CYB 240 Project One Milestone

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

240

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

2

Uploaded by LieutenantGoosePerson210

Report
CYB 240 Project One Milestone Template To complete this template, replace the phrases in brackets with the relevant information. Firewall OpenVAS Report Vulnerability One Identification: CVSS 10.0 PHP End of Life detection(windows) Description: Remote host using outdated version of PHP and isn’t receiving updates from vendor. This will leave the host vulnerable Mitigation: The best form of mitigation for this matter will be to immediately get the updates that are still supported through the vendor and verify proper install. Vulnerability Two Identification: CVSS: 10.0 PHP denial of service and unspecified vulnerabilities(windows) Description: Due to use of version of PHP, Host is prone to denial of service and other unspecified vulnerabilities. Continuing the use of the current version could lead to remote attackers causing denial of service and possibility of unspecified attacks. Mitigation: The best mitigation for any of these attacks would be an immediate upgrade. Windows Server OpenVAS Report Vulnerability One Identification: CVSS 10.0 MyAdmin End of Life Detection (windows) Description: host is using a version of phpMyAdmin that’s reached the end of its life. Using end of life software poses security risks as the vendor is no longer releasing patching that would fix security issues Mitigation: updating phpMyAdmin to a version that is still supported by vendor Vulnerability Two Identification: Service Denial of Vulnerability Description: having a company to install the prone into denial service with vulnerability Mitigation: verification that still can support the version with the company Ubuntu Server OpenVAS Report Vulnerability One Identification: End of Life Detection Description: host is using an OS that has reached the end of its life cycle. This is a major issue as the vendor will no longer be patching or releasing anything for the OS. This could lead this to be exploited Mitigation: Will need to be upgraded to the newest version of Ubuntu Vulnerability Two Identification: Distributed Ruby Multiple Remote Code Execution Vulnerabilities Description: versions 1.6 or later of ruby comes distributed Ruby. Without proper controls in place, may allow an attacker to execute unauthorized disturbed commands or code.
Mitigation: Ensuring that administrators of the environment ensure appropriate control are set in place. Controls such as implementing taint analysis to determine untrusted user inputs.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

ITM550 SLP 2.docx
Course Project Milestone 1.docx
CYB 300 Milestone Three Worksheet.docx
Cyb 300 4-4 Milestone two paper.docx
CYB 240 Project One Vulnerability Summary Report.docx
CYB 240 Module Four Lab Worksheet.docx
CYB 240 Module Five Lab Worksheet.docx
CYB 300 4-4 Milestone Two Checklist.docx
Screenshot 2023-12-03 224254.png
Screenshot 2023-12-03 224337.png
Homework 2 - Long response.docx
RTA102_RTA108 - F21 Cross Multi Platform Storytelling Project.pdf