Scan Results

02/03/2021

The scan was started on February 02, 2021 at 11:32 pm GMT and took 00:42:20 to complete. The scan was run against the following IP addresses:

Not a certified PCI report

IP Addresses
190.205.21.195

The scan option profile used includes:

Scan Settings Advanced Settings

Scanned TCP Ports Full Host Discovery TCP Standard Scan
Scanned UDP Ports Standard Scan UDP Standard Scan
Scan Dead Hosts Off
n ICMP On
tio
Load Balancer Detection Off Ignore RST packets Off
Password Brute Forcing Standard Ignore firewall-generated SYN-ACK packets Off
Vulnerability Detection Complete ACK/SYN-ACK packets during discovery Send
ua

Windows Authentication Disabled

SSH Authentication Disabled
Oracle Authentication Disabled
al

SNMP Authentication Disabled

Perform 3-way Handshake Off
Ev

Overall Performance Custom

Hosts to Scan in Parallel-External Scanner 15
Hosts to Scan in Parallel-Scanner Appliances 15
Processes to Run in Parallel-Total 10
Processes to Run in Parallel-HTTP 10
Packet (Burst) Delay Medium

Scan Results page 1

Report Summary
Company: Grupo MCair
User: Miguel Clerch
Template Title: Scan Results
Active Hosts: 1
Total Hosts: 1
Scan Type: On Demand
Scan Status: Finished
Scan Title: IP ISP MC
Scan Date: 02/02/2021 at 23:32:43
Reference: scan/1612308783.37747
Scanner Appliance: 64.39.111.105 (Scanner 12.2.62-1, Vulnerability Signatures 2.5.98-2)
Duration: 00:42:20
Options: Payment Card Industry (PCI) Options
Target: 190.205.21.195

Summary of Vulnerabilities

Vulnerabilities Total 9 Average Security Risk 1.0

by Severity
Severity Confirmed Potential Information Gathered Total
5 0 0 0 0
4 0 0 0 0
3 0 0 0
n 0
tio
2 0 0 0 0
1 1 0 8 9
ua

Total 1 0 8 9

by PCI Severity
al

PCI Severity Confirmed Potential Total

Ev

High 0 0 0
Medium 0 0 0
Low 1 0 1
Total 1 0 1

Scan Results page 2

Vulnerabilities by PCI Severity

Potential Vulnerabilities by PCI Severity

n
tio
ua
al
Ev

Scan Results page 3

Vulnerabilities by Severity

Potential Vulnerabilities by Severity

n
tio
ua
al
Ev

Scan Results page 4

Detailed Results

190.205.21.195 (190-205-21-195.dyn.dsl.cantv.net,-)

Vulnerabilities Total 9 Security Risk 1.0 Compliance Status

Vulnerabilities (1)

ICMP Timestamp Request

PCI COMPLIANCE STATUS

PCI Severity:

The QID adheres to the PCI requirements based on the CVSS basescore.
The vulnerability is purely a denial-of-service (DoS) vulnerability.

VULNERABILITY DETAILS

CVSS Base Score: 0

CVSS Temporal Score: 0
Severity: 1
QID: 82003

n
Category: TCP/IP
CVE ID: CVE-1999-0524
tio
Vendor Reference: -
Bugtraq ID: -
Last Update: 04/29/2009
ua
al

THREAT:
ICMP (Internet Control and Error Message Protocol) is a protocol encapsulated in IP packets. It's principal purpose is to provide a protocol layer able
to inform gateways of the inter-connectivity and accessibility of other gateways or hosts. "ping" is a well-known program for determining if a host is
Ev

up or down. It uses ICMP echo packets. ICMP timestamp packets are used to synchronize clocks between hosts.

IMPACT:
Unauthorized users can obtain information about your network by sending ICMP timestamp packets. For example, the internal systems clock should
not be disclosed since some internal daemons use this value to calculate ID or sequence numbers (i.e., on SunOS servers).

SOLUTION:
You can filter ICMP messages of type "Timestamp" and "Timestamp Reply" at the firewall level. Some system administrators choose to filter most
types of ICMP messages for various reasons. For example, they may want to protect their internal hosts from ICMP-based Denial Of Service
attacks, such as the Ping of Death or Smurf attacks.

However, you should never filter ALL ICMP messages, as some of them ("Don't Fragment", "Destination Unreachable", "Source Quench", etc) are
necessary for proper behavior of Operating System TCP/IP stacks.

It may be wiser to contact your network consultants for advice, since this issue impacts your overall network reliability and security.

RESULT:
Timestamp of host (network byte ordering): 23:34:35 GMT

Information Gathered (8)

ICMP Replies Received

Scan Results page 5

 PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 82040
Category: TCP/IP
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 01/16/2003

THREAT:
ICMP (Internet Control and Error Message Protocol) is a protocol encapsulated in IP packets. ICMP's principal purpose is to provide a protocol layer
that informs gateways of the inter-connectivity and accessibility of other gateways or hosts.

We have sent the following types of packets to trigger the host to send us ICMP replies:

Echo Request (to trigger Echo Reply)

Timestamp Request (to trigger Timestamp Reply)
Address Mask Request (to trigger Address Mask Reply)
UDP Packet (to trigger Port Unreachable Reply)
IP Packet with Protocol >= 250 (to trigger Protocol Unreachable Reply)

n
tio
Listed in the "Result" section are the ICMP replies that we have received.
ua

RESULT:
ICMP Reply Type Triggered By Additional Information
al

Echo (type=0 code=0) Echo Request Echo Reply

Ev

Time Stamp (type=14 code=0) Time Stamp Request 23:34:35 GMT

DNS Host Name

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 6
Category: Information gathering
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 01/04/2018

THREAT:
The fully qualified domain name of this host, if it was obtained from a DNS server, is displayed in the RESULT section.

RESULT:
IP address Host name

Scan Results page 6

 190.205.21.195 190-205-21-195.dyn.dsl.cantv.net

Traceroute

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 45006
Category: Information gathering
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 05/09/2003

THREAT:
Traceroute describes the path in realtime from the scanner to the remote host being contacted. It reports the IP addresses of all the routers in
between.

RESULT:
Hops IP Round Trip Time Probe Port
1
2
64.39.111.3
216.35.14.45
0.47ms
0.37ms
n ICMP
ICMP
tio
3 *.*.*.* 0.00ms Other 80
4 67.14.43.82 3.71ms ICMP
ua

5 67.14.34.38 4.43ms ICMP

6 4.68.62.77 17.74ms ICMP
al

7 213.46.190.57 5.85ms ICMP

8 84.116.133.62 69.41ms ICMP
Ev

9 84.116.130.165 69.43ms ICMP

10 213.46.191.106 83.68ms ICMP
11 67.230.101.35 135.41ms ICMP
12 *.*.*.* 0.00ms Other 80
13 *.*.*.* 0.00ms Other 80
14 *.*.*.* 0.00ms Other 80
15 *.*.*.* 0.00ms Other 80
16 190.205.21.195 163.96ms ICMP

Target Network Information

PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 45004
Category: Information gathering
CVE ID: -

Scan Results page 7

 Vendor Reference: -
Bugtraq ID: -
Last Update: 08/15/2013

THREAT:
The information shown in the Result section was returned by the network infrastructure responsible for routing traffic from our cloud platform to the
target network (where the scanner appliance is located).

This information was returned from: 1) the WHOIS service, or 2) the infrastructure provided by the closest gateway server to our cloud platform. If
your ISP is routing traffic, your ISP's gateway server returned this information.

IMPACT:
This information can be used by malicious users to gather more information about the network infrastructure that may help in launching attacks
against it.

RESULT:
The network handle is: NET190
Network description:
Latin American and Caribbean IP address Regional Registry

Internet Service Provider

PCI COMPLIANCE STATUS

n
tio
VULNERABILITY DETAILS

Severity: 1
ua

QID: 45005
Category: Information gathering
CVE ID: -
al

Vendor Reference: -
Bugtraq ID: -
Ev

Last Update: 09/27/2013

THREAT:
The information shown in the Result section was returned by the network infrastructure responsible for routing traffic from our cloud platform to the
target network (where the scanner appliance is located).

This information was returned from: 1) the WHOIS service, or 2) the infrastructure provided by the closest gateway server to our cloud platform. If
your ISP is routing traffic, your ISP's gateway server returned this information.

IMPACT:
This information can be used by malicious users to gather more information about the network infrastructure that may aid in launching further attacks
against it.

RESULT:
The ISP network handle is: COLUMBUS-NETWORKS-4
ISP Network description:
Columbus Networks USA, Inc.

Host Names Found

PCI COMPLIANCE STATUS

Scan Results page 8

 VULNERABILITY DETAILS

Severity: 1
QID: 45039
Category: Information gathering
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 08/27/2020

THREAT:
The following host names were discovered for this computer using various methods such as DNS look up, NetBIOS query, and SQL server name
query.

RESULT:
Host Name Source
190-205-21-195.dyn.dsl.cantv.net FQDN

Host Scan Time

PCI COMPLIANCE STATUS

n
tio
VULNERABILITY DETAILS
ua

Severity: 1
QID: 45038
Category: Information gathering
al

CVE ID: -
Vendor Reference: -
Ev

Bugtraq ID: -
Last Update: 03/18/2016

THREAT:
The Host Scan Time is the period of time it takes the scanning engine to perform the vulnerability assessment of a single target host. The Host Scan
Time for this host is reported in the Result section below.

The Host Scan Time does not have a direct correlation to the Duration time as displayed in the Report Summary section of a scan results report. The
Duration is the period of time it takes the service to perform a scan task. The Duration includes the time it takes the service to scan all hosts, which
may involve parallel scanning. It also includes the time it takes for a scanner appliance to pick up the scan task and transfer the results back to the
service's Secure Operating Center. Further, when a scan task is distributed across multiple scanners, the Duration includes the time it takes to
perform parallel host scanning on all scanners.

For host running the Qualys Windows agent this QID reports the time taken by the agent to collect the host metadata used for the most recent
assessment scan.

RESULT:
Scan duration: 2501 seconds

Start time: Tue, Feb 02 2021, 23:34:17 GMT

End time: Wed, Feb 03 2021, 00:15:58 GMT

Firewall Detected

Scan Results page 9

 PCI COMPLIANCE STATUS

VULNERABILITY DETAILS

Severity: 1
QID: 34011
Category: Firewall
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 04/22/2019

THREAT:
A packet filtering device protecting this IP was detected. This is likely to be a firewall or a router using access control lists (ACLs).

RESULT:
Some of the ports filtered by the firewall are: 20, 21, 22, 23, 25, 53, 80, 111, 135, 443.

Listed below are the ports filtered by the firewall.

No response has been received when any of these ports are probed.
1-381,383-1559,1561-1705,1707-1721,1723-1999,2001-2033,2035,2037-2100,
2102-2146,2148-2512,2514-2701,2703-3388,3390-5491,5493-5504,5506-5549,
5551-5559,5561-5569,5571-5579,5581-5630,5632-6013,6015-6128,6130-7006,
7008-7009,7011-9098,9100-9989,9991-10109,10111-42423,42425-65535
n
tio
Appendices
ua

Hosts Scanned
al

190.205.21.195
Ev

Option Profile

Scan
Scanned TCP Ports: Full
Scanned UDP Ports: Standard Scan
Scan Dead Hosts: Off
Load Balancer Detection: Off
Password Brute Forcing: Standard
Vulnerability Detection: Complete
Windows Authentication: Disabled
SSH Authentication: Disabled
Oracle Authentication: Disabled
SNMP Authentication: Disabled
Perform 3-way Handshake: Off
Overall Performance: Custom
Hosts to Scan in Parallel-External Scanner: 15
Hosts to Scan in Parallel-Scanner Appliances: 15
Processes to Run in Parallel-Total: 10
Processes to Run in Parallel-HTTP: 10
Packet (Burst) Delay: Medium

Advanced
Scan Results page 10
 Hosts Discovery: TCP Standard Scan, UDP Standard Scan, ICMP On
Ignore RST packets: Off
Ignore firewall-generated SYN-ACK packets: Off
Do not send ACK or SYN-ACK packets during host discovery: Off

Report Legend

Payment Card Industry (PCI) Status

The Detailed Results section of the report shows all detected vulnerabilities and potential vulnerabilities sorted by host. The vulnerabilities and
potential vulnerabilities marked PCI FAILED caused the host to receive the PCI compliance status FAILED. All vulnerabilities and potential
vulnerabilities marked PCI FAILED must be remediated to pass the PCI compliance requirements. Vulnerabilities not marked as PCI FAILED
display vulnerabilities that the PCI Compliance service found on the hosts when scanned. Although these vulnerabilities are not in scope for PCI,
we do recommend that you remediate the vulnerabilities in severity order.

A PCI compliance status of PASSED for a single host/IP indicates that no vulnerabilities or potential vulnerabilities, as defined by the PCI DSS
compliance standards set by the PCI Council, were detected on the host. An overall PCI compliance status of PASSED indicates that all hosts in
the report passed the PCI compliance standards.

A PCI compliance status of FAILED for a single host/IP indicates that at least one vulnerability or potential vulnerability, as defined by the PCI
DSS compliance standards set by the PCI Council, was detected on the host. An overall PCI compliance status of FAILED indicates that at least
one host in the report failed to meet the PCI compliance standards.

Vulnerability Levels
A Vulnerability is a design flaw or mis-configuration which makes your network (or a host on your network) susceptible to malicious attacks from
local or remote users. Vulnerabilities can exist in several areas of your network, such as in your firewalls, FTP servers, Web servers, operating
systems or CGI bins. Depending on the level of the security risk, the successful exploitation of a vulnerability can vary from the disclosure of
information about the host to a complete compromise of the host.

Severity Level Description

1 Minimal

n
Intruders can collect information about the host (open ports, services, etc.) and may be
able to use this information to find other
tio
vulnerabilities.

2 Medium Intruders may be able to collect sensitive information from the host, such as the precise
version of software installed. With this information, intruders can easily exploit known
ua

vulnerabilities specific to software

versions.

Serious Intruders may be able to gain access to specific information stored on the host, including
al

3
security settings. This could result in potential misuse of the host by intruders. For
example, vulnerabilities at this level may include partial disclosure of file contents,
Ev

access to certain files on the host, directory browsing, disclosure of filtering rules and
security mechanisms, denial of service attacks, and unauthorized use of services, such as
mail-relaying.

4 Critical Intruders can possibly gain control of the host, or there may be potential leakage of
highly sensitive information. For example, vulnerabilities at this level may include full
read access to files, potential backdoors, or a listing of all the users on the host.

5 Urgent Intruders can easily gain control of the host, which can lead to the compromise of your
entire network security. For example, vulnerabilities at this level may include full read
and write access to files, remote execution of commands, and the presence of backdoors.

Severity Level Description

Low A vulnerability with a CVSS base score of 0.0 through 3.9. These vulnerabilities are not required to be fixed to pass PCI complianc

Medium A vulnerability with a CVSS base score of 4.0 through 6.9. These vulnerabilities must be fixed to pass PCI compliance.

High A vulnerability with a CVSS base score of 7.0 through 10.0. These vulnerabilities must be fixed to pass PCI compliance.

Potential Vulnerability Levels

A potential vulnerability is one which we cannot confirm exists. The only way to verify the existence of such vulnerabilities on your network would
be to perform an intrusive scan, which could result in a denial of service. This is strictly against our policy. Instead, we urge you to investigate
these potential vulnerabilities further.

Severity Level Description

1 Minimal If this vulnerability exists on your system, intruders can collect information about the
host (open ports, services, etc.) and may be able to use this information to find other
vulnerabilities.

Scan Results page 11

 2 Medium If this vulnerability exists on your system, intruders may be able to collect sensitive
information from the host, such as the precise version of software installed. With this
information, intruders can easily exploit known vulnerabilities specific to software
versions.

3 Serious If this vulnerability exists on your system, intruders may be able to gain access to
specific information stored on the host, including security settings. This could result in
potential misuse of the host by intruders. For example, vulnerabilities at this level may
include partial disclosure of file contents, access to certain files on the host,
directory browsing, disclosure of filtering rules and security mechanisms, denial of
service attacks, and unauthorized use of services, such as
mail-relaying.

4 Critical If this vulnerability exists on your system, intruders can possibly gain control of the
host, or there may be potential leakage of highly sensitive information. For example,
vulnerabilities at this level may include full read access to files, potential backdoors,
or a listing of all the users on the
host.

5 Urgent If this vulnerability exists on your system, intruders can easily gain control of the host,
which can lead to the compromise of your entire network security. For example, vulnerabilit
es at this level may include full read and write access to files, remote execution of comma
ds, and the presence of
backdoors.

Severity Level Description

Low A potential vulnerability with a CVSS base score of 0.0 through 3.9. These vulnerabilities are
not required to be fixed to pass PCI compliance.

Medium A potential vulnerability with a CVSS base score of 4.0 through 6.9. These vulnerabilities must be fixed to pass PCI compliance.

High A potential vulnerability with a CVSS base score of 7.0 through 10.0. These vulnerabilities must be fixed to pass PCI compliance.

Information Gathered

n
tio
Information Gathered includes visible information about the network related to the host, such as traceroute information, Internet Service Provider
(ISP), or a list of reachable hosts. Information Gathered severity levels also include Network Mapping data, such as detected firewalls, SMTP
banners, or a list of open TCP services.
ua

Severity Level Description

Minimal Intruders may be able to retrieve sensitive information related to the host, such as open
al

1
UDP and TCP services lists, and detection of firewalls.
Ev

2 Medium Intruders may be able to determine the operating system running on the host, and view banner versions.

3 Serious Intruders may be able to detect highly sensitive data, such as global system user lists.

Scan Results page 12