Scribd
Upload
21 views3 pages

Titan Scan Report

The Nmap Security Assessment Report for the target 192.168.88.15 identifies critical vulnerabilities including outdated services and insecure protocols, with a high risk level. Key issues include an outdated Apache web server, weak encryption in OpenSSH, and potential SQL injection risks in MySQL and web applications. Immediate remediation is required to prevent unauthorized access and data breaches.

Uploaded by

Saba Hussien
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
21 views3 pages

Titan Scan Report

The Nmap Security Assessment Report for the target 192.168.88.15 identifies critical vulnerabilities including outdated services and insecure protocols, with a high risk level. Key issues include an outdated Apache web server, weak encryption in OpenSSH, and potential SQL injection risks in MySQL and web applications. Immediate remediation is required to prevent unauthorized access and data breaches.

Uploaded by

Saba Hussien
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
You are on page 1/ 3

Nmap Security Assessment Report

Target: 192.168.88.15

Scan Date: (11/2/2025)

1. Host Information
• Operating System: Linux
• MAC Address: 08:00:27:72:7C:0A

2. Open Ports & Services


Port Service Version/Details
21 FTP vsftpd 2.3.4 (Potentially vulnerable)
22 SSH OpenSSH 4.7p1 (Debian 8ubuntu1)
23 Telnet Linux telnetd (Insecure, cleartext protocol)
25 SMTP Postfix smtpd
53 DNS ISC BIND 9.4.2
80 HTTP Apache 2.2.8 (Ubuntu, DAV/2)
111 RPC rpcbind 2
139 Samba smbd 3.X - 4.X (WORKGROUP)
445 Samba smbd 3.X - 4.X (WORKGROUP)
512 Exec netkit-rsh rexecd (Legacy, insecure)
513 Login OpenBSD/Solaris rlogind (Insecure)
514 TCP Wrapper Potentially restricted
1099 Java RMI GNU Classpath grmiregistry
1524 BindShell Metasploitable root shell detected (Critical)
2049 NFS NFS 2-4
2121 FTP ProFTPD 1.3.1
3306 MySQL MySQL 5.0.51a-3ubuntu5 (Old version, potential SQLi risk)
5432 PostgreSQL PostgreSQL 8.3.0 - 8.3.7
5900 VNC VNC (protocol 3.3) - Remote Desktop Risk
6000 X11 Access Denied - Potential X11 Exposure
6667 IRC UnrealIRCd (Potential Backdoor)
8009 Apache JServ AJP 1.3 (Tomcat backend protocol)
8180 HTTP Apache Tomcat/Coyote JSP 1.1
3. Vulnerability
Risks
1. Apache 2.2.8 (80/tcp, 8180/tcp) - Outdated Web Server
Older Apache versions may have multiple vulnerabilities (e.g., CVE-2017-5638 for Apache
Struts).
Solution: Upgrade Apache to a secure version.

2. OpenSSH 4.7p1 (22/tcp) - Weak Encryption Methods


Older versions lack modern cryptographic security.
Solution: Upgrade to OpenSSH 8+ and disable weak ciphers.
3.
MySQL 5.0.51a (3306/tcp) - Possible SQL Injection Risk
Older MySQL versions lack security patches against SQLi attacks.
Solution: Upgrade MySQL to a recent version.
4. Telnet (23/tcp) & RSH (512-513/tcp) - Insecure Protocols
These protocols transmit data in cleartext, making them vulnerable to sniffing.
Solution: Replace with SSH.

4. Web Application Vulnerabilities


SQL Injection (SQLi) Detected on Mutillidae (80/tcp)
• URLs vulnerable to SQLi:
http://192.168.88.15:80/mutillidae/index.php?page=login.php' OR sqlspider
http://192.168.88.15:80/mutillidae/index.php?page=pen-test-tool-lookup.php' OR
sqlspider
Impact: Attackers can steal sensitive data, bypass authentication, or execute commands.
• Solution: Implement prepared statements (parameterized queries).

Cross-Site Request Forgery (CSRF) Detected (8180/tcp - Apache Tomcat)


• Affected URL:
http://192.168.88.15:8180/admin/
Impact: Attackers can trick users into performing unintended actions.
• Solution: Implement CSRF tokens and secure cookie policies.
6. Summary
Risk Level: Critical
This system is highly vulnerable to exploits and remote attacks. Immediate remediation is
necessary to prevent unauthorized access and data breaches.

You might also like