617 Microsoft Windows A Microsoft WiInformational The 5. A flaw
service is installed
occurs due to that shouldHTML
Microsoft not be ins
Help
indows Server 2003 R2 (Service 11873 Microsoft HTML HA remote codeHigh _x000D_
indows Server 2003 R2 (Service 14505 Microsoft XML CorAn obsolete veInformational An obsolete version of Microsoft XML Core S
_x000D_
indows Server 2003 R2 (Service 9822 Microsoft Windows A security bypLow A security bypass vulnerability is present in s
_x000D_
indows Server 2003 R2 (Service 5606 Microsoft WindowThe Security EInformational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
CVE-MAP-NOMA
indows Server 2003 R2 (Service 6879 Microsoft WindowThe Microsoft Informational The Microsoft Windows computer
indows Server 2003 R2 (Service 5533 Microsoft WindowA list of loca Informational A list of local groups was obta
_x000D_
indows Server 2003 R2 (Service 9705 (MS10-060) Micros A remote codeHigh The flaw may allow CVE-2010-1898
a specially crafted Micros
indows Server 2003 R2 (Service 4434 Enumerate Admini List the users Informational Under Microsoft Windows role-b
indows Server 2003 R2 (Service 5733 Microsoft WindowThe host has aInformational The host has at least one shar
_x000D_
indows Server 2003 R2 (Service 9518 Mcafee VirusScanMcAfee VirusSc
A privilege Informational
escalation McAfee
vulnerability VirusScan
Theisvulnerability
present some isversions
can installed ofonMicrosoft
be exploited the
byhost and
a proce
Wi
indows Server 2003 R2 (Service 9839 Microsoft Windows Medium _x000D_ CVE-2010-1886
indows Server 2003 R2 (Service 4784 Intel LAN Driver BA buffer-overflHigh A vulnerabilityCVE-2006-6385
exists in various Intel LAN driv
indows Server 2003 R2 (Service 5590 Microsoft Windows The User RightInformational The User Rights "Deny log on loc
_x000D_
indows Server 2003 R2 (Service 9069 (MS10-041) Vulner A vulnerabilit Medium The vulnerability
_x000D_ CVE-2009-0217
indows Server 2003 R2 (Service 8691 Internet Explorer A cross-site scMedium A cross-site scripting
CVE-2010-1489
vulnerability is present
indows Server 2003 R2 (Service 5591 Microsoft Windows The User RightInformational
Customer would like FoundstoneThetoUser Rights
be able "Deny the
to report log on t
currently logged o
indows Server 2003 R2 (Service 4423 Report Current L Informational Windows
_x000D_ NT-based operating sy
indows Server 2003 R2 (Service 5250 Microsoft WindowAllow ICMP redInformational Ensure_x000D_ permissions comply with enterprise p
indows Server 2003 R2 (Service 4658 Microsoft IIS Det Microsoft InteInformational If the DisplayName and ImagePath keys exist
indows Server 2003 R2 (Service 7232 Microsoft Windo The target's Informational _x000D_ CVE-MAP-NOMA
indows Server 2003 R2 (Service 13392 Microsoft InterneA denial of serMedium The lies in a memoryCVE-2012-1545
indows Server 2003 R2 (Service 5543 Enumerate EnableMicrosoft WinInformational Administrative
indows Server 2003 R2 (Service 7139 Microsoft InterneA vulnerabilit Medium A vulnerabilityCVE-2009-3003
indows Server 2003 R2 (Service 10165 Microsoft WindowShares were foInformational _x000D_
indows Server 2003 R2 (Service 14347 Microsoft .NET F An obsolete veInformational An obsolete version of Microsoft .NET Frame
_x000D_
indows Server 2003 R2 (Service 9086 (MS10-041) MicroA vulnerabilit Medium The vulnerability
_x000D_ CVE-2009-0217
indows Server 2003 R2 (Service 5007 Microsoft Windows A vulnerabilit Low Microsoft Windows 2000, XP, and Vista are a
indows Server 2003 R2 (Service 5596 Microsoft Windows The "DCOM: Mac Informational The "DCOM: Machine Launch Rest
_x000D_
indows Server 2003 R2 (Service 14914 Microsoft Enhance Microsoft EnhaInformational The flaw is due to when the Proxy address an
indows Server 2003 R2 (Service 14655 Microsoft InterneAn informationMedium _x000D_ CVE-2013-1450
indows Server 2003 R2 (Service 7405 Microsoft InterneA vulnerabilityInformational The printing functionality
indows Server 2003 R2 (Service 5254 Microsoft Windows Windows file nInformational Ensure permissions comply with enterprise p
indows Server 2003 R2 (Service 5474 Display all detec Informational Informational _x000D_
Informational script to display
indows Server 2003 R2 (Service 12703 Microsoft WindowAn insecure li High The
The flaw is byvalues
registry aCVE-2010-3143
design weakness
under this keyexhibited d
were obtai
indows Server 2003 R2 (Service 7555 Microsoft WindowThe registry Informational _x000D_
indows Server 2003 R2 (Service 4916 Microsoft Windows The legal noticInformational Ensure that both CVE-1999-0590
indows Server 2003 R2 (Service 5595 Microsoft Windows The "DCOM: Mac Informational The "DCOM: Machine Access Rest
_x000D_
indows Server 2003 R2 (Service 9410 Microsoft InterneA remote denial Low A remote denial of service vulnerability is pre
indows Server 2003 R2 (Service 4427 Check users who Determined tha Informational Some accounts password was fo
indows Server 2003 R2 (Service 4138 Windows FirewallThe Microsoft Informational
_x000D_
indows Server 2003 R2 (Service 10797 McAfee VirusScanMcAfee VirusSc Informational _x000D_
indows Server 2003 R2 (Service 6652 Microsoft WindowThe "PasswordInformational The setting on the host does not comply with
_x000D_
indows Server 2003 R2 (Service 13462 Microsoft Windows A privilege
The Digitallyessign
Medium The
communications flaw liespolicy
inCVE-2010-1886
thesetting
way that
(always) wasthe Windows
detected onTe
th
indows Server 2003 R2 (Service 5610 Microsoft Windows Informational _x000D_
indows Server 2003 R2 (Service 11534 Microsoft InterneA spoofing vulnMedium The flaw is specific to a weakness when upda
_x000D_
indows Server 2003 R2 (Service 10615 Microsoft Data AccA remote codeHigh CVE-2010-4182
indows Server 2003 R2 (Service 6821 Microsoft InterneInternet ExploInformational The This Microsoft
check onlyInternet
attempts Explore
to establish a NetBI
indows Server 2003 R2 (Service 13017 NetBIOS Null SessNetBIOS Null sInformational
indows Server 2003 R2 (Service 11141 Microsoft Windo The Microsoft Informational The Microsoft Windows computer
_x000D_
indows Server 2003 R2 (Service 11140 McAfee VirusSca McAfee VirusSc Informational McAfee
_x000D_VirusScan is running on the target ho
indows Server 2003 R2 (Service 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS
_x000D_ bindings information was detected
indows Server 2003 R2 (Service 8490 NetBIOS Names InMicrosoft Net Informational Microsoft NetBIOS names information was d
indows Server 2003 R2 (Service 8966 Raw Socket Test Detect for ICMInformational _x000D_
Detect for ICMP reply from tar
indows Server 2003 R2 (Service 12006 ICMP Timestamp An Re informationLow An informationCVE-1999-0524
indows Server 2003 R2 (Service 8969 Raw Socket Test Detect for opeInformational Detect
_x000D_ for opened TCP port on
indows Server 2003 R2 (Service 7783 Microsoft WindowThe server is Informational The server is running the Microsoft Windows
_x000D_
indows Server 2003 R2 (Service 7897 Microsoft ASP.NEA list of file Informational A list
_x000D_of file extensions handled by the ASP.N
indows Server 2003 R2 (Service 8239 Microsoft IIS Ser Microsoft InteInformational Microsoft
indows Server 2003 R2 (Service 8323 Microsoft IIS NTL Microsoft InteInformational Microsoft
_x000D_ IIS NTLM Authentication is disabled
indows Server 2003 R2 (Service 8342 Microsoft IIS An Microsoft InteInformational Microsoft
indows Server 2003 R2 (Service 8344 Microsoft IIS Bas Microsoft InteInformational _x000D_
Microsoft IIS Basic Authentication scheme is
indows Server 2003 R2 (Service 8385 Microsoft IIS Ho Microsoft InteInformational Microsoft
indows Server 2003 R2 (Service 11218 Web Server HTTPHTTP protocolInformational HTTP protocol version was obtained from the
There is an information disclosure
Thevulnerability
same vulnerability
presentcould
in some
alsoversions
cause a de
of
indows Server 2003 R2 (Service 13846 Microsoft IIS Tild Low _x000D_
indows Server 2003 R2 (Service 1614 Microsoft WindowThe ASP .NET SInformational Provides suppoCVE-MAP-NOMA
indows Server 2003 R2 (Service 1653 Microsoft WindowThe Event Log Informational Enables eventCVE-MAP-NOMA
indows Server 2003 R2 (Service 1660 Microsoft WindowThe DNS ClientInformational Resolves and cCVE-MAP-NOMA
indows Server 2003 R2 (Service 1659 Microsoft WindowThe Error RepoInformational Allows_x000D_error r CVE-MAP-NOMA
indows Server 2003 R2 (Service 1730 Microsoft WindowThe Require StInformational Default: Disabled CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1703 Clear Pagefile On The Microsoft Informational Default: Disabled. CVE-MAP-NOMA
indows Server 2003 R2 (Service 1675 Microsoft WindowDetermine if MInformational Provides
indows Server 2003 R2 (Service 1670 Microsoft WindowThe ProtectedInformational Provides proteCVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1714 Microsoft WindowThe version ofInformational Microsoft
_x000D_ releases
CVE-MAP-NOMA
_x000D_ Se
indows Server 2003 R2 (Service 1755 Number Of PrevioThe Number ofInformational Determines the CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA named
indows Server 2003 R2 (Service 2442 Microsoft Windows The DistributedInformational This service maCVE-MAP-NOMA
indows Server 2003 R2 (Service 2430 Microsoft WindowThe WorkstatioInformational This service roCVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2878 Microsoft WindowThe Dr. Watson Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1787 Microsoft WindowThe Lockout ThInformational Determines
indows Server 2003 R2 (Service 1765 Microsoft WindowThe LAN Manage Informational NTLMv2 is a moreCVE-2001-0705
indows Server 2003 R2 (Service 2828 Default Guest Ac The guest accoInformational An account nam CVE-MAP-NOMA
indows Server 2003 R2 (Service 2832 Members Of The Accounts wereInformational If an account CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1803 Microsoft WindowTheThe Microsoft Informational
Do not store LAN Manager This
hashpolicy
valueseonCVE-1999-0535
indows Server 2003 R2 (Service 1744 Microsoft Window Informational Enabling this CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1756 Require DC authen The Require Do Informational When enabled,CVE-2002-0157
_x000D_
B Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1794 Enable ICMP RediThe Enable ICM Informational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1804 Microsoft Windows The Microsoft Informational _x000D_
This policy s CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2912 Audit Policy ChanThe Audit Pol Informational NOTE:
_x000D_This check
CVE-1999-0575
indows Server 2003 R2 (Service 2888 Microsoft WindowThe Perform Ro Informational Ensure permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4130 Windows FirewallThe Microsoft Informational _x000D_
The Microsoft CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2887 Microsoft WindowThe Remove Adm Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4108 Security Center i The Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4103 Basic AuthenticatThe Microsoft Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2003 R2 (Service 2913 Audit Privilege UsThe Audit Pri Informational NOTE:_x000D_ This check
CVE-1999-0575
indows Server 2003 R2 (Service 2957 User Rights Log OnThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4005 Microsoft Windows The "Log on asInformational NOTE: This check CVE-1999-0534
_x000D_
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4104 USB Block StorageThe Microsoft Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2003 R2 (Service 4136 Windows FirewallTheS Microsoft
Autoplay is notInformational The
disabled on all driveMicrosoft
types for CVE-MAP-NOMA
indows Server 2003 R2 (Service 2986 Disable Autoplay Informational NOTE:_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2965 User Rights RestorThe User RightInformational NOTE:_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2911 Audit Object AcceThe Audit Obj Informational NOTE: This check CVE-1999-0575
requires at least
C Foundston
_x000D_
_x000D_
indows Server 2003 R2 (Service 4017 Microsoft Windo User accountsInformational _x000D_ One or more userCVE-MAP-NOMA
account is a member of a g
indows Server 2003 R2 (Service 2918 User Rights BackupThe User RightInformational NOTE:_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2919 User Rights BypasThe User Righ Informational NOTE: This check CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 4007 Microsoft WindowThe "Adjust meInformational NOTE:_x000D_ This checkCVE-MAP-NOMA
indows Server 2003 R2 (Service 2920 User Rights Chan The User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 4105 MSDTC Inbound Ac The Microsoft Informational Microsoft
indows Server 2003 R2 (Service 2914 Audit System EvenThe Audit Sys Informational NOTE:
_x000D_ This check
CVE-1999-0575
indows Server 2003 R2 (Service 2883 Microsoft Windows The legal noti Informational Ensure
indows Server 2003 R2 (Service 3976 Microsoft Windows The permissionInformational _x000D_ CVE-MAP-NOMA
indows Server 2003 R2 (Service 4008 Microsoft WindowThe Microsoft Informational The value
_x000D_ for CVE-MAP-NOMA
this security option does not m
indows Server 2003 R2 (Service 2963 User Rights RemoThe User Righ Informational NOTE:_x000D_ This checkCVE-MAP-NOMA
indows Server 2003 R2 (Service 2915 User Rights Acce The User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 3994 Microsoft Windows The file permi Informational _x000D_ CVE-MAP-NOMA
indows Server 2003 R2 (Service 11192 Microsoft RemoteMicrosoft Remo Informational Microsoft Remote Procedure Call Service wa
indows Server 2003 R2 (Service 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS RPC Interface Detected.
indows Server 2003 R2 (Service 9069 (MS10-041) Vulner A vulnerabilit Medium The vulnerability CVE-2009-0217
indows Server 2003 R2 (Service 4434 Enumerate Admini List the users Informational Under
_x000D_ Microsoft Windows role-b
indows Server 2003 R2 (Service 12840 Microsoft Windows Multiple DNS pLow Multiple
indows Server 2003 R2 (Service 14417 Oracle Java SE ObAn obsolete veInformational An Theobsolete
flaw is dueversion
to howof Oracle Java SE ishandle
the application dete
_x000D_
_x000D_
indows Server 2003 R2 (Service 7405 Microsoft InterneA vulnerabilityInformational A The printing
hosts functionality
CVE-2009-4073
file configuration in aMicrosoft
of WindowsIntern
Oper
indows Server 2003 R2 (Service 13430 Windows Hosts FiA hosts file c Informational
indows Server 2003 R2 (Service 5474 Display all detec Informational Informational Informational
indows Server 2003 R2 (Service 9086 (MS10-041) MicroA vulnerabilit Medium The vulnerability CVE-2009-0217
_x000D_
indows Server 2003 R2 (Service 9518 Mcafee VirusScanMcAfee VirusSc Informational McAfee
indows Server 2003 R2 (Service 13392 Microsoft InterneA denial of serMedium The lies in a memory
_x000D_ CVE-2012-1545
indows Server 2003 R2 (Service 14464 Oracle Java SE OpA denial of serMedium The flaw is dueCVE-2012-5373
_x000D_ to hash functions are not suffi
indows Server 2003 R2 (Service 9496 Sun Java SDK/JDKMultiple
J vulneMedium Multiple vulnerabilities
CVE-2007-5232
are present
C in some v
indows Server 2003 R2 (Service 6821 Microsoft InterneInternet ExploInformational The Microsoft
_x000D_ Internet Explore
_x000D_
indows Server 2003 R2 (Service 5752 Microsoft InterneA vulnerabilityMedium aA vulnerability CVE-2008-1368
DNS configurationis present
of a in Microsoft
Windows Interne
Operating
indows Server 2003 R2 (Service 13429 Windows DNS Conf A DNS configuInformational The registry values under this key were obtai
indows Server 2003 R2 (Service 7555 Microsoft WindowThe
The registry Informational
Digitally sign communications
(always) policy setting was detected on th
indows Server 2003 R2 (Service 9996 Sun Java 2 PlatforA privilege es Medium A privilege escalation
_x000D_ CVE-2005-1974
indows Server 2003 R2 (Service 8500 Oracle Java SE S A code executiMedium An unspecifiedCVE-2010-0839
_x000D_ vulnerability in the Sound com
indows Server 2003 R2 (Service 9381 Microsoft InterneA vulnerabilityMedium A vulnerability
_x000D_ CVE-2010-3886
indows Server 2003 R2 (Service 5254 Microsoft Windows Windows file nInformational Ensure
indows Server 2003 R2 (Service 9498 Sun Java SDK/JDKA security res Medium A security restriction
CVE-2007-5236
bypass vulnerability is p
indows Server 2003 R2 (Service 5595 Microsoft Windows The "DCOM: Mac Informational The4. A "DCOM:
service isMachine Access
using a user Rest not perm
account
indows Server 2003 R2 (Service 4617 Microsoft Windows A Microsoft WiInformational 5. A service is installed that should not be ins
_x000D_
indows Server 2003 R2 (Service 13043 Microsoft InterneAn information Low An
Theinformation
A privilege escalation vulnerability CVE-2002-2435
isvulnerability
present somedisclosure vulnerability
canversions
be exploited
of Microsoftis pre
by a proce
Wi
_x000D_
indows Server 2003 R2 (Service 14914 Microsoft Enhance Microsoft EnhaInformational _x000D_
indows Server 2003 R2 (Service 5457 Microsoft InterneA vulnerabilityMedium A vulnerabilityCVE-2007-4478
indows Server 2003 R2 (Service 9500 Sun Java SDK/JDKAn informationLow An informationCVE-2007-5238
indows Server 2003 R2 (Service 4427 Check users who Determined tha Informational Some
_x000D_ accounts password was fo
indows Server 2003 R2 (Service 14347 Microsoft .NET F An obsolete veInformational An obsolete
_x000D_ version of Microsoft .NET Frame
indows Server 2003 R2 (Service 4890 Sun MicrosystemsA vulnerabilityMedium A vulnerabilityCVE-2007-0243
_x000D_ is present in Sun JDK and JRE
indows Server 2003 R2 (Service 5511 Microsoft Intern A vulnerabilit Medium A design flaw in
_x000D_ CVE-2007-5158
Microsoft Internet Explorer m
indows Server 2003 R2 (Service 8639 Sun Java RuntimeCheck for Sun Informational _x000D_
Check for Sun Java Runtime Environment is in
indows Server 2003 R2 (Service 6620 Sun Java RuntimeA vulnerabilit Medium A vulnerabilityCVE-2009-1093
_x000D_ exists in LdapCtx in the LDAP s
indows Server 2003 R2 (Service 5333 Sun Java WebStart A vulnerabilit Medium A vulnerabilityCVE-2007-3655
_x000D_ in Sun Java Runtime Environm
indows Server 2003 R2 (Service 5381 Sun Java JRE ApplA vulnerabilit Medium A vulnerabilityCVE-2007-3922
in the Java Runtime Environm
indows Server 2003 R2 (Service 5733 Microsoft WindowThe host has aInformational The _x000D_host has at least one shar
indows Server 2003 R2 (Service 14175 Update Rollup forMultiple remotMedium Multiple
indows Server 2003 R2 (Service 4916 Microsoft Windows The legal noticInformational Ensure
_x000D_ that both
CVE-1999-0590
indows Server 2003 R2 (Service 5506 Sun Java MultipleVulnerabilitie Medium VulnerabilitiesCVE-2007-5237
in the JRE may allow for secur
indows Server 2003 R2 (Service 5591 Microsoft Windows The User RightInformational _x000D_
indows Server 2003 R2 (Service 14463 Oracle Java SE OpA denial of serMedium The
_x000D_flaw is dueCVE-2012-2739
to hash functions are not suffi
indows Server 2003 R2 (Service 10797 McAfee VirusScanMcAfee VirusSc Informational
indows Server 2003 R2 (Service 6879 Microsoft WindowThe Microsoft Informational The _x000D_Microsoft Windows computer
indows Server 2003 R2 (Service 9671 Microsoft InterneA denial of serMedium A
_x000D_of service vulnerability is present in
denial
indows Server 2003 R2 (Service 5007 Microsoft Windows A vulnerabilit Low Microsoft
indows Server 2003 R2 (Service 9048 Microsoft Windows A private key Medium A private key disclosure
_x000D_ CVE-2005-1794
vulnerability is prese
indows Server 2003 R2 (Service 10165 Microsoft WindowShares were foInformational http://support.microsoft.com/default.aspx?s
indows Server 2003 R2 (Service 7232 Microsoft Windo The target's Informational CVE-MAP-NOMA
o The
_x000D_username of the last user
indows Server 2003 R2 (Service 5859 Windows User ProUser profiles Informational User profiles were found on the Windows ho
indows Server 2003 R2 (Service 15212 Update Rollup forUnknown vulner Medium Unknown
indows Server 2003 R2 (Service 13462 Microsoft Windows A privilege es Medium The
_x000D_flaw lies inCVE-2010-1886
indows Server 2003 R2 (Service 5256 Microsoft Windows Screen saver gInformational Ensure
indows Server 2003 R2 (Service 5250 Microsoft WindowAllow ICMP redInformational This Ensure permissions
check comply
only attempts to with enterprise
establish a NetBIp
indows Server 2003 R2 (Service 11141 Microsoft Windo The Microsoft Informational The _x000D_Microsoft Windows computer
indows Server 2003 R2 (Service 11140 McAfee VirusSca McAfee VirusSc Informational McAfee VirusScan is running on the target ho
_x000D_
indows Server 2003 R2 (Service 8966 Raw Socket Test Detect for ICMInformational Detect for ICMP reply from tar
indows Server 2003 R2 (Service 8969 Raw Socket Test Detect for opeInformational Detect for opened TCP port on
indows Server 2003 R2 (Service 8968 Raw Socket Test ITCP/ICMP replInformational Raw Socket Test IP Identifica
_x000D_
indows Server 2003 R2 (Service 7783 Microsoft WindowThe server is Informational The server
_x000D_ is running the Microsoft Windows
indows Server 2003 R2 (Service 7897 Microsoft ASP.NEA list of file Informational A list of file extensions handled by the ASP.N
_x000D_
indows Server 2003 R2 (Service 8344 Microsoft IIS Bas Microsoft InteInformational Microsoft
indows Server 2003 R2 (Service 8445 Microsoft IIS Ser Microsoft InteInformational _x000D_
Microsoft IIS server extensions were enumer
indows Server 2003 R2 (Service 11218 Web Server HTTPHTTP protocol Informational HTTP
There is an information disclosure protocol
Thevulnerability
same version
vulnerability
presentwas
couldobtained
in some from
alsoversions
cause the
a de
of
indows Server 2003 R2 (Service 571 FTP Anonymous Us A vulnerabilit Low All systems with
_x000D_ CVE-1999-0497
Anonymous FTP
indows Server 2003 R2 (Service 864 NetBIOS NBTSTATIt is possible Informational Where target_system
MS02-062:_x000D_ CVE-MAP-NOMA
indows Server 2003 R2 (Service 1599 Microsoft IIS We WebDAV functio Informational http://www.microsoft.com/technet/security
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1636 Microsoft WindowThe ApplicatioInformational Provides suppoCVE-MAP-NOMA
indows Server 2003 R2 (Service 1666 Microsoft WindowThe Network DD Informational Provides netwo CVE-MAP-NOMA
indows Server 2003 R2 (Service 1664 Microsoft Windows The Background Informational Uses idle netwCVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1722 Microsoft Windo The host has tInformational If the
_x000D_two or more network interfaces are co
indows Server 2003 R2 (Service 1714 Microsoft WindowThe version ofInformational Microsoft releases CVE-MAP-NOMA
indows Server 2003 R2 (Service 1694 Microsoft Windo The Microsoft Informational Active_x000D_ Data ObCVE-MAP-NOMA
indows Server 2003 R2 (Service 1668 Microsoft WindowThe Network Lo Informational Collects
_x000D_ and s CVE-MAP-NOMA
indows Server 2003 R2 (Service 1667 Microsoft Windo The Network DInformational Manages Dynami CVE-MAP-NOMA
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1752 Restrict CD-ROM TThe
Ahe restrict C Informational
Do not store LAN Manager By default,
hash value an
onCVE-1999-0594
_x000D_ enabled,CVE-2002-0157
_x000D_
indows Server 2003 R2 (Service 2879 Microsoft WindowThe "System CrInformational Ensure_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2878 Microsoft WindowThe Dr. Watson Informational Ensure permissionsCVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1749 .NET Passport CreThe Do not all Informational _x000D_
Default: Disabled
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2442 Microsoft Windows The Distributed Informational This service maCVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
Se
indows Server 2003 R2 (Service 2873 Microsoft WindowThe system is Informational _x000D_
The cdrom auto CVE-2000-0155
CVE-MAP-NOMA named
_x000D_
_x000D_is a more CVE-2001-0705
indows Server 2003 R2 (Service 2414 Microsoft WindowThe AutomaticInformational The AutomaticCVE-MAP-NOMA Updates/Windows Update se
_x000D_
_x000D_
_x000D_
indows Server 2003 R2 (Service 2957 User Rights Log On The User RightInformational NOTE:_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4004 Microsoft Windows The "Impersona Informational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2964 User Rights ReplaThe User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
_x000D_ permissions
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4102 WebDAV Basic Aut The Microsoft Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2003 R2 (Service 4113 Windows FirewallThe S Microsoft Informational The
_x000D_ Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2917 User Rights AllowThe User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 3995 Microsoft WindowAnonymous user
Autoplay is notInformational http://www.microsoft.com/resources/docum
disabled on all drive
_x000D_types for CVE-MAP-NOMA
all local accounts and therefor
_x000D_ This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4007 Microsoft WindowThe "Adjust meInformational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2963 User Rights RemoThe User Righ Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4008 Microsoft WindowThe Microsoft Informational CVE-MAP-NOMA
The value for this security option does not m
_x000D_
indows Server 2003 R2 (Service 2915 User Rights Acce The User Righ Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2970 User Rights LogonThe User RightInformational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2887 Microsoft WindowThe Remove Adm Informational Ensure permissions
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2965 User Rights RestorThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2891 Microsoft WindowThe "System Ob Informational Ensure permissions
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2911 Audit Object AcceThe Audit Obj Informational NOTE:
_x000D_ This check
CVE-1999-0575
requires at least
C Foundston
indows Server 2003 R2 (Service 2947 User Rights Deny The User Righ Informational NOTE: This check
_x000D_
_x000D_ This check
CVE-1999-0575
indows Server 2003 R2 (Service 2885 Microsoft WindowThe Name-poliInformational Ensure
_x000D_ permissions
CVE-MAP-NOMA
_x000D_ This check
CVE-1999-0575
indows Server 2003 R2 (Service 2920 User Rights Chan The User Righ Informational NOTE: This check
indows Server 2003 R2 (Service 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS
indows Server 2003 R2 (Service 11090 FTP Server Detec A FTP server wInformational A FTP server was detected on the host.
_x000D_
indows Server 2003 R2 (Service 11067 FTP Server With CFTP server witInformational FTP server with clear text authentication was
_x000D_
indows Server 2003 R2 (Service 6911 FTP Server FoundAn FTP server Informational An FTP server was detected on the host.
_x000D_
_x000D_
_x000D_
indows Server 2003 R2 (Service 9822 Microsoft Windows A security bypLow A
4. security
A servicebypass vulnerability
is using is present
a user account in s
not perm
_x000D_
indows Server 2003 R2 (Service 12682 (APSB11-26) Adobe A security bypMedium The flaw is specific
CVE-2011-2444
to a cross site scripting er
_x000D_
in Microsoft Internet Explorer
indows Server 2003 R2 (Service 5591 Microsoft Windows The User RightInformational The User Rights "Deny log on t
_x000D_
indows Server 2003 R2 (Service 13160 (MS11-100) MicroAn informationMedium The vulnerability
_x000D_ CVE-2011-3415
lies in the URL verification w
indows Server 2003 R2 (Service 6879 Microsoft WindowThe Microsoft
escalation The
TheisMicrosoft
vulnerability Windows
vulnerability
present some be computer
canversions
exploited
of Microsoft
by a proce
Wi
_x000D_
indows Server 2003 R2 (Service 14175 Update Rollup forMultiple remotMedium Multiple remote code execution vulnerabiliti
_x000D_
indows Server 2003 R2 (Service 9671 Microsoft InterneA denial of serMedium A denial of service vulnerability is present in
_x000D_
_x000D_ CVE-2007-5158
_x000D_ CVE-2010-3886
_x000D_
indows Server 2003 R2 (Service 5752 Microsoft InterneA vulnerabilityMedium a vulnerabilityCVE-2008-1368
is present in Microsoft Interne
indows Server 2003 R2 (Service 5595 Microsoft Windows The "DCOM: Mac Informational The "DCOM:
_x000D_ Machine Access Rest
indows Server 2003 R2 (Service 13462 Microsoft Windows A privilege es Medium The flaw lies inCVE-2010-1886
_x000D_ the way that the Windows Te
indows Server 2003 R2 (Service 14432 Adobe Macromedia An obsolete veInformational An obsolete version of Adobe Macromedia F
_x000D_
_x000D_ CVE-2009-0217
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4427 Check users who Determined tha Informational Some accounts
The registry values password was key
under this fo were obtai
indows Server 2003 R2 (Service 10165 Microsoft WindowShares were foInformational
indows Server 2003 R2 (Service 5533 Microsoft WindowA list of loca Informational _x000D_
A list of local groups was obta
indows Server 2003 R2 (Service 5474 Display all detec Informational Informational A Informational script to
DNS configuration of display
a Windows Operating
in Micrsoft Internet Explorer m
indows Server 2003 R2 (Service 4481 Microsoft WindowThe Microsoft Informational The Microsoft Windows Firewall
_x000D_
indows Server 2003 R2 (Service 6003 Microsoft WindowOne or more us Informational One or more user accounts have never logge
indows Server 2003 R2 (Service 6821 Microsoft InterneInternet ExploInformational The Microsoft Internet Explore
_x000D_
indows Server 2003 R2 (Service 12683 (APSB11-26) Adobe An informationMedium The flaw is specific
_x000D_ CVE-2011-2429
to a control bypass error.
indows Server 2003 R2 (Service 13043 Microsoft InterneAn informationLow An informationCVE-2002-2435
indows Server 2003 R2 (Service 9086 (MS10-041) MicroA vulnerabilit
The Medium
Digitally sign The
communications vulnerability
CVE-2009-0217
issetting
due to was
the way
(always) policy in which
detected t
on th
indows Server 2003 R2 (Service 5610 Microsoft Windows Informational
indows Server 2003 R2 (Service 9309 Adobe Flash Play A version of A Informational A version of Adobe Flash Player was detected
_x000D_
indows Server 2003 R2 (Service 13392 Microsoft InterneA denial of serMedium The lies file
A hosts in aconfiguration
memory
CVE-2012-1545
corruption condition,
of a Windows Operin
indows Server 2003 R2 (Service 13430 Windows Hosts FiA hosts file c Informational The flaw is due to how the application handle
indows Server 2003 R2 (Service 13106 Microsoft InterneAn informationMedium This check onlyCVE-2011-4689
attempts to establish a NetBI
indows Server 2003 R2 (Service 13017 NetBIOS Null SessNetBIOS Null sInformational _x000D_
indows Server 2003 R2 (Service 11141 Microsoft Windo The Microsoft Informational _x000D_The Microsoft Windows computer
indows Server 2003 R2 (Service 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS_x000D_ bindings information was detected
indows Server 2003 R2 (Service 8966 Raw Socket Test Detect for ICMInformational Detect _x000D_ for ICMP reply from tar
indows Server 2003 R2 (Service 12006 ICMP Timestamp An Re informationLow An information
_x000D_ CVE-1999-0524
_x000D_
_x000D_
indows Server 2003 R2 (Service 8385 Microsoft IIS Ho Microsoft InteInformational _x000D_
Microsoft IIS "Use Host Header Name" settin
indows Server 2003 R2 (Service 11218 Web Server HTTPHTTP protocolInformational HTTP _x000D_protocol version was obtained from the
indows Server 2003 R2 (Service 11260 Web Server WebDWebDAV was
There is an de
Informational
information WebDAV
disclosure samewas
Thevulnerability detected
vulnerability on
in the
presentcould somehost.
also versions
cause a de
of
MS02-062:_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1641 Microsoft Windo The SNMP servi Informational Includes agentCVE-MAP-NOMA
indows Server 2003 R2 (Service 1640 Microsoft WindowThe Simple Mai Informational Transports eleCVE-MAP-NOMA
indows Server 2003 R2 (Service 1663 Microsoft WindowThe COM+ Syste Informational Manages
_x000D_ the cCVE-MAP-NOMA
_x000D_ releases
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1730 Microsoft WindowThe Require StInformational CVE-MAP-NOMA
Default: Disabled
indows Server 2003 R2 (Service 1683 Microsoft WindowThe WMI Perfor Informational Provides perfoCVE-MAP-NOMA
indows Server 2003 R2 (Service 1699 Microsoft WindowThe Microsoft Informational Microsoft
CVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2873 Microsoft WindowThe system is Informational The cdrom auto
_x000D_ CVE-2000-0155
CVE-MAP-NOMA named
_x000D_ Se
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1756 Require DC authen The Require DoInformational When enabled,CVE-2002-0157
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 1749 .NET Passport CreThe Do not all Informational Default: Disabled
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
indows Server 2003 R2 (Service 1794 Enable ICMP RediThe
The Enable
Do not ICM Informational
store LAN Manager HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
_x000D_
indows Server 2003 R2 (Service 1754 Restrict Floppy A The restrict fl Informational _x000D_
This setting d CVE-1999-0594
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2918 User Rights BackupThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2963 User Rights RemoThe User Righ Informational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2964 User Rights ReplaThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 3316 Microsoft WindowIt was possibl Informational Microsoft
indows Server 2003 R2 (Service 4118 Windows FirewallThe Microsoft
_x000D_ Informational The Microsoft
indows Server 2003 R2 (Service 2987 Power Users Grou Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2961 User Rights Profil The User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2913 Audit Privilege UsThe Audit Pri Informational NOTE: _x000D_ This check
CVE-1999-0575
_x000D_
_x000D_
_x000D_
indows Server 2003 R2 (Service 2957 User Rights Log On The User RightInformational _x000D_
NOTE: This checkCVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2908 Microsoft WindowThe Audit Acc Informational NOTE: This check CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4005 Microsoft Windows The "Log on asInformational NOTE: _x000D_ This check
CVE-1999-0534
_x000D_
indows Server 2003 R2 (Service 2909 Audit Account MaThe Audit Acc Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4008 Microsoft WindowThe Microsoft Informational The value for this CVE-MAP-NOMA
indows Server 2003 R2 (Service 3362 USB Drive Has BeeAn external USInformational A USB storage CVE-MAP-NOMA
_x000D_ d
_x000D_
indows Server 2003 R2 (Service 2888 Microsoft WindowThe Perform Ro Informational Ensure permissions CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2916 User Rights Act AsThe User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2986 Disable Autoplay Informational NOTE: This check CVE-MAP-NOMA
_x000D_
_x000D_ This check
CVE-1999-0575
requires at least
C Foundston
indows Server 2003 R2 (Service 5491 Web Server TLS/SSOne or more TInformational One or more TLS/SSL X.509 certificates obtai
_x000D_
indows Server 2003 R2 (Service 8269 SSL Server InformSSL server inf Informational SSL server information was detected on the h
indows Server 2003 R2 (Service 14864 SSL/TLS Server PrThe ciphersuitInformational The ciphersuite the SSL/TLS ser
_x000D_
indows Server 2003 R2 (Service 12108 TLS-SSL Server UnUntrusted TLS/Informational This could also indicate that a TLS/SSL man-in
_x000D_
indows Server 2003 R2 (Service 11418 SSL Supported CipSSL supportedInformational SSL supported cipher suite was detected on t
_x000D_
indows Server 2003 R2 (Service 9793 SMTP Server ConnSMTP server cInformational SMTP
_x000D_ server connection was allowed on the
indows Server 2003 R2 (Service 9772 SMTP Server DeteSMTP service w Informational SMTP service was detected on the host.
_x000D_ RPC Interface Detected.
indows Server 2003 R2 (Service 14705 (MS13-009) MicrosAn informationMedium The flaw lies inCVE-2013-0015
_x000D_ CVE-2007-5158
indows Server 2003 R2 (Service 6652 Microsoft WindowThe "PasswordInformational The setting
A hosts on the host does
file configuration of anot complyOper
Windows with
indows Server 2003 R2 (Service 14692 (MS13-016) MicrosA privilege es Medium The flaw lies inCVE-2013-1275
_x000D_ a race condition error. Succes
a race condition error. Succes
indows Server 2003 R2 (Service 5250 Microsoft WindowAllow ICMP redInformational Ensure
_x000D_permissions comply with enterprise p
indows Server 2003 R2 (Service 15069 (MS13-046) VulnerMultiple vulneHigh Microsoft
CVE-2013-1332
MS13-046
C to address
indows Server 2003 R2 (Service 13462 Microsoft WindowsA privilege es Medium The flaw lies inCVE-2010-1886
indows Server 2003 R2 (Service 14567 (MS13-004) MicroAn informationMedium The flaw lies inCVE-2013-0001
_x000D_ the handling of pointers to m
indows Server 2003 R2 (Service 14930 (MS13-036) MicroA privilege es High The flaw lies inCVE-2013-1291
the parsing of OpenType font
indows Server 2003 R2 (Service 10911 USB Devices EnabIt is possible Informational It is possible to obtain the li
_x000D_
indows Server 2003 R2 (Service 14841 (MS13-027) MicrosA privilege es High The flaw is dueCVE-2013-1287
_x000D_ to how Windows USB drivers
indows Server 2003 R2 (Service 15056 (MS13-040) MicroA spoofing vulMedium The flaw is dueCVE-2013-1336
to the signature of a specially
indows Server 2003 R2 (Service 5578 Enumerate Instal VMware images Informational VMware
_x000D_ images were found to b
indows Server 2003 R2 (Service 9410 Microsoft InterneA remote denialLow A remote denial of service vulnerability is pre
_x000D_
indows Server 2003 R2 (Service 14239 Microsoft WindowsMicrosoft has Medium While
_x000D_ not technically a security issue, the dig
indows Server 2003 R2 (Service 5591 Microsoft WindowsThe User RightInformational The User Rights "Deny log on t
_x000D_
_x000D_ Internet Explore
indows Server 2003 R2 (Service 12840 Microsoft WindowsMultiple DNS pLow Multiple DNS poisoning vulnerabilities are pr
indows Server 2003 R2 (Service 15182 (MS13-048) MicroA information Medium A information CVE-2013-3136
_x000D_
indows Server 2003 R2 (Service 14731 (MS13-016) MicrosA privilege es Medium The flaw
_x000D_ lies inCVE-2013-1270
indows Server 2003 R2 (Service 9822 Microsoft WindowsA security bypLow A security bypass vulnerability is present in s
_x000D_
_x000D_
indows Server 2003 R2 (Service 14681 (MS13-016) Micros A privilege es Medium The flaw lies inCVE-2013-1249
indows Server 2003 R2 (Service 14367 (MS12-074) MicroAn informationMedium The
4. A flaw liesisinusing
service CVE-2012-1896
the incorrect sanitization
a user account of fu
not perm
indows Server 2003 R2 (Service 4617 Microsoft Windows A Microsoft WiInformational 5. A service
_x000D_ is installed that should not be ins
indows Server 2003 R2 (Service 14927 (MS13-028) Micros A remote codeHigh The flaw
_x000D_ lies inCVE-2013-1304
indows Server 2003 R2 (Service 14024 (MS12-054) MicroA denial of se Medium The flaw lies inCVE-2012-1850
the handling of RAP requests
_x000D_
indows Server 2003 R2 (Service 5533 Microsoft WindowA list of loca Informational A list
_x000D_ of local groups was obta
_x000D_ the TLS encryption protocol. S
indows Server 2003 R2 (Service 14844 (MS13-027) Vulner Multiple vulneHigh Microsoft
_x000D_ has providedCVE-2013-1287
MS13-027
C to address
The flaw is due toEnhanced
Explorer Secu
how the application handle
indows Server 2003 R2 (Service 15212 Update Rollup forUnknown vulner Medium Unknown vulnerabilities are pre
indows Server 2003 R2 (Service 15183 (MS13-048) Vulner A information Medium A information CVE-2013-3136
_x000D_
indows Server 2003 R2 (Service 10804 Windows Installe It was possibl Informational It was
_x000D_ possible to enumerate i
indows Server 2003 R2 (Service 15054 (MS13-040) Vulner Multiple securHigh Microsoft
MS13-040
C to address
indows Server 2003 R2 (Service 9485 Microsoft DirectXMultiple denialMedium Multiple
_x000D_ denial of service vulnerabilities are p
_x000D_ CVE-2012-1545
indows Server 2003 R2 (Service 14710 (MS13-016) Micros A privilege es Medium The flaw
_x000D_ lies inCVE-2013-1258
_x000D_ CVE-2007-4478
indows Server 2003 R2 (Service 13888 Microsoft Unautho A spoofing vulMedium The flaw is specific to the multiple certificate
indows Server 2003 R2 (Service 6879 Microsoft WindowThe Microsoft Informational The Microsoft
A DNS Windows
configuration of acomputer
Windows Operating
indows Server 2003 R2 (Service 13429 Windows DNS Conf A DNS configuInformational
_x000D_
indows Server 2003 R2 (Service 13737 Microsoft Windows A spoofing vulMedium Update - June 13, 2012 - The vendor has upd
_x000D_
indows Server 2003 R2 (Service 15014 (MS13-028) Micros A remote codeHigh The flaw lies inCVE-2013-1338
_x000D_ lies inCVE-2013-1254
indows Server 2003 R2 (Service 13876 (MS12-049) Vulner An informationMedium Microsoft
CVE-2012-1870
MS12-049 to address
indows Server 2003 R2 (Service 5752 Microsoft InterneA vulnerabilityMedium a_x000D_
vulnerabilityCVE-2008-1368
indows Server 2003 R2 (Service 9671 Microsoft InterneA denial of serMedium A denial
_x000D_ of service vulnerability is present in
indows Server 2003 R2 (Service 14840 (MS13-027) Micros A privilege es High The flaw is dueCVE-2013-1286
to how Windows USB drivers
indows Server 2003 R2 (Service 4434 Enumerate Admini List the users Informational Under Microsoft
Customer would like Foundstone to be able to report Windows role-b logged o
the currently
indows Server 2003 R2 (Service 4423 Report Current L Informational Windows
indows Server 2003 R2 (Service 14057 Microsoft WindowMicrosoft SecuMedium _x000D_
indows Server 2003 R2 (Service 14934 (MS13-033) Vulner A privilege es High Microsoft
The has
registry provided
CVE-2013-1295
values underMS13-033 to address
this key were obtai
indows Server 2003 R2 (Service 7555 Microsoft WindowThe registry Informational
A privilege escalation vulnerability
Theisvulnerability
present some canversions
be exploited
of Microsoft
by a proce
Wi
indows Server 2003 R2 (Service 14675 (MS13-016) Vulner Multiple vulneMedium Microsoft
CVE-2013-1248
MS13-016
C to address
indows Server 2003 R2 (Service 14938 (MS13-029) MicroA remote codeHigh The flaw lies inCVE-2013-1296
the handling of deleted objec
_x000D_
indows Server 2003 R2 (Service 15051 (MS13-037) Micros An
Theinformation Medium
Digitally sign The
communications flaw is due CVE-2013-1297
to how access
was to
(always) policy setting JSON data
detected fi
on th
_x000D_ a race condition error/event.
indows Server 2003 R2 (Service 6219 (MS08-069) MicroA vulnerabilit Medium A vulnerabilit CVE-2008-4033
_x000D_
_x000D_ handling of object in memory
indows Server 2003 R2 (Service 14558 Microsoft TURKTRU A spoofing vulMedium The flaw lies in fraudulent certificates signed
_x000D_
indows Server 2003 R2 (Service 5859 Windows User ProUser profiles Informational _x000D_User profiles were found on the Windows ho
_x000D_ the handling of specific objec
indows Server 2003 R2 (Service 14174 Microsoft Windows A spoofing vulMedium Update
_x000D_- June 13, 2012 - The vendor has upd
CVE-MAP-NOMA
indows Server 2003 R2 (Service 14728 (MS13-016) Micros A privilege es Medium The
This flaw
checklies inCVE-2013-1267
only aattempts
race condition error.aSucces
to establish NetBI
_x000D_
indows Server 2003 R2 (Service 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS_x000D_ bindings information was detected
_x000D_
indows Server 2003 R2 (Service 8969 Raw Socket Test Detect for opeInformational Detect_x000D_ for opened TCP port on
indows Server 2003 R2 (Service 5689 SSL/TLS X.509 Ce The common nam Informational _x000D_
indows Server 2003 R2 (Service 5690 Web Server Self-SOne or more se Informational One or more self-signed TLS/SSL X.509 certifi
_x000D_
_x000D_
indows Server 2003 R2 (Service 8242 SSL Web Server VVersion informInformational Version
_x000D_information was obtained from the S
Microsoft IIS server extensions were enumer
indows Server 2003 R2 (Service 10490 Web Server RedirWeb server red Informational Web
_x000D_server redirection status was detected o
indows Server 2003 R2 (Service 11218 Web Server HTTPHTTP protocolInformational HTTP _x000D_ protocol version was obtained from the
indows Server 2003 R2 (Service 11258 HTTP Server Set HTTP server haInformational HTTP _x000D_ server handling session using set-cooki
There is an de
Informational
information WebDAV
disclosure samewas
vulnerability on
in the
presentcouldsomehost.
alsoversions
cause a de
of
indows Server 2003 R2 (Service 864 NetBIOS NBTSTATIt is possible Informational Where _x000D_ target_system
CVE-MAP-NOMA
indows Server 2003 R2 (Service 868 Null Session OS It is possible Low For more information
see: http://packetstorm
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1655 Microsoft WindowThe ApplicatioInformational Provides softwCVE-MAP-NOMA
indows Server 2003 R2 (Service 1681 Microsoft Windo The Management Informational Provides
_x000D_ a comCVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 1730 Microsoft WindowThe Require StInformational _x000D_
Default: Disabled
CVE-MAP-NOMA
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA named
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2828 Default Guest Ac The
The guest
Do notacco Informational
store LAN Manager An account
hash nam
value on Cnext
VE-MAP-NOMA
password change policy s
_x000D_
_x000D_ Se
indows Server 2003 R2 (Service 2836 Unsigned Non-driv The unsigned nInformational Default:
_x000D_ Warn CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_
CVE-MAP-NOMA
_x000D_ theCVE-MAP-NOMA
indows Server 2003 R2 (Service 1749 .NET Passport CreThe Do not all Informational Default:
_x000D_Disabled CVE-MAP-NOMA
indows Server 2003 R2 (Service 1765 Microsoft WindowThe LAN Manage Informational NTLMv2 is a more CVE-2001-0705
_x000D_
indows Server 2003 R2 (Service 1758 Microsoft WindowThe Smart cardInformational Force _x000D_ Logoff - Users are automatically logged
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1804 Microsoft Windows The Microsoft Informational This policy
_x000D_ s CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2885 Microsoft WindowThe Name-poliInformational Ensure _x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2909 Audit Account MaThe Audit Acc Informational _x000D_ NOTE: This check CVE-MAP-NOMA
indows Server 2003 R2 (Service 2891 Microsoft WindowThe "System
Autoplay Ob
Informational
is not Ensure
_x000D_ permissions
comply
all local withand
accounts enterprise
thereforp
_x000D_
requires at least
C Foundston
indows Server 2003 R2 (Service 4115 Windows FirewallThe Microsoft Informational _x000D_ The Microsoft CVE-MAP-NOMA
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2912 Audit Policy ChanThe Audit Pol Informational _x000D_
_x000D_ NOTE: This check CVE-1999-0575
_x000D_ This check
CVE-MAP-NOMA
_x000D_ This check
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
_x000D_ permissions
CVE-MAP-NOMA
_x000D_
_x000D_ This check
CVE-MAP-NOMA
_x000D_ This check
CVE-1999-0575
indows Server 2003 R2 (Service 2917 User Rights AllowThe User RightInformational NOTE:
_x000D_ This CVE-MAP-NOMA
check requires at least Foundston
indows Server 2003 R2 (Service 2965 User Rights RestorThe User RightInformational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4007 Microsoft WindowThe "Adjust meInformational NOTE:_x000D_ This check
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2966 User Rights Shut The User Righ Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4643 LSASS RPC Interf LSASS RPC InteInformational _x000D_
LSASS RPC Interface Detected.
indows Server 2003 R2 (Service 5543 Enumerate EnableMicrosoft WinInformational Administrative shares are crea
_x000D_
indows Server 2003 R2 (Service 10199 (MS10-070) Vulner A security bypMedium The flaw is specific
_x000D_ CVE-2010-3332
to a cryptographic attack
indows Server 2003 R2 (Service 5474 Display all detec Informational Informational Informational script to display
indows Server 2003 R2 (Service 5685 Microsoft WindowThe username
Customer Informational
wouldo like Foundstone
Thetousername
be able toofreport
the last
theuser
currently logged o
indows Server 2003 R2 (Service 4423 Report Current L Informational Windows NT-based operating sy
_x000D_
_x000D_
indows Server 2003 R2 (Service 10165 Microsoft WindowShares were fo
The Digitally Informational
sign communications
indows Server 2003 R2 (Service 5859 Windows User ProUser profiles Informational User_x000D_profiles were found on the Windows ho
_x000D_
indows Server 2003 R2 (Service 6003 Microsoft WindowOne or more us Informational One
A DNS orconfiguration
more user accounts have never
of a Windows logge
Operating
_x000D_
indows Server 2003 R2 (Service 5265 Microsoft Windows Internet ExploInformational Internet Explorer Enhanced Secu
indows Server 2003 R2 (Service 5591 Microsoft Windows The User RightInformational The
The User
registryRights "Deny
values logthis
under on tkey were obtai
CVE-MAP-NOMA
indows Server 2003 R2 (Service 5533 Microsoft WindowA list of loca Informational A A list
hostsof file
localconfiguration
groups was obta
of a Windows Oper
indows Server 2003 R2 (Service 13430 Windows Hosts FiA hosts file c Informational 4. A service is using a user account not perm
indows Server 2003 R2 (Service 12465 (MS11-066) Vulner A information Medium Microsoft
CVE-2011-1977
MS11-066 to address
_x000D_
indows Server 2003 R2 (Service 5250 Microsoft WindowAllow ICMP redInformational _x000D_
Ensure permissions comply with enterprise p
indows Server 2003 R2 (Service 9410 Microsoft InterneA remote denial Low A remote
This checkdenial of servicetovulnerability
only attempts is pre
establish a NetBI
_x000D_
indows Server 2003 R2 (Service 8490 NetBIOS Names InMicrosoft Net Informational Microsoft
_x000D_
_x000D_
There is an de
Informational
information WebDAV
disclosure samewas
vulnerability on
in the
alsoversions
cause a de
of
indows Server 2003 R2 (Service 1657 Microsoft WindowThe Help and SInformational Enables
_x000D_Help aCVE-MAP-NOMA
_x000D_and s CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1701 Do Not Display LaThe Microsoft Informational With _x000D_this poli CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_ Se
CVE-MAP-NOMA named
_x000D_
_x000D_ Updates/Windows Update se
indows Server 2003 R2 (Service 1758 Microsoft WindowThe Smart cardInformational _x000D_
Force Logoff - Users are automatically logged
The Do not store LAN Manager Ensure
Dr. Watson I nformational permissions
comply with
next password enterprise
change policyps
_x000D_
indows Server 2003 R2 (Service 1743 Microsoft WindowThe Send unenc Informational Disabling this CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2440 Microsoft WindowThe Remote Pro Informational _x000D_
indows Server 2003 R2 (Service 2874 Microsoft WindowFor new users,Informational The autorun
_x000D_ or
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2913 Audit Privilege UsThe Audit Pri Informational _x000D_
NOTE: This checkCVE-1999-0575
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2883 Microsoft Windows The legal noti
Autoplay is notInformational Ensure
_x000D_ thatfor
types thealllegal
localnotice text and
accounts and therefor
caption
indows Server 2003 R2 (Service 2986 Disable Autoplay Informational NOTE:_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2914 Audit System EvenThe Audit Sys Informational NOTE: _x000D_ This check
CVE-1999-0575
_x000D_
indows Server 2003 R2 (Service 2970 User Rights LogonThe User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2911 Audit Object AcceThe Audit Obj Informational NOTE: _x000D_ This check
CVE-1999-0575
requires at least
C Foundston
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
_x000D_
_x000D_
_x000D_ permissions
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 4017 Microsoft Windo User accountsInformational One or more user CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2919 User Rights BypasThe User Righ Informational NOTE: This check
_x000D_
_x000D_
_x000D_ the parsing of OpenType font
indows Server 2003 R2 (Service 14709 (MS13-016) Micros A privilege es Medium The flawfile
A hosts liesconfiguration
inCVE-2013-1257
of a Windows Oper
_x000D_
CVE-2012-1545
_x000D_
_x000D_
The denial
registry valuesof service vulnerability
under this is pre
key were obtai
_x000D_
_x000D_
indows Server 2003 R2 (Service 4916 Microsoft WindowsThe legal noticInformational Ensure that both
CVE-1999-0590
indows Server 2003 R2 (Service 5590 Microsoft WindowsThe User RightInformational The User Rights "Deny log on loc
_x000D_
indows Server 2003 R2 (Service 14914 Microsoft EnhanceMicrosoft EnhaInformational _x000D_
_x000D_ CVE-2009-4073in Microsoft Intern
indows Server 2003 R2 (Service 13737 Microsoft WindowsA spoofing vulMedium Update - June 13, 2012 - The vendor has upd
indows Server 2003 R2 (Service 15183 (MS13-048) VulnerA information Medium A information CVE-2013-3136
_x000D_
indows Server 2003 R2 (Service 9069 (MS10-041) VulnerA vulnerabilit Medium The vulnerability
_x000D_ CVE-2009-0217
CVE-MAP-NOMA
4. A service is using a user account not perm
indows Server 2003 R2 (Service 4617 Microsoft WindowsA Microsoft WiInformational 5. A service
a race condition error/event.
indows Server 2003 R2 (Service 5265 Microsoft WindowsInternet ExploInformational Internet
_x000D_ Explorer Enhanced Secu
indows Server 2003 R2 (Service 14926 (MS13-028) MicrosA remote codeHigh The flaw lies inCVE-2013-1303
indows Server 2003 R2 (Service 5254 Microsoft WindowsWindows file nInformational Ensure
indows Server 2003 R2 (Service 13876 (MS12-049) VulnerAn informationMedium Microsoft
CVE-2012-1870
MS12-049 to address
_x000D_
indows Server 2003 R2 (Service 5007 Microsoft WindowsA vulnerabilit Low Microsoft Windows 2000, XP, and Vista are a
indows Server 2003 R2 (Service 15051 (MS13-037) MicrosAn informationMedium The flaw is dueCVE-2013-1297
to how access to JSON data fi
indows Server 2003 R2 (Service 14705 (MS13-009) MicrosAn informationMedium The
The flaw is due the
handling
to how of the Shifthandle
the application JIS ch
indows Server 2003 R2 (Service 5596 Microsoft WindowsThe "DCOM: Mac Informational The "DCOM: Machine Launch Rest
_x000D_
_x000D_
_x000D_
_x000D_
to the signature of a specially
indows Server 2003 R2 (Service 14239 Microsoft Windows Microsoft hassign
The Digitally Medium While
communications not technically a security
(always) policy setting issue, the
was detected ondig
th
CVE-2013-1332
MS13-046
C to address
_x000D_
indows Server 2003 R2 (Service 13043 Microsoft InterneAn informationLow An information
_x000D_ CVE-2002-2435
indows Server 2003 R2 (Service 4658 Microsoft IIS Det Microsoft InteInformational If the
_x000D_ DisplayName and ImagePath keys exist
_x000D_
_x000D_
indows Server 2003 R2 (Service 6652 Microsoft WindowThe "PasswordInformational The settingcode
A remote on the host does
execution not comply
vulnerability is with
pres
_x000D_ lies inCVE-2013-3112
a user-after-free error. Succe
_x000D_ the handling of RAP requests
indows Server 2003 R2 (Service 5859 Windows User ProUser profiles Informational User _x000D_profiles were found on the Windows ho
_x000D_
indows Server 2003 R2 (Service 14505 Microsoft XML CorAn obsolete veInformational An obsolete
_x000D_ version of Microsoft XML Core S
indows Server 2003 R2 (Service 5595 Microsoft Windows The "DCOM: Mac
Informational The
A privilege escalation vulnerability "DCOM: Machine
Theisvulnerability
present some Access
canversions
be Rest
exploited
of Microsoft
by a proce
Wi
_x000D_
CVE-2013-1295
MS13-033 to address
CVE-2013-1248
MS13-016
C to address
indows Server 2003 R2 (Service 6003 Microsoft WindowOne or more us Informational One or
_x000D_ more user accounts have never logge
_x000D_
A DNSflaw lies inCVE-2013-1265
a raceofcondition
configuration a Windows error. Succes
Operating
CVE-2013-1287
MS13-027
C to address
_x000D_ CVE-2007-5158
_x000D_ has CVE-2013-1336
provided C to address
MS13-040
_x000D_ CVE-2009-0217
This flaw
checklies inCVE-2013-1274
only aattempts
race condition error.aSucces
to establish NetBI
_x000D_
indows Server 2003 R2 (Service 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS bindings information was detected
indows Server 2003 R2 (Service 8966 Raw Socket Test Detect for ICMInformational Detect
_x000D_for ICMP reply from tar
_x000D_for opened TCP port on
_x000D_
CVE-MAP-NOMA
MS02-062:_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1662 Microsoft WindowThe Cryptograp Informational Provides
_x000D_ threeCVE-MAP-NOMA
indows Server 2003 R2 (Service 1714 Microsoft WindowThe version ofInformational CVE-MAP-NOMA
Microsoft releases new versions of IE, usually
CVE-MAP-NOMA
_x000D_ and s CVE-MAP-NOMA
B Ensure
_x000D_ permissions
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
Se
indows Server 2003 R2 (Service 2443 Microsoft WindowTheThe DistributeInformational
Do not store LAN Manager This hashservice coCVE-MAP-NOMA
value on next password change policy s
_x000D_ permissions
CVE-MAP-NOMA
_x000D_
In response toCVE-2000-0155
these two glaring security hole
indows Server 2003 R2 (Service 1858 Web Server SuppoThe Web server Medium CVE-MAP-NOMA
A vulnerable host will support the use of a ci
indows Server 2003 R2 (Service 1859 Web Server Suppor The host suppoMedium _x000D_ CVE-MAP-NOMA
indows Server 2003 R2 (Service 4007 Microsoft WindowThe "Adjust meInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_ _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2987 Power Users Grou Informational NOTE:_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2965 User Rights RestorThe User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
_x000D_
requires at least
C Foundston
_x000D_
indows Server 2003 R2 (Service 2918 User Rights Backup The User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
disabled on all drive Microsoft
indows Server 2003 R2 (Service 2947 User Rights Deny The User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
_x000D_
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2908 Microsoft WindowThe Audit Acc Informational NOTE: This check
CVE-MAP-NOMA
_x000D_ WindC VE-MAP-NOMA
indows Server 2003 R2 (Service 2963 User Rights RemoThe User Righ Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2915 User Rights Acce The User Righ Informational NOTE: This check
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2912 Audit Policy ChanThe Audit Pol Informational NOTE: This check
CVE-1999-0575
_x000D_
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 4005 Microsoft Windows The "Log on asInformational NOTE: This check
CVE-1999-0534
indows Server 2003 R2 (Service 2970 User Rights LogonThe User RightInformational NOTE: This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2957 User Rights Log OnThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
_x000D_This check
CVE-1999-0575
_x000D_
indows Server 2003 R2 (Service 5491 Web Server TLS/SS One or more TInformational One or more TLS/SSL X.509 certificates obtai
_x000D_
_x000D_
_x000D_
indows Server 2003 R2 (Service 4916 Microsoft WindowsThe legal noticInformational Ensure
indows Server 2003 R2 (Service 5254 Microsoft WindowsWindows file nInformational Ensure
indows Server 2003 R2 (Service 13888 Microsoft UnauthoA spoofing vulMedium The flaw is specific to the multiple certificate
_x000D_
indows Server 2003 R2 (Service 10804 Windows Installe It was possibl Informational It
4. was possible
A service to enumerate
is using i
a user account not perm
indows Server 2003 R2 (Service 4617 Microsoft WindowsA Microsoft WiInformational 5. A service
_x000D_
_x000D_ lies inCVE-2013-1283
indows Server 2003 R2 (Service 10797 McAfee VirusScanMcAfee VirusSc Informational A DNS configuration of a Windows Operating
_x000D_
_x000D_
indows Server 2003 R2 (Service 5256 Microsoft WindowsScreen saver gInformational Ensure
indows Server 2003 R2 (Service 14723 (MS13-016) MicrosA privilege es Medium The
_x000D_ lies inCVE-2013-1266
flaw a race condition error. Succes
_x000D_
indows Server 2003 R2 (Service 13193 (MS12-003) VulnerA privilege es Medium Microsoft
CVE-2012-0005
MS12-003 to address
indows Server 2003 R2 (Service 7139 Microsoft InterneA vulnerabilit Medium A
A vulnerability
remote codeCVE-2009-3003
in Micrsoftvulnerability
execution Internet Explorer m
is pres
_x000D_
indows Server 2003 R2 (Service 9822 Microsoft WindowsA security bypLow A security bypass vulnerability is present in s
_x000D_
_x000D_ to the signature of a specially
_x000D_
indows Server 2003 R2 (Service 14558 Microsoft TURKTRUA spoofing vulMedium The flaw lies in fraudulent certificates signed
_x000D_
an error with the handling of
_x000D_
_x000D_ CVE-2009-0217
indows Server 2003 R2 (Service 5265 Microsoft WindowsInternet ExploInformational Internet
indows Server 2003 R2 (Service 14175 Update Rollup forMultiple remotMedium Multiple remote code execution vulnerabiliti
_x000D_
indows Server 2003 R2 (Service 14675 (MS13-016) VulnerMultiple vulneMedium Microsoft
CVE-2013-1248
MS13-016
C to address
the handling of pointers to m
_x000D_
indows Server 2003 R2 (Service 5596 Microsoft WindowsThe "DCOM: Mac Informational The "DCOM: Machine Launch Rest
_x000D_
CVE-2013-1332
_x000D_ the handling of deleted objec
indows Server 2003 R2 (Service 15051 (MS13-037) MicrosAn informationMedium The flaw is dueCVE-2013-1297
CVE-2013-1287
indows Server 2003 R2 (Service 10199 (MS10-070) VulnerA security bypMedium The flaw is specific
_x000D_ CVE-2010-3332
_x000D_ lies inCVE-2013-1272
_x000D_
indows Server 2003 R2 (Service 11828 (MS11-018) MicrosAn informationMedium The flawfile
A hosts canconfiguration
beCVE-2011-1245
exploitedof viaa aWindows
specially-craft
Oper
indows Server 2003 R2 (Service 13062 (MS12-006) SSL anA information Medium The flaw lies inCVE-2011-3389
_x000D_ the SSL/TLS protocol. Success
indows Server 2003 R2 (Service 14239 Microsoft WindowsMicrosoft has Medium While
indows Server 2003 R2 (Service 11631 Microsoft WindowsA spoofing vulMedium The vulnerability is specific to the liberation o
_x000D_
indows Server 2003 R2 (Service 11789 (MS11-018) MicrosAn informationMedium The flaw
_x000D_ can beCVE-2011-1244
indows Server 2003 R2 (Service 12941 Microsoft WindowsA spoofing vulMedium The flaw is specific to the 22 certificates from
_x000D_
indows Server 2003 R2 (Service 6003 Microsoft WindowOne or more us Informational One_x000D_or more user accounts have never logge
indows Server 2003 R2 (Service 9069 (MS10-041) VulnerA vulnerabilit Medium The vulnerability
_x000D_ CVE-2009-0217
_x000D_ lies inCVE-2013-1255
_x000D_ the incorrect sanitization of fu
indows Server 2003 R2 (Service 5595 Microsoft WindowsThe "DCOM: Mac Informational The "DCOM: Machine Access Rest
_x000D_
indows Server 2003 R2 (Service 14934 (MS13-033) VulnerA privilege es High Microsoft
CVE-2013-1295
MS13-033 to address
indows Server 2003 R2 (Service 5511 Microsoft Intern A vulnerabilit Medium A design
A privilege escalation vulnerability flaw
Theisvulnerabilityin
CVE-2007-5158
present some Microsoft
canversionsInternet
be exploited Explorer
of Microsoft
by Wim
a proce
_x000D_
indows Server 2003 R2 (Service 12596 Microsoft Windows A spoofing vulMedium The flaw is specific to the false certificates fro
_x000D_
_x000D_ the way the Windows CSRSS
_x000D_
_x000D_ lies inCVE-2013-1263
indows Server 2003 R2 (Service 13160 (MS11-100) MicroAn informationMedium The registry
The vulnerability
CVE-2011-3415
valueslies in thethis
under URL verification
key were obtaiw
indows Server 2003 R2 (Service 7555 Microsoft WindowThe registry Informational http://support.microsoft.com/default.aspx?s
indows Server 2003 R2 (Service 11770 (MS11-034) Vulner Multiple vulnerMedium Microsoft has provided
CVE-2011-0662
CVE-2013-1336
CVE-2012-1545
_x000D_
indows Server 2003 R2 (Service 14057 Microsoft WindowMicrosoft Secu
The Digitally Medium
sign communications
indows Server 2003 R2 (Service 5610 Microsoft Windows Informational The flaw is due to how the application handle
CVE-2011-3389
MS12-006 to address
CVE-2012-1870
MS12-049 to address
indows Server 2003 R2 (Service 4434 Enumerate Admini List the users Informational _x000D_
Under Microsoft Windows role-b
_x000D_
_x000D_
indows Server 2003 R2 (Service 9518 Mcafee VirusScanMcAfee VirusSc Informational McAfee VirusScan is installed on the host and
_x000D_
indows Server 2003 R2 (Service 7405 Microsoft InterneA vulnerabilityInformational _x000D_
The printing functionality
CVE-2009-4073 in Microsoft Intern
indows Server 2003 R2 (Service 10104 (MS10-070) MicroA security bypMedium The flaw is specific
CVE-2010-3332
This checkvulnerabilities
only attempts are pre
_x000D_
_x000D_
indows Server 2003 R2 (Service 8966 Raw Socket Test Detect for ICMInformational Detect_x000D_ for ICMP reply from tar
_x000D_
indows Server 2003 R2 (Service 8367 Microsoft IIS IIS Microsoft InteInformational Microsoft
_x000D_ Internet Information Services (IIS)
indows Server 2003 R2 (Service 8388 Microsoft IIS MSAMicrosoft InteInformational _x000D_
Microsoft IIS MSADC virtual directory was de
indows Server 2003 R2 (Service 8425 Microsoft IIS Prin Microsoft InterInformational Microsoft
_x000D_ IIS Printers virtual directory was de
indows Server 2003 R2 (Service 8426 Microsoft IIS Scri Microsoft InterInformational Microsoft
_x000D_ IIS scripts virtual directory was det
_x000D_ IIS script mapping configuration wa
Thevulnerability
same version
vulnerability
presentwas
couldobtained
in some from
alsoversions
cause the
a de
of
indows Server 2003 (Service Pac 864 NetBIOS NBTSTATIt is possible Informational Where target_system CVE-MAP-NOMA
indows Server 2003 (Service Pac 1657 Microsoft WindowThe Help and SInformational Enables Help aCVE-MAP-NOMA
indows Server 2003 (Service Pac 1655 Microsoft WindowThe ApplicatioInformational Provides softwCVE-MAP-NOMA
indows Server 2003 (Service Pac 1660 Microsoft WindowThe DNS ClientInformational Resolves
_x000D_ and cCVE-MAP-NOMA
indows Server 2003 (Service Pac 1730 Microsoft WindowThe Require StInformational Default: Disabled CVE-MAP-NOMA
indows Server 2003 (Service Pac 1664 Microsoft Windows The Background Informational Uses idle netwCVE-MAP-NOMA
indows Server 2003 (Service Pac 1670 Microsoft WindowThe ProtectedInformational Provides proteCVE-MAP-NOMA
indows Server 2003 (Service Pac 1668 Microsoft WindowThe Network Lo Informational Collects and s CVE-MAP-NOMA
indows Server 2003 (Service Pac 1663 Microsoft WindowThe COM+ Syste Informational Manages
indows Server 2003 (Service Pac 1703 Clear Pagefile On The Microsoft Informational Default: Disabled. CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 1699 Microsoft WindowThe Microsoft Informational Microsoft Jet CVE-MAP-NOMA
indows Server 2003 (Service Pac 1675 Microsoft WindowDetermine if MInformational Provides
indows Server 2003 (Service Pac 2879 Microsoft WindowThe "System CrInformational Ensure_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1749 .NET Passport CreThe Do not all Informational Default: Disabled CVE-MAP-NOMA
indows Server 2003 (Service Pac 1752 Restrict CD-ROM TAhe restrict C Informational By default, an CVE-1999-0594
_x000D_
CVE-MAP-NOMA named
_x000D_
indows Server 2003 (Service Pac 1765 Microsoft WindowThe LAN Manage Informational NTLMv2
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
B Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2878 Microsoft WindowThe Dr. Watson Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2439 Microsoft WindowThe Remote Pro Informational This service prCVE-MAP-NOMA
indows Server 2003 (Service Pac 2436 Microsoft WindowThe
The Do
IPSEC
notServ Informational
store LAN Manager This
hashservice prCVE-MAP-NOMA
indows Server 2003 (Service Pac 1744 Microsoft Window Informational Enabling this CVE-MAP-NOMA
Se
indows Server 2003 (Service Pac 1787 Microsoft WindowThe Lockout ThInformational Determines the number of failed
indows Server 2003 (Service Pac 2832 Members Of The Accounts wereInformational _x000D_ If an account CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2827 Default Administ The administraInformational An account name CVE-1999-0585
indows Server 2003 (Service Pac 1804 Microsoft WindowsThe Microsoft Informational This policy s CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 (Service Pac 2836 Unsigned Non-drivThe unsigned nInformational Default:
indows Server 2003 (Service Pac 2947 User Rights Deny The User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 3984 Microsoft WindowsThe permissionInformational CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2908 Microsoft Window_x000D_
The Audit Acc Informational NOTE: This check
indows Server 2003 (Service Pac 2987 Power Users Grou Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2920 User Rights Chan The User Righ Informational NOTE: This checkCVE-MAP-NOMA
indows Server 2003 (Service Pac 2917 User Rights AllowThe User RightInformational NOTE: This checkCVE-MAP-NOMA
_x000D_This check
CVE-1999-0575
requires at least
C Foundston
indows Server 2003 (Service Pac 2912 Audit Policy ChanThe Audit Pol Informational NOTE: This checkCVE-1999-0575
_x000D_
indows Server 2003 (Service Pac 2888 Microsoft WindowThe Perform Ro Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2919 User Rights BypasThe User Righ Informational NOTE: This checkCVE-MAP-NOMA
indows Server 2003 (Service Pac 4104 USB Block StorageThe Microsoft Informational Microsoft
indows Server 2003 (Service Pac 4005 Microsoft WindowsThe "Log on asInformational NOTE: This checkCVE-1999-0534
indows Server 2003 (Service Pac 2909 Audit Account MaThe Audit Acc Informational NOTE: This checkCVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2965 User Rights RestorThe User RightInformational NOTE: This checkCVE-MAP-NOMA
indows Server 2003 (Service Pac 3959 Microsoft WindowsThe AdministrInformational The users
_x000D_ detected within the
indows Server 2003 (Service Pac 2883 Microsoft WindowsThe legal noti Informational Ensure
indows Server 2003 (Service Pac 2915 User Rights Acce The User Righ Informational NOTE: This checkCVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 4007 Microsoft WindowThe "Adjust meInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 4017 Microsoft Windo User accountsInformational One or more user CVE-MAP-NOMA
indows Server 2003 (Service Pac 2910 Audit Logon EventThe Audit Log Informational The Audit
_x000D_ Logo CVE-1999-0575
_x000D_
indows Server 2003 (Service Pac 4103 Basic AuthenticatThe Microsoft Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2003 (Service Pac 4114 Windows FirewallThe Microsoft
indows Server 2003 (Service Pac 2986 Disable Autoplay Informational NOTE:_x000D_ This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2918 User Rights Backup The User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2957 User Rights Log On The User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2948 User Rights Forc The User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 4108 Security Center i The Microsoft Informational The Microsoft
indows Server 2003 (Service Pac 2891 Microsoft WindowThe "System Ob Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2914 Audit System EvenThe Audit Sys Informational NOTE: _x000D_ This check
CVE-1999-0575
indows Server 2003 (Service Pac 2913 Audit Privilege UsThe Audit Pri Informational NOTE: This check CVE-1999-0575
indows Server 2003 (Service Pac 4105 MSDTC Inbound Ac The Microsoft Informational Microsoft
indows Server 2003 (Service Pac 2885 Microsoft WindowThe Name-poliInformational Ensure _x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2966 User Rights Shut The User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 3362 USB Drive Has BeeAn external USInformational A USB storage CVE-MAP-NOMA
_x000D_ d
indows Server 2003 (Service Pac 4025 Microsoft Windows The Microsoft Informational NOTE: _x000D_ This check
CVE-1999-0575
indows Server 2003 (Service Pac 2970 User Rights LogonThe User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 3960 False AdministratA false AdminiInformational The AdministraCVE-1999-0585 C
_x000D_
indows Server 2003 (Service Pac 2963 User Rights RemoThe User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 11192 Microsoft RemoteMicrosoft Remo Informational Microsoft Remote Procedure Call Service wa
indows Server 2003 (Service Pac 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS _x000D_ RPC Interface Detected.
indows Server 2003 (Service Pac 8843 Adobe ShockwaveA code executiHigh A boundary condition
_x000D_ CVE-2010-0127
error can occur when p
indows Server 2003 (Service Pac 10895 (MS10-090) Micros An informationMedium The vulnerability
_x000D_ CVE-2010-3348
is specific to the access to t
The flaw lies
lies in
inCVE-2012-1875
the DOM
the ID property.
object.Successful
Successfulexe
indows Server 2003 (Service Pac 11754 (MS11-018) Cumula Vulnerabilitie High Microsoft
CVE-2011-0094
MS11-018C to adress t
indows Server 2003 (Service Pac 8333 (MS10-018) Cumula Multiple vulnerHigh The vendor hasCVE-2010-0490
released patchCMS10-018 to
The flaw is due to when the Proxy address an
_x000D_ is specific
CVE-2011-1995
indows Server 2003 (Service Pac 6749 (MS09-019) MicrosA vulnerabilit High _x000D_ CVE-2009-1532
indows Server 2003 (Service Pac 14826 (MS13-021) MicrosA remote codeHigh The flaw is dueCVE-2013-0094
_x000D_ to how an object in memory
indows Server 2003 (Service Pac 7307 Adobe ShockwaveAPvulnerabilit High The
The flaw
flaw is
is specific
dueCVE-2009-3465
to thethe
to when processing of invali
Proxy address an
indows Server 2003 (Service Pac 14656 Microsoft InternetA denial of serMedium _x000D_ CVE-2013-1451
_x000D_ the access to Col elements th
indows Server 2003 (Service Pac 12487 (APSB11-19) AdobA remote codeHigh The flaw is exploitation
Successful specific
CVE-2011-2420
to memory
of thesecorruption. Su
vulnerabilitie
indows Server 2003 (Service Pac 9875 (APSB10-20) AdobA memory corru High _x000D_ CVE-2010-2869
indows Server 2003 (Service Pac 10347 (MS10-071) MicrosAn informationMedium An attacker
_x000D_ who CVE-2010-3243
successfully exploited this v
indows Server 2003 (Service Pac 7132 Adobe ShockwaveAPvulnerabilit High The flaw is specificCVE-2009-3244
to a stack overflow error (
indows Server 2003 (Service Pac 5590 Microsoft WindowsThe User RightInformational The User Rights "Deny log on loc
_x000D_
indows Server 2003 (Service Pac 7491 Adobe Flash Play A memory corru High A memory corruption CVE-2009-3797
indows Server 2003 (Service Pac 10351 (MS10-071) MicrosAn informationMedium Successful
_x000D_ exploitationCVE-2010-3327
of this vulnerability co
_x000D_ CVE-2011-1260
_x000D_ the access to deleted elemen
indows Server 2003 (Service Pac 9699 (MS10-053) MicroA remote codeHigh An attacker
_x000D_ could
CVE-2010-2560
_x000D_ CVE-2010-2559
indows Server 2003 (Service Pac 13660 (APSB11-17) VulneMultiple vulneHigh The update provided
_x000D_ CVE-2011-0317
by AdobeCbulletin APSB
_x000D_ provided
CVE-2009-1547
by Microsoft
C bulletin M
indows Server 2003 (Service Pac 11830 (APSA11-02) AdobA remote codeHigh The vulnerability
_x000D_ CVE-2011-0611
is specific to the handling o
indows Server 2003 (Service Pac 13658 (APSB11-13) VulneA cross site sc Medium The update provided
_x000D_ CVE-2011-2107
by Adobe bulletin APSB
indows Server 2003 (Service Pac 6931 Adobe ShockwaveMultiple
P vulneHigh Multiple
A remotevulnerabilities
codeCVE-2009-0901
execution exist inCAdobe Shockw
vulnerability is pres
indows Server 2003 (Service Pac 15177 (MS13-047) MicrosA remote codeHigh The flaw
_x000D_ lies inCVE-2013-3123
indows Server 2003 (Service Pac 10618 Microsoft InterneA remote codeHigh Exploitation
_x000D_ requires
CVE-2010-3962
an attacker to convince
indows Server 2003 (Service Pac 8833 Adobe ShockwaveAPdenial-of-se Medium An infinite loopCVE-2010-1282
condition can occur when pr
_x000D_
indows Server 2003 (Service Pac 12477 (APSB11-21) AdobeMultiple vulneHigh Multiple
CVE-2011-2130
are present
C in some v
indows Server 2003 (Service Pac 7197 (MS09-054) UninitA vulnerabilityHigh An attacker could
_x000D_ CVE-2009-2531
_x000D_ CVE-2012-2029
indows Server 2003 (Service Pac 14017 (MS12-052) CumulaMultiple remotHigh Microsoft has
Successful provided
CVE-2012-2522
exploitation MS12-052
of theseC vulnerabilitie
to address
indows Server 2003 (Service Pac 13767 (MS12-037) CumulaMultiple remotHigh Microsoft
indows Server 2003 (Service Pac 12932 (APSB11-28) AdobeMultiple vulneHigh Multiple
Successful vulnerabilities
CVE-2011-2445
exploitation arethese
of present
C vulnerabilitie
in some v
indows Server 2003 (Service Pac 8847 Adobe ShockwaveA code executiHigh A heap exhaustion CVE-2010-1288
condition can occur when
_x000D_
indows Server 2003 (Service Pac 14703 (MS13-009) MicroA remote codeHigh The
. An flaw lies in
attacker CVE-2013-0024
a memory
could exploiterror in the pasteH
the vulnerability b
indows Server 2003 (Service Pac 7195 (MS09-054) UninitA vulnerabilityHigh A DNS configuration CVE-2009-2530
indows Server 2003 (Service Pac 13429 Windows DNS Conf A DNS configuInformational _x000D_
_x000D_ CVE-2010-2587
indows Server 2003 (Service Pac 8326 (MS10-018) MicrosA remote codeHigh The flaw can occur
CVE-2010-0492
_x000D_
CVE-2011-1992
indows Server 2003 (Service Pac 7724 (MS10-002) Micros A remote codeHigh A remote codeCVE-2010-0027
indows Server 2003 (Service Pac 12485 (APSB11-19) AdobA remote codeHigh The flaw
_x000D_ is specific
CVE-2011-2421
to memory corruption in
_x000D_ CVE-2012-1877
to an invalid access condi
indows Server 2003 (Service Pac 12763 (MS11-081) Cumula Mutiple remote High Microsoft
CVE-2011-1993
indows Server 2003 (Service Pac 12840 Microsoft Windows Multiple DNS pLow Multiple
indows Server 2003 (Service Pac 5254 Microsoft Windows Windows file nInformational Ensure
_x000D_ CVE-2010-3329
A remote inCVE-2011-1964
code an error when
execution accessingisan
vulnerability o
pres
indows Server 2003 (Service Pac 14593 (APSB13-01) Vulne A remote codeHigh The update
_x000D_ CVE-2013-0630
provided by Adobe bulletin APSB
indows Server 2003 (Service Pac 14948 (APSB13-11) Vulne Multiple vulneHigh The update provided
_x000D_ CVE-2013-1378
the access to deleted elemen
indows Server 2003 (Service Pac 5474 Display all detec Informational Informational _x000D_
Informational script to display
indows Server 2003 (Service Pac 8327 (MS10-018) MicroAn informationMedium The flaw allows
an attacker
execution to run a script
vulnerability wh
is pres
indows Server 2003 (Service Pac 15163 (MS13-047) Micros A remote codeHigh The
The flaw
flaw lies
lies in
inCVE-2013-3110
athe
user-after-free
toStaticHTMLerror. Succe
API. Succes
indows Server 2003 (Service Pac 12235 (MS11-050) Micros An informationMedium _x000D_ CVE-2011-1252
indows Server 2003 (Service Pac 10616 Adobe ShockwaveAPuse-after-fr High A use-after-free
_x000D_ CVE-2010-4092
vulnerability is present in so
indows Server 2003 (Service Pac 8845 Adobe ShockwaveA code executiHigh A memory
_x000D_ corruption
CVE-2010-1290
condition can occur wh
indows Server 2003 (Service Pac 13644 (APSB11-02) Vulne Multiple vulnerHigh The update provided
_x000D_ CVE-2011-0558
indows Server 2003 (Service Pac 10348 (MS10-071) Micros An informationMedium An attacker could
_x000D_ CVE-2010-3325
_x000D_ CVE-2010-1259
indows Server 2003 (Service Pac 13520 (MS12-023) Cumula Multiple remotHigh Microsoft
CVE-2012-0170
indows Server 2003 (Service Pac 5250 Microsoft WindowAllow ICMP redInformational Ensure permissions comply with enterprise p
_x000D_
_x000D_ the handling of objects previo
indows Server 2003 (Service Pac 7377 (MS09-019) Cumula Multiple
Customer would like Foundstone to be able to reportbythe
vulnerHigh The update provided
CVE-2009-1532Microsoft
C bulletin
currently loggedM o
indows Server 2003 (Service Pac 4423 Report Current L Informational Windows
indows Server 2003 (Service Pac 9309 Adobe Flash Play A version of A Informational A version of Adobe Flash Player was detected
_x000D_
indows Server 2003 (Service Pac 9881 (APSB10-20) AdobA memory corru High Successful
CVE-2010-2874
of these vulnerabilitie
indows Server 2003 (Service Pac 8850 Adobe ShockwaveAPcode executiHigh A memory corruption
CVE-2010-1286
error canC occur when
The flaw is due to how the application handlep
indows Server 2003 (Service Pac 13765 (MS12-037) Micros An informationMedium The flaw lies
Successful inCVE-2012-1858
the sanitization
exploitation of theseof HTML elem
vulnerabilitie
indows Server 2003 (Service Pac 13519 (MS12-023) MicroA remote codeHigh The
flaw lies in the
the way
DOMthe program
object. accessea
Successful
indows Server 2003 (Service Pac 15175 (MS13-047) Micros A remote codeHigh The flaw
_x000D_ lies inCVE-2013-3121
indows Server 2003 (Service Pac 7305 Adobe ShockwaveAPvulnerabilit High The flaw
_x000D_ is specific
CVE-2009-3463
to the processing of invali
indows Server 2003 (Service Pac 11789 (MS11-018) Micros An informationMedium The flaw can be
_x000D_ CVE-2011-1244
_x000D_ a memory error in the SetCap
indows Server 2003 (Service Pac 6904 (MS09-034) Micros A vulnerabilit High The flaw lies inCVE-2009-1919
_x000D_ the method used by Microsoft
indows Server 2003 (Service Pac 15039 (MS13-037) CriticMultiple vulneHigh Microsoft has provided
CVE-2013-0811
indows Server 2003 (Service Pac 4427 Check users who Determined tha Informational Some
_x000D_accounts password was fo
CVE-2013-3343
_x000D_
CVE-2013-0030
MS13-010 to address
_x000D_ CVE-2011-2445
_x000D_ lies inCVE-2011-1963
an error when accessing an o
indows Server 2003 (Service Pac 9869 (APSB10-20) AdobA memory corru High Successful
CVE-2010-2864
indows Server 2003 (Service Pac 13667 (APSB11-26) VulneMultiple vulneHigh The
The update
flaw liesprovided
inCVE-2011-2426
the Timeby Adobe Cbulletin
element. APSB
Successful
indows Server 2003 (Service Pac 12237 (MS11-050) MicroA remote codeHigh CVE-2011-1255
Microsoft has provided MS11-057 to address
indows Server 2003 (Service Pac 12466 (MS11-057) CumulaA remote codeHigh _x000D_ CVE-2011-1257 C
indows Server 2003 (Service Pac 8849 Adobe ShockwaveA code executiHigh The flaw iscode
A remote results
CVE-2010-0128
from improper
execution validation
vulnerability is preso
indows Server 2003 (Service Pac 15168 (MS13-047) MicrosA remote codeHigh The flaw lies
a user-after-free
exploitation error. Succe
indows Server 2003 (Service Pac 9882 (APSB10-20) AdobA memory corru High The flaw occurs CVE-2010-2875
due to Microsoft HTML Help
indows Server 2003 (Service Pac 11873 Microsoft HTML HA remote codeHigh _x000D_
indows Server 2003 (Service Pac 14952 (APSB13-12) VulneMultiple vulneHigh The
The update
flaw liesprovided
inCVE-2013-1383
by Adobe
the TrueType Cbulletin
font parsingAPSB
en
indows Server 2003 (Service Pac 7466 (MS09-072) CumulaMultiple vulneHigh The updateexploitation
Successful provided
CVE-2009-2493
byofMicrosoft
C vulnerabilitie
these bulletin M
indows Server 2003 (Service Pac 9886 (APSB10-20) AdobAn integer oveHigh _x000D_ CVE-2010-2879
indows Server 2003 (Service Pac 8838 Adobe ShockwaveA memory corru High An memory corruption
_x000D_ CVE-2010-1283
error can occur when
indows Server 2003 (Service Pac 7503 Adobe Flash PlayeA vulnerabilit High A vulnerability
_x000D_ CVE-2009-3951
is present in some versions of
_x000D_ an error handling a Center Ele
indows Server 2003 (Service Pac 8535 (MS10-022) MicrosA remote codeHigh If a malicious Web
_x000D_ CVE-2010-0483
site displayed a specially c
indows Server 2003 (Service Pac 13601 (APSB12-09) VulneA buffer overf High The update provided
_x000D_ CVE-2012-0779
indows Server 2003 (Service Pac 7743 (MS10-002) CumulaA remote codeHigh The update
_x000D_ provided by Microsoft bulletin M
_x000D_ CVE-2011-1996
indows Server 2003 (Service Pac 7727 (MS10-002) MicrosA remote codeHigh A remote codeCVE-2010-0246
indows Server 2003 (Service Pac 13668 (APSB11-27) VulneMultiple vulneHigh The updateexploitation
Successful provided
CVE-2011-2446
byofAdobe Cbulletin
these APSB
vulnerabilitie
to how an object in memory
indows Server 2003 (Service Pac 5543 Enumerate EnableM icrosoft
The WinInformational
Digitally Administrative
sign communications shares are was
crea detected on th
(always) policy setting
indows Server 2003 (Service Pac 5610 Microsoft Windows Informational _x000D_
indows Server 2003 (Service Pac 9701 (MS10-053) MicrosA remote codeHigh An
Theattacker could
flaw is due CVE-2010-2558
to exploit
memorythis by constructing
corruption. Succe
indows Server 2003 (Service Pac 12923 (APSB11-27) AdobA remote codeHigh _x000D_ CVE-2011-2447
CVE-2011-1266
MS11-052 to address
indows Server 2003 (Service Pac 9077 (MS10-035) MicrosA vulnerabilityMedium The vulnerability
_x000D_ CVE-2010-1257
indows Server 2003 (Service Pac 8836 Adobe ShockwaveA memory corru High An memory
_x000D_ corruption
CVE-2010-1292
_x000D_ a memory error in the CHTML
indows Server 2003 (Service Pac 9048 Microsoft WindowsA private key Medium A private key disclosure
_x000D_ CVE-2005-1794vulnerability is prese
indows Server 2003 (Service Pac 13065 (MS11-099) MicrosAn informationMedium The
Exploitation is achieved via a site
flaw is specific
CVE-2011-1992
to a cross scripting iss
maliciously-craft
indows Server 2003 (Service Pac 7306 Adobe ShockwaveAPvulnerabilit High The
The flaw
flaw is
is specific
CVE-2009-3464
specific to
to the
memoryprocessing of invali
corruption in
indows Server 2003 (Service Pac 4916 Microsoft WindowsThe legal noticInformational The
Ensureflawthat
liesboth
inCVE-1999-0590
legal
the notice text and
drag-and-drop captio
operation.
indows Server 2003 (Service Pac 10855 (MS10-090) CumulaMultiple vulneHigh Microsoft
_x000D_ has issued CVE-2010-3340
MS10-090C to resolve th
indows Server 2003 (Service Pac 7309 Adobe ShockwaveAPvulnerabilit High The flaw is specific
CVE-2009-3466
to the processing of invali
_x000D_
indows Server 2003 (Service Pac 13515 (MS12-023) MicrosA remote codeHigh The flaw lies
a error inside
exploitation thevulnerabilitie
of these print comm
indows Server 2003 (Service Pac 8639 Sun Java RuntimeCheck for Sun Informational Check
_x000D_for Sun Java Runtime Environment is in
indows Server 2003 (Service Pac 10165 Microsoft WindowShares were foInformational _x000D_
_x000D_ a memory error in the SLayou
indows Server 2003 (Service Pac 10551 (APSB10-25) AdobeMultiple code High Multiple
_x000D_ code CVE-2010-3653
execution vulnerabilities
C are p
indows Server 2003 (Service Pac 11267 (MS11-003) CumulaMultiple vulneHigh The vendor hasCVE-2010-3971
_x000D_ provided MS11-003C to addre
indows Server 2003 (Service Pac 13735 Microsoft WordpadA denial of se High The flaw
_x000D_ lies in a null pointer reference. Succ
indows Server 2003 (Service Pac 7489 Adobe Flash PlayeA data injecti High A data injection
_x000D_ CVE-2009-3796
vulnerability is present in som
indows Server 2003 (Service Pac 7725 (MS10-002) MicrosA remote codeHigh A remote
_x000D_ code CVE-2010-0244
_x000D_ the Vector Markup Language
indows Server 2003 (Service Pac 11788 (MS11-018) MicroA remote codeHigh The flaw resides
_x000D_ CVE-2011-0346
in the mshtml.dll componen
_x000D_ CVE-2009-2655
indows Server 2003 (Service Pac 13663 (APSB11-21) VulneMultiple vulneHigh The update
_x000D_ provided
CVE-2011-2130
indows Server 2003 (Service Pac 11249 (MS11-003) MicrosA remote codeHigh The vulnerability
_x000D_ CVE-2011-0035
_x000D_ a serialization error for untrus
indows Server 2003 (Service Pac 15051 (MS13-037) MicrosAn informationMedium The flaw is dueCVE-2013-1297
_x000D_ provided
CVE-2013-1372
indows Server 2003 (Service Pac 14845 Adobe Flash Play A remote codeHigh The flaw involves
_x000D_ CVE-2013-2555
vectors that leverage an "o
indows Server 2003 (Service Pac 15162 (MS13-047) CumulaMultiple vulnerHigh Microsoft has provided
_x000D_ CVE-2013-3110MS13-047
C to address
indows Server 2003 (Service Pac 7497 Adobe Flash PlayeMultiple vulneHigh Multiple vulnerabilities
CVE-2009-3800are present in some v
indows Server 2003 (Service Pac 4615 Administrator Us Members of the High Under
_x000D_Microsof CVE-1999-0535
_x000D_ CVE-2009-3671
A remote provided
code CVE-2010-4308
by Adobe
execution CbulletinisAPSB
vulnerability pres
_x000D_ lies inCVE-2013-3139
indows Server 2003 (Service Pac 10478 (APSA10-04) AdobA code executiHigh A code execution CVE-2010-3653
vulnerability is present in s
indows Server 2003 (Service Pac 5596 Microsoft WindowsThe "DCOM: Mac Informational The "DCOM: Machine Launch Rest
_x000D_
_x000D_ CVE-2011-1345
indows Server 2003 (Service Pac 7723 (MS10-002) MicrosAn informationMedium An XSS
_x000D_ filter bypass
CVE-2009-4074
indows Server 2003 (Service Pac 8840 Adobe ShockwaveA code executiHigh A memory corruption
_x000D_ CVE-2010-0986
indows Server 2003 (Service Pac 8839 Adobe ShockwaveAPbuffer overf High A buffer overflow
_x000D_ CVE-2010-0987
condition can occur when
_x000D_ provided
CVE-2013-0504
_x000D_ CVE-2010-1287
indows Server 2003 (Service Pac 13855 (MS12-043) VulnerA vulnerabilit High Microsoft
indows Server 2003 (Service Pac 10894 (MS10-090) MicroA remote codeHigh The vulnerability
_x000D_ CVE-2010-3346
_x000D_ an error with the use of Telne
_x000D_ lies inCVE-2012-0161
an error while calculating a bu
indows Server 2003 (Service Pac 14432 Adobe Macromedia An obsolete veInformational An obsolete version of Adobe Macromedia F
_x000D_
a memory error in the vtable
_x000D_
indows Server 2003 (Service Pac 9873 (APSB10-20) AdobA pointer offs High Successful
Successful exploitation
CVE-2010-2867
exploitation of
of these
these vulnerabilitie
vulnerabilitie
indows Server 2003 (Service Pac 9822 Microsoft WindowsA security bypLow A security bypass vulnerability is present in s
_x000D_
indows Server 2003 (Service Pac 11767 (MS11-031) VulnerA vulnerabilit High _x000D_ CVE-2011-0663
indows Server 2003 (Service Pac 8841 Adobe ShockwaveAPcode executiHigh A memory corruption
CVE-2010-0130
error can occur (via int
indows Server 2003 (Service Pac 5595 Microsoft WindowsThe "DCOM: Mac Informational The "DCOM: Machine Access Rest
_x000D_
indows Server 2003 (Service Pac 12483 (APSB11-19) AdobA remote codeHigh The flaw is specific
_x000D_ CVE-2011-2423
indows Server 2003 (Service Pac 14527 Adobe Flash PlayeA remote codeHigh The flaw is due to how the application handle
_x000D_
_x000D_
_x000D_ CVE-2011-2419
indows Server 2003 (Service Pac 13632 (MS12-034) MicroA remote codeHigh This particular
_x000D_ CVE-2011-3402
flaw is used in the wild as part
indows Server 2003 (Service Pac 9704 (MS10-053) MicrosAn informationMedium An attacker
The could
CVE-2010-1258
flaw is specific exploit the vulnerability
to memory corruption inby
indows Server 2003 (Service Pac 6936 Microsoft InterneA vulnerabilityLow A vulnerability
The CVE-2009-2433
is present
registry values underin Microsoft
this key wereInterne
obtai
indows Server 2003 (Service Pac 8546 (MS10-022) VulnerA remote codeHigh If
A aremote
malicious
codeWeb
CVE-2010-0483
site displayed
execution a specially
vulnerability c
is pres
indows Server 2003 (Service Pac 14618 (MS13-008) MicroA use-after-fr High In-the-wild
CVE-2012-4792
has been observed in
_x000D_ CVE-2013-0635
indows Server 2003 (Service Pac 9723 (MS10-053) CumulaA remote codeHigh Microsoft
CVE-2010-1258
indows Server 2003 (Service Pac 15043 (MS13-037) MicrosA remote codeHigh The flaw is due CVE-2013-1311
to how an object
A remote code execution vulnerability in memory
is pres
_x000D_ lies inCVE-2013-3113
indows Server 2003 (Service Pac 5007 Microsoft WindowsA vulnerabilit Low Microsoft
The Windows
flaw lies 2000,
in the Link XP, and Vista
Properties. are a
Successfu
_x000D_ CVE-2011-0036
indows Server 2003 (Service Pac 10615 Microsoft Data Acc
A remote codeHigh _x000D_ CVE-2010-4182
_x000D_ CVE-2012-0768
indows Server 2003 (Service Pac 7677 (MS10-002) MicrosA code executiHigh Disabling
_x000D_ JavaScipt,
CVE-2010-0249
while enabling DEP, will i
_x000D_ CVE-2013-2728
_x000D_ CVE-2012-5274
_x000D_ an error with the handling of
_x000D_ provided
CVE-2012-4172
indows Server 2003 (Service Pac 10893 (MS10-090) MicroA remote codeHigh The vulnerability
_x000D_ CVE-2010-3345
CVE-2011-1999
indows Server 2003 (Service Pac 13144 Microsoft WindowsA denial of serHigh A denial of service vulnerabilit
_x000D_ CVE-2009-1917
to a memory corruption c
indows Server 2003 (Service Pac 9081 (MS10-035) MicrosA vulnerabilityHigh The vulnerability
_x000D_ CVE-2010-1262
indows Server 2003 (Service Pac 6003 Microsoft WindowOne or more us Informational One or more user accounts have never logge
_x000D_
_x000D_ CVE-2010-3328
the handling
exploitation of previously
of these de
vulnerabilitie
indows Server 2003 (Service Pac 9872 (APSB10-20) AdobA memory corru High CVE-2010-2866
_x000D_
indows Server 2003 (Service Pac 10938 (MS11-003) MicroA remote codeHigh The flaw occurs
_x000D_ CVE-2010-3971
due to Internet Explorer han
indows Server 2003 (Service Pac 13462 Microsoft WindowsA privilege es Medium The flaw lies inCVE-2010-1886
indows Server 2003 (Service Pac 6879 Microsoft WindowThe Microsoft Informational The
Successful exploitation ofcomputer
Microsoft Windows these vulnerabilitie
indows Server 2003 (Service Pac 14617 (MS13-008) SecuriA use-after-freHigh Microsoft
indows Server 2003 (Service Pac 12703 Microsoft WindowAn insecure li High The flaw
_x000D_ is by a
CVE-2010-3143
design weakness exhibited d
_x000D_ CVE-2012-1545
_x000D_ a memory error in the CPaste
indows Server 2003 (Service Pac 5859 Windows User ProUser profiles Informational User
_x000D_ profiles were found on the Windows ho
indows Server 2003 (Service Pac 12750 (MS11-081) MicrosA remote codeHigh The flaw is specific
_x000D_ CVE-2011-1993
_x000D_ is due CVE-2013-1347
to how objects in memory ar
_x000D_ CVE-2010-4308
to memory corruption. Su
_x000D_ a memory error in the COmW
_x000D_ CVE-2010-0129
error can occur (via int
_x000D_ lies inCVE-2011-0663
a memory corruption in the e
_x000D_ CVE-2012-0751
indows Server 2003 (Service Pac 13622 (MS12-034) CombinMultiple vulneHigh Microsoft
Successfulhas provided
CVE-2011-3402
exploitation MS12-034
of C vulnerabilitie
these to address
to improper restriction on the
indows Server 2003 (Service Pac 5733 Microsoft WindowThe host has aInformational The host has at least one shar
_x000D_
_x000D_ CVE-2013-0633
indows Server 2003 (Service Pac 7817 (MS10-035) MicrosA vulnerabilit Medium A vulnerability CVE-2010-0255
exists
The flaw lies in the access in multiple versions
to an object in Mic
me
indows Server 2003 (Service Pac 9065 (MS10-035) CumulaA vulnerabilityHigh The vulnerability
_x000D_ CVE-2010-1262
is in the way Cthat Internet E
indows Server 2003 (Service Pac 7196 (MS09-054) HTMLA vulnerabilit High An attacker could
_x000D_ CVE-2009-2529
indows Server 2003 (Service Pac 14539 Adobe ShockwaveMultiple vulneHigh Multiple
_x000D_ code CVE-2012-6270
execution vulnerabilities
C are p
indows Server 2003 (Service Pac 7471 Adobe Flash PlayeA JPEG data paHigh A JPEG data parsing
_x000D_ CVE-2009-3794
The flaw lies inCVE-MAP-NOMA
the Selection object. Successf
the access
exploitation to deleted
of these elemen
vulnerabilitie
indows Server 2003 (Service Pac 9079 (MS10-035) MicroA vulnerabilityHigh The
4. A vulnerability CVE-2010-1260
service is using is in the way
a user that Internet
account not permE
indows Server 2003 (Service Pac 4617 Microsoft WindowsA Microsoft WiInformational 5. A service is installed that should not
Successful exploitation of these vulnerabilitie be ins
_x000D_ CVE-2011-2000
_x000D_ CVE-2013-0646
indows Server 2003 (Service Pac 14239 Microsoft WindowsMicrosoft has Medium While not technically a security issue, the dig
_x000D_
indows Server 2003 (Service Pac 9410 Microsoft InterneA remote denialLow A remote denial of service vulnerability is pre
_x000D_
_x000D_
_x000D_ CVE-2012-0757
indows Server 2003 (Service Pac 9871 (APSB10-20) Adobe A denial of se Medium _x000D_ CVE-2010-2865
indows Server 2003 (Service Pac 12484 (APSB11-19) AdobA remote codeHigh The flaw
_x000D_ is specific
CVE-2011-2422
_x000D_ CVE-2010-1261
indows Server 2003 (Service Pac 14705 (MS13-009) Micros An informationMedium The flaw lies inCVE-2013-0015
indows Server 2003 (Service Pac 14926 (MS13-028) Micros A remote codeHigh The flaw lies
a use-after-free
exploitation condition. Su
of this vulnerability w
indows Server 2003 (Service Pac 9874 (APSB10-20) Adobe A denial of se High _x000D_ CVE-2010-2868
indows Server 2003 (Service Pac 14849 (MS13-021) MicroA remote codeHigh The flaw is dueCVE-2013-1288
indows Server 2003 (Service Pac 14979 Oracle Java SE CriMultiple vulnerHigh Multiple
CVE-2013-2383
are present
C in some v
CVE-2012-4781
indows Server 2003 (Service Pac 13646 (APSB11-05) Vulne An unspecifiedHigh The update
_x000D_ CVE-2011-0609
provided by Adobe bulletin APSB
_x000D_ the access of improperly initia
indows Server 2003 (Service Pac 13633 (MS12-035) VulneMultiple vulneHigh Microsoft has provided
_x000D_ CVE-2012-0160
indows Server 2003 (Service Pac 14166 (MS12-063) Cumula A code executiHigh Microsoft
CVE-2012-1529
_x000D_ CVE-2010-1284
_x000D_ a memory error in the CObjec
indows Server 2003 (Service Pac 7712 Adobe ShockwaveAn unspecifiedHigh An unspecifiedCVE-2009-4002
_x000D_ vulnerability is present in som
CVE-2013-0087
indows Server 2003 (Service Pac 14053 (APSB12-17) Vulne Multiple vulneHigh The
The update
flaw liesprovided
inCVE-2012-2043
the VMLby object.
AdobeCbulletin APSB
Successful ex
indows Server 2003 (Service Pac 7098 (MS09-045) Micros A vulnerabilit High The vulnerability
_x000D_ CVE-2009-1920
exists in the way that the JS
indows Server 2003 (Service Pac 13661 (APSB11-18) Vulne A memory corru High The update
_x000D_ provided
CVE-2011-2110
_x000D_ has release
CVE-2010-0808
MS10-071 C to address t
indows Server 2003 (Service Pac 4434 Enumerate Admini List the users Informational Under Microsoft Windows role-b
_x000D_
indows Server 2003 (Service Pac 6652 Microsoft WindowThe "PasswordInformational The setting on the host does not comply with
_x000D_
_x000D_ CVE-2010-1291
_x000D_ CVE-2011-2001
indows Server 2003 (Service Pac 14540 Microsoft InterneA denial of serHigh The flaw is due to how the application handle
_x000D_
indows Server 2003 (Service Pac 13762 (MS12-037) Micros An informationMedium The flaw lies inCVE-2012-1873
_x000D_ CVE-2010-4309
to memory corruption. Su
_x000D_ CVE-2010-1281
indows Server 2003 (Service Pac 15050 (MS13-037) Micros A remote codeHigh The flaw is dueCVE-2013-0811
indows Server 2003 (Service Pac 6820 Adobe ShockwaveA critical vul High The flaw
_x000D_ is specific
CVE-2009-1860
to Adobe Shockwave Play
_x000D_ CVE-2012-0772
indows Server 2003 (Service Pac 12215 (MS11-050) Cumula Multiple vulnerHigh Succesful
CVE-2011-1246
_x000D_ CVE-2009-3673
indows Server 2003 (Service Pac 8328 (MS10-018) Micros A remote codeHigh The flaw can occur
_x000D_ CVE-2010-0490
_x000D_ CVE-2012-2034
_x000D_ CVE-2010-3331
indows Server 2003 (Service Pac 7172 (MS09-045) Vulner A vulnerabilityHigh The update
_x000D_ provided
CVE-2009-1920
indows Server 2003 (Service Pac 10346 (MS10-071) Micros An informationMedium An attacker who
_x000D_ CVE-2010-3324
successfully exploited this v
indows Server 2003 (Service Pac 15047 (MS13-037) Micros A remote codeHigh The flaw is dueCVE-2013-1308
_x000D_
indows Server 2003 (Service Pac 8691 Internet Explorer A cross-site scMedium A cross-site
The scripting
CVE-2010-1489
flaw is specific tovulnerability is present
memory corruption in
CVE-2013-1303
MS13-028
C to address
indows Server 2003 (Service Pac 13295 (MS12-010) Cumula VulnerabilitiesHigh Microsoft
CVE-2012-0010
MS12-010
C to address
indows Server 2003 (Service Pac 7726 (MS10-002) Micros A remote codeHigh A remote codeCVE-2010-0245
indows Server 2003 (Service Pac 13053 Adobe Flash Play A remote codeHigh A remote codeCVE-2011-4694
_x000D_ execution vulnerability
C is pres
indows Server 2003 (Service Pac 9854 (APSB10-20) Adobe Multiple vulneHigh Multiple
CVE-2010-2863
are present
C in some v
indows Server 2003 (Service Pac 15207 Oracle Java SE Cr Multiple vulnerHigh Multiple
CVE-2013-2470
are present
C in some v
_x000D_ CVE-2012-4163
indows Server 2003 (Service Pac 7495 Adobe Flash PlayeAn integer oveHigh An CVE-2009-3799
integer overflow
_x000D_ vulnerability is present in
indows Server 2003 (Service Pac 8835 Adobe ShockwaveA Anmemory corru
unspecified High An memory
_x000D_ corruption
in some CVE-2010-1280
versionserror can occur
of Adobe Flashwhen
Play
indows Server 2003 (Service Pac 13654 (APSB11-07) Vulne High The update provided
CVE-2011-0611
by Adobe bulletin
A remote code execution vulnerability is pres APSB
indows Server 2003 (Service Pac 13657 (APSB11-12) Vulne Multiple vulneHigh The update
_x000D_ provided
CVE-2011-0624
indows Server 2003 (Service Pac 10353 (MS10-071) Micros An informationMedium This vulnerability
thecan be explioted
access by constru
to an object in me
_x000D_ CVE-2009-3674
indows Server 2003 (Service Pac 15031 (MS13-038) SecuriA remote codeHigh Microsoft
CVE-2013-1347
MS13-038 to address
indows Server 2003 (Service Pac 6905 (MS09-034) MicroA vulnerabilit High The flaw lies inCVE-2009-1918
_x000D_ the method used by Microsoft
indows Server 2003 (Service Pac 7713 Adobe ShockwaveAn unspecifiedHigh An unspecifiedCVE-2009-4003
_x000D_ vulnerability is present in som
_x000D_ CVE-2010-2556
indows Server 2003 (Service Pac 8846 Adobe ShockwaveA code executiHigh A memory
_x000D_ corruption
CVE-2010-1289
indows Server 2003 (Service Pac 14671 (MS13-009) Cumula Multiple vulnerHigh Microsoft has provided
CVE-2013-0015
MS13-009
C to address
_x000D_
indows Server 2003 (Service Pac 13879 (MS12-043) MicroA remote codeHigh Current
A remoteintelligence
codeCVE-2012-1889
indicates
execution that active
vulnerability an f
is pres
a user-after-free error.
The flaw lies in the HTTP redirect operation. Succe
indows Server 2003 (Service Pac 7493 Adobe Flash Play A memory corru High A memory
This corruption
check only CVE-2009-3798
attemptsvulnerability is present
indows Server 2003 (Service Pac 13017 NetBIOS Null SessNetBIOS Null sInformational _x000D_
indows Server 2003 (Service Pac 11140 McAfee VirusSca McAfee VirusSc Informational McAfee VirusScan is running on the target ho
_x000D_
indows Server 2003 (Service Pac 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS bindings information was detected
indows Server 2003 (Service Pac 8969 Raw Socket Test Detect for opeInformational Detect for opened TCP port on
indows Server 2003 (Service Pac 8966 Raw Socket Test Detect for ICMInformational Detect _x000D_ for ICMP reply from tar
indows Server 2008 R2 (Service 1740 Microsoft WindowThe Do not al Informational This setting
_x000D_ c CVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2008 R2 (Service 1731 Microsoft Windows The Unsigned Idnformational _x000D_ CVE-MAP-NOMA
indows Server 2008 R2 (Service 1703 Clear Pagefile On The Microsoft Informational Default:
_x000D_Disabled.
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_ CVE-2000-0155
CVE-MAP-NOMA
indows Server 2008 R2 (Service 1757 Microsoft WindowThe Prompt use Informational This setting d CVE-MAP-NOMA
Se
_x000D_
_x000D_DisabledCVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 4010 Microsoft WindowThe Microsoft Informational The _x000D_ for this
value CVE-MAP-NOMA
indows Server 2008 R2 (Service 2911 Audit Object AcceThe
The Audit Obj Informational
User Rights NOTE:
"Generate security
NOTE: This
This check
audits" CVE-1999-0575
check
policyrequires
does notat
requires least
C Foundston
atmatch
least Foundston
the recom
indows Server 2008 R2 (Service 2958 User Rights Gener Informational _x000D_ CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2962 User Rights Profi The User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2885 Microsoft WindowThe Name-poliInformational Ensure_x000D_ permissions
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2918 User Rights BackupThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2008 R2 (Service 4000 Microsoft Windows The "Create glInformational _x000D_
NOTE: This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 4119 Windows FirewallThe Microsoft Informational The
_x000D_
indows Server 2008 R2 (Service 4018 Microsoft WindowOne or more Mi Informational Microsoft
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2883 Microsoft Windows The legal noti Informational _x000D_
Ensure that the legal notice text and caption
_x000D_
indows Server 2008 R2 (Service 2909 Audit Account MaThe Audit Acc Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_ This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2908 Microsoft WindowThe Audit Acc Informational _x000D_
NOTE: This check CVE-MAP-NOMA
_x000D_
A local denial Low vulnerability
escalation A local
The denial of
isvulnerability
present service
some be vulne
canversions
exploited
of Microsoft
by a proce
Wi
indows Server 2008 R2 (Service 5543 Enumerate EnableMicrosoft WinInformational Administrative shares areof
A hosts file configuration crea
a Windows Oper
_x000D_
CVE-MAP-NOMA
4. A service is using a user account not perm
indows Server 2008 R2 (Service 4618 Microsoft WindowThe "PasswordInformational The "PasswordCVE-1999-0535
_x000D_
indows Server 2008 R2 (Service 5859 Windows User ProU ser profiles Informational User
The Microsoft Windows User Account profiles were found on the Windows
HKEY_LOCAL_MACHINE\Software\Microsoft
Control option "Behavior ho
of the eleva
indows Server 2008 R2 (Service 5611 Microsoft Window Informational
The Microsoft Windows User Account
Control option "Behavior of the eleva
indows Server 2008 R2 (Service 5612 Microsoft WindowThe Microsoft Informational
Windows User Account
Control option "Admin Approval Mod
indows Server 2008 R2 (Service 5592 Microsoft Windows The User RightInformational The User Rights "Increase a pro
_x000D_
indows Server 2008 R2 (Service 5723 Wireshark or EtheWireshark or Et Informational Wireshark or Ethereal is installed on the targ
indows Server 2008 R2 (Service 10029 Windows Particula Search for file Informational Search for file with particular
A DNS configuration a
indows Server 2008 R2 (Service 13429 Windows DNS Conf A DNS configuInformational http://support.microsoft.com/default.aspx?s
indows Server 2008 R2 (Service 7232 Microsoft Windo The target's Informational The registry values CVE-MAP-NOMA
under this key were obtai
The Digitally sign communications
_x000D_
indows Server 2008 R2 (Service 9518 Mcafee VirusScanMcAfee VirusSc Informational _x000D_
McAfee VirusScan is installed on the host and
_x000D_
indows Server 2008 R2 (Service 5250 Microsoft WindowAllow ICMP redInformational Ensure permissions
This check comply
only attempts to with enterprise
establish a NetBIp
indows Server 2008 R2 (Service 12986 Microsoft WindowSMB shares caInformational SMB shares can be accessed anonymously on
_x000D_
indows Server 2008 R2 (Service 11987 XMPP Service DetXMPP service w Informational XMPP
_x000D_ service was detected on the host.
indows Server 2008 R2 (Service 12108 TLS-SSL Server UnUntrusted TLS/Informational This could also indicate that a TLS/SSL man-in
_x000D_
_x000D_
_x000D_
_x000D_
indows Server 2008 R2 (Service 14954 Microsoft TerminaThe target is Informational
indows Server 2008 R2 (Service 5690 Web Server Self-SOne or more se Informational One or more self-signed TLS/SSL X.509 certifi
_x000D_
indows Server 2008 R2 (Service 7783 Microsoft WindowThe server is Informational _x000D_
The server is running the Microsoft Windows
_x000D_
indows Server 2008 R2 (Service 10224 Hidden WWW SerHidden WWWInformational
s Hidden WWW server name detected. Web se
_x000D_
indows Server 2008 R2 (Service 11033 crossdomain.xml cProssdomain.xm Informational crossdomain.xml
_x000D_ policy file was detected on
indows Server 2008 R2 (Service 11258 HTTP Server Set HTTP server haInformational HTTP server handling session using set-cooki
_x000D_
indows Server 2008 R2 (Server, 864 NetBIOS NBTSTATIt is possible Informational Where target_system
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1623 Microsoft WindowThe Network Co Informational Manages object CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1618 Microsoft WindowThe IIS Admin Informational Necessary for CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1631 Microsoft WindowThe Server serInformational Supports file, CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1625 Microsoft WindowThe Print SpoolInformational Loads files to CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1628 Microsoft WindowThe Remote Reg Informational Enables remote CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1661 Microsoft WindowThe DHCP Clien Informational Manages netwo CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1633 Microsoft WinNT/A list of the s Informational The services l CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1634 Microsoft WindowThe Task SchedInformational Enables a userCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1660 Microsoft WindowThe DNS ClientInformational Resolves and cCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1635 Microsoft WindowThe TCP/IP NetInformational Enables supporCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1701 Do Not Display LaThe Microsoft Informational With this poli CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1699 Microsoft WindowThe Microsoft Informational Microsoft
indows Server 2008 R2 (Server, 1722 Microsoft Windo The host has tInformational If the two or more network interfaces are co
indows Server 2008 R2 (Server, 1695 Allow Undock WitThe Microsoft Informational Determines
_x000D_ whe CVE-2002-0157 C
indows Server 2008 R2 (Server, 1731 Microsoft Windows The Unsigned Idnformational _x000D_ CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1714 Microsoft WindowThe version ofInformational Microsoft releases
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1671 Microsoft WindowThe Security AInformational Stores securityCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1737 Microsoft Windows The Digitally Informational When enabled,CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1681 Microsoft Windo The Management Informational Provides a comCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1662 Microsoft WindowThe Cryptograp Informational Provides threeCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1680 Microsoft WindowThe Windows Informational
Ti Maintains
_x000D_ dateCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1712 Microsoft Windows The Microsoft Informational It is highly recommened
CVE-MAP-NOMAthat users maintain
indows Server 2008 R2 (Server, 1740 Microsoft WindowThe Do not al Informational This setting c CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1663 Microsoft WindowThe COM+ Syste Informational Manages
indows Server 2008 R2 (Server, 1703 Clear Pagefile On The Microsoft Informational Default: Disabled.
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1694 Microsoft Windo The Microsoft Informational Active
_x000D_ Data ObCVE-MAP-NOMA
indows Server 2008 R2 (Server, 2836 Unsigned Non-driv The unsigned nInformational Default: Warn CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1757 Microsoft WindowThe Prompt use Informational This setting d CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1787 Microsoft WindowThe Lockout ThInformational Determines the number of failed
indows Server 2008 R2 (Server, 1755 Number Of PrevioThe Number ofInformational Determines the CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2872 Bluescreen Auto The system is Informational The blue screeCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1754 Restrict Floppy A The restrict fl Informational This setting d CVE-1999-0594
indows Server 2008 R2 (Server, 2439 Microsoft WindowThe Remote Pro Informational This service prCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1803 Microsoft WindowThe Microsoft Informational This policy se CVE-1999-0535
indows Server 2008 R2 (Server, 2442 Microsoft Windows The Distributed Informational This service maCVE-MAP-NOMA
indows Server 2008 R2 (Server, 2441 Microsoft WindowThe Shell HardInformational This service prCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1785 Microsoft WindowMicrosoft Wind Informational The number ofCVE-1999-0582
indows Server 2008 R2 (Server, 2443 Microsoft WindowThe DistributeInformational This service coCVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2880 Microsoft Windows The "Network Informational
S Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2877 Microsoft WindowThe ComputerInformational
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1752 Restrict CD-ROM TAhe restrict C Informational By default, an CVE-1999-0594
indows Server 2008 R2 (Server, 2873 Microsoft WindowThe system is Informational The cdrom auto
_x000D_ CVE-2000-0155
indows Server 2008 R2 (Server, 1759 Microsoft WindowThe minimum Informational
indows Server 2008 R2 (Server, 1850 Microsoft WindowThe maximumInformational
Se
_x000D_
indows Server 2008 R2 (Server, 1749 .NET Passport CreThe Do not all Informational Default: Disabled
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1742 Microsoft Windows The Digitally Informational When
_x000D_enabled,CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2414 Microsoft WindowThe AutomaticInformational The Automatic
indows Server 2008 R2 (Server, 1794 Enable ICMP RediThe Enable ICM Informational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2828 Default Guest Ac The guest accoInformational An account nam
indows Server 2008 R2 (Server, 1758 Microsoft WindowThe Smart cardInformational Force Logoff - Users are automatically logged
indows Server 2008 R2 (Server, 2875 Drive Autorun PolThe system is Informational The autorun orCVE-MAP-NOMA
indows Server 2008 R2 (Server, 2415 Microsoft WindowThe COM+ Event Informational This service prCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1804 Microsoft Windows The Microsoft Informational This policy s CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1756 Require DC authen The Require Do Informational When enabled,CVE-2002-0157
indows Server 2008 R2 (Server, 2430 Microsoft WindowThe WorkstatioInformational This service roCVE-MAP-NOMA
indows Server 2008 R2 (Server, 2874 Microsoft WindowFor new users,Informational The autorun orCVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 3976 Microsoft Windows The permissionInformational CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4118 Windows FirewallThe Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2919 User Rights BypasThe User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2965 User Rights RestorThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2914 Audit System EvenThe Audit Sys Informational NOTE:
_x000D_This check
CVE-1999-0575
indows Server 2008 R2 (Server, 3995 Microsoft WindowAnonymous user Informational http://www.microsoft.com/resources/docum
indows Server 2008 R2 (Server, 2888 Microsoft WindowThe Perform Ro Informational Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2908 Microsoft WindowThe Audit Acc Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2913 Audit Privilege UsThe Audit Pri Informational
_x000D_ NOTE:
_x000D_This check
CVE-1999-0575
indows Server 2008 R2 (Server, 2987 Power Users Grou Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2885 Microsoft WindowThe Name-poliInformational Ensure permissions
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4108 Security Center i The Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2917 User Rights AllowThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2887 Microsoft WindowThe Remove Adm Informational Ensure permissions
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4102 WebDAV Basic Aut The Microsoft Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4136 Windows FirewallTheS Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2962 User Rights Profi The User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4005 Microsoft Windows The "Log on asInformational NOTE:
_x000D_This check
CVE-1999-0534
indows Server 2008 R2 (Server, 3994 Microsoft Windows The file permi Informational CVE-MAP-NOMA
indows Server 2008 R2 (Server, 3316 Microsoft WindowIt was possibl Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4113 Windows FirewallTheS Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2966 User Rights Shut The User Righ Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 3984 Microsoft Windows The permissionInformational CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2910 Audit Logon EventThe Audit Log Informational The Audit LogoCVE-1999-0575
_x000D_
indows Server 2008 R2 (Server, 2964 User Rights ReplaThe User RightInformational NOTE:
_x000D_ This checkCVE-MAP-NOMA
indows Server 2008 R2 (Server, 2912 Audit Policy ChanThe Audit Pol Informational NOTE: This check CVE-1999-0575
indows Server 2008 R2 (Server, 4132 Windows FirewallThe Microsoft Informational The Microsoft
indows Server 2008 R2 (Server, 2883 Microsoft Windows The legal noti Informational Ensure
indows Server 2008 R2 (Server, 4004 Microsoft Windows The "Impersona Informational NOTE:
indows Server 2008 R2 (Server, 4010 Microsoft WindowThe Microsoft Informational The value for this
indows Server 2008 R2 (Server, 2911 Audit Object AcceThe Audit Obj Informational NOTE:
_x000D_ This CVE-1999-0575
check requires C Foundston
at least
indows Server 2008 R2 (Server, 2915 User Rights Acce The User Righ Informational NOTE:
indows Server 2008 R2 (Server, 2970 User Rights LogonThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2909 Audit Account MaThe Audit Acc Informational NOTE: This check CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4104 USB Block StorageThe Microsoft Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4103 Basic AuthenticatThe Microsoft Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2918 User Rights BackupThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2920 User Rights Chan The User Righ Informational NOTE:
The User Rights "Generate security
NOTE: This
audits" check
This checkCVE-MAP-NOMA
requires
does notat
policyrequires least
least Foundston
atmatch Foundston
the recom
indows Server 2008 R2 (Server, 2958 User Rights Gener Informational CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4120 Windows FirewallThe Microsoft Informational _x000D_
indows Server 2008 R2 (Server, 4000 Microsoft Windows The "Create glInformational NOTE: This check CVE-MAP-NOMA
indows Server 2008 R2 (Server, 3959 Microsoft Windows The AdministrInformational The users detected within the
_x000D_
indows Server 2008 R2 (Server, 2957 User Rights Log OnThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 4007 Microsoft WindowThe "Adjust meInformational NOTE: This check CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS
indows Server 2008 R2 (Server, 11192 Microsoft RemoteMicrosoft Remo Informational Microsoft
indows Server 2008 R2 (Server, 14709 (MS13-016) Micros A privilege es Medium The flaw lies inCVE-2013-1257
indows Server 2008 R2 (Server, 11534 Microsoft InterneA spoofing vulnMedium The flaw is specific to a weakness when upda
indows Server 2008 R2 (Server, 15161 (MS13-049) Micros A denial of se High A denial of serCVE-2013-3138
_x000D_
indows Server 2008 R2 (Server, 13765 (MS12-037) Micros An informationMedium The flaw lies inCVE-2012-1858
_x000D_ the sanitization of HTML elem
indows Server 2008 R2 (Server, 15014 (MS13-028) Micros A remote codeHigh The
The flaw liesvalues
registry inCVE-2013-1338
a use-after-free condition.
under this key Su
were obtai
indows Server 2008 R2 (Server, 7555 Microsoft WindowThe registry Informational _x000D_
indows Server 2008 R2 (Server, 15056 (MS13-040) MicroA spoofing vulMedium The flaw is dueCVE-2013-1336
indows Server 2008 R2 (Server, 8691 Internet Explorer A cross-site scMedium A cross-site scripting
_x000D_ CVE-2010-1489
indows Server 2008 R2 (Server, 13615 (MS12-032) MicroA security bypLow The flaw lies inCVE-2012-0174
the way the firewall handles o
_x000D_
indows Server 2008 R2 (Server, 14175 Update Rollup forMultiple remotMedium Multiple
indows Server 2008 R2 (Server, 4658 Microsoft IIS Det Microsoft InteInformational If the DisplayName and ImagePath keys exist
_x000D_
indows Server 2008 R2 (Server, 14927 (MS13-028) Micros A remote codeHigh The flaw lies inCVE-2013-1304
indows Server 2008 R2 (Server, 9070 (MS10-040) Vulner A vulnerabilityHigh The vulnerability CVE-2010-1256
is due to improper parsing o
indows Server 2008 R2 (Server, 4427 Check users who Determined tha Informational Some
indows Server 2008 R2 (Server, 9410 Microsoft InterneA remote denial Low A remote denial of service vulnerability is pre
_x000D_
indows Server 2008 R2 (Server, 5859 Windows User ProUser profiles Informational User profiles were found on the Windows ho
_x000D_
indows Server 2008 R2 (Server, 14216 (MS12-069) MicroA denial of serMedium The flaw lies inCVE-2012-2551
the handling of crafted sessio
indows Server 2008 R2 (Server, 15212 Update Rollup forUnknown vulner Medium Unknown
indows Server 2008 R2 (Server, 14685 (MS13-016) Micros A privilege es Medium The flaw
_x000D_ lies inCVE-2013-1256
indows Server 2008 R2 (Server, 14217 (MS12-069) Vulner A denial
The of serMedium
Microsoft Microsoft
Windows User Account has provided
CVE-2012-2551
MS12-069oftothe
Control option "Behavior address
eleva
indows Server 2008 R2 (Server, 5612 Microsoft Window Informational The flaw is due to how the application handle
indows Server 2008 R2 (Server, 13106 Microsoft InterneAn informationMedium _x000D_ CVE-2011-4689
indows Server 2008 R2 (Server, 15070 (MS13-046) Micros A privilege es High The flaw
_x000D_ lies inCVE-2013-1332
the Microsoft DirectX graphic
indows Server 2008 R2 (Server, 14840 (MS13-027) Micros A privilege es High The flaw is dueCVE-2013-1286
indows Server 2008 R2 (Server, 14675 (MS13-016) Vulner Multiple vulneMedium Microsoft
CVE-2013-1248
MS13-016
C to address
indows Server 2008 R2 (Server, 14726 (MS13-016) Micros A privilege es Medium The
The Microsoft Windows User Account flawControl option "Switch toerror.
a race condition
HKEY_LOCAL_MACHINE\Software\Microsoft Succes
the secure
indows Server 2008 R2 (Server, 5617 Microsoft Window Informational _x000D_
indows Server 2008 R2 (Server, 7139 Microsoft InterneA vulnerabilit Medium A vulnerabilityCVE-2009-3003
_x000D_ lies inCVE-2013-1269
indows Server 2008 R2 (Server, 9087 (MS10-040) MicroA vulnerabilityHigh The vulnerability
_x000D_ CVE-2010-1256
is due to improper parsing o
indows Server 2008 R2 (Server, 15185 (MS13-050) Vulner A privilege es High Microsoft
The flaw is due to whenMS13-050
has provided
the Proxy address an
indows Server 2008 R2 (Server, 13762 (MS12-037) Micros An information Medium The
The Digitally sign communications flaw liespolicy
inCVE-2012-1873
thesetting
handling ofdetected
(always) was null bytes.
onSuth
indows Server 2008 R2 (Server, 5610 Microsoft Windows Informational
indows Server 2008 R2 (Server, 15194 (2854544) UpdateThis software Low This software update enables
_x000D_
indows Server 2008 R2 (Server, 10797 McAfee VirusScanMcAfee VirusSc Informational _x000D_
indows Server 2008 R2 (Server, 14383 Microsoft WindowThe
An obsolete
MicrosoftveInformational An obsolete
Windows User Account version of"Run
Microsoft
Control option Windows is
all administrator
_x000D_
A remoteflaw lies inCVE-2013-1251
code aexecution
race condition error. Succes
indows Server 2008 R2 (Server, 10029 Windows Particula Search for file Informational Search
_x000D_ for file with particular a
indows Server 2008 R2 (Server, 6936 Microsoft InterneAA vulnerabilityLow A vulnerability
privilege escalation vulnerability
The isvulnerabilityCVE-2009-2433
present someis present in Microsoft
canversions
be exploited by aInterne
of Microsoftproce
Wi
indows Server 2008 R2 (Server, 9839 Microsoft Windows Medium _x000D_ CVE-2010-1886
indows Server 2008 R2 (Server, 5256 Microsoft Windows Screen saver gInformational Ensure permissions comply with enterprise p
indows Server 2008 R2 (Server, 5474 Display all detec Informational Informational Informational script to display
indows Server 2008 R2 (Server, 5543 Enumerate EnableMicrosoft WinInformational Administrative shares are crea
indows Server 2008 R2 (Server, 4434 Enumerate Admini List the users Informational Under Microsoft Windows role-b
indows Server 2008 R2 (Server, 4138 Windows FirewallThe Microsoft Informational
indows Server 2008 R2 (Server, 15184 (MS13-050) Micros A privilege es High A privilege es CVE-2013-1339
_x000D_
indows Server 2008 R2 (Server, 15069 (MS13-046) Vulner Multiple vulneHigh Microsoft has provided
CVE-2013-1332
MS13-046
C to address
indows Server 2008 R2 (Server, 7232 Microsoft Windo The target's Informational _x000D_ CVE-MAP-NOMA
indows Server 2008 R2 (Server, 5254 Microsoft Windows Windows file n
Informational Ensure
The Microsoft Windows User Account permissions comply
Control option "Adminwith enterprise
Approval Modp
_x000D_ flaw lies inCVE-2013-1253
indows Server 2008 R2 (Server, 6982 Microsoft InternetA vulnerabilit Medium The
_x000D_ flaw is specific
CVE-2009-2655
indows Server 2008 R2 (Server, 15051 (MS13-037) Micros An informationMedium The flaw is dueCVE-2013-1297
indows Server 2008 R2 (Server, 13143 Microsoft Windows A local denial Low A local denial of service vulne
_x000D_
indows Server 2008 R2 (Server, 14844 (MS13-027) Vulner Multiple vulneHigh Microsoft
_x000D_ has provided CVE-2013-1287
MS13-027
C to address
indows Server 2008 R2 (Server, 5595 Microsoft Windows The "DCOM: Mac Informational The
_x000D_ "DCOM: Machine Access Rest
indows Server 2008 R2 (Server, 5606 Microsoft WindowThe Security EInformational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 10804 Windows Installe It was possibl Informational It was
_x000D_ possible to enumerate i
indows Server 2008 R2 (Server, 13392 Microsoft InterneA denial of serMedium The
_x000D_ lies in a memory
CVE-2012-1545
indows Server 2008 R2 (Server, 13043 Microsoft InterneAn informationLow An
4. Ainformation CVE-2002-2435
service is usingdisclosure
a user vulnerability is pre
account not perm
indows Server 2008 R2 (Server, 4617 Microsoft Windows A Microsoft WiInformational 5. A service is installed that should not be ins
_x000D_
indows Server 2008 R2 (Server, 5250 Microsoft WindowAllow ICMP redInformational Ensure_x000D_ permissions comply with enterprise p
A hosts flawfile
liesconfiguration
inCVE-2013-1249
of a Windows Oper
indows Server 2008 R2 (Server, 13430 Windows Hosts FiA hosts file c Informational _x000D_
indows Server 2008 R2 (Server, 9518 Mcafee VirusScanMcAfee VirusSc Informational McAfee VirusScan is installed
A DNS configuration on theOperating
of a Windows host and
indows Server 2008 R2 (Server, 13429 Windows DNS Conf A DNS configuInformational _x000D_
indows Server 2008 R2 (Server, 14567 (MS13-004) MicroAn informationMedium The flaw lies inCVE-2013-0001
indows Server 2008 R2 (Server, 6879 Microsoft WindowThe Microsoft Informational The _x000D_ Microsoft Windows computer
indows Server 2008 R2 (Server, 12840 Microsoft Windows Multiple DNS pLow Multiple
indows Server 2008 R2 (Server, 14839 (MS13-027) Micros A privilege es High The
_x000D_ flaw is dueCVE-2013-1285
indows Server 2008 R2 (Server, 13874 (MS12-049) MicroAn informationMedium The flaw lies inCVE-2012-1870
the TLS encryption protocol. S
indows Server 2008 R2 (Server, 5596 Microsoft Windows The "DCOM: Mac Informational _x000D_
The "DCOM: Machine Launch Rest
indows Server 2008 R2 (Server, 15054 (MS13-040) Vulner Multiple securHigh Microsoft has provided
CVE-2013-1336
MS13-040
C to address
indows Server 2008 R2 (Server, 5533 Microsoft WindowA list of loca Informational A list of local groups was obta
_x000D_
indows Server 2008 R2 (Server, 13876 (MS12-049) Vulner An informationMedium Microsoft has provided
CVE-2012-1870
MS12-049 to address
indows Server 2008 R2 (Server, 5592 Microsoft Windows The
The User RightInformational
Microsoft The User
Windows User Account Rightsoption
"Increase a pro of the eleva
Control "Behavior
indows Server 2008 R2 (Server, 14841 (MS13-027) Micros A privilege es High The flaw is dueCVE-2013-1287
indows Server 2008 R2 (Server, 14938 (MS13-029) MicroA remote codeHigh The flaw lies inCVE-2013-1296
indows Server 2008 R2 (Server, 13462 Microsoft Windows A privilege es Medium The flaw lies inCVE-2010-1886
_x000D_ lies inCVE-2013-1267
indows Server 2008 R2 (Server, 9822 Microsoft Windows A security bypLow A security bypass vulnerability is present in s
_x000D_
indows Server 2008 R2 (Server, 14705 (MS13-009) Micros An informationMedium The flaw
_x000D_ lies inCVE-2013-0015
the handling of the Shift JIS ch
The flaw
is due atorace
whencondition error.
the Proxy Succes
address an
indows Server 2008 R2 (Server, 14656 Microsoft InternetA denial of serMedium _x000D_ CVE-2013-1451
indows Server 2008 R2 (Server, 11140 McAfee VirusSca McAfee VirusSc Informational McAfee VirusScan is running on the target ho
indows Server 2008 R2 (Server, 11141 Microsoft Windo The Microsoft Informational The Microsoft Windows computer
_x000D_
indows Server 2008 R2 (Server, 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS
indows Server 2008 R2 (Server, 8490 NetBIOS Names InMicrosoft Net Informational Microsoft NetBIOS names information was d
indows Server 2008 R2 (Server, 8969 Raw Socket Test Detect for opeInformational Detect for opened TCP port on
indows Server 2008 R2 (Server, 8966 Raw Socket Test Detect for ICMInformational Detect
_x000D_ for ICMP reply from tar
indows Server 2008 R2 (Server, 7783 Microsoft WindowThe server is Informational The server is running the Microsoft Windows
_x000D_
indows Server 2008 R2 (Server, 7897 Microsoft ASP.NEA list of file Informational A list of file extensions handled by the ASP.N
_x000D_
indows Server 2008 R2 (Server, 8239 Microsoft IIS Ser Microsoft InteInformational Microsoft
indows Server 2008 R2 (Server, 8323 Microsoft IIS NTL Microsoft InteInformational Microsoft
indows Server 2008 R2 (Server, 8342 Microsoft IIS An Microsoft InteInformational Microsoft
indows Server 2008 R2 (Server, 8344 Microsoft IIS Bas Microsoft InteInformational _x000D_
Microsoft IIS Basic Authentication scheme is
indows Server 2008 R2 (Server, 8385 Microsoft IIS Ho Microsoft InteInformational Microsoft
indows Server 2008 R2 (Server, 10224 Hidden WWW SerHidden WWWInformational
s Hidden
_x000D_WWW server name detected. Web se
indows Server 2008 R2 (Server, 11218 Web Server HTTPHTTP protocolInformational HTTP _x000D_protocol version was obtained from the
indows Server 2003 (Service Pac 1614 Microsoft WindowThe ASP .NET SInformational Provides suppoCVE-MAP-NOMA
MS02-062:_x000D_
indows Server 2003 (Service Pac 1599 Microsoft IIS We WebDAV functio Informational http://www.microsoft.com/technet/security
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1622 Microsoft WindowThe Microsoft Informational Transmits net CVE-1999-0224
indows Server 2003 (Service Pac 1669 Microsoft WindowThe NT LM Secu Informational Provides securCVE-MAP-NOMA
indows Server 2003 (Service Pac 1671 Microsoft WindowThe Security AInformational Stores
_x000D_securityCVE-MAP-NOMA
indows Server 2003 (Service Pac 1731 Microsoft Windows The Unsigned Idnformational _x000D_ CVE-MAP-NOMA
indows Server 2003 (Service Pac 1714 Microsoft WindowThe version ofInformational Microsoft releases
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1713 Microsoft WindowThe ASP .NET vInformational ASP .NET proviCVE-MAP-NOMA
indows Server 2003 (Service Pac 1663 Microsoft WindowThe COM+ Syste Informational Manages the cCVE-MAP-NOMA
indows Server 2003 (Service Pac 1675 Microsoft WindowDetermine if MInformational _x000D_
Provides Telephony API (TAPI)
_x000D_
indows Server 2003 (Service Pac 1730 Microsoft WindowThe Require StInformational Default:
_x000D_DisabledCVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1737 Microsoft Windows The Digitally Informational When
indows Server 2003 (Service Pac 1794 Enable ICMP RediThe
The Do not store LAN Manager hash value onCVE-MAP-NOMA
Enable ICM
Informational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
indows Server 2003 (Service Pac 2430 Microsoft WindowThe WorkstatioInformational _x000D_
This service roCVE-MAP-NOMA
indows Server 2003 (Service Pac 1765 Microsoft WindowThe LAN Manage Informational NTLMv2 is a more
CVE-2001-0705
_x000D_
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2442 Microsoft Windows The Distributed
Informational This service
_x000D_ maC VE-MAP-NOMA
indows Server 2003 (Service Pac 2878 Microsoft WindowThe Dr. Watson Informational Ensure permissions
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
Se
indows Server 2003 (Service Pac 1755 Number Of PrevioThe Number ofInformational Determines
indows Server 2003 (Service Pac 1756 Require DC authen The Require Do Informational When_x000D_ enabled,CVE-2002-0157
indows Server 2003 (Service Pac 2436 Microsoft WindowThe IPSEC ServInformational This service prCVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 1787 Microsoft WindowThe Lockout ThInformational Determines
B Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2836 Unsigned Non-driv The unsigned nInformational Default: Warn CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2414 Microsoft WindowThe AutomaticInformational The AutomaticCVE-MAP-NOMA Updates/Windows Update se
_x000D_
indows Server 2003 (Service Pac 1749 .NET Passport CreThe Do not all Informational Default: Disabled CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2965 User Rights RestorThe User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 4010 Microsoft WindowThe Microsoft Informational The value for this CVE-MAP-NOMA
indows Server 2003 (Service Pac 4115 Windows FirewallAutoplay
The Microsoft
is notInformational The Microsoft
indows Server 2003 (Service Pac 2986 Disable Autoplay Informational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2914 Audit System EvenThe Audit Sys Informational NOTE: _x000D_ This check
CVE-1999-0575
indows Server 2003 (Service Pac 2887 Microsoft WindowThe Remove Adm Informational Ensure permissions CVE-MAP-NOMA
indows Server 2003 (Service Pac 3473 Web Element Man The Web Elemen Informational This service p CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2963 User Rights RemoThe User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2883 Microsoft Windows The legal noti Informational _x000D_
Ensure that the legal notice text and caption
_x000D_
indows Server 2003 (Service Pac 2947 User Rights Deny The User Righ Informational NOTE: This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2918 User Rights Backup
The User RightInformational NOTE: This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 3477 Message QueuingThe Message QInformational This service p CVE-MAP-NOMA
indows Server 2003 (Service Pac 4136 Windows FirewallThe
S Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2970 User Rights LogonThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2885 Microsoft WindowThe Name-poliInformational Ensure permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2888 Microsoft WindowThe Perform Ro Informational Ensure permissions
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 (Service Pac 4005 Microsoft WindowsThe "Log on asInformational NOTE: This check
CVE-1999-0534
indows Server 2003 (Service Pac 2908 Microsoft WindowThe Audit Acc Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2891 Microsoft WindowThe "System Ob Informational Ensure permissions
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2966 User Rights Shut The User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 4007 Microsoft WindowThe "Adjust meInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2917 User Rights AllowThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2920 User Rights Chan The User Righ Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2919 User Rights BypasThe User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2957 User Rights Log On
The User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_ The Microsoft
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2912 Audit Policy ChanThe Audit Pol Informational NOTE: This check
CVE-1999-0575
indows Server 2003 (Service Pac 2964 User Rights ReplaThe User RightInformational NOTE: This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 4004 Microsoft WindowsThe "ImpersonaInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2886 Microsoft WindowsThe "Network Informational
A Ensure permissions
indows Server 2003 (Service Pac 2909 Audit Account MaThe Audit Acc Informational NOTE: This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 3316 Microsoft WindowIt was possibl Informational Microsoft Wind CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2915 User Rights Acce The User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 4104 USB Block StorageThe Microsoft Informational Microsoft
_x000D_
indows Server 2003 (Service Pac 9772 SMTP Server DeteSMTP service w Informational SMTP
_x000D_ service was detected on the host.
indows Server 2003 (Service Pac 9793 SMTP Server ConnSMTP server cInformational SMTP server connection was allowed on the
indows Server 2003 (Service Pac 11090 FTP Server Detec A FTP server wInformational A FTP server was detected on the host.
_x000D_
indows Server 2003 (Service Pac 6911 FTP Server FoundAn FTP server Informational An FTP server was detected on the host.
_x000D_
indows Server 2003 (Service Pac 11067 FTP Server With CFTP server witInformational FTP server with clear text authentication was
_x000D_
indows Server 2003 (Service Pac 13850 Microsoft IIS FTP A denial of serHigh A denial of service vulnerability is present in
_x000D_
indows Server 2003 (Service Pac 9500 Sun Java SDK/JDKAn informationLow An informationCVE-2007-5238
indows Server 2003 (Service Pac 13462 Microsoft Windows A privilege es Medium The flaw lies inCVE-2010-1886
indows Server 2003 (Service Pac 5596 Microsoft Windows The "DCOM: Mac Informational The
A DNS configuration ofLaunch
"DCOM: Machine Rest Operating
a Windows
indows Server 2003 (Service Pac 13429 Windows DNS Conf A DNS configuInformational
_x000D_
_x000D_
_x000D_ CVE-2012-1545
indows Server 2003 (Service Pac 5595 Microsoft Windows The "DCOM: Mac Informational The "DCOM: Machine Access Rest
_x000D_
indows Server 2003 (Service Pac 6620 Sun Java RuntimeA vulnerabilit Medium A vulnerabilityCVE-2009-1093
exists in LdapCtx in the LDAP s
indows Server 2003 (Service Pac 4427 Check users who Determined tha Informational Some accounts
Microsoft password
has provided was fo to address
MS11-067
indows Server 2003 (Service Pac 12474 (MS11-067) Vulner A information Medium _x000D_ CVE-2011-1976
indows Server 2003 (Service Pac 5381 Sun Java JRE ApplA vulnerabilit Medium A vulnerabilityCVE-2007-3922
in the Java Runtime Environm
_x000D_
indows Server 2003 (Service Pac 9498 Sun Java SDK/JDKA security res Medium A security restriction
_x000D_ CVE-2007-5236
indows Server 2003 (Service Pac 8639 Sun Java RuntimeCheck for Sun Informational Check
4. for Sun
A service Java Runtime
is using Environment
a user account is in
not perm
indows Server 2003 (Service Pac 4617 Microsoft Windows A Microsoft WiInformational 5. A service
indows Server 2003 (Service Pac 4916 Microsoft Windows The legal noticInformational Ensure
A hoststhat both
CVE-1999-0590
legal notice
file configuration of a text and captio
Windows Oper
indows Server 2003 (Service Pac 13430 Windows Hosts FiA hosts file c Informational _x000D_
indows Server 2003 (Service Pac 4890 Sun MicrosystemsA vulnerabilityMedium A vulnerabilityCVE-2007-0243
indows Server 2003 (Service Pac 14464 Oracle Java SE OpA denial of serMedium The flaw is dueCVE-2012-5373
indows Server 2003 (Service Pac 5007 Microsoft Windows A vulnerabilit Low Microsoft
_x000D_
indows Server 2003 (Service Pac 9996 Sun Java 2 PlatforA privilege es Medium A privilege escalation
_x000D_ CVE-2005-1974
indows Server 2003 (Service Pac 5752 Microsoft InterneA vulnerabilityMedium a_x000D_
indows Server 2003 (Service Pac 9069 (MS10-041) Vulner A vulnerabilit Medium The vulnerability
CVE-2009-0217
_x000D_
indows Server 2003 (Service Pac 9496 Sun Java SDK/JDKMultiple
J vulneMedium Multiple
CVE-2007-5232
are present
C in some v
indows Server 2003 (Service Pac 5506 Sun Java MultipleVulnerabilitie Medium VulnerabilitiesCVE-2007-5237
o The username
_x000D_ of the last user
indows Server 2003 (Service Pac 5250 Microsoft WindowAllow ICMP redInformational Ensure permissions
The registry comply
values under with
this keyenterprise
were obtaip
_x000D_
indows Server 2003 (Service Pac 6821 Microsoft InterneInternet ExploInformational The Microsoft Internet Explore
indows Server 2003 (Service Pac 5591 Microsoft Windows The User RightInformational The User Rights "Deny log on t
_x000D_
indows Server 2003 (Service Pac 9381 Microsoft InterneA vulnerabilityMedium A vulnerability
_x000D_ CVE-2010-3886
indows Server 2003 (Service Pac 5265 Microsoft Windows Internet ExploInformational Internet
indows Server 2003 (Service Pac 5333 Sun Java WebStart A vulnerabilit Medium A vulnerabilityCVE-2007-3655
in Sun Java Runtime Environm
indows Server 2003 (Service Pac 5590 Microsoft Windows The User RightInformational The User Rights "Deny log on loc
indows Server 2003 (Service Pac 4434 Enumerate Admini List the users
escalation Under
vulnerability Microsoft
Theisvulnerability
present someWindows
canversionsrole-b
be exploited
of Microsoft
by a proce
Wi
indows Server 2003 (Service Pac 12471 (MS11-067) Micros A information Medium CVE-2011-1976
indows Server 2003 (Service Pac 5578 Enumerate Instal VMware images Informational VMware
indows Server 2003 (Service Pac 12840 Microsoft Windows Multiple DNS pLow Multiple DNS poisoning vulnerabilities are pr
indows Server 2003 (Service Pac 5859 Windows User ProUser profiles Informational User _x000D_profiles were found on the Windows ho
indows Server 2003 (Service Pac 5511 Microsoft Intern A vulnerabilit Medium A design flaw in
_x000D_ CVE-2007-5158
indows Server 2003 (Service Pac 9086 (MS10-041) MicroA vulnerabilit Medium The vulnerability
_x000D_ CVE-2009-0217
indows Server 2003 (Service Pac 9822 Microsoft Windows A security bypLow A security
_x000D_ bypass vulnerability is present in s
indows Server 2003 (Service Pac 8500 Oracle Java SE S A code executiMedium An unspecifiedCVE-2010-0839
_x000D_ vulnerability in the Sound com
indows Server 2003 (Service Pac 9518 Mcafee VirusScanMcAfee VirusSc
sign McAfee
communications VirusScan
policy is installed
wason
(always) setting the hostonand
detected th
indows Server 2003 (Service Pac 5254 Microsoft Windows Windows file nInformational Ensure permissions comply with enterprise p
indows Server 2003 (Service Pac 14417 Oracle Java SE ObAn obsolete veInformational _x000D_
An obsolete version of Oracle Java SE is dete
indows Server 2003 (Service Pac 5256 Microsoft Windows Screen saver gInformational Ensure
The flawpermissions
is due to howcomply with enterprise
the application p
handle
indows Server 2003 (Service Pac 13106 Microsoft InterneAn informationMedium CVE-2011-4689
This check onlyshares
attemptsareto
crea
establish a NetBI
indows Server 2003 (Service Pac 13017 NetBIOS Null SessNetBIOS Null sInformational
_x000D_
indows Server 2003 (Service Pac 11140 McAfee VirusSca McAfee VirusSc Informational McAfee
indows Server 2003 (Service Pac 8966 Raw Socket Test Detect for ICMInformational Detect_x000D_ for ICMP reply from tar
indows Server 2003 (Service Pac 8969 Raw Socket Test Detect for opeInformational Detect for opened TCP port on
_x000D_
indows Server 2003 (Service Pac 7783 Microsoft WindowThe server is Informational The server is running the Microsoft Windows
_x000D_
_x000D_
indows Server 2003 (Service Pac 8323 Microsoft IIS NTL Microsoft InteInformational Microsoft
indows Server 2003 (Service Pac 8344 Microsoft IIS Bas Microsoft InteInformational Microsoft
indows Server 2003 (Service Pac 8367 Microsoft IIS IIS Microsoft InteInformational Microsoft
indows Server 2003 (Service Pac 8388 Microsoft IIS MSAMicrosoft InteInformational Microsoft
_x000D_ IIS MSADC virtual directory was de
indows Server 2003 (Service Pac 8425 Microsoft IIS Prin Microsoft InterInformational Microsoft
indows Server 2003 (Service Pac 8426 Microsoft IIS Scri Microsoft InterInformational Microsoft
indows Server 2003 (Service Pac 11218 Web Server HTTPHTTP protocolInformational _x000D_ HTTP protocol version was obtained from the
indows Server 2003 (Service Pac 11260 Web Server WebDWebDAV was de
Informational WebDAV
There is an information disclosure samewas
vulnerability on
in the
alsoversions
cause a de
of
indows Server 2003 (Service Pac 1614 Microsoft WindowThe ASP .NET SInformational Provides suppoCVE-MAP-NOMA
indows Server 2003 (Service Pac 1613 Microsoft WindowThe Alerter serInformational Is used to del CVE-1999-0630
MS02-062:_x000D_
indows Server 2003 (Service Pac 1599 Microsoft IIS We WebDAV functio Informational http://www.microsoft.com/technet/security
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1636 Microsoft WindowThe ApplicatioInformational Provides suppoCVE-MAP-NOMA
indows Server 2003 (Service Pac 1681 Microsoft Windo The Management Informational Provides
indows Server 2003 (Service Pac 1730 Microsoft WindowThe Require StInformational Default: Disabled CVE-MAP-NOMA
indows Server 2003 (Service Pac 1737 Microsoft Windows The Digitally Informational When
_x000D_ enabled, CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 1714 Microsoft WindowThe version ofInformational Microsoft releases
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1713 Microsoft WindowThe ASP .NET vInformational ASP .NET proviCVE-MAP-NOMA
indows Server 2003 (Service Pac 1663 Microsoft WindowThe COM+ Syste Informational Manages
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1675 Microsoft WindowDetermine if MInformational Provides Telephony API (TAPI)
indows Server 2003 (Service Pac 1743 Microsoft WindowThe Send unenc Informational Disabling this CVE-MAP-NOMA
_x000D_
B Ensure
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 1765 Microsoft WindowThe LAN Manage Informational NTLMv2 is a more
CVE-2001-0705
_x000D_
CVE-MAP-NOMA named
_x000D_
indows Server 2003 (Service Pac 1749 .NET Passport CreThe Do not all Informational Default: Disabled
CVE-MAP-NOMA
Se
indows Server 2003 (Service Pac 2873 Microsoft WindowThe system is Informational The cdrom
_x000D_ auto
CVE-2000-0155
indows Server 2003 (Service Pac 2436 Microsoft WindowThe IPSEC ServInformational This service prCVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2878 Microsoft WindowThe Dr. Watson Informational Ensure permissions
CVE-MAP-NOMA
indows Server 2003 (Service Pac 1786 Microsoft WindowMicrosoft Wind Informational Determines how many minutes (1
indows Server 2003 (Service Pac 2439 Microsoft WindowThe Remote Pro Informational This service
_x000D_ prCVE-MAP-NOMA
The Do not store LAN Manager hash value on next password change policy s
indows Server 2003 (Service Pac 2832 Members Of The Accounts wereInformational If an account CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2828 Default Guest Ac The guest accoInformational An account nam
indows Server 2003 (Service Pac 1758 Microsoft WindowThe Smart cardInformational Force _x000D_Logoff - Users are automatically logged
p The minimum
_x000D_ CVE-1999-0535
indows Server 2003 (Service Pac 2961 User Rights Profil The User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 4005 Microsoft Windows The "Log on asInformational NOTE: This check CVE-1999-0534
_x000D_
indows Server 2003 (Service Pac 2947 User Rights Deny The User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2970 User Rights LogonThe User RightInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 4121 Windows FirewallThe Microsoft Informational The
_x000D_
indows Server 2003 (Service Pac 2987 Power Users Grou Informational NOTE:_x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2963 User Rights RemoThe User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 4008 Microsoft WindowThe Microsoft
disabled on all drivevalue
typesfor
_x000D_ forthis
CVE-MAP-NOMA
security
all local optionand
accounts does not m
therefor
indows Server 2003 (Service Pac 2986 Disable Autoplay Informational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2915 User Rights Acce The User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 4104 USB Block StorageThe Microsoft Informational _x000D_ Microsoft Wind CVE-MAP-NOMA
indows Server 2003 (Service Pac 4017 Microsoft Windo User accountsInformational One or
_x000D_ more user
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2908 Microsoft WindowThe Audit Acc Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2003 (Service Pac 4136 Windows FirewallThe S Microsoft Informational The Microsoft CVE-MAP-NOMA
indows Server 2003 (Service Pac 2920 User Rights Chan The User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2909 Audit Account MaThe Audit Acc Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2911 Audit Object AcceThe Audit Obj Informational NOTE: _x000D_ This check
CVE-1999-0575
requires at least
C Foundston
indows Server 2003 (Service Pac 3994 Microsoft Windows The file permi Informational _x000D_ CVE-MAP-NOMA
indows Server 2003 (Service Pac 2913 Audit Privilege UsThe Audit Pri Informational NOTE: _x000D_ This check
CVE-1999-0575
indows Server 2003 (Service Pac 2919 User Rights BypasThe User Righ Informational _x000D_ NOTE: This check CVE-MAP-NOMA
indows Server 2003 (Service Pac 2888 Microsoft WindowThe Perform Ro Informational Ensure permissions CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2918 User Rights BackupThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
_x000D_permissions
CVE-MAP-NOMA
_x000D_This check
CVE-1999-0575
CVE-MAP-NOMA
indows Server 2003 (Service Pac 4004 Microsoft Windows The "ImpersonaInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2964 User Rights ReplaThe User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2965 User Rights RestorThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2957 User Rights Log OnThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 (Service Pac 2912 Audit Policy ChanThe Audit Pol Informational NOTE: This check
CVE-1999-0575
indows Server 2003 (Service Pac 4103 Basic AuthenticatThe Microsoft Informational Microsoft Wind CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2966 User Rights Shut The User Righ Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 4007 Microsoft WindowThe "Adjust meInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 2891 Microsoft WindowThe "System Ob Informational Ensure permissions
CVE-MAP-NOMA
_x000D_
indows Server 2003 (Service Pac 9793 SMTP Server ConnSMTP server cInformational SMTP server
_x000D_ connection was allowed on the
indows Server 2003 (Service Pac 9772 SMTP Server DeteSMTP service w Informational SMTP service was detected on the host.
indows Server 2003 (Service Pac 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS RPC Interface Detected.
_x000D_
indows Server 2003 (Service Pac 9498 Sun Java SDK/JDKA security res Medium A security restriction
_x000D_ CVE-2007-5236
indows Server 2003 (Service Pac 7906 Adobe Flash PlayeA vulnerabilit Medium A vulnerabilityCVE-2010-0186
_x000D_ is present in some versions of
indows Server 2003 (Service Pac 12471 (MS11-067) Micros A information Medium _x000D_ CVE-2011-1976
indows Server 2003 (Service Pac 5246 Microsoft WindowThe 'Shares thInformational Determines which shares can be
_x000D_
indows Server 2003 (Service Pac 12683 (APSB11-26) Adobe An informationMedium The flaw is specific
_x000D_ CVE-2011-2429
to a control bypass error.
indows Server 2003 (Service Pac 9500 Sun Java SDK/JDKAn informationLow An informationCVE-2007-5238
indows Server 2003 (Service Pac 5256 Microsoft Windows Screen saver gInformational Ensure
indows Server 2003 (Service Pac 8787 Macromedia FlashAn informationMedium An
A DNSinformation CVE-2003-1017
disclosure
configuration vulnerability
of a Windows is pre
Operating
indows Server 2003 (Service Pac 12682 (APSB11-26) Adobe A security bypMedium The flaw is specific
CVE-2011-2444
to a cross site scripting er
_x000D_
indows Server 2003 (Service Pac 13392 Microsoft InterneA denial of serMedium The lies
_x000D_ in a CVE-2012-1545
memory corruption condition, in
indows Server 2003 (Service Pac 5381 Sun Java JRE ApplA vulnerabilit Medium A vulnerabilityCVE-2007-3922
_x000D_ in the Java Runtime Environm
indows Server 2003 (Service Pac 5859 Windows User ProUser profiles Informational User profiles were found on the Windows ho
indows Server 2003 (Service Pac 5265 Microsoft Windows Internet ExploInformational Internet
4. A service is using acomply with enterprise
user account not permp
indows Server 2003 (Service Pac 4617 Microsoft Windows A Microsoft WiInformational 5. A service is installed that should not be ins
_x000D_
indows Server 2003 (Service Pac 9822 Microsoft Windows A security bypLow A security bypass vulnerability is present in s
indows Server 2003 (Service Pac 4481 Microsoft WindowThe Microsoft Informational The
The Microsoft Windows
registry values underFirewall
this key were obtai
indows Server 2003 (Service Pac 14505 Microsoft XML CorAn obsolete veInformational An obsolete version of Microsoft XML Core S
_x000D_
indows Server 2003 (Service Pac 9086 (MS10-041) MicroA vulnerabilit Medium The vulnerability
_x000D_ CVE-2009-0217
CVE-2009-4073in Microsoft Intern
indows Server 2003 (Service Pac 8639 Sun Java RuntimeCheck for Sun Informational Check for Sun Java Runtime Environment is in
_x000D_
indows Server 2003 (Service Pac 8500 Oracle Java SE S A code executiMedium An unspecifiedCVE-2010-0839
vulnerability in the Sound com
_x000D_
indows Server 2003 (Service Pac 5506 Sun Java MultipleVulnerabilitie Medium VulnerabilitiesCVE-2007-5237
_x000D_
indows Server 2003 (Service Pac 14175 Update Rollup forMultiple remotMedium Multiple
indows Server 2003 (Service Pac 5007 Microsoft Windows A vulnerabilit Low Microsoft
indows Server 2003 (Service Pac 14914 Microsoft Enhance Microsoft EnhaInformational _x000D_
indows Server 2003 (Service Pac 9309 Adobe Flash Play A version of A Informational A version of Adobe Flash Player was detected
indows Server 2003 (Service Pac 10797 McAfee VirusScanMcAfee VirusSc Informational
indows Server 2003 (Service Pac 4427 Check users who Determined tha Informational Some accounts password was fo
_x000D_
indows Server 2003 (Service Pac 7907 Adobe Flash PlayeA denial of serMedium A denial of service
CVE-2010-0187
indows Server 2003 (Service Pac 5596 Microsoft Windows The "DCOM: Mac Informational The "DCOM: Machine Launch Rest
_x000D_
indows Server 2003 (Service Pac 4890 Sun MicrosystemsA vulnerabilityMedium A vulnerabilityCVE-2007-0243
indows Server 2003 (Service Pac 14417 Oracle Java SE ObAn obsolete veInformational An obsolete version of Oracle Java SE is dete
indows Server 2003 (Service Pac 5590 Microsoft Windows The User RightInformational The User Rights "Deny log on loc
_x000D_
_x000D_
indows Server 2003 (Service Pac 5254 Microsoft Windows Windows file nInformational Ensure permissions comply with enterprise p
_x000D_
indows Server 2003 (Service Pac 12840 Microsoft Windows Multiple DNS pLow Multiple
The flaw DNS is duepoisoning
to how thevulnerabilities
application are pr
handle
indows Server 2003 (Service Pac 13106 Microsoft InterneAn informationMedium CVE-2011-4689
A hosts file configuration of a Windows Oper
indows Server 2003 (Service Pac 5591 Microsoft Windows The User RightInformational The User Rights "Deny log on t
indows Server 2003 (Service Pac 5595 Microsoft Windows The "DCOM: Mac Informational The "DCOM:
Microsoft hasMachine
providedAccess
MS11-067Rest to address
indows Server 2003 (Service Pac 12474 (MS11-067) Vulner A information Medium
The Digitally sign communications CVE-2011-1976
indows Server 2003 (Service Pac 9496 Sun Java SDK/JDKMultiple
J vulneMedium Multiple
CVE-2007-5232
are present
C in some v
indows Server 2003 (Service Pac 6003 Microsoft WindowOne or more us Informational One
_x000D_ or more user accounts have never logge
indows Server 2003 (Service Pac 5333 Sun Java WebStart A vulnerabilit Medium A vulnerability
_x000D_ CVE-2007-3655
in Sun Java Runtime Environm
indows Server 2003 (Service Pac 13658 (APSB11-13) Vulne A cross site sc Medium The
_x000D_ update provided
CVE-2011-2107
indows Server 2003 (Service Pac 5543 Enumerate EnableA Mprivilege
icrosoft WinInformational Administrative
escalation vulnerability
The isvulnerability
present someshares areexploited
canversions
be crea
of Microsoft
by a proce
Wi
indows Server 2003 (Service Pac 9069 (MS10-041) Vulner A vulnerabilit Medium The
_x000D_ vulnerabilityCVE-2009-0217
_x000D_
_x000D_
indows Server 2003 (Service Pac 5511 Microsoft Intern A vulnerabilit Medium A design flaw in CVE-2007-5158
indows Server 2003 (Service Pac 6821 Microsoft InterneInternet ExploInformational The _x000D_ Microsoft Internet Explore
indows Server 2003 (Service Pac 14463 Oracle Java SE OpA denial of serMedium The
_x000D_ flaw is dueCVE-2012-2739
indows Server 2003 (Service Pac 14432 Adobe Macromedia An obsolete veInformational An obsolete
_x000D_ version of Adobe Macromedia F
indows Server 2003 (Service Pac 6879 Microsoft WindowThe Microsoft Informational The _x000D_ Microsoft Windows computer
indows Server 2003 (Service Pac 9996 Sun Java 2 PlatforA privilege es Medium A privilege
_x000D_ escalation
CVE-2005-1974
indows Server 2003 (Service Pac 5752 Microsoft InterneA vulnerabilityMedium a_x000D_
indows Server 2003 (Service Pac 6620 Sun Java RuntimeA vulnerabilit Medium A vulnerabilityCVE-2009-1093
_x000D_ exists in LdapCtx in the LDAP s
indows Server 2003 (Service Pac 13462 Microsoft Windows A privilege es Medium The
This check only the
way that
attempts the Windows
to establish Te
a NetBI
indows Server 2003 (Service Pac 13017 NetBIOS Null SessNetBIOS Null sInformational _x000D_
indows Server 2003 (Service Pac 11140 McAfee VirusSca McAfee VirusSc Informational McAfee VirusScan is running on the target ho
indows Server 2003 (Service Pac 11141 Microsoft Windo The Microsoft Informational _x000D_The Microsoft Windows computer
indows Server 2003 (Service Pac 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS_x000D_ bindings information was detected
indows Server 2003 (Service Pac 8490 NetBIOS Names InMicrosoft Net Informational Microsoft NetBIOS names information was d
indows Server 2003 (Service Pac 7783 Microsoft WindowThe server is Informational The _x000D_server is running the Microsoft Windows
_x000D_
indows Server 2003 (Service Pac 8239 Microsoft IIS Ser Microsoft InteInformational _x000D_
Microsoft IIS was detected on the host.
indows Server 2003 (Service Pac 8323 Microsoft IIS NTL Microsoft InteInformational Microsoft
indows Server 2003 (Service Pac 8344 Microsoft IIS Bas Microsoft InteInformational Microsoft IIS Basic Authentication scheme is
_x000D_
indows Server 2003 (Service Pac 11218 Web Server HTTPHTTP protocolInformational HTTP protocol version was obtained from the
_x000D_
indows Server 2003 (Service Pac 11260 Web Server WebDWebDAV was
There is an de
Informational
information WebDAV
disclosure samewas detected
Thevulnerability
vulnerability on
in the
alsoversions
cause a de
of
indows Server 2008 R2 (Service 1695 Allow Undock WitThe Microsoft Informational Determines
_x000D_ whe CVE-2002-0157 C
_x000D_
_x000D_Disabled.
CVE-MAP-NOMA
indows Server 2008 R2 (Service 1737 Microsoft Windows The Digitally Informational _x000D_
When enabled,CVE-MAP-NOMA
indows Server 2008 R2 (Service 1731 Microsoft Windows The Unsigned Idnformational CVE-MAP-NOMA
Se
_x000D_
indows Server 2008 R2 (Service 2827 Default Administ The administraInformational An account name CVE-1999-0585
_x000D_
CVE-MAP-NOMA
_x000D_ CVE-2000-0155
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2964 User Rights ReplaThe User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
_x000D_ This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2966 User Rights Shut The User Righ Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2918 User Rights BackupThe User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
indows Server 2008 R2 (Service 4000 Microsoft Windows The "Create glInformational NOTE: This check CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
requires at least
C Foundston
_x000D_
_x000D_
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2008 R2 (Service 4017 Microsoft Windo User accountsInformational One or more user
indows Server 2008 R2 (Service 2888 Microsoft WindowThe Perform Ro Informational Ensure permissionsCVE-MAP-NOMA
indows Server 2008 R2 (Service 3960 False AdministratA false AdminiInformational The AdministraCVE-1999-0585 C
_x000D_
indows Server 2008 R2 (Service 2887 Microsoft WindowThe Remove Adm Informational Ensure permissionsCVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2914 Audit System EvenTThe
he Audit Sys Informational
User Rights NOTE:
"Generate security
NOTE: This
This check
check
policy requires
does notat
requires least
least Foundston
atmatch Foundston
the recom
indows Server 2008 R2 (Service 2909 Audit Account MaThe Audit Acc Informational NOTE:_x000D_This check
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 4005 Microsoft Windows The "Log on asInformational NOTE:
_x000D_This check
CVE-1999-0534
_x000D_
indows Server 2008 R2 (Service 14057 Microsoft WindowMicrosoft SecuMedium
indows Server 2008 R2 (Service 14024 (MS12-054) MicroA denial of se Medium The
The flaw
is due the handling
to when of RAPaddress
the Proxy requestsan
indows Server 2008 R2 (Service 15194 (2854544) UpdateThis software Low This software update enables
_x000D_
indows Server 2008 R2 (Service 8691 Internet Explorer A cross-site scMedium A
_x000D_ scripting
cross-site CVE-2010-1489
indows Server 2008 R2 (Service 6003 Microsoft WindowOne or more us Informational _x000D_
One or more user accounts have never logge
_x000D_
indows Server 2008 R2 (Service 14239 Microsoft Windows Microsoft has Medium While
The registry has provided
CVE-2012-2532
values underMS12-073C were
this key to address
obtai
CVE-2013-1287
indows Server 2008 R2 (Service 15056 (MS13-040) MicroA spoofing
The vulMedium
Microsoft The
Windows User Account flawControl
is dueCVE-2013-1336
to the signature
"Behaviorof
option ofathe
specially
eleva
indows Server 2008 R2 (Service 15161 (MS13-049) Micros A denial of se High A denial of serCVE-2013-3138
indows Server 2008 R2 (Service 15184 (MS13-050) Micros A privilege es High A privilege es CVE-2013-1339
_x000D_
_x000D_ a pointer error in the NTFS fil
The Digitally sign communications CVE-MAP-NOMA
indows Server 2008 R2 (Service 4618 Microsoft WindowThe "PasswordInformational The 4. A "Password CVE-1999-0535
service is using a user account not perm
indows Server 2008 R2 (Service 4617 Microsoft Windows A Microsoft WiInformational 5. A DNS configuration of that
A service is installed should Operating
a Windows not be ins
indows Server 2008 R2 (Service 6982 Microsoft InternetA vulnerabilit Medium The flaw iscode
A remote specific
CVE-2009-2655
to a null
execution pointer deferenc
_x000D_ lies inCVE-2013-3112
_x000D_
indows Server 2008 R2 (Service 14577 (MS13-006) MicroA security bypMedium The flaw lies inCVE-2013-0013
the handling of SSL/TLS proto
indows Server 2008 R2 (Service 6879 Microsoft WindowThe Microsoft Informational _x000D_
The Microsoft Windows computer
indows Server 2008 R2 (Service 9410 Microsoft InterneA remote denial
Low A
The Microsoft Windows User Account remote denialoption
of service vulnerability
Control "Admin Approval isMod
pre
indows Server 2008 R2 (Service 5609 Microsoft WindowA privilege escalation
Informational
vulnerability
Theisvulnerability
be exploited
of Microsoft
by a proce
Wi
indows Server 2008 R2 (Service 9839 Microsoft Windows Medium CVE-2010-1886
CVE-2013-1339
MS13-050 to address
indows Server 2008 R2 (Service 13615 (MS12-032) MicroA security bypLow The flaw
_x000D_ lies inCVE-2012-0174
indows Server 2008 R2 (Service 14362 (MS12-073) Micros An informationLow The flaw lies inCVE-2012-2531
_x000D_ the protection of log files. Suc
indows Server 2008 R2 (Service 15070 (MS13-046) Micros A privilege es High The flaw lies inCVE-2013-1332
_x000D_ the Microsoft DirectX graphic
indows Server 2008 R2 (Service 14488 (MS12-083) MicroA security bypMedium The
_x000D_ lies inCVE-2012-2549
flaw the handling of certificates by
_x000D_
indows Server 2008 R2 (Service 13043 Microsoft InterneAn informationLow The flaw is dueCVE-2002-2435
An information disclosure
to how thevulnerability is pre
application handle
indows Server 2008 R2 (Service 13143 Microsoft Windows A local denial Low A local denial of service vulne
_x000D_
indows Server 2008 R2 (Service 15051 (MS13-037) Micros An informationMedium The flaw is dueCVE-2013-1297
indows Server 2008 R2 (Service 5859 Windows User ProUser profiles Informational User
_x000D_profiles were found on the Windows ho
The flaw remote
is due tocode
whenexecution
the Proxyvulnerabiliti
address an
indows Server 2008 R2 (Service 14656 Microsoft InternetA denial of serMedium CVE-2013-1451
_x000D_
indows Server 2008 R2 (Service 13392 Microsoft InterneA denial
The of serMedium
Microsoft The liesControl
Windows User Account in a memory
CVE-2012-1545
optioncorruption
"Behavior condition,
HKEY_LOCAL_MACHINE\Software\Microsoft in
of the eleva
indows Server 2008 R2 (Service 5611 Microsoft Window Informational Microsoft has provided MS12-083 to address
indows Server 2008 R2 (Service 14487 (MS12-083) ImporA security bypMedium _x000D_ CVE-2012-2549
A hosts filehas provided
CVE-2013-1336
configuration MS13-040
C to address
of a Windows Oper
indows Server 2008 R2 (Service 15069 (MS13-046) Vulner Multiple vulneHigh Microsoft has provided
_x000D_ CVE-2013-1332
MS13-046
C to address
indows Server 2008 R2 (Service 14841 (MS13-027) Micros A privilege es High The flaw
_x000D_ is due CVE-2013-1287
indows Server 2008 R2 (Service 14580 (MS13-006) Vulner A security bypMedium Microsoft
CVE-2013-0013
MS13-006 to address
indows Server 2008 R2 (Service 6936 Microsoft InterneA vulnerabilityLow A vulnerabilityCVE-2009-2433
_x000D_
indows Server 2008 R2 (Service 11141 Microsoft Windo The Microsoft Informational _x000D_
indows Server 2008 R2 (Service 14954 Microsoft TerminaThe target is Informational _x000D_
_x000D_
indows Server 2008 R2 (Service 7897 Microsoft ASP.NEA list of file Informational _x000D_
A list of file extensions handled by the ASP.N
indows Server 2008 R2 (Service 8342 Microsoft IIS An Microsoft InteInformational Microsoft IIS anonymous access is enabled.
_x000D_
s Hidden
_x000D_
CVE-MAP-NOMA
indows Server 2008 R2 (Service 1694 Microsoft Windo The Microsoft Informational Active
_x000D_Data ObCVE-MAP-NOMA
_x000D_ whe CVE-2002-0157 C
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2008 R2 (Service 1742 Microsoft Windows The Digitally Informational When
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
Se
_x000D_
_x000D_
_x000D_
indows Server 2008 R2 (Service 4000 Microsoft Windows The "Create glInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2957 User Rights Log OnThe User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2919 User Rights BypasThe User Righ Informational
_x000D_ NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2987 Power Users Grou Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 3477 Message QueuingThe Message QInformational This service p CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2008 R2 (Service 2913 Audit Privilege UsThe Audit Pri Informational NOTE: This check
CVE-1999-0575
_x000D_
_x000D_This check
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
requires at least
C Foundston
_x000D_
indows Server 2008 R2 (Service 2908 Microsoft WindowThe Audit Acc Informational NOTE:_x000D_This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 4004 Microsoft Windows The
The "Impersona
User RightsInformational NOTE:
"Generate security
NOTE: This
This check
audits" CVE-MAP-NOMA
check
policy requires
does notat
requires least
least Foundston
atmatch Foundston
the recom
_x000D_
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 3960 False AdministratA false AdminiInformational The Administra
_x000D_ C VE-1999-0585 C
_x000D_
indows Server 2008 R2 (Service 2920 User Rights Chan The User Righ Informational _x000D_
_x000D_
_x000D_
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 10111 Microsoft SharePoMicrosoft SharInformational Microsoft
_x000D_ SharePoint server was detected on
_x000D_
_x000D_
indows Server 2008 R2 (Service 13765 (MS12-037) Micros An informationMedium The flaw lies inCVE-2012-1858
_x000D_
indows Server 2008 R2 (Service 14057 Microsoft WindowMicrosoft SecuMedium 4. A service is using a user account not perm
_x000D_
_x000D_ lies inCVE-2013-1248
_x000D_
_x000D_ lies inCVE-2013-1261
CVE-2013-1332
MS13-046
C to address
indows Server 2008 R2 (Service 14488 (MS12-083) MicroA security bypMedium The flaw lies inCVE-2012-2549
_x000D_ the handling of certificates by
indows Server 2008 R2 (Service 13313 (MS12-011) Micros A privilege escMedium The flaw is dueCVE-2012-0145
_x000D_ to an issue in the processing
_x000D_ lies inCVE-2013-1272
indows Server 2008 R2 (Service 13867 (MS12-050) Micros A privilege escMedium The flaw lies inCVE-2012-1861
_x000D_ the handling of JavaScript cod
indows Server 2008 R2 (Service 14217 (MS12-069) Vulner A denial of serMedium Microsoft
CVE-2012-2551
MS12-069 to address
_x000D_ CVE-2010-1489
CVE-2013-1248
MS13-016
C to address
indows Server 2008 R2 (Service 14580 (MS13-006) Vulner A security bypMedium Microsoft
CVE-2013-0013
MS13-006 to address
indows Server 2008 R2 (Service 13615 (MS12-032) MicroA security bypLow The flaw lies inCVE-2012-0174
_x000D_
indows Server 2008 R2 (Service 13874 (MS12-049) MicroAnTheinformation
Microsoft Medium The flawControl
Windows User Account lies inCVE-2012-1870
the TLS"Behavior
encryptionofprotocol.
option the elevaS
The User Rights "Increase a pro
indows Server 2008 R2 (Service 13869 (MS12-050) Micros A privilege escMedium The flaw lies inCVE-2012-1863
the handling of JavaScript cod
indows Server 2008 R2 (Service 11534 Microsoft InterneA spoofing vulnMedium The flaw
_x000D_ is specific to a weakness when upda
indows Server 2008 R2 (Service 4434 Enumerate Admini List
The the users Informational
Microsoft Under
Windows User Account Microsoft Windows role-b
Control option "Switch to the secure
indows Server 2008 R2 (Service 5617 Microsoft Window Informational _x000D_
indows Server 2008 R2 (Service 5533 Microsoft WindowA list of loca Informational A Thelistflaw
of local
is duegroups
to howwas obta
the application handle
indows Server 2008 R2 (Service 14926 (MS13-028) Micros A remote codeHigh The
indows Server 2008 R2 (Service 14694 (MS13-016) Micros A privilege es Medium The flaw lies
Microsoft hasinprovided
CVE-2013-1274
a race condition
MS12-083 error. Succes
to address
indows Server 2008 R2 (Service 14487 (MS12-083) ImporA security bypMedium _x000D_ CVE-2012-2549
indows Server 2008 R2 (Service 14206 (MS12-066) Micros A privilege escMedium The
the HTML Sanitization compo
indows Server 2008 R2 (Service 13866 (MS12-050) Micros An informationMedium The
the storage of search scopes.
indows Server 2008 R2 (Service 15185 (MS13-050) Vulner A
A privilege
privilege es High vulnerability
escalation Microsoft has some
Theisvulnerability
present provided
CVE-2013-1339
beMS13-050
canversions
exploited to address
of Microsoft
by a proce
Wi
indows Server 2008 R2 (Service 9839 Microsoft Windows The Microsoft Medium
Windows User Account ControlCVE-2010-1886
option "Behavior of the eleva
indows Server 2008 R2 (Service 14841 (MS13-027) Micros A privilege es High The
indows Server 2008 R2 (Service 14362 (MS12-073) Micros An informationLow The
the protection of log files. Suc
MS12-073
C to address
MS13-027
C to address
indows Server 2008 R2 (Service 10029 Windows Particula Search for file Informational Search
indows Server 2008 R2 (Service 14205 (MS12-066) Vulner A privilege escMedium Microsoft
MS12-066 to address
CVE-2012-1870
MS12-049 to address
indows Server 2008 R2 (Service 13043 Microsoft InterneAn
Theinformation
Microsoft Low An information
Windows User Account ControlCVE-2002-2435
disclosure
"Runvulnerability
option is pre
all administrator
indows Server 2008 R2 (Service 14367 (MS12-074) MicroAn informationMedium The
the incorrect sanitization of fu
indows Server 2008 R2 (Service 14577 (MS13-006) MicroA security bypMedium The
the handling of SSL/TLS proto
indows Server 2008 R2 (Service 13319 (MS12-011) Vulner Multiple privi Medium Microsoft has provided
CVE-2012-0017
MS12-011
C to address
indows Server 2008 R2 (Service 6879 Microsoft WindowThe Microsoft Informational http://support.microsoft.com/default.aspx?s
indows Server 2008 R2 (Service 7232 Microsoft Windo The target's Informational Microsoft has provided CVE-MAP-NOMA
MS11-074 to address
indows Server 2008 R2 (Service 12634 (MS11-074) Vulner Multiple vulneMedium _x000D_ CVE-2011-0653 C
_x000D_
A DNS flaw lies inCVE-2012-1873
the handling
configuration of null Operating
of a Windows bytes. Su
a pointer error in the NTFS fil
indows Server 2008 R2 (Service 14836 (MS13-024) Micros A privilege escHigh The
_x000D_flaw is due CVE-2013-0080
to user supplied input is not p
_x000D_
CVE-MAP-NOMA
indows Server 2008 R2 (Service 15161 (MS13-049) MicrosA denial of se High A denial of serCVE-2013-3138
indows Server 2008 R2 (Service 5595 Microsoft WindowsThe "DCOM: Mac Informational The "DCOM: Machine Access Rest
_x000D_
indows Server 2008 R2 (Service 14944 (MS13-035) MicrosA privilege escMedium The flaw lies inCVE-2013-1289
_x000D_ the sanitization of HTML spec
_x000D_ a cross-site scripting vulnerab
indows Server 2008 R2 (Service 13871 (MS12-046) MicrosA remote codeMedium The flaw
_x000D_ lies inCVE-2012-1854
_x000D_ the handling of JavaScript cod
indows Server 2008 R2 (Service 14837 (MS13-024) MicrosA privilege escHigh The flaw is dueCVE-2013-0084
_x000D_ to user supplied input is not p
indows Server 2008 R2 (Service 13312 (MS12-011) MicroA privilege escMedium The flaw is dueCVE-2012-0144
_x000D_ to an issue in the processing
an error in the SafeHTML fun
indows Server 2008 R2 (Service 14945 (MS13-035) VulnerA privilege escMedium A privilege escCVE-2013-1289
_x000D_
indows Server 2008 R2 (Service 6982 Microsoft InternetA vulnerabilit Medium The
The flaw is specific
registry CVE-2009-2655
values to a null
under pointer
this deferenc
key were obtai
indows Server 2008 R2 (Service 7555 Microsoft WindowThe registry Informational The flaw is due to when the Proxy address an
indows Server 2008 R2 (Service 15070 (MS13-046) MicrosA privilege es High The
The flaw
is due the Microsoft
to when DirectX
the Proxy graphic
address an
_x000D_ the sanitization of HTML strin
indows Server 2008 R2 (Service 15054 (MS13-040) VulnerMultiple securHigh Microsoft has provided
_x000D_ CVE-2013-1336
MS13-040
C to address
_x000D_ lies inCVE-2013-1249
_x000D_ CVE-2012-1545
indows Server 2008 R2 (Service 15194 (2854544) UpdateThis software Low This software update enables
_x000D_
indows Server 2008 R2 (Service 5256 Microsoft WindowsScreen
The saver gInformational
Microsoft Ensure Control
Windows User Account permissions comply with
option "Admin enterprise
Approval Modp
_x000D_ an error in the handling of XM
_x000D_ lies inCVE-2013-1260
indows Server 2008 R2 (Service 5859 Windows User ProUser profiles Informational User profiles
Microsoft haswere foundMS12-050
provided on the Windows ho
to address
indows Server 2008 R2 (Service 13870 (MS12-050) VulnerMultiple vulneMedium
The Digitally sign communications CVE-2012-1858
setting was Cdetected on th
(always) policy
indows Server 2008 R2 (Service 15184 (MS13-050) MicrosA privilege es High A privilege es CVE-2013-1339
_x000D_
indows Server 2008 R2 (Service 14216 (MS12-069) MicroA denial of serMedium The flaw lies
code the handling
execution of crafted is
vulnerability sessio
pres
_x000D_ lies inCVE-2013-3112
_x000D_
_x000D_
_x000D_
s Hidden
indows Server 2008 R2 (Service 11218 Web Server HTTPHTTP protocolInformational HTTP
_x000D_ protocol version was obtained from the
CVE-MAP-NOMA
indows Server 2008 R2 (Service 1714 Microsoft WindowThe version ofInformational Microsoft releasesCVE-MAP-NOMA
Ti Maintains
_x000D_ whe CVE-2002-0157 C
indows Server 2008 R2 (Service 1703 Clear Pagefile On The Microsoft Informational Default: Disabled.CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 1740 Microsoft WindowThe Do not al Informational This settingWindows
Microsoft c CVE-MAP-NOMA
XP_x000D_
indows Server 2008 R2 (Service 2659 Disable AutomaticThe automaticInformational Microsoft
_x000D_ Windows
CVE-MAP-NOMA
2003
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2827 Default Administ The administraInformational An account name CVE-1999-0585
_x000D_
_x000D_ permissions
CVE-MAP-NOMA
requires at least
C Foundston
The AdministrInformational The
User Rights "Generate security
NOTE:users
Thisdetected
audits" check within
notthe
policyrequires
does atmatch
least Foundston
the recom
_x000D_
indows Server 2008 R2 (Service 4000 Microsoft Windows The "Create glInformational NOTE:_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 4005 Microsoft Windows The "Log on asInformational NOTE:_x000D_This check
CVE-1999-0534
indows Server 2008 R2 (Service 2908 Microsoft WindowThe Audit Acc Informational NOTE:
_x000D_ _x000D_This check
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2008 R2 (Service 4004 Microsoft Windows The "Impersona Informational _x000D_
_x000D_
indows Server 2008 R2 (Service 2914 Audit System EvenThe Audit Sys Informational NOTE: _x000D_This check
CVE-1999-0575
indows Server 2008 R2 (Service 4104 USB Block StorageThe Microsoft
For new users,Informational
the system is notMicrosoft
_x000D_ Wind
configured toCVE-MAP-NOMA
enable screen saver passwor
indows Server 2008 R2 (Service 2992 Microsoft Window Informational http://technet.microsoft.com/en-us/library/c
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2008 R2 (Service 2917 User Rights AllowThe User RightInformational NOTE: _x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2913 Audit Privilege UsThe Audit Pri Informational NOTE:_x000D_This check
CVE-1999-0575
_x000D_
_x000D_
indows Server 2008 R2 (Service 2919 User Rights BypasThe User Righ Informational NOTE: _x000D_This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 4127 Windows FirewallThe Microsoft Informational The _x000D_Microsoft CVE-MAP-NOMA
_x000D_ This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2916 User Rights Act AsThe User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2008 R2 (Service 4119 Windows FirewallThe Microsoft Informational The _x000D_Microsoft CVE-MAP-NOMA
indows Server 2008 R2 (Service 4136 Windows FirewallTheS Microsoft Informational The _x000D_Microsoft CVE-MAP-NOMA
indows Server 2008 R2 (Service 2962 User Rights Profi The User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2008 R2 (Service 3960 False AdministratA false AdminiInformational The _x000D_AdministraCVE-1999-0585 C
CVE-MAP-NOMA
The flaw lies Remote
in theProcedure Callobject
access to an Service wa
in me
indows Server 2008 R2 (Service 14163 (MS12-063) Micros A code executiHigh CVE-2012-2546
_x000D_flaw is specific
CVE-2011-1998
indows Server 2008 R2 (Service 14672 (MS13-010) VulneA remote codeHigh Microsoft
CVE-2013-0030
MS13-010 to address
indows Server 2008 R2 (Service 14380 (MS12-071) MicroA remote codeHigh The
the handling of the CTreePos
indows Server 2008 R2 (Service 15049 (MS13-037) Micros A remote codeHigh The flaw iscode
A remote dueCVE-2013-1306
to how an vulnerability
execution object in memoryis pres
indows Server 2008 R2 (Service 14166 (MS12-063) Cumula A code executiHigh Microsoft
MS12-063
C to address
the handling of previously de
indows Server 2008 R2 (Service 13299 (MS12-010) MicroThe
A remote codeHigh
Microsoft The flawControl
Windows User Account lies inCVE-2012-0155
an error"Behavior
with the of
option usethe
of eleva
an ob
the handling of the CFormEle
indows Server 2008 R2 (Service 5859 Windows User ProUser profiles Informational User _x000D_ profiles were found on the Windows ho
indows Server 2008 R2 (Service 6879 Microsoft WindowThe Microsoft Informational The _x000D_Microsoft Windows computer
a memory error in the LsGetT
indows Server 2008 R2 (Service 12752 (MS11-081) MicroA remote codeHigh The flaw is specific
_x000D_ CVE-2011-1995
a memory error in the CMark
indows Server 2008 R2 (Service 4658 Microsoft IIS Det Microsoft
A privilegeInteInformational If
Thethe
escalation vulnerability DisplayName
isvulnerability
present some and
can beImagePath
versions
exploited keys
of Microsoft
by exist
a proce
Wi
_x000D_
indows Server 2008 R2 (Service 15040 (MS13-037) MicrosA remote codeHigh The flaw is dueCVE-2013-1313
CVE-2012-1545
indows Server 2008 R2 (Service 12763 (MS11-081) CumulaMutiple remote High Microsoft has provided
CVE-2011-1993
A DNS configuration of aMS11-081
C to
Windows address
Operating
_x000D_
indows Server 2008 R2 (Service 14271 Microsoft InternetA Cross Site ScLow A Cross Site Scripting vulnerability is present
A remoteMicrosoft Windowsvulnerability
code execution role-b is pres
indows Server 2008 R2 (Service 15180 (MS13-047) MicrosA remote codeHigh The flaw
_x000D_ lies inCVE-2013-3126
indows Server 2008 R2 (Service 14825 (MS13-021) CumulaMultiple vulnerHigh Microsoft
CVE-2013-0087
MS13-021
C to address
indows Server 2008 R2 (Service 12757 (MS11-081) MicrosA remote codeHigh CVE-2011-2001
The flaw is specific to the way the application
W The
The Microsoft
flaw lies inCVE-MAP-NOMA
the Selection object. Successf
indows Server 2008 R2 (Service 12242 (MS11-050) MicrosA remote codeHigh CVE-2011-1261
indows Server 2008 R2 (Service 5265 Microsoft WindowsInternet ExploInformational Internet Explorer
A hosts file Enhanced
configuration of Secu
a Windows Oper
indows Server 2008 R2 (Service 13295 (MS12-010) CumulaVulnerabilitiesHigh Microsoft has provided
CVE-2012-0010
MS12-010
C to address
indows Server 2008 R2 (Service 13143 Microsoft WindowsA local denial Low A local denial of service vulne
_x000D_
indows Server 2008 R2 (Service 13871 (MS12-046) MicrosA remote codeMedium The flaw lies inCVE-2012-1854
_x000D_ the loading of DLL files. Succe
indows Server 2008 R2 (Service 13520 (MS12-023) CumulaMultiple remotHigh Microsoft
CVE-2012-0170
MS12-023
C to address
CVE-2011-1992
MS11-099
C to address
_x000D_ a memory error in the CDispN
indows Server 2008 R2 (Service 12840 Microsoft WindowsMultiple DNS pLow Multiple
The flaw
flaw lies
lies in
inCVE-2012-4782
the
the access
access to
to aanmemory
object inobjec
me
indows Server 2008 R2 (Service 14164 (MS12-063) MicroA code executiHigh _x000D_ CVE-2012-2548
indows Server 2008 R2 (Service 14382 (MS12-071) CumulaMultiple
The remotH
Microsoft igh
Windows Microsoft
User Account has provided
CVE-2012-1539
MS12-071
Control option "Admin CApproval
to address
Mod
indows Server 2008 R2 (Service 5609 Microsoft Window Informational The registry values under this key were obtai
indows Server 2008 R2 (Service 7555 Microsoft WindowThe registry Informational 4. A service is using a user account not perm
indows Server 2008 R2 (Service 4617 Microsoft WindowsA Microsoft WiInformational 5. A service is installed that should not be ins
_x000D_
The flawVirusScan is installed
is due to how on the host
the application and
handle
_x000D_ the access to a memory objec
indows Server 2008 R2 (Service 14671 (MS13-009) CumulaMultiple vulnerHigh Microsoft has provided
_x000D_ CVE-2013-0015
MS13-009
C to address
a use-after-free
A remote code execution vulnerability condition. Su
is pres
_x000D_ CVE-2011-2000
indows Server 2008 R2 (Service 15031 (MS13-038) SecuriA remote codeHigh Microsoft
CVE-2013-1347
MS13-038 to address
indows Server 2008 R2 (Service 13872 (MS12-046) VulnerA vulnerabilityHigh Microsoft
CVE-2012-1854
MS12-046 to address
an error with the use of Telne
indows Server 2008 R2 (Service 12750 (MS11-081) MicrosA remote codeHigh The flaw is specific
_x000D_ CVE-2011-1993
indows Server 2008 R2 (Service 14701 (MS13-009) MicroA remote codeHigh The flaw
_x000D_ lies inCVE-2013-0026
a memory error in the InsertE
_x000D_
A remote code an
error with
execution the use ofisan
vulnerability ob
pres
indows Server 2008 R2 (Service 15173 (MS13-047) Micros A remote codeHigh The flaw lies
code aexecution
user-after-free error. Succe
_x000D_ lies inCVE-2013-3112
indows Server 2008 R2 (Service 12215 (MS11-050) Cumula Multiple vulnerHigh Succesful
CVE-2011-1246
indows Server 2008 R2 (Service 13862 (MS12-044) Cumula Multiple vulnerHigh Microsoft has provided
CVE-2012-1522
_x000D_
A remotepermissions comply
code execution with enterprise
vulnerability p
is pres
indows Server 2008 R2 (Service 5733 Microsoft WindowThe host has aInformational The host
_x000D_ has at least one shar
indows Server 2008 R2 (Service 12241 (MS11-050) MicroA remote codeHigh The flaw can be
_x000D_ CVE-2011-1260
a error inside the print comm
indows Server 2008 R2 (Service 5592 Microsoft Windows The Digitally
The User RightInformational The(always)
sign communications User Rights "Increase a prodetected on th
policy setting was
_x000D_ the handling of previously de
indows Server 2008 R2 (Service 15039 (MS13-037) CriticMultiple vulneHigh Microsoft
CVE-2013-0811
_x000D_ the way Internet Explorer res
indows Server 2008 R2 (Service 15162 (MS13-047) Cumula Multiple vulner High Microsoft
The Microsoft Windows User Account has provided
CVE-2013-3110
MS13-047C oftothe
Control option "Behavior address
eleva
The denial
flaw lies of service
in the vulnerability
HTTP redirect is pre
operation.
indows Server 2008 R2 (Service 12244 (MS11-050) MicroA remote codeHigh The flaw is dueCVE-2011-1262
to when the Proxy address an
indows Server 2008 R2 (Service 12446 (MS11-057) Micros An informationMedium The flaw lies
Microsoft hasinprovided
CVE-2011-1960
an error MS11-057
with the handling
to addressof
indows Server 2008 R2 (Service 12466 (MS11-057) Cumula A remote codeHigh _x000D_ CVE-2011-1257 C
the sanitization of HTML elem
indows Server 2008 R2 (Service 10804 Windows Installe It was possibl Informational ItThe flaw is due to enumerate
was possible to i
when the Proxy address an
indows Server 2008 R2 (Service 14492 (MS12-077) Cumula Multiple vulnerHigh Microsoft has provided
CVE-2012-4781
_x000D_
The flaw
flaw lies
lies in
inCVE-2012-4775
the
the handling of the CFormEle
Internet Explorer process
indows Server 2008 R2 (Service 13298 (MS12-010) Micros An informationMedium _x000D_ CVE-2012-0012
_x000D_ lies inCVE-2012-4787
the access to a memory objec
indows Server 2008 R2 (Service 5245 Microsoft WindowThe 'AdministrInformational Disabled
_x000D_ - Administrator account is disabled.
indows Server 2008 R2 (Service 14925 (MS13-028) Cumula Multiple vulnerHigh Microsoft
CVE-2013-1303
indows Server 2008 R2 (Service 14017 (MS12-052) Cumula Multiple remotHigh Microsoft has provided
_x000D_ CVE-2012-2522
_x000D_
indows Server 2008 R2 (Service 14954 Microsoft TerminaThe target is Informational
_x000D_
_x000D_
_x000D_
s Hidden
_x000D_
indows Server 2008 R2 (Service 12824 HTTP Server Prone A denial of serMedium A denial of service
CVE-2009-5111
CVE-2000-0666_x000D_ vulnerabilityC is present in
364 RPC statd The RPC statd Informational
678 RPC portmap The portmap RP Informational It was possibl CVE-1999-0632
572 RPC mountd The RPC mount Informational The RPC mountd
Network program
File Share (NFS) iswas det
a daemon to allo
393 NFS Enabled NFS daemon isInformational
817 RPC nlockmgr The RPC nlockInformational The RPC nlockmgr program was d
_x000D_
1031 Webmin Remote The Ad Webmin Se Informational Any UNIX system
_x000D_ CVE-1999-1074
running Webmin
987 Exported NFS ShaNFS Shares havInformational http://nfs.sourceforge.net
2362 SSH2 Algorithm NKey exchange Ianformational _x000D_ CVE-MAP-NOMA
11200 SSH Protocol Sup SSH protocol sInformational SSH protocol supported version was detected
_x000D_
11146 PostgreSQL ServePostgreSQL serInformational PostgreSQL server was detected on the host.
8969 Raw Socket Test Detect for opeInformational Detect for opened TCP port on
8966 Raw Socket Test Detect for ICMInformational Detect
12006 ICMP Timestamp An Re informationLow An informationCVE-1999-0524
8970 Raw Socket Test ODetect for res Informational When
_x000D_create a TCP connection, it needs esta
9773 Web Server robotPresence of roInformational A robots.txt file was found on the web server
_x000D_
9832 HTTP Proxy ServeHTTP proxy serInformational HTTP proxy server allows CONNECT requests
_x000D_
10224 Hidden WWW SerHidden WWWInformational
s Hidden
11218 Web Server HTTPHTTP protocolInformational HTTP protocol version was obtained from the
_x000D_
11258 HTTP Server Set HTTP server haInformational HTTP server handling session using set-cooki
_x000D_
12256 Web Server HTTPHTTP DELETE m Informational HTTP DELETE method access was allowed on
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1640 Microsoft WindowThe Simple Mai Informational Transports eleCVE-MAP-NOMA
indows Server 2003 R2 (Service 1653 Microsoft WindowThe Event Log Informational Enables
_x000D_eventCVE-MAP-NOMA
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_ Data Ob CVE-MAP-NOMA
indows Server 2003 R2 (Service 1671 Microsoft WindowThe Security AInformational Stores
_x000D_ securityCVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1755 Number Of PrevioThe Number ofInformational Determines the
CVE-MAP-NOMA
_x000D_
Se
indows Server 2003 R2 (Service 1742 Microsoft Windows The Digitally Informational When_x000D_enabled,CVE-MAP-NOMA
indows Server 2003 R2 (Service 1754 Restrict Floppy A The restrict fl Informational This setting
_x000D_ d CVE-1999-0594
_x000D_
The COM+
Do notEvent Informational
store LAN Manager This
hashservice
value onprCVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
requires at least
C Foundston
_x000D_
_x000D_
S Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 3316 Microsoft WindowIt was possibl Informational _x000D_
Microsoft Wind CVE-MAP-NOMA
indows Server 2003 R2 (Service 2908 Microsoft WindowThe Audit Acc Informational NOTE: _x000D_This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2891 Microsoft WindowThe "System Ob Informational Ensure permissionsCVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2914 Audit System EvenThe Audit Sys Informational NOTE:_x000D_This check
CVE-1999-0575
_x000D_
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4130 Windows FirewallThe Microsoft Informational _x000D_The Microsoft CVE-MAP-NOMA
_x000D_ This check
CVE-1999-0534
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2912 Audit Policy ChanThe Audit Pol Informational NOTE: _x000D_ This check
CVE-1999-0575
_x000D_
_x000D_
indows Server 2003 R2 (Service 2887 Microsoft WindowAutoplay
The Remove Adm
Informational
is not Ensure
_x000D_ permissions
comply
all local withand
accounts enterprise
thereforp
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4004 Microsoft Windows The "ImpersonaInformational NOTE:
_x000D_ This check
CVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4007 Microsoft WindowThe "Adjust meInformational NOTE: _x000D_ This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2885 Microsoft WindowThe Name-poliInformational Ensure permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 9772 SMTP Server DeteSMTP service w Informational SMTP service was detected on the host.
_x000D_
indows Server 2003 R2 (Service 9793 SMTP Server ConnSMTP server cInformational SMTP server connection was allowed on the
_x000D_
_x000D_
_x000D_
_x000D_ Windows computer
The flaw- is
June
due13,
to 2012 - The
how the vendor has
application upd
handle
A hostsaccounts password of
file configuration was fo
a Windows Oper
CVE-2009-4073in Microsoft Intern
_x000D_
indows Server 2003 R2 (Service 14347 Microsoft .NET F An obsolete veInformational AnAobsolete
4. service isversion
using aofuser
Microsoft
account.NET
notFrame
perm
_x000D_
_x000D_
_x000D_
_x000D_
_x000D_
_x000D_ CVE-2009-0217
indows Server 2003 R2 (Service 5511 Microsoft Intern A vulnerabilit Medium A design flaw in CVE-2007-5158
_x000D_
indows Server 2003 R2 (Service 5250 Microsoft WindowAllow ICMP redInformational Ensure permissions comply with enterprise p
indows Server 2003 R2 (Service 10804 Windows Installe It was possibl
escalation It was
vulnerability
The possiblesome
tocan
isvulnerability
present enumerate
versions i Microsoft
be exploited
of by a proce
Wi
indows Server 2003 R2 (Service 5533 Microsoft WindowA list of loca Informational A A list
DNSofconfiguration
local groups was obta
indows Server 2003 R2 (Service 5591 Microsoft Windows The User RightInformational The _x000D_ User Rights "Deny log on t
The registry DNSvalues
poisoning
undervulnerabilities
this key wereare pr
obtai
indows Server 2003 R2 (Service 5254 Microsoft Windows Windows filesign
The Digitally nInformational Ensure
communications permissions complywas
(always) policy setting with enterprise
detected p
on th
CVE-2012-1545
indows Server 2003 R2 (Service 5590 Microsoft Windows The User RightInformational The _x000D_ User Rights "Deny log on loc
o The
This username
check onlyofattempts
the last to
user
establish a NetBI
indows Server 2003 R2 (Service 11141 Microsoft Windo The Microsoft Informational The _x000D_ Microsoft Windows computer
indows Server 2003 R2 (Service 11140 McAfee VirusSca McAfee VirusSc Informational _x000D_
McAfee VirusScan is running on the target ho
indows Server 2003 R2 (Service 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS _x000D_ bindings information was detected
indows Server 2003 R2 (Service 8969 Raw Socket Test Detect for opeInformational Detect _x000D_ for opened TCP port on
_x000D_ CVE-1999-0524
indows Server 2003 R2 (Service 7783 Microsoft WindowThe server is Informational The _x000D_ server is running the Microsoft Windows
_x000D_
indows Server 2003 R2 (Service 11218 Web Server HTTPHTTPThereprotocol Informational
is an information HTTP
disclosure protocol
Thevulnerability
same version
vulnerability
present was obtained
could
in some from
alsoversions
cause the
a de
of
indows Server 2003 R2 (Service 1634 Microsoft WindowThe Task SchedInformational Enables
_x000D_a userCVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
Ti Maintains
CVE-MAP-NOMA
_x000D_securityCVE-MAP-NOMA
_x000D_ permissions
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2879 Microsoft WindowThe "System CrInformational Ensure permissions
CVE-MAP-NOMA
Se
_x000D_
indows Server 2003 R2 (Service 1792 Microsoft WindowsThe Enable SecInformational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
The Microsoft Informational
hashpolicy
valuese
onCVE-1999-0535
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1742 Microsoft WindowsThe Digitally Informational When enabled,CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2444 Microsoft WindowThe Net LogonInformational _x000D_
indows Server 2003 R2 (Service 1804 Microsoft WindowsThe Microsoft Informational This policy s CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4005 Microsoft WindowsThe "Log on asInformational NOTE:
_x000D_ This check
CVE-1999-0534
Autoplay is not disabled on all drive
_x000D_ This check
CVE-MAP-NOMA
requires
types for all local at least
accounts andFoundston
therefor
_x000D_ This check
CVE-MAP-NOMA
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 3976 Microsoft WindowsThe permissionInformational CVE-MAP-NOMA
indows Server 2003 R2 (Service 2891 Microsoft WindowThe "System Ob Informational Ensure permissions CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 3959 Microsoft WindowsThe AdministrInformational _x000D_
The users detected within the
indows Server 2003 R2 (Service 4113 Windows FirewallThe
_x000D_
indows Server 2003 R2 (Service 2880 Microsoft WindowsThe "Network Informational
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 3984 Microsoft Windows The permissionInformational
_x000D_ _x000D_ CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2919 User Rights BypasThe User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
CVE-1999-0575
_x000D_This check
CVE-1999-0575
requires at least
C Foundston
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2965 User Rights RestorThe User RightInformational NOTE: This check
indows Server 2003 R2 (Service 2909 Audit Account MaThe Audit Acc Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2920 User Rights Chan The User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2913 Audit Privilege UsThe Audit Pri Informational NOTE:
_x000D_This check
CVE-1999-0575
_x000D_This check
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2961 User Rights Profil The User RightInformational NOTE:
_x000D_
indows Server 2003 R2 (Service 14347 Microsoft .NET F An obsolete veInformational _x000D_
An obsolete version of Microsoft .NET Frame
A hosts Internet Explore
file configuration of a Windows Oper
W The Microsoft
indows Server 2003 R2 (Service 6879 Microsoft WindowThe Microsoft Informational The 4. A Microsoft Windows
service is using a usercomputer
account not perm
indows Server 2003 R2 (Service 4481 Microsoft WindowThe Microsoft Informational The
The Digitally sign communications Microsoft Windows
settingFirewall
(always) policy was detected on th
indows Server 2003 R2 (Service 5610 Microsoft Windows Informational The flaw is due to how the application handle
indows Server 2003 R2 (Service 4427 Check users who Determined tha Informational _x000D_
Some accounts password was fo
_x000D_
indows Server 2003 R2 (Service 9410 Microsoft InterneA remote denial Low A
A remote denial of service
DNS configuration vulnerability
of a Windows is pre
Operating
indows Server 2003 R2 (Service 10804 Windows Installe It was possibl Informational _x000D_
It was possible to enumerate i
indows Server 2003 R2 (Service 4658 Microsoft IIS Det Microsoft InteInformational If Thetheflaw
DisplayName
is due to whenand ImagePath keys exist
_x000D_
indows Server 2003 R2 (Service 5859 Windows User ProU ser profiles Informational User
A privilege escalation vulnerability profiles
presentwere
Theisvulnerability some found
can on the
versions
be exploited Windows
of Microsoft ho
by a proce
Wi
indows Server 2003 R2 (Service 8691 Internet Explorer A cross-site scMedium A cross-site
_x000D_ scripting
CVE-2010-1489
indows Server 2003 R2 (Service 6936 Microsoft InterneA vulnerabilityLow A vulnerability
_x000D_ CVE-2009-2433
The flaw is specific
registry CVE-2009-2655
values to a null
under pointer
this deferenc
key were obtai
indows Server 2003 R2 (Service 5265 Microsoft Windows Internet ExploInformational _x000D_
Internet Explorer Enhanced Secu
CVE-2012-1545
The flaw is due shares
to when arethe
crea
Proxy address an
_x000D_
_x000D_
This check bypass
security vulnerability
only attempts is present
to establish in s
a NetBI
indows Server 2003 R2 (Service 11141 Microsoft Windo The Microsoft Informational _x000D_
_x000D_
_x000D_
BID 1756:_x000D_ CVE-MAP-NOMA
indows Server 2003 R2 (Service 909 (KB272079) Micros A Directory DisLow http://www.securityfocus.com/bid/1756
MS02-062:_x000D_ CVE-2000-0951
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1619 Microsoft WindowThe Indexing sInformational Indexes contenCVE-MAP-NOMA
indows Server 2003 R2 (Service 1666 Microsoft WindowThe Network DD Informational Provides netwo CVE-MAP-NOMA
_x000D_Data ObCVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1667 Microsoft Windo The Network DInformational Manages Dynami CVE-MAP-NOMA
indows Server 2003 R2 (Service 2441 Microsoft WindowThe Shell HardInformational _x000D_
The Do not store LAN Manager Ensure
"System Cr
I nformational permissions
comply with
next password enterprise
change policyps
_x000D_
B Ensure
_x000D_ permissions
CVE-MAP-NOMA
p The minimum
_x000D_ CVE-1999-0535
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2414 Microsoft WindowThe AutomaticInformational The AutomaticCVE-MAP-NOMA Updates/Windows Update se
_x000D_
indows Server 2003 R2 (Service 1765 Microsoft WindowThe LAN Manage Informational NTLMv2 is a more CVE-2001-0705
_x000D_ Se
indows Server 2003 R2 (Service 2878 Microsoft WindowThe Dr. Watson Informational Ensure permissions CVE-MAP-NOMA
_x000D_
Autoplay is not disabled on all drive Microsoft
types for all local accounts and therefor
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
CVE-1999-0534
_x000D_
_x000D_that the legal notice text and caption
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2913 Audit Privilege UsThe Audit Pri Informational CVE-1999-0575
NOTE: This check requires at least Foundston
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2918 User Rights BackupThe User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4103 Basic AuthenticatThe Microsoft Informational
_x000D_ Microsoft
_x000D_This check
CVE-MAP-NOMA
_x000D_This check
CVE-1999-0575
CVE-MAP-NOMA
_x000D_
CVE-1999-0575
_x000D_This check
CVE-1999-0575
requires at least
C Foundston
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2917 User Rights AllowThe User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2920 User Rights Chan The User Righ Informational NOTE: This checkCVE-MAP-NOMA
indows Server 2003 R2 (Service 2908 Microsoft WindowThe Audit Acc Informational NOTE: This checkCVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2965 User Rights RestorThe User RightInformational NOTE: This checkCVE-MAP-NOMA
indows Server 2003 R2 (Service 8691 Internet Explorer A cross-site scMedium A cross-site
_x000D_ CVE-2010-1489
scripting vulnerability is present
indows Server 2003 R2 (Service 13623 (MS12-034) MicroA remote codeMedium The flaw lies inCVE-2012-0164
_x000D_ the way the framework comp
CVE-2013-1248
MS13-016
C to address
_x000D_not technically a security issue, the dig
indows Server 2003 R2 (Service 14936 (MS13-031) Micros A privilege es Medium The flaw lies
code the handling
execution of specific isobjec
vulnerability pres
_x000D_ lies inCVE-2013-3112
indows Server 2003 R2 (Service 6003 Microsoft WindowOne or more us Informational One or morevalues
The registry user accounts have
under this keynever
were logge
obtai
CVE-2013-1295
MS13-033 to address
_x000D_
_x000D_
_x000D_ that both
CVE-1999-0590
indows Server 2003 R2 (Service 5859 Windows User ProUser profiles Informational User profiles
_x000D_ were found on the Windows ho
_x000D_
_x000D_ CVE-2009-2655
_x000D_ CVE-2009-4073in Microsoft Intern
indows Server 2003 R2 (Service 4427 Check users who Determined tha Informational Some accounts
4. A service password
is using a userwas fo not perm
account
_x000D_
_x000D_
handling of object in memory
_x000D_
indows Server 2003 R2 (Service 15182 (MS13-048) MicroA information Medium A information
_x000D_ CVE-2013-3136
indows Server 2003 R2 (Service 14567 (MS13-004) MicroAn informationMedium The flaw
_x000D_ lies inCVE-2013-0001
_x000D_
o The username
_x000D_ of the last user
_x000D_
indows Server 2003 R2 (Service 10797 McAfee VirusScanMcAfee VirusSc Informational The flaw is due to how the application handle
_x000D_
_x000D_
_x000D_
_x000D_
_x000D_ the parsing of OpenType font
A hosts file configurationMS12-049
has provided
of a Windows Oper
MS13-040
C to address
indows Server 2003 R2 (Service 13392 Microsoft InterneA denial of serMedium The lies
_x000D_ in a memory
CVE-2012-1545
indows Server 2003 R2 (Service 13874 (MS12-049) MicroA Anprivilege
information Mediumvulnerability
escalation Theisvulnerability
The flaw lies insome
present CVE-2012-1870
the
canTLSbeencryption
versions
exploited protocol.
of Microsoft
by WiS
a proce
indows Server 2003 R2 (Service 10165 Microsoft WindowShares were foInformational http://support.microsoft.com/default.aspx?s
sign McAfee
communications VirusScan
policy is installed
wason
(always) setting the hostonand
detected th
The User Rights "Deny log on loc
_x000D_
_x000D_
CVE-2013-1287
MS13-027
C to address
CVE-2013-1332
MS13-046
C to address
indows Server 2003 R2 (Service 14914 Microsoft Enhance Microsoft EnhaInformational
_x000D_
the incorrect sanitization of fu
_x000D_
The flaw
flaw is
is due
dueCVE-2013-1297
to
to how
whenaccess to JSON
the Proxy dataan
address fi
_x000D_ lies inCVE-2013-1248
A flaw
DNS lies inCVE-2013-1257
a raceofcondition
configuration a Windowserror. Succes
Operating
_x000D_
_x000D_ lies inCVE-2013-1265
the handling of null bytes. Su
indows Server 2003 R2 (Service 10804 Windows Installe It was possibl Informational It
Thewas possible
flaw is due to
to enumerate i
when the Proxy address an
_x000D_ lies inCVE-2013-1263
This Microsoft
check onlyWindows
attemptscomputer
_x000D_
_x000D_ CVE-1999-0524
_x000D_
_x000D_
indows Server 2003 R2 (Service 8340 Microsoft IIS Fro Microsoft InteInformational Microsoft
_x000D_ IIS FrontPage Server Extensions are
indows Server 2003 R2 (Service 11260 Web Server WebDThere
WebDAV was
is an de
Informational
information WebDAV
disclosure
The samewas
vulnerabilitydetected
vulnerability on
in the
alsoversions
cause a de
of
indows Server 2008 R2 (Server, 864 NetBIOS NBTSTATIt is possible Informational Where target_system CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1618 Microsoft WindowThe IIS Admin Informational Necessary for CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1623 Microsoft WindowThe Network Co Informational Manages object CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1625 Microsoft WindowThe Print SpoolInformational Loads files to CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1628 Microsoft WindowThe Remote Reg Informational Enables remote CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1631 Microsoft WindowThe Server serInformational Supports file, CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1635 Microsoft WindowThe TCP/IP NetInformational Enables supporCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1634 Microsoft WindowThe Task SchedInformational Enables a userCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1661 Microsoft WindowThe DHCP Clien Informational Manages netwo CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1660 Microsoft WindowThe DNS ClientInformational Resolves and cCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1633 Microsoft WinNT/A list of the s Informational The services l CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1680 Microsoft WindowThe Windows Informational
indows Server 2008 R2 (Server, 1694 Microsoft Windo The Microsoft Informational Active Data ObCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1699 Microsoft WindowThe Microsoft Informational Microsoft
indows Server 2008 R2 (Server, 1703 Clear Pagefile On The Microsoft Informational Default:
_x000D_Disabled. CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1712 Microsoft Windows The Microsoft Informational It is highly recommened
CVE-MAP-NOMAthat users maintain
indows Server 2008 R2 (Server, 1737 Microsoft Windows The Digitally Informational When
_x000D_ enabled,CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1731 Microsoft Windows The Unsigned Idnformational CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1740 Microsoft WindowThe Do not al Informational This setting c CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1662 Microsoft WindowThe Cryptograp Informational Provides threeCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1664 Microsoft Windows The Background Informational Uses idle netwCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1663 Microsoft WindowThe COM+ Syste Informational Manages the cCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1701 Do Not Display LaThe Microsoft Informational With this poli CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1671 Microsoft WindowThe Security AInformational Stores_x000D_ securityCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1714 Microsoft WindowThe version ofInformational Microsoft releases CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1681 Microsoft Windo The Management Informational Provides a comCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1756 Require DC authen The Require Do Informational When enabled,CVE-2002-0157
indows Server 2008 R2 (Server, 2875 Drive Autorun PolThe system is Informational The autorun orCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1787 Microsoft WindowThe Lockout ThInformational Determines the number of failed
indows Server 2008 R2 (Server, 2872 Bluescreen Auto The system is Informational The blue screeCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1850 Microsoft WindowThe maximumInformational
Se
indows Server 2008 R2 (Server, 2430 Microsoft WindowThe WorkstatioInformational This service roCVE-MAP-NOMA
indows Server 2008 R2 (Server, 2443 Microsoft WindowThe DistributeInformational This service coCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1804 Microsoft WindowsThe Microsoft Informational This policy s CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2874 Microsoft WindowFor new users,Informational The autorun orCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1742 Microsoft WindowsThe Digitally Informational When enabled,CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2442 Microsoft WindowsThe DistributedInformational This service maCVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2836 Unsigned Non-drivThe unsigned nInformational Default: Warn CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2439 Microsoft WindowThe Remote Pro Informational This service prCVE-MAP-NOMA
indows Server 2008 R2 (Server, 1803 Microsoft WindowThe Microsoft Informational This policy se CVE-1999-0535
_x000D_
indows Server 2008 R2 (Server, 1759 Microsoft WindowThe minimum Informational
indows Server 2008 R2 (Server, 1757 Microsoft WindowThe Prompt use Informational This setting d CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2877 Microsoft WindowThe ComputerInformational
B Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2414 Microsoft WindowThe AutomaticInformational The AutomaticCVE-MAP-NOMA
indows Server 2008 R2 (Server, 2873 Microsoft WindowThe system is Informational The cdrom auto CVE-2000-0155
indows Server 2008 R2 (Server, 2441 Microsoft WindowThe Shell HardInformational This service prCVE-MAP-NOMA
indows Server 2008 R2 (Server, 2832 Members Of The Accounts wereInformational If an account CVE-MAP-NOMA
indows Server 2008 R2 (Server, 1785 Microsoft WindowMicrosoft Wind Informational The number ofCVE-1999-0582
_x000D_
indows Server 2008 R2 (Server, 1749 .NET Passport CreThe Do not all Informational Default: Disabled
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2828 Default Guest Ac The guest accoInformational An account nam
indows Server 2008 R2 (Server, 1794 Enable ICMP RediThe Enable ICM Informational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2415 Microsoft WindowThe COM+ Event Informational This service prCVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 3984 Microsoft WindowsThe permissionInformational
_x000D_ _x000D_ CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2987 Power Users Grou Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2966 User Rights Shut The User Righ Informational NOTE: This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2910 Audit Logon EventThe Audit Log Informational The Audit LogoCVE-1999-0575
indows Server 2008 R2 (Server, 4104 USB Block StorageThe Microsoft Informational Microsoft Wind CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2912 Audit Policy ChanThe Audit Pol Informational NOTE:
_x000D_ This check
CVE-1999-0575
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4136 Windows FirewallThe
_x000D_
indows Server 2008 R2 (Server, 3976 Microsoft WindowsThe permissionInformational CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4103 Basic AuthenticatThe Microsoft Informational Microsoft
_x000D_ WindCVE-MAP-NOMA
indows Server 2008 R2 (Server, 4005 Microsoft WindowsThe "Log on asInformational NOTE:
_x000D_ This check
CVE-1999-0534
indows Server 2008 R2 (Server, 2909 Audit Account MaThe Audit Acc Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2920 User Rights Chan The User Righ Informational NOTE: This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4113 Windows FirewallThe
_x000D_
indows Server 2008 R2 (Server, 4000 Microsoft WindowsThe "Create glInformational NOTE: This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4102 WebDAV Basic Aut The Microsoft Informational Microsoft Wind CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2915 User Rights Acce The User Righ Informational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2888 Microsoft WindowThe Perform Ro Informational Ensure permissions
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 3995 Microsoft WindowAnonymous user Informational http://www.microsoft.com/resources/docum
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2962 User Rights Profi The User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4004 Microsoft Windows The "Impersona Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2911 Audit Object AcceThe Audit Obj Informational NOTE:
_x000D_This check
CVE-1999-0575
requires at least
C Foundston
indows Server 2008 R2 (Server, 4007 Microsoft WindowThe "Adjust meInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2964 User Rights ReplaThe User RightInformational NOTE:
_x000D_This CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2970 User Rights LogonThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2885 Microsoft WindowThe Name-poliInformational Ensure permissions CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4018 Microsoft WindowOne or more Mi Informational Microsoft Wind CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2919 User Rights BypasThe User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2908 Microsoft WindowThe Audit Acc Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2883 Microsoft Windows The legal noti Informational Ensure
indows Server 2008 R2 (Server, 2914 Audit System EvenThe Audit Sys Informational NOTE: This check CVE-1999-0575
_x000D_
indows Server 2008 R2 (Server, 4017 Microsoft Windo User accountsInformational One or more user
indows Server 2008 R2 (Server, 4008 Microsoft WindowThe Microsoft Informational The value for this CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2965 User Rights RestorThe User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4115 Windows FirewallThe Microsoft Informational The
The User Rights "Generate security
NOTE:Microsoft
This check
policyrequires
does notatmatch
least Foundston
the recom
indows Server 2008 R2 (Server, 2958 User Rights Gener Informational CVE-MAP-NOMA
indows Server 2008 R2 (Server, 4108 Security Center i The Microsoft Informational The Microsoft CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 3994 Microsoft Windows The file permi Informational CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2887 Microsoft WindowThe Remove Adm Informational Ensure permissions
CVE-MAP-NOMA
indows Server 2008 R2 (Server, 3959 Microsoft Windows The AdministrInformational The users detected within the
_x000D_
indows Server 2008 R2 (Server, 2918 User Rights BackupThe User RightInformational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2880 Microsoft Windows The "Network Informational
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Server, 2957 User Rights Log OnThe User RightInformational NOTE: This check CVE-MAP-NOMA
indows Server 2008 R2 (Server, 3316 Microsoft WindowIt was possibl Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2008 R2 (Server, 2913 Audit Privilege UsThe Audit Pri Informational NOTE: This check CVE-1999-0575
_x000D_
indows Server 2008 R2 (Server, 2917 User Rights AllowThe User RightInformational NOTE:
_x000D_This checkCVE-MAP-NOMA
indows Server 2008 R2 (Server, 11192 Microsoft RemoteMicrosoft Remo Informational Microsoft Remote Procedure Call Service wa
indows Server 2008 R2 (Server, 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS
indows Server 2008 R2 (Server, 11067 FTP Server With CFTP server witInformational FTP server with clear text authentication was
_x000D_
indows Server 2008 R2 (Server, 11090 FTP Server Detec A FTP server wInformational A FTP server was detected on the host.
_x000D_
indows Server 2008 R2 (Server, 6911 FTP Server FoundAn FTP server Informational An FTP server was detected on the host.
indows Server 2008 R2 (Server, 5543 Enumerate EnableMicrosoft WinInformational Administrative
indows Server 2008 R2 (Server, 14710 (MS13-016) MicrosA privilege es Medium The flaw lies inCVE-2013-1258
indows Server 2008 R2 (Server, 14776 (SYM13-001) SymanTwo privilege Medium Two privilege escalation
_x000D_ CVE-2012-4351
vulnerabilities
C are p
indows Server 2008 R2 (Server, 14722 (MS13-016) MicrosA privilege es Medium The flaw
The Microsoft Windows User Account lies inCVE-2013-1261
a race condition
HKEY_LOCAL_MACHINE\Software\Microsofterror. Succes
indows Server 2008 R2 (Server, 7232 Microsoft Windo The target's Informational _x000D_ CVE-MAP-NOMA
indows Server 2008 R2 (Server, 14926 (MS13-028) MicrosA remote codeHigh The flaw lies inCVE-2013-1303
indows Server 2008 R2 (Server, 4434 Enumerate Admini List the users Informational Under
_x000D_Microsoft Windows role-b
indows Server 2008 R2 (Server, 12840 Microsoft WindowsMultiple DNS pLow Multiple
indows Server 2008 R2 (Server, 14014 (MS12-055) VulnerA privilege es High Microsoft
CVE-2012-2527
MS12-055 to address
indows Server 2008 R2 (Server, 9518 Mcafee VirusScanMcAfee VirusSc Informational McAfee
_x000D_ VirusScan is installed on the host and
indows Server 2008 R2 (Server, 14671 (MS13-009) CumulaMultiple vulnerHigh Microsoft
CVE-2013-0015
MS13-009
C to address
indows Server 2008 R2 (Server, 14928 (MS13-036) VulnerMultiple vulneHigh Microsoft
CVE-2013-1283
MS13-036
C to address
CVE-2013-0087
MS13-021
C to address
indows Server 2008 R2 (Server, 14672 (MS13-010) VulneA remote codeHigh Microsoft has provided
A remote code CVE-2013-0030
execution MS13-010 to address
indows Server 2008 R2 (Server, 13406 (MS12-020) MicrosA denial of serMedium The flaw occurs
_x000D_ CVE-2012-0152
due to Remote Desktop Prot
indows Server 2008 R2 (Server, 13765 (MS12-037) MicrosAn informationMedium The flaw lies inCVE-2012-1858
indows Server 2008 R2 (Server, 14578 (MS13-001) VulneA remote codeHigh Microsoft
CVE-2013-0011
MS13-001 to address
indows Server 2008 R2 (Server, 13043 Microsoft InterneAn informationLow An informationCVE-2002-2435
indows Server 2008 R2 (Server, 14617 (MS13-008) SecuriA use-after-freHigh Microsoft
CVE-2012-4792
MS13-008 to address
indows Server 2008 R2 (Server, 14713 (MS13-015) VulnerA privilege es High The flaw lies inCVE-2013-0073
_x000D_ the handling of the permissio
CVE-2013-1339
MS13-050 to address
indows Server 2008 R2 (Server, 13407 (MS12-019) VulnerA denial of se Medium Microsoft
CVE-2012-0156
MS12-019 to address
indows Server 2008 R2 (Server, 13859 (MS12-047) VulnerMultiple vulneHigh Microsoft
CVE-2012-1890
MS12-047
C to address
indows Server 2008 R2 (Server, 14216 (MS12-069) MicroA denial of serMedium The flaw lies inCVE-2012-2551
_x000D_ the handling of crafted sessio
_x000D_ lies inCVE-2013-1254
indows Server 2008 R2 (Server, 14166 (MS12-063) CumulaA code executiHigh Microsoft
CVE-2012-1529
MS12-063
C to address
indows Server 2008 R2 (Server, 15055 (MS13-040) MicroA security bypHigh The flaw is dueCVE-2013-1337
_x000D_ to policy requirements for au
indows Server 2008 R2 (Server, 13875 (MS12-045) VulneA remote codeHigh Microsoft
CVE-2012-1891
MS12-045 to address
indows Server 2008 R2 (Server, 10165 Microsoft WindowShares were foInformational
_x000D_
indows Server 2008 R2 (Server, 5733 Microsoft WindowThe host has aInformational The host has at least one shar
_x000D_
indows Server 2008 R2 (Server, 6982 Microsoft InternetA vulnerabilit Medium The flaw is specific
_x000D_ CVE-2009-2655
indows Server 2008 R2 (Server, 14175 Update Rollup forMultiple remotMedium Multiple
indows Server 2008 R2 (Server, 15054 (MS13-040) VulnerMultiple securHigh
The Digitally Microsoft
sign communications has provided
CVE-2013-1336
MS13-040
was Cdetected
(always) policy setting to address
on th
indows Server 2008 R2 (Server, 5610 Microsoft Windows Informational _x000D_
indows Server 2008 R2 (Server, 11534 Microsoft InterneA spoofing vulnMedium The flaw is specific to a weakness when upda
_x000D_
indows Server 2008 R2 (Server, 7139 Microsoft InterneA vulnerabilit Medium A vulnerabilityCVE-2009-3003
indows Server 2008 R2 (Server, 14217 (MS12-069) VulnerA denial of serMedium Microsoft
MS12-069 to address
indows Server 2008 R2 (Server, 15031 (MS13-038) SecuriA remote codeHigh Microsoft
_x000D_ has CVE-2013-1347
provided MS13-038 to address
indows Server 2008 R2 (Server, 5254 Microsoft WindowsWindows
A privilegefile nInformational
escalation Ensure
vulnerability permissions
Theisvulnerability
present some cancomply
versions with
be exploitedenterprise
of Microsoft Wip
by a proce
indows Server 2008 R2 (Server, 9839 Microsoft Windows Medium _x000D_ CVE-2010-1886
indows Server 2008 R2 (Server, 13392 Microsoft InterneA denial of serMedium The lies in a memory
_x000D_ CVE-2012-1545
_x000D_ lies inCVE-2013-1277
MS12-077
C to address
indows Server 2008 R2 (Server, 5250 Microsoft WindowAllow ICMP redInformational Ensure permissions comply with enterprise p
indows Server 2008 R2 (Server, 4618 Microsoft WindowThe "PasswordInformational The "PasswordCVE-1999-0535
indows Server 2008 R2 (Server, 5533 Microsoft WindowA list of loca Informational A list of local groups was obta
_x000D_
indows Server 2008 R2 (Server, 14705 (MS13-009) MicrosAn informationMedium The flaw lies inCVE-2013-0015
indows Server 2008 R2 (Server, 13762 (MS12-037) MicrosAn informationMedium The flaw
_x000D_ lies inCVE-2012-1873
_x000D_ has releasedCVE-2013-0008
MS13-005 to address
indows Server 2008 R2 (Server, 5859 Windows User ProUser profiles Informational User profiles were found on the Windows ho
indows Server 2008 R2 (Server, 4138 Windows FirewallThe Microsoft Informational
W The
The Microsoft
flaw is dueCVE-MAP-NOMA
indows Server 2008 R2 (Server, 14656 Microsoft InternetA denial of serMedium _x000D_ CVE-2013-1451
indows Server 2008 R2 (Server, 14017 (MS12-052) CumulaMultiple remotHigh Microsoft
MS12-052
C to address
MS13-047
C to address
_x000D_ lies inCVE-2013-1266
indows Server 2008 R2 (Server, 15039 (MS13-037) CriticMultiple vulneHigh Microsoft
MS13-037
C to address
indows Server 2008 R2 (Server, 6879 Microsoft WindowThe Microsoft Informational The Microsoft Windows
The flaw is due to when the computer
Proxy address an
indows Server 2008 R2 (Server, 10029 Windows ParticulaSearch for file Informational Search for file with particular a
indows Server 2008 R2 (Server, 4427 Check users who Determined tha Informational Some
A hostsaccounts password of
file configuration was fo
a Windows Oper
indows Server 2008 R2 (Server, 13430 Windows Hosts FiA hosts file c Informational
indows Server 2008 R2 (Server, 15161 (MS13-049) MicrosA denial of se High A denial of serCVE-2013-3138
_x000D_
_x000D_ lies inCVE-2013-1268
indows Server 2008 R2 (Server, 15212 Update Rollup forUnknown vulner Medium Unknown vulnerabilities are pre
_x000D_
indows Server 2008 R2 (Server, 14925 (MS13-028) Cumula Multiple vulnerHigh Microsoft
CVE-2013-1303
MS13-028
C to address
indows Server 2008 R2 (Server, 14239 Microsoft Windows Microsoft has Medium While not technically
The registry values under a security issue,
this key werethe dig
obtai
indows Server 2008 R2 (Server, 7555 Microsoft WindowThe registry Informational _x000D_
indows Server 2008 R2 (Server, 6936 Microsoft InterneA vulnerabilityLow A vulnerabilityCVE-2009-2433
indows Server 2008 R2 (Server, 5474 Display all detec Informational Informational Informational
indows Server 2008 R2 (Server, 9822 Microsoft Windows A security bypLow A security bypass vulnerability is present in s
_x000D_
indows Server 2008 R2 (Server, 5606 Microsoft WindowThe Security EInformational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
_x000D_ lies inCVE-2013-1265
indows Server 2008 R2 (Server, 14501 (MS12-078) VulneA remote codeHigh The flaw lies inCVE-2012-4786
_x000D_ the handling ofCOpenType an
indows Server 2008 R2 (Server, 8691 Internet Explorer A cross-site scMedium A cross-site scripting
_x000D_ CVE-2010-1489
indows Server 2008 R2 (Server, 13615 (MS12-032) MicroA security bypLow The flaw lies inCVE-2012-0174
_x000D_ the way the firewall handles o
indows Server 2008 R2 (Server, 14057 Microsoft WindowMicrosoft SecuMedium
indows Server 2008 R2 (Server, 15184 (MS13-050) Micros A privilege
The es High
Microsoft A privilege
Windows User Account es CVE-2013-1339
indows Server 2008 R2 (Server, 5609 Microsoft Window Informational 4. A service is using a user account not perm
indows Server 2008 R2 (Server, 4617 Microsoft Windows A Microsoft WiInformational 5. A service is installed that should not be ins
_x000D_
indows Server 2008 R2 (Server, 14381 (MS12-075) VulneMultiple vulneHigh Microsoft
CVE-2012-2897
MS12-075
C to address
indows Server 2008 R2 (Server, 13462 Microsoft Windows A privilege es Medium The flaw lies inCVE-2010-1886
indows Server 2008 R2 (Server, 5592 Microsoft Windows The User RightInformational The
The User
flaw isRights
due to "Increase
how theaapplication
pro handle
indows Server 2008 R2 (Server, 13106 Microsoft InterneAn informationMedium CVE-2011-4689
indows Server 2008 R2 (Server, 13143 Microsoft Windows A local denial Low A local denial of service vulne
_x000D_
indows Server 2008 R2 (Server, 9410 Microsoft InterneA remote denial Low A remote denial of service vulnerability is pre
_x000D_
indows Server 2008 R2 (Server, 15069 (MS13-046) Vulner Multiple vulneHigh Microsoft has provided
_x000D_ CVE-2013-1332
MS13-046
C to address
indows Server 2008 R2 (Server, 10804 Windows Installe It was possibl Informational It was possible to enumerate i
_x000D_
indows Server 2008 R2 (Server, 15164 (MS13-049) Vulner A denial of se High Microsoft has provided
CVE-2013-3138
MS13-049 to address
indows Server 2008 R2 (Server, 15194 (2854544) UpdateThis software Low This software update enables
_x000D_
indows Server 2008 R2 (Server, 5256 Microsoft Windows Screen saver gInformational Ensure
indows Server 2008 R2 (Server, 15056 (MS13-040) MicroA spoofing vulMedium The flaw is dueCVE-2013-1336
indows Server 2008 R2 (Server, 15051 (MS13-037) Micros An
Theinformation
Microsoft Medium The flawControl
Windows User Account is dueCVE-2013-1297
to how"Behavior
access to JSON
option of thedata
elevafi
indows Server 2008 R2 (Server, 13404 (MS12-019) Micros A denial of se Medium The flaw occurs
_x000D_ CVE-2012-0156
due to DirectWrite renders a
indows Server 2008 R2 (Server, 6003 Microsoft WindowOne or more us Informational One or more user accounts have never logge
_x000D_
indows Server 2008 R2 (Server, 15070 (MS13-046) Micros A privilege es High The
_x000D_ lies inCVE-2013-1332
flaw the Microsoft DirectX graphic
indows Server 2008 R2 (Server, 14666 (MS13-018) Vulner A denial of se High Microsoft has provided
CVE-2013-0075
Windowsto address
Operating
indows Server 2008 R2 (Server, 13429 Windows DNS Conf A DNS configuInformational _x000D_
indows Server 2008 R2 (Server, 10797 McAfee VirusScanMcAfee VirusSc Informational
indows Server 2008 R2 (Server, 5596 Microsoft Windows The "DCOM: Mac Informational _x000D_
indows Server 2008 R2 (Server, 14675 (MS13-016) Vulner Multiple vulneMedium Microsoft
CVE-2013-1248
MS13-016
C to address
indows Server 2008 R2 (Server, 4658 Microsoft IIS Det Microsoft InteInformational If the DisplayName and ImagePath keys exist
_x000D_
_x000D_
indows Server 2008 R2 (Server, 14383 Microsoft WindowAn obsolete veInformational An obsolete version of Microsoft Windows is
indows Server 2008 R2 (Server, 5595 Microsoft Windows The "DCOM: Mac Informational The "DCOM: Machine Access Rest
_x000D_
indows Server 2008 R2 (Server, 11140 McAfee VirusSca McAfee VirusSc Informational McAfee VirusScan is running on the target ho
indows Server 2008 R2 (Server, 11141 Microsoft Windo The Microsoft Informational The Microsoft Windows computer
_x000D_
indows Server 2008 R2 (Server, 8489 NetBIOS BindingsNetBIOS bindinInformational NetBIOS
indows Server 2008 R2 (Server, 8490 NetBIOS Names InMicrosoft Net Informational Microsoft NetBIOS names information was d
indows Server 2008 R2 (Server, 8966 Raw Socket Test Detect for ICMInformational Detect for ICMP reply from tar
indows Server 2008 R2 (Server, 8969 Raw Socket Test Detect for opeInformational Detect
indows Server 2008 R2 (Server, 7783 Microsoft WindowThe server is Informational The server is running the Microsoft Windows
_x000D_
indows Server 2008 R2 (Server, 7897 Microsoft ASP.NEA list of file Informational A list of file extensions handled by the ASP.N
_x000D_
indows Server 2008 R2 (Server, 8239 Microsoft IIS Ser Microsoft InteInformational Microsoft IIS was detected on the host.
_x000D_
indows Server 2008 R2 (Server, 8323 Microsoft IIS NTL Microsoft InteInformational Microsoft
indows Server 2008 R2 (Server, 8342 Microsoft IIS An Microsoft InteInformational Microsoft
indows Server 2008 R2 (Server, 8344 Microsoft IIS Bas Microsoft InteInformational Microsoft
indows Server 2008 R2 (Server, 8385 Microsoft IIS Ho Microsoft InteInformational Microsoft
indows Server 2008 R2 (Server, 10224 Hidden WWW SerHidden WWWInformational
s Hidden
indows Server 2008 R2 (Server, 11218 Web Server HTTPHTTP protocolInformational HTTP
_x000D_protocol version was obtained from the
indows Server 2008 R2 (Service 864 NetBIOS NBTSTATIt is possible Informational Where
Microsofttarget_system
SQL CVE-MAP-NOMA
Server -isAllthe IP address or ho
Versions_x000D_
indows Server 2008 R2 (Service 1022 Microsoft SQL SerMicrosoft SQL Informational
_x000D_
_x000D_
CVE-MAP-NOMA
_x000D_ securityCVE-MAP-NOMA
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2362 SSH2 Algorithm NKey exchange Ianformational CVE-MAP-NOMA
indows Server 2008 R2 (Service 1803 Microsoft WindowThe Microsoft Informational This policy
_x000D_ se CVE-1999-0535
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2008 R2 (Service 1752 Restrict CD-ROM TAhe restrict C Informational By default,
_x000D_ an CVE-1999-0594
Se
indows Server 2008 R2 (Service 1755 Number Of PrevioThe Number ofInformational Determines the
_x000D_
indows Server 2008 R2 (Service 2965 User Rights RestorT_x000D_
he User RightInformational NOTE:
_x000D_ This check
CVE-MAP-NOMA
_x000D_ This check
CVE-MAP-NOMA
_x000D_ This check
CVE-1999-0575
_x000D_ This check
CVE-1999-0534
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2909 Audit Account MaThe Audit Acc Informational NOTE: This checkCVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 4004 Microsoft Windows The "Impersona Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2914 Audit System EvenThe Audit Sys Informational NOTE: This check
CVE-1999-0575
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 4007 Microsoft WindowThe "Adjust meInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 3316 Microsoft WindowIt was possibl Informational Microsoft WindCVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_ This checkCVE-1999-0575
_x000D_ permissions
CVE-MAP-NOMA
requires at least
C Foundston
_x000D_
_x000D_
_x000D_
indows Server 2008 R2 (Service 11200 SSH Protocol Sup SSH protocol sInformational SSH protocol
_x000D_ supported version was detected
indows Server 2008 R2 (Service 13401 (MS12-021) Vulner A privilege escMedium Microsoft
CVE-2012-0008
MS12-021 to address
indows Server 2008 R2 (Service 14261 Oracle Java SE MulMultiple vulnerHigh Multiple vulnerabilities
The registry CVE-2012-5083
values underarethis
present
C were
key in some
obtaiv
_x000D_
The Microsoft Informational McAfee
Windows User Account VirusScan is installed
Control option "Behavioron of
thethe
host and
eleva
indows Server 2008 R2 (Service 12464 (MS11-066) Micros A information Medium The flaw is dueCVE-2011-1977
to the incorrect verifying of fu
_x000D_
_x000D_ CVE-2012-1545
_x000D_
The flaw DNSis duepoisoning
to how thevulnerabilities
application are pr
handle
_x000D_
indows Server 2008 R2 (Service 13400 (MS12-021) Micros A privilege escMedium The flaw is specific
CVE-2012-0008
to the insecure way the V
Informational The
The Microsoft Windows User Account "DCOM:
Control option Access
Machine "AdminRest
HKEY_LOCAL_MACHINE\Software\Microsoft Approval Mod
indows Server 2008 R2 (Service 5609 Microsoft Window Informational http://support.microsoft.com/default.aspx?s
indows Server 2008 R2 (Service 5543 Enumerate EnableM Theicrosoft WinInformational
Digitally Administrative
sign communications shares are was
crea detected on th
(always) policy setting
The flaw
flaw isis specific
dueCVE-2009-2655
to a null
to when the pointer deferenc
Proxy address an
indows Server 2008 R2 (Service 9410 Microsoft InterneA remote denialLow A
The Microsoft Windows User Account remote denialoption
of service vulnerability
Control "Behavior is pre
of the eleva
indows Server 2008 R2 (Service 14417 Oracle Java SE ObAn obsolete veInformational An Theobsolete
flaw is dueversion of Oracle
to when Java address
the Proxy SE is detean
indows Server 2008 R2 (Service 4615 Administrator Us Members of the High Under
indows Server 2008 R2 (Service 14464 Oracle Java SE OpA denial of serMedium The flaw
_x000D_ is dueCVE-2012-5373
_x000D_ CVE-2010-1489
indows Server 2008 R2 (Service 14463 Oracle Java SE OpA denial of serMedium The flaw is dueCVE-2012-2739
The User Rights "Increase a pro
CVE-2011-1977
MS11-066 to address
indows Server 2008 R2 (Service 13341 Oracle Java SE 5 MMultiple vulneHigh Multiple vulnerabilities
CVE-2011-3563
are present
C in some v
indows Server 2008 R2 (Service 13808 Oracle Java SE 5 MMultiple vulnerHigh Multiple
CVE-2012-1711
are present
C in some v
CVE-MAP-NOMA
indows Server 2008 R2 (Service 4434 Enumerate Admini List the users Informational Under Microsoft Windows
A DNS configuration role-b Operating
of a Windows
W The
4. A Microsoft CVE-MAP-NOMA
service is using a user account not perm
A hosts Windows computer
file configuration of a Windows Oper
indows Server 2008 R2 (Service 5859 Windows User ProUser profiles Informational User _x000D_profiles were found on the Windows ho
indows Server 2008 R2 (Service 8639 Sun Java RuntimeCheck for Sun Informational Check _x000D_ for Sun Java Runtime Environment is in
_x000D_
indows Server 2008 R2 (Service 10224 Hidden WWW SerHidden WWWInformationals Hidden
CVE-2000-0666_x000D_
364 RPC statd The RPC statd Informational
678 RPC portmap The portmap RP Informational _x000D_
It was possibl CVE-1999-0632
1031 Webmin Remote The Ad Webmin Se Informational Any UNIX system
_x000D_ CVE-1999-1074
running Webmin
2362 SSH2 Algorithm NKey exchange Ianformational _x000D_ CVE-MAP-NOMA
11200 SSH Protocol Sup SSH protocol sInformational SSH protocol supported version was detected
_x000D_
11418 SSL Supported CipSSL supportedInformational SSL supported cipher suite was detected on t
_x000D_
12121 TLS/SSL Server X. TLS/SSL serverInformational TLS/SSL
_x000D_server X.509 certificate's signature co
5491 Web Server TLS/SS One or more TInformational One or more TLS/SSL X.509 certificates obtai
14864 SSL/TLS Server PrThe ciphersuitInformational The ciphersuite the SSL/TLS ser
_x000D_
12108 TLS-SSL Server UnUntrusted TLS/Informational This could also indicate that a TLS/SSL man-in
_x000D_
8269 SSL Server InformSSL server inf Informational SSL server information was detected on the h
_x000D_
11145 NTP Server DetecA NTP server wInformational A NTP server was detected on the host.
8969 Raw Socket Test Detect for opeInformational Detect for opened TCP port on
8966 Raw Socket Test Detect for ICMInformational Detect _x000D_ for ICMP reply from tar
12006 ICMP Timestamp An Re informationLow An informationCVE-1999-0524
8970 Raw Socket Test ODetect for res Informational When _x000D_ create a TCP connection, it needs esta
5689 SSL/TLS X.509 Ce The common nam Informational _x000D_
5690 Web Server Self-SOne or more se Informational One or more self-signed TLS/SSL X.509 certifi
_x000D_
6360 IETF X.509 Certifi The
A vulnerabilityMedium The MD2 algorithm
web server is using an SSL certificate
_x000D_ withCVE-2004-2761
is also
a short known
public to allow co
key._x000D_
7735 SSL Certificate Sh Informational The web
_x000D_ server is using an SSL certificate wit
9773 Web Server robotPresence of roInformational A robots.txt file was found on the web server
_x000D_
9832 HTTP Proxy ServeHTTP proxy serInformational HTTP _x000D_proxy server allows CONNECT requests
10109 Apache Tomcat Dir A directory di Medium A directory disclosure vulnerability is present
_x000D_
10224 Hidden WWW SerHidden WWWInformational
s Hidden
11218 Web Server HTTPHTTP protocolInformational HTTP _x000D_protocol version was obtained from the
11258 HTTP Server Set HTTP server haInformational HTTP _x000D_server handling session using set-cooki
12256 Web Server HTTPHTTP DELETE m Informational HTTP
_x000D_DELETE method access was allowed on
MS02-062:_x000D_CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 1730 Microsoft WindowThe Require StInformational Default:
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2439 Microsoft WindowThe Remote Pro Informational This service
_x000D_ Se
_x000D_
indows Server 2003 R2 (Service 2878 Microsoft WindowThe Dr. Watson Informational _x000D_
Ensure permissions
CVE-MAP-NOMA
_x000D_ is a more
CVE-2001-0705
indows Server 2003 R2 (Service 2838 Microsoft Windo One or more
The Do na
Informational
not store LAN Manager At least
hash oneon
value anonymously-accessible
CVE-MAP-NOMA
next password change named
policy s
_x000D_
B Ensure
_x000D_ permissions
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4004 Microsoft Windows The "Impersona Informational CVE-MAP-NOMA
NOTE: This check requires at least Foundston
indows Server 2003 R2 (Service 2961 User Rights Profil The User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2963 User Rights RemoThe User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2965 User Rights RestorT_x000D_
he User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2918 User Rights Backup The User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-1999-0534
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-1999-0575
requires at least
C Foundston
_x000D_This check
CVE-MAP-NOMA
CVE-1999-0575
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-1999-0575
_x000D_This check
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
_x000D_
CVE-MAP-NOMA
_x000D_ permissions
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 3995 Microsoft WindowAnonymous user
Autoplay is notInformational http://www.microsoft.com/resources/docum
_x000D_ This check
CVE-MAP-NOMA
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS _x000D_RPC Interface Detected.
_x000D_ CVE-2009-0217
_x000D_
indows Server 2003 R2 (Service 14505 Microsoft XML CorAn obsolete veInformational _x000D_
An obsolete version of Microsoft XML Core S
_x000D_
indows Server 2003 R2 (Service 7405 Microsoft InterneA vulnerabilityInformational The _x000D_ printing functionality
_x000D_
_x000D_
indows Server 2003 R2 (Service 9069 (MS10-041) Vulner A vulnerabilit Medium The
_x000D_ CVE-2009-0217
vulnerability is due to the way in which t
indows Server 2003 R2 (Service 5590 Microsoft Windows The User RightInformational The _x000D_ User Rights "Deny log on loc
indows Server 2003 R2 (Service 12465 (MS11-066) Vulner A information Medium Microsoft has provided
_x000D_ CVE-2011-1977
MS11-066 to address
o The
_x000D_ username of the last user
indows Server 2003 R2 (Service 4434 Enumerate Admini List
The the userssign
Digitally Informational
communicationsUnder Microsoft
policyWindows
(always) role-b
setting was detected on th
indows Server 2003 R2 (Service 5610 Microsoft Windows Informational The registry values under this key were obtai
indows Server 2003 R2 (Service 7555 Microsoft WindowThe registry Informational A hosts file configuration of a Windows Oper
indows Server 2003 R2 (Service 4136 Windows FirewallTheS Microsoft Informational The _x000D_ Microsoft CVE-MAP-NOMA
indows Server 2003 R2 (Service 6821 Microsoft InterneInternet ExploInformational The _x000D_ Microsoft Internet Explore
indows Server 2003 R2 (Service 5596 Microsoft Windows The "DCOM: Mac Informational The_x000D_ "DCOM: Machine Launch Rest
indows Server 2003 R2 (Service 5256 Microsoft Windows Screen saver gInformational Ensure_x000D_ permissions comply with enterprise p
_x000D_ CVE-2007-5158
indows Server 2003 R2 (Service 5254 Microsoft Windows Windows file nInformational Ensure_x000D_ permissions comply with enterprise p
indows Server 2003 R2 (Service 6879 Microsoft WindowThe Microsoft Informational The _x000D_ Microsoft Windows computer
_x000D_ CVE-2012-1545
indows Server 2003 R2 (Service 5591 Microsoft Windows The User RightInformational The 4. A User Rights
service "Deny
is using log on
a user t
account not perm
indows Server 2003 R2 (Service 4617 Microsoft Windows A Microsoft WiInformational 5. A
_x000D_ service is installed that should not be ins
CVE-MAP-NOMA
indows Server 2003 R2 (Service 5533 Microsoft WindowA A list of locaescalation
privilege Informational A listisvulnerability
vulnerability
The of local groups
present some was obtaof Microsoft
canversions
be exploited by a proce
Wi
The flaw is due to how the application handle
A security bypass vulnerability
DNS configuration of a Windowsis present in s
Operating
indows Server 2003 R2 (Service 7232 Microsoft Windo The target's Informational This check onlyCVE-MAP-NOMA
attempts to establish a NetBI
_x000D_
_x000D_
_x000D_
There is an de
Informational
information WebDAV
disclosure samewas
vulnerability on
in the
also versions
cause a de
of
indows Server 2008 R2 (Service 1664 Microsoft Windows The Background Informational Uses
_x000D_idle netwCVE-MAP-NOMA
_x000D_ enabled,CVE-MAP-NOMA
_x000D_Disabled. CVE-MAP-NOMA
_x000D_
Se
_x000D_
_x000D_ Disabled
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_ This check
CVE-1999-0575
requires at least
C Foundston
indows Server 2008 R2 (Service 4000 Microsoft Windows The "Create glInformational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2917 User Rights AllowThe User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2912 Audit Policy ChanThe
The Audit Pol Informational
User Rights NOTE:
"Generate security
NOTE: This
This check
check
policy requires
does notat
requires least
least Foundston
atmatch Foundston
the recom
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2915 User Rights Acce The User Righ Informational _x000D_
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2908 Microsoft WindowThe Audit Acc Informational NOTE:_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2962 User Rights Profi The User Righ Informational NOTE: This check CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-1999-0534
_x000D_
_x000D_
_x000D_
_x000D_
_x000D_ This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_ permissions
CVE-MAP-NOMA
_x000D_ This check
CVE-1999-0575
_x000D_
_x000D_
The Microsoft Windows User Account permissions comply with
Control option "Switch toenterprise
the securep
The Microsoft
Microsoft Informational
W The Microsoft
Windows User Account ControlCVE-MAP-NOMA
option "Behavior of the eleva
Thecross-site scripting
flaw is due CVE-2010-1489
to howvulnerability is present
indows Server 2008 R2 (Service 4427 Check users who Determined tha Informational _x000D_
Some accounts password was fo
_x000D_
indows Server 2008 R2 (Service 4658 Microsoft IIS Det Microsoft InteInformational
The Microsoft If the DisplayName
Windows User Account and"Run
ImagePath
Control option keys exist
all administrator
indows Server 2008 R2 (Service 5616 Microsoft Window Informational The flaw is due to when the Proxy address an
indows Server 2008 R2 (Service 14655 Microsoft InterneAn informationMedium The flaw is dueCVE-2013-1450
indows Server 2008 R2 (Service 14656 Microsoft InternetA denial of serMedium
The Microsoft Windows User Account CVE-2013-1451
_x000D_
_x000D_ CVE-2012-1545
indows Server 2008 R2 (Service 5859 Windows User ProUser profiles Informational User
_x000D_profiles were found on the Windows ho
CVE-MAP-NOMA
indows Server 2008 R2 (Service 12840 Microsoft Windows Multiple DNS pLow Multiple DNS poisoning
A DNS configuration of avulnerabilities are pr
Windows Operating
indows Server 2008 R2 (Service 10797 McAfee VirusScanMcAfee VirusSc Informational The registry values under this key were obtai
_x000D_
The "DCOM: Mac
Informational
Digitally sign The
communications "DCOM:policy
Machine Launch
wasRest
(always) setting detected on th
_x000D_
_x000D_
CVE-2009-2655
indows Server 2008 R2 (Service 7232 Microsoft Windo The target's Informational 4. A service is using CVE-MAP-NOMA
a user account not perm
_x000D_
_x000D_
_x000D_
s Hidden
indows Server 2003 R2 (Service 1694 Microsoft Windo The Microsoft Informational Active_x000D_ Data ObCVE-MAP-NOMA
indows Server 2003 R2 (Service 1661 Microsoft WindowThe DHCP Clien Informational _x000D_
Manages netwo CVE-MAP-NOMA
indows Server 2003 R2 (Service 1730 Microsoft WindowThe Require StInformational Default:
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2415 Microsoft WindowThe COM+ Event Informational This service
_x000D_
_x000D_
CVE-MAP-NOMA
_x000D_ Se
indows Server 2003 R2 (Service 1758 Microsoft WindowThe Smart cardInformational Force _x000D_Logoff - Users are automatically logged
indows Server 2003 R2 (Service 1754 Restrict Floppy A The
The restrict fl Informational
hashsetting d CVE-1999-0594
_x000D_
indows Server 2003 R2 (Service 2879 Microsoft WindowThe "System CrInformational Ensure
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1765 Microsoft WindowThe LAN Manage Informational NTLMv2 is a more
CVE-2001-0705
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4113 Windows FirewallThe S Microsoft Informational The Microsoft
indows Server 2003 R2 (Service 2957 User Rights Log On The User RightInformational NOTE: This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-1999-0575
requires at least
C Foundston
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2883 Microsoft Windows The legal
_x000D_ noti Informational Ensure
_x000D_This check
CVE-MAP-NOMA
S Ensure
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_ permissions
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2913 Audit Privilege UsThe Audit Pri Informational NOTE:_x000D_ This check
CVE-1999-0575
_x000D_
indows Server 2003 R2 (Service 2912 Audit Policy ChanThe Audit Pol Informational NOTE: _x000D_ CVE-1999-0575
_x000D_
indows Server 2003 R2 (Service 2947 User Rights Deny The User Righ Informational NOTE: _x000D_ This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 3976 Microsoft Windows The permission
Autoplay is notInformational
_x000D_
_x000D_
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2919 User Rights BypasThe User Righ Informational _x000D_
_x000D_
_x000D_
indows Server 2003 R2 (Service 4025 Microsoft Windows The Microsoft Informational NOTE:_x000D_ This check
CVE-1999-0575
indows Server 2003 R2 (Service 5733 Microsoft WindowThe host has aInformational The host
_x000D_ has at least one shar
indows Server 2003 R2 (Service 5250 Microsoft WindowAllow ICMP redInformational Ensure _x000D_ permissions comply with enterprise p
indows Server 2003 R2 (Service 7232 Microsoft Windo The target'sescalation
vulnerability
Theisvulnerability CVE-MAP-NOMA
be exploited
of Microsoft
by a proce
Wi
The flaw liesvalues
registry inCVE-2012-0161
an error
under while
this calculating a bu
key were obtai
indows Server 2003 R2 (Service 5596 Microsoft Windows The "DCOM: Mac Informational _x000D_
indows Server 2003 R2 (Service 5254 Microsoft Windows Windows file nInformational Ensure permissions
4. A service is using acomply with enterprise
user account not permp
_x000D_
A DNS configurationCVE-MAP-NOMA
indows Server 2003 R2 (Service 13429 Windows DNS Conf A DNS configuInformational The flaw is due to when the Proxy address an
_x000D_
indows Server 2003 R2 (Service 13632 (MS12-034) MicroA remote codeHigh This
_x000D_particularCVE-2011-3402
flaw is used in the wild as part
indows Server 2003 R2 (Service 5543 Enumerate EnableMicrosoft WinInformational _x000D_ Administrative shares are crea
indows Server 2003 R2 (Service 13622 (MS12-034) Combin Multiple vulneHigh Microsoft
CVE-2011-3402
indows Server 2003 R2 (Service 4615 Administrator Us Members of the High Under Microsof CVE-1999-0535
indows Server 2003 R2 (Service 5590 Microsoft Windows The User RightInformational The The User
flaw isRights
due to "Deny
how log
theon loc
application handle
The Digitallyessign
Medium The
communications flaw liespolicy
inCVE-2010-1886
thesetting
way that
(always) wasthe Windows
detected onTe
th
_x000D_
a serialization error for untrus
indows Server 2003 R2 (Service 4481 Microsoft WindowThe Microsoft Informational The Microsoft Windows Firewall HTML Help
The flaw occurs due to Microsoft
_x000D_ that both CVE-1999-0590
CVE-2012-1545
_x000D_
_x000D_
indows Server 2003 R2 (Service 13735 Microsoft Wordpad A denial of se High The flaw lies in a null pointer reference. Succ
_x000D_
indows Server 2003 R2 (Service 10615 Microsoft Data Acc A remote codeHigh _x000D_ CVE-2010-4182
_x000D_
indows Server 2003 R2 (Service 9048 Microsoft Windows A private key Medium A private key disclosure
_x000D_ CVE-2005-1794vulnerability is prese
indows Server 2003 R2 (Service 6936 Microsoft InterneA vulnerabilityLow A vulnerability
_x000D_ CVE-2009-2433
_x000D_ CVE-2009-2655
CVE-2010-1489
indows Server 2003 R2 (Service 13144 Microsoft Windows A denial of serHigh A denial of service vulnerabilit
_x000D_
The flawVirusScan
lies in theisTrueType
installed font
on the host and
parsing en
indows Server 2003 R2 (Service 13631 (MS12-034) MicroA remote codeHigh _x000D_ CVE-2012-0159
indows Server 2003 R2 (Service 12703 Microsoft WindowAn insecure li High The flaw is by aCVE-2010-3143
design weakness exhibited d
indows Server 2003 R2 (Service 4136 Windows FirewallThe S Microsoft Informational _x000D_
indows Server 2003 R2 (Service 13633 (MS12-035) VulneMultiple vulneHigh Microsoft
CVE-2012-0160
MS12-035
C to address
_x000D_
indows Server 2003 R2 (Service 12986 Microsoft WindowSMB shares caInformational SMB sharesonly
This check canattempts
be accessed anonymously
to establish a NetBIon
_x000D_
_x000D_
indows Server 2003 R2 (Service 8342 Microsoft IIS An Microsoft InteInformational _x000D_
Microsoft IIS anonymous access is enabled.
Thevulnerability
same version
vulnerability
present was
couldobtained
in some from
alsoversions
cause the
a de
of
_x000D_
indows Server 2008 R2 (Service 1661 Microsoft WindowThe DHCP Clien Informational Manages
_x000D_ netwo CVE-MAP-NOMA
_x000D_ releasesCVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
Se
_x000D_
CVE-MAP-NOMA
indows Server 2008 R2 (Service 1756 Require DC authen The Require DoInformational When enabled,CVE-2002-0157
indows Server 2008 R2 (Service 2442 Microsoft Windows The Distributed
Informational This service maCVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 1758 Microsoft WindowThe Smart cardInformational Force
_x000D_Logoff - Users are automatically logged
CVE-MAP-NOMA
Microsoft the number
Windows of failed
XP_x000D_
indows Server 2008 R2 (Service 2659 Disable AutomaticThe automaticInformational Microsoft Windows
CVE-MAP-NOMA
2003
_x000D_
indows Server 2008 R2 (Service 4008 Microsoft WindowThe Microsoft Informational
_x000D_ The value for this
_x000D_This check
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-1999-0575
_x000D_
_x000D_This check
CVE-1999-0575
requires at least
C Foundston
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
_x000D_ CVE-1999-0575
CVE-MAP-NOMA
_x000D_
CVE-1999-0575
_x000D_ permissions
CVE-MAP-NOMA
_x000D_ CVE-1999-0534
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2008 R2 (Service 2918 User Rights BackupThe
The User
User RightInformational NOTE:
Rights "Generate security
NOTE: This
This check
check
policy requires
does notat
requires least
least Foundston
atmatch Foundston
the recom
indows Server 2008 R2 (Service 2958 User Rights Gener Informational CVE-MAP-NOMA
_x000D_
S Ensure permissionsCVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2915 User Rights Acce The User Righ Informational NOTE:_x000D_ This checkCVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2910 Audit Logon EventThe Audit Log Informational The Audit
_x000D_ Logo CVE-1999-0575
indows Server 2008 R2 (Service 4000 Microsoft Windows The "Create glInformational NOTE: This check CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
The registry valuesshares are this
under creakey were obtai
indows Server 2008 R2 (Service 6879 Microsoft WindowThe Microsoft
escalation The
TheisMicrosoft
vulnerability vulnerabilityWindows
present some be computer
canversions
exploited
of Microsoft
by a proce
Wi
indows Server 2008 R2 (Service 9839 Microsoft Windows Medium
The Microsoft Windows User Account CVE-2010-1886
A remote denial
logic error of service
is present vulnerability
in some versionsisofpre
M
indows Server 2008 R2 (Service 10558 Microsoft Windows A logic error Medium _x000D_ CVE-2007-6753
indows Server 2008 R2 (Service 12465 (MS11-066) Vulner A information Medium Microsoft has provided
CVE-2011-1977
MS11-066 to address
_x000D_
indows Server 2008 R2 (Service 13871 (MS12-046) Micros A remote codeMedium The flaw lies inCVE-2012-1854
indows Server 2008 R2 (Service 13143 Microsoft Windows A
The Microsoft Low
local denial A local denial
Windows User Account Controlofoption
service"Switch
vulne to the secure
_x000D_
indows Server 2008 R2 (Service 4136 Windows FirewallThe S Microsoft
The Informational
Digitally sign The
communications Microsoft CVE-MAP-NOMA
The Microsoft
Security EInformational HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon
Windows User Account ControlCVE-MAP-NOMA
option "Run all administrator
indows Server 2008 R2 (Service 10029 Windows Particula SThe
earch for file Informational
Microsoft Search
Windows User Account for file with particular
Control option a of the eleva
"Behavior
indows Server 2008 R2 (Service 5612 Microsoft Window Informational A DNS configuration of a Windows Operating
indows Server 2008 R2 (Service 5595 Microsoft Windows The "DCOM: Mac Informational The
4. A "DCOM:
service isMachine Access
using a user Rest not perm
account
indows Server 2008 R2 (Service 5733 Microsoft WindowThe host has aInformational _x000D_
The host has at least one shar
_x000D_
indows Server 2008 R2 (Service 8489 NetBIOS BindingsNetBIOS bindinInformational _x000D_
NetBIOS bindings information was detected
indows Server 2008 R2 (Service 7783 Microsoft WindowThe server is Informational The _x000D_ is running the Microsoft Windows
server
_x000D_
indows Server 2008 R2 (Service 8342 Microsoft IIS An Microsoft InteInformational _x000D_
Microsoft IIS anonymous access is enabled.
indows Server 2008 R2 (Service 8445 Microsoft IIS Ser Microsoft InteInformational Microsoft IIS server extensions were enumer
_x000D_
s Hidden
_x000D_
CVE-MAP-NOMA
MS02-062:_x000D_ is the IP address or ho
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1638 Microsoft WindowThe SecondaryInformational Enables
_x000D_starti CVE-MAP-NOMA
indows Server 2003 R2 (Service 1714 Microsoft WindowThe version ofInformational Microsoft releasesCVE-MAP-NOMA
_x000D_
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2879 Microsoft WindowThe "System CrInformational Ensure permissionsCVE-MAP-NOMA
The Do
DistributeInformational
not store LAN Manager This
hashservice coCVE-MAP-NOMA
_x000D_
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA named
indows Server 2003 R2 (Service 2439 Microsoft WindowThe Remote Pro Informational This service
_x000D_
CVE-MAP-NOMA
Se
_x000D_ CVE-2000-0155
indows Server 2003 R2 (Service 1765 Microsoft WindowThe LAN Manage Informational NTLMv2 is a more
CVE-2001-0705
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2961 User Rights Profil The User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4025 Microsoft Windows The Microsoft Informational NOTE:
_x000D_This check
CVE-1999-0575
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2957 User Rights Log On The User RightInformational NOTE: This check
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
_x000D_ permissions
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4004 Microsoft Windows The "Impersona Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2003 R2 (Service 2912 Audit Policy ChanThe Audit Pol Informational NOTE: _x000D_ This check
CVE-1999-0575
CVE-MAP-NOMA
_x000D_
_x000D_ value for this
indows Server 2003 R2 (Service 2987 Power Users Grou Informational NOTE:_x000D_ This check
CVE-MAP-NOMA
requires at least
C Foundston
_x000D_
_x000D_
CVE-MAP-NOMA
CVE-MAP-NOMA
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
_x000D_ This check
CVE-1999-0575
_x000D_
indows Server 2003 R2 (Service 5543 Enumerate EnableMicrosoft WinInformational _x000D_
Administrative shares are crea
_x000D_ that both
CVE-1999-0590
_x000D_
indows Server 2003 R2 (Service 8168 (MS08-069) Vulner Multiple vulneHigh Multiple
_x000D_ vulneCVE-2007-0099 C
indows Server 2003 R2 (Service 5697 (MS08-005) Micros A vulnerabilityHigh A vulnerabilityCVE-2008-0074
CVE-2012-1545
indows Server 2003 R2 (Service 12703 Microsoft WindowAn insecureescalation
A privilege li High vulnerability
The
Theisflaw is by some
aCVE-2010-3143
vulnerability
present design beweakness
canversions
exploited exhibited
of Microsoft d
by a proce
Wi
Theremote denial due
flaw occurs of service vulnerability
to Microsoft HTML is pre
Help
indows Server 2003 R2 (Service 7381 (MS09-020) VulneraMultiple vulnerHigh The update providedCVE-2009-1122
by Microsoft
C bulletin M
_x000D_
CVE-2010-1489
_x000D_
indows Server 2003 R2 (Service 13879 (MS12-043) MicroA remote codeHigh Current
_x000D_intelligenceCVE-2012-1889
indicates that active an f
_x000D_ the parsing of XML content. S
indows Server 2003 R2 (Service 6003 Microsoft WindowOne or more us Informational One
_x000D_or more user accounts have never logge
A vulnerability exists in Microsoft XML Core S
indows Server 2003 R2 (Service 6218 (MS08-069) MicroA vulnerabilit Medium The flaw lies inCVE-2008-4029
_x000D_ the method used by MSXML t
indows Server 2003 R2 (Service 10615 Microsoft Data AccA remote codeHigh CVE-2010-4182
_x000D_
indows Server 2003 R2 (Service 9822 Microsoft Windows A security bypLow A security
The flaw isbypass
due to vulnerability is present
how the application in s
handle
_x000D_
indows Server 2003 R2 (Service 14579 (MS13-002) Vulner A remote codeHigh Microsoft has released
CVE-2013-0007
indows Server 2003 R2 (Service 13735 Microsoft Wordpad A denial of se High The flaw lies in a null pointer reference. Succ
_x000D_
indows Server 2003 R2 (Service 10049 (MS10-065) Vulner Multiple vulnerHigh Microsoft has released
CVE-2010-1899
indows Server 2003 R2 (Service 6219 (MS08-069) MicroA vulnerabilit Medium A vulnerabilit CVE-2008-4033
_x000D_
indows Server 2003 R2 (Service 7705 (MS08-006) Vulner A remote codeHigh Internet
_x000D_InformationCVE-2008-0075
Services is prone to a re
indows Server 2003 R2 (Service 4673 (MS06-061) Micros A vulnerabilityHigh A vulnerabilityCVE-2006-4685
_x000D_ is present in theC XML Core Ser
indows Server 2003 R2 (Service 6753 (MS09-020) Micros A vulnerabilityMedium _x000D_ CVE-2009-1535 C
indows Server 2003 R2 (Service 10038 (MS10-065) Micros A Denial of SerMedium The vulnerability
_x000D_ CVE-2010-1899
could allow an attacker to in
indows Server 2003 R2 (Service 13855 (MS12-043) Vulner A vulnerabilit High Microsoft
CVE-2012-1889
MS12-043 to address
indows Server 2003 R2 (Service 5427 (MS07-042) Micros A vulnerabilit High A vulnerabilityCVE-2007-2223
_x000D_ in Microsoft XML Core Service
indows Server 2003 R2 (Service 9048 Microsoft Windows A private key Medium A private
The flaw iskey
duedisclosure
CVE-2005-1794
to when vulnerability is prese
indows Server 2003 R2 (Service 5859 Windows User ProUser profiles Informational _x000D_
User profiles were found on the Windows ho
indows Server 2003 R2 (Service 5698 (MS08-006) Micros A vulnerabilit High A
A vulnerability CVE-2008-0075
DNS configurationis present in Microsoft
of a Windows Interne
Operating
indows Server 2003 R2 (Service 13429 Windows DNS Conf A DNS configuInformational The registry values under this key were obtai
_x000D_
_x000D_
indows Server 2003 R2 (Service 4675 (MS06-061) Micros A vulnerabilit High A vulnerabilityCVE-2006-4685
_x000D_ exists in Microsoft's
C processin
indows Server 2003 R2 (Service 7704 (MS08-005) Vulner A local elevati High Internet
_x000D_InformationCVE-2008-0074
Services is prone to a lo
indows Server 2003 R2 (Service 4615 Administrator Us Members of the
High Under
The Digitally sign communications Microsof CVE-1999-0535
4. A flaw is specific
service CVE-2009-2655
is using to a nullaccount
a user pointernotdeferenc
perm
indows Server 2003 R2 (Service 5590 Microsoft Windows The User RightInformational This
The User
checkRights "Deny logtoonestablish
only attempts loc a NetBI
_x000D_
_x000D_
indows Server 2003 R2 (Service 5182 Microsoft InterneMicrosoft InteHigh Microsoft
_x000D_ Internet CVE-2007-2897
Information Services cont
indows Server 2003 R2 (Service 6679 Microsoft InterneA vulnerabilityMedium _x000D_ CVE-2009-1535 C
_x000D_
_x000D_
indows Server 2003 R2 (Service 8385 Microsoft IIS Ho Microsoft InteInformational _x000D_
Microsoft IIS "Use Host Header Name" settin
There is an de
Informational
information WebDAV
disclosure samewas
vulnerability on
in the
alsoversions
cause a de
of
indows Server 2008 (Service Pac 1634 Microsoft WindowThe Task SchedInformational Enables
_x000D_a userCVE-MAP-NOMA
indows Server 2008 (Service Pac 1731 Microsoft Windows The Unsigned Idnformational _x000D_ CVE-MAP-NOMA
_x000D_
indows Server 2008 (Service Pac 1703 Clear Pagefile On The Microsoft Informational Default: Disabled. CVE-MAP-NOMA
indows Server 2008 (Service Pac 1675 Microsoft WindowDetermine if MInformational Provides Telephony API (TAPI)
indows Server 2008 (Service Pac 1664 Microsoft Windows The Background Informational Uses idle netwCVE-MAP-NOMA
indows Server 2008 (Service Pac 1695 Allow Undock WitThe Microsoft Informational Determines
_x000D_ whe CVE-2002-0157 C
indows Server 2008 (Service Pac 1730 Microsoft WindowThe Require StInformational Default:
_x000D_ Disabled
CVE-MAP-NOMA
_x000D_
indows Server 2008 (Service Pac 2873 Microsoft WindowThe system is Informational The cdrom auto
_x000D_ CVE-2000-0155
indows Server 2008 (Service Pac 1749 .NET Passport CreThe Do not all Informational Default: DisabledCVE-MAP-NOMA
indows Server 2008 (Service Pac 1755 Number Of PrevioThe Number ofInformational Determines the
indows Server 2008 (Service Pac 1765 Microsoft WindowThe LAN Manage Informational NTLMv2 is a more CVE-2001-0705
Se
_x000D_
indows Server 2008 (Service Pac 1758 Microsoft WindowThe Smart cardInformational Force
_x000D_ Logoff - Users are automatically logged
CVE-MAP-NOMA
indows Server 2008 (Service Pac 2827 Default Administ The administraInformational An account name CVE-1999-0585
indows Server 2008 (Service Pac 2832 Members Of The Accounts wereInformational If an account CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2008 (Service Pac 2441 Microsoft WindowThe Shell HardInformational This service
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2008 (Service Pac 2912 Audit Policy ChanThe Audit Pol Informational NOTE: This check CVE-1999-0575
indows Server 2008 (Service Pac 4007 Microsoft WindowThe "Adjust meInformational NOTE:
_x000D_ This check
CVE-MAP-NOMA
indows Server 2008 (Service Pac 4104 USB Block StorageThe Microsoft Informational Microsoft Wind CVE-MAP-NOMA
_x000D_permissions
CVE-MAP-NOMA
indows Server 2008 (Service Pac 2888 Microsoft WindowThe Perform Ro Informational Ensure
_x000D_permissions
CVE-MAP-NOMA
indows Server 2008 (Service Pac 2919 User Rights BypasThe User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 (Service Pac 4025 Microsoft Windows The Microsoft Informational NOTE:
_x000D_This check
CVE-1999-0575
indows Server 2008 (Service Pac 4005 Microsoft Windows The "Log on asInformational NOTE:
_x000D_This check
CVE-1999-0534
indows Server 2008 (Service Pac 4008 Microsoft WindowThe Microsoft Informational CVE-MAP-NOMA
The value for this security option does not m
_x000D_ The Microsoft CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 (Service Pac 2908 Microsoft WindowThe Audit Acc Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-1999-0575
indows Server 2008 (Service Pac 2913 Audit Privilege UsThe Audit Pri Informational NOTE: This check
CVE-1999-0575
indows Server 2008 (Service Pac 4102 WebDAV Basic Aut The Microsoft Informational Microsoft
indows Server 2008 (Service Pac 2965 User Rights RestorThe User RightInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 (Service Pac 4004 Microsoft Windows The "Impersona Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2008 (Service Pac 3316 Microsoft WindowIt was possibl Informational Microsoft Wind CVE-MAP-NOMA
_x000D_
indows Server 2008 (Service Pac 2909 Audit Account MaThe Audit Acc Informational NOTE: This check
CVE-MAP-NOMA
_x000D_
indows Server 2008 (Service Pac 2915 User Rights Acce The User Righ Informational NOTE: This check
CVE-MAP-NOMA
indows Server 2008 (Service Pac 2918 User Rights BackupThe User RightInformational NOTE: This check
CVE-MAP-NOMA
indows Server 2008 (Service Pac 3960 False AdministratA false AdminiInformational The AdministraCVE-1999-0585 C
indows Server 2008 (Service Pac 4018 Microsoft WindowOne or more Mi Informational Microsoft Wind CVE-MAP-NOMA
indows Server 2008 (Service Pac 4108 Security Center i The Microsoft Informational The Microsoft
_x000D_This check
CVE-1999-0575
requires at least
C Foundston
indows Server 2008 (Service Pac 4017 Microsoft Windo User accountsInformational One or more user
CVE-MAP-NOMA
_x000D_
indows Server 2008 (Service Pac 2920 User Rights Chan The User Righ Informational NOTE: This check CVE-MAP-NOMA
_x000D_
indows Server 2008 (Service Pac 4000 Microsoft WindowsThe "Create glInformational NOTE:
indows Server 2008 (Service Pac 2957 User Rights Log On
The User RightInformational NOTE:
indows Server 2008 (Service Pac 2966 User Rights Shut The User Righ Informational NOTE: This check CVE-MAP-NOMA
indows Server 2008 (Service Pac 11192 Microsoft RemoteMicrosoft Remo Informational The
Microsoft
flaw isRemote Procedure
due to how Call Service
the application wa
handle
The registry comply
values under with
this keyenterprise
were obtaip
indows Server 2008 (Service Pac 6007 Microsoft InterneA vulnerabilityHigh A vulnerabilityCVE-2008-3173
indows Server 2008 (Service Pac 5859 Windows User ProUser profiles Informational User profiles
A hosts were found on
file configuration of athe Windows
Windows ho
Oper
indows Server 2008 (Service Pac 5431 Microsoft InterneA vulnerabilit High A design flaw in CVE-2007-4356
indows Server 2008 (Service Pac 5595 Microsoft WindowsThe "DCOM: Mac Informational The "DCOM:
indows Server 2008 (Service Pac 10104 (MS10-070) MicroA security bypMedium The flaw is specific
CVE-2010-3332
indows Server 2008 (Service Pac 5592 Microsoft WindowsThe User RightInformational The User Rights "Increase a pro
_x000D_
indows Server 2008 (Service Pac 12608 Microsoft WindowsA local denial Medium The flaw lies in the Client/Server Runtime Su
_x000D_
indows Server 2008 (Service Pac 4723 Microsoft InterneA vulnerabilityHigh IE 7 and older CVE-2004-1155
_x000D_ versions are affected.
indows Server 2008 (Service Pac 14151 Apache HTTP ServeA privilege es Medium CVE-2011-3607
S Microsoft
The Informational
Digitally sign The
communications Microsoft CVE-MAP-NOMA
indows Server 2008 (Service Pac 13163 (MS11-100) VulnerMutiple vulnerHigh Microsoft has provided
The flaw occurs CVE-2011-3414
MS11-100
due to Microsoft C HTML
to address
Help
indows Server 2008 (Service Pac 11873 Microsoft HTML HA remote codeHigh _x000D_
_x000D_ CVE-2011-3417
lies in the handling of cache
indows Server 2008 (Service Pac 14144 Apache HTTP ServeA cross-site scLow The flaw lies inCVE-2012-2687
the make_variant_list functio
indows Server 2008 (Service Pac 10029 Windows ParticulaSearch for file Informational Search for file with particular a
indows Server 2008 (Service Pac 14795 Apache HTTP ServA cross-site scMedium The
A DNSflaws are due
CVE-2012-3499
configuration to of
multiple cross-site
a Windows scrip
Operating
indows Server 2008 (Service Pac 5254 Microsoft WindowsWindows file nInformational _x000D_
Ensure permissions comply with enterprise p
indows Server 2008 (Service Pac 13161 (MS11-100) MicrosA privilege escHigh The
The Microsoft Windows User Account vulnerability
ControlCVE-2011-3416
lies in"Admin
the user
option verification
Approval Modw
indows Server 2008 (Service Pac 5609 Microsoft Window Informational _x000D_
indows Server 2008 (Service Pac 5612 Microsoft Window Informational _x000D_
indows Server 2008 (Service Pac 7191 (MS09-051) Windo A vulnerabili High The vulnerability
_x000D_ CVE-2009-0555
exists due to the improper p
indows Server 2008 (Service Pac 13073 (MS11-090) Cumula A remote codeHigh The flaw
_x000D_ lies inCVE-2011-3397
the binary behavior of Interne
indows Server 2008 (Service Pac 14200 Apache HTTP Serve An informationLow The flaw is dueCVE-2012-0053
_x000D_ to an error in protocol.c wher
_x000D_ CVE-2009-2655
indows Server 2008 (Service Pac 10199 (MS10-070) Vulner A security bypMedium The flaw is specific
CVE-2010-3332
W The Microsoft
indows Server 2008 (Service Pac 7190 (MS09-051) Windo A vulnerabili High The vulnerability
_x000D_ CVE-2009-2525
exists in the way that Micro
indows Server 2008 (Service Pac 13462 Microsoft Windows A privilege es Medium The
The flaw
flaw lies
lies in
inCVE-2010-1886
the
the way that of
handling theEMF
Windows
imagesTeb
indows Server 2008 (Service Pac 12703 Microsoft WindowAn insecure li High The flaw is by aCVE-2010-3143
_x000D_ design weakness exhibited d
indows Server 2008 (Service Pac 7882 (MS10-008) Cumula A remote codeHigh The patches included
_x000D_ CVE-2010-0252
in MS10-008 remediate
indows Server 2008 (Service Pac 9822 Microsoft Windows A security bypLow A
The flaw is due to a zero-lengthisdirectory
security bypass vulnerability present in s
nam
indows Server 2008 (Service Pac 14899 Apache HTTP ServA privilege es Medium _x000D_ CVE-2012-0883
indows Server 2008 (Service Pac 11008 Microsoft WindowA denial of se High The vulnerabilityCVE-2010-4669
is specific to the Neighbor D
indows Server 2008 (Service Pac 13158 (MS11-100) MicroA denial of se High The flaw is dueCVE-2011-3414
_x000D_ to the processing of a .NET fo
_x000D_
indows Server 2008 (Service Pac 9841 Microsoft Windows A denial of se Medium A denial of service vulnerability is present in
_x000D_
indows Server 2008 (Service Pac 8937 Microsoft InternetA cross site sc Medium A cross site scripting
_x000D_ CVE-2007-1114
indows Server 2008 (Service Pac 13404 (MS12-019) Micros A denial of se Medium The flaw occurs CVE-2012-0156
due to DirectWrite renders a
indows Server 2008 (Service Pac 5474 Display all detec Informational Informational Informational script to display
indows Server 2008 (Service Pac 4618 Microsoft WindowThe "PasswordInformational The "PasswordCVE-1999-0535
_x000D_
indows Server 2008 (Service Pac 6936 Microsoft InterneA vulnerabilityLow A vulnerabilityCVE-2009-2433
indows Server 2008 (Service Pac 5596 Microsoft Windows The "DCOM: Mac Informational The "DCOM: Machine Launch Rest
_x000D_
indows Server 2008 (Service Pac 13632 (MS12-034) MicroA remote codeHigh This particularCVE-2011-3402
_x000D_ flaw is used in the wild as part
indows Server 2008 (Service Pac 5245 Microsoft WindowThe 'AdministrInformational Disabled
_x000D_ - Administrator account is disabled.
indows Server 2008 (Service Pac 11763 (MS11-027) Cumula Multiple vulneHigh Microsoft
indows Server 2008 (Service Pac 7220 (MS09-051) VulneMultiple vulneHigh The update
_x000D_ provided
CVE-2009-0555
by Microsoft
C bulletin M
indows Server 2008 (Service Pac 9068 (MS10-034) Cumula A remote codeHigh When
_x000D_a user visits
CVE-2010-0252
a maliciously C crafted webp
indows Server 2008 (Service Pac 9410 Microsoft InterneA remote denial Low A remote
The denial
flaw lies in theof service
TrueType vulnerability is en
font parsing pre
indows Server 2008 (Service Pac 12840 Microsoft Windows Multiple DNS pLow Multiple DNS poisoning vulnerabilities are pr
_x000D_
indows Server 2008 (Service Pac 13407 (MS12-019) Vulner A denial of se Medium Microsoft
_x000D_ CVE-2012-1545
The flaw lies in the scoreboard shared memo
indows Server 2008 (Service Pac 14199 Apache HTTP ServeA security bypLow _x000D_ CVE-2012-0031
indows Server 2008 (Service Pac 6003 Microsoft WindowOne or more us Informational One _x000D_or more user accounts have never logge
indows Server 2008 (Service Pac 13160 (MS11-100) MicroAn informationMedium The vulnerability
_x000D_ CVE-2011-3415
lies in the URL verification w
indows Server 2008 (Service Pac 13622 (MS12-034) CombinMultiple vulneHigh Microsoft
indows Server 2008 (Service Pac 5867 Microsoft InternetA vulnerabilit High A vulnerabilityCVE-2008-2281
indows Server 2008 (Service Pac 4427 Check users who Determined tha Informational Some _x000D_ accounts password was fo
indows Server 2008 (Service Pac 7229 (MS09-055) CumulaA vulnerabilit High The
_x000D_ provided
update CVE-2009-2493
indows Server 2008 (Service Pac 14175 Update Rollup forMultiple remotMedium Multiple remote code execution vulnerabiliti
indows Server 2008 (Service Pac 4615 Administrator Us Members of the High Under
indows Server 2008 (Service Pac 14150 Apache HTTP ServA heap overfloHigh A heap overflow CVE-2009-2412
vulnerability is present in so
indows Server 2008 (Service Pac 13143 Microsoft WindowsA local denial Low A local denial of service
4. A service is using a user vulne
account not perm
indows Server 2008 (Service Pac 4617 Microsoft WindowsA Microsoft WiInformational 5. A service
indows Server 2008 (Service Pac 11822 (MS11-027) MicroA remote codeHigh The vulnerability CVE-2011-1243
is specific to a possible corr
indows Server 2008 (Service Pac 11141 Microsoft Windo The Microsoft Informational _x000D_ The Microsoft Windows computer
indows Server 2008 (Service Pac 11140 McAfee VirusSca McAfee VirusSc Informational McAfee
indows Server 2008 (Service Pac 14954 Microsoft TerminaThe target is Informational _x000D_
indows Server 2008 (Service Pac 14411 PHP Obsolete VerAn obsolete veInformational An obsolete version of PHP is detected on th
_x000D_
indows Server 2008 (Service Pac 8490 NetBIOS Names InMicrosoft Net Informational Microsoft_x000D_ NetBIOS names information was d
indows Server 2008 (Service Pac 5975 Apache mod_proxy A vulnerabilit Medium A vulnerabilityCVE-2008-2364
_x000D_ in Apache mod_proxy may all
indows Server 2008 (Service Pac 6832 Apache HTTP ServeA vulnerabilityHigh The flaw lies
The mod_deflate inCVE-2009-1890
themodule
mod_proxy module
in Apache HTTP includ
ser
indows Server 2008 (Service Pac 6849 Apache mod_deflatApache HTTP se High _x000D_ CVE-2009-1891
indows Server 2008 (Service Pac 6864 PHP exif_read_datA vulnerabilityMedium A vulnerabilityCVE-2009-2687
_x000D_ exists in the exif_read_data()
indows Server 2008 (Service Pac 7162 Multiple VulnerabiVersions of PHP High _x000D_ CVE-2009-3291 C
indows Server 2008 (Service Pac 7402 PHP safe_mode SecPHP is prone toMedium A security
_x000D_ bypass
CVE-2009-3557
vulnerability exists in PHP 5
indows Server 2008 (Service Pac 7403 PHP open_basedirPHP is prone toHigh A
A security
Denial ofbypass CVE-2009-3558
Service vulnerability
vulnerabilityexists
existsininPHP
PHP5
indows Server 2008 (Service Pac 7406 PHP "multipart/foPHP is prone
An array indextoM edium
error exists in the imageRotateCVE-2009-4017
PHP_x000D_ function in PHP versions 5.2.8
indows Server 2008 (Service Pac 7509 PHP imageRotateearlier
F that could
Medium
lead to an information
Multiple vulnerabilities are presentlibxml
Multiple
in somedisclosure.
CVE-2008-5498
vulnerabilities
versions ofare php_imap.c
present inincluded
some v
indows Server 2008 (Service Pac 7769 PHP php_imap.c Mu Medium _x000D_ CVE-2008-2829
indows Server 2008 (Service Pac 7791 PHP enable_dl OpPHP enable_dlInformational PHP _x000D_enable_dl option is set on the host.
indows Server 2008 (Service Pac 7919 PHP imageloadfontA buffer overf High A
A buffer
buffer overflow CVE-2008-3658
overflow is present in the
vulnerability imageload
is present in m
indows Server 2008 (Service Pac 7968 PHP memnstr() BufA buffer overf Medium There is also aCVE-2008-3659
safe_mode bypass error in tem
indows Server 2008 (Service Pac 8059 PHP session ExtenPHP is prone toLow _x000D_
indows Server 2008 (Service Pac 8083 Apache HTTP ServeAn informationLow An information disclosure vulnerability is pre
_x000D_
indows Server 2008 (Service Pac 8179 PHP ZipArchive::ex
A directory traHigh A directory traversal
_x000D_ CVE-2008-5658
indows Server 2008 (Service Pac 8232 PHP display_errorPHP display_err Informational PHP _x000D_display_errors directive is set to "ON" on
indows Server 2008 (Service Pac 8234 PHP file_uploads PHP file_uploaInformational PHP _x000D_file_uploads option is enabled on the ho
indows Server 2008 (Service Pac 8237 PHP safe_mode Op PHP safe_mode Informational PHP _x000D_safe_mode option is disabled on the hos
indows Server 2008 (Service Pac 8245 PHP register_globPHP register_gInformational PHP _x000D_register_globals option is enabled on the
indows Server 2008 (Service Pac 8507 Apache Partial HTA denial of se High A denial of service vulnerability is present in
_x000D_
indows Server 2008 (Service Pac 9866 Web Server HTTPHTTP TRACE me Informational HTTP _x000D_ TRACE method is enabled on the HTTP
indows Server 2008 (Service Pac 10224 Hidden WWW SerHidden WWWInformational
s Hidden
indows Server 2008 (Service Pac 11005 Web Server phpinfPHP file phpinInformational PHP file phpinfo.php was detected on the ho
_x000D_
indows Server 2008 (Service Pac 11218 Web Server HTTPHTTP protocolInformational HTTP
indows Server 2008 (Service Pac 11234 Web Server BrokeWeb server witInformational Web server with broken links was detected o
_x000D_
indows Server 2008 (Service Pac 11275 PHP expose_php In An informationLow An information
indows Server 2008 (Service Pac 12256 Web Server HTTPHTTP DELETE m Informational HTTP
_x000D_DELETE method access was allowed on
indows Server 2008 (Service Pac 12824 HTTP Server Prone A denial of serMedium A denial of service
CVE-2009-5111
vulnerabilityC is present in
indows Server 2008 R2 (Service 1614 Microsoft WindowThe ASP .NET SInformational Provides
_x000D_ suppoCVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
Ti Maintains
_x000D_Disabled.
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2827 Default Administ The administraInformational An account nameCVE-1999-0585
_x000D_ Se
indows Server 2008 R2 (Service 2836 Unsigned Non-drivThe unsigned nInformational Default: Warn CVE-MAP-NOMA
indows Server 2008 R2 (Service 1756 Require DC authenThe Require Do Informational When enabled,CVE-2002-0157
indows Server 2008 R2 (Service 2832 Members Of The Accounts wereInformational If Inan accounttoCVE-MAP-NOMA
response these two glaring security hole
indows Server 2008 R2 (Service 1858 Web Server SuppoTThe
he Web server
Medium
User Rights "Generate security
NOTE:audits" CVE-MAP-NOMA
This check
policyrequires
does notatmatch
least Foundston
the recom
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2957 User Rights Log On
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2888 Microsoft WindowThe Perform Ro Informational _x000D_
Ensure permissions
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2966 User Rights Shut The User Righ Informational NOTE:
_x000D_This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2880 Microsoft WindowsThe "Network Informational
CVE-MAP-NOMA
_x000D_
_x000D_
indows Server 2008 R2 (Service 2918 User Rights Backup
_x000D_This check
CVE-MAP-NOMA
_x000D_This check
CVE-1999-0575
_x000D_
_x000D_This check
CVE-1999-0575
indows Server 2008 R2 (Service 3976 Microsoft WindowsThe permissionInformational CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 4025 Microsoft WindowsThe Microsoft Informational NOTE:
_x000D_This check
CVE-1999-0575
_x000D_
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
_x000D_This check
CVE-1999-0575
CVE-1999-0534
_x000D_
indows Server 2008 R2 (Service 4017 Microsoft Windo User accountsInformational One or more user
CVE-MAP-NOMA
indows Server 2008 R2 (Service 2962 User Rights Profi The User Righ Informational NOTE: This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 4104 USB Block StorageThe Microsoft Informational Microsoft Wind
_x000D_This check
CVE-MAP-NOMA
_x000D_This check
CVE-1999-0575
requires at least
C Foundston
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
indows Server 2008 R2 (Service 2965 User Rights RestorThe User RightInformational NOTE: This check
CVE-MAP-NOMA
indows Server 2008 R2 (Service 3960 False AdministratA false AdminiInformational The AdministraCVE-1999-0585 C
_x000D_
CVE-MAP-NOMA
_x000D_
_x000D_This check
CVE-MAP-NOMA
_x000D_
_x000D_
_x000D_
_x000D_
indows Server 2008 R2 (Service 4658 Microsoft IIS Det Microsoft InteInformational If the DisplayName
The registry and ImagePath
values under keysobtai
this key were exist
The flaw is duescript to display
to how the application handle
Informational The
The Microsoft Windows User Account "DCOM:
Control option Access
Machine
"BehaviorRestof the eleva
indows Server 2008 R2 (Service 4136 Windows FirewallTheS Microsoft Informational _x000D_
_x000D_
indows Server 2008 R2 (Service 5859 Windows User ProUser profiles Informational User_x000D_ profiles were found on the Windows ho
indows Server 2008 R2 (Service 7139 Microsoft InterneA vulnerabilit Medium A vulnerability
_x000D_ CVE-2009-3003
_x000D_
_x000D_
CVE-2009-2655
4. A servicevulnerabilities
is using a userare pre not perm
account
_x000D_
CVE-MAP-NOMA
indows Server 2008 R2 (Service 5533 Microsoft WindowA listMicrosoft
The of loca Informational A list ofControl
Windows User Account local groups
optionwas obta of the eleva
"Behavior
indows Server 2008 R2 (Service 4615 Administrator Us Members of the High Under Microsof
_x000D_ CVE-1999-0535
_x000D_ denial of service vulnerability is pre
_x000D_ CVE-2012-1545
A DNS configuration of a- The
- June 13, 2012 vendor
Windows has upd
Operating
_x000D_
indows Server 2008 R2 (Service 12840 Microsoft Windows Multiple DNS pLow
The Microsoft Multiple
Windows User Account DNS poisoning vulnerabilities
Control option "Admin Approvalare pr
Mod
_x000D_
_x000D_for opened TCP port on
_x000D_
_x000D_
indows Server 2008 R2 (Service 8344 Microsoft IIS Bas Microsoft InteInformational Microsoft IIS Basic Authentication scheme is
_x000D_
s Hidden
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1624 Microsoft WindowThe Performanc Informational Collects perfo CVE-MAP-NOMA
indows Server 2003 R2 (Service 1701 Do Not Display LaThe Microsoft Informational With
_x000D_this poli CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
_x000D_ Data ObCVE-MAP-NOMA
CVE-MAP-NOMA named
indows Server 2003 R2 (Service 2828 Default Guest Ac The guest accoInformational An account
_x000D_ namC VE-MAP-NOMA
indows Server 2003 R2 (Service 1758 Microsoft WindowThe Smart cardInformational Force
_x000D_Logoff - Users are automatically logged
The Do not store LAN Manager This
Shell HardInformational hashservice prCVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
Se
_x000D_
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 1787 Microsoft WindowThe Lockout ThInformational _x000D_
Determines the number of failed
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-1999-0575
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2918 User Rights Backup The User RightInformational NOTE: This check
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
indows Server 2003 R2 (Service 4004 Microsoft Windows The "ImpersonaInformational NOTE:
_x000D_This check
CVE-MAP-NOMA
_x000D_This check
CVE-MAP-NOMA
CVE-MAP-NOMA
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 2965 User Rights RestorThe User RightInformational NOTE: _x000D_ This checkCVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4125 Windows FirewallTAutoplay
he Microsoft
is notInformational The
indows Server 2003 R2 (Service 2970 User Rights LogonThe User RightInformational NOTE: _x000D_ This CVE-MAP-NOMA
indows Server 2003 R2 (Service 2957 User Rights Log OnThe User RightInformational NOTE: _x000D_ This checkCVE-MAP-NOMA
indows Server 2003 R2 (Service 2917 User Rights AllowThe User RightInformational NOTE: _x000D_ This checkCVE-MAP-NOMA
indows Server 2003 R2 (Service 2911 Audit Object AcceThe Audit Obj Informational NOTE: _x000D_ This checkCVE-1999-0575
requires at least
C Foundston
CVE-MAP-NOMA
indows Server 2003 R2 (Service 2912 Audit Policy ChanThe Audit Pol Informational NOTE: _x000D_ This checkCVE-1999-0575
indows Server 2003 R2 (Service 3959 Microsoft Windows The AdministrInformational The users
_x000D_ detected within the
CVE-MAP-NOMA
_x000D_
indows Server 2003 R2 (Service 4005 Microsoft Windows The "Log on asInformational NOTE: _x000D_ This checkCVE-1999-0534
indows Server 2003 R2 (Service 4025 Microsoft Windows The Microsoft Informational NOTE: _x000D_ This checkCVE-1999-0575
indows Server 2003 R2 (Service 4643 LSASS RPC Interf LSASS RPC InteInformational LSASS _x000D_ RPC Interface Detected.
indows Server 2003 R2 (Service 11192 Microsoft RemoteMicrosoft Remo Informational _x000D_
Microsoft Remote Procedure Call Service wa
_x000D_
_x000D_
_x000D_
CVE-2012-1853
MS12-054
C to address
indows Server 2003 R2 (Service 10615 Microsoft Data AccA remote codeHigh _x000D_ CVE-2010-4182
The flaw is
due the
to howhandling of kernel-mode
_x000D_
_x000D_ the Vector Markup Language
_x000D_ lies inCVE-2012-2522
the handling of objects previo
indows Server 2003 R2 (Service 13761 (MS12-037) MicroA remote codeHigh The flaw lies
code the accessvulnerability
execution to Col elements th
is pres
indows Server 2003 R2 (Service 14930 (MS13-036) MicroA privilege es High The flaw
_x000D_ lies inCVE-2013-1291
_x000D_ a memory error in the COmW
_x000D_ CVE-2012-1545
_x000D_ lies inCVE-2013-0027
a memory error in the CPaste
indows Server 2003 R2 (Service 14016 (MS12-055) MicrosA privilege es High The flaw lies inCVE-2012-2527
_x000D_ the handling of object in mem
CVE-2012-0160
MS12-035
C to address
indows Server 2003 R2 (Service 13879 (MS12-043) MicroA remote codeHigh Current
_x000D_intelligence
CVE-2012-1889
indicates that active an f
indows Server 2003 R2 (Service 7405 Microsoft InterneA vulnerabilityInformational The
The printing functionality
CVE-2009-4073
registry values in Microsoft
under this key wereIntern
obtai
_x000D_ the handling of previously de
indows Server 2003 R2 (Service 9086 (MS10-041) MicroA vulnerabilit Medium The vulnerabilityCVE-2009-0217
_x000D_
_x000D_ the handling of functions that
indows Server 2003 R2 (Service 13888 Microsoft UnauthoA spoofing vulMedium The flaw is specific to the multiple certificate
_x000D_
indows Server 2003 R2 (Service 6652 Microsoft WindowThe "PasswordInformational The
A settingcode
remote on the host does
execution not comply
vulnerability is with
pres
Microsoft has provided MS12-081 to address Succe
indows Server 2003 R2 (Service 14484 (MS12-081) VulneA remote codeHigh _x000D_ CVE-2012-4774
indows Server 2003 R2 (Service 5256 Microsoft WindowsScreen saver gInformational Ensure
_x000D_permissions comply with enterprise p
indows Server 2003 R2 (Service 14540 Microsoft InterneA denial of serHigh The flaw is due to how the application handle
_x000D_
indows Server 2003 R2 (Service 13876 (MS12-049) VulnerAn informationMedium Microsoft
CVE-2012-1870
MS12-049 to address
indows Server 2003 R2 (Service 9724 (MS10-060) VulnerA remote codeHigh Microsoft
CVE-2010-0019
indows Server 2003 R2 (Service 15039 (MS13-037) CriticMultiple vulneHigh Microsoft has provided
_x000D_ CVE-2013-0811
MS13-037
C to address
indows Server 2003 R2 (Service 14166 (MS12-063) CumulaA code executiHigh Microsoft has provided
CVE-2012-1529
MS12-063
C to address
_x000D_
CVE-2012-4781
MS12-077
C to address
indows Server 2003 R2 (Service 14933 (MS13-031) VulnerMultiple vulneMedium Microsoft
CVE-2013-1284
MS13-031
C to address
indows Server 2003 R2 (Service 14017 (MS12-052) CumulaMultiple remotHigh Microsoft has provided
_x000D_ CVE-2012-2522
MS12-052
C to address
indows Server 2003 R2 (Service 14174 Microsoft WindowsA spoofing vulMedium Update
_x000D_ - June 13, 2012 - The vendor has upd
CVE-2013-1332
MS13-046
C to address
CVE-MAP-NOMA
_x000D_
_x000D_ the parsing of file names. Suc
indows Server 2003 R2 (Service 6936 Microsoft InterneA vulnerabilityLow A
A vulnerability
remote codeCVE-2009-2433
isexecution
present in Microsoft Interne
_x000D_ lies inCVE-2013-3116
a memory error in the CObjec
_x000D_ lies inCVE-2012-1848
flaw the handling of the scrollbar c
indows Server 2003 R2 (Service 14565 (MS13-007) MicroA denial of se High The flaw lies inCVE-2013-0005
the Open Data Protocol. Succ
indows Server 2003 R2 (Service 14719 (MS13-017) Vulner A privilege es High A privilege es CVE-2013-1278 C
_x000D_
indows Server 2003 R2 (Service 13632 (MS12-034) MicroA remote codeHigh This particularCVE-2011-3402
_x000D_ flaw is used in the wild as part
_x000D_ lies inCVE-2013-1252
indows Server 2003 R2 (Service 14832 (MS13-021) Micros A remote codeHigh The flaw is dueCVE-2013-0089
_x000D_ lies inCVE-2012-4777
the permission validation for
_x000D_ the improper execution of fun
_x000D_
_x000D_
_x000D_ the handling of the Print Spoo
_x000D_ a memory error in the SetCap
_x000D_ a memory error in the vtable
_x000D_ lies inCVE-2013-1256
_x000D_ the handling of object in mem
indows Server 2003 R2 (Service 13875 (MS12-045) VulneA remote codeHigh Microsoft has provided
CVE-2012-1891
Windowsto address
Operating
indows Server 2003 R2 (Service 12703 Microsoft WindowAn insecure li High The flaw is by aCVE-2010-3143
_x000D_ design weakness exhibited d
A cross-site
remote codescripting
CVE-2010-1489
vulnerability
execution is present
indows Server 2003 R2 (Service 13623 (MS12-034) MicroA remote codeMedium The flaw lies inCVE-2012-0164
_x000D_ the way the framework comp
_x000D_ the handling of objects in me
_x000D_ lies inCVE-2012-4776
in the handling of the default
the validating of the permissi
_x000D_
_x000D_ the access of improperly initia
_x000D_ a memory error in the SLayou
_x000D_ lies inCVE-2013-1272
CVE-2013-0015
MS13-009
C to address
the handling of media files an
_x000D_
_x000D_ is due CVE-2013-1287
indows Server 2003 R2 (Service 7139 Microsoft InterneA vulnerabilit Medium A
4. vulnerability CVE-2009-3003
in Micrsoft
A service is using a user Internet
account Explorer
not permm
_x000D_
CVE-2013-0087
MS13-021
C to address
CVE-2013-1303
MS13-028
C to address
_x000D_ a memory error in DirectPlay.
indows Server 2003 R2 (Service 14618 (MS13-008) MicroA use-after-fr High In-the-wild
A remote code exploitation
CVE-2012-4792
executionhas been observed
vulnerability in
is pres
indows Server 2003 R2 (Service 15167 (MS13-047) Micros A remote code High The
The Digitally sign communications flaw lies inCVE-2013-3113
a user-after-free
HKEY_LOCAL_MACHINE\SYSTEM\CurrentCon error. Succe
_x000D_
indows Server 2003 R2 (Service 13768 (MS12-038) VulneA vulnerabilit High Microsoft
CVE-2012-1855
MS12-038 to address
the handling of OpenType fon
indows Server 2003 R2 (Service 14564 (MS13-007) Vulner A denial of se High Microsoft
CVE-2013-0005
MS13-007 to address
indows Server 2003 R2 (Service 14499 (MS12-082) Vulner A remote codeHigh The flaw lies inCVE-2012-1537
_x000D_ a memory error in DirectPlay.
_x000D_
indows Server 2003 R2 (Service 13634 (MS12-035) MicroA remote codeHigh The flawfile
A hosts liesconfiguration
inCVE-2012-0161
an error while calculatingOper
of a Windows a bu
indows Server 2003 R2 (Service 13430 Windows Hosts FiA hosts file c Informational The flaw lies in the TrueType font parsing en
indows Server 2003 R2 (Service 13631 (MS12-034) MicroA remote codeHigh _x000D_ CVE-2012-0159
_x000D_
_x000D_ the handling of kernel-mode
_x000D_ the handling of keyboard layo
CVE-2013-1287
MS13-027
C to address
_x000D_
_x000D_ the handling of file and direct
CVE-2012-0173
MS12-036 to address
indows Server 2003 R2 (Service 7232 Microsoft Windo The target's Informational The flaw is dueCVE-MAP-NOMA
CVE-2013-0077
MS13-011 to address
_x000D_ lies inCVE-2012-0180
the handling of Messages and
CVE-2012-2527
MS12-055 to address
CVE-2012-1890
MS12-047
C to address
indows Server 2003 R2 (Service 14215 (MS12-068) MicroAn informationHigh The flaw lies inCVE-2012-2529
indows Server 2003 R2 (Service 14347 Microsoft .NET F An obsolete veInformational An obsolete
_x000D_ version of Microsoft .NET Frame
_x000D_
_x000D_
_x000D_ an error while calculating a bu
CVE-2013-1295
MS13-033 to address
indows Server 2003 R2 (Service 14829 (MS13-021) MicrosA remote codeHigh The flaw iscode
A remote dueCVE-2013-0092
to how an vulnerability
execution object in memory
exists
_x000D_ is caused
CVE-2011-0664
indows Server 2003 R2 (Service 13767 (MS12-037) CumulaMultiple remotHigh Microsoft
CVE-2012-1523
MS12-037
C to address
CVE-2012-2897
MS12-075
C to address
_x000D_ a memory error in the CHTML
indows Server 2003 R2 (Service 14939 (MS13-029) VulneA remote codeHigh The vendor
_x000D_ has provided MS13-029 to addre
indows Server 2003 R2 (Service 14239 Microsoft WindowsMicrosoft has Medium While not technically a security issue, the dig
_x000D_
indows Server 2003 R2 (Service 14733 (MS13-016) MicrosA privilege es Medium The flaw lies
code aexecution
_x000D_ lies inCVE-2013-3111
_x000D_ the handling of kernel-mode
indows Server 2003 R2 (Service 14689 (MS13-016) MicrosA privilege es Medium The flaw lies
code aexecution
_x000D_ a serialization error for untrus
_x000D_ lies inCVE-2013-1257
indows Server 2003 R2 (Service 14914 Microsoft EnhanceMicrosoft EnhaInformational The flaw occurs due to Microsoft HTML Help
indows Server 2003 R2 (Service 14713 (MS13-015) VulnerA privilege es High The flaw lies inCVE-2013-0073
_x000D_ the handling of the permissio
indows Server 2003 R2 (Service 13627 (MS12-034) MicroA privilege es High The
A remote code the
handling
execution of keyboard
vulnerability layo
is pres
_x000D_
the access to deleted elemen
_x000D_
indows Server 2003 R2 (Service 15051 (MS13-037) Micros An informationMedium The flaw is dueCVE-2013-1297
indows Server 2003 R2 (Service 5595 Microsoft Windows The "DCOM: Mac Informational The "DCOM:
CVE-2012-1877
to an invalid access condi
indows Server 2003 R2 (Service 4615 Administrator Us Members of the High Under Microsof
_x000D_ lies inCVE-2013-3112
_x000D_ lies inCVE-2013-1249
CVE-2013-0030
MS13-010 to address
_x000D_ the handling of TrueType fon
The flaw lies
lies in
inCVE-2012-1875
the access
the ID property.
to an Successful ex
object in me
_x000D_ the incorrect handling of Brie
_x000D_ the handling of BIOS memory
_x000D_ exists in various Intel LAN driv
indows Server 2003 R2 (Service 15031 (MS13-038) SecuriA remote codeHigh Microsoft
CVE-2013-1347
MS13-038 to address
_x000D_ the loading of DLL files. Succe
_x000D_ the incorrect handling of Brie
_x000D_ may allow
CVE-2010-1898
a specially crafted Micros
_x000D_ the handling of parameters fo
_x000D_Microsoft Windows role-b
indows Server 2003 R2 (Service 14501 (MS12-078) VulneA remote codeHigh The flaw lies inCVE-2012-4786
_x000D_ the handling ofCOpenType an
indows Server 2003 R2 (Service 14218 (MS12-068) Vulner A vulnerabilit High Microsoft
CVE-2012-2529
MS12-068 to address
CVE-2013-1283
_x000D_ to how objects in memory ar
indows Server 2003 R2 (Service 14675 (MS13-016) Vulner Multiple vulneMedium Microsoft has provided
_x000D_ CVE-2013-1248
indows Server 2003 R2 (Service 14024 (MS12-054) MicroA denial of se Medium The flaw
_x000D_ lies inCVE-2012-1850
the handling of RAP requests
_x000D_ a memory error in the pasteH
_x000D_ VirusScan is installed on the host and
Exploitationhasis provided
CVE-2012-1895
achieved MS12-074 C to address
via a maliciously-craft
The flaw
flaw lies
lies in
inCVE-2012-1523
an
theerror
accesshandling a Center
to an object Ele
in me
indows Server 2003 R2 (Service 13622 (MS12-034) Combin Multiple vulneHigh Microsoft
CVE-2011-3402
_x000D_
indows Server 2003 R2 (Service 14617 (MS13-008) SecuriA use-after-freHigh Microsoft
CVE-2012-4792
MS13-008 to address
CVE-2012-1864
MS12-041
C to address
indows Server 2003 R2 (Service 14732 (MS13-016) MicrosA privilege es Medium The
A privilege escalation vulnerability flaw lies in
Theisvulnerability CVE-2013-1271
present somea race condition
canversions error.
be exploited by aSucces
of Microsoft
proce
Wi
_x000D_ the improper handling of obje
_x000D_ is due CVE-2013-1308
indows Server 2003 R2 (Service 13787 (MS12-042) VulnerMultiple vulneHigh Microsoft has provided
CVE-2012-0217
MS12-042
C to address
indows Server 2003 R2 (Service 15183 (MS13-048) VulnerA information Medium A information CVE-2013-3136
_x000D_
indows Server 2003 R2 (Service 13737 Microsoft WindowsA spoofing vulMedium Update
_x000D_ the memory allocation for ha
indows Server 2003 R2 (Service 15043 (MS13-037) MicrosA remote codeHigh The
The flaw
flaw is
is due
dueCVE-2013-1311
to
to how
whenan object
the Proxyinaddress
memoryan
indows Server 2003 R2 (Service 13510 (MS12-025) VulneA vulnerabilit High Microsoft
CVE-2012-0163
MS12-025 to address
indows Server 2003 R2 (Service 12228 (MS11-039) VulneA remote codeHigh The flaw is caused
_x000D_ CVE-2011-0664
_x000D_ the permission validation of c
CVE-2013-0001
MS13-004
C to address
_x000D_
indows Server 2003 R2 (Service 12840 Microsoft WindowsMultiple DNS pLow Multiple
indows Server 2003 R2 (Service 15162 (MS13-047) CumulaMultiple vulnerHigh Microsoft has provided
CVE-2013-3110
MS13-047
C to address
indows Server 2003 R2 (Service 5590 Microsoft WindowsThe User RightInformational The User Rights "Deny log on loc
_x000D_
indows Server 2003 R2 (Service 14569 (MS13-004) MicrosA privilege es High The flaw
_x000D_ lies inCVE-2013-0003
the handling of objects in me
indows Server 2003 R2 (Service 13855 (MS12-043) VulnerA vulnerabilit High Microsoft
CVE-2012-1889
MS12-043 to address
_x000D_ lies inCVE-2013-0073
the handling of the permissio
indows Server 2003 R2 (Service 15054 (MS13-040) VulnerMultiple securHigh Microsoft
CVE-2013-1336
MS13-040
C to address
indows Server 2003 R2 (Service 14364 (MS12-072) VulneMultiple remotHigh Microsoft has provided
_x000D_ CVE-2012-1527
MS12-072
C to address
CVE-2009-2655
to a null pointer
A remote code execution vulnerability deferenc
is pres
This check only attempts to establish a NetBISucce
_x000D_
indows Server 2003 R2 (Service 8969 Raw Socket Test Detect for opeInformational _x000D_
Detect for opened TCP port on
indows Server 2003 R2 (Service 5689 SSL/TLS X.509 Ce The common nam Informational
_x000D_
_x000D_
_x000D_
indows Server 2003 R2 (Service 7898 Microsoft ASP.NET Microsoft ASP.Informational Microsoft
_x000D_ ASP.NET exception stack trace is en
indows Server 2003 R2 (Service 8367 Microsoft IIS IIS Microsoft InteInformational Microsoft
indows Server 2003 R2 (Service 8388 Microsoft IIS MSAMicrosoft InteInformational Microsoft
_x000D_ IIS MSADC virtual directory was de
indows Server 2003 R2 (Service 8425 Microsoft IIS Prin Microsoft InterInformational Microsoft
indows Server 2003 R2 (Service 8426 Microsoft IIS Scri Microsoft InterInformational Microsoft
indows Server 2003 R2 (Service 8448 Microsoft IIS Ser Microsoft InteInformational Microsoft IIS script mapping configuration wa
_x000D_
indows Server 2003 R2 (Service 11258 HTTP Server Set HTTP server haInformational HTTP
_x000D_server handling session using set-cooki
indows Server 2003 R2 (Service 11260 Web Server WebDWebDAV was de Informational WebDAV was detected on the host.
880
910
208
5725
RecommendatFirst Found Last Found Services

_x000D_
Contact the operating system vendor for hardening
netbios-ns/udp/192.168.10.21/137
steps specific to the operating system.
Disable this service unless the functionali netbios-ssn/tcp/192.168.10.21/139
This service cannot be stopped. netbios-ssn/tcp/192.168.10.21/139
Identify and disable unnecessary services unetbios-ssn/tcp/192.168.10.21/139
Ensure that this policy setting is consisten netbios-ssn/tcp/192.168.10.21/139
Ensure
_x000D_ that this policy setting is consisten netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q282010
Verify that the host should have more thannetbios-ssn/tcp/192.168.10.21/139
Disable
_x000D_this service unless the functionali netbios-ssn/tcp/192.168.10.21/139
http://www.microsoft.com/windows/internet-explorer/default.aspx
netbios-ssn/tcp/192.168.10.21/139
Ensure that the installed version of ADO is netbios-ssn/tcp/192.168.10.21/139
Disable
By netbios-ssn/tcp/192.168.10.21/139
default, Foundstone recommends the NoDriveTypeAutoRun
_x000D_ key is set to 0xFF (255 in decimal) for increased security. This d
By default, Foundstone recommends the NoDriveTypeAutoRun
netbios-ssn/tcp/192.168.10.21/139
key is set to 0xFF (255 in decimal) for increased security. This d
Ensure that this setting is consistent with netbios-ssn/tcp/192.168.10.21/139
You can configure this setting by opening tnetbios-ssn/tcp/192.168.10.21/139
Disable
If AutoReboot is set to 1, after a blue screen,
netbios-ssn/tcp/192.168.10.21/139
the system will immediately restart.
To set this value, edit the value of the netbios-ssn/tcp/192.168.10.21/139
To modify this setting, change the "Hidde netbios-ssn/tcp/192.168.10.21/139
Ensure the service setting meet your enterpnetbios-ssn/tcp/192.168.10.21/139
Ensure that the maximum log size detectednetbios-ssn/tcp/192.168.10.21/139
Ensure that this setting is expected and co netbios-ssn/tcp/192.168.10.21/139
Ensure that this policy setting is consist netbios-ssn/tcp/192.168.10.21/139
You can configure this setting by opening netbios-ssn/tcp/192.168.10.21/139
_x000D_
If Autorun is set to 1, upon a cdrom disc being
netbios-ssn/tcp/192.168.10.21/139
loaded into the drive, the system will attempt to run a program on the disc imm
The default guest account should be rename netbios-ssn/tcp/192.168.10.21/139
Disable ICMP redirects by setting the valuenetbios-ssn/tcp/192.168.10.21/139
Set this value to 1, and define filters in netbios-ssn/tcp/192.168.10.21/139
_x000D_
The values of the key, NullSessionPipes, shownetbios-ssn/tcp/192.168.10.21/139
the listing of named pipes that may be anonymously accessed using null session
Ensure that
9. Add or this setting
remove groups is as
expected and co netbios-ssn/tcp/192.168.10.21/139
necessary_x000D_
10. Click
9. Add orApply,
removethen click as
groups OKnecessary_x000D_ netbios-ssn/tcp/192.168.10.21/139
10. Click Apply, then click OK
_x000D_ netbios-ssn/tcp/192.168.10.21/139
Set the
_x000D_ "Profile single process" policy to Administrators.
netbios-ssn/tcp/192.168.10.21/139
This key may need to be created if it does not
already exist.
already exist.
already exist.
Set the
_x000D_ "Remove computer from docking netbios-ssn/tcp/192.168.10.21/139
station" policy to Users and Administrators.
Set the "Allow logon through Terminal Services"
policy to Administrators.
already exist.
Set the "Log on as service" policy to None. netbios-ssn/tcp/192.168.10.21/139
_x000D_
already exist.
Otherwise,
_x000D_ if registry key permissions do not netbios-ssn/tcp/192.168.10.21/139
comply with policy, logon to the system with administrator privileges and adjust
Set the Audit Privilege Use policy to audit on
Failure.
already exist.
This key
_x000D_ may need to be created if it does not
netbios-ssn/tcp/192.168.10.21/139
already exist.
Then set the Audit Account Logon Events policy
to audit Success and Failure.
Then set the Audit Account Management policy
already exist.
Then set
_x000D_ the Audit Logon Events policy to audit
netbios-ssn/tcp/192.168.10.21/139
Success and Failure.
already exist.
already exist.
Set the Audit Policy Change policy to audit netbios-ssn/tcp/192.168.10.21/139
_x000D_ on Success.
Set the
_x000D_ "Access this computer from the network"
netbios-ssn/tcp/192.168.10.21/139
Otherwise,
_x000D_ if file permissions do not comply netbios-ssn/tcp/192.168.10.21/139
with policy, logon to the system with administrator privileges and adjust the perm
already exist.
Set the "Act as part of the operating system" netbios-ssn/tcp/192.168.10.21/139
policy to None.
Review
_x000D_ report output to determine if any in
n etbios-ssn/tcp/192.168.10.21/139
Set the "Change the system time" policy tonetbios-ssn/tcp/192.168.10.21/139
_x000D_ Administrators.
Set the "Replace a process level token" policy netbios-ssn/tcp/192.168.10.21/139
to Local Service and Network Service.
Enable
_x000D_ McAfee VirusScan On-Access Scanninnetbios-ssn/tcp/192.168.10.21/139
already exist.
already exist.
Set the
_x000D_ "Backup files and directories" policynetbios-ssn/tcp/192.168.10.21/139
to Administrators.
This key may need to be created if it does not netbios-ssn/tcp/192.168.10.21/139
already exist.
_x000D_
Set the "Bypass traverse checking" policy tonetbios-ssn/tcp/192.168.10.21/139
Users.
_x000D_
already exist.
already exist.
_x000D_
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.21/139
already exist.
Otherwise,
already exist.
already exist.
Set the
_x000D_ "Shut down the system" policy to Users
netbios-ssn/tcp/192.168.10.21/139
and Administrators.
already exist.
already exist.
Consult
_x000D_the organizational policy to dete netbios-ssn/tcp/192.168.10.21/139
Otherwise, if this is a valid policy violation, netbios-ssn/tcp/192.168.10.21/139
logon to the system with administrator privileges and correct the policy violation.
To modify this
4) Remove the setting, change the
group members "Perfo netbios-ssn/tcp/192.168.10.21/139
listed_x000D_
This
9. key may
Adjust this need to be
security created
option if it does not
netbios-ssn/tcp/192.168.10.21/139
as necessary_x000D_ already exist.
9. Add or remove subsystem names as necessary_x000D_netbios-ssn/tcp/192.168.10.21/139
already exist.
Set the Audit System Events policy to auditnetbios-ssn/tcp/192.168.10.21/139
on Success.
To modify
_x000D_ this setting, change the "NoNa netbios-ssn/tcp/192.168.10.21/139
Set theor
9. Add "Deny
removeaccess to this
groups computer fromnetbios-ssn/tcp/192.168.10.21/139
as necessary_x000D_ the network" policy to Guests.
Then set the Audit Object Access policy to audit netbios-ssn/tcp/192.168.10.21/139
To modify
_x000D_ this setting, change the "Auto netbios-ssn/tcp/192.168.10.21/139
already exist.
Set the "Restore files and directories" policy
to Administrators.
already exist.
Disable
_x000D_ this service unless the functionali netbios-ssn/tcp/192.168.10.21/139
Set the "Log on locally" policy to Users andnetbios-ssn/tcp/192.168.10.21/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.21/139
already exist.
already exist.
Ensure that SMTP server complies with orga smtp/tcp/192.168.10.21/25
Ensure that SMTP service complies with orgsmtp/tcp/192.168.10.21/25
1026/TCP._x000D_
loc-srv/tcp/192.168.10.21/135
Ensure
_x000D_ that MSRPC complies with organizatloc-srv/tcp/192.168.10.21/135
Restart the service after making the above qotd/tcp/192.168.10.21/17
changes.
Ensure that SSL complies with organizationa
Windows OS: Set the below registry key to 0._x000D_ https/tcp/192.168.10.21/443
HKLM\System\CurrentControlSet\Services\SimpTCP\Parameters\EnableTcpDiscard
discard/tcp/192.168.10.21/9
If the hosts file configuration is not in ac netbios-ssn/tcp/192.168.10.21/139
http://technet.microsoft.com/security/bulletin/MS10-035_x000D_
http://technet.microsoft.com/security/bulletin/MS14-018
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
McAfee is not aware of a vendor-supplied pnetbios-ssn/tcp/192.168.10.21/139
_x000D_
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
http://windows.microsoft.com/en-US/internet-explorer/downloads/ie
netbios-ssn/tcp/192.168.10.21/139
McAfee
_x000D_ is currently unaware of a vendor-snetbios-ssn/tcp/192.168.10.21/139
http://www.microsoft.com netbios-ssn/tcp/192.168.10.21/139
http://technet.microsoft.com/en-au/security/advisory/2820197
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
This patch has been superseded by MS14-018_x000D_
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
McAfee Avert Labs is not aware of a vendonetbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Informational script to display all detecte netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Set the "Password Must Meet Complexity Re netbios-ssn/tcp/192.168.10.21/139
McAfee is currently unaware of a vendor-snetbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
McAfee is unaware of a vendor-supplied panetbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
To modify this setting, change the "ScreenSaverGracePeriod" value under the "System\Software\Microsoft\Windows NT\Curr
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Ensure that host's domain or workgroup mnetbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Ensure that Internet Explorer Enhanced Secnetbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
http://technet.microsoft.com/en-us/security/advisory/2736233
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Ensure that this policy setting is consistent netbios-ssn/tcp/192.168.10.21/139
with the requirements of your enterprise security policy.
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
You
This can configure
patch has beenthis setting by by
superseded opening tnetbios-ssn/tcp/192.168.10.21/139
MS07-050_x000D_
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Ensure that only allowed users have a usernetbios-ssn/tcp/192.168.10.21/139
Disable
_x000D_administrative shares that are not netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
McAfee is currently unaware of a vendor-supplied patch or update (04/25/2014)._x000D_
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
If the DNS configuration is not in accordan netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Review
netbios-ssn/tcp/192.168.10.21/139
Computer Configuration\Windows Settings\Security
netbios-ssn/tcp/192.168.10.21/139
Settings\Interactive logon: Do not display last user name
For more information see,_x000D_ netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
This netbios-ssn/tcp/192.168.10.21/139
patch has been superseded by MS14-018_x000D_
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
_x000D_
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Accounts
_x000D_ added to the Administrators group netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Determine whether Microsoft Internet Inform
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Ensure that the list of VMware images comp
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
To modify this setting, change the "EnableICMPRedirect" value under the "System\CurrentControlSet\Services\Tcpip\Paramet
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Ensure existing local groups are necessary netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
_x000D_ with the requirements of your enterprise security policy.
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
The Default Value for WarningLevel is 0. Set netbios-ssn/tcp/192.168.10.21/139
this value to 90 to ensure warnings are generated._x000D_
netbios-ssn/tcp/192.168.10.21/139
To modify this setting, change the "NtfsDisable8dot3NameCreation" value under the "System\CurrentControlSet\Control\FileS
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Passwords should have expiration times tonetbios-ssn/tcp/192.168.10.21/139
e
Keep McAfee VirusScan up to date. netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
http://www.microsoft.com/net/download_x000D_ netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Enable Internet Explorer Enhanced Securitynetbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Upgrade to the latest version of Microsoft netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
http://support.microsoft.com/kb/2458544
On IE6, McAfee is currently unware of a vendor netbios-ssn/tcp/192.168.10.21/139
supplied patch or update (2013/07/18).
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Ensure
Ensure that
that this
this policy
policy setting
setting is
is consistent
consistent netbios-ssn/tcp/192.168.10.21/139
with
with the
the requirements
requirements of
of your
your enterprise
enterprise security
security policy.
policy._x000D_
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
Ensure that the programs under the HKEY netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
netbios-ssn/tcp/192.168.10.21/139
McAfee is currently
This patch has been unaware
supersededof abyvendor-snetbios-ssn/tcp/192.168.10.21/139
MS14-018_x000D_
netbios-ssn/tcp/192.168.10.21/139
Ensure that McAfee VirusScan Enterprise an netbios-ssn/tcp/192.168.10.21/139
http://support.microsoft.com/kb/982316 netbios-ssn/tcp/192.168.10.21/139
Ensure
_x000D_ that the computer role complies witnetbios-ssn/tcp/192.168.10.21/139
already exist.
netbios-ssn/tcp/192.168.10.21/139
Note: Blocking access for MVM to both TCPnetbios-ssn/tcp/192.168.10.21/139
ports 139 and 445 will also block MVM's credential based scans. This should only b
Ensure that the computer role complies witnetbios-ssn/tcp/192.168.10.21/139
Ensure that the Daytime service complies wdaytime/tcp/192.168.10.21/13
Ensure that Microsoft NetBIOS complies witnetbios-ns/udp/192.168.10.21/137
Ensure
_x000D_ that NetBIOS service complies with netbios-ns/udp/192.168.10.21/137
o
Note: The issue can be mitigated by blocking certain incoming ICMP requests to the system.
Disable ICMP reply via modify registory.
Close opened TCP port via firewall or IPsec.
Ensure that the ASP.NET service is allowedhttp/tcp/192.168.10.21/80
Ensure
_x000D_ that the list of file extension handl http/tcp/192.168.10.21/80
Note: Conceal the IIS Server status by modifying
_x000D_ http/tcp/192.168.10.21/80
the banner.
Note: It is advised to enforce NTLM authentication
http/tcp/192.168.10.21/80
for Microsoft IIS.
Ensure that Microsoft IIS complies with thehttp/tcp/192.168.10.21/80
Ensure
_x000D_ that Microsoft IIS complies with thehttp/tcp/192.168.10.21/80
Note: It is advised to enable "Use Host Header http/tcp/192.168.10.21/80
Name" setting.
Ensure that Microsoft IIS complies with orghttp/tcp/192.168.10.21/80
Ensure that HTTP proxy server complies withttp/tcp/192.168.10.21/8888
Ensure that web server complies with organ http/tcp/192.168.10.21/80;http/tcp/192.168.10.21/8888
Ensure that Web server complies with organ http/tcp/192.168.10.21/8888
http://support.microsoft.com/kb/142982/en-us_x000D_
_x000D_ http/tcp/192.168.10.21/80
netbios-ns/udp/192.168.10.62/137
http://www.microsoft.com/About/Legal/EN/US/Interoperability/Java/Default.aspx_x000D_
http://support.microsoft.com/gp/lifean12 netbios-ssn/tcp/192.168.10.62/139
Ensure that this is the expected and currennetbios-ssn/tcp/192.168.10.62/139
Disable
netbios-ssn/tcp/192.168.10.62/139
Disable
netbios-ssn/tcp/192.168.10.62/139
_x000D_
If Autorun is set to 1, upon a cdrom disc beingnetbios-ssn/tcp/192.168.10.62/139
Ensure
_x000D_ that this setting is expected and co netbios-ssn/tcp/192.168.10.62/139
netbios-ssn/tcp/192.168.10.62/139
Ensure
The values of the key, NullSessionPipes, show netbios-ssn/tcp/192.168.10.62/139
Set this
_x000D_ value to 1, and define filters in netbios-ssn/tcp/192.168.10.62/139
netbios-ssn/tcp/192.168.10.62/139
Disable
If AutoReboot is set to 1, after a blue screen, netbios-ssn/tcp/192.168.10.62/139
_x000D_
Set the "Profile single process" policy to Administrators.
already exist.
This key
netbios-ssn/tcp/192.168.10.62/139
already exist.
already exist.
already exist.
Set the
_x000D_ "Backup files and directories" policy
netbios-ssn/tcp/192.168.10.62/139
to Administrators.
already exist.
To modify this setting, change the "Perfo netbios-ssn/tcp/192.168.10.62/139
_x000D_
_x000D_ on Success.
already exist.
_x000D_
already exist.
Set the
_x000D_ Audit Privilege Use policy to audit on
netbios-ssn/tcp/192.168.10.62/139
Failure.
already exist.
already exist.
Consult the organizational policy to dete netbios-ssn/tcp/192.168.10.62/139
_x000D_
already exist.
already exist.
Set the "Shut down the system" policy to Users netbios-ssn/tcp/192.168.10.62/139
and Administrators.
_x000D_
already exist.
To modify this setting, change the "Auto netbios-ssn/tcp/192.168.10.62/139
_x000D_
already exist.
Set the "Replace a process level token" policy
This key may
9. Adjust this need
securityto be created
netbios-ssn/tcp/192.168.10.62/139
Otherwise,
_x000D_ if registry key permissions do not
netbios-ssn/tcp/192.168.10.62/139
already exist.
Set the "Log
9. Adjust thison locally"
audit policypolicy
valuetoasUsers andnetbios-ssn/tcp/192.168.10.62/139
Administrators.
necessary_x000D_
This key may need to be created if
9. Add or remove groups as necessary_x000D_ it does netbios-ssn/tcp/192.168.10.62/139
not already exist.
10. Click Apply,
4) Remove then click
the group OK listed_x000D_
members netbios-ssn/tcp/192.168.10.62/139
already exist.
_x000D_ on Success.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.62/139
already exist.
This keyormay
9. Add needgroups
remove to be created if it does not
as necessary_x000D_ netbios-ssn/tcp/192.168.10.62/139
already exist.
10. Click
9. Add orApply,
remove then click OK names as necessary_x000D_
subsystem netbios-ssn/tcp/192.168.10.62/139
Set the
_x000D_ "Log on as service" policy to None. netbios-ssn/tcp/192.168.10.62/139
already exist.
_x000D_
Then set the Audit Object Access policy to audit
Otherwise,
_x000D_ if file permissions do not complynetbios-ssn/tcp/192.168.10.62/139
already exist.
_x000D_ Users.
Set the "Remove computer from docking station"
policy to Users and Administrators.
Set the "Restore files and directories" policy netbios-ssn/tcp/192.168.10.62/139
to Administrators.
To modify this setting, change the "NoNa netbios-ssn/tcp/192.168.10.62/139
_x000D_
Otherwise,
_x000D_ if this is a valid policy violation, netbios-ssn/tcp/192.168.10.62/139
already exist.
Then set
netbios-ssn/tcp/192.168.10.62/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.62/139
already exist.
Set the "Access this computer from the network"
Set the "Deny access to this computer fromnetbios-ssn/tcp/192.168.10.62/139
the network" policy to Guests.
Review report output to determine if any innetbios-ssn/tcp/192.168.10.62/139
_x000D_
This keyormay
9. Add needgroups
already exist.
already exist.
_x000D_
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.62/139
already exist.
Otherwise, if file permissions do not comply
1026/TCP._x000D_ netbios-ssn/tcp/192.168.10.62/139
loc-srv/tcp/192.168.10.62/135
Ensure that MSRPC complies with organizatloc-srv/tcp/192.168.10.62/135
http://technet.microsoft.com/security/bulletin/ms11-066_x000D_
netbios-ssn/tcp/192.168.10.62/139
If the DNS
McAfee configuration
is currently is notofinaaccordan
unaware netbios-ssn/tcp/192.168.10.62/139
vendor-supplied patch or update (04/25/2014)._x000D_
Computer Configuration\Windows Settings\Security netbios-ssn/tcp/192.168.10.62/139
McAfee
To modify is unaware of achange
this setting, vendor-supplied panetbios-ssn/tcp/192.168.10.62/139
the "ScreenSaverGracePeriod" value under the "System\Software\Microsoft\Windows NT\Curr
netbios-ssn/tcp/192.168.10.62/139
e
McAfee
_x000D_is currently unaware of a vendor-snetbios-ssn/tcp/192.168.10.62/139
McAfee is currently unaware of a vendor-supplied netbios-ssn/tcp/192.168.10.62/139
patch or update (04/25/2014)._x000D_
netbios-ssn/tcp/192.168.10.62/139
netbios-ssn/tcp/192.168.10.62/139
Review report output to determine if any in
netbios-ssn/tcp/192.168.10.62/139
netbios-ssn/tcp/192.168.10.62/139
McAfee
McAfee is currently
The Default Value for unaware of a vendor-snetbios-ssn/tcp/192.168.10.62/139
WarningLevel is 0. Set this value to 90 to ensure warnings are generated._x000D_
netbios-ssn/tcp/192.168.10.62/139
http://technet.microsoft.com/security/bulletin/MS12-035netbios-ssn/tcp/192.168.10.62/139
Accounts added to the Administrators group netbios-ssn/tcp/192.168.10.62/139
Please ensure the permissions assigned to nt etbios-ssn/tcp/192.168.10.62/139
Keep McAfee
For more VirusScan
information up to date.
see,_x000D_ netbios-ssn/tcp/192.168.10.62/139
netbios-ssn/tcp/192.168.10.62/139
http://www.intel.com/p/en_US/support/detect/network_x000D_
http://technet.microsoft.com/security/bulletin/MS13-004netbios-ssn/tcp/192.168.10.62/139
McAfee
_x000D_is not aware of a vendor-supplied pnetbios-ssn/tcp/192.168.10.62/139
Administrators may want to terminate sessio
netbios-ssn/tcp/192.168.10.62/139
netbios-ssn/tcp/192.168.10.62/139
Determine whether Microsoft Internet Inform netbios-ssn/tcp/192.168.10.62/139
Disable administrative shares that are not netbios-ssn/tcp/192.168.10.62/139
Verify that the Everyone group is allowed netbios-ssn/tcp/192.168.10.62/139
http://www.microsoft.com/net/download_x000D_
netbios-ssn/tcp/192.168.10.62/139
netbios-ssn/tcp/192.168.10.62/139
McAfee
Ensure
_x000D_ that this policy setting is consistent netbios-ssn/tcp/192.168.10.62/139
http://support.microsoft.com/kb/2458544netbios-ssn/tcp/192.168.10.62/139
McAfee
the "NtfsDisable8dot3NameCreation" value under the "System\CurrentControlSet\Control\FileS
netbios-ssn/tcp/192.168.10.62/139
_x000D_
Passwords
_x000D_ should have expiration times tonetbios-ssn/tcp/192.168.10.62/139
e
already exist.
Set the
_x000D_ "Password Must Meet Complexity Re
netbios-ssn/tcp/192.168.10.62/139
with the requirements of your enterprise security policy._x000D_
However, McAfee is not aware of a patch for netbios-ssn/tcp/192.168.10.62/139
Microsoft Data Access Objects Library (07/23/2014).
Enable
_x000D_ Internet Explorer Enhanced Securitynetbios-ssn/tcp/192.168.10.62/139
Ensure that NetBIOS service complies with netbios-ns/udp/192.168.10.62/137
o
_x000D_
Ensure
Note:
_x000D_Conceal the IIS Server status by modifying
http/tcp/192.168.10.62/80
the banner.
http/tcp/192.168.10.62/80
for Microsoft IIS.
_x000D_
Name" setting.
Ensure that web server complies with organ http/tcp/192.168.10.62/80
_x000D_ http/tcp/192.168.10.62/80
netbios-ns/udp/192.168.10.15/137
Verify
_x000D_that the host should have more thannetbios-ssn/tcp/192.168.10.15/139
netbios-ssn/tcp/192.168.10.15/139
Ensure
netbios-ssn/tcp/192.168.10.15/139
_x000D_
Ensure
netbios-ssn/tcp/192.168.10.15/139
By default, Foundstone recommends the NoDriveTypeAutoRun key is set to 0xFF (255 in decimal) for increased security. This d
Ensure
No accounts should be members of the Renetbios-ssn/tcp/192.168.10.15/139
Disable
If Autorun is set to 1, upon a cdrom disc being netbios-ssn/tcp/192.168.10.15/139
_x000D_
netbios-ssn/tcp/192.168.10.15/139
_x000D_
This keyormay
9. Add needgroups
as necessary_x000D_netbios-ssn/tcp/192.168.10.15/139
already exist.
on Success.
_x000D_
already exist.
already exist.
already exist.
To modify
already exist.
Set the "Allow logon through Terminal Services" netbios-ssn/tcp/192.168.10.15/139
Review
_x000D_report output to determine if any innetbios-ssn/tcp/192.168.10.15/139
already exist.
To modify
Set the "Shut down the system" policy to Users
and Administrators.
already exist.
already exist.
Set the
already exist.
already exist.
already exist.
This key
_x000D_ may need to be created if it does netbios-ssn/tcp/192.168.10.15/139
not already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.15/139
already exist.
Failure.
already exist.
This
9. Add or remove groups as necessary_x000D_already exist.
key may need to be created if it does not
netbios-ssn/tcp/192.168.10.15/139
Then set the Audit Logon Events policy to audit netbios-ssn/tcp/192.168.10.15/139
_x000D_
Otherwise,
already exist.
already exist.
_x000D_ the network" policy to Guests.
This key
netbios-ssn/tcp/192.168.10.15/139
already exist.
already exist.
Otherwise,
already exist.
to Administrators.
already exist.
This key
netbios-ssn/tcp/192.168.10.15/139
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.15/139
already exist.
already exist.
already exist.
To correct this policy violation remove unwanted
user accounts from the Remote Desktop Users group.
Set the
_x000D_ "Backup files and directories" policy
netbios-ssn/tcp/192.168.10.15/139
to Administrators.
_x000D_ Users.
already exist.
_x000D_
Then set the Audit Account Management policy netbios-ssn/tcp/192.168.10.15/139
Consult
This
9. Addkeyormay needgroups
already exist.
already exist.
on Success.
_x000D_
Otherwise, if registry
9. Add or remove key permissions
subsystem names asdo not
netbios-ssn/tcp/192.168.10.15/139
necessary_x000D_
10. Click Apply,
9. Adjust then click
this security OK as necessary_x000D_
option netbios-ssn/tcp/192.168.10.15/139
10. Click
_x000D_ Apply, then click OK netbios-ssn/tcp/192.168.10.15/139
already exist.
Otherwise, if file permissions do not comply netbios-ssn/tcp/192.168.10.15/139
1026/TCP._x000D_
loc-srv/tcp/192.168.10.15/135
netbios-ssn/tcp/192.168.10.15/139
Accounts
McAfee isadded to the
currently Administrators
unaware group
netbios-ssn/tcp/192.168.10.15/139
of a vendor-supplied patch or update (04/25/2014)._x000D_
http://www.oracle.com/technetwork/java/eol-135779.html
netbios-ssn/tcp/192.168.10.15/139
McAfee
http://www.java.com/en/download/manual.jsp netbios-ssn/tcp/192.168.10.15/139
Set the "Password Must Meet Complexity Re
http://windows.microsoft.com/en-us/internet-explorer/download-ie
netbios-ssn/tcp/192.168.10.15/139
Ensure
Ensure that
that the
this programs under
policy setting the HKEY netbios-ssn/tcp/192.168.10.15/139
is consistent with the requirements of your enterprise security policy._x000D_
http://www.java.com/en/download/manual.jsp
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
On IE6, McAfee is currently unware of a vendor
netbios-ssn/tcp/192.168.10.15/139
supplied patch or update
To modify this setting, change the "NtfsDisable8dot3NameCreation" value(2013/07/18).
under the "System\CurrentControlSet\Control\FileS
_x000D_
McAfee
For moreisinformation
currently unaware of a vendor-snetbios-ssn/tcp/192.168.10.15/139
see,_x000D_
netbios-ssn/tcp/192.168.10.15/139
Determine
The Defaultwhether
Value forMicrosoft Internet
WarningLevel is 0.Inform
netbios-ssn/tcp/192.168.10.15/139
Set this value to 90 to ensure warnings are generated._x000D_
McAfee
http://www.microsoft.com/net/download_x000D_ e
http://www.sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1
netbios-ssn/tcp/192.168.10.15/139
Check for Sun Java Runtime Environment isnetbios-ssn/tcp/192.168.10.15/139
_x000D_
http://java.sun.com/javase/downloads/index.jsp netbios-ssn/tcp/192.168.10.15/139
http://java.sun.com/javase/downloads/index_jdk5.jsp_x000D_
http://java.sun.com/javase/downloads/index.jsp
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
netbios-ssn/tcp/192.168.10.15/139
Ensure
_x000D_ that Internet Explorer Enhanced Secnetbios-ssn/tcp/192.168.10.15/139
netbios-ssn/tcp/192.168.10.15/139
You can
_x000D_ configure this setting by opening tnetbios-ssn/tcp/192.168.10.15/139
already exist.
http://mail.openjdk.java.net/pipermail/core-libs-dev/2012-May/010238.html
netbios-ssn/tcp/192.168.10.15/139
Ensure
_x000D_ that McAfee VirusScan Enterprise an netbios-ssn/tcp/192.168.10.15/139
McAfee
WindowsisXP:
http://www.microsoft.com/download/details.aspx?id=7208_x000D_
netbios-ssn/tcp/192.168.10.15/139
Ensure
_x000D_ that host's domain or workgroup mnetbios-ssn/tcp/192.168.10.15/139
Ensure
_x000D_ that only allowed users have a usernetbios-ssn/tcp/192.168.10.15/139
netbios-ssn/tcp/192.168.10.15/139
o
Raw Socket Test IP Identification Value Randomness
_x000D_
Ensure
_x000D_ http/tcp/192.168.10.15/80
the banner.
http/tcp/192.168.10.15/80
for Microsoft IIS.
Ensure
Note: It is advised to enable "Use Host Headerhttp/tcp/192.168.10.15/80
Name" setting.
_x000D_ http/tcp/192.168.10.15/80
4. Uncheck the 'Allow Anonymous Connections'
_x000D_ ftp/tcp/192.168.10.34/21
box. When prompted, click Yes to continue.
Contact
_x000D_the operating system vendor for hardening
netbios-ns/udp/192.168.10.34/137
http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=DDE9EFC0-BB30-47EB-9A61-FD755D23CDEC
http/tcp/192.168.10.34/80
Ensure
_x000D_ that this is the expected and currennetbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
Verify
_x000D_that the host should have more thannetbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
_x000D_
netbios-ssn/tcp/192.168.10.34/139
_x000D_
netbios-ssn/tcp/192.168.10.34/139
Disable
netbios-ssn/tcp/192.168.10.34/139
Disable
The values of the key, NullSessionPipes, shownetbios-ssn/tcp/192.168.10.34/139
Disable
_x000D_ICMP redirects by setting the valuenetbios-ssn/tcp/192.168.10.34/139
Otherwise,
This keyormay
9. Add needgroups
already exist.
10. Click
already exist.
Set theor
9. Add "Log on locally"
remove groupspolicy to Users andnetbios-ssn/tcp/192.168.10.34/139
as necessary_x000D_ Administrators.
This key
netbios-ssn/tcp/192.168.10.34/139
already exist.
_x000D_ Users.
already exist.
Consult
Then set the Audit Logon Events policy to audit
already exist.
already exist.
_x000D_
already exist.
Set the "Backup files and directories" policynetbios-ssn/tcp/192.168.10.34/139
_x000D_ to Administrators.
This key
netbios-ssn/tcp/192.168.10.34/139
already exist.
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.34/139
already exist.
already exist.
This key may
4) Remove theneed to members
group be createdlisted_x000D_
if it does not
netbios-ssn/tcp/192.168.10.34/139
already exist.
This key
netbios-ssn/tcp/192.168.10.34/139
already exist.
Failure.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.34/139
already exist.
already exist.
9. Add or remove groups as necessary_x000D_
and Administrators.
This key
netbios-ssn/tcp/192.168.10.34/139
already exist.
Otherwise,
already exist.
netbios-ssn/tcp/192.168.10.34/139
9. Add or remove subsystem names as necessary_x000D_ already exist.
Otherwise,
This key may
9. Adjust this need to be
security created
netbios-ssn/tcp/192.168.10.34/139
10. Click
already exist.
already exist.
already exist.
Set the
netbios-ssn/tcp/192.168.10.34/139
_x000D_
already exist.
Set the
_x000D_ "Restore files and directories" policy
netbios-ssn/tcp/192.168.10.34/139
to Administrators.
already exist.
_x000D_
already exist.
Otherwise,
netbios-ssn/tcp/192.168.10.34/139
already exist.
Review
already exist.
already exist.
on Success.
_x000D_
_x000D_ on Success.
Administrators.
Ensure that MSRPC
1026/TCP._x000D_ complies with organizat loc-srv/tcp/192.168.10.34/135
loc-srv/tcp/192.168.10.34/135
Ensure that the FTP server complies with orftp/tcp/192.168.10.34/21
Verify that the FTP server's configuration ftp/tcp/192.168.10.34/21
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151_x000D_
netbios-ssn/tcp/192.168.10.34/139
McAfee
Ensure
McAfeethat this policy
is currently settingof
unaware is aconsistent netbios-ssn/tcp/192.168.10.34/139
with thepatch
vendor-supplied requirements
or updateof(04/25/2014)._x000D_
your enterprise security policy.
netbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
Ensure that the computer
For more information see,_x000D_role complies witnetbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
McAfee
To modify is not
this aware
setting,ofchange
a vendor-supplied pnetbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
_x000D_
_x000D_
Ensure
already exist.
McAfee
_x000D_is unaware of a vendor-supplied panetbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
_x000D_
Computer
The DefaultConfiguration\Windows
Value for WarningLevelSettings\Security
netbios-ssn/tcp/192.168.10.34/139
is 0. Set Settings\Interactive
this value logon: Do
to 90 to ensure warnings arenot display last user name
generated._x000D_
netbios-ssn/tcp/192.168.10.34/139
e
Ensure
To existing
modify local groups
this setting, changearethe
necessary netbios-ssn/tcp/192.168.10.34/139
"EnableICMPRedirect" value under the "System\CurrentControlSet\Services\Tcpip\Paramet
netbios-ssn/tcp/192.168.10.34/139
Ensure that Internet Explorer Enhanced Secn etbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
Remove unneeded user accounts. netbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
netbios-ssn/tcp/192.168.10.34/139
Disable
Download administrative sharesofthat
the latest version are not
Adobe Flashnetbios-ssn/tcp/192.168.10.34/139
Player from the following location:_x000D_
http://get.adobe.com/flashplayer netbios-ssn/tcp/192.168.10.34/139
If the hosts
McAfee file configuration
is currently unaware isofnot in ac netbios-ssn/tcp/192.168.10.34/139
a vendor-supplied patch or update (5/19/2014)._x000D_
o
Disable
_x000D_ICMP reply via modify registory.
Ensure
Note:
_x000D_Conceal the IIS Server status by modifyinghttp/tcp/192.168.10.34/80
the banner.
http/tcp/192.168.10.34/80
for Microsoft IIS.
Ensure
Name" setting.
Ensure that WebDAV complies with organiza http/tcp/192.168.10.34/80
_x000D_ http/tcp/192.168.10.34/80
Contact the operating system vendor for hardeningnetbios-ns/udp/192.168.10.66/137
Disable
http/tcp/192.168.10.66/80
Disable
netbios-ssn/tcp/192.168.10.66/139
Ensure
netbios-ssn/tcp/192.168.10.66/139
Disable
netbios-ssn/tcp/192.168.10.66/139
Ensure
To set this value, edit the value of the
If AutoReboot is set to 1, after a blue screen,netbios-ssn/tcp/192.168.10.66/139
Ensure
netbios-ssn/tcp/192.168.10.66/139
Ensure that
9. Add or this policy
remove setting
groups is consisten netbios-ssn/tcp/192.168.10.66/139
as necessary_x000D_
10. Click
_x000D_ Users.
already exist.
Set the
_x000D_ "Remove computer from docking station"
netbios-ssn/tcp/192.168.10.66/139
already exist.
_x000D_
already exist.
and Administrators.
already exist.
Set the
netbios-ssn/tcp/192.168.10.66/139
to Administrators.
already exist.
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.66/139
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.66/139
already exist.
already exist.
Review
_x000D_ on Success.
This
4) Remove the group members listed_x000D_ already exist.
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
_x000D_
Set the Audit Privilege Use policy to audit on netbios-ssn/tcp/192.168.10.66/139
Failure.
To modify
already exist.
already exist.
Otherwise,
Set the
_x000D_ "Deny access to this computer fromnetbios-ssn/tcp/192.168.10.66/139
already exist.
already exist.
already exist.
Set the
_x000D_ "Allow logon through Terminal netbios-ssn/tcp/192.168.10.66/139
Services" policy to Administrators.
Otherwise,
already exist.
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.66/139
already exist.
already exist.
Otherwise,
This key
netbios-ssn/tcp/192.168.10.66/139
already exist.
Set theor
9. Add "Change
removethe system
groups time" policy tonetbios-ssn/tcp/192.168.10.66/139
as necessary_x000D_ Administrators.
10. Click
9. Add orApply,
remove then click as
This key
netbios-ssn/tcp/192.168.10.66/139
already exist.
already exist.
Set the
_x000D_ Audit System Events policy to auditnetbios-ssn/tcp/192.168.10.66/139
on Success.
This key may
security created
netbios-ssn/tcp/192.168.10.66/139
already exist.
3. View the subkeys. netbios-ssn/tcp/192.168.10.66/139
9. Add or remove subsystem names as necessary_x000D_
already exist.
To modify
_x000D_ this setting, change the "Perfo netbios-ssn/tcp/192.168.10.66/139
already exist.
already exist.
Set the "Act as part of the operating system"
policy to None.
Set the
already exist.
netbios-ssn/tcp/192.168.10.66/139
_x000D_
Then set the Audit Object Access policy to audit netbios-ssn/tcp/192.168.10.66/139
Review
_x000D_X.509 certificate fields and verify thhttps/tcp/192.168.10.66/2381
Note: Configure the server to support the latest https/tcp/192.168.10.66/2381
version of the protocol, strong encryption ciphers and appropriate signed certi
Consider to use the TLS 1.2 or later protoc https/tcp/192.168.10.66/2381
Ensure that TLS/SSL Server and the SSL certhttps/tcp/192.168.10.66/2381
Ensure that SSL complies with organizationa https/tcp/192.168.10.66/2381
1026/TCP._x000D_
loc-srv/tcp/192.168.10.66/135
netbios-ssn/tcp/192.168.10.66/139
If thepatch
This hostshas
filebeen
configuration is not
superseded by in ac netbios-ssn/tcp/192.168.10.66/139
MS14-015_x000D_
This patch has been superseded by MS14-015_x000D_netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
Disable
To modifyadministrative shares that
this setting, change are not netbios-ssn/tcp/192.168.10.66/139
the "EnableICMPRedirect" value under the "System\CurrentControlSet\Services\Tcpip\Paramet
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
Make
_x000D_sure that the use of USB devices matc netbios-ssn/tcp/192.168.10.66/139
http://technet.microsoft.com/en-us/security/bulletin/ms13-027
netbios-ssn/tcp/192.168.10.66/139
Ensure that the list of VMware images comp netbios-ssn/tcp/192.168.10.66/139
McAfee is not
This patch has aware of a vendor-supplied
been superseded pnetbios-ssn/tcp/192.168.10.66/139
by MS14-015_x000D_
http://blogs.technet.com/b/srd/archive/2012/10/09/security-advisory-2749655-and-timestamping.aspx
Ensure thathas
This patch thisbeen
policy setting is consistent
superseded netbios-ssn/tcp/192.168.10.66/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.66/139
Keep
McAfee McAfee VirusScan
is currently up toof
unaware date. netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
e
Please ensure
This patch has the permissions
been supersededassigned to nt etbios-ssn/tcp/192.168.10.66/139
by MS13-063_x000D_
netbios-ssn/tcp/192.168.10.66/139
McAfee
This Avert
patch has Labs
beenissuperseded
not aware ofbyaMS14-015_x000D_
vendonetbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
McAfee is currently
This patch has been unaware of abyvendor-snetbios-ssn/tcp/192.168.10.66/139
superseded MS14-015_x000D_
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
Ensure that this policy setting is consisten
This patch has been superseded by MS14-015_x000D_ netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
McAfee
This patch is currently
has been unaware
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.66/139
http://technet.microsoft.com/en-us/security/bulletin/ms12-054.aspx
Ensure
This patchthathas
thisbeen
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.66/139
Ensure
_x000D_ existing local groups are necessary netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
Ensure that Internet Explorer Enhanced
McAfee is currently unaware of a vendor-supplied Sec netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
Ensure
On IE6,
This patchMcAfee is currently
has been unware
superseded of a vendor
netbios-ssn/tcp/192.168.10.66/139
by MS13-063_x000D_supplied patch or update (2013/07/18).
netbios-ssn/tcp/192.168.10.66/139
Review report output to determine if any
This patch has been superseded by MS13-082_x000D_ innetbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
McAfee
This patch is not
has aware of a vendor-supplied
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.66/139
McAfee
This patchis currently
has been unaware
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
http://technet.microsoft.com/en-us/security/advisory/2798897_x000D_
netbios-ssn/tcp/192.168.10.66/139
_x000D_
Ensure
already exist.
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
McAfee
netbios-ssn/tcp/192.168.10.66/139
Administrators
_x000D_ may want to terminate sessio netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
Ensure that the programs under
For more information see,_x000D_ the HKEY netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
http://technet.microsoft.com/en-us/security/bulletin/ms13-029.asp
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
Computer
_x000D_ Configuration\Windows Settings\Security
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
netbios-ssn/tcp/192.168.10.66/139
o
_x000D_
Close
_x000D_opened TCP port via firewall or IPsec.
https/tcp/192.168.10.66/2381
Install properly signed TLS/SSL X.509 certif https/tcp/192.168.10.66/2381
Ensure
Note:
EnsureConceal
that SSLthe
web IISserver
Servercomplies
status bywith
modifying
http/tcp/192.168.10.66/80
the the banner.
corporate policy._x000D_
_x000D_ https/tcp/192.168.10.66/2381
http/tcp/192.168.10.66/80
for Microsoft IIS.
Ensure
Name" setting.
Ensure that Web server complies with organ http/tcp/192.168.10.66/2301;https/tcp/192.168.10.66/2381
Ensure that HTTP server complies with orgahttp/tcp/192.168.10.66/2301
_x000D_ http/tcp/192.168.10.66/80
Contact
_x000D_the operating system vendor for hardening netbios-ns/udp/192.168.10.70/137
Note:
_x000D_Blocking access for MVM to both TCPnetbios-ssn/tcp/192.168.10.70/139
http/tcp/192.168.10.70/80
Disable
netbios-ssn/tcp/192.168.10.70/139
Disable
netbios-ssn/tcp/192.168.10.70/139
Ensure
netbios-ssn/tcp/192.168.10.70/139
Ensure
If Autorun is set to 1, upon a cdrom disc beingnetbios-ssn/tcp/192.168.10.70/139
Ensure
netbios-ssn/tcp/192.168.10.70/139
Ensure
already exist.
_x000D_
already exist.
Then set
_x000D_ the Audit Account Logon Events policy
netbios-ssn/tcp/192.168.10.70/139
already exist.
_x000D_
This key may
security created
netbios-ssn/tcp/192.168.10.70/139
This key
netbios-ssn/tcp/192.168.10.70/139
already exist.
already exist.
already exist.
already exist.
Set the
already exist.
already exist.
Failure.
This key
netbios-ssn/tcp/192.168.10.70/139
already exist.
already exist.
_x000D_ Users.
SetRemove
4) the AuditthePolicy
groupChange
memberspolicy to audit netbios-ssn/tcp/192.168.10.70/139
listed_x000D_ on Success.
9. Add or remove groups as necessary_x000D_ netbios-ssn/tcp/192.168.10.70/139
10. Click
9. Add orApply,
remove then click OK names as necessary_x000D_
Set the
_x000D_ "Change the system time" policy to netbios-ssn/tcp/192.168.10.70/139
Administrators.
already exist.
already exist.
_x000D_
already exist.
already exist.
already exist.
_x000D_
already exist.
already exist.
already exist.
_x000D_
Otherwise,
Consult
_x000D_ the organizational policy to dete netbios-ssn/tcp/192.168.10.70/139
already exist.
_x000D_ on Success.
Set the
Set theor
9. Add "Restore
removefiles andas
groups directories" policy
necessary_x000D_ netbios-ssn/tcp/192.168.10.70/139
to Administrators.
This key
netbios-ssn/tcp/192.168.10.70/139
already exist.
already exist.
already exist.
already exist.
Set the
_x000D_ "Log on locally" policy to Users and netbios-ssn/tcp/192.168.10.70/139
Administrators.
already exist.
already exist.
already exist.
Otherwise,
Otherwise,
already exist.
Set
9. Add or remove groups as necessary_x000D_ and Administrators.
the "Shut down the system" policy to Users
netbios-ssn/tcp/192.168.10.70/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.70/139
already exist.
Set the "Access this computer from the network" netbios-ssn/tcp/192.168.10.70/139
1026/TCP._x000D_
loc-srv/tcp/192.168.10.70/135
netbios-ssn/tcp/192.168.10.70/139
Disable
Ensure
Ensure that this policy setting is consistent
with thepatch
requirements
or updateof(04/25/2014)._x000D_
netbios-ssn/tcp/192.168.10.70/139
e
netbios-ssn/tcp/192.168.10.70/139
Informational
_x000D_ script to display all detecte netbios-ssn/tcp/192.168.10.70/139
Administrators may want to terminate sessio netbios-ssn/tcp/192.168.10.70/139
Ensure
netbios-ssn/tcp/192.168.10.70/139
Verify
Ensurethat
thatthe
thisEveryone groupisisconsistent
policy setting allowed netbios-ssn/tcp/192.168.10.70/139
netbios-ssn/tcp/192.168.10.70/139
netbios-ssn/tcp/192.168.10.70/139
Ensure
Ensure that the
The Default Valueprograms under the isHKEY
for WarningLevel netbios-ssn/tcp/192.168.10.70/139
0. Set this value to 90 to ensure warnings are generated._x000D_
Ensure
already exist.
Accounts
http://technet.microsoft.com/security/bulletin/ms11-066
netbios-ssn/tcp/192.168.10.70/139
McAfee
To modifyis currently unaware
this setting, changeofthe
a vendor-snetbios-ssn/tcp/192.168.10.70/139
netbios-ssn/tcp/192.168.10.70/139
netbios-ssn/tcp/192.168.10.70/139
McAfee
o
Ensure
_x000D_ that Microsoft NetBIOS complies witnetbios-ns/udp/192.168.10.70/137
Ensure
_x000D_ http/tcp/192.168.10.70/80
the banner.
http/tcp/192.168.10.70/80
for Microsoft IIS.
Ensure
Name" setting.
_x000D_ http/tcp/192.168.10.70/80
netbios-ns/udp/192.168.10.87/137
Contact the operating system vendor for hardening steps specific to the operating system.
Disable
netbios-ssn/tcp/192.168.10.87/139
Ensure
netbios-ssn/tcp/192.168.10.87/139
Ensure
_x000D_ that the maximum log size detectednetbios-ssn/tcp/192.168.10.87/139
Ensure
netbios-ssn/tcp/192.168.10.87/139
Ensure
netbios-ssn/tcp/192.168.10.87/139
Disable
netbios-ssn/tcp/192.168.10.87/139
Ensure
This key may need to be created if it does notnetbios-ssn/tcp/192.168.10.87/139
already exist.
_x000D_
already exist.
Otherwise,
already exist.
_x000D_
already exist.
This key may
security created
netbios-ssn/tcp/192.168.10.87/139
10. Click
already exist.
already exist.
Failure.
_x000D_
_x000D_ on Success.
Set the
_x000D_ Audit Policy Change policy to audit netbios-ssn/tcp/192.168.10.87/139
on Success.
already exist.
_x000D_
This key
netbios-ssn/tcp/192.168.10.87/139
already exist.
Otherwise,
Then
9. Addset
orthe Auditgroups
remove Objectas Access policy to audit
10. Click Apply, then click OK netbios-ssn/tcp/192.168.10.87/139
Consult
already exist.
Set the
netbios-ssn/tcp/192.168.10.87/139
to Administrators.
already exist.
Otherwise,
already exist.
This key
netbios-ssn/tcp/192.168.10.87/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.87/139
already exist.
already exist.
already exist.
and Administrators.
This
9. keyormay
Add needgroups
already exist.
10. Click
already exist.
_x000D_
already exist.
Otherwise,
already exist.
This key
netbios-ssn/tcp/192.168.10.87/139
already exist.
already exist.
already exist.
Set the
_x000D_ "Backup files and directories" policynetbios-ssn/tcp/192.168.10.87/139
to Administrators.
already exist.
already exist.
SetAdd
9. theor
"Bypass
remove traverse
groupschecking" policy tonetbios-ssn/tcp/192.168.10.87/139
as necessary_x000D_ Users.
10. Click
already exist.
already exist.
already exist.
Set the
_x000D_ "Deny access to this computer from netbios-ssn/tcp/192.168.10.87/139
already exist.
already exist.
Review
already exist.
loc-srv/tcp/192.168.10.87/135
Ensure
This thathas
patch MSRPC
beencomplies
superseded withbyorganizat loc-srv/tcp/192.168.10.87/135
MS14-015_x000D_
http://technet.microsoft.com/security/bulletin/MS14-015 netbios-ssn/tcp/192.168.10.87/139
McAfee
_x000D_Avert Labs is not aware of a vendonetbios-ssn/tcp/192.168.10.87/139
Ensure
To modifyexisting local groups
this setting, change arethe
necessary netbios-ssn/tcp/192.168.10.87/139
"ScreenSaverGracePeriod" value under the "System\Software\Microsoft\Windows NT\Curr
netbios-ssn/tcp/192.168.10.87/139
Informational
This patch hasscript
been to display allby
superseded detecte netbios-ssn/tcp/192.168.10.87/139
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.87/139
McAfee
has been unaware
superseded of abyvendor-snetbios-ssn/tcp/192.168.10.87/139
MS14-015_x000D_
http://technet.microsoft.com/security/bulletin/MS14-015 netbios-ssn/tcp/192.168.10.87/139
_x000D_
Ensure
netbios-ssn/tcp/192.168.10.87/139
McAfee
This key may need to be created if it does
This patch has been superseded by MS13-063_x000D_not
netbios-ssn/tcp/192.168.10.87/139
already exist.
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
Accounts added to the Administrators
The Default Value for WarningLevel is 0. Set group
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
Ensure thathas
This patch thisbeen
policy setting is consisten
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.87/139
Ensure
_x000D_ that Internet Explorer Enhanced Sec
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
Verify that the Everyone group is allowed
McAfee
Computer
This patch Configuration\Windows
has been superseded by Settings\Security
netbios-ssn/tcp/192.168.10.87/139
MS14-015_x000D_ Settings\Interactive logon: Do not display last user name
netbios-ssn/tcp/192.168.10.87/139
Ensure thathas
This patch McAfee VirusScan Enterprise
been superseded an
netbios-ssn/tcp/192.168.10.87/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.87/139
Ensure
_x000D_ that the list of VMware images comp netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
Please ensure
This patch has the
been permissions
supersededassigned to nt etbios-ssn/tcp/192.168.10.87/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.87/139
Enable Internet
This patch Explorer
has been Enhanced
superseded by Security netbios-ssn/tcp/192.168.10.87/139
MS14-015_x000D_
Passwords
e
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
On
ThisIE6,
patchMcAfee is currently
has been unware
superseded of a vendor
netbios-ssn/tcp/192.168.10.87/139
by MS14-015_x000D_ supplied patch or update (2013/07/18).
netbios-ssn/tcp/192.168.10.87/139
Determine whether Microsoft Internet
http://www.microsoft.com/net/download_x000D_ Inform
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
Keep McAfee VirusScan up to date.
netbios-ssn/tcp/192.168.10.87/139
Ensure thathas
This patch only allowed
been users have
superseded a usernetbios-ssn/tcp/192.168.10.87/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.87/139
McAfee
has been unaware of abyvendor-snetbios-ssn/tcp/192.168.10.87/139
http://www.microsoft.com
Ensure that this policy setting
For more information see,_x000D_ is consistent netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
_x000D_
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
If the
_x000D_DNS configuration is not in accordan netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
McAfee
has been unaware of abyvendor-snetbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
netbios-ssn/tcp/192.168.10.87/139
o
Disable
_x000D_ ICMP reply via modify registory.
Close
http/tcp/192.168.10.87/80
the banner.
Ensure
_x000D_ that web server complies with organ http/tcp/192.168.10.87/80
netbios-ns/udp/192.168.10.94/137
_x000D_
https/tcp/192.168.10.94/443
Ensure
netbios-ssn/tcp/192.168.10.94/139
Disable
netbios-ssn/tcp/192.168.10.94/139
Disable
netbios-ssn/tcp/192.168.10.94/139
Ensure
_x000D_ that this setting is consistent with netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
Ensure
Ensure
netbios-ssn/tcp/192.168.10.94/139
Ensure
http://httpd.apache.org/docs/2.4/ssl/ssl_howto.html_x000D_ loaded into the drive, the system will attempt to run a program on the disc imm
_x000D_ https/tcp/192.168.10.94/443
ForAdd
9. other web servers
or remove groupsplease contact the web
as necessary_x000D_ https/tcp/192.168.10.94/443
server vendor documentation for configuration details.
10. Click
already exist.
Otherwise,
Set the "Allow
4) Remove the logon
groupthrough
members Terminal Services"
listed_x000D_ netbios-ssn/tcp/192.168.10.94/139
to Administrators.
Otherwise,
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.94/139
already exist.
already exist.
_x000D_
already exist.
Set the "Backup files and directories"
9. Adjust this security option as necessary_x000D_policy
netbios-ssn/tcp/192.168.10.94/139
to Administrators.
and Administrators.
already exist.
Set the
netbios-ssn/tcp/192.168.10.94/139
Failure.
already exist.
This key
netbios-ssn/tcp/192.168.10.94/139
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.94/139
already exist.
already exist.
already exist.
_x000D_
Consult
Then set the Audit Account Logon Events policy netbios-ssn/tcp/192.168.10.94/139
Review
n etbios-ssn/tcp/192.168.10.94/139
already exist.
already exist.
This key
not already exist.
already exist.
already exist.
To modify
_x000D_ on Success.
This keyormay
9. Add needgroups
already exist.
You can
_x000D_ configure this setting by opening netbios-ssn/tcp/192.168.10.94/139
already exist.
_x000D_ Users.
already exist.
Otherwise,
netbios-ssn/tcp/192.168.10.94/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.94/139
already exist.
This keyormay
9. Add needgroups
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.94/139
already exist.
_x000D_
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.94/139
already exist.
already exist.
You can
on Success.
1026/TCP._x000D_
loc-srv/tcp/192.168.10.94/135
Review X.509 certificate fields and verify thhttps/tcp/192.168.10.94/443
Ensure
_x000D_ that SSL complies with organizationa https/tcp/192.168.10.94/443
You can configure
To modify this setting
this setting, changebytheopening tnetbios-ssn/tcp/192.168.10.94/139
"NtfsDisable8dot3NameCreation" value under the "System\CurrentControlSet\Control\FileS
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
e
McAfee
This
This key
patchmay
hasneed
beentosuperseded
be created by
if itMS14-015_x000D_
does not
netbios-ssn/tcp/192.168.10.94/139
already exist.
netbios-ssn/tcp/192.168.10.94/139
McAfee
This is currently
patch has been unaware
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.94/139
Ensure thathas
This patch thebeen
computer role complies
superseded witnetbios-ssn/tcp/192.168.10.94/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.94/139
Enable Internet
This patch Explorer
has been Enhanced
superseded by Security netbios-ssn/tcp/192.168.10.94/139
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
McAfee
This is currently
patch has been unaware
MS13-033_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
Please
_x000D_ ensure the permissions assigned to nt etbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
McAfee
has been unaware
MS13-082_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
Ensure thathas
This patch Internet Explorer Enhanced
been superseded Secnetbios-ssn/tcp/192.168.10.94/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
Set
Thisthe "Password
patch has beenMust Meet Complexity
superseded Re
netbios-ssn/tcp/192.168.10.94/139
by MS13-063_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
_x000D_
netbios-ssn/tcp/192.168.10.94/139
http://support.microsoft.com/kb/2524375_x000D_ netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
Ensure
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
McAfee is currently unaware
For more information see,_x000D_ of a vendor-snetbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
http://www.microsoft.com/technet/security/advisory/2607712.mspx_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
Determine whether
This patch has been Microsoft
superseded Internet Inform
netbios-ssn/tcp/192.168.10.94/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
McAfee is not
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
Informational
MS13-082_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
McAfee is currently
MS13-063_x000D_
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
McAfee
_x000D_ is not aware of a vendor-supplied pnetbios-ssn/tcp/192.168.10.94/139
Ensure
netbios-ssn/tcp/192.168.10.94/139
netbios-ssn/tcp/192.168.10.94/139
o
_x000D_
Disable
https/tcp/192.168.10.94/443
Ensure
_x000D_ that the list of file extension handl https/tcp/192.168.10.94/443
_x000D_ http/tcp/192.168.10.94/80
the banner.
http/tcp/192.168.10.94/80
Note: It is advised to enforce NTLM authentication for Microsoft IIS.
Ensure
Note: After backing up MSADC virtual directory,
_x000D_ http/tcp/192.168.10.94/80
it is advised to rename or delete this directory.
Note: It
_x000D_ is advised to delete the Printers virtual
http/tcp/192.168.10.94/80
directory.
Note: It is advised to delete scripts virtual directory.
http/tcp/192.168.10.94/80
_x000D_ https/tcp/192.168.10.94/443
netbios-ns/udp/192.168.10.58/137
Ensure
netbios-ssn/tcp/192.168.10.58/139
Ensure
netbios-ssn/tcp/192.168.10.58/139
Ensure
Ensure
netbios-ssn/tcp/192.168.10.58/139
Ensure
netbios-ssn/tcp/192.168.10.58/139
The default administration account should netbios-ssn/tcp/192.168.10.58/139
Ensure
Otherwise,
already exist.
This key
not already exist.
already exist.
already exist.
Then
4) set thethe
Remove Audit
groupAccount
membersLogon Events policy
netbios-ssn/tcp/192.168.10.58/139
9. Adjust this security option as necessary_x000D_
_x000D_
already exist.
Set the
_x000D_ "Change the system time" policy tonetbios-ssn/tcp/192.168.10.58/139
Administrators.
already exist.
Otherwise,
This key
netbios-ssn/tcp/192.168.10.58/139
already exist.
_x000D_ on Success.
already exist.
This key
netbios-ssn/tcp/192.168.10.58/139
already exist.
already exist.
already exist.
To modify
9. Add this setting,
or remove changenames
subsystem the "Perfo netbios-ssn/tcp/192.168.10.58/139
as necessary_x000D_
10. Click
already exist.
already exist.
_x000D_ Users.
This
netbios-ssn/tcp/192.168.10.58/139
already exist.
Review
n etbios-ssn/tcp/192.168.10.58/139
already exist.
already exist.
to Administrators.
_x000D_
Then
_x000D_set the Audit Logon Events policy to audit
netbios-ssn/tcp/192.168.10.58/139
Otherwise,
already exist.
This key
netbios-ssn/tcp/192.168.10.58/139
already exist.
already exist.
already exist.
Otherwise,
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.58/139
already exist.
Set the "Force shutdown from a remote system"
already exist.
_x000D_
_x000D_ on Success.
Failure.
already exist.
_x000D_
and Administrators.
already exist.
3. View the subkeys. netbios-ssn/tcp/192.168.10.58/139
9. Adjust this audit policy value as necessary_x000D_
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.58/139
already exist.
already exist.
If the Administrator account is a valid ad netbios-ssn/tcp/192.168.10.58/139
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.58/139
already exist.
Set the "Remove computer from docking station" netbios-ssn/tcp/192.168.10.58/139
1026/TCP._x000D_
_x000D_ loc-srv/tcp/192.168.10.58/135
http://www.adobe.com/support/security/bulletins/apsb10-12.html
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
_x000D_
Ensure
http://get.adobe.com/air/ netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
already exist.
http://get.adobe.com/flashplayer/ netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
If the
_x000D_DNS configuration is not in accordan netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
_x000D_
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Administrators may want
Download the latest to terminate
version sessio
of Adobe Flashnetbios-ssn/tcp/192.168.10.58/139
http://get.adobe.com/flashplayer
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
On IE6, McAfee is currently unware of a vendor
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Passwords
e
netbios-ssn/tcp/192.168.10.58/139
_x000D_
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
McAfee
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
http://get.adobe.com/flashplayer/ netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Disable administrative
Ensure that shares that
this policy setting are not netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
http://www.adobe.com/support/security/bulletins/apsb11-27.html_x000D_
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Windows XP: http://www.microsoft.com/download/details.aspx?id=7208_x000D_
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
McAfee
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
e
netbios-ssn/tcp/192.168.10.58/139
Ensure thathas
This patch thisbeen
by MS14-018_x000D_
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
_x000D_
netbios-ssn/tcp/192.168.10.58/139
McAfee
Ensure
netbios-ssn/tcp/192.168.10.58/139
McAfee
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
However,
_x000D_ McAfee is not aware of a patch for netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Remove
This patchunneeded
has beenuser accounts.
by MS14-018_x000D_
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
_x000D_
Ensure
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Please
_x000D_ensure the permissions assigned to nt etbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
McAfee
http://get.adobe.com/air/
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Ensure
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
_x000D_
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Upgrade Adobe Shockwave Player to versionnetbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Set the
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
http://get.adobe.com/shockwave/
netbios-ssn/tcp/192.168.10.58/139
Ensure that McAfee VirusScan Enterprise annetbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html_x000D_
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
Upgrade Adobe Shockwave Player to version netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
netbios-ssn/tcp/192.168.10.58/139
o
Disable
Disable this service unless the functionali microsoft-ds/tcp/192.168.10.114/445
Identify and disable unnecessary services umicrosoft-ds/tcp/192.168.10.114/445
Ensure that this policy setting is consisten microsoft-ds/tcp/192.168.10.114/445
Ensure
_x000D_ that this policy setting is consisten microsoft-ds/tcp/192.168.10.114/445
microsoft-ds/tcp/192.168.10.114/445
Ensure that the installed version of ADO is microsoft-ds/tcp/192.168.10.114/445
_x000D_
You can configure this setting by opening tmicrosoft-ds/tcp/192.168.10.114/445
_x000D_
If AutoReboot
_x000D_ is set to 1, after a blue screen,
If Autorun is set to 1, upon a cdrom disc beingmicrosoft-ds/tcp/192.168.10.114/445
To modify this setting, change the "Hidde microsoft-ds/tcp/192.168.10.114/445
Disable
_x000D_this service unless the functionali microsoft-ds/tcp/192.168.10.114/445
The default guest account should be rename microsoft-ds/tcp/192.168.10.114/445
Ensure that the maximum log size detectedmicrosoft-ds/tcp/192.168.10.114/445
Ensure that this setting is expected and co microsoft-ds/tcp/192.168.10.114/445
Ensure the service setting meet your enterpmicrosoft-ds/tcp/192.168.10.114/445
Ensure that this setting is consistent with microsoft-ds/tcp/192.168.10.114/445
Disable ICMP redirects by setting the valuemicrosoft-ds/tcp/192.168.10.114/445
Ensure
Ensure that this policy setting is consist microsoft-ds/tcp/192.168.10.114/445
Ensure that
remove settingnames
subsystem is consisten microsoft-ds/tcp/192.168.10.114/445
as necessary_x000D_
10. Click
_x000D_ Apply, then click OK microsoft-ds/tcp/192.168.10.114/445
_x000D_ microsoft-ds/tcp/192.168.10.114/445
Set the "Generate security audits" policy tomicrosoft-ds/tcp/192.168.10.114/445
_x000D_ Local Service and Network Service.
Set the
_x000D_ "Log on locally" policy to Users and microsoft-ds/tcp/192.168.10.114/445
Administrators.
already exist.
already exist.
Set the "Profile system performance" policymicrosoft-ds/tcp/192.168.10.114/445
Otherwise,
_x000D_ if file permissions do not comply microsoft-ds/tcp/192.168.10.114/445
This key may need to be created if it does not microsoft-ds/tcp/192.168.10.114/445
already exist.
To modify this setting, change the "NoNa microsoft-ds/tcp/192.168.10.114/445
_x000D_
Set the Audit Policy Change policy to audit microsoft-ds/tcp/192.168.10.114/445
_x000D_ on Success.
This key
already exist.
to Administrators.
Set the "Backup files and directories" policymicrosoft-ds/tcp/192.168.10.114/445
to Administrators.
Review
_x000D_report output to determine if any inmicrosoft-ds/tcp/192.168.10.114/445
already exist.
already exist.
Set the "Bypass traverse checking" policy tomicrosoft-ds/tcp/192.168.10.114/445
_x000D_ Users.
This key
already exist.
already exist.
This keyormay
9. Add needgroups
as necessary_x000D_ microsoft-ds/tcp/192.168.10.114/445
already exist.
Set the
and Administrators.
already exist.
This key may
4) Remove theneed
groupto members
be createdlisted_x000D_
if it does not
already exist.
This key
already exist.
Otherwise,
_x000D_ if this is a valid policy violation, microsoft-ds/tcp/192.168.10.114/445
Set the "Log on as service" policy to None. microsoft-ds/tcp/192.168.10.114/445
_x000D_
already exist.
Failure.
already exist.
This key
already exist.
already exist.
To modify this setting, change the "Auto microsoft-ds/tcp/192.168.10.114/445
_x000D_
already exist.
You
9. canorconfigure
Add this setting
remove groups by opening tmicrosoft-ds/tcp/192.168.10.114/445
as necessary_x000D_
10. Click
This keyormay
9. Add needgroups
already exist.
10. Click Apply, then click OK microsoft-ds/tcp/192.168.10.114/445
_x000D_
Then
9. Addsetorthe
removeAuditgroups
Account as Management
necessary_x000D_ policy
This key
already exist.
already exist.
already exist.
Then
_x000D_set the Audit Logon Events policy to audit microsoft-ds/tcp/192.168.10.114/445
Set the
_x000D_ Audit System Events policy to auditmicrosoft-ds/tcp/192.168.10.114/445
on Success.
already exist.
already exist.
Set the "Allow logon through Terminal Services" microsoft-ds/tcp/192.168.10.114/445
To modify
_x000D_ this setting, change the "Perfo microsoft-ds/tcp/192.168.10.114/445
This key may
9. Adjust this need
securityto be created
Otherwise,
_x000D_ if file permissions do not complymicrosoft-ds/tcp/192.168.10.114/445
Otherwise, if registry key permissions do not microsoft-ds/tcp/192.168.10.114/445
Consult
_x000D_the organizational policy to dete microsoft-ds/tcp/192.168.10.114/445
already exist.
This key
already exist.
already exist.
Set the "Change the system time" policy tomicrosoft-ds/tcp/192.168.10.114/445
already exist.
This key
already exist.
already exist.
This
McAfeekey is
may need tounaware
currently be created
of aifvendor-supplied
it does not
already exist.
For more information see,_x000D_ microsoft-ds/tcp/192.168.10.114/445
Determine whether Microsoft Internet Inform microsoft-ds/tcp/192.168.10.114/445
Disable administrative shares that are not microsoft-ds/tcp/192.168.10.114/445
If the hosts file configuration is not in ac microsoft-ds/tcp/192.168.10.114/445
Ensure existing local groups are necessary microsoft-ds/tcp/192.168.10.114/445
Informational
McAfee is currentlyscript unaware
to displayofalla detecte microsoft-ds/tcp/192.168.10.114/445
Ensure that this policy setting is consistent microsoft-ds/tcp/192.168.10.114/445
Review report output to determine if any inmicrosoft-ds/tcp/192.168.10.114/445
Accounts
_x000D_ added to the Administrators group microsoft-ds/tcp/192.168.10.114/445
Ensure that this policy setting is consistent
The Default Value for WarningLevel is 0. Set microsoft-ds/tcp/192.168.10.114/445
with
thisthe requirements
value of your
to 90 to ensure enterprise
warnings security policy.
are generated._x000D_
Ensure
Note: We that this policy setting
recommend users toisrefer
consisten microsoft-ds/tcp/192.168.10.114/445
the vendor documentation to know the exact steps specific to the operating system._x00
already exist.
Ensure that only allowed users have a usermicrosoft-ds/tcp/192.168.10.114/445
Ensure that this policy setting is consistent with the requirements of your enterprise security policy._x000D_
Passwords should have expiration times tomicrosoft-ds/tcp/192.168.10.114/445
e
Remove Wireshark or Ethereal from machine microsoft-ds/tcp/192.168.10.114/445
Ensure that Internet Explorer Enhanced Secmicrosoft-ds/tcp/192.168.10.114/445
Search for file with particular attributes onmicrosoft-ds/tcp/192.168.10.114/445
If the DNS configuration is not in accordan microsoft-ds/tcp/192.168.10.114/445
Ensure that host's domain or workgroup mmicrosoft-ds/tcp/192.168.10.114/445
Ensure
Ensure that
that the
this programs under
policy setting the HKEY microsoft-ds/tcp/192.168.10.114/445
Ensure that the computer role complies witmicrosoft-ds/tcp/192.168.10.114/445
Ensure
To modifythatthis
McAfee VirusScan
setting, Enterprise
change the an
Keep McAfee VirusScan up to date. microsoft-ds/tcp/192.168.10.114/445
McAfee is not aware of a vendor-supplied p
Note: Blocking access for MVM to both TCPmicrosoft-ds/tcp/192.168.10.114/445
Ensure that Microsoft Windows complies wi microsoft-ds/tcp/192.168.10.114/445
1026/TCP._x000D_ microsoft-ds/tcp/192.168.10.114/445
loc-srv/tcp/192.168.10.114/135
Ensure that XMPP service complies with the unknown/tcp/192.168.10.114/5269
Ensure
_x000D_ that TLS/SSL Server and the SSL certhttps/tcp/192.168.10.114/7443
Ensure
http://technet.microsoft.com/en-us/library/cc732713.aspx
ms-term-service/tcp/192.168.10.114/3389
Close
https/tcp/192.168.10.114/7443
Install properly signed TLS/SSL X.509 certif https/tcp/192.168.10.114/7443
Ensure
Note:
_x000D_Conceal the IIS Server status by modifyinghttp/tcp/192.168.10.114/80
the banner.
http/tcp/192.168.10.114/80
for Microsoft IIS.
Ensure
Name" setting.
Ensure that web server complies with corpo http/tcp/192.168.10.114/80;http/tcp/192.168.10.114/7070;http/tcp/192.168.10.11
Ensure that crossdomain.xml policy file com http/tcp/192.168.10.114/7070;https/tcp/192.168.10.114/7443
Ensure that web server complies with organ http/tcp/192.168.10.114/80;http/tcp/192.168.10.114/7070;http/tcp/192.168.10.11
_x000D_
netbios-ns/udp/192.168.10.76/137
Ensure
netbios-ssn/tcp/192.168.10.76/139
Ensure
netbios-ssn/tcp/192.168.10.76/139
Disable
http://windowsupdate.microsoft.com netbios-ssn/tcp/192.168.10.76/139
Ensure
netbios-ssn/tcp/192.168.10.76/139
_x000D_
netbios-ssn/tcp/192.168.10.76/139
Ensure
netbios-ssn/tcp/192.168.10.76/139
Disable
Otherwise,
already exist.
Set the
_x000D_ "Bypass traverse checking" policy to
netbios-ssn/tcp/192.168.10.76/139
Users.
to Administrators.
_x000D_ on Success.
netbios-ssn/tcp/192.168.10.76/139
To modify
already exist.
already exist.
Set the Audit Privilege Use policy to
4) Remove the group members listed_x000D_ audit on
netbios-ssn/tcp/192.168.10.76/139
Failure.
netbios-ssn/tcp/192.168.10.76/139
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.76/139
already exist.
already exist.
_x000D_
already exist.
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.76/139
already exist.
already exist.
Set theor
9. Add "Profile
remove system
groups performance" policynetbios-ssn/tcp/192.168.10.76/139
as necessary_x000D_ to Administrators.
10. Click
Review
already exist.
already exist.
Set the
netbios-ssn/tcp/192.168.10.76/139
and Administrators.
already exist.
already exist.
_x000D_
already exist.
Otherwise,
This key
netbios-ssn/tcp/192.168.10.76/139
already exist.
_x000D_ on Success.
already exist.
You canorconfigure
9. Add this setting
remove groups by opening tnetbios-ssn/tcp/192.168.10.76/139
as necessary_x000D_
10. Click
9. Add orApply,
removethen click OK names as necessary_x000D_
Then set
_x000D_ the Audit Object Access policy to netbios-ssn/tcp/192.168.10.76/139
audit Success and Failure.
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.76/139
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.76/139
already exist.
This key may
security created
netbios-ssn/tcp/192.168.10.76/139
Set the
_x000D_ "Change the system time" policy to netbios-ssn/tcp/192.168.10.76/139
Administrators.
Set the "Generate security audits" policy tonetbios-ssn/tcp/192.168.10.76/139
already exist.
This
9. keyormay
Add needgroups
already exist.
Consult
already exist.
This key
netbios-ssn/tcp/192.168.10.76/139
already exist.
This keyormay
9. Add needgroups
already exist.
already exist.
loc-srv/tcp/192.168.10.76/135
Ensure thathas
This patch MSRPC
beencomplies
superseded withbyorganizat loc-srv/tcp/192.168.10.76/135
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
Ensure
This thathas
patch thebeen
programs under by
superseded theMS13-082_x000D_
HKEY netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
McAfee
This patchis not
has aware of a vendor-supplied
by MS13-065_x000D_
netbios-ssn/tcp/192.168.10.76/139
_x000D_
netbios-ssn/tcp/192.168.10.76/139
Determine whether
netbios-ssn/tcp/192.168.10.76/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
Passwords should
This patch has beenhave expiration
superseded bytimes tonetbios-ssn/tcp/192.168.10.76/139
e
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.76/139
Ensure
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
McAfee Avert
This patch has Labs
beenissuperseded
not aware of byaMS14-015_x000D_
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
https://technet.microsoft.com/en-us/security/bulletin/ms13-050
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
Ensure thathas
been superseded an
netbios-ssn/tcp/192.168.10.76/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
http://windows.microsoft.com/en-US/windows/home
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
Search for file with particular attributes onnetbios-ssn/tcp/192.168.10.76/139
McAfee
For moreAvert Labs is not
information aware of a vendonetbios-ssn/tcp/192.168.10.76/139
see,_x000D_
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
Accounts
already exist.
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
Ensure thathas
This patch host's domain
been or workgroup
superseded mnetbios-ssn/tcp/192.168.10.76/139
by MS14-015_x000D_
To netbios-ssn/tcp/192.168.10.76/139
modify this setting, change the "NtfsDisable8dot3NameCreation" value under the "System\CurrentControlSet\Control\FileS
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
Ensure that this
The Default Valuepolicy setting is consistent
with
is 0. Set thisthe requirements
value of your
to 90 to ensure enterprise
warnings security policy.
are generated._x000D_
netbios-ssn/tcp/192.168.10.76/139
Ensure thathas
This patch thisbeen
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
_x000D_
netbios-ssn/tcp/192.168.10.76/139
Ensure that the computer role complies wit
Ensure
This thathas
patch thisbeen
by MS13-082_x000D_
netbios-ssn/tcp/192.168.10.76/139
Ensure
netbios-ssn/tcp/192.168.10.76/139
_x000D_
Ensure
Ensure that
that this
this policy
policy setting
setting is
is consistent
with
with the
the requirements
requirements ofof your
your enterprise
enterprise security
security policy.
policy._x000D_
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
McAfee is currently
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
netbios-ssn/tcp/192.168.10.76/139
McAfee is currently
netbios-ssn/tcp/192.168.10.76/139
o
Ensure
Note: Conceal
_x000D_ the IIS Server status by modifying
http/tcp/192.168.10.76/80
the banner.
http/tcp/192.168.10.76/80
for Microsoft IIS.
_x000D_
Name" setting.
Ensure that web server complies with corpo http/tcp/192.168.10.76/80
Ensure
netbios-ns/udp/192.168.10.64/137
Disable
http/tcp/192.168.10.64/80
Disable
netbios-ssn/tcp/192.168.10.64/139
Ensure
netbios-ssn/tcp/192.168.10.64/139
Ensure
_x000D_
Ensure
netbios-ssn/tcp/192.168.10.64/139
Ensure
_x000D_ that this policy setting is consist netbios-ssn/tcp/192.168.10.64/139
Ensure
to Administrators.
Otherwise,
already exist.
Then
netbios-ssn/tcp/192.168.10.64/139
already exist.
already exist.
already exist.
netbios-ssn/tcp/192.168.10.64/139
already exist.
already exist.
already exist.
on Success.
To modify
already exist.
Disable
_x000D_
_x000D_
already exist.
already exist.
Set the
already exist.
already exist.
already exist.
Disable
already exist.
already exist.
This key
not already exist.
already exist.
_x000D_
This key may
security created
netbios-ssn/tcp/192.168.10.64/139
_x000D_
already exist.
Otherwise,
netbios-ssn/tcp/192.168.10.64/139
already exist.
This keyormay
9. Add needgroups
already exist.
This key
netbios-ssn/tcp/192.168.10.64/139
already exist.
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.64/139
already exist.
Set theor
9. Add "Shut down
remove the system"
groups policy to Users
and Administrators.
Set the
Administrators.
already exist.
_x000D_ Users.
This
netbios-ssn/tcp/192.168.10.64/139
_x000D_ on Success.
Otherwise,
This keyormay
9. Add needgroups
already exist.
_x000D_
Review
already exist.
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.64/139
already exist.
already exist.
Ensure that SMTP server complies with orga
1026/TCP._x000D_ smtp/tcp/192.168.10.64/25
loc-srv/tcp/192.168.10.64/135
McAfee is currently unaware of any fix or netbios-ssn/tcp/192.168.10.64/139
Verify
_x000D_ that the Everyone group is allowed netbios-ssn/tcp/192.168.10.64/139
_x000D_
already exist.
_x000D_
Ensure
http://java.sun.com/javase/downloads/index.jsp netbios-ssn/tcp/192.168.10.64/139
e
netbios-ssn/tcp/192.168.10.64/139
Please
_x000D_
netbios-ssn/tcp/192.168.10.64/139
netbios-ssn/tcp/192.168.10.64/139
netbios-ssn/tcp/192.168.10.64/139
_x000D_
netbios-ssn/tcp/192.168.10.64/139
To modify this setting, change the "EnableICMPRedirect" Settings\Interactive
value under thelogon: Do not display last user name
"System\CurrentControlSet\Services\Tcpip\Paramet
netbios-ssn/tcp/192.168.10.64/139
Determine whether Microsoft Internet Inform
netbios-ssn/tcp/192.168.10.64/139
Enable
Ensure
Accounts added to thesee,_x000D_
For more information Administrators group netbios-ssn/tcp/192.168.10.64/139
netbios-ssn/tcp/192.168.10.64/139
netbios-ssn/tcp/192.168.10.64/139
Ensure
McAfeethat the list of
is currently VMwareofimages
unaware compnetbios-ssn/tcp/192.168.10.64/139
netbios-ssn/tcp/192.168.10.64/139
netbios-ssn/tcp/192.168.10.64/139
McAfee
netbios-ssn/tcp/192.168.10.64/139
Keep
EnsureMcAfee VirusScan
that this up to is
policy setting date.
netbios-ssn/tcp/192.168.10.64/139
netbios-ssn/tcp/192.168.10.64/139
Informational
modify this setting, change the "ScreenSaverGracePeriod" value under the "System\Software\Microsoft\Windows NT\Curr
netbios-ssn/tcp/192.168.10.64/139
netbios-ssn/tcp/192.168.10.64/139
Disable
o
Disable
Ensure
Note: Conceal
_x000D_ the IIS Server status by modifying
http/tcp/192.168.10.64/80;http/tcp/192.168.10.64/8099
the banner.
http/tcp/192.168.10.64/80;http/tcp/192.168.10.64/8099
for Microsoft IIS.
Ensure that Microsoft IIS complies with thehttp/tcp/192.168.10.64/80;http/tcp/192.168.10.64/8099
Ensure
Note: It is advised to enable "Use Host Header
_x000D_ http/tcp/192.168.10.64/80
Name" setting.
_x000D_ http/tcp/192.168.10.64/8099
Note: It is advised to delete the Printers virtual
_x000D_ http/tcp/192.168.10.64/8099
directory.
http/tcp/192.168.10.64/8099
Ensure that Microsoft IIS complies with orghttp/tcp/192.168.10.64/80;http/tcp/192.168.10.64/8099
Ensure that WebDAV complies with organiza
http/tcp/192.168.10.64/80
_x000D_ http/tcp/192.168.10.64/80
netbios-ns/udp/192.168.10.19/137
Disable
http/tcp/192.168.10.19/80
_x000D_
netbios-ssn/tcp/192.168.10.19/139
Ensure
netbios-ssn/tcp/192.168.10.19/139
Disable
Ensure
netbios-ssn/tcp/192.168.10.19/139
Ensure
netbios-ssn/tcp/192.168.10.19/139
Disable
netbios-ssn/tcp/192.168.10.19/139
_x000D_
Set theor
9. Add "Profile
remove single
groupsprocess" policy to Administrators.
already exist.
Consult
Set the
This key may
4) Remove theneed
groupto members
be createdlisted_x000D_
if it does not
netbios-ssn/tcp/192.168.10.19/139
already exist.
Set the
netbios-ssn/tcp/192.168.10.19/139
This key may
security created
netbios-ssn/tcp/192.168.10.19/139
This key
netbios-ssn/tcp/192.168.10.19/139
already exist.
already exist.
already exist.
To correct
_x000D_ this policy violation remove unwanted
netbios-ssn/tcp/192.168.10.19/139
already exist.
This key
netbios-ssn/tcp/192.168.10.19/139
already exist.
already exist.
already exist.
already exist.
already exist.
Review
Then set
_x000D_ the Audit Account Management policy
netbios-ssn/tcp/192.168.10.19/139
Otherwise,
Failure.
Users.
To modify
already exist.
already exist.
_x000D_
to Administrators.
_x000D_
on Success.
_x000D_
Otherwise, if this isgroups
9. Add or remove a validaspolicy violation, netbios-ssn/tcp/192.168.10.19/139
necessary_x000D_ logon to the system with administrator privileges and correct the policy violation.
This key
netbios-ssn/tcp/192.168.10.19/139
already exist.
already exist.
already exist.
already exist.
This key
not already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.19/139
already exist.
already exist.
to Administrators.
Set the
on Success.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.19/139
already exist.
already exist.
already exist.
SetAdd
9. theor
"Shut down
remove the system"
subsystem policy
names as to Users
netbios-ssn/tcp/192.168.10.19/139
and Administrators.
necessary_x000D_
10. Click
This keyormay
9. Add needgroups
already exist.
already exist.
already exist.
_x000D_
already exist.
Otherwise, if registry key permissions do not netbios-ssn/tcp/192.168.10.19/139
1026/TCP._x000D_
loc-srv/tcp/192.168.10.19/135
Ensure
_x000D_ that MSRPC complies with organizat loc-srv/tcp/192.168.10.19/135
Upgrade Adobe AIR to 1.5.3.9130 or later. netbios-ssn/tcp/192.168.10.19/139
netbios-ssn/tcp/192.168.10.19/139
Ensure
http://www.macromedia.com/go/getflashplayer netbios-ssn/tcp/192.168.10.19/139
McAfee
netbios-ssn/tcp/192.168.10.19/139
netbios-ssn/tcp/192.168.10.19/139
McAfee
netbios-ssn/tcp/192.168.10.19/139
Ensure
To modifythatthis
Internet Explorer
setting, changeEnhanced Secnetbios-ssn/tcp/192.168.10.19/139
netbios-ssn/tcp/192.168.10.19/139
Ensure
_x000D_ that the programs under the HKEY netbios-ssn/tcp/192.168.10.19/139
netbios-ssn/tcp/192.168.10.19/139
_x000D_
netbios-ssn/tcp/192.168.10.19/139
Please
already exist.
Review
n etbios-ssn/tcp/192.168.10.19/139
netbios-ssn/tcp/192.168.10.19/139
McAfee
Download the latest version of Adobe Flashnetbios-ssn/tcp/192.168.10.19/139
http://get.adobe.com/flashplayer netbios-ssn/tcp/192.168.10.19/139
Passwords
_x000D_ should have expiration times to netbios-ssn/tcp/192.168.10.19/139
e
Upgrade
_x000D_ Adobe AIR to 1.5.3.9130 or later. netbios-ssn/tcp/192.168.10.19/139
Ensure
Set the "Password
To modify Must
this setting, Meet Complexity
change Re
netbios-ssn/tcp/192.168.10.19/139
netbios-ssn/tcp/192.168.10.19/139
netbios-ssn/tcp/192.168.10.19/139
netbios-ssn/tcp/192.168.10.19/139
McAfee
Ensure
netbios-ssn/tcp/192.168.10.19/139
Disable
For moreadministrative shares that are not netbios-ssn/tcp/192.168.10.19/139
information see,_x000D_
netbios-ssn/tcp/192.168.10.19/139
netbios-ssn/tcp/192.168.10.19/139
_x000D_
netbios-ssn/tcp/192.168.10.19/139
_x000D_
Verify
_x000D_that the Everyone group is allowed netbios-ssn/tcp/192.168.10.19/139
o
Close
Ensure
_x000D_ http/tcp/192.168.10.19/80
the banner.
http/tcp/192.168.10.19/80
for Microsoft IIS.
_x000D_
Name" setting.
_x000D_ http/tcp/192.168.10.19/80
netbios-ns/udp/192.168.10.93/137
Ensure
netbios-ssn/tcp/192.168.10.93/139
Disable
netbios-ssn/tcp/192.168.10.93/139
Ensure
netbios-ssn/tcp/192.168.10.93/139
_x000D_
netbios-ssn/tcp/192.168.10.93/139
_x000D_
Ensure
netbios-ssn/tcp/192.168.10.93/139
Disable
already exist.
already exist.
already exist.
already exist.
Consult
Otherwise,
This
9. keyormay
Add needsubsystem
remove to be created
namesif itas
does not
netbios-ssn/tcp/192.168.10.93/139
already exist.
necessary_x000D_
10. Click
already exist.
_x000D_
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.93/139
already exist.
already exist.
Set the
netbios-ssn/tcp/192.168.10.93/139
and Administrators.
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.93/139
already exist.
already exist.
to Administrators.
_x000D_
to Administrators.
already exist.
This key
netbios-ssn/tcp/192.168.10.93/139
already exist.
_x000D_ on Success.
This
already exist.
This key
netbios-ssn/tcp/192.168.10.93/139
already exist.
Then
9. Addsetorthe Auditgroups
remove Logon asEvents policy to audit
Then
_x000D_set the Audit Object Access policy to audit netbios-ssn/tcp/192.168.10.93/139
This key
not already exist.
This key may
security created
netbios-ssn/tcp/192.168.10.93/139
10. Click
9. Add orApply,
removethen click as
This key
netbios-ssn/tcp/192.168.10.93/139
already exist.
already exist.
already exist.
already exist.
_x000D_
Otherwise,
Failure.
Review
n etbios-ssn/tcp/192.168.10.93/139
Set the "Profile system performance" policynetbios-ssn/tcp/192.168.10.93/139
This key
netbios-ssn/tcp/192.168.10.93/139
already exist.
To correct this policy violation remove unwanted netbios-ssn/tcp/192.168.10.93/139
_x000D_
already exist.
_x000D_ on Success.
Then
_x000D_set the Audit Account Management policy
netbios-ssn/tcp/192.168.10.93/139
_x000D_ Users.
already exist.
This key
netbios-ssn/tcp/192.168.10.93/139
already exist.
already exist.
Otherwise,
You
9. canorconfigure
Add this setting
remove groups by opening tnetbios-ssn/tcp/192.168.10.93/139
as necessary_x000D_
1026/TCP._x000D_
loc-srv/tcp/192.168.10.93/135
Informational
netbios-ssn/tcp/192.168.10.93/139
McAfee
this setting, changeofthea vendor-snetbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
Disable
already exist.
McAfee is not aware of a vendor-supplied p
n etbios-ssn/tcp/192.168.10.93/139
Keep
_x000D_McAfee VirusScan up to date. netbios-ssn/tcp/192.168.10.93/139
Accounts
netbios-ssn/tcp/192.168.10.93/139
Ensure
_x000D_ that the programs under the HKEY netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
Review
netbios-ssn/tcp/192.168.10.93/139
Passwords
Note: should haveusers
We recommend expiration
to refertimes
the tonetbios-ssn/tcp/192.168.10.93/139
e
vendor documentation to know the exact steps specific to the operating system._x00
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
McAfee is not
Ensure that aware
this policyofsetting
a vendor-supplied
is consistentpnwith
etbios-ssn/tcp/192.168.10.93/139
the requirements of your enterprise security policy._x000D_
netbios-ssn/tcp/192.168.10.93/139
Ensure
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
Ensure
McAfee is currently unaware of a vendor-suppliednetbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
Ensure
netbios-ssn/tcp/192.168.10.93/139
Please
McAfee is currently
Ensure that unaware
this policy settingof
is aconsistent
vendor-snetbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
netbios-ssn/tcp/192.168.10.93/139
McAfee
netbios-ssn/tcp/192.168.10.93/139
Keep
o
Ensure that the list of file extension handl http/tcp/192.168.10.93/80
_x000D_
Note:
http/tcp/192.168.10.93/80
the banner.
http/tcp/192.168.10.93/80
for Microsoft IIS.
Ensure
Name" setting.
Ensure
netbios-ns/udp/192.168.10.68/137
Ensure
netbios-ssn/tcp/192.168.10.68/139
Ensure
netbios-ssn/tcp/192.168.10.68/139
Disable
netbios-ssn/tcp/192.168.10.68/139
Disable
netbios-ssn/tcp/192.168.10.68/139
Disable
netbios-ssn/tcp/192.168.10.68/139
The default guest account should be rename
netbios-ssn/tcp/192.168.10.68/139
Ensure that
remove groupssetting is consist netbios-ssn/tcp/192.168.10.68/139
as necessary_x000D_
already exist.
To modify
already exist.
Administrators.
Review
already exist.
and Administrators.
You can
already exist.
_x000D_
Set the "Bypass
4) Remove traverse
the group checking"
members policy tonetbios-ssn/tcp/192.168.10.68/139
listed_x000D_ Users.
already exist.
Disable
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.68/139
already exist.
already exist.
already exist.
already exist.
already exist.
Otherwise,
already exist.
Failure.
_x000D_
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.68/139
already exist.
already exist.
Set the
_x000D_ "Replace a process level token" policy
netbios-ssn/tcp/192.168.10.68/139
Then
_x000D_set the Audit Object Access policy to audit netbios-ssn/tcp/192.168.10.68/139
Otherwise,
already exist.
This key
not already exist.
already exist.
Then
_x000D_set the Audit Account Logon Events policy netbios-ssn/tcp/192.168.10.68/139
Otherwise,
9. if registry
Add or remove key as
groups permissions do not
10. Click
This
already exist.
Set theor
9. Add "Generate security audits"
remove subsystem namespolicy tonetbios-ssn/tcp/192.168.10.68/139
Local Service and Network Service.
as necessary_x000D_
10. Click
already exist.
_x000D_
on Success.
If the Administrator account is a valid ad
9. Adjust this security option as necessary_x000D_ netbios-ssn/tcp/192.168.10.68/139
already exist.
This key
netbios-ssn/tcp/192.168.10.68/139
already exist.
already exist.
already exist.
_x000D_ on Success.
This key
netbios-ssn/tcp/192.168.10.68/139
already exist.
to Administrators.
already exist.
Consult
9. Add orthe organizational
remove groups aspolicy to dete netbios-ssn/tcp/192.168.10.68/139
necessary_x000D_
This key
netbios-ssn/tcp/192.168.10.68/139
already exist.
already exist.
to Administrators.
_x000D_
already exist.
Ensure that all content hosted on the Sharehttp/tcp/192.168.10.68/81
1026/TCP._x000D_
loc-srv/tcp/192.168.10.68/135
netbios-ssn/tcp/192.168.10.68/139
Disable
McAfeeadministrative shares of
is currently unaware that are not netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
Ensure
netbios-ssn/tcp/192.168.10.68/139
Ensure thathas
been superseded annetbios-ssn/tcp/192.168.10.68/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
McAfee
This is not
patch has aware of a vendor-supplied
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.68/139
e
Review
_x000D_ report output to determine if any inn etbios-ssn/tcp/192.168.10.68/139
already exist.
Informational
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
Accounts
Ensure thatadded to thesetting
this policy Administrators group
is consistent netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
Ensure
McAfeeexisting localunaware
is currently groups are
of anecessary netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
McAfee is currently
Ensure that unaware
this policy settingof
is aconsistent
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
Determine
_x000D_ whether Microsoft Internet Inform netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
If thepatch
This DNS configuration is not in by
has been superseded accordan netbios-ssn/tcp/192.168.10.68/139
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
The Default Value for WarningLevel is 0. Set this value to 90 to ensure warnings are generated._x000D_
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
_x000D_
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
McAfee Avert
This patch has Labs
beenissuperseded
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
McAfee is currently
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
_x000D_
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
netbios-ssn/tcp/192.168.10.68/139
o
Ensure
_x000D_ http/tcp/192.168.10.68/80;http/tcp/192.168.10.68/81
the banner.
http/tcp/192.168.10.68/80
for Microsoft IIS.
Ensure that web server complies with corpo http/tcp/192.168.10.68/80;http/tcp/192.168.10.68/81
Ensure
_x000D_ that web server complies with organ http/tcp/192.168.10.68/80;http/tcp/192.168.10.68/81
netbios-ns/udp/192.168.10.92/137
Disable
netbios-ssn/tcp/192.168.10.92/139
Ensure
netbios-ssn/tcp/192.168.10.92/139
Ensure
3. Proceed to change or set the value of "Auto" netbios-ssn/tcp/192.168.10.92/139
to "1" ("0" is the default).
Ensure
_x000D_ the service setting meet your enterpnetbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
Ensure
Ensure
netbios-ssn/tcp/192.168.10.92/139
_x000D_
already exist.
_x000D_
Then
_x000D_set the Audit Object Access policy to auditnetbios-ssn/tcp/192.168.10.92/139
already exist.
Consult
already exist.
Otherwise,
already exist.
_x000D_
already exist.
_x000D_
This keyormay
9. Add needgroups
already exist.
10. Click
9. Add orApply,
Then set thethe
4) Remove Audit Account
group members Logon Events policy
already exist.
Otherwise,
This key
not already exist.
already exist.
This keyormay
9. Add needgroups
already exist.
Set the
on Success.
already exist.
_x000D_ on Success.
This key
netbios-ssn/tcp/192.168.10.92/139
already exist.
and Administrators.
already exist.
This key
netbios-ssn/tcp/192.168.10.92/139
already exist.
_x000D_
already exist.
Set the
_x000D_ "Allow logon through Terminal Services"
netbios-ssn/tcp/192.168.10.92/139
Failure.
You canorconfigure
9. Add this settingnames
remove subsystem by opening tnetbios-ssn/tcp/192.168.10.92/139
as necessary_x000D_
10. Click
9. Add orApply,
10. Click
already exist.
This key
netbios-ssn/tcp/192.168.10.92/139
already exist.
_x000D_ Users.
This key
netbios-ssn/tcp/192.168.10.92/139
already exist.
This key may
security created
netbios-ssn/tcp/192.168.10.92/139
already exist.
_x000D_
already exist.
already exist.
already exist.
_x000D_
already exist.
to Administrators.
Set the
_x000D_ "Act as part of the operating system"netbios-ssn/tcp/192.168.10.92/139
policy to None.
already exist.
already exist.
already exist.
Otherwise,
netbios-ssn/tcp/192.168.10.92/139
already exist.
already exist.
already exist.
_x000D_
_x000D_
Review
already exist.
loc-srv/tcp/192.168.10.92/135
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
e
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
Ensure
To modifythatthis
only allowed
setting, usersthe
change have a usernetbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
Determine whether Microsoft
For more information Internet Inform
see,_x000D_ netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
McAfee is currently unaware of any vendornetbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
_x000D_
already exist.
Note: We recommend users to refer the vendor netbios-ssn/tcp/192.168.10.92/139
documentation to know the exact steps specific to the operating system._x00
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
Keep
McAfee McAfee VirusScan
is currently up toof
unaware date. netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
Ensure thatthis
To modify thissetting,
policy setting
change isthe
with the requirements
"EnableICMPRedirect" of your
value under the enterprise security policy.
"System\CurrentControlSet\Services\Tcpip\Paramet
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
Ensure that
Ensure that this
this policy
policy setting
setting is
is consistent
with the
requirements of
of your
your enterprise
enterprise security
security policy._x000D_
policy.
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
Informational
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
netbios-ssn/tcp/192.168.10.92/139
Ensure
o
Ensure
Note:
http/tcp/192.168.10.92/80
the banner.
http/tcp/192.168.10.92/80
for Microsoft IIS.
Ensure
Name" setting.
Ensure that web server complies with organ
HTTP
_x000D_servers that use the asynchronous I/O
http/tcp/192.168.10.92/19300
technique are not vulnerable to this attack. Some of those servers are: lighttpd, n
_x000D_ sunrpc/tcp/192.168.10.153/111
_x000D_ sunrpc/tcp/192.168.10.153/111
To disable
If NFS RPC services
exported on other
file systems platforms,
are not sunrpc/tcp/192.168.10.153/111
consult
required, disableyour
thevendor.
NFS service (nfsd). _x000D_
nfs/tcp/192.168.10.153/2049
RPC services are typically enabled in the UNIX /etc/inetd.conf or /etc/rc configure file(s). It is recommended that this RPC serv
/etc/webmin/stop _x000D_ sunrpc/tcp/192.168.10.153/111
/etc/webmin/start
_x000D_ http/tcp/192.168.10.153/10000
NFS configuration files dictate which directories
unknown/udp/192.168.10.153/111
will be exported via NFS and these entries will be detected in scan results. Exa
Ensure that the list of supported key-exchassh/tcp/192.168.10.153/22
Ensure that ssh protocol complies with orga ssh/tcp/192.168.10.153/22
Ensure that the PostgreSQL server compliespostgres/tcp/192.168.10.153/5432
Disable
Raw Socket Test Others Flag Detected
Ensure that the web server complies with org http/tcp/192.168.10.153/10000
Ensure that HTTP proxy server complies withttp/tcp/192.168.10.153/10000
Ensure
_x000D_ that Web server complies with organ http/tcp/192.168.10.153/10000
netbios-ns/udp/192.168.10.130/137
Disable
netbios-ssn/tcp/192.168.10.130/139
Ensure
netbios-ssn/tcp/192.168.10.130/139
Disable
netbios-ssn/tcp/192.168.10.130/139
_x000D_
netbios-ssn/tcp/192.168.10.130/139
Ensure
Ensure
Disable
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.130/139
already exist.
already exist.
_x000D_
already exist.
already exist.
You can configure
9. Adjust thisoption
this security settingas
bynecessary_x000D_
opening tnetbios-ssn/tcp/192.168.10.130/139
_x000D_
_x000D_
already exist.
Then set
netbios-ssn/tcp/192.168.10.130/139
already exist.
already exist.
_x000D_ on Success.
Otherwise, if registry key permissions do not
Otherwise,
already exist.
_x000D_
already exist.
Then set
netbios-ssn/tcp/192.168.10.130/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.130/139
already exist.
Failure.
Consult
This key
not already exist.
to Administrators.
This
9. keyormay
Add needgroups
already exist.
_x000D_
already exist.
on
9. Add or remove subsystem names as necessary_x000D_ Success.
already exist.
This key
netbios-ssn/tcp/192.168.10.130/139
already exist.
Otherwise,
already exist.
_x000D_
already exist.
Otherwise,
already exist.
Set the
netbios-ssn/tcp/192.168.10.130/139
and Administrators.
already exist.
already exist.
already exist.
Set the "Log on as service" policy to
9. Add or remove groups as necessary_x000D_None. netbios-ssn/tcp/192.168.10.130/139
Set theor
9. Add "Replace
removeagroups
processaslevel token" policy
10. Click
_x000D_ Users.
already exist.
already exist.
This
netbios-ssn/tcp/192.168.10.130/139
already exist.
_x000D_
already exist.
_x000D_
already exist.
already exist.
Ensure that SMTP server complies with orga
1026/TCP._x000D_ smtp/tcp/192.168.10.130/25
loc-srv/tcp/192.168.10.130/135
McAfee
netbios-ssn/tcp/192.168.10.130/139
Ensure
already exist.
netbios-ssn/tcp/192.168.10.130/139
Please
netbios-ssn/tcp/192.168.10.130/139
Keep
Ensure
netbios-ssn/tcp/192.168.10.130/139
e
McAfee
McAfee
netbios-ssn/tcp/192.168.10.130/139
netbios-ssn/tcp/192.168.10.130/139
_x000D_
netbios-ssn/tcp/192.168.10.130/139
McAfee is currently
The Default Value forunaware of a vendor-snetbios-ssn/tcp/192.168.10.130/139
netbios-ssn/tcp/192.168.10.130/139
netbios-ssn/tcp/192.168.10.130/139
netbios-ssn/tcp/192.168.10.130/139
netbios-ssn/tcp/192.168.10.130/139
Review
For morereport output to
information determine if any innetbios-ssn/tcp/192.168.10.130/139
see,_x000D_
Ensure
with thepatch
or updateof(04/25/2014)._x000D_
netbios-ssn/tcp/192.168.10.130/139
Ensure thatthis
To modify McAfee VirusScan
setting, Enterprise
change the annetbios-ssn/tcp/192.168.10.130/139
netbios-ssn/tcp/192.168.10.130/139
netbios-ssn/tcp/192.168.10.130/139
Disable
McAfee
Computer
_x000D_ Configuration\Windows Settings\Security netbios-ssn/tcp/192.168.10.130/139
o
Close
Ensure
_x000D_ http/tcp/192.168.10.130/80
the banner.
http/tcp/192.168.10.130/80
for Microsoft IIS.
Ensure
Name" setting.
_x000D_ http/tcp/192.168.10.130/80
Contact the operating system vendor for hardeningnetbios-ns/udp/192.168.10.175/137
Disable
netbios-ssn/tcp/192.168.10.175/139
Disable
netbios-ssn/tcp/192.168.10.175/139
Disable
netbios-ssn/tcp/192.168.10.175/139
Ensure
Disable
Ensure
This
already exist.
Set the
_x000D_ "Allow logon through Terminal Services"
netbios-ssn/tcp/192.168.10.175/139
netbios-ssn/tcp/192.168.10.175/139
_x000D_
already exist.
_x000D_
already exist.
Set the
already exist.
already exist.
already exist.
_x000D_
_x000D_ on Success.
already exist.
_x000D_
already exist.
Review
already exist.
Otherwise, if file permissions
9. Add or remove do not as
subsystem names complynetbios-ssn/tcp/192.168.10.175/139
necessary_x000D_
This key
netbios-ssn/tcp/192.168.10.175/139
already exist.
already exist.
already exist.
This key
not already exist.
already exist.
Otherwise,
4) Remove theif file permissions
group members dolisted_x000D_
not comply netbios-ssn/tcp/192.168.10.175/139
netbios-ssn/tcp/192.168.10.175/139
To modify
already exist.
This keyormay
9. Add needgroups
already exist.
Set the
netbios-ssn/tcp/192.168.10.175/139
Users.
already exist.
_x000D_ on Success.
This key
netbios-ssn/tcp/192.168.10.175/139
already exist.
To modify
already exist.
This key may
security created
netbios-ssn/tcp/192.168.10.175/139
This key
netbios-ssn/tcp/192.168.10.175/139
already exist.
already exist.
to Administrators.
Then set
netbios-ssn/tcp/192.168.10.175/139
already exist.
Set the
netbios-ssn/tcp/192.168.10.175/139
already exist.
Failure.
_x000D_
and Administrators.
already exist.
already exist.
_x000D_
Otherwise,
This
already exist.
10. Click
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.175/139
already exist.
already exist.
loc-srv/tcp/192.168.10.175/135
netbios-ssn/tcp/192.168.10.175/139
netbios-ssn/tcp/192.168.10.175/139
McAfee
This key may
To modify thisneed to be
setting, created
change theif "EnableICMPRedirect"
it does not
netbios-ssn/tcp/192.168.10.175/139
already exist.
value under the "System\CurrentControlSet\Services\Tcpip\Paramet
netbios-ssn/tcp/192.168.10.175/139
netbios-ssn/tcp/192.168.10.175/139
Informational
Ensure
unaware is aconsisten netbios-ssn/tcp/192.168.10.175/139
netbios-ssn/tcp/192.168.10.175/139
Disable this service
Ensure that this policyunless the isfunctionali
setting consistent netbios-ssn/tcp/192.168.10.175/139
netbios-ssn/tcp/192.168.10.175/139
netbios-ssn/tcp/192.168.10.175/139
Ensure
e
Ensure
_x000D_ that McAfee VirusScan Enterprise an
n etbios-ssn/tcp/192.168.10.175/139
Ensure
netbios-ssn/tcp/192.168.10.175/139
Ensure
Ensure
For morethat only allowed
information users have a usernetbios-ssn/tcp/192.168.10.175/139
see,_x000D_
netbios-ssn/tcp/192.168.10.175/139
netbios-ssn/tcp/192.168.10.175/139
Please
netbios-ssn/tcp/192.168.10.175/139
Computer
_x000D_ Configuration\Windows Settings\Securitynetbios-ssn/tcp/192.168.10.175/139
McAfee
o
Disable
Ensure
_x000D_ http/tcp/192.168.10.175/80
the banner.
http/tcp/192.168.10.175/80
for Microsoft IIS.
Ensure
Contact
_x000D_ the operating system vendor for hardening
netbios-ns/udp/192.168.10.151/137
Due to the number of IIS security vulnerabilities
_x000D_ http/tcp/192.168.10.151/80
Microsoft has issued tools and checklists to help secure your IIS server.
http/tcp/192.168.10.151/80
Ensure
_x000D_ that the installed version of ADO is netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
Ensure
netbios-ssn/tcp/192.168.10.151/139
Ensure
netbios-ssn/tcp/192.168.10.151/139
Ensure
netbios-ssn/tcp/192.168.10.151/139
Disable
netbios-ssn/tcp/192.168.10.151/139
Ensure
Disable
Disable
already exist.
This key
netbios-ssn/tcp/192.168.10.151/139
already exist.
already exist.
This key may
security created
netbios-ssn/tcp/192.168.10.151/139
This key
netbios-ssn/tcp/192.168.10.151/139
already exist.
already exist.
already exist.
Set the
netbios-ssn/tcp/192.168.10.151/139
Set the
netbios-ssn/tcp/192.168.10.151/139
already exist.
_x000D_
already exist.
already exist.
Otherwise,
netbios-ssn/tcp/192.168.10.151/139
This keyormay
9. Add needgroups
already exist.
_x000D_
already exist.
Otherwise, if file permissions
9. Add or remove do not comply
groups as necessary_x000D_ netbios-ssn/tcp/192.168.10.151/139
already exist.
already exist.
_x000D_
already exist.
Set the
_x000D_ Audit Privilege Use policy to audit onnetbios-ssn/tcp/192.168.10.151/139
Failure.
already exist.
already exist.
to Administrators.
Consult
already exist.
This key
netbios-ssn/tcp/192.168.10.151/139
already exist.
already exist.
_x000D_
and Administrators.
4) Remove the group members listed_x000D_it does not
netbios-ssn/tcp/192.168.10.151/139
already exist.
on Success.
_x000D_
already exist.
already exist.
_x000D_ on Success.
This key
netbios-ssn/tcp/192.168.10.151/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.151/139
already exist.
Otherwise,
Otherwise,
Set the
Administrators.
already exist.
Set theor
9. Add "Bypass
remove traverse checking"
subsystem namespolicy tonetbios-ssn/tcp/192.168.10.151/139
Users.
as necessary_x000D_
To modify
already exist.
already exist.
_x000D_
already exist.
already exist.
Administrators.
Review
already exist.
Set the "Restore
1026/TCP._x000D_ files and directories" policy
netbios-ssn/tcp/192.168.10.151/139
to Administrators.
loc-srv/tcp/192.168.10.151/135
Ensure thathas
This patch MSRPC
beencomplies
superseded withbyorganizatloc-srv/tcp/192.168.10.151/135
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.151/139
McAfee is not aware of a vendor-supplied
This patch has been superseded by MS14-015_x000D_p
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
McAfee
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
Ensure
McAfeethat the programs
is currently unaware under
of athe HKEY netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
Set the
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
Ensure thathas
This patch only allowed
been users have
superseded a usernetbios-ssn/tcp/192.168.10.151/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.151/139
McAfee is unaware
This patch has beenof a vendor-supplied
superseded panetbios-ssn/tcp/192.168.10.151/139
by MS14-015_x000D_
e
Ensure thathas
This patch thisbeen
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.151/139
_x000D_
Ensure
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
McAfee
Ensure that
McAfee McAfee unaware
is currently VirusScanofEnterprise annetbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
McAfee Avert
This patch has Labs
beenissuperseded
netbios-ssn/tcp/192.168.10.151/139
McAfee
netbios-ssn/tcp/192.168.10.151/139
If thepatch
This hostshas
filebeen
configuration
superseded is not
by in ac netbios-ssn/tcp/192.168.10.151/139
MS13-082_x000D_
netbios-ssn/tcp/192.168.10.151/139
Ensure thathas
This patch host's
beendomain or workgroup
superseded mnetbios-ssn/tcp/192.168.10.151/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.151/139
Keep
Ensure McAfee VirusScan
that this up to is
McAfee
_x000D_ is not aware of a vendor-supplied pn etbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
McAfee
Ensure
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
Accounts
This patchadded to the
has been Administrators
superseded group
netbios-ssn/tcp/192.168.10.151/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.10.151/139
already exist.
netbios-ssn/tcp/192.168.10.151/139
Disable
_x000D_ administrative shares that are not netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
McAfee is currently
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
Informational
MS14-015_x000D_
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
_x000D_
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
netbios-ssn/tcp/192.168.10.151/139
Ensure
o
Disable
Ensure
Note:
http/tcp/192.168.10.151/80
the banner.
http/tcp/192.168.10.151/80
Ensure that Microsoft IIS complies with the corporate forpolicy._x000D_
Microsoft IIS.
http/tcp/192.168.10.151/80
Ensure
Name" setting.
_x000D_ http/tcp/192.168.10.151/80
netbios-ns/udp/192.168.19.105/137
Ensure
netbios-ssn/tcp/192.168.19.105/139
Ensure
http://windowsupdate.microsoft.com netbios-ssn/tcp/192.168.19.105/139
Disable
netbios-ssn/tcp/192.168.19.105/139
_x000D_
netbios-ssn/tcp/192.168.19.105/139
Ensure
If AutoReboot is set to 1, after a blue screen,netbios-ssn/tcp/192.168.19.105/139
Ensure
netbios-ssn/tcp/192.168.19.105/139
_x000D_
Disable
already exist.
Otherwise,
4) Remove theif file permissions
group members dolisted_x000D_
not comply netbios-ssn/tcp/192.168.19.105/139
already exist.
Set the
netbios-ssn/tcp/192.168.19.105/139
and Administrators.
already exist.
already exist.
9. Add or remove subsystem names as necessary_x000D_on Success.
already exist.
This
netbios-ssn/tcp/192.168.19.105/139
Set the
Administrators.
This keyormay
9. Add needgroups
already exist.
already exist.
already exist.
_x000D_
already exist.
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.19.105/139
already exist.
already exist.
already exist.
already exist.
Set
9. Add or remove groups as necessary_x000D_ Administrators.
the "Profile system performance" policy
netbios-ssn/tcp/192.168.19.105/139
to
Then
9. Addset
orthe Auditgroups
Set the
_x000D_ "Replace a process level token" netbios-ssn/tcp/192.168.19.105/139
policy to Local Service and Network Service.
_x000D_
already exist.
Otherwise,
already exist.
_x000D_ Users.
You can
_x000D_ on Success.
already exist.
To correctthis
9. Adjust thissecurity
policy violation
option asremove unwanted
netbios-ssn/tcp/192.168.19.105/139
necessary_x000D_ user accounts from the Remote Desktop Users group.
10. Click
already exist.
already exist.
to Administrators.
This key
netbios-ssn/tcp/192.168.19.105/139
already exist.
already exist.
Otherwise,
already exist.
Consult
This key
netbios-ssn/tcp/192.168.19.105/139
already exist.
already exist.
already exist.
You can
already exist.
already exist.
_x000D_
already exist.
Failure.
already exist.
_x000D_
already exist.
netbios-ssn/tcp/192.168.19.105/139
Ensure that MSRPC
1026/TCP._x000D_ complies with organizatloc-srv/tcp/192.168.19.105/135
loc-srv/tcp/192.168.19.105/135
This patch shares that
has been superseded byare not netbios-ssn/tcp/192.168.19.105/139
MS14-015_x000D_
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&sui
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
Accounts
McAfee isadded to the
currently Administrators
unaware groupnetbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
McAfee is currently
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
McAfee
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
McAfee Avert
This patch has Labs
beenissuperseded
not aware of
byaMS14-015_x000D_
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
McAfee
This is currently
patch has been unaware of abyvendor-snetbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
Note: We recommend users to refer the vendor documentation to know the exact steps specific to the operating system._x00
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
_x000D_
This key may need to be created if it does notnetbios-ssn/tcp/192.168.19.105/139
already exist.
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
McAfee is currently
netbios-ssn/tcp/192.168.19.105/139
e
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
McAfee Avert
This patch has Labs
beenissuperseded
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
McAfee is currently
The Default Value forunaware of a vendor-snetbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
McAfee is not
by MS13-065_x000D_
netbios-ssn/tcp/192.168.19.105/139
Ensure thathas
This patch thisbeen
by MS14-015_x000D_
Ensure
with thepatch
or updateof(5/19/2014)._x000D_
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
Ensure
Ensure
This thathas
patch thisbeen
by MS14-015_x000D_
netbios-ssn/tcp/192.168.19.105/139
Determine whether
netbios-ssn/tcp/192.168.19.105/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.19.105/139
http://windows.microsoft.com/en-US/windows/home
netbios-ssn/tcp/192.168.19.105/139
netbios-ssn/tcp/192.168.19.105/139
o
Ensure
_x000D_ http/tcp/192.168.19.105/80
the banner.
http/tcp/192.168.19.105/80
for Microsoft IIS.
Ensure
Name" setting.
Ensure
Contact
_x000D_the operating system vendor for hardeningnetbios-ns/udp/192.168.10.155/137
IMPORTANT: Although this registry edit remediates
ms-sql-m/udp/192.168.10.155/1434
the IP information disclosure, other sensitive information is still accessible
_x000D_
netbios-ssn/tcp/192.168.10.155/139
Ensure
_x000D_ that the list of supported key-exchassh/tcp/192.168.10.155/22
Ensure
Disable
netbios-ssn/tcp/192.168.10.155/139
Disable
netbios-ssn/tcp/192.168.10.155/139
Ensure
Set the "Restore
4) Remove files and
the group directories"
members policy
to Administrators.
Set theor
9. Add Audit Policy
remove Change
groups as policy to audit netbios-ssn/tcp/192.168.10.155/139
necessary_x000D_ on Success.
_x000D_
This
9. key may
Adjust this need to be
security created
netbios-ssn/tcp/192.168.10.155/139
10. Click
already exist.
_x000D_
Otherwise,
Set the
Administrators.
Otherwise, if this isgroups
9. Add or remove a validaspolicy violation, netbios-ssn/tcp/192.168.10.155/139
necessary_x000D_ logon to the system with administrator privileges and correct the policy violation.
already exist.
This
netbios-ssn/tcp/192.168.10.155/139
already exist.
already exist.
to Administrators.
_x000D_
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.155/139
already exist.
and Administrators.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.155/139
already exist.
_x000D_
_x000D_ on Success.
This key
netbios-ssn/tcp/192.168.10.155/139
already exist.
already exist.
This
9. keyormay
Add needgroups
already exist.
10. Click
already exist.
_x000D_
already exist.
Then set
_x000D_ the Audit Account Logon Events policy
netbios-ssn/tcp/192.168.10.155/139
already exist.
already exist.
already exist.
Otherwise,
netbios-ssn/tcp/192.168.10.155/139
already exist.
This key
netbios-ssn/tcp/192.168.10.155/139
already exist.
already exist.
already exist.
Review
n etbios-ssn/tcp/192.168.10.155/139
already exist.
Users.
_x000D_
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.155/139
already exist.
Failure.
To modify
subsystem the "NoNa netbios-ssn/tcp/192.168.10.155/139
as necessary_x000D_
Then set
_x000D_ the Audit Object Access policy to audit
netbios-ssn/tcp/192.168.10.155/139
_x000D_
already exist.
Set the
already exist.
_x000D_
already exist.
already exist.
1026/TCP._x000D_
loc-srv/tcp/192.168.10.155/135
Ensure
_x000D_ that ssh protocol complies with orgassh/tcp/192.168.10.155/22
netbios-ssn/tcp/192.168.10.155/139
McAfee
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
netbios-ssn/tcp/192.168.10.155/139
Ensure that the programs under the
Note: We recommend users to refer the vendor HKEY netbios-ssn/tcp/192.168.10.155/139
netbios-ssn/tcp/192.168.10.155/139
Keep
EnsureMcAfee
that thisVirusScan up to is
netbios-ssn/tcp/192.168.10.155/139
netbios-ssn/tcp/192.168.10.155/139
Verify
_x000D_that the Everyone group is allowed netbios-ssn/tcp/192.168.10.155/139
Ensure
netbios-ssn/tcp/192.168.10.155/139
netbios-ssn/tcp/192.168.10.155/139
netbios-ssn/tcp/192.168.10.155/139
e
Please
_x000D_ ensure the permissions assigned to n
t etbios-ssn/tcp/192.168.10.155/139
netbios-ssn/tcp/192.168.10.155/139
_x000D_
Ensure
Ensure that
that this
this policy
policy setting
setting is
is consistent
with
with the
the requirements
your enterprise
enterprise security
security policy.
policy._x000D_
netbios-ssn/tcp/192.168.10.155/139
Ensure that shares that
this policy setting are not netbios-ssn/tcp/192.168.10.155/139
netbios-ssn/tcp/192.168.10.155/139
McAfee is not
Ensure that aware
this policyofsetting
a vendor-supplied
is consistentpnwith
etbios-ssn/tcp/192.168.10.155/139
netbios-ssn/tcp/192.168.10.155/139
e
McAfee
http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
netbios-ssn/tcp/192.168.10.155/139
Informational
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
netbios-ssn/tcp/192.168.10.155/139
_x000D_
already exist.
If the
To hoststhis
modify filesetting,
configuration
changeisthe
not"NtfsDisable8dot3NameCreation"
in ac netbios-ssn/tcp/192.168.10.155/139
value under the "System\CurrentControlSet\Control\FileS
netbios-ssn/tcp/192.168.10.155/139
Check for Sun
To modify thisJava Runtime
setting, changeEnvironment isnetbios-ssn/tcp/192.168.10.155/139
the "ScreenSaverGracePeriod" value under the "System\Software\Microsoft\Windows NT\Curr
netbios-ssn/tcp/192.168.10.155/139
Keep
o
Ensure
_x000D_ sunrpc/tcp/192.168.10.154/111
/etc/webmin/stop _x000D_ sunrpc/tcp/192.168.10.154/111
/etc/webmin/start http/tcp/192.168.10.154/10000
Ensure that the list of supported key-exchassh/tcp/192.168.10.154/22
Ensure that ssh protocol complies with orga ssh/tcp/192.168.10.154/22
Ensure that TLS/SSL server complies with orhttps/tcp/192.168.10.154/8181
Ensure
_x000D_ that TLS/SSL Server and the SSL certhttps/tcp/192.168.10.154/8181
Note: Configure the server to support the latest
https/tcp/192.168.10.154/8181
Ensure that the NTP server complies with ontp/udp/192.168.10.154/123
Disable
Raw
_x000D_Socket Test Others Flag Detected
https/tcp/192.168.10.154/8181
Install
- Utilizeproperly signed hashing
an alternative TLS/SSL X.509
methodcertif https/tcp/192.168.10.154/8181
to sign certificates (ex: SHA-256, SHA-512)_x000D_
_x000D_ https/tcp/192.168.10.154/8181
It is advised to mitigate the issue by using certificates
https/tcp/192.168.10.154/8181
with public key length of at least 2048 bit.
Ensure that the web server complies with org http/tcp/192.168.10.154/10000
Ensure
_x000D_ that HTTP proxy server complies withttp/tcp/192.168.10.154/10000
http://tomcat.apache.org/ http/tcp/192.168.10.154/4848
Ensure that web server complies with organ http/tcp/192.168.10.154/4848;http/tcp/192.168.10.154/8080;http/tcp/192.168.10
Ensure that HTTP server complies with orgahttp/tcp/192.168.10.154/4848;http/tcp/192.168.10.154/10000
Ensure
Contact
netbios-ns/udp/192.168.10.117/137
http/tcp/192.168.10.117/80
Disable
netbios-ssn/tcp/192.168.10.117/139
Ensure
netbios-ssn/tcp/192.168.10.117/139
Disable
netbios-ssn/tcp/192.168.10.117/139
Disable
netbios-ssn/tcp/192.168.10.117/139
Set this value to 1, and define filters in
Ensure
Disable
netbios-ssn/tcp/192.168.10.117/139
Ensure that
9. Add or this setting
remove groupsis as
expected and co netbios-ssn/tcp/192.168.10.117/139
necessary_x000D_
10. Click
already exist.
Review
This key
netbios-ssn/tcp/192.168.10.117/139
already exist.
_x000D_
Set the "Restore
4) Remove files and
the group directories"
members policy
to Administrators.
already exist.
Otherwise,
This key
netbios-ssn/tcp/192.168.10.117/139
already exist.
_x000D_
already exist.
You can
Otherwise,
already exist.
This
netbios-ssn/tcp/192.168.10.117/139
_x000D_
already exist.
Consult
Then
9. Addset
orthe Auditgroups
Set the
netbios-ssn/tcp/192.168.10.117/139
Failure.
already exist.
_x000D_
already exist.
Set the
_x000D_ Audit System Events policy to auditnetbios-ssn/tcp/192.168.10.117/139
on Success.
_x000D_
already exist.
already exist.
Set the
Administrators.
already exist.
already exist.
already exist.
netbios-ssn/tcp/192.168.10.117/139
9. Adjust this security option as necessary_x000D_ already exist.
already exist.
already exist.
This key
not already exist.
already exist.
already exist.
and Administrators.
This key
netbios-ssn/tcp/192.168.10.117/139
already exist.
already exist.
already exist.
already exist.
_x000D_
_x000D_ on Success.
already exist.
already exist.
_x000D_
This keyormay
9. Add needsubsystem
remove to be created if itas
names does not
netbios-ssn/tcp/192.168.10.117/139
already exist.
necessary_x000D_
This key
netbios-ssn/tcp/192.168.10.117/139
already exist.
Otherwise,
Set the
netbios-ssn/tcp/192.168.10.117/139
Users.
already exist.
Then set
netbios-ssn/tcp/192.168.10.117/139
already exist.
1026/TCP._x000D_
loc-srv/tcp/192.168.10.117/135
netbios-ssn/tcp/192.168.10.117/139
already exist.
netbios-ssn/tcp/192.168.10.117/139
McAfee
Informational
netbios-ssn/tcp/192.168.10.117/139
McAfee
netbios-ssn/tcp/192.168.10.117/139
netbios-ssn/tcp/192.168.10.117/139
Ensure
Ensure
modify this setting, change the "EnableICMPRedirect" value under the "System\CurrentControlSet\Services\Tcpip\Paramet
http://technet.microsoft.com/security/bulletin/ms11-066_x000D_ Settings\Interactive logon: Do not display last user name
netbios-ssn/tcp/192.168.10.117/139
Accounts
Ensure that added to thesetting
this policy Administrators group
netbios-ssn/tcp/192.168.10.117/139
_x000D_
already exist.
netbios-ssn/tcp/192.168.10.117/139
_x000D_
Ensure thatthis
To modify thissetting,
policy setting
change isthe
"ScreenSaverGracePeriod" valueofunder
the "System\Software\Microsoft\Windows NT\Curr
netbios-ssn/tcp/192.168.10.117/139
McAfee
To modify is currently unaware
Ensure
Determine
The Defaultwhether
Value forMicrosoft Internet
WarningLevel is 0.Inform
netbios-ssn/tcp/192.168.10.117/139
netbios-ssn/tcp/192.168.10.117/139
Ensure
For moreexisting local groups
information are necessary netbios-ssn/tcp/192.168.10.117/139
see,_x000D_
e
On IE6, McAfee is currently unware of a vendornetbios-ssn/tcp/192.168.10.117/139
Ensure that the list of VMware images comp netbios-ssn/tcp/192.168.10.117/139
Ensure
Ensure
_x000D_ that NetBIOS service complies with netbios-ns/udp/192.168.10.117/137
o
Ensure
Note:
http/tcp/192.168.10.117/80
the banner.
http/tcp/192.168.10.117/80
for Microsoft IIS.
Ensure
Name" setting.
_x000D_ http/tcp/192.168.10.117/80
netbios-ns/udp/192.168.10.135/137
Ensure
netbios-ssn/tcp/192.168.10.135/139
Disable
netbios-ssn/tcp/192.168.10.135/139
Disable
_x000D_ICMP redirects by setting the valuenetbios-ssn/tcp/192.168.10.135/139
Ensure
netbios-ssn/tcp/192.168.10.135/139
Disable
netbios-ssn/tcp/192.168.10.135/139
Ensure
already exist.
Then
9. Add or remove groups as necessary_x000D_ Success and Failure.
set the Audit Object Access policy to audit
netbios-ssn/tcp/192.168.10.135/139
Consult
remove groups aspolicy to dete netbios-ssn/tcp/192.168.10.135/139
necessary_x000D_
This key
netbios-ssn/tcp/192.168.10.135/139
already exist.
already exist.
already exist.
_x000D_
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.135/139
already exist.
already exist.
already exist.
already exist.
Set the
netbios-ssn/tcp/192.168.10.135/139
Users.
to Administrators.
already exist.
_x000D_ on Success.
Set the
_x000D_ "Generate security audits" policy tonetbios-ssn/tcp/192.168.10.135/139
Otherwise,
SetAdd
9. theor
"Access
remove this computer
groups from the network"
10. Click
_x000D_
already exist.
4) Remove the group members listed_x000D_it does not
netbios-ssn/tcp/192.168.10.135/139
already exist.
already exist.
already exist.
To modify
already exist.
This
netbios-ssn/tcp/192.168.10.135/139
already exist.
This key
netbios-ssn/tcp/192.168.10.135/139
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.135/139
already exist.
already exist.
Failure.
already exist.
Review
already exist.
and Administrators.
This key
netbios-ssn/tcp/192.168.10.135/139
already exist.
already exist.
_x000D_
already exist.
_x000D_
_x000D_ on Success.
Otherwise,
Otherwise,
already exist.
already exist.
loc-srv/tcp/192.168.10.135/135
McAfee
Ensure
To modifythatthis
thissetting,
policy setting
change isthe consistent netbios-ssn/tcp/192.168.10.135/139
"ScreenSaverGracePeriod" valueofunder
the "System\Software\Microsoft\Windows NT\Curr
netbios-ssn/tcp/192.168.10.135/139
This
Ensurekeythat
maythis
need to be
policy created
setting if it does not
already
with exist.
netbios-ssn/tcp/192.168.10.135/139
McAfee
McAfee is is not awareunaware
currently of a vendor-supplied pnetbios-ssn/tcp/192.168.10.135/139
netbios-ssn/tcp/192.168.10.135/139
e
Keep
Determine
Ensure thatwhether
this policyMicrosoft
setting isInternet Inform
netbios-ssn/tcp/192.168.10.135/139
McAfee is currently
Ensure that unaware
this policy settingofis aconsistent
already exist.
Ensure that only
The Default Valueallowed users have isa 0.
for WarningLevel usernetbios-ssn/tcp/192.168.10.135/139
netbios-ssn/tcp/192.168.10.135/139
Ensure
McAfeethat Internetunaware
is currently Explorer ofEnhanced Secnetbios-ssn/tcp/192.168.10.135/139
netbios-ssn/tcp/192.168.10.135/139
netbios-ssn/tcp/192.168.10.135/139
Disable
McAfeeadministrative shares of
is currently unaware that are not netbios-ssn/tcp/192.168.10.135/139
netbios-ssn/tcp/192.168.10.135/139
McAfee
Ensure
Ensure that
that this
this policy
policy setting
setting is
is consistent
with
with the
the requirements
your enterprise
enterprise security
security policy.
policy._x000D_
netbios-ssn/tcp/192.168.10.135/139
Search for this
To modify file with particular
setting, changeattributes onnetbios-ssn/tcp/192.168.10.135/139
netbios-ssn/tcp/192.168.10.135/139
Ensure
netbios-ssn/tcp/192.168.10.135/139
o
Ensure that the ASP.NET service is allowedhttp/tcp/192.168.10.135/80;http/tcp/192.168.10.135/8080;http/tcp/192.168.10.13
Ensure
_x000D_ that the list of file extension handl http/tcp/192.168.10.135/80;http/tcp/192.168.10.135/8080;http/tcp/192.168.10.13
_x000D_ http/tcp/192.168.10.135/80;http/tcp/192.168.10.135/8080;http/tcp/192.168.10.13
the banner.
http/tcp/192.168.10.135/80;http/tcp/192.168.10.135/8080;http/tcp/192.168.10.13
for Microsoft IIS.
Ensure
_x000D_ that Microsoft IIS complies with thehttp/tcp/192.168.10.135/80;http/tcp/192.168.10.135/8080;http/tcp/192.168.10.13
Name" setting.
Ensure that web server complies with corpo http/tcp/192.168.10.135/80;http/tcp/192.168.10.135/8080;http/tcp/192.168.10.13
Ensure that web server complies with organ http/tcp/192.168.10.135/80;http/tcp/192.168.10.135/8080;http/tcp/192.168.10.13
Identify and disable unnecessary services umicrosoft-ds/tcp/192.168.10.186/445
This service cannot be stopped. microsoft-ds/tcp/192.168.10.186/445
Ensure that the installed version of ADO is microsoft-ds/tcp/192.168.10.186/445
_x000D_
Disable
To modify this setting, change the "Hidde microsoft-ds/tcp/192.168.10.186/445
Ensure the service setting meet your enterpmicrosoft-ds/tcp/192.168.10.186/445
Ensure that this policy setting is consist microsoft-ds/tcp/192.168.10.186/445
_x000D_
The values of the key, NullSessionPipes, showmicrosoft-ds/tcp/192.168.10.186/445
Set this value to 1, and define filters in microsoft-ds/tcp/192.168.10.186/445
Ensure that the maximum log size detectedmicrosoft-ds/tcp/192.168.10.186/445
Ensure that this setting is consistent with microsoft-ds/tcp/192.168.10.186/445
You can configure this setting by opening microsoft-ds/tcp/192.168.10.186/445
Disable ICMP redirects by setting the valuemicrosoft-ds/tcp/192.168.10.186/445
Ensure
If Autorun is set to 1, upon a cdrom disc being microsoft-ds/tcp/192.168.10.186/445
To set this value, edit the value of the microsoft-ds/tcp/192.168.10.186/445
The default guest account should be rename microsoft-ds/tcp/192.168.10.186/445
Disable
Ensure
already exist.
Then set the Audit Account Management policy microsoft-ds/tcp/192.168.10.186/445
Consult
remove groups aspolicy to dete microsoft-ds/tcp/192.168.10.186/445
necessary_x000D_
Otherwise,
This key
already exist.
Set the "Log on locally" policy to Users andmicrosoft-ds/tcp/192.168.10.186/445
already exist.
and Administrators.
already exist.
Then set the Audit Object Access policy to audit microsoft-ds/tcp/192.168.10.186/445
You can configure this setting by opening microsoft-ds/tcp/192.168.10.186/445
You can configure
4) Remove thismembers
the group setting bylisted_x000D_
opening tmicrosoft-ds/tcp/192.168.10.186/445
You
9. Addcanorconfigure this settingnames
remove subsystem by opening tmicrosoft-ds/tcp/192.168.10.186/445
as necessary_x000D_
This key
already exist.
Otherwise,
_x000D_ if this is a valid policy violation, microsoft-ds/tcp/192.168.10.186/445
This key
already exist.
already exist.
Then
_x000D_set the Audit Account Logon Events policy microsoft-ds/tcp/192.168.10.186/445
already exist.
This key
already exist.
Then set the Audit Logon Events policy to audit microsoft-ds/tcp/192.168.10.186/445
To modifythis
9. Adjust thissecurity
setting,option
changeasthe "Perfo microsoft-ds/tcp/192.168.10.186/445
necessary_x000D_
Set the
Failure.
to Administrators.
already exist.
already exist.
This key
already exist.
Set the "Backup files and directories" policymicrosoft-ds/tcp/192.168.10.186/445
already exist.
already exist.
Set the
_x000D_ Audit Policy Change policy to audit microsoft-ds/tcp/192.168.10.186/445
on Success.
already exist.
This
9. keyormay
Add needgroups
already exist.
10. Click
already exist.
already exist.
already exist.
Set the
_x000D_ "Deny access to this computer from microsoft-ds/tcp/192.168.10.186/445
Otherwise,
_x000D_ if registry key permissions do not microsoft-ds/tcp/192.168.10.186/445
already exist.
This
already exist.
already exist.
This key
already exist.
Otherwise,
already exist.
This key
already exist.
already exist.
To modify this setting, change the "NoNa microsoft-ds/tcp/192.168.10.186/445
_x000D_
Set the "Bypass traverse checking" policy tomicrosoft-ds/tcp/192.168.10.186/445
_x000D_ Users.
Set the
_x000D_ Audit System Events policy to audit microsoft-ds/tcp/192.168.10.186/445
on Success.
already exist.
To modify this setting, change the "Auto microsoft-ds/tcp/192.168.10.186/445
_x000D_
already exist.
Set the "Log on as service" policy to None. microsoft-ds/tcp/192.168.10.186/445
_x000D_
This key may
9. Adjust this need
audit to be created
policy value asifnecessary_x000D_
it does not
already exist.
Set the "Change the system time" policy tomicrosoft-ds/tcp/192.168.10.186/445
Administrators.
Please ensure the permissions assigned to m
t
To modify this setting, change the "EnableICMPRedirect"icrosoft-ds/tcp/192.168.10.186/445
McAfee
_x000D_is currently unaware of a vendor-smicrosoft-ds/tcp/192.168.10.186/445
http://support.microsoft.com/kb/2458544microsoft-ds/tcp/192.168.10.186/445
Accounts
_x000D_ added to the Administrators group microsoft-ds/tcp/192.168.10.186/445
already exist.
Ensure
For morethat host's domain
information or workgroup mmicrosoft-ds/tcp/192.168.10.186/445
see,_x000D_
Informational script to display all detecte microsoft-ds/tcp/192.168.10.186/445
Verify that the Everyone group is allowed microsoft-ds/tcp/192.168.10.186/445
Ensure that the programs under the HKEY microsoft-ds/tcp/192.168.10.186/445
McAfee Avert Labs is not aware of a vendomicrosoft-ds/tcp/192.168.10.186/445
McAfee
this setting, changeofthea vendor-smicrosoft-ds/tcp/192.168.10.186/445
Ensure
To thatthis
modify thissetting,
policy setting
change istheconsistent microsoft-ds/tcp/192.168.10.186/445
with the requirements of your
"NtfsDisable8dot3NameCreation" valueenterprise
under the security policy.
"System\CurrentControlSet\Control\FileS
Ensure
unaware is aconsisten microsoft-ds/tcp/192.168.10.186/445
If the DNS configuration is not in accordan microsoft-ds/tcp/192.168.10.186/445
McAfee
Ensure
_x000D_ that this policy setting is consistent microsoft-ds/tcp/192.168.10.186/445
McAfee is unaware of a vendor-supplied pamicrosoft-ds/tcp/192.168.10.186/445
Ensure that McAfee VirusScan Enterprise an microsoft-ds/tcp/192.168.10.186/445
Disable administrative shares that are not microsoft-ds/tcp/192.168.10.186/445
McAfee is currently unaware of a vendor-smicrosoft-ds/tcp/192.168.10.186/445
Passwords
_x000D_ should have expiration times tomicrosoft-ds/tcp/192.168.10.186/445
e
Ensure
unaware is aconsistent microsoft-ds/tcp/192.168.10.186/445
with thepatch
or updateof(5/19/2014)._x000D_
If the hosts file configuration is not in ac microsoft-ds/tcp/192.168.10.186/445
_x000D_
McAfee is not aware of a vendor-supplied pmicrosoft-ds/tcp/192.168.10.186/445
You can configure this setting by opening tmicrosoft-ds/tcp/192.168.10.186/445
McAfee
Computer Configuration\Windows Settings\Security microsoft-ds/tcp/192.168.10.186/445
Passwords
_x000D_ should have expiration times to microsoft-ds/tcp/192.168.10.186/445
e
Ensure that only allowed users have a usermicrosoft-ds/tcp/192.168.10.186/445
McAfee
_x000D_ is currently unaware of a vendor-smicrosoft-ds/tcp/192.168.10.186/445
However, McAfee is not aware of a patch for microsoft-ds/tcp/192.168.10.186/445
Determine
Windows XP: whether Microsoft Internet Inform
http://www.microsoft.com/download/details.aspx?id=7208_x000D_
McAfee Avert Labs is not aware of a vendomicrosoft-ds/tcp/192.168.10.186/445
McAfee is unaware of a vendor-supplied pamicrosoft-ds/tcp/192.168.10.186/445
McAfee
McAfee isis not awareunaware
currently of a vendor-supplied pmicrosoft-ds/tcp/192.168.10.186/445
Keep McAfee VirusScan up to date. microsoft-ds/tcp/192.168.10.186/445
McAfee
already exist.
Set the "Password Must Meet Complexity Re microsoft-ds/tcp/192.168.10.186/445
Enable Internet Explorer Enhanced Securitymicrosoft-ds/tcp/192.168.10.186/445
Ensure that Internet Explorer Enhanced Secmicrosoft-ds/tcp/192.168.10.186/445
Ensure existing local groups are necessary microsoft-ds/tcp/192.168.10.186/445
Ensure
_x000D_ that Microsoft Windows complies wi microsoft-ds/tcp/192.168.10.186/445
Note: Blocking access for MVM to both TCPmicrosoft-ds/tcp/192.168.10.186/445
1026/TCP._x000D_ microsoft-ds/tcp/192.168.10.186/445
loc-srv/tcp/192.168.10.186/135
Disable
Ensure
_x000D_ http/tcp/192.168.10.186/80
the banner.
http/tcp/192.168.10.186/80
for Microsoft IIS.
Ensure
Name" setting.
_x000D_ http/tcp/192.168.10.186/80
netbios-ns/udp/192.168.10.136/137
Disable
netbios-ssn/tcp/192.168.10.136/139
Disable
netbios-ssn/tcp/192.168.10.136/139
_x000D_
netbios-ssn/tcp/192.168.10.136/139
_x000D_
3. Proceed to change or set the value of "Auto"
netbios-ssn/tcp/192.168.10.136/139
to "1" ("0" is the default).
_x000D_
By default, Foundstone recommends the NoDriveTypeAutoRun netbios-ssn/tcp/192.168.10.136/139
Ensure
Ensure
By default,
9. Adjust Foundstone
this recommends
security option the NoDriveTypeAutoRun
netbios-ssn/tcp/192.168.10.136/139
as necessary_x000D_ key is set to 0xFF (255 in decimal) for increased security. This d
10. Click Apply,
netbios-ssn/tcp/192.168.10.136/139
You can
already exist.
and Administrators.
This key
netbios-ssn/tcp/192.168.10.136/139
already exist.
already exist.
_x000D_ on Success.
already exist.
Then
_x000D_set the Audit Object Access policy to audit
netbios-ssn/tcp/192.168.10.136/139
Otherwise,
Consult
This
already exist.
Failure.
Set the
Administrators.
already exist.
_x000D_ on Success.
already exist.
already exist.
To modify
subsystem the "Auto netbios-ssn/tcp/192.168.10.136/139
as necessary_x000D_
10. Click
9. Add orApply,
Set the
netbios-ssn/tcp/192.168.10.136/139
already exist.
already exist.
Otherwise,
already exist.
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.136/139
already exist.
already exist.
already exist.
_x000D_
already exist.
Set the
_x000D_ "Generate security audits" policy tonetbios-ssn/tcp/192.168.10.136/139
already exist.
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.136/139
already exist.
already exist.
Then set
_x000D_ the Audit Account Management netbios-ssn/tcp/192.168.10.136/139
policy to audit Success and Failure.
already exist.
to Administrators.
Then
9. Add or remove groups as necessary_x000D_ Success and Failure.
set the Audit Logon Events policy to audit
netbios-ssn/tcp/192.168.10.136/139
_x000D_
already exist.
already exist.
already exist.
Set the
Administrators.
_x000D_
already exist.
This
9. keyormay
Add needgroups
already exist.
10. Click
already exist.
already exist.
1026/TCP._x000D_ Users.
loc-srv/tcp/192.168.10.136/135
Ensure thatthis
To modify MSRPC complies
setting, changewith
the organizat loc-srv/tcp/192.168.10.136/135
netbios-ssn/tcp/192.168.10.136/139
netbios-ssn/tcp/192.168.10.136/139
Ensure
For morethat the computer
information role complies witnetbios-ssn/tcp/192.168.10.136/139
see,_x000D_
netbios-ssn/tcp/192.168.10.136/139
McAfee
netbios-ssn/tcp/192.168.10.136/139
_x000D_
Ensure
with thepatch
or updateof(04/17/2014)._x000D_
netbios-ssn/tcp/192.168.10.136/139
netbios-ssn/tcp/192.168.10.136/139
Ensure
Review
McAfeereport output
is currently to determine
unaware if any innetbios-ssn/tcp/192.168.10.136/139
This keythat
Ensure maythis
need to be
policy created
withalready exist.
netbios-ssn/tcp/192.168.10.136/139
netbios-ssn/tcp/192.168.10.136/139
Verify that the
The Default Everyone
Value group is allowed
is 0. Set this value to 90 to ensure warnings are generated._x000D_
netbios-ssn/tcp/192.168.10.136/139
Search
Ensure for
thatfile with
this particular
policy setting attributes
is consistent onnetbios-ssn/tcp/192.168.10.136/139
netbios-ssn/tcp/192.168.10.136/139
If
Tothe DNS this
modify configuration is not the
setting, change in accordan netbios-ssn/tcp/192.168.10.136/139
netbios-ssn/tcp/192.168.10.136/139
Ensure
Please
To ensure
modify this the permissions
setting, change theassigned to nt etbios-ssn/tcp/192.168.10.136/139
netbios-ssn/tcp/192.168.10.136/139
Determine
_x000D_ whether Microsoft Internet Inform netbios-ssn/tcp/192.168.10.136/139
already exist.
e
Ensure
o
Ensure
Note:
_x000D_Conceal the IIS Server status by modifying http/tcp/192.168.10.136/80
the banner.
Note: It is advised to enforce NTLM authentication http/tcp/192.168.10.136/80
for Microsoft IIS.
Ensure
Name" setting.
Ensure
Contact
netbios-ns/udp/192.168.10.38/137
http/tcp/192.168.10.38/80
Disable
netbios-ssn/tcp/192.168.10.38/139
Ensure
netbios-ssn/tcp/192.168.10.38/139
Disable
netbios-ssn/tcp/192.168.10.38/139
Ensure
_x000D_ that the maximum log size detected netbios-ssn/tcp/192.168.10.38/139
_x000D_
Disable
netbios-ssn/tcp/192.168.10.38/139
Ensure
_x000D_ that this policy setting is consist netbios-ssn/tcp/192.168.10.38/139
Set the "Profile
9. Adjust single
this audit process"
policy value policy to Administrators.
netbios-ssn/tcp/192.168.10.38/139
as necessary_x000D_
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.38/139
already exist.
Otherwise,
already exist.
_x000D_
This
already exist.
Set the
netbios-ssn/tcp/192.168.10.38/139
and Administrators.
This
already exist.
_x000D_
already exist.
_x000D_
already exist.
already exist.
_x000D_ on Success.
Otherwise,
already exist.
already exist.
Otherwise,
to Administrators.
Review
already exist.
This key
netbios-ssn/tcp/192.168.10.38/139
already exist.
on Success.
_x000D_
already exist.
netbios-ssn/tcp/192.168.10.38/139
10. Click Apply,
This key
netbios-ssn/tcp/192.168.10.38/139
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.38/139
already exist.
already exist.
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.10.38/139
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.10.38/139
already exist.
To modify
to Administrators.
Consult
_x000D_ Users.
This key
netbios-ssn/tcp/192.168.10.38/139
already exist.
This keyormay
9. Add needgroups
already exist.
Failure.
Set the
already exist.
already exist.
already exist.
Otherwise,
already exist.
already exist.
1026/TCP._x000D_
loc-srv/tcp/192.168.10.38/135
_x000D_
Passwords
The Defaultshould
Value have expiration times
for WarningLevel is 0. tonetbios-ssn/tcp/192.168.10.38/139
e this value to 90 to ensure warnings are generated._x000D_
Set
netbios-ssn/tcp/192.168.10.38/139
McAfee
To modify Avert
this Labs is not
setting, awarethe
change of "NtfsDisable8dot3NameCreation"
a vendonetbios-ssn/tcp/192.168.10.38/139
value under the "System\CurrentControlSet\Control\FileS
netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
McAfee is
McAfee is currently
currently unaware
unaware of of aa vendor-supplied
netbios-ssn/tcp/192.168.10.38/139
McAfee
For moreisinformation
see,_x000D_
netbios-ssn/tcp/192.168.10.38/139
McAfee
_x000D_
netbios-ssn/tcp/192.168.10.38/139
McAfee
netbios-ssn/tcp/192.168.10.38/139
McAfee
already exist.
However,
_x000D_ McAfee is not aware of a patch for netbios-ssn/tcp/192.168.10.38/139
already exist.
McAfee
McAfee is is currently
currently unaware
unaware ofof aa vendor-snetbios-ssn/tcp/192.168.10.38/139
Computer
_x000D_ Configuration\Windows Settings\Security netbios-ssn/tcp/192.168.10.38/139
Ensure
netbios-ssn/tcp/192.168.10.38/139
McAfee
http://technet.microsoft.com/security/bulletin/ms10-065.
netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
Windows XP: http://www.microsoft.com/download/details.aspx?id=7208_x000D_
netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
_x000D_
netbios-ssn/tcp/192.168.10.38/139
Disable
To modify thisthis
service unless
setting, the functionali
change netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
Set the
netbios-ssn/tcp/192.168.10.38/139
netbios-ssn/tcp/192.168.10.38/139
Passwords
Ensure thatshould havesetting
this policy expiration times tonetbios-ssn/tcp/192.168.10.38/139
is consistent e the requirements of your enterprise security policy._x000D_
with
netbios-ssn/tcp/192.168.10.38/139
Ensure
o
Disable
Close opened
To mitigate theTCP port of
impact viathis
firewall or IPsec. URLScan can be configured to filter URL requests that cause the denial of service._
vulnerability,
http://www.iis.net/downloads/microsoft/urlscan
_x000D_ http/tcp/192.168.10.38/80
http/tcp/192.168.10.38/80
Ensure
_x000D_ http/tcp/192.168.10.38/80
the banner.
http/tcp/192.168.10.38/80
Note: It is advised to enforce NTLM authentication for Microsoft IIS.
Ensure
Name" setting.
_x000D_ http/tcp/192.168.10.38/80
netbios-ns/udp/192.168.18.150/137
Ensure
netbios-ssn/tcp/192.168.18.150/139
_x000D_
netbios-ssn/tcp/192.168.18.150/139
Ensure
Ensure
Ensure
netbios-ssn/tcp/192.168.18.150/139
Disable
Ensure
netbios-ssn/tcp/192.168.18.150/139
_x000D_
already exist.
already exist.
already exist.
Otherwise,
_x000D_ on Success.
This
netbios-ssn/tcp/192.168.18.150/139
_x000D_
already exist.
already exist.
already exist.
_x000D_
Set the "Bypass
9. Adjust traverse
this audit policychecking" policy tonetbios-ssn/tcp/192.168.18.150/139
Users.
value as necessary_x000D_
10. Click
9. Add orApply,
netbios-ssn/tcp/192.168.18.150/139
10. Click
This key may
4) Remove theneed to members
group be createdlisted_x000D_
if it does not
netbios-ssn/tcp/192.168.18.150/139
already exist.
This key
netbios-ssn/tcp/192.168.18.150/139
already exist.
Then
_x000D_set the Audit Account Logon Events policy netbios-ssn/tcp/192.168.18.150/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.150/139
already exist.
_x000D_ on Success.
Failure.
already exist.
This key
netbios-ssn/tcp/192.168.18.150/139
already exist.
Set theor
9. Add "Restore
removefiles andas
groups directories" policy
necessary_x000D_netbios-ssn/tcp/192.168.18.150/139
to Administrators.
already exist.
already exist.
Review
already exist.
Consult
already exist.
This key
netbios-ssn/tcp/192.168.18.150/139
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.150/139
already exist.
already exist.
_x000D_
_x000D_ logon to the system with administrator privileges and correct the policy violation.
This key
netbios-ssn/tcp/192.168.18.150/139
already exist.
Then
netbios-ssn/tcp/192.168.18.150/139
_x000D_
This
_x000D_key may need to be created if it does not netbios-ssn/tcp/192.168.18.150/139
already exist.
Then
_x000D_ set the Audit Logon Events policy to audit netbios-ssn/tcp/192.168.18.150/139
This
_x000D_key may need to be created if it does not
netbios-ssn/tcp/192.168.18.150/139
already exist.
This
_x000D_key may need to be created if it does not netbios-ssn/tcp/192.168.18.150/139
already exist.
Otherwise,
This
netbios-ssn/tcp/192.168.18.150/139
and Administrators.
This
_x000D_key may need to be created if it does netbios-ssn/tcp/192.168.18.150/139
not already exist.
already exist.
loc-srv/tcp/192.168.18.150/135
Ensure that
McAfee MSRPC complies
is currently unaware with organizatloc-srv/tcp/192.168.18.150/135
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
McAfee
netbios-ssn/tcp/192.168.18.150/139
McAfee
Review
It is recommended to upgrade to latest version netbios-ssn/tcp/192.168.18.150/139
of the browser (IE 8 or later).
http://httpd.apache.org/security/vulnerabilities_22.html_x000D_
This
Ensure keythat
maythis
need to be
policy created
already
with exist.
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
http://support.apple.com/kb/HT5880 netbios-ssn/tcp/192.168.18.150/139
Ensure
McAfee
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
http://httpd.apache.org/security/vulnerabilities_22.html_x000D_
netbios-ssn/tcp/192.168.18.150/139
already exist.
McAfee
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
McAfee
McAfee is currently unaware of any vendornetbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
McAfee
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
Ensure
Note: Weexisting local groups
recommend usersare necessary
to refer netbios-ssn/tcp/192.168.18.150/139
the vendor documentation to know the exact steps specific to the operating system._x00
netbios-ssn/tcp/192.168.18.150/139
McAfee
netbios-ssn/tcp/192.168.18.150/139
Keep McAfee
This patch hasVirusScan up to date.
been superseded netbios-ssn/tcp/192.168.18.150/139
by MS13-090_x000D_
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
_x000D_
http://httpd.apache.org/security/vulnerabilities_22.html#2.2.22
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
e
netbios-ssn/tcp/192.168.18.150/139
Passwords
e
http://httpd.apache.org/download.cgi netbios-ssn/tcp/192.168.18.150/139
netbios-ssn/tcp/192.168.18.150/139
Ensure thathas
This patch thisbeen
by MS13-090_x000D_
netbios-ssn/tcp/192.168.18.150/139
_x000D_ ms-term-service/tcp/192.168.18.150/3389
http://www.php.net/downloads.php http/tcp/192.168.18.150/80
o
Upgrade to Apache 2.2.9 or newer versionshttp/tcp/192.168.18.150/80
The vendor has updated source code in subv http/tcp/192.168.18.150/80
Upgrade
_x000D_ to Apache 2.2.12 or later. http/tcp/192.168.18.150/80
http://www.php.net/releases/5_2_10.php
_x000D_ http/tcp/192.168.18.150/80
http://www.php.net/releases/5_2_11.php http/tcp/192.168.18.150/80
Upgrade to PHP 5.3.1 or later. http/tcp/192.168.18.150/80
Upgrade to PHP 5.3.1 or later. http/tcp/192.168.18.150/80
Upgrade
_x000D_ to PHP 5.3.1 or later. http/tcp/192.168.18.150/80
http://www.php.net/releases/5_2_9.php
_x000D_ http/tcp/192.168.18.150/80
http://php.net/downloads.php http/tcp/192.168.18.150/80
Ensure
_x000D_ that configuration settings for PHP http/tcp/192.168.18.150/80
http://www.php.net/
_x000D_ http/tcp/192.168.18.150/80
_x000D_ http/tcp/192.168.18.150/80
http/tcp/192.168.18.150/80
McAfee is currently unaware of a vendor-shttp/tcp/192.168.18.150/80
http://www.php.net/_x000D_
_x000D_ http/tcp/192.168.18.150/80
http://phpsec.org/projects/phpsecinfo/tests/display_errors.html
_x000D_ http/tcp/192.168.18.150/80
http://www.interaktonline.com/Documentation/KTML/031210_file_uploading_on_php.htm
_x000D_ http/tcp/192.168.18.150/80
http://www.phpbuilder.com/manual/features.safe-mode.php
_x000D_ http/tcp/192.168.18.150/80
http://www.webmasterworld.com/forum88/11760.htm
_x000D_ http/tcp/192.168.18.150/80
http://httpd.apache.org/download.cgi http/tcp/192.168.18.150/80
HTTP TRACE should be disabled on the HTTP http/tcp/192.168.18.150/80
Ensure that php configuration complies with http/tcp/192.168.18.150/80
Ensure
http://php.net/manual/bg/security.hiding.php http/tcp/192.168.18.150/80
Ensure
HTTP servers that use the asynchronous I/Ohttp/tcp/192.168.18.150/80
technique are not vulnerable to this attack. Some of those servers are: lighttpd, n
Disable
netbios-ns/udp/192.168.18.48/137
Disable
netbios-ssn/tcp/192.168.18.48/139
_x000D_
netbios-ssn/tcp/192.168.18.48/139
Ensure
netbios-ssn/tcp/192.168.18.48/139
Disable
Disable
netbios-ssn/tcp/192.168.18.48/139
Ensure
http://httpd.apache.org/docs/2.4/ssl/ssl_howto.html_x000D_
_x000D_ https/tcp/192.168.18.48/443
already exist.
already exist.
Review
already exist.
already exist.
Administrators.
_x000D_
and Administrators.
_x000D_
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.48/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.48/139
already exist.
on Success.
To modify
already exist.
_x000D_ on Success.
Otherwise,
already exist.
netbios-ssn/tcp/192.168.18.48/139
already exist.
9. Adjust this audit policy value as necessary_x000D_
_x000D_
already exist.
Otherwise,
_x000D_
Set theor
9. Add Audit Privilege
remove Useaspolicy
groups to audit on
necessary_x000D_netbios-ssn/tcp/192.168.18.48/139
Failure.
10. Click
This
9. Addkeyormay needsubsystem
names does not
netbios-ssn/tcp/192.168.18.48/139
already exist.
necessary_x000D_
This key
not already exist.
already exist.
This
9. keyormay
Add needgroups
already exist.
10. Click
Then
netbios-ssn/tcp/192.168.18.48/139
Then
_x000D_set the Audit Account Management policy netbios-ssn/tcp/192.168.18.48/139
already exist.
Users.
Consult
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.48/139
already exist.
Then
_x000D_set the Audit Account Logon Events policynetbios-ssn/tcp/192.168.18.48/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.48/139
already exist.
Then
netbios-ssn/tcp/192.168.18.48/139
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.48/139
already exist.
already exist.
_x000D_
to Administrators.
Administrators.
_x000D_
This
already exist.
10. Click
This
already exist.
1026/TCP._x000D_
loc-srv/tcp/192.168.18.48/135
_x000D_
Note:
_x000D_Configure the server to support the latest https/tcp/192.168.18.48/443
Passwords
e
netbios-ssn/tcp/192.168.18.48/139
Informational script unaware
McAfee is currently to displayofalla detecte netbios-ssn/tcp/192.168.18.48/139
netbios-ssn/tcp/192.168.18.48/139
Ensure
Ensure
Ensure that
that this
this policy
policy setting
setting is consistent netbios-ssn/tcp/192.168.18.48/139
is consistent with
with the
the requirements
requirements of
of your
your enterprise
enterprise security
security policy.
policy._x000D_
netbios-ssn/tcp/192.168.18.48/139
already exist.
netbios-ssn/tcp/192.168.18.48/139
Ensure
netbios-ssn/tcp/192.168.18.48/139
McAfee
To modifyAvert
this Labs is not
setting, awarethe
change of "EnableICMPRedirect"
a vendonetbios-ssn/tcp/192.168.18.48/139
Accounts added to the Administrators groupnetbios-ssn/tcp/192.168.18.48/139
netbios-ssn/tcp/192.168.18.48/139
McAfee
netbios-ssn/tcp/192.168.18.48/139
netbios-ssn/tcp/192.168.18.48/139
Review
McAfeereport output
is currently to determine
unaware if any innetbios-ssn/tcp/192.168.18.48/139
netbios-ssn/tcp/192.168.18.48/139
netbios-ssn/tcp/192.168.18.48/139
Ensure
Ensure existing
that thislocal groups
policy are
setting is necessary
netbios-ssn/tcp/192.168.18.48/139
e
McAfee
_x000D_
This key is
McAfee may need tounaware
currently be created
of aifvendor-supplied
it does not
netbios-ssn/tcp/192.168.18.48/139
already exist.
netbios-ssn/tcp/192.168.18.48/139
netbios-ssn/tcp/192.168.18.48/139
o
_x000D_
https/tcp/192.168.18.48/443
Ensure
_x000D_ that the list of file extension handl http/tcp/192.168.18.48/80;https/tcp/192.168.18.48/443
Note: Conceal
_x000D_ http/tcp/192.168.18.48/80
the IIS Server status by modifying the banner.
http/tcp/192.168.18.48/80
for Microsoft IIS.
_x000D_
Name" setting.
Ensure
Contact
netbios-ns/udp/192.168.18.38/137
http/tcp/192.168.18.38/80;http/tcp/192.168.18.38/8080;https/tcp/192.168.18.38/
Disable
netbios-ssn/tcp/192.168.18.38/139
Ensure
netbios-ssn/tcp/192.168.18.38/139
Ensure
Ensure
netbios-ssn/tcp/192.168.18.38/139
Ensure
If
_x000D_ is set to 1, upon a cdrom disc being
Autorun netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
Disable
already exist.
_x000D_ on Success.
already exist.
This key
not already exist.
already exist.
Set the
netbios-ssn/tcp/192.168.18.38/139
already exist.
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.38/139
already exist.
already exist.
_x000D_
already exist.
This key
netbios-ssn/tcp/192.168.18.38/139
already exist.
already exist.
Review
This key
netbios-ssn/tcp/192.168.18.38/139
already exist.
This keyormay
9. Add needsubsystem
names does not
netbios-ssn/tcp/192.168.18.38/139
already exist.
necessary_x000D_
already exist.
_x000D_
already exist.
_x000D_
already exist.
Otherwise,
Then
9. Addset
orthe Auditgroups
remove Account as Management
necessary_x000D_policy
netbios-ssn/tcp/192.168.18.38/139
9. Add or remove groups as necessary_x000D_ netbios-ssn/tcp/192.168.18.38/139
_x000D_ Users.
_x000D_ logon to the system with administrator privileges and correct the policy violation.
already exist.
_x000D_
already exist.
_x000D_
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.38/139
already exist.
to Administrators.
_x000D_
already exist.
Set the
netbios-ssn/tcp/192.168.18.38/139
and Administrators.
already exist.
already exist.
Set the
Failure.
already exist.
_x000D_
Otherwise,
Set the
netbios-ssn/tcp/192.168.18.38/139
Otherwise,
_x000D_ on Success.
Consult
already exist.
already exist.
This key
netbios-ssn/tcp/192.168.18.38/139
already exist.
This keyormay
9. Add needgroups
already exist.
10. Click Apply,
9. Adjust thenpolicy
this audit click value
OK as necessary_x000D_
netbios-ssn/tcp/192.168.18.38/139
10. Click Apply,
9. Adjust then click
this security OK as necessary_x000D_
option netbios-ssn/tcp/192.168.18.38/139
10. Click
already exist.
loc-srv/tcp/192.168.18.38/135
Consider
_x000D_ to use the TLS 1.2 or later protoc https/tcp/192.168.18.38/443
Ensure
However,
This patchMcAfee
has beenis superseded
not aware ofbya MS14-015_x000D_
patch for
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
already exist.
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
McAfee
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
Ensure
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
_x000D_
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
e
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
Disable
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
modify this setting, change the "EnableICMPRedirect" value under the "System\CurrentControlSet\Services\Tcpip\Paramet
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
_x000D_
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
Enable
netbios-ssn/tcp/192.168.18.38/139
Ensure thathas
This patch thisbeen
by MS14-015_x000D_
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
Review report
This patch has output to determine
been superseded if any innetbios-ssn/tcp/192.168.18.38/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
_x000D_
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
McAfee
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
http://www.microsoft.com/net/download_x000D_netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
McAfee
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
http://technet.microsoft.com/en-us/security/bulletin/MS13-029.aspx
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
This
This key may
patch hasneed
beentosuperseded
be created by
if itMS14-015_x000D_
does not
netbios-ssn/tcp/192.168.18.38/139
already exist.
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
McAfee
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
e
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
_x000D_
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
Accounts
This patchadded to the
has been Administrators
superseded group
netbios-ssn/tcp/192.168.18.38/139
by MS14-015_x000D_
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
McAfee
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
Ensure
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
https://technet.microsoft.com/en-us/security/bulletin/ms13-015.aspx
netbios-ssn/tcp/192.168.18.38/139
netbios-ssn/tcp/192.168.18.38/139
http://technet.microsoft.com/en-us/security/bulletin/MS12-072.aspx
netbios-ssn/tcp/192.168.18.38/139
o
_x000D_
Disable
https/tcp/192.168.18.38/443
Ensure that the ASP.NET service is allowedhttp/tcp/192.168.18.38/80;http/tcp/192.168.18.38/8080
Ensure
_x000D_ that the list of file extension handl http/tcp/192.168.18.38/80;http/tcp/192.168.18.38/8080;https/tcp/192.168.18.38/
http://aspnetresources.com/articles/CustomErrorPages.aspx
_x000D_ http/tcp/192.168.18.38/8080;https/tcp/192.168.18.38/443
the banner.
http/tcp/192.168.18.38/80;http/tcp/192.168.18.38/8080
for Microsoft IIS.
Ensure
Note: It is advised to enable "Use Host Header
_x000D_ http/tcp/192.168.18.38/8080
Name" setting.
_x000D_ http/tcp/192.168.18.38/80
Note: It
_x000D_ is advised to delete the Printers http/tcp/192.168.18.38/80
virtual directory.
http/tcp/192.168.18.38/80
Ensure that WebDAV complies with organiza http/tcp/192.168.18.38/80;http/tcp/192.168.18.38/8080
0;http/tcp/192.168.10.114/8080
0;http/tcp/192.168.10.114/8080;http/tcp/192.168.10.114/9090
080;http/tcp/192.168.10.154/10000
0;http/tcp/192.168.10.135/8089
0;http/tcp/192.168.10.135/8089
0;http/tcp/192.168.10.135/8089
0;http/tcp/192.168.10.135/8089
0;http/tcp/192.168.10.135/8089
0;http/tcp/192.168.10.135/8089
0;http/tcp/192.168.10.135/8089
ttps/tcp/192.168.18.38/443
ttps/tcp/192.168.18.38/443
Vul. Nuevas IP Address DNS Name NetBios Nam Asset Label
SI 192.168.10.22 tierradentro.compensar.ccf TIERRADENTR 10000145

SI 192.168.10.70 malibu.compensar.ccf MALIBU 10000205
SI 192.168.10.70 malibu.compensar.ccf MALIBU 10000205
Grupo: SRV
Responsables: Fe
Fecha Escaneo:
Herramienta: Vulne
Asset Criticali Operating Sy Asset Owner Vulnerability
0 Windows Server 2003 (Service Pack 13622

4 Windows Server 2003 R2 (Service P 8672
4 Windows Server 2003 R2 (Service P 8610
SRV APLICACIONES
Fernando Torres
7/10/2014
Vulnerability Manager
Vulnerability Name
(MS12-034) Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
(APSB12-09) Vulnerabilities In Adobe Flash Player
(APSB11-07) Vulnerability In Adobe Flash Player
(MS11-069) Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)
(MS12-074) Microsoft .NET Framework Code Access Security Information Disclosure (2745030)
(MS13-004) Microsoft .Net Framework System Drawing Information Disclosure (2769324)
(MS11-039) Vulnerability In .NET Framework Could Allow Remote Code Execution (KB2514842 )
(MS12-074) Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2745030)
(MS11-100) Vulnerabilities In .NET Framework Could Allow Elevation of Privilege (2638420)
Microsoft Internet Explorer Cache Objects History Enumeration Weakness
(MS12-060) Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573)
Microsoft Internet Explorer CSS 'expression' Remote Denial of Service Vulnerability
(MS13-002) Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)
Microsoft Windows Sticky Keys Vulnerability
(MS09-035) Vulnerabilities In Visual Studio Active Template Library Could Allow Remote Code Execution (969706)
(MS11-044) Microsoft Windows .NET Framework Could Allow Remote Code Execution (2538814)
(MS12-027) Vulnerability In Windows Common Controls Could Allow Remote Code Execution (2664258)
(MS12-016) Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)
(MS12-043) Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479)
(MS12-025) Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
Microsoft Windows Kerberos "Pass The Ticket" Replay Vulnerability
(MS13-004) Vulnerability In .NET Framework Could Allow Elevation Of Privilege (2769324)
(MS09-004) Vulnerability In Microsoft SQL Server Could Allow Remote Code Execution (959420)
Oracle Java SE OpenJDK Hash Table Denial of Service I
(MS11-067) Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)
Update Rollup for ActiveX Kill Bits (2736233)
Sun Java SDK/JDK JRE Web Start Cache Location Information Disclosure Vulnerability
(MS11-078) Vulnerability In .NET Framework And Microsoft Silverlight Could Allow Remote Code Execution (2604930)
(MS12-035) Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)
(MS11-090) Cumulative Security Update of ActiveX Kill Bits (2618451)
(MS12-038) Vulnerability in .NET Framework Could Allow Remote Code Execution (2706726)
(MS11-025) Vulnerability in Microsoft Foundation Class (MFC) Library Could Allow Remote Code Execution (2500212)
Microsoft Windows Local DNS Poisoning Vulnerabilities
Oracle Java SE OpenJDK Hash Table Denial of Service II
(MS13-007) Vulnerability in Open Data Protocol Could Allow Denial of Service (2769327)
(MS08-040) Vulnerabilities In Microsoft SQL Server Could Allow Elevation Of Privilege (941203)
ICMP Timestamp Request Information Disclosure Vulnerability
PHP session Extension Security Bypass Vulnerability
Microsoft IIS Tilde Character Short File Name Disclosure
(MS13-015) Vulnerability in .NET Framework Could Allow Elevation of Privilege (2800277)
Update Rollup for ActiveX Kill Bits (2820197)
(MS13-040) Vulnerabilities In .NET Framework Could Allow Spoofing (2836440)
(MS13-040) Microsoft .NET FrameworkXML Digital Signature Spoofing (2836440)
Microsoft Windows RPCSS Remote Code Execution Vulnerability
Microsoft Windows RPC DCOM and RPCSS Buffer Overflow Vulnerability
Vulnerabilidades: Vul. Nuevas
Altas: 1261 381 880
Medias: 1114 204 910
Bajas: 242 34 208
Informativas: 6211 486 5725
Vulnerability Descriptio Risk Rating Observation Common Vulner Recommendation

patch provided in: MS13-
052_x000D_
The patch for Microsoft .NET
Framework 3.5.1 is superseded by
the patch provided in: MS14-
026_x000D_
The patch for Microsoft .NET
Framework 4.0 is superseded by
the patch provided in: MS13-
052_x000D_
The patch for Microsoft Office 2003
is superseded by the patch
provided in: MS13-096_x000D_
X64 Edition is superseded by the
patch provided in: MS13-
096_x000D_
The patch for Microsoft Silverlight
_x000D_
http://technet.microsoft.com/secur
ity/bulletin/MS14-015_x000D_
ity/bulletin/MS13-054_x000D_
Multiple vulnerabilities exist ity/bulletin/MS13-052_x000D_
in some versions of Microsoft Windows, Office, .NET Fram
_x000D_ http://technet.microsoft.com/secur
The most severe of the flawsity/bulletin/MS14-026_x000D_
lie in the way that specially crafted TrueType font files a
_x000D_ http://technet.microsoft.com/secur
Multiple vulnerabilities High Microsoft
CVE-2011-3402
MS12-034
ity/bulletin/MS13-096
_x000D_ to address these issues. The host appears to be mis
A buffer overflow vulnerHigh The update provided
_x000D_ CVE-2012-0779
by Adobehttp://www.adobe.com/support/security/bulletins/apsb
bulletin APSB12-09 resolves this issue. The target syst
_x000D_
Multiple vulnerabilities
An unspecified Highis present in The
vulnerability update
_x000D_
some provided
versionsCVE-2012-0772
of Adobeby Adobe
Flashhttp://www.adobe.com/support/security/bulletins/apsb
bulletin APSB12-07 resolves these issues. The target s
http://www.adobe.com/support/security/bulletins/apsb
Player and AIR._x000D_
High The update
_x000D_ provided
CVE-2011-0611
by Adobe bulletin
_x000D_ APSB11-07 resolves this issue. The target syst
A information disclosureMedium Microsoft has provided
CVE-2011-1978
MS11-069
to address this issue. The host appears to be missin
_x000D_ _x000D_
Multiple vulnerabilities High The update
_x000D_ provided
CVE-2012-0751
by Adobe
An information disclosurMedium The flaw lies inCVE-2012-1896
_x000D_ the incorrect http://technet.microsoft.com/security/bulletin/MS13-00
sanitization of function output. Successful exploitation c
_x000D_
An information disclosurMedium The flaw
_x000D_ lies inCVE-2013-0001
the handling http://technet.microsoft.com/security/bulletin/MS14-02
of pointers to memory locations. Successful exploitation
_x000D_
Multiple vulnerabilities High The update provided
_x000D_ CVE-2011-2445
by Adobe
_x000D_
A remote code execution High The flaw is caused
_x000D_ CVE-2011-0664
when the http://technet.microsoft.com/security/bulletin/MS13-00
.NET Framework and Microsoft Silverlight improperly val
CVE-2012-1895
MS12-074
to address these issues. The host appears to be mis
Mutiple vulnerabilities High Microsoft
CVE-2011-3414
MS11-100
An information disclosurLow An informationCVE-2002-2435
_x000D_ disclosure vulnerability
M cAfee is currently
_x000D_ is presentunaware
in some ofversions
a vendor-supplied
of Microsoftpatch
Intern
Multiple vulnerabilitie High Microsoft
CVE-2012-1856
MS12-060
A remote denial of serviLow A remote denial of service vulnerability
_x000D_ McAfee
_x000D_is currently
is presentunaware
in someof versions
a vendor-supplied
of Microsoftpatch
Inter
A remote code execution High Microsoft
_x000D_ has CVE-2013-0007
released MS13-002
_x000D_ to address these issues. The host is missing this pat
_x000D_ CVE-2011-2130
by Adobe
A vulnerability in Micro Low Microsoft
The updateWindows
provided2000, XP,McAfee
andpatch
by Microsoft
This Vista
is currently
areMS09-035
bulletin
has affected.
been unaware
superseded of abyvendor-supplied
resolves these issues. Thepatch
MS11-025_x000D_ targe
Multiple vulnerabilities High _x000D_ CVE-2009-0901_x000D_
A remote code execution Medium The flaw lies inCVE-2011-1271
_x000D_ the way Microsoft
.NET Framework validates certain values within an
CVE-2012-0158
MS12-027
CVE-2012-0014
MS12-016
A vulnerability exists i High Microsoft
CVE-2012-1889
MS12-043
_x000D_ to address this issue. The host appears to be missin
_x000D_ provided
CVE-2012-0768
by Adobe
A vulnerability is prese High Microsoft
CVE-2012-0163
MS12-025
A security bypass vulnerLow A security bypass vulnerability
_x000D_ McAfee
is present
_x000D_ is currently
in someunaware
versionsofofaMicrosoft
vendor-supplied
Windows. patch
The
CVE-2013-0001
MS13-004
_x000D_ provided
CVE-2012-5248
by Adobe
_x000D_ CVE-2008-5416
by Microsoft
_x000D_ bulletin MS09-004 resolves these issues. The targe
A remote code execution High The update provided
_x000D_ CVE-2013-0630
by Adobe
bulletin APSB13-01 resolves the issue. The target syst
_x000D_
A denial of service vulneMedium The flaw ishas
Microsoft dueprovided
CVE-2012-2739
to hash functions
http://mail.openjdk.java.net/pipermail/core-libs-dev/201
MS11-067 are not sufficiently
to address randomized.
this issue. Successful
The host appears exploitati
to be missin
A information disclosureMedium _x000D_ CVE-2011-1976 _x000D_
Multiple remote code exe Medium Multiple
_x000D_ remote code execution
vulnerabilities are present in some versions of Cisco
_x000D_
_x000D_ CVE-2012-5274
by Adobe
_x000D_
An information disclosuLow An informationCVE-2007-5238
_x000D_ disclosure vulnerability
is present in some versions of Sun Microsystem
CVE-2011-1253
MS11-078
CVE-2012-0160
MS12-035
A memory corruption vuln High The update provided
_x000D_ CVE-2011-2110
by Adobe
_x000D_
An unspecified vulnerabiHigh The update provided
_x000D_ CVE-2011-0609
by Adobe
Thisbulletin
patch has APSB11-05 resolves this
been superseded issue. The target syst
by MS13-090_x000D_
A remote code execution High The flaw
_x000D_ lies inCVE-2011-3397
the binary behavior
_x000D_ of Internet Explorer. Successful exploitation could
_x000D_ CVE-2011-2426
by Adobe
Thisbulletin
patch has APSB11-26 resolves these
been superseded issues. The target s
by MS13-015_x000D_
A vulnerability exists i High Microsoft
CVE-2012-1855
MS12-038
_x000D_ to address this issue. The host appears to be missin
_x000D_ provided
CVE-2013-0633
by Adobe
_x000D_ APSB13-04 resolves the issue. The target syst
bulletin
CVE-2010-3190
MS11-025
_x000D_ CVE-2012-5676
by Adobe
bulletin
McAfee APSB12-27
is currently resolves
unaware of these issues. The target
a vendor-supplied patchs
Multiple DNS poisoning Low Multiple
_x000D_ DNS poisoning vulnerabilities
_x000D_ are present in some versions of Microsoft Wind
A cross site scripting vu Medium The update provided
_x000D_ CVE-2011-2107
by Adobe
A denial of service vulneMedium The flaw
_x000D_ is due CVE-2012-5373
to hash functions
M cAfee
_x000D_are isnot
currently
sufficiently
unaware
randomized.
of a vendor-supplied
Successful exploitati
patch
A denial of service vuln High Microsoft
CVE-2013-0005
MS13-007
http://technet.microsoft.com/en-us/security/bulletin/ms
Multiple vulnerabilities High Multiple vulnerabilities
CVE-2008-0085
are present
in some versions of SQL Server. The flaws lie in mu
_x000D_ _x000D_
_x000D_ provided
CVE-2011-0624
by Adobe
_x000D_
_x000D_ CVE-2011-0558
by Adobehttp://www.adobe.com/support/security/bulletins/apsb
_x000D_
An information disclosuLow An information CVE-1999-0524
disclosure vulnerability
There is also a safe_mode bypassNote:
_x000D_ The issue
error is
in present
can be
tempnam() in mitigated
some
whensystems
bydirectory
the blocking
supporting
certain
path ICMP
inco
re
passed
PHP
Thereis isprone to a securitLdisclosure
an information ow vulnerability
The samepresent
vulnerability
in some could
versions
alsoofcause
Microsoft
a denial
IIS._x000D_
of service condition. _x000D_
Low _x000D_ _x000D_
A privilege escalation v High The flaw lies inCVE-2013-0073
the handling https://technet.microsoft.com/en-us/security/bulletin/m
of the permissions of the callback function. Successful ex
_x000D_
Unknown vulnerabilitiesMedium Unknown
_x000D_ vulnerabilities are http://technet.microsoft.com/en-au/security/advisory/2
p patch has been superseded by MS13-082_x000D_
This
Multiple security bypassHigh Microsoft
CVE-2013-1336
MS13-040
to address
This patch has beenthese issues. The
superseded byhost appears to be mis
MS13-082_x000D_
A spoofing vulnerabilityMedium The flaw is dueCVE-2013-1336
_x000D_ to the signature
of a specially crafted XML file is not properly validated
_x000D_
A buffer overflow vulnerHigh A buffer overflow
_x000D_ CVE-2003-0995
vulnerability
is present in some versions of Microsoft Windows ope
_x000D_
A buffer overflow vulnerHigh CVE-2003-0528
A buffer overflow vulnerability
is present in some versions of Microsoft RPC service. A
First Found Last Found
support/security/bulletins/apsb12-09.html
support/security/bulletins/apsb11-07.html_x000D_
.com/security/bulletin/MS13-004
.com/security/bulletin/MS14-026_x000D_
ware of a vendor-supplied patch or update
ware of aby
erseded vendor-supplied
MS11-025_x000D_patch or update
net/pipermail/core-libs-dev/2012-May/010238.html
.com/security/bulletin/ms11-067_x000D_
.com/en-us/security/advisory/2736233
n/download/manual.jsp
erseded by MS13-090_x000D_
.com/security/bulletin/ms11-025
ware of a vendor-supplied patch or update (04/25/2014)_x000D_
.com/en-us/security/bulletin/ms13-007.aspx
mitigated by blocking certain incoming ICMP requests to the system.
.com/kb/142982/en-us_x000D_
ft.com/en-us/security/bulletin/ms13-015
.com/en-au/security/advisory/2820197
.com/security/bulletin/ms03-039
Services
oming ICMP requests to the system.
http/tcp/192.168.10.22/80
http/tcp/192.168.10.22/80
netbios-ssn/tcp/192.168.10.70/139
netbios-ssn/tcp/192.168.10.70/139

Copia de SRV APLICACIONES-08072014

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Copia de SRV APLICACIONES-08072014

Uploaded by

Copyright:

Available Formats

Vuln.

RecommendatFirst Found Last Found Services

SI 192.168.10.22 tierradentro.compensar.ccf TIERRADENTR 10000145

Asset Criticali Operating Sy Asset Owner Vulnerability

0 Windows Server 2003 (Service Pack 13622

Vulnerability Descriptio Risk Rating Observation Common Vulner Recommendation

You might also like