Return to the 2006 Operating System Vulnerability Summary on OmniNerd
List of hosts Severity problem(s) found

[^] Back

Scan time :
Start time : Tue Feb 20 21:06:32 2007
End time : Tue Feb 20 21:17:14 2007
Number of vulnerabilities :
Open ports : 1
Low : 7
Medium : 2
High : 1

Information about the remote host :

Operating system : Mac OS 9
NetBIOS name : (unknown)
DNS name : (unknown)

[^] Back to

Port http (80/tcp)
A web server is running on this port

Nessus ID : 10330
Oracle9iAS too long URL

It may be possible to make the Oracle9i application server
crash or execute arbitrary code by sending it a too long url
specially crafted URL.

Risk factor : High

Solution : Upgrade your server.
CVE : CVE-2001-0836
BID : 3443
Other references : OSVDB:5534

Nessus ID : 11081

[^] Back to

Port general/tcp
IP protocols scan
The following IP protocols are accepted on this host:
17 UDP

Nessus ID : 14788
OS Identification
The remote host is running Mac OS 9

Nessus ID : 11936

Your machine answers to TCP packets that are coming from a multicast
address. This is known as the 'spank' denial of service attack.

An attacker might use this flaw to shut down this server and
saturate your network, thus preventing you from working properly.
This also could be used to run stealth scans against your machine.

Solution : contact your operating system vendor for a patch.
Filter out multicast addresses (

Risk factor : Medium

Nessus ID : 11901
Information about the scan
Information about this scan :

Nessus version : 3.0.4
Plugin feed version : 200701101815
Type of plugin feed : Registered (7 days delay)
Scanner IP :
Port scanner(s) : nessus_tcp_scanner synscan
Port range : default
Thorough tests : yes
Experimental tests : no
Paranoia level : 0
Report Verbosity : 2
Safe checks : no
Max hosts : 40
Max checks : 5
Scan Start Date : 2007/2/20 21:06
Scan duration : 642 sec

Nessus ID : 19506
Check open ports
The following ports were open at the beginning of the scan but are now closed:

Port 80 was detected as being open but is now closed.

This might be an availability problem related which might be due to the following reasons :

- The remote host is now down, either because a user turned it off during the scan
- A selected denial of service was effective against this host
- A network outage has been experienced during the scan, and the remote
network cannot be reached from the Vulnerability Scanner any more
- This Vulnerability Scanner has been blacklisted by the system administrator
or by automatic intrusion detection/prevention systems which have detected the
vulnerability assessment.

In any case, the audit of the remote host might be incomplete and may need to
be done again

Nessus ID : 10919

[^] Back to

Port general/udp
For your information, here is the traceroute from to :

Nessus ID : 10287

[^] Back to

Port general/icmp
icmp netmask request

The remote host answered to an ICMP_MASKREQ query and sent us its
netmask (

An attacker can use this information to understand how your network is set up
and how the routing is done. This may help him to bypass your filters.

Solution : reconfigure the remote host so that it does not answer to those
requests. Set up filters that deny ICMP packets of type 17.

Risk factor : Low
CVE : CVE-1999-0524

Nessus ID : 10113
Record route
Here is the route recorded between and :

Nessus ID : 12264