CYB 240 Project One Milestone

CYB 240 Project One Milestone CYB-240-H7147 2023 November 19 Firewall OpenVAS Report Vulnerability One • Identification: PHP End of Life Version Detected (Windows) (CVSS: 10.0) • Description: The PHP version installed on the remote host has reached its end of life is no longer supported and is not recommended for use. • Mitigation: To mitigate the risk ensure that the PHP version on the remote host is updated to a version that is currently supported. Vulnerability Two • Identification: PostgreSQL Multiple Vulnerabilities - (Windows) (CVSS: 9.0) • Description: The host is running PostgreSQL which is prone to multiple vulnerabilities. • Mitigation: Update the version to 9.5.1 or higher. Windows Server OpenVAS Report Vulnerability One • Identification: Apache Web Server End Of Life Detection (Windows) Severity: High (CVSS: 10.0) • Description: The Apache Web Server version installed on the remote host has reached its end of life and is no longer recommended for use. • Mitigation: To mitigate the risk ensure the Apache Web Server version on the remote host is updated to a version that is currently supported. Vulnerability Two • Identification: PHP “ php stream scandir() ” Buffer Overflow Vulnerability (Windows) S everity: High (CVSS: 10.0) • Description: The host running PHP is susceptible to a buffer overflow vulnerability. • Mitigation: To mitigate the risk ensure the PHP version is updated to 5.4.5, 5.3.15, or later version. Ubuntu Server OpenVAS Report Vulnerability One • Identification: TWiki XSS and Command Execution Vulnerabilities (CVSS: 10.0) • Description: The host running TWiki is susceptible to Cross-Site Scripting (XSS) and Command Execution vulnerabilities. • Mitigation: To mitigate the risk ensure to upgrade to version 4.2.4 or a later version. Vulnerability Two • Identification: Test HTTP dangerous methods (CVSS: 7.5) • Description: Misconfigured web servers may enable remote clients to perform