report 4f46eb64 231c 4551 8604 700a0940b90b .pdf



Nom original: report-4f46eb64-231c-4551-8604-700a0940b90b.pdf

Ce document au format PDF 1.5 a été généré par LaTeX with hyperref package / pdfTeX-1.40.17, et a été envoyé sur fichier-pdf.fr le 29/10/2016 à 11:39, depuis l'adresse IP 83.201.x.x. La présente page de téléchargement du fichier a été vue 610 fois.
Taille du document: 221 Ko (30 pages).
Confidentialité: fichier public


Aperçu du document


Scan Report

October 29, 2016
Summary
This document reports on the results of an automatic security scan. All dates are displayed using the timezone “Coordinated Universal Time”, which is abbreviated “UTC”. The
task was “Immediate scan of IP 192.168.87.129”. The scan started at Sat Oct 29 09:16:11
2016 UTC and ended at Sat Oct 29 09:28:59 2016 UTC. The report first summarises the
results found. Then, for each host, the report describes every issue found. Please consider
the advice given in each description, in order to rectify the issue.

Contents
1 Result Overview
2 Results per Host
2.1 192.168.87.129 . . . . . . . . .
2.1.1 High 80/tcp . . . . . . .
2.1.2 High 3306/tcp . . . . .
2.1.3 High 3389/tcp . . . . .
2.1.4 High general/tcp . . . .
2.1.5 High 445/tcp . . . . . .
2.1.6 Medium 25/tcp . . . . .
2.1.7 Medium 80/tcp . . . . .
2.1.8 Medium 3306/tcp . . .
2.1.9 Log 1027/tcp . . . . . .
2.1.10 Log 25/tcp . . . . . . .
2.1.11 Log 80/tcp . . . . . . .
2.1.12 Log 3306/tcp . . . . . .
2.1.13 Log 443/tcp . . . . . . .
2.1.14 Log 3389/tcp . . . . . .
2.1.15 Log general/tcp . . . . .
2.1.16 Log general/SMBClient
2.1.17 Log general/icmp . . . .
2.1.18 Log 445/tcp . . . . . . .
2.1.19 Log general/CPE-T . .

2

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
1

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

2
2
3
4
4
5
6
8
9
12
13
14
15
22
25
26
26
27
28
28
30

2

RESULTS PER HOST

1

2

Result Overview
Host
192.168.87.129
Total: 1

High
6
6

Medium
6
6

Low
0
0

Log
32
32

False Positive
0
0

Vendor security updates are not trusted.
Overrides are on. When a result has an override, this report uses the threat of the override.
Notes are included in the report.
This report might not show details of all issues that were found.
It only lists hosts that produced issues.
Issues with the threat level “Debug” are not shown.
Issues with the threat level “False Positive” are not shown.
This report contains all 44 results selected by the filtering described above. Before filtering
there were 59 results.

2
2.1

Results per Host
192.168.87.129

Host scan start
Host scan end

Sat Oct 29 09:16:18 2016 UTC
Sat Oct 29 09:28:59 2016 UTC
Service (Port)
80/tcp
3306/tcp
3389/tcp
general/tcp
445/tcp
25/tcp
80/tcp
3306/tcp
1027/tcp
25/tcp
80/tcp
3306/tcp
443/tcp
3389/tcp
general/tcp
general/SMBClient
general/icmp
445/tcp
general/CPE-T

Threat Level
High
High
High
High
High
Medium
Medium
Medium
Log
Log
Log
Log
Log
Log
Log
Log
Log
Log
Log

2

RESULTS PER HOST

2.1.1

3

High 80/tcp

High (CVSS: 7.6)
NVT: Microsoft IIS WebDAV Remote Authentication Bypass Vulnerability
Summary
The host is running Microsoft IIS Webserver with WebDAV Module and is prone to remote
authentication bypass vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successful exploitation will let the attacker craft malicious UNICODE characters and send it
over the context of IIS Webserver where WebDAV is enabled. As a result due to lack of security
implementation check it will let the user fetch password protected directories without any valid
authentications. Impact Level: Application
Solution
Solution type: VendorFix
Run
Windows
Update
and
update
the
listed
hotfixes
or
download
and
update
mentioned
hotfixes
in
the
advisory
from
the
below
link,
http://www.microsoft.com/technet/security/Bulletin/MS09-020.mspx
Affected Software/OS
Microsoft Internet Information Services version 5.0 to 6.0
Workaround:
Disable
WebDAV
or
Upgrade
to
http://www.microsoft.com/technet/security/advisory/971492.mspx

Microsoft

IIS

7.0

Vulnerability Insight
Due to the wrong implementation of UNICODE characters support (WebDAV extension) for
Microsoft IIS Server which fails to decode the requested URL properly. Unicode character
checks are being done after IIS Server internal security check, which lets the attacker execute
any crafted UNICODE character in the HTTP requests to get information on any password
protected directories without any authentication schema.
Vulnerability Detection Method
Details:Microsoft IIS WebDAV Remote Authentication Bypass Vulnerability
OID:1.3.6.1.4.1.25623.1.0.900711
Version used: $Revision: 3264 $
References
CVE: CVE-2009-1535
BID:34993
Other:
URL:http://view.samurajdata.se/psview.php?id=023287d6&page=2
URL:http://www.microsoft.com/technet/security/advisory/971492.mspx
URL:http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html
. . . continues on next page . . .

2

RESULTS PER HOST

4

. . . continued from previous page . . .
URL:http://downloads.securityfocus.com/vulnerabilities/exploits/34993.rb
URL:http://downloads.securityfocus.com/vulnerabilities/exploits/34993.txt
[ return to 192.168.87.129 ]

2.1.2

High 3306/tcp

High (CVSS: 9.0)
NVT: MySQL weak password
Summary
It was possible to login into the remote MySQL as root using weak credentials.
Vulnerability Detection Result
It was possible to login as root with an empty password.
Solution
Change the password as soon as possible.
Vulnerability Detection Method
Details:MySQL weak password
OID:1.3.6.1.4.1.25623.1.0.103551
Version used: $Revision: 3911 $
[ return to 192.168.87.129 ]

2.1.3

High 3389/tcp

High (CVSS: 9.3)
NVT: Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (2671387)
Summary
This host is missing a critical security update according to Microsoft Bulletin MS12-020.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code as the logged-on
user or cause a denial of service condition.
Impact Level: System/Application
Solution
Solution type: VendorFix
. . . continues on next page . . .

2

RESULTS PER HOST

5

. . . continued from previous page . . .
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes
in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms12020
Affected Software/OS
Microsoft Windows 7 Service Pack 1 and prior Microsoft Windows XP Service Pack 3 and prior
Microsoft Windows 2K3 Service Pack 2 and prior Microsoft Windows Vista Service Pack 2 and
prior Microsoft Windows Server 2008 Service Pack 2 and prior
Vulnerability Insight
The flaws are due to the way Remote Desktop Protocol accesses an object in memory that has
been improperly initialized or has been deleted and the way RDP service processes the packets.
Vulnerability Detection Method
Details:Microsoft Remote Desktop Protocol Remote Code Execution Vulnerabilities (267138.
,→..
OID:1.3.6.1.4.1.25623.1.0.902818
Version used: $Revision: 4234 $
References
CVE: CVE-2012-0002, CVE-2012-0152
BID:52353, 52354
Other:
URL:http://blog.binaryninjas.org/?p=58
URL:http://secunia.com/advisories/48395
URL:http://support.microsoft.com/kb/2671387
URL:http://www.securitytracker.com/id/1026790
URL:http://technet.microsoft.com/en-us/security/bulletin/ms12-020
[ return to 192.168.87.129 ]

2.1.4

High general/tcp

High (CVSS: 10.0)
NVT: OS End Of Life Detection
Summary
OS End Of Life Detection
The Operating System on the remote host has reached the end of life and should not be used
anymore
Vulnerability Detection Result
The Operating System (cpe:/o:microsoft:windows_xp) on the remote host has reache
,→d the end of life at 08 Apr 2014
and should not be used anymore.
See https://support.microsoft.com/de-de/lifecycle/search?sort=PN&qid=&alpha=Micr
. . . continues on next page . . .

2

RESULTS PER HOST

6

. . . continued from previous page . . .
,→osoft%20Windows%20XP&Filter=FilterNO for more information.
Vulnerability Detection Method
Details:OS End Of Life Detection
OID:1.3.6.1.4.1.25623.1.0.103674
Version used: $Revision: 4111 $
[ return to 192.168.87.129 ]

2.1.5

High 445/tcp

High (CVSS: 10.0)
NVT: Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Remote
Summary
This host is missing a critical security update according to Microsoft Bulletin MS09-001.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successful exploitation could allow remote unauthenticated attackers to cause denying the service
by sending a specially crafted network message to a system running the server service. Impact
Level: System/Network
Solution
Solution type: VendorFix
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes
in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms09001.mspx
Affected Software/OS
Microsoft Windows 2K Service Pack 4 and prior. Microsoft Windows XP Service Pack 3 and
prior. Microsoft Windows 2003 Service Pack 2 and prior.
Vulnerability Insight
The issue is due to the way Server Message Block (SMB) Protocol software handles specially
crafted SMB packets.
Vulnerability Detection Method
Details:Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Remote
OID:1.3.6.1.4.1.25623.1.0.900233
Version used: $Revision: 3183 $
References
CVE: CVE-2008-4114, CVE-2008-4834, CVE-2008-4835
. . . continues on next page . . .

2

RESULTS PER HOST

7

. . . continued from previous page . . .
BID:31179
Other:
URL:http://www.milw0rm.com/exploits/6463
URL:http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx

High (CVSS: 10.0)
NVT: Microsoft Windows SMB Server NTLM Multiple Vulnerabilities (971468)
Summary
This host is missing a critical security update according to Microsoft Bulletin MS10-012.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code or cause a denial
of service or bypass the authentication mechanism via brute force technique. Impact Level:
System/Application
Solution
Solution type: VendorFix
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes
in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms10012.mspx
Affected Software/OS
Microsoft Windows 7 Microsoft Windows 2000 Service Pack and prior Microsoft Windows XP
Service Pack 3 and prior Microsoft Windows Vista Service Pack 2 and prior Microsoft Windows
Server 2003 Service Pack 2 and prior Microsoft Windows Server 2008 Service Pack 2 and prior
Vulnerability Insight
- An input validation error exists while processing SMB requests and can be exploited to cause a
buffer overflow via a specially crafted SMB packet. - An error exists in the SMB implementation
while parsing SMB packets during the Negotiate phase causing memory corruption via a specially
crafted SMB packet. - NULL pointer dereference error exists in SMB while verifying the ’share’
and ’servername’ fields in SMB packets causing denial of service. - A lack of cryptographic
entropy when the SMB server generates challenges during SMB NTLM authentication and can
be exploited to bypass the authentication mechanism.
Vulnerability Detection Method
Details:Microsoft Windows SMB Server NTLM Multiple Vulnerabilities (971468)
OID:1.3.6.1.4.1.25623.1.0.902269
Version used: $Revision: 4161 $
References
CVE: CVE-2010-0020, CVE-2010-0021, CVE-2010-0022, CVE-2010-0231
. . . continues on next page . . .

2

RESULTS PER HOST

8

. . . continued from previous page . . .
Other:
URL:http://secunia.com/advisories/38510/
URL:http://support.microsoft.com/kb/971468
URL:http://www.vupen.com/english/advisories/2010/0345
URL:http://www.microsoft.com/technet/security/bulletin/ms10-012.mspx
[ return to 192.168.87.129 ]

2.1.6

Medium 25/tcp

Medium (CVSS: 6.4)
NVT: Microsoft Windows SMTP Server DNS spoofing vulnerability
Summary
The Microsoft Windows Simple Mail Transfer Protocol (SMTP) Server is prone to a DNS spoofing
vulnerability.
Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to
redirect network traffic and to launch man-in-the-middle attacks.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Solution
This issue is reported to be patched in Microsoft security advisory MS10-024 please see the
references for more information.
Vulnerability Detection Method
Details:Microsoft Windows SMTP Server DNS spoofing vulnerability
OID:1.3.6.1.4.1.25623.1.0.100624
Version used: $Revision: 3152 $
References
CVE: CVE-2010-1690, CVE-2010-1689
BID:39910, 39908
Other:
URL:http://www.securityfocus.com/bid/39910
URL:http://www.securityfocus.com/bid/39908
URL:http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0058.html
URL:http://www.microsoft.com
URL:http://www.coresecurity.com/content/CORE-2010-0424-windows-stmp-dns-query
,→-id-bugs
URL:http://www.microsoft.com/technet/security/Bulletin/MS10-024.mspx

2

RESULTS PER HOST

9

Medium (CVSS: 5.0)
NVT: Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
Summary
The Microsoft Windows Simple Mail Transfer Protocol (SMTP) Server is prone to a denial-ofservice vulnerability and to to an information-disclosure vulnerability.
Successful exploits of the denial-of-service vulnerability will cause the affected SMTP server to
stop responding, denying service to legitimate users.
Attackers can exploit the information-disclosure issue to gain access to sensitive information.
Any information obtained may lead to further attacks.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Solution
Microsoft released fixes to address this issue. Please see the references for more information.
Vulnerability Detection Method
Details:Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
OID:1.3.6.1.4.1.25623.1.0.100596
Version used: $Revision: 3152 $
References
CVE: CVE-2010-0024, CVE-2010-0025
BID:39308, 39381
Other:
URL:http://www.securityfocus.com/bid/39308
URL:http://www.securityfocus.com/bid/39381
URL:http://www.microsoft.com
URL:http://support.avaya.com/css/P8/documents/100079218
URL:http://www.microsoft.com/technet/security/Bulletin/MS10-024.mspx
[ return to 192.168.87.129 ]

2.1.7

Medium 80/tcp

Medium (CVSS: 5.8)
NVT: http TRACE XSS attack
Summary
Debugging functions are enabled on the remote HTTP server.
The remote webserver supports the TRACE and/or TRACK methods. TRACE and TRACK
are HTTP methods which are used to debug web server connections.
It has been shown that servers supporting this method are subject to cross-site-scripting attacks, dubbed XST for Cross-Site-Tracing, when used in conjunction with various weaknesses in
browsers.
An attacker may use this flaw to trick your legitimate web users to give him their credentials.
. . . continues on next page . . .

2

RESULTS PER HOST

10
. . . continued from previous page . . .

Vulnerability Detection Result
Solution: Use the URLScan tool to deny HTTP TRACE requests or to permit only the
,→ methods
needed to meet site requirements and policy.
Solution
Disable these methods.
Vulnerability Detection Method
Details:http TRACE XSS attack
OID:1.3.6.1.4.1.25623.1.0.11213
Version used: $Revision: 3362 $
References
CVE: CVE-2004-2320, CVE-2003-1567
BID:9506, 9561, 11604
Other:
URL:http://www.kb.cert.org/vuls/id/867593

Medium (CVSS: 5.0)
NVT: Microsoft IIS Tilde Character Information Disclosure Vulnerability
Product detection result
cpe:/a:microsoft:iis:5.1
Detected by Microsoft IIS Webserver Version Detection (OID: 1.3.6.1.4.1.25623.1.
,→0.900710)

Summary
This host is running Microsoft IIS Webserver and is prone to information disclosure vulnerability.
Vulnerability Detection Result
File/Folder name found on server starting with :cwshel
Impact
Successful exploitation will allow remote attackers to obtain sensitive information that could aid
in further attacks.
Impact Level: Application
Solution
Solution type: WillNotFix
No solution or patch was made available for at least one year since disclosure of this vulnerability.
Likely none will be provided anymore. General solution options are to upgrade to a newer release,
disable respective features, remove the product or replace the product by another one.
. . . continues on next page . . .

2

RESULTS PER HOST

11

. . . continued from previous page . . .
Affected Software/OS
Microsoft Internet Information Services versions 7.5 and prior
Vulnerability Insight
Microsoft IIS fails to validate a specially crafted GET request containing a ’ ’ tilde character,
which allows to disclose all short-names of folders and files having 4 letters extensions.
Vulnerability Detection Method
Details:Microsoft IIS Tilde Character Information Disclosure Vulnerability
OID:1.3.6.1.4.1.25623.1.0.802887
Version used: $Revision: 3565 $
Product Detection Result
Product: cpe:/a:microsoft:iis:5.1
Method: Microsoft IIS Webserver Version Detection
OID: 1.3.6.1.4.1.25623.1.0.900710)

References
BID:54251
Other:
URL:http://www.exploit-db.com/exploits/19525
URL:http://code.google.com/p/iis-shortname-scanner-poc
URL:http://soroush.secproject.com/downloadable/iis_tilde_shortname_disclosure
,→.txt
URL:http://soroush.secproject.com/downloadable/microsoft_iis_tilde_character_
,→vulnerability_feature.pdf

Medium (CVSS: 5.0)
NVT: Microsoft IIS IP Address/Internal Network Name Disclosure Vulnerability
Summary
The host is running Microsoft IIS Webserver and is prone to IP address disclosure vulnerability.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successful exploitation will allow remote attackers to gain internal IP address or internal network
name, which could assist in further attacks against the target host. Impact Level: Application
Solution
Solution type: VendorFix
Apply the hotfix for IIS 6.0 from below link http://support.microsoft.com/kb/834141/top
Affected Software/OS
. . . continues on next page . . .

2

RESULTS PER HOST

12

. . . continued from previous page . . .
Microsoft Internet Information Services version 4.0, 5.0, 5.1 and 6.0
Workaround:
Apply workaround from below link for IIS 4.0, 5.0 and 5.1
http://support.microsoft.com/default.aspx?scid=KB EN-US Q218180
Vulnerability Insight
The flaw is due to an error while processing ’GET’ request. When MS IIS receives a GET
request without a host header, the Web server will reveal the IP address of the server in the
content-location field or the location field in the TCP header in the response.
Vulnerability Detection Method
Details:Microsoft IIS IP Address/Internal Network Name Disclosure Vulnerability
OID:1.3.6.1.4.1.25623.1.0.902796
Version used: $Revision: 3060 $
References
BID:3159
Other:
URL:http://support.microsoft.com/kb/834141/
URL:http://www.securityfocus.com/bid/3159/info
URL:http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q218180
URL:http://www.juniper.net/security/auto/vulnerabilities/vuln3159.html
[ return to 192.168.87.129 ]

2.1.8

Medium 3306/tcp

Medium (CVSS: 6.8)
NVT: MySQL Denial Of Service and Spoofing Vulnerabilities
Product detection result
cpe:/a:mysql:mysql:5.0.15-nt
Detected by MySQL/MariaDB Detection (OID: 1.3.6.1.4.1.25623.1.0.100152)

Summary
The host is running MySQL and is prone to Denial Of Service and Spoofing Vulnerabilities
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Impact
Successful exploitation could allow users to cause a Denial of Service and man-in-the-middle
attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate. Impact Level:
Application
Solution
. . . continues on next page . . .

2

RESULTS PER HOST

13

. . . continued from previous page . . .
Upgrade to MySQL version 5.0.88 or 5.1.41 For updates refer to http://dev.mysql.com/downloads
Affected Software/OS
MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 on all running platform.
Vulnerability Insight

Vulnerability Detection Method
Details:MySQL Denial Of Service and Spoofing Vulnerabilities
OID:1.3.6.1.4.1.25623.1.0.801064
Version used: $Revision: 3238 $
Product Detection Result
Product: cpe:/a:mysql:mysql:5.0.15-nt
Method: MySQL/MariaDB Detection
OID: 1.3.6.1.4.1.25623.1.0.100152)

References
CVE: CVE-2009-4019, CVE-2009-4028
Other:
URL:http://bugs.mysql.com/47780
URL:http://bugs.mysql.com/47320
URL:http://marc.info/?l=oss-security&m=125881733826437&w=2
URL:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
[ return to 192.168.87.129 ]

2.1.9

Log 1027/tcp

Log (CVSS: 0.0)
NVT: Identify unknown services with nmap
Summary
This plugin performs service detection by launching nmap’s service probe against ports running
unidentified services.
Description :

Vulnerability Detection Result
Nmap service detection result for this port: msrpc
Log Method
Details:Identify unknown services with nmap
OID:1.3.6.1.4.1.25623.1.0.66286
. . . continues on next page . . .

2

RESULTS PER HOST

14
. . . continued from previous page . . .

Version used: $Revision: 2752 $
[ return to 192.168.87.129 ]

2.1.10

Log 25/tcp

Log (CVSS: 0.0)
NVT: SMTP Server type and version
Summary
This detects the SMTP Server’s type and version by connecting to the server and processing the
buffer received.
Vulnerability Detection Result
Remote SMTP server banner :
220 VUL1-XP Microsoft ESMTP MAIL Service, Version: 6.0.2600.2180 ready at
,→29 Oct 2016 11:17:03 +0200

Sat,

Solution
Change the login banner to something generic.
Log Method
Details:SMTP Server type and version
OID:1.3.6.1.4.1.25623.1.0.10263
Version used: $Revision: 2599 $

Log (CVSS: 0.0)
NVT: Services
Summary
This routine attempts to guess which service is running on the remote ports. For instance, it
searches for a web server which could listen on another port than 80 or 443 and makes this
information available for other check routines.
Vulnerability Detection Result
An SMTP server is running on this port
Here is its banner :
220 VUL1-XP Microsoft ESMTP MAIL Service, Version: 6.0.2600.2180 ready at
,→29 Oct 2016 11:16:43 +0200
Log Method
Details:Services
OID:1.3.6.1.4.1.25623.1.0.10330
Version used: $Revision: 3923 $

Sat,

2

RESULTS PER HOST

15

Log (CVSS: 0.0)
NVT: SMTP Missing Support For STARTTLS
Summary
The remote Mailserver does not support the STARTTLS command.
Vulnerability Detection Result
The remote Mailserver does not support the STARTTLS command.
Log Method
Details:SMTP Missing Support For STARTTLS
OID:1.3.6.1.4.1.25623.1.0.105091
Version used: $Revision: 2823 $

Log (CVSS: 0.0)
NVT: Microsoft Exchange Server Remote Detection
Summary
The script checks the SMTP/POP3/IMAP server banner for the presence of Microsoft Exchange
Server.
Vulnerability Detection Result
Detected Microsoft Exchange
Version: 6.0.2600.2180
Location: 25/tcp
CPE: cpe:/a:microsoft:exchange_server
Concluded from version identification result:
220 VUL1-XP Microsoft ESMTP MAIL Service, Version: 6.0.2600.2180 ready at
,→29 Oct 2016 11:16:43 +0200
Service version: 6.0.2600.2180
Log Method
Details:Microsoft Exchange Server Remote Detection
OID:1.3.6.1.4.1.25623.1.0.111085
Version used: $Revision: 2880 $
[ return to 192.168.87.129 ]

2.1.11

Log 80/tcp

Log (CVSS: 0.0)
NVT: Windows SharePoint Services detection
Summary
. . . continues on next page . . .

Sat,

2

RESULTS PER HOST

16

. . . continued from previous page . . .
The remote host is running Windows SharePoint Services. Microsoft SharePoint products and
technologies include browser-based collaboration and a document-management platform. These
can be used to host web sites that access shared workspaces and documents from a browser.
Vulnerability Detection Result
Server: Microsoft-IIS/5.1
Operating System Type: Windows XP
Solution
It’s recommended to allow connection to this host only from trusted hosts or networks.
Log Method
Details:Windows SharePoint Services detection
OID:1.3.6.1.4.1.25623.1.0.101018
Version used: $Revision: 3999 $

Log (CVSS: 0.0)
NVT: HTTP Server type and version
Summary
This detects the HTTP Server’s type and version.
Vulnerability Detection Result
The remote web server type is :
Microsoft-IIS/5.1
Solution

Log Method
Details:HTTP Server type and version
OID:1.3.6.1.4.1.25623.1.0.10107
Version used: $Revision: 3564 $

Log (CVSS: 0.0)
NVT: DIRB (NASL wrapper)
Summary
This script uses DIRB to find directories and files on web applications via brute forcing. See the
preferences section for configuration options.
Vulnerability Detection Result
This are the directories/files found with brute force:
http://192.168.87.129:80/
. . . continues on next page . . .

2

RESULTS PER HOST

17
. . . continued from previous page . . .

Log Method
Details:DIRB (NASL wrapper)
OID:1.3.6.1.4.1.25623.1.0.103079
Version used: $Revision: 4290 $

Log (CVSS: 0.0)
NVT: Services
Summary
This routine attempts to guess which service is running on the remote ports. For instance, it
searches for a web server which could listen on another port than 80 or 443 and makes this
information available for other check routines.
Vulnerability Detection Result
A web server is running on this port
Log Method
Details:Services
OID:1.3.6.1.4.1.25623.1.0.10330
Version used: $Revision: 3923 $

Log (CVSS: 0.0)
NVT: Web mirroring
Summary
This script makes a mirror of the remote web site and extracts the list of CGIs that are used by
the remote host.
It is suggested you allow a long-enough timeout value for this test routine and also adjust the
setting on the number of pages to mirror.
Vulnerability Detection Result
The following directories have been discovered :
http://192.168.87.129/css
http://192.168.87.129/services
http://192.168.87.129/images
http://192.168.87.129/js
http://192.168.87.129/css/front
http://192.168.87.129/services/4
http://192.168.87.129/images/design
http://192.168.87.129/images/Graphisme
http://192.168.87.129/images/Logos
http://192.168.87.129/images/Menu
http://192.168.87.129/images/Messages
http://192.168.87.129/images/Neufs
http://192.168.87.129/images/Produits
. . . continues on next page . . .

2

RESULTS PER HOST

18
. . . continued from previous page . . .

http://192.168.87.129/images/Services
http://192.168.87.129/images/design/4
http://192.168.87.129/images/design/bandeaux
http://192.168.87.129/images/design/btc
http://192.168.87.129/images/design/dgbox
http://192.168.87.129/images/design/gbox
http://192.168.87.129/images/design/occas
http://192.168.87.129/images/design/premiums
http://192.168.87.129/images/design/sbox
http://192.168.87.129/images/design/services
http://192.168.87.129/images/design/VS
http://192.168.87.129/images/design/wbox
http://192.168.87.129/images/Graphisme/Layout
http://192.168.87.129/images/Neufs/RECTANGLE
http://192.168.87.129/images/Produits/CARRE
Log Method
Details:Web mirroring
OID:1.3.6.1.4.1.25623.1.0.10662
Version used: $Revision: 4329 $

Log (CVSS: 0.0)
NVT: Directory Scanner
Summary
This plugin attempts to determine the presence of various common dirs on the remote web server
Vulnerability Detection Result
The following directories were discovered:
http://192.168.87.129/css
http://192.168.87.129/images
http://192.168.87.129/js
http://192.168.87.129/services
While this is not, in and of itself, a bug, you should manually inspect these di
,→rectories to ensure that they are in compliance with company security standard
,→s
The following directories require authentication:
http://192.168.87.129/printers
Log Method
Details:Directory Scanner
OID:1.3.6.1.4.1.25623.1.0.11032
Version used: $Revision: 4329 $
References
Other:
OWASP:OWASP-CM-006

2

RESULTS PER HOST
Log (CVSS: 0.0)
NVT: HTTP TRACE
Summary
Transparent or reverse HTTP proxies may be implement on some sites.
Vulnerability Detection Result
The TRACE method revealed 47 proxy(s) between us and the web server :
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
? - Microsoft-IIS/5.1
. . . continues on next page . . .

19

2

RESULTS PER HOST

20
. . . continued from previous page . . .

?
?
?
?
?
?
?

-

Microsoft-IIS/5.1
Microsoft-IIS/5.1
Microsoft-IIS/5.1
Microsoft-IIS/5.1
Microsoft-IIS/5.1
Microsoft-IIS/5.1
Microsoft-IIS/5.1

Log Method
Details:HTTP TRACE
OID:1.3.6.1.4.1.25623.1.0.11040
Version used: $Revision: 3395 $

Log (CVSS: 0.0)
NVT: Info / Options concerning CGI Scanning
Summary
The script prints out various options and the directories used when CGI scanning is enabled.
Vulnerability Detection Result
The host seems to be running on a Windows operating system.
The host seems to be able to host PHP scripts.
The host seems to be able to host ASP scripts.
The following directories require authentication and are tested by the script "H
,→TTP Brute Force Logins with default Credentials (OID: 1.3.6.1.4.1.25623.1.0.10
,→3240)":
http://192.168.87.129/printers
The following directories are used for CGI scanning:
http://192.168.87.129/scripts
http://192.168.87.129/cgi-bin
http://192.168.87.129/images/Produits/CARRE
http://192.168.87.129/images/Graphisme
http://192.168.87.129/images/design/bandeaux
http://192.168.87.129/images/design
http://192.168.87.129/images/design/btc
http://192.168.87.129/images/design/4
http://192.168.87.129/css/front
http://192.168.87.129/images/design/services
http://192.168.87.129/images
http://192.168.87.129/images/design/dgbox
http://192.168.87.129/images/Logos
http://192.168.87.129/images/design/occas
http://192.168.87.129/images/Menu
http://192.168.87.129/images/design/sbox
http://192.168.87.129/css
http://192.168.87.129/images/Neufs/RECTANGLE
http://192.168.87.129/services
. . . continues on next page . . .

2

RESULTS PER HOST

21
. . . continued from previous page . . .

http://192.168.87.129/images/Messages
http://192.168.87.129/images/Graphisme/Layout
http://192.168.87.129/services/4
http://192.168.87.129/images/Produits
http://192.168.87.129/images/design/premiums
http://192.168.87.129/images/design/gbox
http://192.168.87.129/js
http://192.168.87.129/images/Services
http://192.168.87.129/images/Neufs
http://192.168.87.129/images/design/wbox
http://192.168.87.129/images/design/VS
http://192.168.87.129/
Vulnerability Insight
The information printed out is based on the following scripts / settings:
- Web mirroring / webmirror.nasl (OID: 1.3.6.1.4.1.25623.1.0.10662)
- Various OS fingerprinting methods

Log Method
Details:Info / Options concerning CGI Scanning
OID:1.3.6.1.4.1.25623.1.0.111038
Version used: $Revision: 4334 $

Log (CVSS: 0.0)
NVT: HTTP OS Identification
Summary
This script performs HTTP based OS detection from the HTTP banner or default test pages.
Vulnerability Detection Result
Detected OS: Microsoft Windows
CPE: cpe:/o:microsoft:windows
Concluded from HTTP banner : HTTP/1.1 200 OK
Server: Microsoft-IIS/5.1
Connection: close
Content-Location: http://192.168.87.129/index.html
Date: Sat, 29 Oct 2016 09:16:20 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last-Modified: Thu, 25 Jun 2015 11:46:48 GMT
ETag: "04279e3cafd01:9bb"
Content-Length: 134

Log Method
. . . continues on next page . . .

2

RESULTS PER HOST

22
. . . continued from previous page . . .

Details:HTTP OS Identification
OID:1.3.6.1.4.1.25623.1.0.111067
Version used: $Revision: 4289 $

Log (CVSS: 0.0)
NVT: Microsoft IIS Webserver Version Detection
Summary
This script detects the installed MS IIS Webserver and sets the result in KB
Vulnerability Detection Result
Detected Microsoft IIS Webserver
Version: 5.1
Location: 80/tcp
CPE: cpe:/a:microsoft:iis:5.1
Concluded from version identification result:
IIS/5.1
Log Method
Details:Microsoft IIS Webserver Version Detection
OID:1.3.6.1.4.1.25623.1.0.900710
Version used: $Revision: 2711 $
[ return to 192.168.87.129 ]

2.1.12

Log 3306/tcp

Log (CVSS: 0.0)
NVT: Check for Telnet Server
Summary
A telnet Server is running at this host.
Experts in computer security, such as SANS Institute, and the members of the
comp.os.linux.security newsgroup recommend that the use of Telnet for remote logins should
be discontinued under all normal circumstances, for the following reasons:
Telnet, by default, does not encrypt any data sent over the connection (including passwords),
and so it is often practical to eavesdrop on the communications and use the password later for
malicious purposes anybody who has access to a router, switch, hub or gateway located on the
network between the two hosts where Telnet is being used can intercept the packets passing
by and obtain login and password information (and whatever else is typed) with any of several
common utilities like tcpdump and Wireshark.
Most implementations of Telnet have no authentication that would ensure communication is
carried out between the two desired hosts and not intercepted in the middle.
Commonly used Telnet daemons have several vulnerabilities discovered over the years.
. . . continues on next page . . .

2

RESULTS PER HOST

23
. . . continued from previous page . . .

Vulnerability Detection Result
A telnet server seems to be running on this port
Log Method
Details:Check for Telnet Server
OID:1.3.6.1.4.1.25623.1.0.100074
Version used: $Revision: 3467 $

Log (CVSS: 0.0)
NVT: MySQL/MariaDB Detection
Summary
Detection of installed version of MySQL/MariaDB.
Detect a running MySQL/MariaDB by getting the banner, Extract the version from the banner
and store the information in KB
Vulnerability Detection Result
Detected MySQL
Version: 5.0.15-nt
Location: 3306/tcp
CPE: cpe:/a:mysql:mysql:5.0.15-nt
Concluded from version identification result:
5.0.15-nt
R|9F2i9" ,
;BzaVi0R-&xK
Log Method
Details:MySQL/MariaDB Detection
OID:1.3.6.1.4.1.25623.1.0.100152
Version used: $Revision: 4135 $

Log (CVSS: 0.0)
NVT: Detect Server type and version via Telnet
Summary
This detects the Telnet Server’s type and version by connecting to the server and processing
the buffer received. This information gives potential attackers additional information about the
system they are attacking. Versions and Types should be omitted where possible.
Vulnerability Detection Result
Remote telnet banner :
7
5.0.15-nt 2P{=[69[, ?ju0,-<$@Tf’
Solution
Change the login banner to something generic.
. . . continues on next page . . .

2

RESULTS PER HOST

24
. . . continued from previous page . . .

Log Method
Details:Detect Server type and version via Telnet
OID:1.3.6.1.4.1.25623.1.0.10281
Version used: $Revision: 2837 $

Log (CVSS: 0.0)
NVT: Services
Summary
This routine attempts to guess which service is running on the remote ports. For instance, it
searches for a web server which could listen on another port than 80 or 443 and makes this
information available for other check routines.
Vulnerability Detection Result
An unknown service is running on this port.
It is usually reserved for MySQL
Log Method
Details:Services
OID:1.3.6.1.4.1.25623.1.0.10330
Version used: $Revision: 3923 $

Log (CVSS: 0.0)
NVT: Database Open Access Vulnerability
Summary
The host is running a Database server and is prone to information disclosure vulnerability.
Vulnerability Detection Result
MySQL can be accessed by remote attackers
Impact
Successful exploitation could allow an attacker to obtain the sensitive information of the database.
Impact Level: Application
Solution
Solution type: Workaround
Restrict Database access to remote systems.
Affected Software/OS
MySQL IBM DB2 PostgreSQL IBM solidDB Oracle Database Microsoft SQL Server
Vulnerability Insight
Do not restricting direct access of databases to the remote systems.
. . . continues on next page . . .

2

RESULTS PER HOST

25
. . . continued from previous page . . .

Log Method
Details:Database Open Access Vulnerability
OID:1.3.6.1.4.1.25623.1.0.902799
Version used: $Revision: 4043 $
References
Other:
URL:https://www.pcisecuritystandards.org/security_standards/index.php?id=pci_d
,→ss_v1-2.pdf
[ return to 192.168.87.129 ]

2.1.13

Log 443/tcp

Log (CVSS: 0.0)
NVT: Services
Summary
This routine attempts to guess which service is running on the remote ports. For instance, it
searches for a web server which could listen on another port than 80 or 443 and makes this
information available for other check routines.
Vulnerability Detection Result
An unknown service is running on this port.
It is usually reserved for HTTPS
Log Method
Details:Services
OID:1.3.6.1.4.1.25623.1.0.10330
Version used: $Revision: 3923 $

Log (CVSS: 0.0)
NVT: Identify unknown services with nmap
Summary
This plugin performs service detection by launching nmap’s service probe against ports running
unidentified services.
Description :

Vulnerability Detection Result
Nmap service detection result for this port: https
This is a guess. A confident identification of the service was not possible.
. . . continues on next page . . .

2

RESULTS PER HOST

26
. . . continued from previous page . . .

Log Method
Details:Identify unknown services with nmap
OID:1.3.6.1.4.1.25623.1.0.66286
Version used: $Revision: 2752 $
[ return to 192.168.87.129 ]

2.1.14

Log 3389/tcp

Log (CVSS: 0.0)
NVT: Identify unknown services with nmap
Summary
This plugin performs service detection by launching nmap’s service probe against ports running
unidentified services.
Description :

Vulnerability Detection Result
Nmap service detection result for this port: tcpwrapped
Log Method
Details:Identify unknown services with nmap
OID:1.3.6.1.4.1.25623.1.0.66286
Version used: $Revision: 2752 $
[ return to 192.168.87.129 ]

2.1.15

Log general/tcp

Log (CVSS: 0.0)
NVT: OS Detection Consolidation
Summary
This script consolidates the OS information detected by several NVTs and tries to find the best
matching OS.
Vulnerability Detection Result
Best matching OS:
cpe:/o:microsoft:windows_xp
Found by NVT 1.3.6.1.4.1.25623.1.0.102011 (SMB NativeLanMan)
Other OS detections (in order of reliability):
OS: cpe:/o:microsoft:windows found by NVT 1.3.6.1.4.1.25623.1.0.111067 (HTTP OS
,→Identification)
. . . continues on next page . . .

2

RESULTS PER HOST

27

. . . continued from previous page . . .
OS: cpe:/o:microsoft:windows found by NVT 1.3.6.1.4.1.25623.1.0.102002 (ICMP bas
,→ed OS Fingerprinting)
Log Method
Details:OS Detection Consolidation
OID:1.3.6.1.4.1.25623.1.0.105937
Version used: $Revision: 4259 $

Log (CVSS: 0.0)
NVT: Traceroute
Summary
A traceroute from the scanning server to the target system was conducted. This traceroute
is provided primarily for informational value only. In the vast majority of cases, it does not
represent a vulnerability. However, if the displayed traceroute contains any private addresses
that should not have been publicly visible, then you have an issue you need to correct.
Vulnerability Detection Result
Here is the route from 192.168.87.128 to 192.168.87.129:
192.168.87.128
192.168.87.129
Solution
Block unwanted packets from escaping your network.
Log Method
Details:Traceroute
OID:1.3.6.1.4.1.25623.1.0.51662
Version used: $Revision: 4048 $
[ return to 192.168.87.129 ]

2.1.16

Log general/SMBClient

Log (CVSS: 0.0)
NVT: SMB Test
Summary
Test remote host SMB Functions
Vulnerability Detection Result
OS Version = WINDOWS 5.1
Domain = VUL1-XP
SMB Serverversion = WINDOWS 2000 LAN MANAGER
. . . continues on next page . . .

2

RESULTS PER HOST

28
. . . continued from previous page . . .

Log Method
Details:SMB Test
OID:1.3.6.1.4.1.25623.1.0.90011
Version used: $Revision: 3376 $
[ return to 192.168.87.129 ]

2.1.17

Log general/icmp

Log (CVSS: 0.0)
NVT: ICMP Timestamp Detection
Summary
The remote host responded to an ICMP timestamp request. The Timestamp Reply is an ICMP
message which replies to a Timestamp message. It consists of the originating timestamp sent
by the sender of the Timestamp as well as a receive timestamp and a transmit timestamp. This
information could theoretically be used to exploit weak time-based random number generators
in other services.
Vulnerability Detection Result
Vulnerability was detected according to the Vulnerability Detection Method.
Log Method
Details:ICMP Timestamp Detection
OID:1.3.6.1.4.1.25623.1.0.103190
Version used: $Revision: 3115 $
References
CVE: CVE-1999-0524
Other:
URL:http://www.ietf.org/rfc/rfc0792.txt
[ return to 192.168.87.129 ]

2.1.18

Log 445/tcp

Log (CVSS: 0.0)
NVT: SMB NativeLanMan
Summary
It is possible to extract OS, domain and SMB server information from the Session Setup AndX
Response packet which is generated during NTLM authentication.
. . . continues on next page . . .

2

RESULTS PER HOST

29
. . . continued from previous page . . .

Vulnerability Detection Result
Detected SMB workgroup: WORKGROUP
Detected SMB server: Windows 2000 LAN Manager
Detected OS: Windows 5.1
Log Method
Details:SMB NativeLanMan
OID:1.3.6.1.4.1.25623.1.0.102011
Version used: $Revision: 4259 $

Log (CVSS: 0.0)
NVT: SMB/CIFS Server Detection
Summary
This script detects wether port 445 and 139 are open and if they are running a CIFS/SMB server.
Vulnerability Detection Result
A CIFS server is running on this port
Log Method
Details:SMB/CIFS Server Detection
OID:1.3.6.1.4.1.25623.1.0.11011
Version used: $Revision: 4261 $

Log (CVSS: 0.0)
NVT: Microsoft SMB Signing Disabled
Summary
Checking for SMB signing is disabled.
The script logs in via smb, checks the SMB Negotiate Protocol response to confirm SMB signing
is disabled.
Vulnerability Detection Result
SMB signing is disabled on this host
Log Method
Details:Microsoft SMB Signing Disabled
OID:1.3.6.1.4.1.25623.1.0.802726
Version used: $Revision: 2576 $

Log (CVSS: 0.0)
NVT: SMB Remote Version Detection
Summary
. . . continues on next page . . .

2

RESULTS PER HOST

30

. . . continued from previous page . . .
Detection of Server Message Block(SMB).
This script sends SMB Negotiation request and try to get the version from the response.
Vulnerability Detection Result
Only SMBv1 is enabled on remote target
Log Method
Details:SMB Remote Version Detection
OID:1.3.6.1.4.1.25623.1.0.807830
Version used: $Revision: 4262 $
[ return to 192.168.87.129 ]

2.1.19

Log general/CPE-T

Log (CVSS: 0.0)
NVT: CPE Inventory
Summary
This routine uses information collected by other routines about CPE identities
(http://cpe.mitre.org/) of operating systems, services and applications detected during
the scan.
Vulnerability Detection Result
192.168.87.129|cpe:/a:mysql:mysql:5.0.15-nt
192.168.87.129|cpe:/a:microsoft:exchange_server
192.168.87.129|cpe:/a:microsoft:iis:5.1
192.168.87.129|cpe:/o:microsoft:windows_xp
Log Method
Details:CPE Inventory
OID:1.3.6.1.4.1.25623.1.0.810002
Version used: $Revision: 2837 $
[ return to 192.168.87.129 ]

This file was automatically generated.


report-4f46eb64-231c-4551-8604-700a0940b90b.pdf - page 1/30
 
report-4f46eb64-231c-4551-8604-700a0940b90b.pdf - page 2/30
report-4f46eb64-231c-4551-8604-700a0940b90b.pdf - page 3/30
report-4f46eb64-231c-4551-8604-700a0940b90b.pdf - page 4/30
report-4f46eb64-231c-4551-8604-700a0940b90b.pdf - page 5/30
report-4f46eb64-231c-4551-8604-700a0940b90b.pdf - page 6/30
 




Télécharger le fichier (PDF)


report-4f46eb64-231c-4551-8604-700a0940b90b.pdf (PDF, 221 Ko)

Télécharger
Formats alternatifs: ZIP



Documents similaires


report 4f46eb64 231c 4551 8604 700a0940b90b
scan de base mjcmur
scan 2 21goro
scan de base yoax0v
scan 2 65xuhw
hx9hunw

Sur le même sujet..