Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

checking result is false when useing nmap vulscan #1711

Open
iamxiaozhen opened this issue Aug 27, 2019 · 0 comments

Comments

@iamxiaozhen
Copy link

commented Aug 27, 2019

when I use nmap to check someone vul ,the result is unsure
the first result:
[myVm]$ nmap -sV -p80, -Pn --script http-vuln-cve2015-1427,http-vuln-cve2015-1635 192.168.15.14

Starting Nmap 7.60 ( https://nmap.org ) at 2019-08-26 22:22 EDT
Nmap scan report for 192.168.15.14
Host is up (0.00080s latency).

PORT STATE SERVICE VERSION
80/tcp open http Microsoft IIS httpd 7.5
|http-server-header: Microsoft-IIS/7.5
| http-vuln-cve2015-1635:
| VULNERABLE:
| Remote Code Execution in HTTP.sys (MS15-034)
| State: VULNERABLE
| IDs: CVE:CVE-2015-1635
| A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is
| caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who
| successfully exploited this vulnerability could execute arbitrary code in the context of the System account.
|
| Disclosure date: 2015-04-14
| References:
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1635
|
https://technet.microsoft.com/en-us/library/security/ms15-034.aspx
MAC Address: ************
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 6.52 seconds

the secode result:
[myVm]$ nmap -sV -p80, -Pn --script http-vuln-cve2015-1427,http-vuln-cve2015-1635 192.168.15.14

Starting Nmap 7.60 ( https://nmap.org ) at 2019-08-26 22:22 EDT
Nmap scan report for 192.168.15.14
Host is up (0.00050s latency).

PORT STATE SERVICE VERSION
80/tcp open http Microsoft IIS httpd 7.5
|_http-server-header: Microsoft-IIS/7.5
MAC Address: ************
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 6.55 seconds

and the thing happen frequently

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.