Tasks
Last updated
Last updated
Search the Common Weakness Enumeration (CWE) list and find the name of the vulnerability with the CWE ID 591.
Sensitive Data Storage in Improperly Locked Memory
Search the Common Weakness Enumeration (CWE) list and find the top weakness in the list “Weaknesses in the 2019 CWE Top 25 Most Dangerous Software Errors.”
Improper Restriction of Operations within the Bounds of a Memory Buffer
Search the Common Vulnerabilities and Exposures (CVE) list and find the name of the vulnerability with the CVE ID CVE-2020-17140.
Windows SMB Information Disclosure Vulnerability
Search the National Vulnerability Database (NVD) and find the Common Weakness Enumeration (CWE) ID for CVE-2021-23125
CWE-79
Search the National Vulnerability Database (NVD) and find the base score rating for CVE-2021-1723 according to CVSS Version 3.x.
7.5
Search the National Vulnerability Database (NVD) and find the base score range for High Severity in CVSS v3.0 ratings.
7.0-8.9
Search the National Vulnerability Database (NVD) and find the base score range for High Severity in CVSS v2.0 ratings.
7.0-10.0
Perform vulnerability analysis for the target machine (10.10.1.22) using OpenVAS and find the number of vulnerabilities in the system. Flag submission is not required for this task, enter "No flag" as the answer.
No flag
What is the default port used by Nessus to run vulnerability scans?
8834
Perform vulnerability scanning for the host at 10.10.1.22 using Nessus and find the Nessus plugin ID that detects the vulnerability “SNMP Agent Default Community Name (Public)” in the machine.
41028
Perform vulnerability scanning for the host at 10.10.1.22 using GFI LanGuard and find the machine’s vulnerability level. Hint: This flag is optional. You need to download a trial version of the GFI LanGuard tool to attempt this flag
Perform vulnerability scanning for the host 10.10.1.22 using GFI LanGuard and find the number of vulnerabilities with the severity level “Critical/High.” Hint: This flag is optional. You need to download a trial version of the GFI LanGuard tool to attempt this flag.
Scan web servers and application vulnerabilities for www.certifiedhacker.com using CGI Scanner Nikto with reverse tuning options and identify the uncommon header “host-header” found on the target webserver.
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Scan web servers and application vulnerabilities for www.certifiedhacker.com using CGI Scanner Nikto and find the OSVDB ID for the finding “/cpanel/: Web-based control panel.”
Maybe later!!!
