Professional Documents
Culture Documents
Vulnerabilities by Host
• zn.21stprocessing.com..............................................................................................................................................6
Vulnerabilities by Plugin
• 35450 (1) - DNS Server Spoofed Request Amplification DDoS......................................................................... 70
• 10539 (1) - DNS Server Recursive Query Cache Poisoning Weakness............................................................. 72
• 51192 (1) - SSL Certificate Cannot Be Trusted.................................................................................................... 74
• 121479 (1) - web.config File Information Disclosure..........................................................................................76
• 136929 (1) - JQuery 1.2 < 3.5.0 Multiple XSS.......................................................................................................78
• 11219 (3) - Nessus SYN scanner........................................................................................................................... 80
• 22964 (3) - Service Detection................................................................................................................................ 81
• 10107 (2) - HTTP Server Type and Version..........................................................................................................82
• 11002 (2) - DNS Server Detection.........................................................................................................................83
• 24260 (2) - HyperText Transfer Protocol (HTTP) Information............................................................................84
• 39521 (2) - Backported Security Patch Detection (WWW)................................................................................. 86
• 48204 (2) - Apache HTTP Server Version............................................................................................................. 87
• 57323 (2) - OpenSSL Version Detection............................................................................................................... 89
• 100669 (2) - Web Application Cookies Are Expired............................................................................................ 90
• 122364 (2) - Python Remote HTTP Detection..................................................................................................... 92
• 10287 (1) - Traceroute Information...................................................................................................................... 93
• 10302 (1) - Web Server robots.txt Information Disclosure................................................................................94
• 10386 (1) - Web Server No 404 Error Code Check............................................................................................. 95
• 10863 (1) - SSL Certificate Information................................................................................................................ 96
• 11936 (1) - OS Identification..................................................................................................................................98
• 12053 (1) - Host Fully Qualified Domain Name (FQDN) Resolution................................................................. 99
• 18261 (1) - Apache Banner Linux Distribution Disclosure...............................................................................100
• 19506 (1) - Nessus Scan Information.................................................................................................................101
• 21643 (1) - SSL Cipher Suites Supported...........................................................................................................103
• 25220 (1) - TCP/IP Timestamps Supported....................................................................................................... 105
• 31422 (1) - Reverse NAT/Intercepting Proxy Detection....................................................................................106
• 43111 (1) - HTTP Methods Allowed (per directory).......................................................................................... 108
• 45590 (1) - Common Platform Enumeration (CPE)...........................................................................................110
• 46180 (1) - Additional DNS Hostnames............................................................................................................. 111
• 54615 (1) - Device Type........................................................................................................................................113
• 56984 (1) - SSL / TLS Versions Supported......................................................................................................... 114
• 57041 (1) - SSL Perfect Forward Secrecy Cipher Suites Supported................................................................115
• 84502 (1) - HSTS Missing From HTTPS Server.................................................................................................. 117
• 106658 (1) - JQuery Detection.............................................................................................................................118
• 136318 (1) - TLS Version 1.2 Protocol Detection.............................................................................................. 119
• 156439 (1) - jQuery UI Detection........................................................................................................................ 120
Vulnerabilities by Host
Remediations
• Suggested Remediations......................................................................................................................................123
Vulnerabilities by Host
• zn.21stprocessing.com......................................................................................................................................... 142
Overview
• Vulnerability Instances: all and exploitable, by severity.................................................................................. 145
0 1 4 0 43
CRITICAL HIGH MEDIUM LOW INFO
Scan Information
Host Information
Vulnerabilities
35450 - DNS Server Spoofed Request Amplification DDoS
Synopsis
The remote DNS server could be used in a distributed denial of service attack.
Description
The remote DNS server answers to any request. It is possible to query the name servers (NS) of the root
zone ('.') and get an answer that is bigger than the original request. By spoofing the source IP address, a
remote attacker can leverage this 'amplification' to launch a denial of service attack against a third-party
host using the remote DNS server.
See Also
https://isc.sans.edu/diary/DNS+queries+for+/5713
Solution
Restrict access to your DNS server from public network or reconfigure it to reject such queries.
Risk Factor
Medium
zn.21stprocessing.com 6
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2006-0987
Plugin Information
Plugin Output
udp/53/dns
The DNS query was 17 bytes long, the answer is 228 bytes long.
zn.21stprocessing.com 7
10539 - DNS Server Recursive Query Cache Poisoning Weakness
Synopsis
The remote name server allows recursive queries to be performed by the host running nessusd.
Description
If this is your internal nameserver, then the attack vector may be limited to employees or guest access if
allowed.
If you are probing a remote nameserver, then it allows anyone to use it to resolve third party names (such
as www.nessus.org).
This allows attackers to perform cache poisoning attacks against this nameserver.
If the host allows these recursive queries via UDP, then the host can be used to 'bounce' Denial of Service
attacks against another network or system.
See Also
http://www.nessus.org/u?c4dcf24a
Solution
Restrict recursive queries to the hosts that should use this nameserver (such as those of the LAN
connected to it).
If you are using bind 8, you can do this by using the instruction 'allow-recursion' in the 'options' section of
your named.conf.
If you are using bind 9, you can define a grouping of internal addresses using the 'acl' command.
Risk Factor
Medium
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 (CVSS2#E:U/RL:OF/RC:C)
zn.21stprocessing.com 8
References
BID 136
BID 678
CVE CVE-1999-0024
XREF CERT-CC:CA-1997-22
Plugin Information
Plugin Output
udp/53/dns
zn.21stprocessing.com 9
136929 - JQuery 1.2 < 3.5.0 Multiple XSS
Synopsis
The remote web server is affected by multiple cross site scripting vulnerability.
Description
According to the self-reported version in the script, the version of JQuery hosted on the remote web server
is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting
vulnerabilities.
Note, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios
required for successful exploitation do not exist on devices running a PAN-OS release.
See Also
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://security.paloaltonetworks.com/PAN-SA-2020-0007
Solution
Risk Factor
Medium
6.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.5 (CVSS:3.0/E:P/RL:O/RC:C)
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.4 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
II
zn.21stprocessing.com 10
References
CVE CVE-2020-11022
CVE CVE-2020-11023
XREF IAVB:2020-B-0030
Plugin Information
Plugin Output
tcp/443/www
URL : https://zn.21stprocessing.com/js/jquery.js
Installed version : 1.12.4
Fixed version : 3.5.0
zn.21stprocessing.com 11
51192 - SSL Certificate Cannot Be Trusted
Synopsis
Description
The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which
the chain of trust can be broken, as stated below :
- First, the top of the certificate chain sent by the server might not be descended from a known public
certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are missing that would connect the top of the certificate chain
to a known public certificate authority.
- Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a
signing algorithm that Nessus either does not support or does not recognize.
If the remote host is a public host in production, any break in the chain makes it more difficult for users
to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-
middle attacks against the remote host.
See Also
https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509
Solution
Risk Factor
Medium
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
zn.21stprocessing.com 12
Plugin Information
Plugin Output
tcp/443/www
zn.21stprocessing.com 13
121479 - web.config File Information Disclosure
Synopsis
The remote web server hosts an application that is affected by an information disclosure vulnerability.
Description
An information disclosure vulnerability exists in the remote web server due to the disclosure of the
web.config file. An unauthenticated, remote attacker can exploit this, via a simple GET request, to disclose
potentially sensitive configuration information.
Solution
Ensure proper restrictions are in place, or remove the web.config file if the file is not required.
Risk Factor
Medium
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information
Plugin Output
tcp/443/www
Nessus was able to exploit the issue using the following request :
zn.21stprocessing.com 14
Download: https://www.microsoft.com/en-us/download/details.aspx?id=47337
Debug Help: https://docs.microsoft.com/en-us/iis/extensions/url-rewrite-module/using-failed-request-
tracing-to-trace-rewrite-rules
-->
[...]
zn.21stprocessing.com 15
46180 - Additional DNS Hostnames
Synopsis
Description
Hostnames different from the current hostname have been collected by miscellaneous plugins. Nessus
has generated a list of hostnames that point to the remote host. Note that these are only the alternate
hostnames for vhosts discovered on a web server.
See Also
https://en.wikipedia.org/wiki/Virtual_hosting
Solution
If you want to test them, re-scan using the special vhost syntax, such as :
www.example.com[192.0.32.10]
Risk Factor
None
Plugin Information
Plugin Output
tcp/0
zn.21stprocessing.com 16
zn.21stprocessing.com 17
18261 - Apache Banner Linux Distribution Disclosure
Synopsis
The name of the Linux distribution running on the remote host was found in the banner of the web server.
Description
Nessus was able to extract the banner of the Apache web server and determine which Linux distribution
the remote host is running.
Solution
If you do not wish to display this information, edit 'httpd.conf' and set the directive 'ServerTokens Prod' and
restart Apache.
Risk Factor
None
Plugin Information
Plugin Output
tcp/0
zn.21stprocessing.com 18
48204 - Apache HTTP Server Version
Synopsis
It is possible to obtain the version number of the remote Apache HTTP server.
Description
The remote host is running the Apache HTTP Server, an open source web server. It was possible to read the
version number from the banner.
See Also
https://httpd.apache.org/
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0530
Plugin Information
Plugin Output
tcp/80/www
URL : http://zn.21stprocessing.com/
Version : 2.4.6
backported : 1
modules : OpenSSL/1.0.2zzzz-fips mod_wsgi/3.4 Python/2.7.5
os : CentOS
zn.21stprocessing.com 19
48204 - Apache HTTP Server Version
Synopsis
It is possible to obtain the version number of the remote Apache HTTP server.
Description
The remote host is running the Apache HTTP Server, an open source web server. It was possible to read the
version number from the banner.
See Also
https://httpd.apache.org/
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0530
Plugin Information
Plugin Output
tcp/443/www
URL : https://zn.21stprocessing.com/
Version : 2.4.6
backported : 1
modules : OpenSSL/1.0.2zzzz-fips mod_wsgi/3.4 Python/2.7.5
os : CentOS
zn.21stprocessing.com 20
39521 - Backported Security Patch Detection (WWW)
Synopsis
Description
Security patches may have been 'backported' to the remote HTTP server without changing its version
number.
Note that this test is informational only and does not denote any security problem.
See Also
https://access.redhat.com/security/updates/backporting/?sc_cid=3093
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/80/www
zn.21stprocessing.com 21
39521 - Backported Security Patch Detection (WWW)
Synopsis
Description
Security patches may have been 'backported' to the remote HTTP server without changing its version
number.
Note that this test is informational only and does not denote any security problem.
See Also
https://access.redhat.com/security/updates/backporting/?sc_cid=3093
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
zn.21stprocessing.com 22
45590 - Common Platform Enumeration (CPE)
Synopsis
It was possible to enumerate CPE names that matched on the remote system.
Description
By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform
Enumeration) matches for various hardware and software products found on a host.
Note that if an official CPE is not available for the product, this plugin computes the best possible CPE
based on the information available from the scan.
See Also
http://cpe.mitre.org/
https://nvd.nist.gov/products/cpe
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/0
zn.21stprocessing.com 23
11002 - DNS Server Detection
Synopsis
Description
The remote service is a Domain Name System (DNS) server, which provides a mapping between hostnames
and IP addresses.
See Also
https://en.wikipedia.org/wiki/Domain_Name_System
Solution
Disable this service if it is not needed or restrict access to internal hosts only if the service is available
externally.
Risk Factor
None
Plugin Information
Plugin Output
tcp/53/dns
zn.21stprocessing.com 24
11002 - DNS Server Detection
Synopsis
Description
The remote service is a Domain Name System (DNS) server, which provides a mapping between hostnames
and IP addresses.
See Also
https://en.wikipedia.org/wiki/Domain_Name_System
Solution
Disable this service if it is not needed or restrict access to internal hosts only if the service is available
externally.
Risk Factor
None
Plugin Information
Plugin Output
udp/53/dns
zn.21stprocessing.com 25
54615 - Device Type
Synopsis
Description
Based on the remote operating system, it is possible to determine what the remote system type is (eg: a
printer, router, general-purpose computer, etc).
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/0
zn.21stprocessing.com 26
84502 - HSTS Missing From HTTPS Server
Synopsis
Description
The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional
response header that can be configured on the server to instruct the browser to only communicate via
HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens
cookie-hijacking protections.
See Also
https://tools.ietf.org/html/rfc6797
Solution
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
zn.21stprocessing.com 27
43111 - HTTP Methods Allowed (per directory)
Synopsis
This plugin determines which HTTP methods are allowed on various CGI directories.
Description
By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each
directory.
Many frameworks and languages treat 'HEAD' as a 'GET' request, albeit one without any body in the
response. If a security constraint was set on 'GET' requests such that only 'authenticatedUsers' could access
GET requests for a particular servlet or resource, it would be bypassed for the 'HEAD' version. This allowed
unauthorized blind submission of any privileged GET request.
As this list may be incomplete, the plugin also tests - if 'Thorough tests' are enabled or 'Enable web
applications tests' is set to 'yes'
in the scan policy - various known HTTP methods on each directory and considers them as unsupported if
it receives a response code of 400, 403, 405, or 501.
Note that the plugin output is only informational and does not necessarily indicate the presence of any
security vulnerabilities.
See Also
http://www.nessus.org/u?d9c03a9a
http://www.nessus.org/u?b019cbdb
https://www.owasp.org/index.php/Test_HTTP_Methods_(OTG-CONFIG-006)
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
zn.21stprocessing.com 28
Based on the response to an OPTIONS request :
zn.21stprocessing.com 29
10107 - HTTP Server Type and Version
Synopsis
Description
This plugin attempts to determine the type and the version of the remote web server.
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0931
Plugin Information
Plugin Output
tcp/80/www
zn.21stprocessing.com 30
10107 - HTTP Server Type and Version
Synopsis
Description
This plugin attempts to determine the type and the version of the remote web server.
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0931
Plugin Information
Plugin Output
tcp/443/www
zn.21stprocessing.com 31
12053 - Host Fully Qualified Domain Name (FQDN) Resolution
Synopsis
Description
Nessus was able to resolve the fully qualified domain name (FQDN) of the remote host.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/0
zn.21stprocessing.com 32
24260 - HyperText Transfer Protocol (HTTP) Information
Synopsis
Description
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-
Alive and HTTP pipelining are enabled, etc...
This test is informational only and does not denote any security problem.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/80/www
Response Body :
zn.21stprocessing.com 33
zn.21stprocessing.com 34
24260 - HyperText Transfer Protocol (HTTP) Information
Synopsis
Description
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-
Alive and HTTP pipelining are enabled, etc...
This test is informational only and does not denote any security problem.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
Response Body :
zn.21stprocessing.com 35
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8">
<meta name="keywords" content="Zone Nation Sports - Baseball, Basketball, Soccer, Football,
Cheer, Cornhole, Volleyball ,Sports, Sports Training, Basketball Court, Batting Cages, CT Sports
Teams, CT Baseball, Hittrax, Pitching Tunnel, Birthday Party, Bachelor Party, Graduation Party,
Gym, Sports Conditioning, Travel Baseball, Batting lessons, Hitting lessons, sports camp | sports
clinic">
<meta name="description" content="Zone Nation - Athletic development in CT">
<link rel="icon" type="image/png" href="/favicon.png" />
<title> Run and Gun </title>
<link rel="stylesheet" href="/css/bootstrap.css">
<link rel="stylesheet" href="/css/fonts.css?v= [...]
zn.21stprocessing.com 36
106658 - JQuery Detection
Synopsis
Description
See Also
https://jquery.com/
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
URL : https://zn.21stprocessing.com/js/jquery.js
Version : 1.12.4
zn.21stprocessing.com 37
11219 - Nessus SYN scanner
Synopsis
Description
This plugin is a SYN 'half-open' port scanner. It shall be reasonably quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans against broken services, but they might
cause problems for less robust firewalls and also leave unclosed connections on the remote target, if the
network is loaded.
Solution
Risk Factor
None
Plugin Information
Plugin Output
tcp/53/dns
zn.21stprocessing.com 38
11219 - Nessus SYN scanner
Synopsis
Description
This plugin is a SYN 'half-open' port scanner. It shall be reasonably quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans against broken services, but they might
cause problems for less robust firewalls and also leave unclosed connections on the remote target, if the
network is loaded.
Solution
Risk Factor
None
Plugin Information
Plugin Output
tcp/80/www
zn.21stprocessing.com 39
11219 - Nessus SYN scanner
Synopsis
Description
This plugin is a SYN 'half-open' port scanner. It shall be reasonably quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans against broken services, but they might
cause problems for less robust firewalls and also leave unclosed connections on the remote target, if the
network is loaded.
Solution
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
zn.21stprocessing.com 40
19506 - Nessus Scan Information
Synopsis
Description
This plugin displays, for each tested host, information about the scan itself :
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/0
zn.21stprocessing.com 41
Scan policy used : Basic Network Scan
Scanner IP : 192.168.1.100
Port scanner(s) : nessus_syn_scanner
Port range : default
Ping RTT : 292.058 ms
Thorough tests : no
Experimental tests : no
Plugin debugging enabled : no
Paranoia level : 1
Report verbosity : 1
Safe checks : yes
Optimize the test : yes
Credentialed checks : no
Patch management checks : None
Display superseded patches : yes (supersedence plugin launched)
CGI scanning : disabled
Web application tests : disabled
Max hosts : 30
Max checks : 4
Recv timeout : 5
Backports : Detected
Allow post-scan editing : Yes
Scan Start Date : 2022/7/7 15:06 India Standard Time
Scan duration : 1720 sec
zn.21stprocessing.com 42
11936 - OS Identification
Synopsis
Description
Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP, SNMP, etc.), it is possible to guess
the name of the remote operating system in use. It is also possible sometimes to guess the version of the
operating system.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/0
The remote host is running Linux Kernel 3.10 on CentOS Linux release 7
zn.21stprocessing.com 43
57323 - OpenSSL Version Detection
Synopsis
Description
Nessus was able to extract the OpenSSL version from the web server's banner. Note that security patches
in many cases are backported and the displayed version number does not show the patch level. Using it to
identify vulnerable software is likely to lead to false detections.
See Also
https://www.openssl.org/
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0682
Plugin Information
Plugin Output
tcp/80/www
zn.21stprocessing.com 44
57323 - OpenSSL Version Detection
Synopsis
Description
Nessus was able to extract the OpenSSL version from the web server's banner. Note that security patches
in many cases are backported and the displayed version number does not show the patch level. Using it to
identify vulnerable software is likely to lead to false detections.
See Also
https://www.openssl.org/
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0682
Plugin Information
Plugin Output
tcp/443/www
zn.21stprocessing.com 45
122364 - Python Remote HTTP Detection
Synopsis
Description
Note that the web server may be running on top of Python, or just running an embedded version.
See Also
https://www.python.org/
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/80/www
Path : /
Version : 2.7.5
Backported : 1
Product : Python
zn.21stprocessing.com 46
122364 - Python Remote HTTP Detection
Synopsis
Description
Note that the web server may be running on top of Python, or just running an embedded version.
See Also
https://www.python.org/
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
Path : /
Version : 2.7.5
Backported : 1
Product : Python
zn.21stprocessing.com 47
31422 - Reverse NAT/Intercepting Proxy Detection
Synopsis
The remote IP address seems to connect to different hosts via reverse NAT, or an intercepting proxy is in
the way.
Description
Reverse NAT is a technology which lets multiple computers offer public services on different ports via the
same IP address.
Based on OS fingerprinting results, it seems that different operating systems are listening on different
remote ports.
Note that this behavior may also indicate the presence of a intercepting proxy, a load balancer or a traffic
shaper.
See Also
https://en.wikipedia.org/wiki/Proxy_server#Intercepting_proxy_server
Solution
Risk Factor
None
Plugin Information
Plugin Output
tcp/0
zn.21stprocessing.com 48
zn.21stprocessing.com 49
56984 - SSL / TLS Versions Supported
Synopsis
Description
This plugin detects which SSL and TLS versions are supported by the remote service for encrypting
communications.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
zn.21stprocessing.com 50
10863 - SSL Certificate Information
Synopsis
Description
This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
Subject Name:
Issuer Name:
Country: US
Organization: Let's Encrypt
Common Name: R3
Serial Number: 04 B9 D3 33 8A DB 84 7E D8 91 2B D4 54 A0 E8 62 0D 19
Version: 3
zn.21stprocessing.com 51
0A BF 4E E1 39 8F 48 E3 C9 3E 57 EF 1B D9 F4 E4 DF 3D 8C C0
2F FC ED E6 E2 09 12 9E 1B 4C 91 C8 68 54 00 19 55 CD 28 2B
C4 E7 3E DF F1 B5 DF B8 96 E7 B3 80 A6 AD B6 C2 96 DA 57 3C
EA E6 38 4E F7 8C 3E 55 7C A2 6B EE 28 D2 98 D8 E3
Exponent: 01 00 01
zn.21stprocessing.com 52
21643 - SSL Cipher Suites Supported
Synopsis
Description
This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.
See Also
https://www.openssl.org/docs/man1.1.0/apps/ciphers.html
http://www.nessus.org/u?3a040ada
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
zn.21stprocessing.com 53
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
zn.21stprocessing.com 54
57041 - SSL Perfect Forward Secrecy Cipher Suites Supported
Synopsis
The remote service supports the use of SSL Perfect Forward Secrecy ciphers, which maintain confidentiality
even if the key is stolen.
Description
The remote host supports the use of SSL ciphers that offer Perfect Forward Secrecy (PFS) encryption. These
cipher suites ensure that recorded SSL traffic cannot be broken at a future date if the server's private key is
compromised.
See Also
https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
Here is the list of SSL PFS ciphers supported by the remote server :
zn.21stprocessing.com 55
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
zn.21stprocessing.com 56
22964 - Service Detection
Synopsis
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends
when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/80/www
zn.21stprocessing.com 57
22964 - Service Detection
Synopsis
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends
when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
tcp/443/www
zn.21stprocessing.com 58
25220 - TCP/IP Timestamps Supported
Synopsis
Description
The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that
the uptime of the remote host can sometimes be computed.
See Also
http://www.ietf.org/rfc/rfc1323.txt
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/0
zn.21stprocessing.com 59
136318 - TLS Version 1.2 Protocol Detection
Synopsis
Description
See Also
https://tools.ietf.org/html/rfc5246
Solution
N/A
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
zn.21stprocessing.com 60
10287 - Traceroute Information
Synopsis
Description
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
udp/0
Hop Count: 18
zn.21stprocessing.com 61
100669 - Web Application Cookies Are Expired
Synopsis
HTTP cookies have an 'Expires' attribute that is set with a past date or time.
Description
The remote web application sets various cookies throughout a user's unauthenticated and authenticated
session. However, Nessus has detected that one or more of the cookies have an 'Expires' attribute that is
set with a past date or time, meaning that these cookies will be removed by the browser.
See Also
https://tools.ietf.org/html/rfc6265
Solution
Each cookie should be carefully reviewed to determine if it contains sensitive data or is relied upon for a
security decision.
If needed, set an expiration date in the future so the cookie will persist or remove the Expires cookie
attribute altogether to convert the cookie to a session cookie.
Risk Factor
None
Plugin Information
Plugin Output
tcp/80/www
Name : laravel_session
Path : /
Value :
eyJpdiI6ImdXOHlzbWs5d2FVUVwvbWhqNytKRDR3PT0iLCJ2YWx1ZSI6IllLZkhjY3gwd0VTVzh6YkJFcG5aMytcL2ZYSjRKVTBPQklQSlFjUXE1T
Domain :
Version : 1
Expires : Thu, 07-Jul-2022 11:44:55 GMT
Comment :
Secure : 0
Httponly : 1
Port :
Name : XSRF-TOKEN
Path : /
zn.21stprocessing.com 62
Value :
eyJpdiI6Iis5VGRyUnA5aWlnOFl5dzFUZUVEdHc9PSIsInZhbHVlIjoiS2ZSWEdQaWhjNjA0QmU0V1wvczhlWFJUWW4zRDZRRHNLQzZram9rR3VTK
Domain :
Version : 1
Expires : Thu, 07-Jul-2022 11:44:55 GMT
Comment :
Secure : 0
Httponly : 0
Port :
zn.21stprocessing.com 63
100669 - Web Application Cookies Are Expired
Synopsis
HTTP cookies have an 'Expires' attribute that is set with a past date or time.
Description
The remote web application sets various cookies throughout a user's unauthenticated and authenticated
session. However, Nessus has detected that one or more of the cookies have an 'Expires' attribute that is
set with a past date or time, meaning that these cookies will be removed by the browser.
See Also
https://tools.ietf.org/html/rfc6265
Solution
Each cookie should be carefully reviewed to determine if it contains sensitive data or is relied upon for a
security decision.
If needed, set an expiration date in the future so the cookie will persist or remove the Expires cookie
attribute altogether to convert the cookie to a session cookie.
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
Name : laravel_session
Path : /
Value :
eyJpdiI6ImdXOHlzbWs5d2FVUVwvbWhqNytKRDR3PT0iLCJ2YWx1ZSI6IllLZkhjY3gwd0VTVzh6YkJFcG5aMytcL2ZYSjRKVTBPQklQSlFjUXE1T
Domain :
Version : 1
Expires : Thu, 07-Jul-2022 11:44:55 GMT
Comment :
Secure : 0
Httponly : 1
Port :
Name : XSRF-TOKEN
Path : /
zn.21stprocessing.com 64
Value :
eyJpdiI6Iis5VGRyUnA5aWlnOFl5dzFUZUVEdHc9PSIsInZhbHVlIjoiS2ZSWEdQaWhjNjA0QmU0V1wvczhlWFJUWW4zRDZRRHNLQzZram9rR3VTK
Domain :
Version : 1
Expires : Thu, 07-Jul-2022 11:44:55 GMT
Comment :
Secure : 0
Httponly : 0
Port :
zn.21stprocessing.com 65
10386 - Web Server No 404 Error Code Check
Synopsis
The remote web server does not return 404 error codes.
Description
The remote web server is configured such that it does not return '404 Not Found' error codes when a
nonexistent file is requested, perhaps returning instead a site map, search page or authentication page.
Nessus has enabled some counter measures for this. However, they might be insufficient. If a great
number of security holes are produced for this port, they might not all be accurate.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/80/www
CGI scanning will be disabled for this host because the host responds
to requests for non-existent URLs with HTTP code 301
rather than 404. The requested URL was :
http://zn.21stprocessing.com/WM_bVRpOERQ0.html
zn.21stprocessing.com 66
10302 - Web Server robots.txt Information Disclosure
Synopsis
Description
The remote host contains a file named 'robots.txt' that is intended to prevent web 'robots' from visiting
certain directories in a website for maintenance or indexing purposes. A malicious user may also be able
to use the contents of this file to learn of sensitive documents or directories on the affected site and either
retrieve them directly or target them for other attacks.
See Also
http://www.robotstxt.org/orig.html
Solution
Review the contents of the site's robots.txt file, use Robots META tags instead of entries in the robots.txt
file, and/or adjust the web server's access controls to limit access to sensitive material.
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
Contents of robots.txt :
User-agent: *
Disallow:
zn.21stprocessing.com 67
156439 - jQuery UI Detection
Synopsis
Description
See Also
https://releases.jquery.com/ui/
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
tcp/443/www
URL : https://zn.21stprocessing.com/js/jquery-ui.js
Version : 1.12.1
zn.21stprocessing.com 68
Vulnerabilities by Plugin
35450 (1) - DNS Server Spoofed Request Amplification DDoS
Synopsis
The remote DNS server could be used in a distributed denial of service attack.
Description
The remote DNS server answers to any request. It is possible to query the name servers (NS) of the root
zone ('.') and get an answer that is bigger than the original request. By spoofing the source IP address, a
remote attacker can leverage this 'amplification' to launch a denial of service attack against a third-party
host using the remote DNS server.
See Also
https://isc.sans.edu/diary/DNS+queries+for+/5713
Solution
Restrict access to your DNS server from public network or reconfigure it to reject such queries.
Risk Factor
Medium
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2006-0987
Plugin Information
Plugin Output
zn.21stprocessing.com (udp/53/dns)
Synopsis
The remote name server allows recursive queries to be performed by the host running nessusd.
Description
If this is your internal nameserver, then the attack vector may be limited to employees or guest access if
allowed.
If you are probing a remote nameserver, then it allows anyone to use it to resolve third party names (such
as www.nessus.org).
This allows attackers to perform cache poisoning attacks against this nameserver.
If the host allows these recursive queries via UDP, then the host can be used to 'bounce' Denial of Service
attacks against another network or system.
See Also
http://www.nessus.org/u?c4dcf24a
Solution
Restrict recursive queries to the hosts that should use this nameserver (such as those of the LAN
connected to it).
If you are using bind 8, you can do this by using the instruction 'allow-recursion' in the 'options' section of
your named.conf.
If you are using bind 9, you can define a grouping of internal addresses using the 'acl' command.
Risk Factor
Medium
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 (CVSS2#E:U/RL:OF/RC:C)
BID 136
BID 678
CVE CVE-1999-0024
XREF CERT-CC:CA-1997-22
Plugin Information
Plugin Output
zn.21stprocessing.com (udp/53/dns)
Synopsis
Description
The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which
the chain of trust can be broken, as stated below :
- First, the top of the certificate chain sent by the server might not be descended from a known public
certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are missing that would connect the top of the certificate chain
to a known public certificate authority.
- Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a
signing algorithm that Nessus either does not support or does not recognize.
If the remote host is a public host in production, any break in the chain makes it more difficult for users
to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-
middle attacks against the remote host.
See Also
https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509
Solution
Risk Factor
Medium
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
Plugin Output
zn.21stprocessing.com (tcp/443/www)
Synopsis
The remote web server hosts an application that is affected by an information disclosure vulnerability.
Description
An information disclosure vulnerability exists in the remote web server due to the disclosure of the
web.config file. An unauthenticated, remote attacker can exploit this, via a simple GET request, to disclose
potentially sensitive configuration information.
Solution
Ensure proper restrictions are in place, or remove the web.config file if the file is not required.
Risk Factor
Medium
5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
Nessus was able to exploit the issue using the following request :
Synopsis
The remote web server is affected by multiple cross site scripting vulnerability.
Description
According to the self-reported version in the script, the version of JQuery hosted on the remote web server
is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting
vulnerabilities.
Note, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios
required for successful exploitation do not exist on devices running a PAN-OS release.
See Also
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://security.paloaltonetworks.com/PAN-SA-2020-0007
Solution
Risk Factor
Medium
6.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.5 (CVSS:3.0/E:P/RL:O/RC:C)
4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.4 (CVSS2#E:POC/RL:OF/RC:C)
STIG Severity
II
CVE CVE-2020-11022
CVE CVE-2020-11023
XREF IAVB:2020-B-0030
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
URL : https://zn.21stprocessing.com/js/jquery.js
Installed version : 1.12.4
Fixed version : 3.5.0
Synopsis
Description
This plugin is a SYN 'half-open' port scanner. It shall be reasonably quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans against broken services, but they might
cause problems for less robust firewalls and also leave unclosed connections on the remote target, if the
network is loaded.
Solution
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/53/dns)
zn.21stprocessing.com (tcp/80/www)
zn.21stprocessing.com (tcp/443/www)
Synopsis
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends
when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/80/www)
zn.21stprocessing.com (tcp/443/www)
zn.21stprocessing.com (tcp/443/www)
Synopsis
Description
This plugin attempts to determine the type and the version of the remote web server.
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0931
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/80/www)
zn.21stprocessing.com (tcp/443/www)
Synopsis
Description
The remote service is a Domain Name System (DNS) server, which provides a mapping between hostnames
and IP addresses.
See Also
https://en.wikipedia.org/wiki/Domain_Name_System
Solution
Disable this service if it is not needed or restrict access to internal hosts only if the service is available
externally.
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/53/dns)
zn.21stprocessing.com (udp/53/dns)
Synopsis
Description
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-
Alive and HTTP pipelining are enabled, etc...
This test is informational only and does not denote any security problem.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/80/www)
Response Body :
zn.21stprocessing.com (tcp/443/www)
Response Body :
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8">
<meta name="keywords" content="Zone Nation Sports - Baseball, Basketball, Soccer, Football,
Cheer, Cornhole, Volleyball ,Sports, Sports Training, Basketball Court, Batting Cages, CT Sports
Teams, CT Baseball, Hittrax, Pitching Tunnel, Birthday Party, Bachelor Party, Graduation Party,
Gym, Sports Conditioning, Travel Baseball, Batting lessons, Hitting lessons, sports camp | sports
clinic">
<meta name="description" content="Zone Nation - Athletic development in CT">
<link rel="icon" type="image/png" href="/favicon.png" />
<title> Run and Gun </title>
<link rel="stylesheet" href="/css/bootstrap.css">
<link rel="stylesheet" href="/css/fonts.css?v= [...]
Synopsis
Description
Security patches may have been 'backported' to the remote HTTP server without changing its version
number.
Note that this test is informational only and does not denote any security problem.
See Also
https://access.redhat.com/security/updates/backporting/?sc_cid=3093
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/80/www)
zn.21stprocessing.com (tcp/443/www)
Synopsis
It is possible to obtain the version number of the remote Apache HTTP server.
Description
The remote host is running the Apache HTTP Server, an open source web server. It was possible to read the
version number from the banner.
See Also
https://httpd.apache.org/
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0530
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/80/www)
URL : http://zn.21stprocessing.com/
Version : 2.4.6
backported : 1
modules : OpenSSL/1.0.2zzzz-fips mod_wsgi/3.4 Python/2.7.5
os : CentOS
zn.21stprocessing.com (tcp/443/www)
URL : https://zn.21stprocessing.com/
Version : 2.4.6
backported : 1
modules : OpenSSL/1.0.2zzzz-fips mod_wsgi/3.4 Python/2.7.5
Synopsis
Description
Nessus was able to extract the OpenSSL version from the web server's banner. Note that security patches
in many cases are backported and the displayed version number does not show the patch level. Using it to
identify vulnerable software is likely to lead to false detections.
See Also
https://www.openssl.org/
Solution
n/a
Risk Factor
None
References
XREF IAVT:0001-T-0682
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/80/www)
zn.21stprocessing.com (tcp/443/www)
Synopsis
HTTP cookies have an 'Expires' attribute that is set with a past date or time.
Description
The remote web application sets various cookies throughout a user's unauthenticated and authenticated
session. However, Nessus has detected that one or more of the cookies have an 'Expires' attribute that is
set with a past date or time, meaning that these cookies will be removed by the browser.
See Also
https://tools.ietf.org/html/rfc6265
Solution
Each cookie should be carefully reviewed to determine if it contains sensitive data or is relied upon for a
security decision.
If needed, set an expiration date in the future so the cookie will persist or remove the Expires cookie
attribute altogether to convert the cookie to a session cookie.
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/80/www)
Name : laravel_session
Path : /
Value :
eyJpdiI6ImdXOHlzbWs5d2FVUVwvbWhqNytKRDR3PT0iLCJ2YWx1ZSI6IllLZkhjY3gwd0VTVzh6YkJFcG5aMytcL2ZYSjRKVTBPQklQSlFjUXE1T
Domain :
Version : 1
Expires : Thu, 07-Jul-2022 11:44:55 GMT
Comment :
Secure : 0
Httponly : 1
Port :
Name : XSRF-TOKEN
zn.21stprocessing.com (tcp/443/www)
Name : laravel_session
Path : /
Value :
eyJpdiI6ImdXOHlzbWs5d2FVUVwvbWhqNytKRDR3PT0iLCJ2YWx1ZSI6IllLZkhjY3gwd0VTVzh6YkJFcG5aMytcL2ZYSjRKVTBPQklQSlFjUXE1T
Domain :
Version : 1
Expires : Thu, 07-Jul-2022 11:44:55 GMT
Comment :
Secure : 0
Httponly : 1
Port :
Name : XSRF-TOKEN
Path : /
Value :
eyJpdiI6Iis5VGRyUnA5aWlnOFl5dzFUZUVEdHc9PSIsInZhbHVlIjoiS2ZSWEdQaWhjNjA0QmU0V1wvczhlWFJUWW4zRDZRRHNLQzZram9rR3VTK
Domain :
Version : 1
Expires : Thu, 07-Jul-2022 11:44:55 GMT
Comment :
Secure : 0
Httponly : 0
Port :
Synopsis
Description
Note that the web server may be running on top of Python, or just running an embedded version.
See Also
https://www.python.org/
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/80/www)
Path : /
Version : 2.7.5
Backported : 1
Product : Python
zn.21stprocessing.com (tcp/443/www)
Path : /
Version : 2.7.5
Backported : 1
Product : Python
Synopsis
Description
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (udp/0)
Hop Count: 18
Synopsis
Description
The remote host contains a file named 'robots.txt' that is intended to prevent web 'robots' from visiting
certain directories in a website for maintenance or indexing purposes. A malicious user may also be able
to use the contents of this file to learn of sensitive documents or directories on the affected site and either
retrieve them directly or target them for other attacks.
See Also
http://www.robotstxt.org/orig.html
Solution
Review the contents of the site's robots.txt file, use Robots META tags instead of entries in the robots.txt
file, and/or adjust the web server's access controls to limit access to sensitive material.
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
Contents of robots.txt :
User-agent: *
Disallow:
Synopsis
The remote web server does not return 404 error codes.
Description
The remote web server is configured such that it does not return '404 Not Found' error codes when a
nonexistent file is requested, perhaps returning instead a site map, search page or authentication page.
Nessus has enabled some counter measures for this. However, they might be insufficient. If a great
number of security holes are produced for this port, they might not all be accurate.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/80/www)
CGI scanning will be disabled for this host because the host responds
to requests for non-existent URLs with HTTP code 301
rather than 404. The requested URL was :
http://zn.21stprocessing.com/WM_bVRpOERQ0.html
Synopsis
Description
This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
Subject Name:
Issuer Name:
Country: US
Organization: Let's Encrypt
Common Name: R3
Serial Number: 04 B9 D3 33 8A DB 84 7E D8 91 2B D4 54 A0 E8 62 0D 19
Version: 3
Synopsis
Description
Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP, SNMP, etc.), it is possible to guess
the name of the remote operating system in use. It is also possible sometimes to guess the version of the
operating system.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/0)
The remote host is running Linux Kernel 3.10 on CentOS Linux release 7
Synopsis
Description
Nessus was able to resolve the fully qualified domain name (FQDN) of the remote host.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/0)
Synopsis
The name of the Linux distribution running on the remote host was found in the banner of the web server.
Description
Nessus was able to extract the banner of the Apache web server and determine which Linux distribution
the remote host is running.
Solution
If you do not wish to display this information, edit 'httpd.conf' and set the directive 'ServerTokens Prod' and
restart Apache.
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/0)
Synopsis
Description
This plugin displays, for each tested host, information about the scan itself :
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/0)
Synopsis
Description
This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.
See Also
https://www.openssl.org/docs/man1.1.0/apps/ciphers.html
http://www.nessus.org/u?3a040ada
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Synopsis
Description
The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that
the uptime of the remote host can sometimes be computed.
See Also
http://www.ietf.org/rfc/rfc1323.txt
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/0)
Synopsis
The remote IP address seems to connect to different hosts via reverse NAT, or an intercepting proxy is in
the way.
Description
Reverse NAT is a technology which lets multiple computers offer public services on different ports via the
same IP address.
Based on OS fingerprinting results, it seems that different operating systems are listening on different
remote ports.
Note that this behavior may also indicate the presence of a intercepting proxy, a load balancer or a traffic
shaper.
See Also
https://en.wikipedia.org/wiki/Proxy_server#Intercepting_proxy_server
Solution
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/0)
Synopsis
This plugin determines which HTTP methods are allowed on various CGI directories.
Description
By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each
directory.
Many frameworks and languages treat 'HEAD' as a 'GET' request, albeit one without any body in the
response. If a security constraint was set on 'GET' requests such that only 'authenticatedUsers' could access
GET requests for a particular servlet or resource, it would be bypassed for the 'HEAD' version. This allowed
unauthorized blind submission of any privileged GET request.
As this list may be incomplete, the plugin also tests - if 'Thorough tests' are enabled or 'Enable web
applications tests' is set to 'yes'
in the scan policy - various known HTTP methods on each directory and considers them as unsupported if
it receives a response code of 400, 403, 405, or 501.
Note that the plugin output is only informational and does not necessarily indicate the presence of any
security vulnerabilities.
See Also
http://www.nessus.org/u?d9c03a9a
http://www.nessus.org/u?b019cbdb
https://www.owasp.org/index.php/Test_HTTP_Methods_(OTG-CONFIG-006)
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
Synopsis
It was possible to enumerate CPE names that matched on the remote system.
Description
By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform
Enumeration) matches for various hardware and software products found on a host.
Note that if an official CPE is not available for the product, this plugin computes the best possible CPE
based on the information available from the scan.
See Also
http://cpe.mitre.org/
https://nvd.nist.gov/products/cpe
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/0)
Synopsis
Description
Hostnames different from the current hostname have been collected by miscellaneous plugins. Nessus
has generated a list of hostnames that point to the remote host. Note that these are only the alternate
hostnames for vhosts discovered on a web server.
See Also
https://en.wikipedia.org/wiki/Virtual_hosting
Solution
If you want to test them, re-scan using the special vhost syntax, such as :
www.example.com[192.0.32.10]
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/0)
Synopsis
Description
Based on the remote operating system, it is possible to determine what the remote system type is (eg: a
printer, router, general-purpose computer, etc).
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/0)
Synopsis
Description
This plugin detects which SSL and TLS versions are supported by the remote service for encrypting
communications.
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
Synopsis
The remote service supports the use of SSL Perfect Forward Secrecy ciphers, which maintain confidentiality
even if the key is stolen.
Description
The remote host supports the use of SSL ciphers that offer Perfect Forward Secrecy (PFS) encryption. These
cipher suites ensure that recorded SSL traffic cannot be broken at a future date if the server's private key is
compromised.
See Also
https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
Here is the list of SSL PFS ciphers supported by the remote server :
57041 (1) - SSL Perfect Forward Secrecy Cipher Suites Supported 115
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
57041 (1) - SSL Perfect Forward Secrecy Cipher Suites Supported 116
84502 (1) - HSTS Missing From HTTPS Server
Synopsis
Description
The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional
response header that can be configured on the server to instruct the browser to only communicate via
HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens
cookie-hijacking protections.
See Also
https://tools.ietf.org/html/rfc6797
Solution
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
Synopsis
Description
See Also
https://jquery.com/
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
URL : https://zn.21stprocessing.com/js/jquery.js
Version : 1.12.4
Synopsis
Description
See Also
https://tools.ietf.org/html/rfc5246
Solution
N/A
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
Synopsis
Description
See Also
https://releases.jquery.com/ui/
Solution
n/a
Risk Factor
None
Plugin Information
Plugin Output
zn.21stprocessing.com (tcp/443/www)
URL : https://zn.21stprocessing.com/js/jquery-ui.js
Version : 1.12.1
No Results: 134
OS Detections Report
System administrators and the security team work together to identify
systems at the most risk. A good first step is to understand the operating
systems in the network. This report provides a summary of the most
prevalent operating systems on the network.
OS Detections: Counts by Confidence Level
Nessus leverages several attributes such as "operating-system", "operating-system-
unsupported", "os" and "operating-system-conf" to group the hosts into different OS
families. In doing so this report organizes the system counts first using a matrix style
table, that displays rows by the confidence level and then by an OS family using
columns. The All column displays the total count of plugin present at the respective
Confidence Level. The Windows, MacOS, and Linux, columns filter based on the key
words "windows", "mac", or "linux". The Other column will match on anything that does
match the aforementioned key words.
Confidence All Windows MacOS Linux Other
0-9 0 0 0 0 0
10 - 19 0 0 0 0 0
20 - 29 0 0 0 0 0
30 - 39 0 0 0 0 0
40 - 49 0 0 0 0 0
50 - 59 0 0 0 0 0
60 - 69 0 0 0 0 0
70 - 79 0 0 0 0 0
80 - 89 0 0 0 0 0
90 - 100 1 0 0 1 0
Totals
1 0 0 1 0
HIGH 1 0 0 1 0
MEDIUM 0 0 0 0 0
LOW 0 0 0 0 0
INFO 0 0 0 0 0
Totals
1 0 0 1 0
No Results: 140
Vulnerabilities by Host
zn.21stprocessing.com
0 1 4 0 31
CRITICAL HIGH MEDIUM LOW INFO
Vulnerabilities Total: 36
MEDIUM 5.0* 10539 DNS Server Recursive Query Cache Poisoning Weakness
INFO N/A 12053 Host Fully Qualified Domain Name (FQDN) Resolution
zn.21stprocessing.com 142
INFO N/A 19506 Nessus Scan Information
INFO N/A 57041 SSL Perfect Forward Secrecy Cipher Suites Supported
* indicates the v3.0 score was not available; the v2.0 score is shown
zn.21stprocessing.com 143
Overview
The Overview section contains two matrices that provide summary counts,
by severity, using VPR or CVSS. Within each cell there is a number for
the vulnerability count, and in parentheses the count of exploitable
vulnerabilities. Also provided is the count based on severity level.
Vulnerability Instances: all and exploitable, by severity
VPR: all(exploitable)
No Results: 147
No Results:
No Results: 148
Top 10 High Vulnerabilities
The two tables in this chapter provide a top ' + limit + ' vulnerabilities
grouped using the High VPR or High CVSS. For VPR and CVSS v3.0 the
rating is 7.0 - 8.9, for CVSS v2.0 the rating is 7.0 - 9.9. The vulnerabilities
identified using VPR are the most active in the wild and based on an
in-depth threat analysis are considered the most critical to mitigate.
Traditionally, the method for identifying risk was most commonly with CVSS
v3.0 or CVSS v2.0. While each still remain very important, and should be
mitigated, these vulnerabilities are not given the same context as VPR
identified vulnerabilities.
No Results:
No Results: 150
Top 10 High Vulnerabilities: (CVSS v3.0)
Top 10 most prevalent high vulnerabilities
Plugin Plugin Name Plugin CVSS v3.0 Known Publication Count
ID Family Exploit? Date
DNS 7.5 - 2006/02/28 1
35450 DNS Server Spoofed Request
Amplification DDoS
* indicates the v3.0 score was not available; the v2.0 score is shown
* indicates the v3.0 score was not available; the v2.0 score is shown