2017-04-25 22:46:03 UTC
The NMAP banner is correct and the CPE based detection is wrong. The host is a Windows machine running Oracle Virtualbox. This system is listed as âOperating System: cpe:/h:hp:jetdirectâ in OpenVAS.
Log (CVSS: 0.0)
NVT: OS Detection Consolidation and Reporting (OID: 18.104.22.168.4.1.25622.214.171.124937)
This script consolidates the OS information detected by several NVTs and tries to find the best matching OS.
Furthermore it reports all previously collected information leading to this best matching OS. It also reports possible additional informations which might help to improve the OS detection.
If any of this information is wrong or could be improved please consider to report these to email@example.com.
Vulnerability Detection Result
Best matching OS:
OS: HP JetDirect
Found by NVT: 126.96.36.199.4.1.256188.8.131.52002 (ICMP based OS Fingerprinting)
Concluded from ICMP based OS fingerprint:
Setting key "Host/runs_unknown" based on this information
Unknown banners have been collected which might help to identify the OS running on this host. If these banners containing information about the host OS please report the following information to firstname.lastname@example.org:
Banner: # Nmap 7.40 scan initiated Tue Apr 25 20:56:48 2017 as: nmap -n -Pn -sV -oN /tmp/nmap-172.16.15.148-323665694 -O --osscan-limit -p 3389,1947,135,21,22,25,80,443,15731,21071,34840 172.16.15.148
Nmap scan report for 172.16.15.148
Host is up (0.017s latency).
PORT STATE SERVICE VERSION
21/tcp closed ftp
22/tcp closed ssh
25/tcp closed smtp
80/tcp closed http
135/tcp open msrpc Microsoft Windows RPC
443/tcp closed https
1947/tcp open http Aladdin/SafeNet HASP license manager 18.00
3389/tcp open ms-wbt-server Microsoft Terminal Service
15731/tcp closed unknown
21071/tcp closed unknown
34840/tcp closed unknown
Device type: bridge|general purpose|switch
Running (JUST GUESSING): Oracle Virtualbox (96%), QEMU (94%), Cisco embedded (86%)
OS CPE: cpe:/o:oracle:virtualbox cpe:/a:qemu:qemu cpe:/h:cisco:css_11501
Aggressive OS guesses: Oracle Virtualbox (96%), QEMU user mode network gateway (94%), Cisco CSS 11501 switch (86%)
No exact OS matches for host (test conditions non-ideal).
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Tue Apr 25 20:57:02 2017 -- 1 IP address (1 host up) scanned in 13.91 seconds
Identified from: Nmap TCP/IP fingerprinting
Banner: Server: HASP LM/18.00
Identified from: HTTP Server banner on port 1947/tcp
Details: OS Detection Consolidation and Reporting (OID: 184.108.40.206.4.1.256220.127.116.11937)
Version used: $Revision: 5435 $
Cascade Engineering Technologies, Inc.
14707 SE River Rd.
Milwaukie, OR 97267
(503) 653-6788 fax
(503) 957-3442 cell
AS9100C & ITAR Registered
WARNING - This document may contain technical data, export of which is restricted by the International Traffic in Arms Regulations (ITAR) and subject to Title 22 C.F.R. Part 120-130. Prior authorization is required from the U.S. Department of State/Directorate of Defense Trade Controls for release of this item, or any information in this item, to any foreign person or entity whether located in the United States or not. Disclosure to foreign persons without U.S. Government approval is prohibited. Violations of these export laws and regulations are subjected to severe civil and criminal penalties. Notice of Proprietary Rights - This document contains confidential technical and commercial data including trade secrets proprietary to Cascade Engineering Technologies, Inc. Disclosure of this data to you is expressly confidential upon your assent that its use is limited to use within your company only and that you and/or your company are the intended recipient(s). Any other use is strictly prohibited without prior written consent of Cascade Engineering Technologies, Inc.
NOTE - If you received this message in error, please notify the sender by reply e-mail and delete all copies of this message.
PLEASE CONSIDER THE ENVIRONMENT BEFORE PRINTING THIS E-MAIL