This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote host has been found to be NOT COMPLIANT with the PCI DSS
external scanning requirements.
The remote host is vulnerable to one or more conditions that are
considered to be 'automatic failures' according to the PCI DSS
Approved Scanning Vendors Program Guide (version 2.0). These failures
include one or more of the following :
- Vulnerabilities with a CVSS base score greater than or
equal to 4.0
- Unsupported operating systems
- Internet reachable database servers (must validate
whether cardholder data is stored)
- Presence of built-in or default accounts
- Unrestricted DNS Zone transfers
- Unvalidated parameters leading to SQL injection attacks
- Cross-Site Scripting (XSS) flaws
- Directory traversal vulnerabilities
- HTTP response splitting/header injection
- Detection of backdoor applications (malware, trojan
horses, rootkits, backdoors)
- Use of older, insecure SSL/TLS versions (TLS v1.1 is the
Details of the failed items may be found in the 'Output' section of
this plugin result. These vulnerabilities and/or failure conditions
will have to be corrected before you are able to submit your scan
results for validation by Tenable to meet your quarterly external
If you are conducting this scan via Nessus Cloud and either disagree
with any of the results, believe there are false-positives, or must
rely on compensating controls to mitigate the vulnerability then you
may proceed with submitting this report to our PCI portal by clicking
on 'Submit for PCI Validation'. You may login to the Tenable PCI
portal using your Nessus Cloud credentials and dispute or provide
mitigation evidence for each of the residual findings.
See also :
Risk factor :
Family: Policy Compliance
Nessus Plugin ID: 33929 ()
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.