News Server (NNTP) Anonymous Read / Write Access

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The NNTP server is open.

Description :

The remote server seems open to remote users. Some people prefer
open public NNTP servers to be able to read or post articles
anonymously. Unwanted connections could waste your bandwidth or put
you into legal trouble if a malicious person were to use your server
to post abusive articles.

Keep in mind that robots are harvesting such open servers on Internet,
so you cannot hope that you will stay hidden for long.

** As it is very common to have IP based authentication, this might be
** a false positive if the Nessus scanner is among the allowed source
** addresses.

Solution :

Enforce authentication or filter connections from outside.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P)

Family: General

Nessus Plugin ID: 17204 ()

Bugtraq ID:

CVE ID: