CYB 240 Project One Milestone Template KOCH

.docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

240

Subject

Information Systems

Date

Jun 22, 2024

Type

docx

Pages

Uploaded by CorporalGoldfish2212

CYB 240 Project One Milestone Template To complete this template, replace the phrases in brackets with the relevant information. Firewall OpenVAS Report Vulnerability One  Identification: (CVSS: 10.0) End of Life Detection (Windows)  Description: An end-of-life version of PHP is not receiving any security updates from the vendor. Unfixed security vulnerabilities might be leveraged by an attacker to compromise the security of this host.  Mitigation: Update the PHP version on the remote host to a still supported version and verify that it has been installed correctly. Vulnerability Two  Identification: (CVSS: 10.0) NVT: PHP Denial of Service and Unspecified Vulnerabilities - 01 - Jul16 (Windows)  Description: This host is installed with PHP and is prone to denial of service and unspecified Vulnerabilities. Successfully exploiting this issue allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact.  Mitigation: Upgrade to PHP version 5.5.32, or 5.6.18, or 7.0.3, or later and verify that it has been installed correctly. Windows Server OpenVAS Report Vulnerability One  Identification: (CVSS: 10.0) NVT: PHP ’phar fix filepath’ Function Stack Buffer Overflow Vulnerability - Mar16 (Windows)  Description: This host is installed with PHP and is prone to stack buffer overflow vulnerability. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the PHP process. Failed exploit attempts will likely crash the webserver.  Mitigation: Upgrade to PHP version 5.4.43, or 5.5.27, or 5.6.11 or later and verify that it has been installed correctly. Vulnerability Two  Identification: (CVSS: 7.8) NVT: PHP Denial of Service Vulnerability Jul17 (Windows)  Description: This host is installed with PHP and is prone to denial-of-service vulnerability. Successfully exploiting this issue allows an attacker to cause a CPU consumption denial of service attack.  Mitigation: Upgrade to PHP version 5.6.31, 7.0.17, 7.1.3 or later and verify that it has been installed correctly. Ubuntu Server OpenVAS Report Vulnerability One

 Identification: (CVSS: 10.0) NVT: Java RMI Server Insecure Default Configuration Remote Code Execution Vulnerability  Description: Multiple Java products that implement the RMI Server contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system with elevated privileges.  Mitigation: Reconfigure the Remote Method Invocation (RMI) Server in the affected software. Vulnerability Two  Identification: (CVSS: 9.0) NVT: PostgreSQL weak password  Description: It was possible to login into the remote PostgreSQL as user postgres using weak credentials. The password was the same as the user, “postgres”.  Mitigation: Change the password as soon as possible.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help