Multiple Unix Netstat Service Remote Information Disclosure

medium Nessus Plugin ID 10157

Synopsis

The remote service is vulnerable to an information disclosure flaw.

Description

The remote host is running a 'netstat' service on this port.

The 'netstat' service provides useful information to an attacker, since it gives away the state of the active connections. It is recommended that you disable this service if you do not use it.

Solution

Disable the service by commenting out the 'netstat' line in /etc/inetd.conf and restart the inetd process.

Plugin Details

Severity: Medium

ID: 10157

File Name: netstat.nasl

Version: 1.27

Type: remote

Family: Misc.

Published: 6/22/1999

Updated: 8/13/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Vulnerability Publication Date: 1/1/1990

Reference Information

CVE: CVE-1999-0650

Detections

Analytics