Inconclusive host with excessive  port connection failures

Document created by Jeffrey Shui Employee on May 4, 2016
Version 1Show Document
  • View in full screen mode


Some customers have seen this vulnerability "Inconclusive host with excessive  port connection failures" in their scans and have no idea what it means.

 

Basically it means that Nexpose believes something is interfering (IDS/IPS/Firewall/etc) with the scan of the target host. This means that the data we are providing is potentially flawed, missing ports, and could be full of False Negatives and/or False Positives. Not to mention we may have stopped scanning this host early in an attempt to avoid a tarpit.

 

We have marked it as a CVSSv2 10 because the interference *could* be masking a rather nasty remote execution vulnerability that could be exploited manually. (IE: Up to a CVSSv2 of 10) Not to mention it makes these potential "blind spots" bubble to the top in your reporting.

 

(Thanks Liam)

5 people found this helpful

Attachments

    Outcomes