PCIScanResult20240626

Scan Results
06/27/2024
The scan was started on June 26, 2024 at 08:32 am GMT and took 01:59:52 to complete. The scan was run against the following IP addresses:
Not a certified PCI report

IP/DNS Scanned
14.194.146.82
115.242.131.6
The scan option profile used includes:
Scan Settings Advanced Settings

Scanned TCP Ports Full Host Discovery TCP Standard Scan
Scanned UDP Ports Standard Scan UDP Standard Scan
Scan Dead Hosts Off ICMP On
Load Balancer Detection Off Ignore RST packets Off
Password Brute Forcing Standard Ignore firewall-generated SYN-ACK packets Off
Vulnerability Detection Complete ACK/SYN-ACK packets during discovery Send
Windows Authentication Disabled
SSH Authentication Disabled
Oracle Authentication Disabled
SNMP Authentication Disabled
Perform 3-way Handshake Off
Overall Performance Custom
Hosts to Scan in Parallel-External Scanner 15
Hosts to Scan in Parallel-Scanner Appliances 15
Processes to Run in Parallel-Total 10
Processes to Run in Parallel-HTTP 10
Packet (Burst) Delay Medium
Scan Results page 1

Report Summary
Company: Solugenix Corp
User: IT Support
Template Title: Scan Results
Active Hosts: 1
Total Hosts: 2
Scan Type: On Demand
Scan Status: Finished
Scan Title: IP Scan
Scan Date: 06/26/2024 at 08:32:35
Reference: scan/1719390776.91012
Scanner Appliance: 64.39.111.186 (Scanner 12.18.23-1, Vulnerability Signatures 2.6.81-3)
Duration: 01:59:52
Options: Payment Card Industry (PCI) Options
Target: 14.194.146.82, 115.242.131.6
Summary of Vulnerabilities
Vulnerabilities Total 37 Average Security Risk 3.0
by Severity
Severity Confirmed Potential Information Gathered Total
5 0 0 0 0
4 0 0 0 0
3 1 0 2 3
2 1 0 2 3
1 0 0 31 31
Total 2 0 35 37
by PCI Severity
PCI Severity Confirmed Potential Total
High 0 0 0
Medium 1 0 1
Low 1 0 1
Total 2 0 2
Scan Results page 2

Vulnerabilities by PCI Severity
Potential Vulnerabilities by PCI Severity
Scan Results page 3

Vulnerabilities by Severity
Potential Vulnerabilities by Severity
Scan Results page 4

Detailed Results
14.194.146.82 (static-82.146.194.14-tataidc.co.in,-)
Vulnerabilities Total 37 Security Risk 3.0 Compliance Status
Vulnerabilities (2)
TCP Sequence Number Approximation Based Denial of Service
PCI COMPLIANCE STATUS
PCI Severity:
The vulnerability is purely a denial-of-service (DoS) vulnerability.
VULNERABILITY DETAILS
CVSS Base Score: 5 AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Temporal Score: 4.3 E:F/RL:TF/RC:C
Severity: 3
QID: 82054
Category: TCP/IP
CVE ID: CVE-2004-0230
Vendor Reference: -
Bugtraq ID: 10183
Last Update: 02/29/2024
THREAT:
TCP provides stateful communications between hosts on a network. TCP sessions are established by a three-way handshake and use random 32-
bit sequence and acknowledgement numbers to ensure the validity of traffic. A vulnerability was reported that may permit TCP sequence numbers to
be more easily approximated by remote attackers. This issue affects products released by multiple vendors.
The cause of the vulnerability is that affected implementations will accept TCP sequence numbers within a certain range, known as the
acknowledgement range, of the expected sequence number for a packet in the session. This is determined by the TCP window size, which is
negotiated during the three-way handshake for the session. Larger TCP window sizes may be set to allow for more throughput, but the larger the
TCP window size, the more probable it is to guess a TCP sequence number that falls within an acceptable range. It was initially thought that
guessing an acceptable sequence number was relatively difficult for most implementations given random distribution, making this type of attack
impractical. However, some implementations may make it easier to successfully approximate an acceptable TCP sequence number, making these
attacks possible with a number of protocols and implementations.
This is further compounded by the fact that some implementations may support the use of the TCP Window Scale Option, as described in RFC
1323, to extend the TCP window size to a maximum value of 1 billion.
This vulnerability will permit a remote attacker to inject a SYN or RST packet into the session, causing it to be reset and effectively allowing for denial
of service attacks. An attacker would exploit this issue by sending a packet to a receiving implementation with an approximated sequence number
and a forged source IP address and TCP port.
There are a few factors that may present viable target implementations, such as those which depend on long-lived TCP connections, those that have
known or easily guessed IP address endpoints and those implementations with easily guessed TCP source ports. It has been noted that Border
Gateway Protocol (BGP) is reported to be particularly vulnerable to this type of attack, due to the use of long-lived TCP sessions and the possibility
that some implementations may use the TCP Window Scale Option. As a result, this issue is likely to affect a number of routing platforms.
Another factor to consider is the relative difficulty of injecting packets into TCP sessions, as a number of receiving implementations will reassemble
packets in order, dropping any duplicates. This may make some implementations more resistant to attacks than others.
It should be noted that while a number of vendors have confirmed this issue in various products, investigations are ongoing and it is likely that many
other vendors and products will turn out to be vulnerable as the issue is investigated further.
Scan Results page 5

IMPACT:
Successful exploitation of this issue could lead to denial of service attacks on the TCP based services of target hosts.
SOLUTION:
Please first check the results section below for the port number on which this vulnerability was detected. If that port number is known to be used for
port-forwarding, then it is the backend host that is really vulnerable.
Various implementations and products including Check Point, Cisco, Cray Inc, Hitachi, Internet Initiative Japan, Inc (IIJ), Juniper Networks, NEC and
Yamaha are currently undergoing review. Contact the vendors to obtain more information about affected products and fixes. NISCC Advisory
236929 - Vulnerability Issues in TCP (http://packetstormsecurity.org/0404-advisories/246929.html) details the vendor patch status as of the time of
the advisory, and identifies resolutions and workarounds.
Refer to US-CERT Vulnerability Note VU#415294 (http://www.kb.cert.org/vuls/id/415294) and OSVDB Article 4030 (http://osvdb.org/4030) to obtain a
list of vendors affected by this issue and a note on resolutions (if any) provided by the vendor.
For Microsoft: Refer to MS05-019 (https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019) and MS06-064 (https://docs.

microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064) for further details.
For SGI IRIX: Refer to SGI Security Advisory 20040905-01-P (ftp://patches.sgi.com/support/free/security/advisories/20040905-01-P.asc)
For SCO UnixWare 7.1.3 and 7.1.1: Refer to SCO Security Advisory SCOSA-2005.14 (ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/
SCOSA-2005.14.txt)
For Solaris (Sun Microsystems): The vendor has acknowledged the vulnerability; however a patch is not available. Refer to Sun Microsystems, Inc.
Information for VU#415294 (http://www.kb.cert.org/vuls/id/JARL-5YGQAJ) to obtain additional details. Also, refer to TA04-111A (http://www.us-cert.
gov/cas/techalerts/TA04-111A.html) for detailed mitigating strategies against these attacks.
For NetBSD: Refer to NetBSD-SA2004-006 (ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc)
For Cisco: Refer to cisco-sa-20040420-tcp-ios.shtml (http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml).
For IBM : Refer to IBM-tcp-sequence-number-cve-2004-0230 (https://www.ibm.com/support/pages/tcp-sequence-number-approximation-based-

denial-service-cve-2004-0230).
For Red Hat Linux: There is no fix available : Refer to (https://access.redhat.com/security/cve/cve-2004-0230).
Workaround:The following BGP-specific workaround information has been provided.
For BGP implementations that support it, the TCP MD5 Signature Option should be enabled. Passwords that the MD5 checksum is applied to should
be set to strong values and changed on a regular basis.
Secure BGP configuration instructions have been provided for Cisco and Juniper at these locations:
Secure Cisco IOS BGP Template (http://www.cymru.com/Documents/secure-bgp-template.html)
JUNOS Secure BGP Template (http://www.cymru.com/gillsr/documents/junos-bgp-template.pdf)
RESULT:
Tested on port 4433 with an injected SYN/RST offset by 16 bytes.
Scan Results page 6

SSL Certificate - Subject Common Name Does Not Match Server FQDN port 4433/tcp over SSL
PCI Severity:
The QID adheres to the PCI requirements based on the CVSS basescore.
CVSS Base Score: 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSS Temporal Score: 2.1 E:U/RL:W/RC:C
Severity: 2
QID: 38170
Category: General remote services
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
An SSL Certificate associates an entity (person, organization, host, etc.) with a Public Key. In an SSL connection, the client authenticates the remote
server using the server's Certificate and extracts the Public Key in the Certificate to establish the secure connection.
A certificate whose Subject commonName or subjectAltName does not match the server FQDN offers only encryption without authentication.
Please note that a false positive reporting of this vulnerability is possible in the following case:
If the common name of the certificate uses a wildcard such as *.somedomainname.com and the reverse DNS resolution of the target IP is not
configured. In this case there is no way for Qualys to associate the wildcard common name to the IP. Adding a reverse DNS lookup entry to the
target IP will solve this problem.
IMPACT:
A man-in-the-middle attacker can exploit this vulnerability in tandem with a DNS cache poisoning attack to lure the client to another server, and then
steal all the encryption communication.
SOLUTION:
Please install a server certificate whose Subject commonName or subjectAltName matches the server FQDN.
RESULT:
Certificate #0 CN=*.solugenix.com (*.solugenix.com) doesn't resolve
(solugenix.com) and IP (14.194.146.82) don't match
(*.solugenix.com) doesn't resolve
Information Gathered (35)
Remote Access or Management Service Detected
Severity: 3
QID: 42017
Scan Results page 7

CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
A remote access or remote management service was detected. If such a service is accessible to malicious users it can be used to carry different
type of attacks. Malicious users could try to brute force credentials or collect additional information on the service which could enable them in crafting
further attacks.
The Results section includes information on the remote access service that was found on the target.
Services like Telnet, Rlogin, SSH, windows remote desktop, pcAnywhere, Citrix Management Console, Remote Admin (RAdmin), VNC, OPENVPN
and ISAKMP are checked.
IMPACT:
Consequences vary by the type of attack.
SOLUTION:
Expose the remote access or remote management services only to the system administrators or intended users of the system.
RESULT:
Service name: ISAKMP on UDP port 500.
DEFLATE Data Compression Algorithm Used for HTTPS
Severity: 3
QID: 42416
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
HTTP data is compressed before it is sent from the server. DEFLATE data compression algorithm uses the LZ77 algorithm which takes advantage of
repeated strings to more efficiently compress output.
DEFLATE data compression algorithm is prone to be unsafe as described in the BREACH attack. If an attacker can inject a string into a HTTPS
response intended to match another unknown string (the target secret), they can iteratively guess the secret value by monitoring the compressed
size of the responses for different guesses. Note: The attacker needs the capability of reading responses received by the user's browser and the
capability of cause the victim to send requests from their browser to perform BREACH attack.
This QID detects that the remote HTTP server is using a gzip or DEFLATE (zlib) compression format which is using DEFLATE data compression
algorithm.
RESULT:
HTTP/1.1 200 OK
Server: Web Server
Scan Results page 8

Cache-Control: no-store, max-age=0
Content-type: text/html; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: ws: wss:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: microphone=()
Content-Encoding: gzip
Connection Error Occurred During Web Application Scan port 4433/tcp
Severity: 2
QID: 150018
Category: Web Application
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The following are some of the possible reasons for the timeouts or connection errors:
A disturbance in network connectivity between the scanner and the web application occurred.
The web server or application server hosting the application was taken down in the midst of a scan.
The web application experienced an overload, possibly due to load generated by the scan.
An error occurred in the SSL/TLS handshake (applies to HTTPS web applications only).
A security device, such as an IDS/IPS or web application firewall (WAF), began to drop or reject the HTTP connections from the scanner.
Very large files like PDFs, videos, etc. are present on the site and caused timeouts when accessed by the scanner.
IMPACT:
Some of the resources were not accessible. Results may be incomplete or incorrect.
SOLUTION:
First, confirm that the server was not taken down in the midst of the scan. After that, investigate the root cause by reviewing the listed links and
examining web server logs, application server logs, or IDS/IPS/WAF logs. If the errors are caused due to load generated by the scanner then try
reducing the scan intensity (this could increase the scan duration). If the errors are due to specific URLs being tested by the scanner or due to
specific form data sent by the scanner, then configure exclude lists in the scan configuration as needed to avoid such requests. If timeouts or
connection errors are a persistent issue but you want the scan to run to completion, change the Behavior Settings in the option profile to increase
the error thresholds or disable the error checks entirely.
RESULT:
Total number of unique links that encountered connection errors: 156
Links with highest number of connection errors:
2 https://14.194.146.82:4433/.
2 https://14.194.146.82:4433/icons/small/
2 https://14.194.146.82:4433/src/
2 https://14.194.146.82:4433/../
1 https://14.194.146.82:4433/tools/
1 https://14.194.146.82:4433/BUGS
1 https://14.194.146.82:4433/core/misc/druplicon.png
1 https://14.194.146.82:4433/README.txt
1 https://14.194.146.82:4433/zip/
1 https://14.194.146.82:4433/info.php
1 https://14.194.146.82:4433/functions/
1 https://14.194.146.82:4433/.svn/entries
1 https://14.194.146.82:4433/php/
1 https://14.194.146.82:4433/config/config.inc.php~
Scan Results page 9

1 https://14.194.146.82:4433/wp-includes/images/smilies/icon_neutral.gif
1 https://14.194.146.82:4433/reports/
1 https://14.194.146.82:4433/sources/
1 https://14.194.146.82:4433/wp-content/plugins/akismet/akismet.gif
1 https://14.194.146.82:4433//%27%20onmouseover%3D%27alert%289%29%3B%27
1 https://14.194.146.82:4433/Service/
1 https://14.194.146.82:4433/phpMyAdmin/
1 https://14.194.146.82:4433/jsp/
1 https://14.194.146.82:4433/export/
1 https://14.194.146.82:4433/CHANGELOG
1 https://14.194.146.82:4433/wsdl/
1 https://14.194.146.82:4433/WebService/
1 https://14.194.146.82:4433/lib/
1 https://14.194.146.82:4433/DisplayEnroll_style.jsp
1 https://14.194.146.82:4433/config/config.inc.php.bak
1 https://14.194.146.82:4433/images/
1 https://14.194.146.82:4433/%3cscript%3e_q_q=%27%29%28%27%3c/script%3e
1 https://14.194.146.82:4433/misc/drupal.js
1 https://14.194.146.82:4433/php.ini
1 https://14.194.146.82:4433/INSTALL
1 https://14.194.146.82:4433/%27
1 https://14.194.146.82:4433/images/joomla_black.png
1 https://14.194.146.82:4433/common/
1 https://14.194.146.82:4433/administration/
1 https://14.194.146.82:4433/wp-includes/js/jquery/jquery.schedule.js
1 https://14.194.146.82:4433/errors/
1 https://14.194.14
6.82:4433/y42kv94O12m9.html
1 https://14.194.146.82:4433/system/
1 https://14.194.146.82:4433/core/misc/drupal.js
1 https://14.194.146.82:4433/saved/
1 https://14.194.146.82:4433/upload/
1 https://14.194.146.82:4433/internet/
1 https://14.194.146.82:4433/images/joomla_logo_black.jpg
1 https://14.194.146.82:4433/_core/
1 https://14.194.146.82:4433/test.php
1 https://14.194.146.82:4433/admin.php
1 https://14.194.146.82:4433/.tar.bz2
1 https://14.194.146.82:4433/.zip
1 https://14.194.146.82:4433/misc/watchdog-error.png
1 https://14.194.146.82:4433/docs/
1 https://14.194.146.82:4433/test.aspx
1 https://14.194.146.82:4433/data/
1 https://14.194.146.82:4433/misc/arrow-asc.png
1 https://14.194.146.82:4433/%253Cimg%2520src%253Dhttp%253A%252f%252flocalhost%252f1.gif%2520onload%253Dalert%25289%2529%
253E
1 https://14.194.146.82:4433/admin.jsp
1 https://14.194.146.82:4433/test/
1 https://14.194.146.82:4433/include/
1 https://14.194.146.82:4433/.tar
1 https://14.194.146.82:4433/web/
1 https://14.194.146.82:4433/imports/
1 https://14.194.146.82:4433/core/misc/menu-expanded.png
1 https://14.194.146.82:4433/files/
1 https://14.194.146.82:4433/sendRequest.jsp
1 https://14.194.146.82:4433/config/
1 https://14.194.146.82:4433/core/misc/arrow-asc.png
1 https://14.194.146.82:4433/tmp/
1 https://14.194.146.82:4433/core/misc/throbber-active.gif
1 https://14.194.146.82:4433/logs/
1 https://14.194.146.82:4433/wp-content/themes/default/screenshot.png
1 https://14.194.146.82:4433/bin/
1 https://14.194.146.82:4433/wp-includes/images/smilies/icon_surprised.gif
1 https://14.194.146.82:4433/uploads/
1 https://14.194.146.82:4433/media/system/js/modal.js
1 https://14.194.146.82:4433/roles/
1 https://14.194.146.82:4433/ws/
1 https://14.194.146.82:4433/misc/
1 https://14.194.146.82:4433/libraries/vendor/simplepie/simplepie/idn/LICENCE
1 https://14.194.146.82:4433/core/
1 https
://14.194.146.82:4433/WSDL/
1 https://14.194.146.82:4433/modules/
1 https://14.194.146.82:4433/crossdomain.xml
1 https://14.194.146.82:4433/build.xml
1 https://14.194.146.82:4433/SERVICE/
1 https://14.194.146.82:4433/db/
1 https://14.194.146.82:4433/wp-includes/js/colorpicker.js
Scan Results page 10

1 https://14.194.146.82:4433/%22onmouseover%3Dalert%289%29%3B%22
1 https://14.194.146.82:4433/wp-includes/images/smilies/icon_eek.gif
1 https://14.194.146.82:4433/plugins/
1 https://14.194.146.82:4433/misc/menu-expanded.png
1 https://14.194.146.82:4433//%22%20qss%3D%22QssAttrValue
1 https://14.194.146.82:4433//qss';qxss(document.cookie);'
1 https://14.194.146.82:4433/webmail/
1 https://14.194.146.82:4433/js/
1 https://14.194.146.82:4433/backup/
1 https://14.194.146.82:4433/images/banners/shop-ad.jpg
1 https://14.194.146.82:4433/core/misc/throbber.gif
Phase wise summary of timeout and connection errors encountered:

ePhaseCrawl : 0 6
ePhaseCMSDetection : 0 38
ePhaseWSDirectoryPathTests : 0 9
ePhasePathXssTests : 0 9
ePhasePathTests : 0 98
Web Server HTTP Protocol Versions port 4433/tcp
Severity: 2
QID: 45266
Category: Information gathering
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
This QID lists supported HTTP protocol (HTTP 1.x or HTTP 2) from remote web server.
RESULT:
Remote Web Server supports HTTP version 1.x on 4433 port.GET / HTTP/1.1
DNS Host Name
Severity: 1
QID: 6
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The fully qualified domain name of this host, if it was obtained from a DNS server, is displayed in the RESULT section.
RESULT:
IP address Host name
14.194.146.82 static-82.146.194.14-tataidc.co.in
Traceroute
Severity: 1
QID: 45006
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
Traceroute describes the path in realtime from the scanner to the remote host being contacted. It reports the IP addresses of all the routers in
between.
RESULT:
Hops IP Round Trip Time Probe Port
1 64.39.111.4 0.17ms ICMP
2 *.*.*.* 0.00ms Other 80
3 154.24.53.61 0.91ms ICMP
4 154.54.42.153 1.15ms ICMP
5 154.54.5.102 1.47ms ICMP
6 154.54.12.142 1.03ms ICMP
7 66.198.101.130 258.75ms UDP 80
8 63.243.218.16 256.05ms ICMP
9 63.243.128.144 259.52ms ICMP
10 80.231.131.72 256.67ms ICMP
11 80.231.131.2 253.04ms UDP 80
12 180.87.39.22 256.99ms ICMP
13 180.87.39.98 250.60ms ICMP
14 *.*.*.* 0.00ms Other 80
15 121.244.3.194 265.42ms ICMP
16 14.194.146.82 268.25ms TCP 80
Target Network Information
Severity: 1
QID: 45004

CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The information shown in the Result section was returned by the network infrastructure responsible for routing traffic from our cloud platform to the
target network (where the scanner appliance is located).
This information was returned from: 1) the WHOIS service, or 2) the infrastructure provided by the closest gateway server to our cloud platform. If
your ISP is routing traffic, your ISP's gateway server returned this information.
IMPACT:
This information can be used by malicious users to gather more information about the network infrastructure that may help in launching attacks
against it.
RESULT:
The network handle is: APNIC-14
Network description:
Asia Pacific Network Information Centre
Internet Service Provider
Severity: 1
QID: 45005
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The information shown in the Result section was returned by the network infrastructure responsible for routing traffic from our cloud platform to the
target network (where the scanner appliance is located).
This information was returned from: 1) the WHOIS service, or 2) the infrastructure provided by the closest gateway server to our cloud platform. If
your ISP is routing traffic, your ISP's gateway server returned this information.
IMPACT:
This information can be used by malicious users to gather more information about the network infrastructure that may aid in launching further attacks
against it.
RESULT:
The ISP network handle is: LONDON-L78-TATAC
ISP Network description:
Customers access -30 and BB internal use
Host Names Found

Severity: 1
QID: 45039
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The following host names were discovered for this computer using various methods such as DNS look up, NetBIOS query, and SQL server name
query.
RESULT:
Host Name Source
static-82.146.194.14-tataidc.co.in FQDN
Host Scan Time - Scanner
Severity: 1
QID: 45038
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The Host Scan Time is the period of time it takes the scanning engine to perform the vulnerability assessment of a single target host. The Host Scan
Time for this host is reported in the Result section below.
The Host Scan Time does not have a direct correlation to the Duration time as displayed in the Report Summary section of a scan results report. The
Duration is the period of time it takes the service to perform a scan task. The Duration includes the time it takes the service to scan all hosts, which
may involve parallel scanning. It also includes the time it takes for a scanner appliance to pick up the scan task and transfer the results back to the
service's Secure Operating Center. Further, when a scan task is distributed across multiple scanners, the Duration includes the time it takes to
perform parallel host scanning on all scanners.
RESULT:
Scan duration: 7150 seconds
Start time: Wed, Jun 26 2024, 08:34:55 GMT
End time: Wed, Jun 26 2024, 10:34:05 GMT
Scan Activity per Port

Severity: 1
QID: 45426
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
Scan activity per port is an estimate of the amount of internal process time the scanner engine spent scanning a particular TCP or UDP port. This
information can be useful to determine the reason for long scan times. The individual time values represent internal process time, not elapsed time,
and can be longer than the total scan time because of internal parallelism. High values are often caused by slowly responding services or services
on which requests time out.
RESULT:
Protocol Port Time
TCP 4433 13:29:26
UDP 500 0:04:28
Firewall Detected
Severity: 1
QID: 34011
Category: Firewall
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
A packet filtering device protecting this IP was detected. This is likely to be a firewall or a router using access control lists (ACLs).
RESULT:
Some of the ports filtered by the firewall are: 445, 139.
Listed below are the ports filtered by the firewall.

No response has been received when any of these ports are probed.
136-139,445,593,1434,5554-5555,7547,9996
IP ID Values Randomness

Severity: 1
QID: 82046
Category: TCP/IP
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The values for the identification (ID) field in IP headers in IP packets from the host are analyzed to determine how random they are. The changes
between subsequent ID values for either the network byte ordering or the host byte ordering, whichever is smaller, are displayed in the RESULT
section along with the duration taken to send the probes. When incremental values are used, as is the case for TCP/IP implementation in many
operating systems, these changes reflect the network load of the host at the time this test was conducted.
Please note that for reliability reasons only the network traffic from open TCP ports is analyzed.
RESULT:
IP ID changes observed (network order) for port 4433: 1 1 2 2 2 2 2 2 2 2 3 3 3 3 3 4 5 7 7 7 7 7 8 9 11 11 11 12 12
Duration: 30 milli seconds
Degree of Randomness of TCP Initial Sequence Numbers
Severity: 1
QID: 82045
Category: TCP/IP
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
TCP Initial Sequence Numbers (ISNs) obtained in the SYNACK replies from the host are analyzed to determine how random they are. The average
change between subsequent ISNs and the standard deviation from the average are displayed in the RESULT section. Also included is the degree of
difficulty for exploitation of the TCP ISN generation scheme used by the host.
RESULT:
Average change between subsequent TCP initial sequence numbers is 461097326 with a standard deviation of 786740338. These TCP initial
sequence numbers were triggered by TCP SYN probes sent to the host at an average rate of 1/(4347 microseconds). The degree of difficulty to
exploit the TCP initial sequence number generation scheme is: hard.
Open TCP Services List

Severity: 1
QID: 82023
Category: TCP/IP
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The port scanner enables unauthorized users with the appropriate tools to draw a map of all services on this host that can be accessed from the
Internet. The test was carried out with a "stealth" port scanner so that the server does not log real connections.
The Results section displays the port number (Port), the default service listening on the port (IANA Assigned Ports/Services), the description of the
service (Description) and the service that the scanner detected using service discovery (Service Detected).
IMPACT:
Unauthorized users can exploit this information to test vulnerabilities in each of the open services.
SOLUTION:
Shut down any unknown or unused service on the list. If you have difficulty figuring out which service is provided by which process or program,
contact your provider's support team. For more information about commercial and open-source Intrusion Detection Systems available for detecting
port scanners of this kind, visit the CERT Web site (http://www.cert.org).
RESULT:
Port IANA Assigned Ports/Services Description Service Detected OS On Redirected Port
4433 unknown unknown http over ssl
Open UDP Services List
Severity: 1
QID: 82004
Category: TCP/IP
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
A port scanner was used to draw a map of all the UDP services on this host that can be accessed from the Internet.
Note that if the host is behind a firewall, there is a small chance that the list includes a few ports that are filtered or blocked by the firewall but are not
actually open on the target host. This (false positive on UDP open ports) may happen when the firewall is configured to reject UDP packets for most
(but not all) ports with an ICMP Port Unreachable packet. This may also happen when the firewall is configured to allow UDP packets for most (but
not all) ports through and filter/block/drop UDP packets for only a few ports. Both cases are uncommon.

IMPACT:
Unauthorized users can exploit this information to test vulnerabilities in each of the open services.
SOLUTION:
Shut down any unknown or unused service on the list. If you have difficulty working out which service is provided by which process or program,
contact your provider's support team. For more information about commercial and open-source Intrusion Detection Systems available for detecting
port scanners of this kind, visit the CERT Web site (http://www.cert.org).
RESULT:
Port IANA Assigned Ports/Services Description Service Detected
500 isakmp isakmp isakmp
Links Rejected By Crawl Scope or Exclusion List port 4433/tcp
Severity: 1
QID: 150020
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
One or more links were not crawled because of an explicit rule to exclude them. This also occurs if a link is malformed.
Exclude list and Include list entries can cause links to be rejected. If a scan is limited to a specific starting directory, then links outside that directory
will neither be crawled or tested.
Links that contain a host name or IP address different from the target application are considered external links and not crawled by default; those
types of links are not listed here. This often happens when the scope of a scan is limited to the directory of the starting URL. The scope can be
changed in the Web Application Record.
During the test phase, some path-based tests may be rejected if the scan is limited to the directory of the starting URL and the test would fall outside
that directory. In these cases, the number of rejected links may be too high to list in the Results section.
IMPACT:
Links listed here were neither crawled or tested by the Web application scanning engine.
SOLUTION:
A link might have been intentionally matched by a exclude or include list entry. Verify that no links in this list were unintentionally rejected.
RESULT:
Links not permitted:
(This list includes links from QIDs: 150010,150041,150143,150170)
IP based excluded links:
Scan Diagnostics port 4433/tcp

Severity: 1
QID: 150021
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
This check provides various details of the scan's performance and behavior. In some cases, this check can be used to identify problems that the
scanner encountered when crawling the target Web application.
IMPACT:
The scan diagnostics data provides technical details about the crawler's performance and behavior. This information does not necessarily imply
problems with the Web application.
SOLUTION:
No action is required.
RESULT:
Target web application page https://14.194.146.82:4433/ fetched. Status code:200, Content-Type:text/html, load time:1098 milliseconds.
Ineffective Session Protection. no tests enabled.
Batch #0 CMSDetection: estimated time < 1 minute (1 tests, 1 inputs)
[CMSDetection phase] : No potential CMS found using Blind Elephant algorithm. Aborting the CMS Detection phase
CMSDetection: 1 vulnsigs tests, completed 0 requests, 412 seconds. Completed 0 requests of 38 estimated requests (0%). All tests completed.
HSTS Analysis no tests enabled.
Collected 1 links overall in 0 hours 8 minutes duration.
Path manipulation: Estimated requests (payloads x links): files with extension:(0 x 0) + files:(0 x 0) + directories:(9 x 1) + paths:(0 x 1) = total (9)
Batch #0 WS Directory Path manipulation: estimated time < 1 minute (9 tests, 1 inputs)
WS Directory Path manipulation: 9 vulnsigs tests, completed 9 requests, 22 seconds. Completed 9 requests of 9 estimated requests (100%). All
tests completed.
WSEnumeration no tests enabled.
WebCgiOobTests: no test enabled
Potential LDAP Login Bypass no tests enabled.
XXE tests no tests enabled.
Arbitrary File Upload no tests enabled.
Arbitrary File Upload On Status OK no tests enabled.
HTTP call manipulation no tests enabled.
SSL Downgrade. no tests enabled.
Open Redirect no tests enabled.
CSRF no tests enabled.
Batch #4 File Inclusion analysis: estimated time < 1 minute (1 tests, 1 inputs)
Batch #4 File Inclusion analysis: 1 vulnsigs tests, completed 0 requests, 0 seconds. Completed 0 requests of 1 estimated requests (0%). All tests
completed.
Batch #4 Cookie manipulation: estimated time < 1 minute (47 tests, 0 inputs)
Batch #4 Cookie manipulation: 47 vulnsigs tests, completed 0 requests, 0 seconds. No tests to execute.
Batch #4 Header manipulation: estimated time < 1 minute (47 tests, 1 inputs)
Batch #4 Header manipulation: 47 vulnsigs tests, completed 63 requests, 10 seconds. Completed 63 requests of 130 estimated requests
(48.4615%). XS
S optimization removed 29 links. All tests completed.
Batch #4 shell shock detector: estimated time < 1 minute (1 tests, 1 inputs)
Batch #4 shell shock detector: 1 vulnsigs tests, completed 1 requests, 1 seconds. Completed 1 requests of 1 estimated requests (100%). All tests
completed.
Batch #4 shell shock detector(form): estimated time < 1 minute (1 tests, 0 inputs)
Batch #4 shell shock detector(form): 1 vulnsigs tests, completed 0 requests, 0 seconds. No tests to execute.
httpoxy no tests enabled.
Static Session ID no tests enabled.
Login Brute Force no tests enabled.
Login Brute Force manipulation estimated time: no tests enabled
Insecurely Served Credential Forms no tests enabled.
Cookies Without Consent no tests enabled.

Batch #5 HTTP Time Bandit: estimated time < 1 minute (1 tests, 10 inputs)
Batch #5 HTTP Time Bandit: 1 vulnsigs tests, completed 0 requests, 0 seconds. No tests to execute.
Batch #5 Path XSS manipulation: estimated time < 1 minute (15 tests, 1 inputs)
Batch #5 Path XSS manipulation: 15 vulnsigs tests, completed 14 requests, 22 seconds. Completed 14 requests of 15 estimated requests
(93.3333%). All tests completed.
Tomcat Vuln manipulation no tests enabled.
Time based path manipulation no tests enabled.
Batch #5 Path manipulation: estimated time < 1 minute (103 tests, 1 inputs)
Batch #5 Path manipulation: 103 vulnsigs tests, completed 98 requests, 141 seconds. Completed 98 requests of 99 estimated requests
(98.9899%). All tests completed.
WebCgiHrsTests: no test enabled
Batch #5 WebCgiGeneric: estimated time < 10 minutes (612 tests, 1 inputs)
Batch #5 WebCgiGeneric: 612 vulnsigs tests, completed 1 requests, 1 seconds. Completed 1
requests of 855 estimated requests (0.116959%). All tests completed.
Duration of Crawl Time: 481.00 (seconds)
Duration of Test Phase: 197.00 (seconds)
Total Scan Time: 678.00 (seconds)
Total requests made: 231

Average server response time: 0.91 seconds
Average browser load time: 0.91 seconds

Scan launched using pciwas_combined/pciwas_combined_new/pciwas_combined_v2 mode.
HTML form authentication unavailable, no WEBAPP entry found
Links Crawled port 4433/tcp
Severity: 1
QID: 150009
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The list of unique links crawled and HTML forms submitted by the scanner appear in the Results section. This list may contain fewer links than the
maximum threshold defined.
NOTE: This list also includes:

- All the unique links that are reported in QID 150140 (Redundant links/URL paths crawled and not crawled)
- All the forms reported in QID 150152 (Forms Crawled)
- All the forms in QID 150115 (Authentication Form Found)
- Certain requests from QID 150172 (Requests Crawled)
RESULT:
Duration of crawl phase (seconds): 481.00
Number of links: 1
(This number excludes form requests and links re-requested during authentication.)
https://14.194.146.82:4433/
SSL Web Server Version port 4433/tcp

Severity: 1
QID: 86001
Category: Web server
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
A web server is server software, or hardware dedicated to running this software, that can satisfy client requests on the World Wide Web.
RESULT:
Server Version Server Banner
_ Web Server
List of Web Directories port 4433/tcp
Severity: 1
QID: 86672
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
Based largely on the HTTP reply code, the following directories are most likely present on the host.
RESULT:
Directory Source
\ brute force
HTTP Strict Transport Security (HSTS) Support Detected port 4433/tcp
Severity: 1
QID: 86137
CVE ID: -

Vendor Reference: -
Bugtraq ID: -
THREAT:
HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special
response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the
specified domain and will instead send all communications over HTTPS.
RESULT:
HTTP Public-Key-Pins Security Header Not Detected port 4433/tcp
Severity: 1
QID: 48002
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
HTTP Public Key Pinning (HPKP) is a security feature that tells a web client to associate a specific cryptographic public key with a certain web
server to decrease the risk of MITM attacks with forged certificates.
QID Detection Logic:

This QID detects the absence of the Public-Key-Pins HTTP header by transmitting a GET request.
IMPACT:
N/A
RESULT:
HTTP Public-Key-Pins Header missing on port 4433.
GET / HTTP/1.1
Host: static-82.146.194.14-tataidc.co.in:4433
Connection: Keep-Alive
HTTP Response Method and Header Information Collected port 4433/tcp
Severity: 1
QID: 48118

CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
This QID prints the information, in the form of a text record, that a web server sends back to a client's browser in response to receiving a single
HTTP GET request.
QID Detection Logic:

This QID returns the HTTP response method and header information returned by a web server.
IMPACT:
N/A
SOLUTION:
N/A
RESULT:
HTTP header and method information collected on port 4433.
GET / HTTP/1.1
HTTP/1.1 200 OK
Server: Web Server
Cache-Control: no-store, max-age=0
Content-type: text/html; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: ws: wss:;
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: microphone=()
Content-Encoding: gzip
SSL Session Caching Information port 4433/tcp over SSL
Severity: 1
QID: 38291
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
SSL session is a collection of security parameters that are negotiated by the SSL client and server for each SSL connection. SSL session caching is
targeted to reduce the overhead of negotiations in recurring SSL connections. SSL sessions can be reused to resume an earlier connection or to
establish multiple simultaneous connections. The client suggests an SSL session to be reused by identifying the session with a Session-ID during
SSL handshake. If the server finds it appropriate to reuse the session, then they both proceed to secure communication with already known security

parameters.
This test determines if SSL session caching is enabled on the host.
IMPACT:
SSL session caching is part of the SSL and TLS protocols and is not a security threat. The result of this test is for informational purposes only.
RESULT:
TLSv1.2 session caching is enabled on the target.
TLSv1.3 session caching is enabled on the target.
TLS Secure Renegotiation Extension Support Information port 4433/tcp over SSL
Severity: 1
QID: 42350
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
Secure Socket Layer (SSL) and Transport Layer Security (TLS) renegotiation are vulnerable to an attack in which the attacker forms a TLS
connection with the target server, injects content of his choice, and then splices in a new TLS connection from a client. The server treats the client's
initial TLS handshake as a renegotiation and thus believes that the initial data transmitted by the attacker is from the same entity as the subsequent
client data. TLS protocol was extended to cryptographically tierenegotiations to the TLS connections they are being performed over. This is referred
to as TLS secure renegotiation extension. This detection determines whether the TLS secure renegotiation extension is supported by the server or
not.
RESULT:
TLS Secure Renegotiation Extension Status: supported.
Secure Sockets Layer/Transport Layer Security (SSL/TLS) Invalid

Protocol Version Tolerance port 4433/tcp over SSL
Severity: 1
QID: 38597
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
SSL/TLS protocols have different version that can be supported by both the client and the server. This test attempts to send invalid protocol versions

to the target in order to find out what is the target's behavior. The results section contains a table that indicates what was the target's response to
each of our tests.
RESULT:
my version target version
0304 0303
0399 0303
0400 0303
0499 0303
SSL Server Information Retrieval port 4433/tcp over SSL
Severity: 1
QID: 38116
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The following is a list of supported SSL ciphers.
Note: If a cipher is included in this list it means that it was possible to establish a SSL connection using that cipher. There are some web servers
setups that allow connections to be established using a LOW grade cipher, only to provide a web page stating that the URL is accessible only
through a non-LOW grade cipher. In this case even though LOW grade cipher will be listed here QID 38140 will not be reported.
RESULT:
CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE
SSLv2 PROTOCOL IS DISABLED
SSLv3 PROTOCOL IS DISABLED
TLSv1 PROTOCOL IS DISABLED
TLSv1.1 PROTOCOL IS DISABLED
TLSv1.2 PROTOCOL IS ENABLED
TLSv1.2 COMPRESSION METHOD None
AES128-GCM-SHA256 RSA RSA AEAD AESGCM(128) MEDIUM
AES256-GCM-SHA384 RSA RSA AEAD AESGCM(256) HIGH
ECDHE-RSA-AES128-GCM-SHA256 ECDH RSA AEAD AESGCM(128) MEDIUM
ECDHE-RSA-AES256-GCM-SHA384 ECDH RSA AEAD AESGCM(256) HIGH
TLSv1.3 PROTOCOL IS ENABLED
TLS13-AES-128-GCM-SHA256 N/A N/A AEAD AESGCM(128) MEDIUM
TLS13-AES-256-GCM-SHA384 N/A N/A AEAD AESGCM(256) HIGH
TLS13-CHACHA20-POLY1305-SHA256 N/A N/A AEAD CHACHA20/POLY1305(256) HIGH

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Key
Exchange Methods port 4433/tcp over SSL
Severity: 1
QID: 38704
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The following is a list of SSL/TLS key exchange methods supported by the server, along with their respective key sizes, strengths and ciphers.
RESULT:
CIPHER NAME GROUP KEY-SIZE FORWARD-SECRET CLASSICAL-STRENGTH QUANTUM-STRENGTH
TLSv1.2
AES256-GCM-SHA384 RSA 2048 no 110 low
AES128-GCM-SHA256 RSA 2048 no 110 low
ECDHE-RSA-AES256-GCM-SHA384 ECDHE x25519 256 yes 128 low
ECDHE-RSA-AES256-GCM-SHA384 ECDHE secp256r1 256 yes 128 low
TLSv1.3
TLS13-AES-128-GCM-SHA256 ECDHE x25519 256 yes 128 low
TLS13-AES-128-GCM-SHA256 ECDHE secp256r1 256 yes 128 low
TLS13-CHACHA20-POLY1305-SHA2 ECDHE x25519 256 yes 128 low
56
TLS13-CHACHA20-POLY1305-SHA2 ECDHE secp256r1 256 yes 128 low
56
TLS13-CHACHA20-POLY1305-SHA2 ECDHE x448 448 yes 224 low
56
56
56

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Protocol
Properties port 4433/tcp over SSL
Severity: 1
QID: 38706
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The following is a list of detected SSL/TLS protocol properties.
IMPACT:
Items include:
Extended Master Secret: indicates whether the extended_master_secret extension is supported or required by the server. This extension enhances
security and is recommended. Applicable to TLSv1, TLSv1.1, TLSv1.2, DTLSv1, DTLSv1.2
Encrypt Then MAC: indicates whether the encrypt_then_mac extension is supported or required by the server. This extension enhances the security
of non-AEAD ciphers and is recommended. Applicable to TLSv1, TLSv1.1, TLSv1.2, DTLSv1, DTLSv1.2
Heartbeat: indicates whether the heartbeat extension is supported. It is not recommended to enable this, except for DTLS. Applicable to TLSv1,
TLSv1.1, TLSv1.2, TLSv1.3, DTLSv1, DTLSv1.2
Truncated HMAC: indicates whether the truncated_hmac extension is supported. This can degrade security and is not recommended. Applicable to
TLSv1, TLSv1.1, TLSv1.2, DTLSv1, DTLSv1.2
Cipher priority: indicates whether client, server or both determine the priority of ciphers. Having the server determine the priority is recommended.
Applicable to SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3, DTLSv1, DTLSv1.2
RESULT:
NAME STATUS
TLSv1.2
Extended Master Secret yes
Heartbeat no
Cipher priority controlled by server
OCSP stapling no
SCT extension no
TLSv1.3
Heartbeat no
Cipher priority controlled by server
OCSP stapling no
SCT extension no
SSL Certificate will expire within next six months port 4433/tcp over SSL

Severity: 1
QID: 38600
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
Certificates are used for authentication purposes in different protocols such as SSL/TLS. Each certificate has a validity period outside of which it is
supposed to be considered invalid. This QID is reported to inform that a certificate will expire within next six months. The advance notice can be
helpful since obtaining a certificate can take some time.
IMPACT:
Expired certificates can cause connection disruptions or compromise the integrity and privacy of the connections being protected by the certificates.
SOLUTION:
Contact the certificate authority that signed your certificate to arrange for a renewal.
RESULT:
Certificate #0 CN=*.solugenix.com The certificate will expire within six months: Dec 9 10:15:25 2024 GMT
Secure Sockets Layer (SSL) Certificate Transparency Information port 4433/tcp over SSL
Severity: 1
QID: 38718
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
SSL Certificate Transparency is an industry effort to improve visibility into the process of how certificate authorities issue certificates. It is designed to
allow the owners of domain names to find all certificates that have been issued for their domains, and which certificate authorities have issued them.
This is done by requiring certificate authorities to publish all issued certificates in public logs. TLS servers can then provide cryptographic evidence to
TLS clients that the server certificate has been registered in public logs, thus providing some degree of confidence that the certificate is legitimate.
Such cryptographic evidence is referred to as an "SCT Log Proof".
The information below lists all validated SCT Log Proofs for server certificates along with information about the public log, where available.
RESULT:
Source Validated Name URL ID Time
Certificate #0 CN=*.solugenix.com
Certificate no (unknown) (unknown) eecdd064d5db1acec55cb79db4cd13a Thu 01 Jan 1970
23287467cbcecdec351485946711fb5 12:00:00 AM GMT
9b
Certificate no (unknown) (unknown) 48b0e36bdaa647340fe56a02fa9d30e Thu 01 Jan 1970
b1c5201cb56dd2c81d9bbbfab39d884 12:00:00 AM GMT
73

Certificate yes Comodo 'Sabre' CT log sabre.ct.comodo.com/ 5581d4c2169036014aea0b9b573c53f Wed 08 Nov 2023
0c0e43878702508172fa3aa1d0713d3 10:15:27 AM GMT
0c
SSL Certificate - Information port 4433/tcp over SSL
Severity: 1
QID: 86002
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
SSL certificate information is provided in the Results section.
RESULT:
NAME VALUE
(0)CERTIFICATE 0
(0)Version 3 (0x2)
(0)Serial Number 4b:06:d2:6e:16:1f:11:df
(0)Signature Algorithm sha256WithRSAEncryption
(0)ISSUER NAME
countryName US
stateOrProvinceName Arizona
localityName Scottsdale
organizationName "GoDaddy.com, Inc."
organizationalUnitName http://certs.godaddy.com/repository/
commonName Go Daddy Secure Certificate Authority - G2
(0)SUBJECT NAME
commonName *.solugenix.com
(0)Valid From Nov 8 10:15:25 2023 GMT
(0)Valid Till Dec 9 10:15:25 2024 GMT
(0)Public Key Algorithm rsaEncryption
(0)RSA Public Key (2048 bit)
(0) RSA Public-Key: (2048 bit)
(0) Modulus:
(0) 00:86:c6:aa:3e:1e:d7:c2:f8:9e:4e:df:50:7a:db:
(0) 13:73:01:6f:a5:d6:53:9a:ff:46:c4:4a:58:d5:5d:
(0) 7c:58:ac:9f:21:df:e2:0f:39:b1:9d:52:96:66:14:
(0) a1:d9:21:fc:44:76:36:66:e8:a5:dc:1a:17:6f:78:
(0) 22:a1:4b:d6:b6:67:ca:b8:3c:60:c7:9f:24:ff:70:
(0) 71:60:70:7c:3b:8d:fc:3b:91:a8:ee:f9:75:5e:ea:
(0) af:fa:68:9a:0f:19:99:df:0f:ba:d9:2a:39:99:9a:
(0) 8e:0f:16:93:cf:10:7e:5a:3c:e6:de:3b:d8:cb:7f:
(0) e7:5f:dd:a2:6f:11:20:3c:0d:ea:d4:c9:69:ee:7d:
(0) 88:3c:ef:80:8b:23:5a:14:2b:4d:8f:c2:5c:32:cf:
(0) 99:63:e6:c4:c2:14:95:e8:fc:df:7c:e4:67:d7:ca:

(0) 8a:e4:41:4d:b6:f3:da:c8:f7:9e:e4:d1:67:e4:9b:
(0) 56:85:55:27:38:ff:51:7c:91:2e:1d:57:43:b7:ce:
(0) 1e:25:d7:01:50:4b:fd:20:fb:ec:02:61:4c:0a:fb:
(0) 48:d7:5b:f3:03:15:98:99:58:e6:27:be:a5:2c:30:
(0) 3b:8f:5e:93:cd:6e:9b:87:bf:15:51:5b:55:ba:45:
(0) 0f:29:e2:cb:1c:e3:6e:75:23:8a:71:94:d6:da:e6:
(0) ce:af
(0) Exponent: 65537 (0x10001)
(0)X509v3 EXTENSIONS
(0)X509v3 Basic Constraints critical
(0) CA:FALSE
(0)X509v3 Extended Key Usage TLS Web Server Authentication, TLS Web Client Authentication
(0)X509v3 Key Usage critical
(0) Digital Signature, Key Encipherment
(0)X509v3 CRL Distribution Points
(0) Full Name:
(0) URI:http://crl.godaddy.com/gdig2s1-11331.crl
(0)X509v3 Certificate Policies Policy: 2.16.840.1.114413.1.7.23.1
(0) CPS: http://certificates.godaddy.com/repository/
(0) Policy: 2.23.140.1.2.1
(0)Authority Information Access OCSP - URI:http://ocsp.godaddy.com/
(0) CA Issuers - URI:http://certificates.godaddy.com/repository/gdig2.crt
(0)X509v3 Authority Key Identifier keyid:40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
(0)X509v3 Subject Alternative Name DNS:*.solugenix.com, DNS:solugenix.com
(0)X509v3 Subject Key Identifier AB:15:48:C4:F9:77:C1:70:88:85:26:6D:62:97:8C:CF:F2:90:5D:0B
(0)CT Precertificate SCTs Signed Certificate Timestamp:
(0) Version : v1 (0x0)
(0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
(0) 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
(0) Timestamp : Nov 8 10:15:26.685 2023 GMT
(0) Extensions: none
(0) Signature : ecdsa-with-SHA256
(0) 30:45:02:20:45:88:1B:EB:63:EE:5A:62:52:0F:F6:15:
(0) 1E:AA:22:5C:A6:9F:80:D8:90:1D:14:8D:3C:A2:4A:C2:
(0) AB:90:C4:F2:02:21:00:C1:80:A6:E8:B2:8A:E8:1D:18:
(0) 42:11:8E:42:CD:8D:49:8D:B2:3A:31:9C:20:12:D9:AE:
(0) 0F:92:CD:DD:11:02:57
(0) Signed Certificate Timestamp:
(0) Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
(0) 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
(0) 30:45:02:20:55:ED:99:0F:0A:E3:12:26:7D:76:04:A9:
(0) 4A:1F:66:F7:03:8E:13:70:1C:9F:B4:7A:A7:34:EE:FA:
(0) 37:94:0F:AA:02:21:00:CD:05:66:BD:94:EE:F9:48:58:
(0) 04:F8:CA:7B:3B:3A:99:01:4F:AF:CF:5D:99:D8:DE:D1:
(0) 88:43:4E:92:DB:07:07
(0) Signed Certificate Timestamp:
(0) Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
(0) C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C

(0) 30:44:02:20:06:5F:E2:D1:15:B1:B6:A3:1B:06:53:8F:
(0) 9B:83:AE:31:A2:95:1E:46:86:6F:50:39:0D:D2:71:D4:
(0) 78:91:01:E0:02:20:2E:1B:52:53:BC:07:DF:1E:37:3F:
(0) C9:1D:FC:9F:02:03:D9:EA:DA:B6:28:71:18:68:DB:C7:
(0) 0E:FC:AB:CB:58:BB
(0)Signature (256 octets)
(0) 29:e5:e0:24:65:3a:df:97:10:ea:8a:a5:da:f2:27:64
(0) b8:76:00:29:07:64:99:f8:6c:f5:a8:a6:ec:cd:4e:4b
(0) 27:60:12:e3:ad:7e:e5:b6:b9:19:ce:6b:d7:62:bd:fe
(0) e4:6a:4a:90:c6:de:7b:49:af:22:3d:8e:dc:dd:97:7f
(0) 29:1a:c4:6e:69:cd:48:b8:99:e6:b9:29:de:b4:2c:25
(0) 4b:21:51:08:9e:d0:13:ed:8b:09:34:96:23:c5:de:11
(0) 7b:75:a3:88:b3:61:72:8a:8f:06:f3:12:dc:0d:b3:9d
(0) 1d:e3:7f:f3:25:21:3d:ce:50:66:ce:e4:c8:a6:c4:64
(0) 76:7c:3a:ef:0f:2a:1d:f7:d7:b3:1f:12:4a:ae:5d:78
(0) 32:74:ba:13:78:3c:d9:4d:7d:1d:b0:40:49:00:16:29
(0) 88:54:03:d0:1e:84:88:5d:b3:b7:35:1e:7a:79:f2:9d
(0) 41:d3:b0:b4:7b:da:68:8b:96:25:3d:7f:79:41:6b:58
(0) 6a:be:55:25:d1:d1:ae:c1:d2:e0:57:07:65:2e:0b:1c
(0) 3c:2e:6c:62:fb:a6:92:55:41:02:a7:ec:ed:56:6c:3a
(0) 14:e9:4c:ff:f2:ae:83:e5:52:d8:18:a0:8c:d0:c5:b4
(0) c5:0d:ad:06:9a:6a:c4:53:03:d7:e8:dc:83:88:89:00
(1)CERTIFICATE 1
(1)Version 3 (0x2)
(1)Serial Number 7 (0x7)
(1)ISSUER NAME
countryName US
commonName Go Daddy Root Certificate Authority - G2
(1)SUBJECT NAME
countryName US
organizationalUnitName http://certs.godaddy.com/repository/
commonName Go Daddy Secure Certificate Authority - G2
(1)Valid From May 3 07:00:00 2011 GMT
(1)Valid Till May 3 07:00:00 2031 GMT
(1) Modulus:
(1) 00:b9:e0:cb:10:d4:af:76:bd:d4:93:62:eb:30:64:
(1) b8:81:08:6c:c3:04:d9:62:17:8e:2f:ff:3e:65:cf:
(1) 8f:ce:62:e6:3c:52:1c:da:16:45:4b:55:ab:78:6b:
(1) 63:83:62:90:ce:0f:69:6c:99:c8:1a:14:8b:4c:cc:
(1) 45:33:ea:88:dc:9e:a3:af:2b:fe:80:61:9d:79:57:
(1) c4:cf:2e:f4:3f:30:3c:5d:47:fc:9a:16:bc:c3:37:
(1) 96:41:51:8e:11:4b:54:f8:28:be:d0:8c:be:f0:30:
(1) 38:1e:f3:b0:26:f8:66:47:63:6d:de:71:26:47:8f:
(1) 38:47:53:d1:46:1d:b4:e3:dc:00:ea:45:ac:bd:bc:

(1) 71:d9:aa:6f:00:db:db:cd:30:3a:79:4f:5f:4c:47:
(1) f8:1d:ef:5b:c2:c4:9d:60:3b:b1:b2:43:91:d8:a4:
(1) 33:4e:ea:b3:d6:27:4f:ad:25:8a:a5:c6:f4:d5:d0:
(1) a6:ae:74:05:64:57:88:b5:44:55:d4:2d:2a:3a:3e:
(1) f8:b8:bd:e9:32:0a:02:94:64:c4:16:3a:50:f1:4a:
(1) ae:e7:79:33:af:0c:20:07:7f:e8:df:04:39:c2:69:
(1) 02:6c:63:52:fa:77:c1:1b:c8:74:87:c8:b9:93:18:
(1) 50:54:35:4b:69:4e:bc:3b:d3:49:2e:1f:dc:c1:d2:
(1) 52:fb
(1) Exponent: 65537 (0x10001)
(1) CA:TRUE
(1) Certificate Sign, CRL Sign
(1)X509v3 Subject Key Identifier 40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
(1)X509v3 Authority Key Identifier keyid:3A:9A:85:07:10:67:28:B6:EF:F6:BD:05:41:6E:20:C1:94:DA:0F:DE
(1) Full Name:
(1) URI:http://crl.godaddy.com/gdroot-g2.crl
(1)X509v3 Certificate Policies Policy: X509v3 Any Policy
(1) CPS: https://certs.godaddy.com/repository/
(1) 08:7e:6c:93:10:c8:38:b8:96:a9:90:4b:ff:a1:5f:4f
(1) 04:ef:6c:3e:9c:88:06:c9:50:8f:a6:73:f7:57:31:1b
(1) be:bc:e4:2f:db:f8:ba:d3:5b:e0:b4:e7:e6:79:62:0e
(1) 0c:a2:d7:6a:63:73:31:b5:f5:a8:48:a4:3b:08:2d:a2
(1) 5d:90:d7:b4:7c:25:4f:11:56:30:c4:b6:44:9d:7b:2c
(1) 9d:e5:5e:e6:ef:0c:61:aa:bf:e4:2a:1b:ee:84:9e:b8
(1) 83:7d:c1:43:ce:44:a7:13:70:0d:91:1f:f4:c8:13:ad
(1) 83:60:d9:d8:72:a8:73:24:1e:b5:ac:22:0e:ca:17:89
(1) 62:58:44:1b:ab:89:25:01:00:0f:cd:c4:1b:62:db:51
(1) b4:d3:0f:51:2a:9b:f4:bc:73:fc:76:ce:36:a4:cd:d9
(1) d8:2c:ea:ae:9b:f5:2a:b2:90:d1:4d:75:18:8a:3f:8a
(1) 41:90:23:7d:5b:4b:fe:a4:03:58:9b:46:b2:c3:60:60
(1) 83:f8:7d:50:41:ce:c2:a1:90:c3:bb:ef:02:2f:d2:15
(1) 54:ee:44:15:d9:0a:ae:a7:8a:33:ed:b1:2d:76:36:26
(1) dc:04:eb:9f:f7:61:1f:15:dc:87:6f:ee:46:96:28:ad
(1) a1:26:7d:0a:09:a7:2e:04:a3:8d:bc:f8:bc:04:30:01
(2)CERTIFICATE 2
(2)Version 3 (0x2)
(2)Serial Number 1828629 (0x1be715)
(2)ISSUER NAME
countryName US
organizationName "The Go Daddy Group, Inc."
organizationalUnitName Go Daddy Class 2 Certification Authority
(2)SUBJECT NAME
countryName US
commonName Go Daddy Root Certificate Authority - G2
(2)Valid From Jan 1 07:00:00 2014 GMT

(2)Valid Till May 30 07:00:00 2031 GMT
(2) Modulus:
(2) 00:bf:71:62:08:f1:fa:59:34:f7:1b:c9:18:a3:f7:
(2) 80:49:58:e9:22:83:13:a6:c5:20:43:01:3b:84:f1:
(2) e6:85:49:9f:27:ea:f6:84:1b:4e:a0:b4:db:70:98:
(2) c7:32:01:b1:05:3e:07:4e:ee:f4:fa:4f:2f:59:30:
(2) 22:e7:ab:19:56:6b:e2:80:07:fc:f3:16:75:80:39:
(2) 51:7b:e5:f9:35:b6:74:4e:a9:8d:82:13:e4:b6:3f:
(2) a9:03:83:fa:a2:be:8a:15:6a:7f:de:0b:c3:b6:19:
(2) 14:05:ca:ea:c3:a8:04:94:3b:46:7c:32:0d:f3:00:
(2) 66:22:c8:8d:69:6d:36:8c:11:18:b7:d3:b2:1c:60:
(2) b4:38:fa:02:8c:ce:d3:dd:46:07:de:0a:3e:eb:5d:
(2) 7c:c8:7c:fb:b0:2b:53:a4:92:62:69:51:25:05:61:
(2) 1a:44:81:8c:2c:a9:43:96:23:df:ac:3a:81:9a:0e:
(2) 29:c5:1c:a9:e9:5d:1e:b6:9e:9e:30:0a:39:ce:f1:
(2) 88:80:fb:4b:5d:cc:32:ec:85:62:43:25:34:02:56:
(2) 27:01:91:b4:3b:70:2a:3f:6e:b1:e8:9c:88:01:7d:
(2) 9f:d4:f9:db:53:6d:60:9d:bf:2c:e7:58:ab:b8:5f:
(2) 46:fc:ce:c4:1b:03:3c:09:eb:49:31:5c:69:46:b3:
(2) e0:47
(2) Exponent: 65537 (0x10001)
(2) CA:TRUE
(2) Certificate Sign, CRL Sign
(2)X509v3 Subject Key Identifier 3A:9A:85:07:10:67:28:B6:EF:F6:BD:05:41:6E:20:C1:94:DA:0F:DE
(2)X509v3 Authority Key Identifier keyid:D2:C4:B0:D2:91:D4:4C:11:71:B3:61:CB:3D:A1:FE:DD:A8:6A:D4:E3
(2) Full Name:
(2) URI:http://crl.godaddy.com/gdroot.crl
(2)X509v3 Certificate Policies Policy: X509v3 Any Policy
(2) CPS: https://certs.godaddy.com/repository/
(2) 59:0b:53:bd:92:86:11:a7:24:7b:ed:5b:31:cf:1d:1f
(2) 6c:70:c5:b8:6e:be:4e:bb:f6:be:97:50:e1:30:7f:ba
(2) 28:5c:62:94:c2:e3:7e:33:f7:fb:42:76:85:db:95:1c
(2) 8c:22:58:75:09:0c:88:65:67:39:0a:16:09:c5:a0:38
(2) 97:a4:c5:23:93:3f:b4:18:a6:01:06:44:91:e3:a7:69
(2) 27:b4:5a:25:7f:3a:b7:32:cd:dd:84:ff:2a:38:29:33
(2) a4:dd:67:b2:85:fe:a1:88:20:1c:50:89:c8:dc:2a:f6
(2) 42:03:37:4c:e6:88:df:d5:af:24:f2:b1:c3:df:cc:b5
(2) ec:e0:99:5e:b7:49:54:20:3c:94:18:0c:c7:1c:52:18
(2) 49:a4:6d:e1:b3:58:0b:c9:d8:ec:d9:ae:1c:32:8e:28
(2) 70:0d:e2:fe:a6:17:9e:84:0f:bd:57:70:b3:5a:e9:1f
(2) a0:86:53:bb:ef:7c:ff:69:0b:e0:48:c3:b7:93:0b:c8
(2) 0a:54:c4:ac:5d:14:67:37:6c:ca:a5:2f:31:08:37:aa
(2) 6e:6f:8c:bc:9b:e2:57:5d:24:81:af:97:97:9c:84:ad
(2) 6c:ac:37:4c:66:f3:61:91:11:20:e4:be:30:9f:7a:a4
(2) 29:09:b0:e1:34:5f:64:77:18:40:51:df:8c:30:a6:af
(3)CERTIFICATE 3

(3)Version 3 (0x2)
(3)Serial Number 0 (0x0)
(3)ISSUER NAME
countryName US
(3)SUBJECT NAME
countryName US
(3)Valid From Jun 29 17:06:20 2004 GMT
(3)Valid Till Jun 29 17:06:20 2034 GMT
(3) Modulus:
(3) 00:de:9d:d7:ea:57:18:49:a1:5b:eb:d7:5f:48:86:
(3) ea:be:dd:ff:e4:ef:67:1c:f4:65:68:b3:57:71:a0:
(3) 5e:77:bb:ed:9b:49:e9:70:80:3d:56:18:63:08:6f:
(3) da:f2:cc:d0:3f:7f:02:54:22:54:10:d8:b2:81:d4:
(3) c0:75:3d:4b:7f:c7:77:c3:3e:78:ab:1a:03:b5:20:
(3) 6b:2f:6a:2b:b1:c5:88:7e:c4:bb:1e:b0:c1:d8:45:
(3) 27:6f:aa:37:58:f7:87:26:d7:d8:2d:f6:a9:17:b7:
(3) 1f:72:36:4e:a6:17:3f:65:98:92:db:2a:6e:5d:a2:
(3) fe:88:e0:0b:de:7f:e5:8d:15:e1:eb:cb:3a:d5:e2:
(3) 12:a2:13:2d:d8:8e:af:5f:12:3d:a0:08:05:08:b6:
(3) 5c:a5:65:38:04:45:99:1e:a3:60:60:74:c5:41:a5:
(3) 72:62:1b:62:c5:1f:6f:5f:1a:42:be:02:51:65:a8:
(3) ae:23:18:6a:fc:78:03:a9:4d:7f:80:c3:fa:ab:5a:
(3) fc:a1:40:a4:ca:19:16:fe:b2:c8:ef:5e:73:0d:ee:
(3) 77:bd:9a:f6:79:98:bc:b1:07:67:a2:15:0d:dd:a0:
(3) 58:c6:44:7b:0a:3e:62:28:5f:ba:41:07:53:58:cf:
(3) 11:7e:38:74:c5:f8:ff:b5:69:90:8f:84:74:ea:97:
(3) 1b:af
(3) Exponent: 3 (0x3)
(3)X509v3 Subject Key Identifier D2:C4:B0:D2:91:D4:4C:11:71:B3:61:CB:3D:A1:FE:DD:A8:6A:D4:E3
(3)X509v3 Authority Key Identifier keyid:D2:C4:B0:D2:91:D4:4C:11:71:B3:61:CB:3D:A1:FE:DD:A8:6A:D4:E3
(3) DirName:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
(3) serial:00
(3)X509v3 Basic Constraints CA:TRUE
(3) 32:4b:f3:b2:ca:3e:91:fc:12:c6:a1:07:8c:8e:77:a0
(3) 33:06:14:5c:90:1e:18:f7:08:a6:3d:0a:19:f9:87:80
(3) 11:6e:69:e4:96:17:30:ff:34:91:63:72:38:ee:cc:1c
(3) 01:a3:1d:94:28:a4:31:f6:7a:c4:54:d7:f6:e5:31:58
(3) 03:a2:cc:ce:62:db:94:45:73:b5:bf:45:c9:24:b5:d5
(3) 82:02:ad:23:79:69:8d:b8:b6:4d:ce:cf:4c:ca:33:23
(3) e8:1c:88:aa:9d:8b:41:6e:16:c9:20:e5:89:9e:cd:3b
(3) da:70:f7:7e:99:26:20:14:54:25:ab:6e:73:85:e6:9b
(3) 21:9d:0a:6c:82:0e:a8:f8:c2:0c:fa:10:1e:6c:96:ef
(3) 87:0d:c4:0f:61:8b:ad:ee:83:2b:95:f8:8e:92:84:72
(3) 39:eb:20:ea:83:ed:83:cd:97:6e:08:bc:eb:4e:26:b6
(3) 73:2b:e4:d3:f6:4c:fe:26:71:e2:61:11:74:4a:ff:57

(3) 1a:87:0f:75:48:2e:cf:51:69:17:a0:02:12:61:95:d5
(3) d1:40:b2:10:4c:ee:c4:ac:10:43:a6:a5:9e:0a:d5:95
(3) 62:9a:0d:cf:88:82:c5:32:0c:e4:2b:9f:45:e6:0d:9f
(3) 28:9c:b1:b9:2a:5a:57:ad:37:0f:af:1d:7f:db:bd:9f
Default Web Page port 4433/tcp over SSL
Severity: 1
QID: 12230
Category: CGI
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The Result section displays the default Web page for the Web server.
RESULT:
GET / HTTP/1.1
(BINARY DATA)
Default Web Page ( Follow HTTP Redirection) port 4433/tcp over SSL
Severity: 1
QID: 13910
Category: CGI
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
THREAT:
The Result section displays the default Web page for the Web server following HTTP redirections.
SOLUTION:
Patch:
Following are links for downloading patches to fix the vulnerabilities:
nas-201911-01 (https://www.qnap.com/en/security-advisory/nas-201911-01)
Scan Results RESULT: page 35

GET / HTTP/1.1
(BINARY DATA)
Appendices
Hosts Scanned
14.194.146.82
Hosts Not Alive

115.242.131.6
Option Profile
Scan
Scanned TCP Ports: Full
Scanned UDP Ports: Standard Scan
Scan Dead Hosts: Off
Load Balancer Detection: Off
Password Brute Forcing: Standard
Vulnerability Detection: Complete
Windows Authentication: Disabled
SSH Authentication: Disabled
Oracle Authentication: Disabled
SNMP Authentication: Disabled
Perform 3-way Handshake: Off
Overall Performance: Custom
Hosts to Scan in Parallel-External Scanner: 15
Hosts to Scan in Parallel-Scanner Appliances: 15
Processes to Run in Parallel-Total: 10
Processes to Run in Parallel-HTTP: 10
Packet (Burst) Delay: Medium
Advanced
Hosts Discovery: TCP Standard Scan, UDP Standard Scan, ICMP On
Ignore RST packets: Off
Ignore firewall-generated SYN-ACK packets: Off
Do not send ACK or SYN-ACK packets during host discovery: Off
Report Legend
Payment Card Industry (PCI) Status

The Detailed Results section of the report shows all detected vulnerabilities and potential vulnerabilities sorted by host. The vulnerabilities and
potential vulnerabilities marked PCI FAILED caused the host to receive the PCI compliance status FAILED. All vulnerabilities and potential
vulnerabilities marked PCI FAILED must be remediated to pass the PCI compliance requirements. Vulnerabilities not marked as PCI FAILED
display vulnerabilities that the PCI Compliance service found on the hosts when scanned. Although these vulnerabilities are not in scope for PCI,
we do recommend that you remediate the vulnerabilities in severity order.
A PCI compliance status of PASSED for a single host/IP indicates that no vulnerabilities or potential vulnerabilities, as defined by the PCI DSS
compliance standards set by the PCI Council, were detected on the host. An overall PCI compliance status of PASSED indicates that all hosts in
the report passed the PCI compliance standards.

A PCI compliance status of FAILED for a single host/IP indicates that at least one vulnerability or potential vulnerability, as defined by the PCI
DSS compliance standards set by the PCI Council, was detected on the host. An overall PCI compliance status of FAILED indicates that at least
one host in the report failed to meet the PCI compliance standards.
Vulnerability Levels
A Vulnerability is a design flaw or mis-configuration which makes your network (or a host on your network) susceptible to malicious attacks from
local or remote users. Vulnerabilities can exist in several areas of your network, such as in your firewalls, FTP servers, Web servers, operating
systems or CGI bins. Depending on the level of the security risk, the successful exploitation of a vulnerability can vary from the disclosure of
information about the host to a complete compromise of the host.
Severity Level Description
1 Minimal Intruders can collect information about the host (open ports, services, etc.) and may be
able to use this information to find other
vulnerabilities.
2 Medium Intruders may be able to collect sensitive information from the host, such as the precise
version of software installed. With this information, intruders can easily exploit known
vulnerabilities specific to software
versions.
3 Serious Intruders may be able to gain access to specific information stored on the host, including
security settings. This could result in potential misuse of the host by intruders. For
example, vulnerabilities at this level may include partial disclosure of file contents,
access to certain files on the host, directory browsing, disclosure of filtering rules and
security mechanisms, denial of service attacks, and unauthorized use of services, such as
mail-relaying.
4 Critical Intruders can possibly gain control of the host, or there may be potential leakage of
highly sensitive information. For example, vulnerabilities at this level may include full
read access to files, potential backdoors, or a listing of all the users on the host.
5 Urgent Intruders can easily gain control of the host, which can lead to the compromise of your
entire network security. For example, vulnerabilities at this level may include full read
and write access to files, remote execution of commands, and the presence of backdoors.
Low A vulnerability with a CVSS base score of 0.0 through 3.9. These vulnerabilities are not required to be fixed to pass PCI compliance.
Medium A vulnerability with a CVSS base score of 4.0 through 6.9. These vulnerabilities must be fixed to pass PCI compliance.
High A vulnerability with a CVSS base score of 7.0 through 10.0. These vulnerabilities must be fixed to pass PCI compliance.
Potential Vulnerability Levels

A potential vulnerability is one which we cannot confirm exists. The only way to verify the existence of such vulnerabilities on your network would
be to perform an intrusive scan, which could result in a denial of service. This is strictly against our policy. Instead, we urge you to investigate
these potential vulnerabilities further.
1 Minimal If this vulnerability exists on your system, intruders can collect information about the
host (open ports, services, etc.) and may be able to use this information to find other
vulnerabilities.
2 Medium If this vulnerability exists on your system, intruders may be able to collect sensitive
information from the host, such as the precise version of software installed. With this
information, intruders can easily exploit known vulnerabilities specific to software
versions.
3 Serious If this vulnerability exists on your system, intruders may be able to gain access to
specific information stored on the host, including security settings. This could result in
potential misuse of the host by intruders. For example, vulnerabilities at this level may
include partial disclosure of file contents, access to certain files on the host,
directory browsing, disclosure of filtering rules and security mechanisms, denial of
service attacks, and unauthorized use of services, such as
mail-relaying.
4 Critical If this vulnerability exists on your system, intruders can possibly gain control of the
host, or there may be potential leakage of highly sensitive information. For example,
vulnerabilities at this level may include full read access to files, potential backdoors,
or a listing of all the users on the
host.

5 Urgent If this vulnerability exists on your system, intruders can easily gain control of the host,
which can lead to the compromise of your entire network security. For example, vulnerabilit
es at this level may include full read and write access to files, remote execution of comma
ds, and the presence of
backdoors.
Low A potential vulnerability with a CVSS base score of 0.0 through 3.9. These vulnerabilities are
not required to be fixed to pass PCI compliance.
Medium A potential vulnerability with a CVSS base score of 4.0 through 6.9. These vulnerabilities must be fixed to pass PCI compliance.
High A potential vulnerability with a CVSS base score of 7.0 through 10.0. These vulnerabilities must be fixed to pass PCI compliance.
Information Gathered
Information Gathered includes visible information about the network related to the host, such as traceroute information, Internet Service Provider
(ISP), or a list of reachable hosts. Information Gathered severity levels also include Network Mapping data, such as detected firewalls, SMTP
banners, or a list of open TCP services.
1 Minimal Intruders may be able to retrieve sensitive information related to the host, such as open
UDP and TCP services lists, and detection of firewalls.
2 Medium Intruders may be able to determine the operating system running on the host, and view banner versions.
3 Serious Intruders may be able to detect highly sensitive data, such as global system user lists.

PCIScanResult20240626

Uploaded by

Copyright:

Available Formats

You might also like

PCIScanResult20240626

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

PCIScanResult20240626

Uploaded by

Copyright:

Available Formats

Scan Results

Not a certified PCI report

The scan option profile used includes:

Scan Settings Advanced Settings

Scan Results page 1

Vulnerabilities Total 37 Average Security Risk 3.0

Scan Results page 2

Potential Vulnerabilities by PCI Severity

Scan Results page 3

Potential Vulnerabilities by Severity

Scan Results page 4

Vulnerabilities Total 37 Security Risk 3.0 Compliance Status

TCP Sequence Number Approximation Based Denial of Service

PCI COMPLIANCE STATUS

The vulnerability is purely a denial-of-service (DoS) vulnerability.

CVSS Base Score: 5 AV:N/AC:L/Au:N/C:N/I:N/A:P

Scan Results page 5

For Microsoft: Refer to MS05-019 (https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019) and MS06-064 (https://docs.

For SGI IRIX: Refer to SGI Security Advisory 20040905-01-P (ftp://patches.sgi.com/support/free/security/advisories/20040905-01-P.asc)

For NetBSD: Refer to NetBSD-SA2004-006 (ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc)

For Cisco: Refer to cisco-sa-20040420-tcp-ios.shtml (http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml).

For IBM : Refer to IBM-tcp-sequence-number-cve-2004-0230 (https://www.ibm.com/support/pages/tcp-sequence-number-approximation-based-

For Red Hat Linux: There is no fix available : Refer to (https://access.redhat.com/security/cve/cve-2004-0230).

Workaround:The following BGP-specific workaround information has been provided.

Secure Cisco IOS BGP Template (http://www.cymru.com/Documents/secure-bgp-template.html)

JUNOS Secure BGP Template (http://www.cymru.com/gillsr/documents/junos-bgp-template.pdf)

Scan Results page 6

PCI COMPLIANCE STATUS

CVSS Base Score: 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N

Information Gathered (35)

Remote Access or Management Service Detected

PCI COMPLIANCE STATUS

Scan Results page 7

DEFLATE Data Compression Algorithm Used for HTTPS

PCI COMPLIANCE STATUS

Scan Results page 8

Connection Error Occurred During Web Application Scan port 4433/tcp

PCI COMPLIANCE STATUS

Scan Results page 9

Scan Results page 10

Phase wise summary of timeout and connection errors encountered:

Web Server HTTP Protocol Versions port 4433/tcp

PCI COMPLIANCE STATUS

DNS Host Name

PCI COMPLIANCE STATUS

PCI COMPLIANCE STATUS

Target Network Information

PCI COMPLIANCE STATUS

Scan Results page 12

Internet Service Provider

PCI COMPLIANCE STATUS

Host Names Found

PCI COMPLIANCE STATUS

Scan Results page 13

Host Scan Time - Scanner

PCI COMPLIANCE STATUS

Start time: Wed, Jun 26 2024, 08:34:55 GMT

End time: Wed, Jun 26 2024, 10:34:05 GMT

Scan Activity per Port