WARNING: This plugin will generate false positive and is purely informative:
regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)
Severity: info
Fingerprint: 3f43e0ebb5dce37ab8b59eb5c979d6626891b6ab6891b6ab6891b6ab6891b6ab
Found potentially vulnerable SSH version: SSH-2.0-OpenSSH_9.7p1 Debian-7 WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
Severity: info
Fingerprint: 3f43e0ebb5dce37ab8b59eb5c979d6601dc969751dc969751dc969751dc96975
Found potentially vulnerable SSH version: SSH-2.0-OpenSSH_9.7p1 Debian-5 WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
The server is accepting NTLM anonymous credentials.
This allows for authentication bypass to access the underlying application.
https://blog.leakix.net/2022/03/bypassing-ntlm-auth-over-http/
Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199c98a4427a187aa78feacead8df3074cdc
Server didn't refuse ANONYMOUS NTLM connection Found NTLM information: Running Windows 10.0 build 20348 MsvAvNbComputerName: WIN-GM39UACUV34 MsvAvNbDomainName: SSGO MsvAvDNSComputerName: WIN-GM39UACUV34.SSGO.LOCAL MsvAvDNSDomainName: SSGO.LOCAL MsvAvDNSTreeName: SSGO.LOCAL 200 OK Content-Length: 0 Content-Type: text/html Date: Mon, 15 Jul 2024 13:38:30 GMT Server: Microsoft-IIS/10.0 Www-Authenticate: NTLM
Open service 172.205.178.102:22
2024-12-21 21:56
Open service 172.205.178.102:22
2024-12-19 21:27
Open service 172.205.178.102:22
2024-12-17 22:31
Open service 172.205.178.102:22
2024-12-15 21:17
Open service 172.205.178.102:22
2024-12-13 21:06
Open service 172.205.178.102:22
2024-12-11 21:41
Open service 172.205.178.102:22
2024-12-01 22:33
Open service 172.205.178.102:22
2024-11-29 21:50
Open service 172.205.178.102:22
2024-11-27 23:01