Hi,
Thanks for reporting. Will take look at this.
Regards,
Antu Sanadi
On Wednesday 26 April 2017 04:16 AM, Adam Kauffman wrote:
To whom it may concern,
The NMAP banner is correct and the CPE based detection
is wrong. The host is a Windows machine running Oracle Virtualbox.
This system is listed as “Operating System: cpe:/h:hp:jetdirect” in
OpenVAS.
<LOG CLIP>
*Log*(CVSS: 0.0)
NVT: OS Detection Consolidation and Reporting (OID:
1.3.6.1.4.1.25623.1.0.105937)
*Summary*
This script consolidates the OS information detected by several NVTs
and tries to find the best matching OS.
Furthermore it reports all previously collected information leading to
this best matching OS. It also reports possible additional
informations which might help to improve the OS detection.
If any of this information is wrong or could be improved please
consider to report these to [email protected].
*Vulnerability Detection Result*
Best matching OS:
OS: HP JetDirect
CPE: cpe:/h:hp:jetdirect
Found by NVT: 1.3.6.1.4.1.25623.1.0.102002 (ICMP based OS Fingerprinting)
Concluded from ICMP based OS fingerprint:
(80% confidence)
HP JetDirect
Setting key "Host/runs_unknown" based on this information
Unknown banners have been collected which might help to identify the
OS running on this host. If these banners containing information about
the host OS please report the following information to
[email protected]:
Banner: # Nmap 7.40 scan initiated Tue Apr 25 20:56:48 2017 as: nmap
-n -Pn -sV -oN /tmp/nmap-172.16.15.148-323665694 -O --osscan-limit -p
3389,1947,135,21,22,25,80,443,15731,21071,34840 172.16.15.148
Nmap scan report for 172.16.15.148
Host is up (0.017s latency).
PORT STATE SERVICE VERSION
21/tcp closed ftp
22/tcp closed ssh
25/tcp closed smtp
80/tcp closed http
135/tcp open msrpc Microsoft Windows RPC
443/tcp closed https
1947/tcp open http Aladdin/SafeNet HASP license manager 18.00
3389/tcp open ms-wbt-server Microsoft Terminal Service
15731/tcp closed unknown
21071/tcp closed unknown
34840/tcp closed unknown
Device type: bridge|general purpose|switch
Running (JUST GUESSING): Oracle Virtualbox (96%), QEMU (94%), Cisco
embedded (86%)
OS CPE: cpe:/o:oracle:virtualbox cpe:/a:qemu:qemu cpe:/h:cisco:css_11501
Aggressive OS guesses: Oracle Virtualbox (96%), QEMU user mode network
gateway (94%), Cisco CSS 11501 switch (86%)
No exact OS matches for host (test conditions non-ideal).
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
OS and Service detection performed. Please report any incorrect
results at https://nmap.org/submit/ .
# Nmap done at Tue Apr 25 20:57:02 2017 -- 1 IP address (1 host up)
scanned in 13.91 seconds
Identified from: Nmap TCP/IP fingerprinting
Banner: Server: HASP LM/18.00
Identified from: HTTP Server banner on port 1947/tcp
*Log Method*
Details: OS Detection Consolidation and Reporting (OID:
1.3.6.1.4.1.25623.1.0.105937)
Version used: $Revision: 5435 $
</LOG CLIP>
Adam Kauffman
Process Engineer
Cascade Engineering Technologies, Inc.
14707 SE River Rd.
Milwaukie, OR 97267
(503) 653-7999
(503) 653-6788 fax
(503) 957-3442 cell
www.cmm-measure.com <http://www.cmm-measure.com/>
*AS9100C & ITAR Registered*
------------------------------------------------------------------------
/WARNING - This document may contain technical data, export of which
is restricted by the International Traffic in Arms Regulations (ITAR)
and subject to Title 22 C.F.R. Part 120-130. Prior authorization is
required from the U.S. Department of State/Directorate of Defense
Trade Controls for release of this item, or any information in this
item, to any foreign person or entity whether located in the United
States or not. Disclosure to foreign persons without U.S. Government
approval is prohibited. Violations of these export laws and
regulations are subjected to severe civil and criminal penalties.
Notice of Proprietary Rights - This document contains confidential
technical and commercial data including trade secrets proprietary to
Cascade Engineering Technologies, Inc. Disclosure of this data to you
is expressly confidential upon your assent that its use is limited to
use within your company only and that you and/or your company are the
intended recipient(s). Any other use is strictly prohibited without
prior written consent of Cascade Engineering Technologies, Inc.
NOTE - If you received this message in error, please notify the sender
by reply e-mail and delete all copies of this message./
PLEASE CONSIDER THE ENVIRONMENT BEFORE PRINTING THIS E-MAIL
_______________________________________________
Openvas-plugins mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
_______________________________________________
Openvas-plugins mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
