4-3 Project One Milestone - Vulnerability Identification Report

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

240

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

3

Uploaded by SuperKoala931

Report
1 4-3 Project One Milestone: Vulnerability Identification Report Chris Lawton Southern New Hampshire University CYB 240: Operating System Security Dr. Randy Arvay May 28, 2023
2 CYB 240 Project One Milestone Template To complete this template, replace the phrases in brackets with the relevant information. Firewall OpenVAS Report Vulnerability One Identification: CVSS: 10.0 PHP End of Life Detection (Windows). Description: The remote host is using an outdated version of PHP that is no longer receiving updates from the vendor. Since PHP 5.3.1 will no longer receive patches from the vendor, it leaves this host vulnerable to an attack due to there not being up to date security patches. Mitigation: The best way to mitigate any attacks would be to immediately update to the latest version of PHP that is still supported by the vendor and verify it is installed properly to keep getting proper security patches. Vulnerability Two Identification: CVSS: 10.0 PHP Denial of Service and Unspecified Vulnerabilities - 01 - Jul16 (Windows). Description: Due to the use of this version of PHP, the host is prone to denial of service and other unspecified vulnerabilities. Continuing the use of this version of PHP could lead to remote attackers causing a denial of service (heap memory corruption) and the possibility of other unspecified attacks. CVE-2011-2483, CVE-2011-1657, CVE-2011-3182, CVE-2011-3267, CVE- 2011-3268. Mitigation: The best way to mitigate any of these attacks would be to immediately upgrade the PHP to version 5.5.32, 5.6.18, or 7.0.3, or later. For updates refer to http://www.php.net. Windows Server OpenVAS Report Vulnerability One Identification: CVSS: 10.0 phpMyAdmin End of Life Detection (Windows). Description: The remote host is utilizing a version of phpMyAdmin that has reached its end of life. Using software that has reached its end of life poses a major security risk as the vendor will no longer roll out patches that could fix security holes that an attacker could exploit. Mitigation: Mitigation for this would require updating phpMyAdmin to a version that is still supported by the vendor and ensuring it is installed on the remote host properly. Vulnerability Two Identification: CVSS: 10.0 PHP ’php_stream_scandir()’ Buffer Overflow Vulnerability (Windows). Description: The host is currently running a PHP version that is prone to buffer overflow vulnerabilities. Due to this, it could open the door for an attacker to execute arbitrary code and failed attempts have the possibility to result in denial-of-service conditions. CVE-2012-2688 Mitigation: The quickest way to mitigate this issue would be to upgrade the current PHP version to PHP 5.4.5 or 5.3.15 or later and ensuring they are installed properly on the remote host. For updates refer to http://www.php.net/downloads.php. Ubuntu Server OpenVAS Report
3 Vulnerability One Identification: CVSS: 10.0 OS End of Life Detection. Description: The remote host is utilizing an operating system that has reached its end of life. This could pose major security risks as OSes that have reached their end of life no longer receive updates that have security patches. This could allow an attacker to easily exploit the system and gain access to sensitive information. Mitigation: The quickest and easiest way to mitigate the threat of this would be to upgrade to a newer version of Ubuntu such as Ubuntu 22.04.2 LTS that has an end of standard support of April 2027 and an end of life scheduled for April 2032. Vulnerability Two Identification: CVSS: 10.0 Distributed Ruby (dRuby/DRb) Multiple Remote Code Execution Vulnerabilities. Description: In versions 1.6 or later of Ruby comes Distributed Ruby or (dRuby/DRb). Without proper controls in place, it may allow for an attacker to execute unauthorized distributed commands or arbitrary code in what might be considered a safe environment. Mitigation: To mitigate such threats, it is up to the administrators of the environment to ensure appropriate controls are set. These controls could include implementing taint analysis to asses untrusted user input as well as filtering out data such as drb/acl.rb to set ACLEntry to restrict access to only trusted hosts.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

4-3 Activity - Privacy Laws and Compliance Controls.docx
CYB 260 Module One Worksheet.docx
7-3 Project Three Submission - Service Level Agreement Requirement Recommendations.docx
CYB 230 Module Four Lab Worksheet.docx
6-3 Project One - Vulnerability Summary Report.docx
CYB 230 7-2 Project Three - Network System Security Plan Recommendation.docx
CYB 230 6-1 Project One - Permission Modification.docx
6-1 Discussion - Cybersecurity Awareness and Training.docx
CYB 230 Module Five Lab Worksheet.docx
CYB 230 6-2 Project Two - Server Configuration Verification Report.docx
7-1 Final Project Submission - Cyber Defense and Emerging Trends Paper.docx
7-2 Project Two - Recommendations Report.docx