<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:14px"><div style="" class=""><span style="" class="">It gets scanned by Verizon - they use a pretty good tool for it, so I'm pretty sure it's not made up.</span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif; background-color: transparent; font-style: normal;"><br style="" class=""><span style="" class=""></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif; background-color: transparent; font-style: normal;"><span style="" class="">I just personally don't know much about the server, as it's not my primary responsibility. <br style="" class=""></span></div><div class="" style="color: rgb(0, 0, 0);
font-size: 14px; font-family: HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif; background-color: transparent; font-style: normal;"><br style="" class=""><span style="" class=""></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif; background-color: transparent; font-style: normal;"><span style="" class="">From what I thought I sent, it sounds like MS' own X-Windows that's the problem. <br style="" class=""></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif; background-color: transparent; font-style: normal;"><br style="" class=""><span style="" class=""></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif; background-color:
transparent; font-style: normal;"><span style="" class="">I followed the link in the vulnerability alert (below), and mention of the X server brought me to X-Org. If I am in the wrong place, please let me know.<br></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif; background-color: transparent; font-style: normal;"><span style="" class=""><br></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif; background-color: transparent; font-style: normal;"><span style="" class=""><a style="" class="" href="http://www.tenable.com/plugins/index.php?view=single&id=66349">Nessus Plugins</a></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 14px; font-family: HelveticaNeue,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif;
background-color: transparent; font-style: normal;"><span style="" class=""><br style="" class=""></span></div><div style="width:450px; font-family: 'Georgia', 'Times', 'Times New Roman', 'serif';margin-top:5px; margin-bottom: 5px;" id="enhancrCard_0" class="link-enhancr-attachment link-enhancr-element" contenteditable="false"><table class="link-enhancr-element" style="width:450px; height:auto; position: relative; display: block;" border="0" cellpadding="0" cellspacing="0"><tbody><tr class="link-enhancr-element"><td class="link-enhancr-element" colspan="7" style="height: 1px; background-color: #e5e5e5; font-size: 1px; border-collapse: collapse;"><div class="link-enhancr-element" style="height: 1px; background-color: #e5e5e5; font-size: 1px; line-height:0px;"> </div></td></tr><tr class="link-enhancr-element"><td rowspan="5" class="link-enhancr-element" style="width: 1px; background-color: #e5e5e5; font-size: 1pt; border-collapse: collapse;"><div
class="link-enhancr-element" style="width: 1px; background-color: #e5e5e5; font-size: 1pt;"> </div></td><td rowspan="5" class="link-enhancr-element" style="width: 14px; background-color: #ffffff; font-size: 0pt; border-collapse: collapse;"><div class="link-enhancr-element" style="width: 14px; background-color: #ffffff; font-size: 14pt;"> </div></td><td colspan="2" class="link-enhancr-element" style="height: 6px; background-color: #ffffff; font-size: 0pt; border-collapse: collapse;"><div class="link-enhancr-element" style="height: 6px; background-color: #ffffff; font-size: 6pt;"> </div></td><td rowspan="5" class="link-enhancr-element" style="width: 20px; background-color: #ffffff; font-size: 0pt; border-collapse: collapse;"><div class="link-enhancr-element" style="width: 20px; background-color: #ffffff; font-size: 20pt;"> </div></td><td class="link-enhancr-element" rowspan="5" style="width: 1px; background-color: #e5e5e5; font-size:
1pt; border-collapse: collapse;" width="1"><div class="link-enhancr-element" style="width: 1px; background-color: #e5e5e5; font-size: 1pt;"> </div></td></tr><tr><td class="link-enhancr-element" colspan="2" style="width: 100%; vertical-align: middle; font-family: 'Georgia', 'Times', 'Times New Roman', 'serif';"><div class="link-enhancr-text-part link-enhancr-element" style="line-height:16.5px; background-color: #ffffff; width: 414px;"><div class="link-enhancr-element" style="word-wrap: break-word; word-break: break-all;"><span class="link-enhancr-element icon icon-shrink link-enhancr-toggle"></span><span class="link-enhancr-element icon icon-close link-enhancr-delete"></span><a href="http://www.tenable.com/plugins/index.php?view=single&id=66349" class="link-enhancr-card-urlWrapper link-enhancr-element" style="text-decoration: none !important; color: #000000 !important; line-height: 100%; font-size: 18px; display: block;"><span
class="link-enhancr-element link-enhancr-card-title" style="margin: 0; font-weight: normal;margin-bottom: 3px; font-size: 18px; line-height: 21px; max-height: 43px; color: #000000; overflow: hidden !important; display: inline-block;">Nessus Plugins</span></a><div style="font-size: 13px; line-height: 20px; color: #999999; max-height: 81px; font-family: 'Georgia', 'Times', 'Times New Roman', 'serif';overflow: hidden;" class="link-enhancr-card-description link-enhancr-element">Synopsis : The remote X server accepts TCP connections. Description : The remote X server accepts remote TCP connections. It is possible for an attacker to grab a screenshot of the remote host. </div></div></div></td></tr><tr><td colspan="2" class="link-enhancr-element" style="height: 6px; background-color: #ffffff; font-size: 0pt; border-collapse: collapse;"><div class="link-enhancr-element" style="height: 6px; background-color: #ffffff; font-size: 6pt;"></div></td></tr><tr><td
class="link-enhancr-element" style="vertical-align: middle; font-family: 'Arial', 'Helvetica Neue', 'Helvetica', 'sans-serif';"><div class="link-enhancr-element" style="font-size: 0pt;"><a href="http://www.tenable.com/plugins/index.php?view=single&id=66349" class="link-enhancr-card-url link-enhancr-element" style="color: black; text-decoration: none !important;cursor:pointer !important;" target="_blank"><span class="link-enhancr-element link-enhancr-view-on" style="display: inline-block; line-height: 11px; max-width: 314px; min-width: 254px; overflow: hidden; max-height: 13px; word-break: break-all;"><span class="link-enhancr-element link-enhancr-mobile-no-resize" style="vertical-align:middle; font-size: 9px; line-height: 11px; color: #999999; -moz-text-size-adjust: none; -ms-text-size-adjust: none; -webkit-text-size-adjust:none; text-size-adjust:none;">View on <span style="font-weight: bold"
class="link-enhancr-view-on-domain">www.tenable.com</span></span></span></a></div></td><td class="link-enhancr-element" style="vertical-align: middle; width: 100px; font-family: 'Arial', 'Helvetica Neue', 'Helvetica', 'sans-serif';"><div class="link-enhancr-element link-enhancr-preview-wrapper" style="max-width: 100px; min-width: 80px; overflow: hidden; text-align: right; line-height: 11px; max-height: 13px; font-size: 0pt;"><span class="link-enhancr-element link-enhancr-preview-by link-enhancr-mobile-no-resize" style="vertical-align:middle; font-size: 9px; line-height: 11px; color: #999999; -moz-text-size-adjust: none; -ms-text-size-adjust: none; -webkit-text-size-adjust:none; text-size-adjust:none;">Preview by Yahoo</span></div></td></tr><tr><td colspan="2" class="link-enhancr-element" style="height: 9px; background-color: #ffffff; font-size: 0pt; border-collapse: collapse;"><div class="link-enhancr-element" style="height: 9px; background-color:
#ffffff; font-size: 9pt;"></div></td></tr><tr class="link-enhancr-element"><td class="link-enhancr-element" colspan="7" style="height: 1px; background-color: #e5e5e5; font-size: 1px; border-collapse: collapse;"><div class="link-enhancr-element" style="height: 1px; background-color: #e5e5e5; font-size: 1px; line-height:0px"> </div></td></tr></tbody></table></div><div style="" class=""><br style="" class=""></div> <div class="" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 14px;"> <div class="" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 12pt;"> <div style="" class="" dir="ltr"> <hr style="" class="" size="1"> <font style="" class="" size="2" face="Arial"> <b style="" class=""><span class="" style="font-weight:bold;">From:</span></b> Alan Coopersmith <alan.coopersmith@oracle.com><br style="" class=""> <b style=""
class=""><span class="" style="font-weight: bold;">To:</span></b> Duane Fish <duanedfish@yahoo.com> <br style="" class=""><b style="" class=""><span class="" style="font-weight: bold;">Cc:</span></b> "xorg@lists.x.org" <xorg@lists.x.org> <br style="" class=""> <b style="" class=""><span class="" style="font-weight: bold;">Sent:</span></b> Tuesday, September 23, 2014 6:05 PM<br style="" class=""> <b style="" class=""><span class="" style="font-weight: bold;">Subject:</span></b> Re: CVE-1999-0526 Vulnerbility on W2k8 R2<br style="" class=""> </font> </div> <div style="" class=""><br style="" class="">On 09/23/14 03:59 PM, Duane Fish wrote:<br style="" class="" clear="none">> Did this help at all?<br style="" class="" clear="none"><br style="" class="" clear="none">Nope - as best we can tell, this is still the most likely answer:<br style="" class="" clear="none"><br style="" class="" clear="none">> And if you can't find any signs of any
of those programs, then it's most likely<br style="" class="" clear="none">> a false alarm from your auditor or vulnerability scanner, when they can't figure<br style="" class="" clear="none">> out what software is listening on port 6000, and just make up answers to look<br style="" class="" clear="none">> useful when they're not.<br style="" class="" clear="none"><br style="" class="" clear="none">On the other hand, if you don't know what software is running on your systems,<br style="" class="" clear="none">you have a bigger security problem than any scanner can help with.<div style="" class="" id="yqtfd55529"><br style="" class="" clear="none"><br style="" class="" clear="none">-- <br style="" class="" clear="none"> -Alan Coopersmith- <a style="" class="" shape="rect" ymailto="mailto:alan.coopersmith@oracle.com"
href="mailto:alan.coopersmith@oracle.com">alan.coopersmith@oracle.com</a><br style="" class="" clear="none"> Oracle Solaris Engineering - <a style="" class="" shape="rect" href="http://blogs.oracle.com/alanc" target="_blank">http://blogs.oracle.com/alanc</a><br style="" class="" clear="none"></div><br style="" class=""><br style="" class=""></div> </div> </div> </div></body></html>