To whom it may concern,
The NMAP banner is correct and the CPE based detection is
wrong. The host is a Windows machine running Oracle Virtualbox. This system is
listed as “Operating System: cpe:/h:hp:jetdirect” in OpenVAS.
<LOG CLIP>
Log (CVSS: 0.0)
NVT: OS Detection Consolidation and Reporting (OID:
1.3.6.1.4.1.25623.1.0.105937)
Summary
This script consolidates the OS information detected by several NVTs and tries
to find the best matching OS.
Furthermore it reports all previously collected information leading to this
best matching OS. It also reports possible additional informations which might
help to improve the OS detection.
If any of this information is wrong or could be improved please consider to
report these to [email protected].
Vulnerability Detection Result
Best matching OS:
OS: HP JetDirect
CPE: cpe:/h:hp:jetdirect
Found by NVT: 1.3.6.1.4.1.25623.1.0.102002 (ICMP based OS Fingerprinting)
Concluded from ICMP based OS fingerprint:
(80% confidence)
HP JetDirect
Setting key "Host/runs_unknown" based on this information
Unknown banners have been collected which might help to identify the OS running
on this host. If these banners containing information about the host OS please
report the following information to [email protected]:
Banner: # Nmap 7.40 scan initiated Tue Apr 25 20:56:48 2017 as: nmap -n -Pn -sV
-oN /tmp/nmap-172.16.15.148-323665694 -O --osscan-limit -p
3389,1947,135,21,22,25,80,443,15731,21071,34840 172.16.15.148
Nmap scan report for 172.16.15.148
Host is up (0.017s latency).
PORT STATE SERVICE VERSION
21/tcp closed ftp
22/tcp closed ssh
25/tcp closed smtp
80/tcp closed http
135/tcp open msrpc Microsoft Windows RPC
443/tcp closed https
1947/tcp open http Aladdin/SafeNet HASP license manager 18.00
3389/tcp open ms-wbt-server Microsoft Terminal Service
15731/tcp closed unknown
21071/tcp closed unknown
34840/tcp closed unknown
Device type: bridge|general purpose|switch
Running (JUST GUESSING): Oracle Virtualbox (96%), QEMU (94%), Cisco embedded
(86%)
OS CPE: cpe:/o:oracle:virtualbox cpe:/a:qemu:qemu cpe:/h:cisco:css_11501
Aggressive OS guesses: Oracle Virtualbox (96%), QEMU user mode network gateway
(94%), Cisco CSS 11501 switch (86%)
No exact OS matches for host (test conditions non-ideal).
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
OS and Service detection performed. Please report any incorrect results at
https://nmap.org/submit/ .
# Nmap done at Tue Apr 25 20:57:02 2017 -- 1 IP address (1 host up) scanned in
13.91 seconds
Identified from: Nmap TCP/IP fingerprinting
Banner: Server: HASP LM/18.00
Identified from: HTTP Server banner on port 1947/tcp
Log Method
Details: OS Detection Consolidation and Reporting (OID:
1.3.6.1.4.1.25623.1.0.105937)
Version used: $Revision: 5435 $
</LOG CLIP>
Adam Kauffman
Process Engineer
Cascade Engineering Technologies, Inc.
14707 SE River Rd.
Milwaukie, OR 97267
(503) 653-7999
(503) 653-6788 fax
(503) 957-3442 cell
www.cmm-measure.com<http://www.cmm-measure.com/>
AS9100C & ITAR Registered
________________________________
WARNING - This document may contain technical data, export of which is
restricted by the International Traffic in Arms Regulations (ITAR) and subject
to Title 22 C.F.R. Part 120-130. Prior authorization is required from the U.S.
Department of State/Directorate of Defense Trade Controls for release of this
item, or any information in this item, to any foreign person or entity whether
located in the United States or not. Disclosure to foreign persons without U.S.
Government approval is prohibited. Violations of these export laws and
regulations are subjected to severe civil and criminal penalties. Notice of
Proprietary Rights - This document contains confidential technical and
commercial data including trade secrets proprietary to Cascade Engineering
Technologies, Inc. Disclosure of this data to you is expressly confidential
upon your assent that its use is limited to use within your company only and
that you and/or your company are the intended recipient(s). Any other use is
strictly prohibited without prior written consent of Cascade Engineering
Technologies, Inc.
NOTE - If you received this message in error, please notify the sender by reply
e-mail and delete all copies of this message.
PLEASE CONSIDER THE ENVIRONMENT BEFORE PRINTING THIS E-MAIL
_______________________________________________
Openvas-plugins mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
