[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 198218 Download | Alert*

The host is installed with Microsoft Server 2008, Server 2008 R2, Windows Vista, Windows 7, Server 2012, Server 2012 R2, Windows 8 or Windows 8.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted application. An attacker who successfully exploited this vulnerability could leak memory addresses or other sensitive kernel in ...

Verify the target machine is installed with Sophos Anti-Virus.

Enable or disable the ftp daemon as appropriate. Use launchctl unload -w to unload the ftp.plist file in the LaunchDaemons directory.

It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors. Operating systems are capable of providing a wide variety of functions and services. S ...

The rexec service must be disabled. The rexec service does not implement crypto and has had several security vulnerabilities in the past. It is disabled by default; enabling it would increase the attack surface of the system. Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session. Remote access is access to DoD n ...

The telnet service must be disabled, as it sends all data, including the user's password in a clear text form that can be easily intercepted and read. Passwords need to be protected at all times and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Disabling telnet is one way to mitigate t ...

Enable or disable the tftp daemon as appropriate. Use launchctl unload -w to unload the tftp.plist file in the LaunchDaemons directory.

Web Sharing is non-essential and must be disabled. Enabling any service increases the attack surface for an intruder. By disabling unnecessary services, the attack surface is minimized.

If auditing is enabled late in the startup process, the actions of some start-up processes may not be audited. Some audit systems also maintain state information only available if auditing is enabled before a given process is created.

Enable or disable User process crash report as appropriate. Use 'launchctl unload -w' to unload the com.apple.ReportCrash.plist file in the /System/Library/LaunchAgents directory.


Pages:      Start    19211    19212    19213    19214    19215    19216    19217    19218    19219    19220    19221    19222    19223    19224    ..   19821

© SecPod Technologies