· 6 years ago · Mar 22, 2020, 12:10 AM
1##################################################################################################################################
2==================================================================================================================================
3Hostname www.katmod.com ISP IP Volume inc
4Continent Europe Flag
5NL
6Country Netherlands Country Code NL
7Region North Holland Local time 21 Mar 2020 23:49 CET
8City Amsterdam Postal Code 1091
9IP Address 94.102.51.112 Latitude 52.353
10 Longitude 4.909
11==================================================================================================================================
12##################################################################################################################################
13> www.katmod.com
14Server: 10.101.0.243
15Address: 10.101.0.243#53
16
17Non-authoritative answer:
18Name: www.katmod.com
19Address: 94.102.51.112
20>
21#################################################################################################################################
22 Domain Name: KATMOD.COM
23 Registry Domain ID: 1685139796_DOMAIN_COM-VRSN
24 Registrar WHOIS Server: whois.namesilo.com
25 Registrar URL: http://www.namesilo.com
26 Updated Date: 2020-02-29T00:07:37Z
27 Creation Date: 2011-11-01T15:09:40Z
28 Registry Expiry Date: 2020-11-01T15:09:40Z
29 Registrar: NameSilo, LLC
30 Registrar IANA ID: 1479
31 Registrar Abuse Contact Email: abuse@namesilo.com
32 Registrar Abuse Contact Phone: +1.4805240066
33 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
34 Name Server: NS1.MONCHEKIN.COM
35 Name Server: NS2.MONCHEKIN.COM
36 DNSSEC: unsigned
37##################################################################################################################################
38Domain Name: katmod.com
39Registry Domain ID: 1685139796_DOMAIN_COM-VRSN
40Registrar WHOIS Server: whois.namesilo.com
41Registrar URL: https://www.namesilo.com/
42Updated Date: 2020-03-18T07:00:00Z
43Creation Date: 2011-11-01T07:00:00Z
44Registrar Registration Expiration Date: 2020-11-01T07:00:00Z
45Registrar: NameSilo, LLC
46Registrar IANA ID: 1479
47Registrar Abuse Contact Email: abuse@namesilo.com
48Registrar Abuse Contact Phone: +1.4805240066
49Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
50Registry Registrant ID:
51Registrant Name: Domain Administrator
52Registrant Organization: See PrivacyGuardian.org
53Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255
54Registrant City: Phoenix
55Registrant State/Province: AZ
56Registrant Postal Code: 85016
57Registrant Country: US
58Registrant Phone: +1.3478717726
59Registrant Phone Ext:
60Registrant Fax:
61Registrant Fax Ext:
62Registrant Email: pw-a6a9d1366de2f7e9c12681515612f974@privacyguardian.org
63Registry Admin ID:
64Admin Name: Domain Administrator
65Admin Organization: See PrivacyGuardian.org
66Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255
67Admin City: Phoenix
68Admin State/Province: AZ
69Admin Postal Code: 85016
70Admin Country: US
71Admin Phone: +1.3478717726
72Admin Phone Ext:
73Admin Fax:
74Admin Fax Ext:
75Admin Email: pw-a6a9d1366de2f7e9c12681515612f974@privacyguardian.org
76Registry Tech ID:
77Tech Name: Domain Administrator
78Tech Organization: See PrivacyGuardian.org
79Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255
80Tech City: Phoenix
81Tech State/Province: AZ
82Tech Postal Code: 85016
83Tech Country: US
84Tech Phone: +1.3478717726
85Tech Phone Ext:
86Tech Fax:
87Tech Fax Ext:
88Tech Email: pw-a6a9d1366de2f7e9c12681515612f974@privacyguardian.org
89Name Server: ns1.monchekin.com
90Name Server: ns2.monchekin.com
91DNSSEC: unsigned
92#################################################################################################################################
93[+] Target : www.katmod.com
94
95[+] IP Address : 94.102.51.112
96
97[+] Headers :
98
99[+] Server : nginx
100[+] Date : Sat, 21 Mar 2020 22:56:14 GMT
101[+] Content-Type : text/html
102[+] Transfer-Encoding : chunked
103[+] Connection : keep-alive
104[+] Vary : Accept-Encoding
105[+] Content-Encoding : gzip
106
107[+] SSL Certificate Information :
108
109[-] SSL is not Present on Target URL...Skipping...
110
111[+] Whois Lookup :
112
113[+] NIR : None
114[+] ASN Registry : ripencc
115[+] ASN : 202425
116[+] ASN CIDR : 94.102.51.0/24
117[+] ASN Country Code : NL
118[+] ASN Date : 2008-08-29
119[+] ASN Description : INT-NETWORK, SC
120[+] cidr : 94.102.51.0/24
121[+] name : NET-4-51
122[+] handle : IVI24-RIPE
123[+] range : 94.102.51.0 - 94.102.51.255
124[+] description : IPV NETBLOCK
125[+] country : NL
126[+] state : None
127[+] city : None
128[+] address : Suite 9
129Victoria, Mahe
130Seychelles
131[+] postal_code : None
132[+] emails : None
133[+] created : 2019-02-04T13:25:18Z
134[+] updated : 2019-02-04T13:25:18Z
135
136[+] Crawling Target...
137
138[+] Looking for robots.txt........[ Not Found ]
139[+] Looking for sitemap.xml.......[ Not Found ]
140[+] Extracting CSS Links..........[ 0 ]
141[+] Extracting Javascript Links...[ 0 ]
142[+] Extracting Internal Links.....[ 0 ]
143[+] Extracting External Links.....[ 0 ]
144[+] Extracting Images.............[ 12 ]
145
146[+] Total Links Extracted : 12
147
148[+] Dumping Links in /opt/FinalRecon/dumps/www.katmod.com.dump
149[+] Completed!
150#################################################################################################################################
151[i] Scanning Site: http://www.katmod.com
152
153
154
155B A S I C I N F O
156====================
157
158
159[+] Site Title: Katrin Child Model
160[+] IP address: 94.102.51.112
161[+] Web Server: nginx
162[+] CMS: Could Not Detect
163[+] Cloudflare: Not Detected
164[+] Robots File: Could NOT Find robots.txt!
165
166
167
168
169W H O I S L O O K U P
170========================
171
172 Domain Name: KATMOD.COM
173 Registry Domain ID: 1685139796_DOMAIN_COM-VRSN
174 Registrar WHOIS Server: whois.namesilo.com
175 Registrar URL: http://www.namesilo.com
176 Updated Date: 2020-02-29T00:07:37Z
177 Creation Date: 2011-11-01T15:09:40Z
178 Registry Expiry Date: 2020-11-01T15:09:40Z
179 Registrar: NameSilo, LLC
180 Registrar IANA ID: 1479
181 Registrar Abuse Contact Email: abuse@namesilo.com
182 Registrar Abuse Contact Phone: +1.4805240066
183 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
184 Name Server: NS1.MONCHEKIN.COM
185 Name Server: NS2.MONCHEKIN.COM
186 DNSSEC: unsigned
187 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
188>>> Last update of whois database: 2020-03-21T22:56:15Z <<<
189
190For more information on Whois status codes, please visit https://icann.org/epp
191
192
193
194The Registry database contains ONLY .COM, .NET, .EDU domains and
195Registrars.
196
197
198
199
200G E O I P L O O K U P
201=========================
202
203[i] IP Address: 94.102.51.112
204[i] Country: Netherlands
205[i] State: North Holland
206[i] City: Amsterdam
207[i] Latitude: 52.35
208[i] Longitude: 4.9167
209
210
211
212
213H T T P H E A D E R S
214=======================
215
216
217[i] HTTP/1.1 200 OK
218[i] Server: nginx
219[i] Date: Sat, 21 Mar 2020 22:56:32 GMT
220[i] Content-Type: text/html
221[i] Connection: close
222[i] Vary: Accept-Encoding
223
224
225
226
227D N S L O O K U P
228===================
229
230katmod.com. 3599 IN SOA a13s08.host.com. root.example.com. 2018030600 3600 3600 604800 86400
231katmod.com. 3599 IN NS ns1.monchekin.com.
232katmod.com. 3599 IN NS ns2.monchekin.com.
233katmod.com. 3599 IN TXT "v=spf1 ip4:94.102.51.33 a mx ~all"
234katmod.com. 3599 IN MX 20 mail.katmod.com.
235katmod.com. 3599 IN MX 10 mail.katmod.com.
236katmod.com. 3599 IN A 94.102.51.112
237
238
239
240
241S U B N E T C A L C U L A T I O N
242====================================
243
244Address = 94.102.51.112
245Network = 94.102.51.112 / 32
246Netmask = 255.255.255.255
247Broadcast = not needed on Point-to-Point links
248Wildcard Mask = 0.0.0.0
249Hosts Bits = 0
250Max. Hosts = 1 (2^0 - 0)
251Host Range = { 94.102.51.112 - 94.102.51.112 }
252
253
254
255N M A P P O R T S C A N
256============================
257
258Starting Nmap 7.70 ( https://nmap.org ) at 2020-03-21 22:56 UTC
259Nmap scan report for katmod.com (94.102.51.112)
260Host is up (0.081s latency).
261rDNS record for 94.102.51.112: no-reverse-dns-configured.com
262
263PORT STATE SERVICE
26421/tcp filtered ftp
26522/tcp open ssh
26680/tcp open http
267443/tcp closed https
268
269Nmap done: 1 IP address (1 host up) scanned in 1.81 seconds
270
271
272
273S U B - D O M A I N F I N D E R
274==================================
275
276
277[i] Total Subdomains Found : 1
278
279[+] Subdomain: www.katmod.com
280[-] IP: 94.102.51.112
281#################################################################################################################################
282[+] Starting At 2020-03-21 18:56:47.702351
283[+] Collecting Information On: http://www.katmod.com/
284[#] Status: 200
285--------------------------------------------------
286[#] Web Server Detected: nginx
287[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
288- Server: nginx
289- Date: Sat, 21 Mar 2020 22:56:42 GMT
290- Content-Type: text/html
291- Transfer-Encoding: chunked
292- Connection: keep-alive
293- Vary: Accept-Encoding
294- Content-Encoding: gzip
295--------------------------------------------------
296[#] Finding Location..!
297[#] status: success
298[#] country: Netherlands
299[#] countryCode: NL
300[#] region: NH
301[#] regionName: North Holland
302[#] city: Amsterdam
303[#] zip: 1091
304[#] lat: 52.3534
305[#] lon: 4.9087
306[#] timezone: Europe/Amsterdam
307[#] isp: IP Volume inc
308[#] org: IP Volume inc
309[#] as: AS202425 IP Volume inc
310[#] query: 94.102.51.112
311--------------------------------------------------
312[x] Didn't Detect WAF Presence on: http://www.katmod.com/
313--------------------------------------------------
314[#] Starting Reverse DNS
315[!] Found 1 any Domain
316- katmod.com
317--------------------------------------------------
318[!] Scanning Open Port
319[#] 22/tcp open ssh
320[#] 25/tcp open smtp
321[#] 53/tcp open domain
322[#] 80/tcp open http
323[#] 110/tcp open pop3
324[#] 143/tcp open imap
325[#] 465/tcp open smtps
326[#] 993/tcp open imaps
327[#] 995/tcp open pop3s
328--------------------------------------------------
329[+] Getting SSL Info
330[Errno 111] Connection refused
331--------------------------------------------------
332[+] Collecting Information Disclosure!
333[#] Detecting sitemap.xml file
334[-] sitemap.xml file not Found!?
335[#] Detecting robots.txt file
336[-] robots.txt file not Found!?
337[#] Detecting GNU Mailman
338[-] GNU Mailman App Not Detected!?
339--------------------------------------------------
340[+] Crawling Url Parameter On: http://www.katmod.com/
341--------------------------------------------------
342[#] Searching Html Form !
343[-] No Html Form Found!?
344--------------------------------------------------
345[-] No DOM Paramter Found!?
346--------------------------------------------------
347[-] No internal Dynamic Parameter Found!?
348--------------------------------------------------
349[-] No external Dynamic Paramter Found!?
350--------------------------------------------------
351[!] 4 Internal links Discovered
352[+] http://www.katmod.com//join.html
353[+] http://www.katmod.com//preview.html
354[+] http://www.katmod.com//members.html
355[+] http://www.katmod.com//links.html
356--------------------------------------------------
357[-] No External Link Found!?
358--------------------------------------------------
359[#] Mapping Subdomain..
360[-] No Any Subdomain Found
361[!] Found 0 Subdomain
362--------------------------------------------------
363[!] Done At 2020-03-21 18:57:03.163705
364#################################################################################################################################
365[INFO] ------TARGET info------
366[*] TARGET: http://www.katmod.com/
367[*] TARGET IP: 94.102.51.112
368[INFO] NO load balancer detected for www.katmod.com...
369[*] DNS servers: a13s08.host.com.
370[*] TARGET server: nginx
371[*] CC: NL
372[*] Country: Netherlands
373[*] RegionCode: NH
374[*] RegionName: North Holland
375[*] City: Amsterdam
376[*] ASN: AS202425
377[*] BGP_PREFIX: 94.102.51.0/24
378[*] ISP: INT-NETWORK IP Volume inc, SC
379[INFO] DNS enumeration:
380[*] ftp.katmod.com 94.102.51.112
381[*] mail.katmod.com 94.102.51.112
382[INFO] Possible abuse mails are:
383[*] abuse@ipvolume.net
384[*] abuse@katmod.com
385[*] abuse@www.katmod.com
386[INFO] NO PAC (Proxy Auto Configuration) file FOUND
387[INFO] Starting FUZZing in http://www.katmod.com/FUzZzZzZzZz...
388[INFO] Status code Folders
389[ALERT] Look in the source code. It may contain passwords
390[INFO] Links found from http://www.katmod.com/ http://94.102.51.112/:
391[*] http://www.andypioneer.com/cgi-bin/accounts.cgi
392[*] http://www.andypioneer.com/cgi-bin/accounts.cgi?login
393[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=1000mo&url=http://1000models.net/
394[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=100nn&url=http://100nonude.net
395[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=alena&url=http://www.alenamodel.com
396[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=alesea&url=http%3a%2f%2fwww.aleseamodel.com
397[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=alesea&url=http://www.aleseamodel.com
398[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=artblo&url=http%3a%2f%2fart-models.info
399[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=artblo&url=http://art-models.info
400[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=artcool&url=http://coolarts.net/cgi-bin/in.cgi?id=51
401[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=babuwabu&url=http%3a%2f%2fnew.nnmodsets.com%2f
402[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=babuwabu&url=http://new.nnmodsets.com/
403[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=bbbs&url=http%3a%2f%2fnnbbs.net
404[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=bbbs&url=http://nnbbs.net
405[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=bcma&url=http://www.bestcma.com/
406[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=candy&url=http%3a%2f%2fcandydoll-chan.com
407[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=candy&url=http://candydoll-chan.com
408[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cmamag&url=http://www.cmamag.com
409[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cmas&url=http://www.cma-starts.com/?ft=andypioneer.com
410[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cmavid&url=http://www.cma-video.com/
411[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cool&url=http://www.coolnymph.com/cgi-bin/rankem.cgi?id=andy
412[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dolltop&url=http://www.nndoltop.com/cgi-bin/rankem.cgi?id=andy
413[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dolmod&url=http%3a%2f%2fdolce-models.com
414[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dolmod&url=http://dolce-models.com
415[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dream&url=http%3a%2f%2fdream-models.net
416[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dream&url=http://dream-models.net
417[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=drvid&url=http%3a%2f%2fdream-video.com%2f
418[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=drvid&url=http://dream-video.com/
419[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=eros&url=http://www.modland.info/eros/
420[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=fashi&url=http://models-fashion.net
421[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=finej&url=http%3a%2f%2fwww.fine-julia.com%2f
422[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=finej&url=http://www.fine-julia.com/
423[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=flash&url=http%3a%2f%2fflash-top.net%2fcgi-bin%2fin.cgi%3fid%3d57
424[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=flash&url=http://flash-top.net/cgi-bin/in.cgi?id=57
425[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=forum&url=http://forum-nn.com
426[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gadinebe&url=http%3a%2f%2fwww.newnnmod.com%2f
427[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gadinebe&url=http://www.newnnmod.com/
428[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gagavuz&url=http%3a%2f%2fwww.newnnmod.com%2f
429[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gagavuz&url=http://www.newnnmod.com/
430[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gala&url=http://www.goodtalens.com/gala/
431[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=goodtale&url=http://www.goodtalens.com
432[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=hchat&url=http://hello-chat.com/cgi-bin/rank/in.cgi?id=6
433[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=heruqiru&url=http%3a%2f%2fsmallmodels.net%2fcgi-bin%2fin.cgi%3fid%3d104
434[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=heruqiru&url=http://smallmodels.net/cgi-bin/in.cgi?id=104
435[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=honeys&url=http://www.hongirls.com
436[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=img3d&url=http%3a%2f%2fwww.fineimages3d.com%2f
437[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=img3d&url=http://www.fineimages3d.com/
438[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=iraa&url=http://www.iramodel.com
439[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=katmod&url=http://www.katmod.com/
440[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=lina&url=http://www.linamodel.net/
441[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=littlem0&url=http%3a%2f%2fwww.newnnmod.com%2f
442[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=littlem0&url=http://www.newnnmod.com/
443[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=lsmodels&url=http%3a%2f%2fwww.goodtalens.com%2flsmodels%2f
444[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=lsmodels&url=http://www.goodtalens.com/lsmodels/
445[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=luisa&url=http%3a%2f%2fwww.luisamodel.com%2f
446[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=luisa&url=http://www.luisamodel.com/
447[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=masha&url=http://www.goodtalens.com/masha/
448[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=moblo&url=http%3a%2f%2fnnmodelblog.com%2f
449[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=moblo&url=http://nnmodelblog.com/
450[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modart&url=http://ice-pie.com/cgi-bin/in.cgi?id=50
451[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=mode&url=http://www.models-top.com/cgi-bin/rankem.cgi?id=andy
452[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modland&url=http%3a%2f%2fwww.modland.info
453[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modland&url=http://www.modland.info
454[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modlinks&url=http%3a%2f%2fwww.modlinka.com
455[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modlinks&url=http://www.modlinka.com
456[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=mymod&url=http%3a%2f%2fmy-models.net%2f
457[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=mymod&url=http://my-models.net/
458[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nedphoto&url=http%3a%2f%2fteenmodels.club%2flanding%2f
459[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nedphoto&url=http://teenmodels.club/landing/
460[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=newadd&url=http%3a%2f%2fwww.goodtalens.com%2fnewadd%2f
461[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=newadd&url=http://www.goodtalens.com/newadd/
462[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=newcma&url=http://newyear.modlinka.com
463[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnbook&url=http%3a%2f%2fnonubook.com
464[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnbook&url=http://nonubook.com
465[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnclub&url=http%3a%2f%2fnonuclub.com
466[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnclub&url=http://nonuclub.com
467[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nndol&url=http://www.nndolmod.com
468[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnmds&url=http://nonublog.com
469[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnntop&url=http%3a%2f%2fnn-top.com%2fcgi-bin%2fin.cgi%3fid%3d81
470[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnntop&url=http://nn-top.com/cgi-bin/in.cgi?id=81
471[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonarch&url=http%3a%2f%2fwww.goodtalens.com%2fusenet%2f
472[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonarch&url=http://www.goodtalens.com/usenet/
473[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=noncha&url=http%3a%2f%2fnonu-chan.com
474[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=noncha&url=http://nonu-chan.com
475[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonin&url=http%3a%2f%2fnonutop.com%2fcgi-bin%2fin.cgi%3fid%3d31
476[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonin&url=http://nonutop.com/cgi-bin/in.cgi?id=31
477[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonstop&url=http://www.nonstop-nn.net/cgi-bin/in.cgi?id=158
478[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonudere&url=http%3a%2f%2fnonude.re
479[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonudere&url=http://nonude.re
480[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonufo&url=http://nonuforum.com/
481[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonuwad3&url=http://nonude-top.xyz/cgi-bin/in.cgi?id=52
482[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonuwad4&url=http://nonude-top.info/cgi-bin/in.cgi?id=17
483[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nostar&url=http%3a%2f%2fnonustars.com%2fcgi-bin%2fin.cgi%3fid%3d80
484[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nostar&url=http://nonustars.com/cgi-bin/in.cgi?id=80
485[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=olam&url=http://www.olamodel.com/
486[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=olesya&url=http://www.olesyamodel.com
487[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=olyam&url=http://www.olyamodel.com
488[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=onegirl&url=http%3a%2f%2fwww.honeymod.com%2f%3fft%3dandypioneer.com
489[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=onegirl&url=http://www.honeymod.com/?ft=andypioneer.com
490[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=picasa&url=http://nnville.net/
491[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pisonahe&url=http%3a%2f%2fwww.newnnmod.com%2f
492[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pisonahe&url=http://www.newnnmod.com/
493[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=play&url=http://www.playing-girl.com
494[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=prd4u&url=http%3a%2f%2fnn-magazine.com
495[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=prd4u&url=http://nn-magazine.com
496[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pre10mix&url=http%3a%2f%2fpre10mix.com%2fsite%2ftop-list%2f%3fide%3d674
497[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pre10mix&url=http://pre10mix.com/site/top-list/?ide=674
498[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=preteen2&url=http%3a%2f%2fwww.newnnmod.com%2f
499[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=preteen2&url=http://www.newnnmod.com/
500[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=qoqupave&url=http%3a%2f%2fwww.cinderella-dreams.org%2fcgi-bin%2fin.cgi%3fid%3d844
501[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=qoqupave&url=http://www.cinderella-dreams.org/cgi-bin/in.cgi?id=844
502[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=share&url=http%3a%2f%2fshare-chan.com
503[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=share&url=http://share-chan.com
504[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sotatuna&url=http%3a%2f%2fnew.nnmodsets.com
505[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sotatuna&url=http://new.nnmodsets.com
506[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=stars&url=http://www.goodtalens.com/stars/
507[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=star&url=http%3a%2f%2fcute-stars.net
508[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=star&url=http://cute-stars.net
509[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=summer&url=http://www.summmerdays.com/
510[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=svetam&url=http://www.svetamodel.com
511[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sveta&url=http://www.svetamodel.net/cgi-bin/top/rankem.cgi?id=andy
512[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=svetlana&url=http://www.svetlanamodel.com/
513[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sweet&url=http://top.modlinka.com/cgi-bin/rankem.cgi?id=andy
514[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=talents&url=http://www.talyoungart.com
515[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=tart&url=http://www.goodtalens.com/talent/
516[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=teenbl&url=http%3a%2f%2fteensblog.net%2f
517[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=teenbl&url=http://teensblog.net/
518[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=teen&url=http://www.fteenimg.com/?ft=andypioneer.com
519[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=they18&url=http%3a%2f%2fnew.nnmodsets.com
520[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=they18&url=http://new.nnmodsets.com
521[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=thind&url=http://modlinka.com/thind/
522[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=tiana&url=http%3a%2f%2fwww.tianamodel.com%2f
523[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=tiana&url=http://www.tianamodel.com/
524[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=ultra&url=http://www.honey-ultra.com/
525[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vasia&url=http%3a%2f%2fwww.vasilisamodel.com%2f
526[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vasia&url=http://www.vasilisamodel.com/
527[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vinka&url=http://www.vinkamodel.com/
528[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vusereli&url=http%3a%2f%2fwww.newnnmod.com%2f
529[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vusereli&url=http://www.newnnmod.com/
530[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=wonder&url=http://www.wonteens.com/?ft=andypioneer.com
531[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=wowmod&url=http://www.wownm.com/?ft=andypioneer.com
532[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=yood&url=http%3a%2f%2fyour-model.com
533[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=yood&url=http://your-model.com
534[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=young&url=http://www.young-models.info/cgi-bin/rankem.cgi?id=andy
535[*] http://www.bestcma.com/
536[*] http://www.goodtalens.com/diapers/
537[*] http://www.goodtalens.com/kitty/
538[*] http://www.goodtalens.com/lsmodels/
539[*] http://www.goodtalens.com/secret/
540[*] http://www.goodtalens.com/usenet/
541[*] http://www.honey-ultra.com/
542[*] http://www.katmod.com/join.html
543[*] http://www.katmod.com/links.html
544[*] http://www.katmod.com/members.html
545[*] http://www.katmod.com/preview.html
546[*] http://www.newnnmod.com/
547[*] http://www.nndoltop.com/models/
548[*] http://www.nnmodsets.com/
549[*] http://www.talyoungart.com/
550cut: intervalle de champ incorrecte
551Saisissez « cut --help » pour plus d'informations.
552[INFO] Shodan detected the following opened ports on 94.102.51.112:
553[*] 1
554[*] 110
555[*] 143
556[*] 22
557[*] 25
558[*] 4
559[*] 465
560[*] 53
561[*] 80
562[*] 993
563[*] 995
564[INFO] ------VirusTotal SECTION------
565[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
566[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
567[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
568[INFO] ------Alexa Rank SECTION------
569[INFO] Percent of Visitors Rank in Country:
570[INFO] Percent of Search Traffic:
571[INFO] Percent of Unique Visits:
572[INFO] Total Sites Linking In:
573[*] Total Sites
574[INFO] Useful links related to www.katmod.com - 94.102.51.112:
575[*] https://www.virustotal.com/pt/ip-address/94.102.51.112/information/
576[*] https://www.hybrid-analysis.com/search?host=94.102.51.112
577[*] https://www.shodan.io/host/94.102.51.112
578[*] https://www.senderbase.org/lookup/?search_string=94.102.51.112
579[*] https://www.alienvault.com/open-threat-exchange/ip/94.102.51.112
580[*] http://pastebin.com/search?q=94.102.51.112
581[*] http://urlquery.net/search.php?q=94.102.51.112
582[*] http://www.alexa.com/siteinfo/www.katmod.com
583[*] http://www.google.com/safebrowsing/diagnostic?site=www.katmod.com
584[*] https://censys.io/ipv4/94.102.51.112
585[*] https://www.abuseipdb.com/check/94.102.51.112
586[*] https://urlscan.io/search/#94.102.51.112
587[*] https://github.com/search?q=94.102.51.112&type=Code
588[INFO] Useful links related to AS202425 - 94.102.51.0/24:
589[*] http://www.google.com/safebrowsing/diagnostic?site=AS:202425
590[*] https://www.senderbase.org/lookup/?search_string=94.102.51.0/24
591[*] http://bgp.he.net/AS202425
592[*] https://stat.ripe.net/AS202425
593[INFO] Date: 21/03/20 | Time: 18:57:46
594[INFO] Total time: 0 minute(s) and 56 second(s)
595#################################################################################################################################
596Trying "katmod.com"
597;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35056
598;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 2
599
600;; QUESTION SECTION:
601;katmod.com. IN ANY
602
603;; ANSWER SECTION:
604katmod.com. 3600 IN A 94.102.51.112
605katmod.com. 3600 IN MX 20 mail.katmod.com.
606katmod.com. 3600 IN MX 10 mail.katmod.com.
607katmod.com. 3600 IN TXT "v=spf1 ip4:94.102.51.33 a mx ~all"
608katmod.com. 3600 IN SOA a13s08.host.com. root.example.com. 2018030600 3600 3600 604800 86400
609katmod.com. 3600 IN NS ns1.monchekin.com.
610katmod.com. 3600 IN NS ns2.monchekin.com.
611
612;; ADDITIONAL SECTION:
613ns1.monchekin.com. 23083 IN A 94.102.51.111
614ns2.monchekin.com. 23083 IN A 94.102.51.112
615
616Received 266 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 113 ms
617#################################################################################################################################
618; <<>> DiG 9.11.16-2-Debian <<>> +trace katmod.com any
619;; global options: +cmd
620. 81128 IN NS a.root-servers.net.
621. 81128 IN NS b.root-servers.net.
622. 81128 IN NS c.root-servers.net.
623. 81128 IN NS d.root-servers.net.
624. 81128 IN NS e.root-servers.net.
625. 81128 IN NS f.root-servers.net.
626. 81128 IN NS g.root-servers.net.
627. 81128 IN NS h.root-servers.net.
628. 81128 IN NS i.root-servers.net.
629. 81128 IN NS j.root-servers.net.
630. 81128 IN NS k.root-servers.net.
631. 81128 IN NS l.root-servers.net.
632. 81128 IN NS m.root-servers.net.
633. 81128 IN RRSIG NS 8 0 518400 20200403170000 20200321160000 33853 . B8tu09g3JhYw4+3kv4FsyIJ38YOJSicLp4rb45bGNO5HoBv3m8nOKHws Vc07zuBtck7YE70cot2EFF9XO3ewHUaqcymZAdVlDKe4OJfAiDhL4mzw 654wXR2saMhrvRzrU+AojkqkxnCbBBZoWSj6AeS6hkmFBxetYdHDcTSe C9EE5FJRxhIg/NMgVR/C5I5BA/rDj76DwJBEs7d8UKPwaSFzWeB4PTBn YZRjEpX4JzGOFq+V+KMAUiU/DsEA1sA6BMhkye0XD5hc3Z6WmVl/xoVV Jm5nssa98K8C3wLuq59ABu/HCtfjvJipaYGo8+xjDy/mHAU44Lna5/Ju 3y7ElA==
634;; Received 525 bytes from 10.101.0.243#53(10.101.0.243) in 136 ms
635
636com. 172800 IN NS i.gtld-servers.net.
637com. 172800 IN NS f.gtld-servers.net.
638com. 172800 IN NS l.gtld-servers.net.
639com. 172800 IN NS m.gtld-servers.net.
640com. 172800 IN NS b.gtld-servers.net.
641com. 172800 IN NS e.gtld-servers.net.
642com. 172800 IN NS a.gtld-servers.net.
643com. 172800 IN NS c.gtld-servers.net.
644com. 172800 IN NS g.gtld-servers.net.
645com. 172800 IN NS d.gtld-servers.net.
646com. 172800 IN NS j.gtld-servers.net.
647com. 172800 IN NS h.gtld-servers.net.
648com. 172800 IN NS k.gtld-servers.net.
649com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
650com. 86400 IN RRSIG DS 8 1 86400 20200403170000 20200321160000 33853 . nDpavHvjz2o1tAlojNV3fuDklcViy9zBgTpLZMPtKzTmI0WE5sJptZhh a1wQJu/QJCBOWhYA/FOhixB4Xrb8jrGwHu3hJryLcxGCDsFjMckRdIZH IyyQKfUGw5pL8UyYySUFYWE3tP/ZBUWwpoJiXLl4HW3fGEjjPcPNy+/h lCJVqdkas6l/VTLHJJifvFn0dy/UUWaWBuviYMzyALNcbslOZ1bay4kR sFXs4bFQZCIF0iX4Nj7OTZ4L+HeEMXrYJxfNJOYMxlMazKwq0R7dQ0vP cY8Y1GPr1/01qyFOCXmHN62ScOcgq+YgK9KqJcyUs43oXNykwMeYSqOh I8b5Lw==
651;; Received 1198 bytes from 192.33.4.12#53(c.root-servers.net) in 160 ms
652
653katmod.com. 172800 IN NS ns1.monchekin.com.
654katmod.com. 172800 IN NS ns2.monchekin.com.
655CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
656CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200326044915 20200319033915 56311 com. uZZHzB2EvBDgdpDnljWv+OCLIsJ2kQ/LqRjkoP7AouEaK5FdUZU04nML ElDLLmkAuOCbswdKtxbKL52iD7peTIycIjy5Rume4UNj5LWaeMq166gy 2llpNr4XsYOweAhFS78q0KP/STs2meI/ERPCDJmnlp+RGAGwR+csMEOb YHpp/1pG4s641I7YVBNnH5z6h0HoSMTglOQCYzo7Vp7mAQ==
657UKQH462TPA8GU9HLQ8A4L7P1SJU7R3BJ.com. 86400 IN NSEC3 1 1 0 - UKQI2OKGD39EHLTTSS2RA15LDKCJGG86 NS DS RRSIG
658UKQH462TPA8GU9HLQ8A4L7P1SJU7R3BJ.com. 86400 IN RRSIG NSEC3 8 2 86400 20200328062457 20200321051457 56311 com. agiB6KvNjOwfo5pvS4fP7CrcLoZnvo7ylkDl6Hwduse6LVUfxjLIbEY8 7KI9LmHILtwOcfm1LJXawp9hI05jZgZKG8J0ji6wuh0ON8ift0BhtOqq 6eC57Dmgu00DpTNE3wITVtgJ+dpX8yNYxORTJ8xOHQgGC8hOhgE2LuGe sJPvfgcmkvuuvnhGZu2/RDL7WfFKap7Wdp1+cP6p8K+z1Q==
659;; Received 666 bytes from 192.26.92.30#53(c.gtld-servers.net) in 176 ms
660
661katmod.com. 3600 IN SOA a13s08.host.com. root.example.com. 2018030600 3600 3600 604800 86400
662katmod.com. 3600 IN NS ns1.monchekin.com.
663katmod.com. 3600 IN NS ns2.monchekin.com.
664katmod.com. 3600 IN TXT "v=spf1 ip4:94.102.51.33 a mx ~all"
665katmod.com. 3600 IN MX 20 mail.katmod.com.
666katmod.com. 3600 IN MX 10 mail.katmod.com.
667katmod.com. 3600 IN A 94.102.51.112
668;; Received 293 bytes from 94.102.51.112#53(ns2.monchekin.com) in 173 ms
669################################################################################################################################
670[*] Performing General Enumeration of Domain: katmod.com
671[-] DNSSEC is not configured for katmod.com
672[-] Error while resolving SOA record.
673[*] NS ns1.monchekin.com 94.102.51.111
674[*] Bind Version for 94.102.51.111 b'9.9.4-RedHat-9.9.4-51.el7_4.2'
675[*] NS ns2.monchekin.com 94.102.51.112
676[*] Bind Version for 94.102.51.112 b'9.9.4-RedHat-9.9.4-51.el7_4.2'
677[*] MX mail.katmod.com 94.102.51.112
678[*] MX mail.katmod.com 94.102.51.112
679[*] A katmod.com 94.102.51.112
680[*] Enumerating SRV Records
681[-] No SRV Records Found for katmod.com
682[+] 0 Records Found
683#################################################################################################################################
684traceroute to www.katmod.com (94.102.51.112), 30 hops max, 60 byte packets
685 1 _gateway (10.203.19.1) 127.016 ms 127.155 ms 127.157 ms
686 2 * * *
687 3 te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49) 134.676 ms 134.867 ms 134.857 ms
688 4 be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249) 134.431 ms 134.463 ms 134.448 ms
689 5 be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194) 139.916 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190) 139.858 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194) 139.784 ms
690 6 be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90) 140.140 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226) 132.699 ms 137.261 ms
691 7 ae-10.edge4.Stockholm2.Level3.net (4.68.106.125) 137.789 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129) 137.902 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125) 137.763 ms
692 8 ae-2-3203.ear3.Frankfurt1.Level3.net (4.69.163.90) 165.635 ms 165.550 ms 165.572 ms
693 9 195.122.181.130 (195.122.181.130) 162.286 ms 162.085 ms 162.212 ms
69410 ae5-2074.ams10.core-backbone.com (81.95.2.138) 167.568 ms 167.595 ms 165.390 ms
69511 * * *
69612 no-reverse-dns-configured.com (94.102.51.112) 166.486 ms 168.268 ms 168.132 ms
697##################################################################################################################################
698Domains still to check: 1
699 Checking if the hostname katmod.com. given is in fact a domain...
700
701Analyzing domain: katmod.com.
702 Checking NameServers using system default resolver...
703 IP: 94.102.51.111 (Netherlands)
704 HostName: ns1.monchekin.com Type: NS
705 IP: 94.102.51.112 (Netherlands)
706 HostName: ns2.monchekin.com Type: NS
707 HostName: no-reverse-dns-configured.com Type: PTR
708
709 Checking MailServers using system default resolver...
710 IP: 94.102.51.112 (Netherlands)
711 HostName: ns2.monchekin.com Type: NS
712 HostName: no-reverse-dns-configured.com Type: PTR
713 HostName: mail.katmod.com Type: MX
714 IP: 94.102.51.112 (Netherlands)
715 HostName: ns2.monchekin.com Type: NS
716 HostName: no-reverse-dns-configured.com Type: PTR
717 HostName: mail.katmod.com Type: MX
718 HostName: mail.katmod.com Type: MX
719
720 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
721 No zone transfer found on nameserver 94.102.51.112
722 No zone transfer found on nameserver 94.102.51.111
723
724 Checking SPF record...
725 New IP found: 94.102.51.33
726
727 Checking 192 most common hostnames using system default resolver...
728 IP: 94.102.51.112 (Netherlands)
729 HostName: ns2.monchekin.com Type: NS
730 HostName: no-reverse-dns-configured.com Type: PTR
731 HostName: mail.katmod.com Type: MX
732 HostName: mail.katmod.com Type: MX
733 HostName: www.katmod.com. Type: A
734 IP: 94.102.51.112 (Netherlands)
735 HostName: ns2.monchekin.com Type: NS
736 HostName: no-reverse-dns-configured.com Type: PTR
737 HostName: mail.katmod.com Type: MX
738 HostName: mail.katmod.com Type: MX
739 HostName: www.katmod.com. Type: A
740 HostName: ftp.katmod.com. Type: A
741 IP: 94.102.51.112 (Netherlands)
742 HostName: ns2.monchekin.com Type: NS
743 HostName: no-reverse-dns-configured.com Type: PTR
744 HostName: mail.katmod.com Type: MX
745 HostName: mail.katmod.com Type: MX
746 HostName: www.katmod.com. Type: A
747 HostName: ftp.katmod.com. Type: A
748 HostName: mail.katmod.com. Type: A
749 IP: 94.102.51.112 (Netherlands)
750 HostName: ns2.monchekin.com Type: NS
751 HostName: no-reverse-dns-configured.com Type: PTR
752 HostName: mail.katmod.com Type: MX
753 HostName: mail.katmod.com Type: MX
754 HostName: www.katmod.com. Type: A
755 HostName: ftp.katmod.com. Type: A
756 HostName: mail.katmod.com. Type: A
757 HostName: smtp.katmod.com. Type: A
758 IP: 94.102.51.112 (Netherlands)
759 HostName: ns2.monchekin.com Type: NS
760 HostName: no-reverse-dns-configured.com Type: PTR
761 HostName: mail.katmod.com Type: MX
762 HostName: mail.katmod.com Type: MX
763 HostName: www.katmod.com. Type: A
764 HostName: ftp.katmod.com. Type: A
765 HostName: mail.katmod.com. Type: A
766 HostName: smtp.katmod.com. Type: A
767 HostName: pop.katmod.com. Type: A
768
769 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
770 Checking netblock 94.102.51.0
771
772 Searching for katmod.com. emails in Google
773
774 Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
775 Host 94.102.51.33 is up (syn-ack ttl 52)
776 Host 94.102.51.112 is up (syn-ack ttl 52)
777 Host 94.102.51.111 is up (syn-ack ttl 52)
778
779 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
780 Scanning ip 94.102.51.33 ():
781 22/tcp open ssh syn-ack ttl 52 OpenSSH 7.4 (protocol 2.0)
782 | ssh-hostkey:
783 | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
784 | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
785 |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
786 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
787 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.69], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
788 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
789 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
790 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
791 | Public Key type: rsa
792 | Public Key bits: 1024
793 | Signature Algorithm: sha256WithRSAEncryption
794 | Not valid before: 2018-03-05T07:49:40
795 | Not valid after: 2028-03-02T07:49:40
796 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
797 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
798 |_ssl-date: TLS randomness does not represent time
799 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
800 | dns-nsid:
801 |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
802 80/tcp open http syn-ack ttl 52 nginx
803 |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
804 |_http-generator: Microsoft FrontPage 5.0
805 | http-methods:
806 | Supported Methods: GET HEAD POST OPTIONS TRACE
807 |_ Potentially risky methods: TRACE
808 |_http-title: Andy Pioneer Top Sites
809 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
810 |_pop3-capabilities: STLS CAPA UIDL RESP-CODES PIPELINING USER SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) AUTH-RESP-CODE TOP
811 |_ssl-date: TLS randomness does not represent time
812 143/tcp open imap syn-ack ttl 52 Dovecot imapd
813 |_imap-capabilities: AUTH=CRAM-MD5A0001 STARTTLS have ID ENABLE LOGIN-REFERRALS AUTH=PLAIN IMAP4rev1 AUTH=LOGIN LITERAL+ listed more Pre-login OK capabilities SASL-IR post-login IDLE AUTH=DIGEST-MD5
814 |_ssl-date: TLS randomness does not represent time
815 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
816 |_smtp-commands: Couldn't establish connection on port 465
817 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
818 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
819 | Public Key type: rsa
820 | Public Key bits: 1024
821 | Signature Algorithm: sha256WithRSAEncryption
822 | Not valid before: 2018-03-05T07:49:40
823 | Not valid after: 2028-03-02T07:49:40
824 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
825 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
826 |_ssl-date: TLS randomness does not represent time
827 993/tcp open ssl/imaps? syn-ack ttl 52
828 |_ssl-date: TLS randomness does not represent time
829 995/tcp open ssl/pop3s? syn-ack ttl 52
830 |_ssl-date: TLS randomness does not represent time
831 OS Info: Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
832 Scanning ip 94.102.51.112 (pop.katmod.com.):
833 22/tcp open ssh syn-ack ttl 52 OpenSSH 7.4 (protocol 2.0)
834 | ssh-hostkey:
835 | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
836 | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
837 |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
838 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
839 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.69], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
840 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
841 |_ssl-date: TLS randomness does not represent time
842 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
843 | dns-nsid:
844 |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
845 80/tcp open http syn-ack ttl 52 nginx
846 |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
847 |_http-generator: Microsoft FrontPage 5.0
848 | http-methods:
849 | Supported Methods: GET HEAD POST OPTIONS TRACE
850 |_ Potentially risky methods: TRACE
851 |_http-title: Andy Pioneer Top Sites
852 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
853 |_pop3-capabilities: AUTH-RESP-CODE RESP-CODES PIPELINING TOP STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) USER UIDL CAPA
854 |_ssl-date: TLS randomness does not represent time
855 143/tcp open imap syn-ack ttl 52 Dovecot imapd
856 |_imap-capabilities: OK AUTH=DIGEST-MD5 post-login Pre-login capabilities IMAP4rev1 have ENABLE more AUTH=CRAM-MD5A0001 LOGIN-REFERRALS ID STARTTLS SASL-IR AUTH=PLAIN listed LITERAL+ IDLE AUTH=LOGIN
857 |_ssl-date: TLS randomness does not represent time
858 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
859 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
860 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
861 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
862 | Public Key type: rsa
863 | Public Key bits: 1024
864 | Signature Algorithm: sha256WithRSAEncryption
865 | Not valid before: 2018-03-05T07:49:40
866 | Not valid after: 2028-03-02T07:49:40
867 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
868 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
869 |_ssl-date: TLS randomness does not represent time
870 993/tcp open ssl/imaps? syn-ack ttl 52
871 |_ssl-date: TLS randomness does not represent time
872 995/tcp open ssl/pop3s? syn-ack ttl 52
873 |_ssl-date: TLS randomness does not represent time
874 OS Info: Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
875 Scanning ip 94.102.51.111 (ns1.monchekin.com):
876 22/tcp open ssh? syn-ack ttl 52
877 |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
878 25/tcp open smtp syn-ack ttl 52 Exim smtpd
879 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
880 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
881 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
882 | Public Key type: rsa
883 | Public Key bits: 1024
884 | Signature Algorithm: sha256WithRSAEncryption
885 | Not valid before: 2018-03-05T07:49:40
886 | Not valid after: 2028-03-02T07:49:40
887 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
888 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
889 |_ssl-date: TLS randomness does not represent time
890 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
891 | dns-nsid:
892 |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
893 80/tcp open http syn-ack ttl 52 nginx
894 |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
895 |_http-generator: Microsoft FrontPage 5.0
896 | http-methods:
897 | Supported Methods: GET HEAD POST OPTIONS TRACE
898 |_ Potentially risky methods: TRACE
899 |_http-title: Andy Pioneer Top Sites
900 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
901 |_pop3-capabilities: PIPELINING AUTH-RESP-CODE USER CAPA RESP-CODES UIDL STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) TOP
902 |_ssl-date: TLS randomness does not represent time
903 143/tcp open imap syn-ack ttl 52 Dovecot imapd
904 |_imap-capabilities: LOGIN-REFERRALS AUTH=DIGEST-MD5 SASL-IR OK IDLE ENABLE LITERAL+ listed post-login ID more AUTH=CRAM-MD5A0001 have capabilities STARTTLS Pre-login IMAP4rev1 AUTH=LOGIN AUTH=PLAIN
905 |_ssl-date: TLS randomness does not represent time
906 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
907 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
908 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
909 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
910 | Public Key type: rsa
911 | Public Key bits: 1024
912 | Signature Algorithm: sha256WithRSAEncryption
913 | Not valid before: 2018-03-05T07:49:40
914 | Not valid after: 2028-03-02T07:49:40
915 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
916 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
917 |_ssl-date: TLS randomness does not represent time
918 993/tcp open ssl/imaps? syn-ack ttl 52
919 |_ssl-date: TLS randomness does not represent time
920 995/tcp open ssl/pop3s? syn-ack ttl 52
921 |_ssl-date: TLS randomness does not represent time
922 OS Info: Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
923 WebCrawling domain's web servers... up to 50 max links.
924
925 + URL to crawl: http://ns2.monchekin.com
926 + Date: 2020-03-21
927
928 + Crawling URL: http://ns2.monchekin.com:
929 + Links:
930 + Crawling http://ns2.monchekin.com
931 + Searching for directories...
932 + Searching open folders...
933
934
935 + URL to crawl: http://mail.katmod.com
936 + Date: 2020-03-21
937
938 + Crawling URL: http://mail.katmod.com:
939 + Links:
940 + Crawling http://mail.katmod.com
941 + Searching for directories...
942 + Searching open folders...
943
944
945 + URL to crawl: http://www.katmod.com.
946 + Date: 2020-03-21
947
948 + Crawling URL: http://www.katmod.com.:
949 + Links:
950 + Crawling http://www.katmod.com.
951 + Crawling http://www.katmod.com./join.html
952 + Crawling http://www.katmod.com./preview.html
953 + Crawling http://www.katmod.com./members.html
954 + Crawling http://www.katmod.com./links.html
955 + Searching for directories...
956 - Found: http://www.katmod.com./images/
957 - Found: http://www.katmod.com./imagestop/
958 + Searching open folders...
959 - http://www.katmod.com./images/ (403 Forbidden)
960 - http://www.katmod.com./imagestop/ (403 Forbidden)
961 + Crawl finished successfully.
962----------------------------------------------------------------------
963Summary of http://http://www.katmod.com.
964----------------------------------------------------------------------
965+ Links crawled:
966 - http://www.katmod.com.
967 - http://www.katmod.com./join.html
968 - http://www.katmod.com./links.html
969 - http://www.katmod.com./members.html
970 - http://www.katmod.com./preview.html
971 Total links crawled: 5
972
973+ Links to files found:
974 - http://www.katmod.com./images/join_01.jpg
975 - http://www.katmod.com./images/join_02.jpg
976 - http://www.katmod.com./images/join_03.jpg
977 - http://www.katmod.com./images/links_01.jpg
978 - http://www.katmod.com./images/links_02.jpg
979 - http://www.katmod.com./images/links_03.jpg
980 - http://www.katmod.com./images/main_01.jpg
981 - http://www.katmod.com./images/main_02.jpg
982 - http://www.katmod.com./images/main_03.jpg
983 - http://www.katmod.com./images/main_04.jpg
984 - http://www.katmod.com./images/main_05.jpg
985 - http://www.katmod.com./images/main_06.jpg
986 - http://www.katmod.com./images/main_07.jpg
987 - http://www.katmod.com./images/main_08.jpg
988 - http://www.katmod.com./images/main_09.jpg
989 - http://www.katmod.com./images/main_10.jpg
990 - http://www.katmod.com./images/main_11.jpg
991 - http://www.katmod.com./images/main_12.jpg
992 - http://www.katmod.com./images/preview_01.jpg
993 - http://www.katmod.com./images/preview_02.jpg
994 - http://www.katmod.com./images/preview_03.jpg
995 - http://www.katmod.com./imagestop/andyban.jpg
996 - http://www.katmod.com./imagestop/coolban.jpg
997 - http://www.katmod.com./imagestop/fineteen_ban.jpg
998 - http://www.katmod.com./imagestop/honey_ban.jpg
999 - http://www.katmod.com./imagestop/modelban.jpg
1000 - http://www.katmod.com./imagestop/nndolmod.jpg
1001 - http://www.katmod.com./imagestop/nndoltop.jpg
1002 - http://www.katmod.com./imagestop/svetatop.jpg
1003 - http://www.katmod.com./imagestop/wonder_ban.jpg
1004 - http://www.katmod.com./imagestop/wow_ban.jpg
1005 - http://www.katmod.com./imagestop/youngban.jpg
1006 - http://www.katmod.com./set001_1.jpg
1007 - http://www.katmod.com./set001_2.jpg
1008 - http://www.katmod.com./set001_3.jpg
1009 - http://www.katmod.com./set002_1.jpg
1010 - http://www.katmod.com./set002_2.jpg
1011 - http://www.katmod.com./set002_3.jpg
1012 - http://www.katmod.com./set003_1.jpg
1013 - http://www.katmod.com./set003_2.jpg
1014 - http://www.katmod.com./set003_3.jpg
1015 - http://www.katmod.com./set004_1.jpg
1016 - http://www.katmod.com./set004_2.jpg
1017 - http://www.katmod.com./set004_3.jpg
1018 - http://www.katmod.com./set005_1.jpg
1019 - http://www.katmod.com./set005_2.jpg
1020 - http://www.katmod.com./set005_3.jpg
1021 - http://www.katmod.com./set006_1.jpg
1022 - http://www.katmod.com./set006_2.jpg
1023 - http://www.katmod.com./set006_3.jpg
1024 - http://www.katmod.com./set007_1.jpg
1025 - http://www.katmod.com./set007_2.jpg
1026 - http://www.katmod.com./set007_3.jpg
1027 - http://www.katmod.com./set008_1.jpg
1028 - http://www.katmod.com./set008_2.jpg
1029 - http://www.katmod.com./set008_3.jpg
1030 - http://www.katmod.com./set009_1.jpg
1031 - http://www.katmod.com./set009_2.jpg
1032 - http://www.katmod.com./set009_3.jpg
1033 - http://www.katmod.com./set010_1.jpg
1034 - http://www.katmod.com./set010_2.jpg
1035 - http://www.katmod.com./set010_3.jpg
1036 - http://www.katmod.com./set011_1.jpg
1037 - http://www.katmod.com./set011_2.jpg
1038 - http://www.katmod.com./set011_3.jpg
1039 - http://www.katmod.com./set012_1.jpg
1040 - http://www.katmod.com./set012_2.jpg
1041 - http://www.katmod.com./set012_3.jpg
1042 - http://www.katmod.com./set013_1.jpg
1043 - http://www.katmod.com./set013_2.jpg
1044 - http://www.katmod.com./set013_3.jpg
1045 - http://www.katmod.com./set014_1.jpg
1046 - http://www.katmod.com./set014_2.jpg
1047 - http://www.katmod.com./set014_3.jpg
1048 - http://www.katmod.com./set015_1.jpg
1049 - http://www.katmod.com./set015_2.jpg
1050 - http://www.katmod.com./set015_3.jpg
1051 - http://www.katmod.com./set016_1.jpg
1052 - http://www.katmod.com./set016_2.jpg
1053 - http://www.katmod.com./set016_3.jpg
1054 - http://www.katmod.com./set017_1.jpg
1055 - http://www.katmod.com./set017_2.jpg
1056 - http://www.katmod.com./set017_3.jpg
1057 - http://www.katmod.com./set018_1.jpg
1058 - http://www.katmod.com./set018_2.jpg
1059 - http://www.katmod.com./set018_3.jpg
1060 - http://www.katmod.com./set019_1.jpg
1061 - http://www.katmod.com./set019_2.jpg
1062 - http://www.katmod.com./set019_3.jpg
1063 - http://www.katmod.com./set020_1.jpg
1064 - http://www.katmod.com./set020_2.jpg
1065 - http://www.katmod.com./set020_3.jpg
1066 - http://www.katmod.com./set021_1.jpg
1067 - http://www.katmod.com./set021_2.jpg
1068 - http://www.katmod.com./set021_3.jpg
1069 - http://www.katmod.com./set022_1.jpg
1070 - http://www.katmod.com./set022_2.jpg
1071 - http://www.katmod.com./set022_3.jpg
1072 - http://www.katmod.com./set023_1.jpg
1073 - http://www.katmod.com./set023_2.jpg
1074 - http://www.katmod.com./set023_3.jpg
1075 - http://www.katmod.com./set024_1.jpg
1076 - http://www.katmod.com./set024_2.jpg
1077 - http://www.katmod.com./set024_3.jpg
1078 - http://www.katmod.com./set025_1.jpg
1079 - http://www.katmod.com./set025_2.jpg
1080 - http://www.katmod.com./set025_3.jpg
1081 - http://www.katmod.com./set026_1.jpg
1082 - http://www.katmod.com./set026_2.jpg
1083 - http://www.katmod.com./set026_3.jpg
1084 - http://www.katmod.com./set027_1.jpg
1085 - http://www.katmod.com./set027_2.jpg
1086 - http://www.katmod.com./set027_3.jpg
1087 - http://www.katmod.com./set028_1.jpg
1088 - http://www.katmod.com./set028_2.jpg
1089 - http://www.katmod.com./set028_3.jpg
1090 - http://www.katmod.com./set029_1.jpg
1091 - http://www.katmod.com./set029_2.jpg
1092 - http://www.katmod.com./set029_3.jpg
1093 - http://www.katmod.com./set030_1.jpg
1094 - http://www.katmod.com./set030_2.jpg
1095 - http://www.katmod.com./set030_3.jpg
1096 - http://www.katmod.com./set031_1.jpg
1097 - http://www.katmod.com./set031_2.jpg
1098 - http://www.katmod.com./set031_3.jpg
1099 - http://www.katmod.com./set032_1.jpg
1100 - http://www.katmod.com./set032_2.jpg
1101 - http://www.katmod.com./set032_3.jpg
1102 - http://www.katmod.com./set033_1.jpg
1103 - http://www.katmod.com./set033_2.jpg
1104 - http://www.katmod.com./set033_3.jpg
1105 - http://www.katmod.com./set034_1.jpg
1106 - http://www.katmod.com./set034_2.jpg
1107 - http://www.katmod.com./set034_3.jpg
1108 - http://www.katmod.com./set035_1.jpg
1109 - http://www.katmod.com./set035_2.jpg
1110 - http://www.katmod.com./set035_3.jpg
1111 Total links to files: 137
1112
1113+ Externals links found:
1114 - http://www.andypioneer.com/cgi-bin/rankem.cgi?id=katmod
1115 - http://www.coolnymph.com/cgi-bin/rankem.cgi?id=katmod
1116 - http://www.fteenimg.com
1117 - http://www.honeymod.com
1118 - http://www.models-top.com/cgi-bin/rankem.cgi?id=katmod
1119 - http://www.nndolmod.com
1120 - http://www.nndoltop.com/cgi-bin/rankem.cgi?id=katmod
1121 - http://www.ovncm.com/?n=0.08&u=www.katmod.com
1122 - http://www.svetamodel.net/cgi-bin/top/rankem.cgi?id=katmod
1123 - http://www.wonteens.com
1124 - http://www.wownm.com
1125 - http://www.young-models.info/cgi-bin/rankem.cgi?id=katmod
1126 Total external links: 12
1127
1128+ Email addresses found:
1129 Total email address found: 0
1130
1131+ Directories found:
1132 - http://www.katmod.com./images/ (403 Forbidden)
1133 - http://www.katmod.com./imagestop/ (403 Forbidden)
1134 Total directories: 2
1135
1136+ Directory indexing found:
1137 Total directories with indexing: 0
1138
1139----------------------------------------------------------------------
1140
1141
1142 + URL to crawl: http://mail.katmod.com.
1143 + Date: 2020-03-21
1144
1145 + Crawling URL: http://mail.katmod.com.:
1146 + Links:
1147 + Crawling http://mail.katmod.com.
1148 + Searching for directories...
1149 + Searching open folders...
1150
1151
1152 + URL to crawl: http://smtp.katmod.com.
1153 + Date: 2020-03-21
1154
1155 + Crawling URL: http://smtp.katmod.com.:
1156 + Links:
1157 + Crawling http://smtp.katmod.com.
1158 + Searching for directories...
1159 + Searching open folders...
1160
1161
1162 + URL to crawl: http://ftp.katmod.com.
1163 + Date: 2020-03-21
1164
1165 + Crawling URL: http://ftp.katmod.com.:
1166 + Links:
1167 + Crawling http://ftp.katmod.com.
1168 + Searching for directories...
1169 + Searching open folders...
1170
1171
1172 + URL to crawl: http://pop.katmod.com.
1173 + Date: 2020-03-21
1174
1175 + Crawling URL: http://pop.katmod.com.:
1176 + Links:
1177 + Crawling http://pop.katmod.com.
1178 + Searching for directories...
1179 + Searching open folders...
1180
1181
1182 + URL to crawl: http://ns1.monchekin.com
1183 + Date: 2020-03-21
1184
1185 + Crawling URL: http://ns1.monchekin.com:
1186 + Links:
1187 + Crawling http://ns1.monchekin.com
1188 + Searching for directories...
1189 + Searching open folders...
1190
1191--Finished--
1192Summary information for domain katmod.com.
1193-----------------------------------------
1194
1195 Domain Ips Information:
1196 IP: 94.102.51.33
1197 Type: SPF
1198 Is Active: True (syn-ack ttl 52)
1199 Port: 22/tcp open ssh syn-ack ttl 52 OpenSSH 7.4 (protocol 2.0)
1200 Script Info: | ssh-hostkey:
1201 Script Info: | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
1202 Script Info: | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
1203 Script Info: |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
1204 Port: 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
1205 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.69], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
1206 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1207 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1208 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1209 Script Info: | Public Key type: rsa
1210 Script Info: | Public Key bits: 1024
1211 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1212 Script Info: | Not valid before: 2018-03-05T07:49:40
1213 Script Info: | Not valid after: 2028-03-02T07:49:40
1214 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1215 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1216 Script Info: |_ssl-date: TLS randomness does not represent time
1217 Port: 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1218 Script Info: | dns-nsid:
1219 Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1220 Port: 80/tcp open http syn-ack ttl 52 nginx
1221 Script Info: |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
1222 Script Info: |_http-generator: Microsoft FrontPage 5.0
1223 Script Info: | http-methods:
1224 Script Info: | Supported Methods: GET HEAD POST OPTIONS TRACE
1225 Script Info: |_ Potentially risky methods: TRACE
1226 Script Info: |_http-title: Andy Pioneer Top Sites
1227 Port: 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
1228 Script Info: |_pop3-capabilities: STLS CAPA UIDL RESP-CODES PIPELINING USER SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) AUTH-RESP-CODE TOP
1229 Script Info: |_ssl-date: TLS randomness does not represent time
1230 Port: 143/tcp open imap syn-ack ttl 52 Dovecot imapd
1231 Script Info: |_imap-capabilities: AUTH=CRAM-MD5A0001 STARTTLS have ID ENABLE LOGIN-REFERRALS AUTH=PLAIN IMAP4rev1 AUTH=LOGIN LITERAL+ listed more Pre-login OK capabilities SASL-IR post-login IDLE AUTH=DIGEST-MD5
1232 Script Info: |_ssl-date: TLS randomness does not represent time
1233 Port: 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
1234 Script Info: |_smtp-commands: Couldn't establish connection on port 465
1235 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1236 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1237 Script Info: | Public Key type: rsa
1238 Script Info: | Public Key bits: 1024
1239 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1240 Script Info: | Not valid before: 2018-03-05T07:49:40
1241 Script Info: | Not valid after: 2028-03-02T07:49:40
1242 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1243 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1244 Script Info: |_ssl-date: TLS randomness does not represent time
1245 Port: 993/tcp open ssl/imaps? syn-ack ttl 52
1246 Script Info: |_ssl-date: TLS randomness does not represent time
1247 Port: 995/tcp open ssl/pop3s? syn-ack ttl 52
1248 Script Info: |_ssl-date: TLS randomness does not represent time
1249 Os Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1250 IP: 94.102.51.112
1251 HostName: ns2.monchekin.com Type: NS
1252 HostName: no-reverse-dns-configured.com Type: PTR
1253 HostName: mail.katmod.com Type: MX
1254 HostName: mail.katmod.com Type: MX
1255 HostName: www.katmod.com. Type: A
1256 HostName: ftp.katmod.com. Type: A
1257 HostName: mail.katmod.com. Type: A
1258 HostName: smtp.katmod.com. Type: A
1259 HostName: pop.katmod.com. Type: A
1260 Country: Netherlands
1261 Is Active: True (syn-ack ttl 52)
1262 Port: 22/tcp open ssh syn-ack ttl 52 OpenSSH 7.4 (protocol 2.0)
1263 Script Info: | ssh-hostkey:
1264 Script Info: | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
1265 Script Info: | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
1266 Script Info: |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
1267 Port: 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
1268 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.69], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
1269 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1270 Script Info: |_ssl-date: TLS randomness does not represent time
1271 Port: 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1272 Script Info: | dns-nsid:
1273 Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1274 Port: 80/tcp open http syn-ack ttl 52 nginx
1275 Script Info: |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
1276 Script Info: |_http-generator: Microsoft FrontPage 5.0
1277 Script Info: | http-methods:
1278 Script Info: | Supported Methods: GET HEAD POST OPTIONS TRACE
1279 Script Info: |_ Potentially risky methods: TRACE
1280 Script Info: |_http-title: Andy Pioneer Top Sites
1281 Port: 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
1282 Script Info: |_pop3-capabilities: AUTH-RESP-CODE RESP-CODES PIPELINING TOP STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) USER UIDL CAPA
1283 Script Info: |_ssl-date: TLS randomness does not represent time
1284 Port: 143/tcp open imap syn-ack ttl 52 Dovecot imapd
1285 Script Info: |_imap-capabilities: OK AUTH=DIGEST-MD5 post-login Pre-login capabilities IMAP4rev1 have ENABLE more AUTH=CRAM-MD5A0001 LOGIN-REFERRALS ID STARTTLS SASL-IR AUTH=PLAIN listed LITERAL+ IDLE AUTH=LOGIN
1286 Script Info: |_ssl-date: TLS randomness does not represent time
1287 Port: 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
1288 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
1289 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1290 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1291 Script Info: | Public Key type: rsa
1292 Script Info: | Public Key bits: 1024
1293 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1294 Script Info: | Not valid before: 2018-03-05T07:49:40
1295 Script Info: | Not valid after: 2028-03-02T07:49:40
1296 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1297 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1298 Script Info: |_ssl-date: TLS randomness does not represent time
1299 Port: 993/tcp open ssl/imaps? syn-ack ttl 52
1300 Script Info: |_ssl-date: TLS randomness does not represent time
1301 Port: 995/tcp open ssl/pop3s? syn-ack ttl 52
1302 Script Info: |_ssl-date: TLS randomness does not represent time
1303 Os Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1304 IP: 94.102.51.111
1305 HostName: ns1.monchekin.com Type: NS
1306 Country: Netherlands
1307 Is Active: True (syn-ack ttl 52)
1308 Port: 22/tcp open ssh? syn-ack ttl 52
1309 Script Info: |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1310 Port: 25/tcp open smtp syn-ack ttl 52 Exim smtpd
1311 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
1312 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1313 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1314 Script Info: | Public Key type: rsa
1315 Script Info: | Public Key bits: 1024
1316 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1317 Script Info: | Not valid before: 2018-03-05T07:49:40
1318 Script Info: | Not valid after: 2028-03-02T07:49:40
1319 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1320 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1321 Script Info: |_ssl-date: TLS randomness does not represent time
1322 Port: 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1323 Script Info: | dns-nsid:
1324 Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1325 Port: 80/tcp open http syn-ack ttl 52 nginx
1326 Script Info: |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
1327 Script Info: |_http-generator: Microsoft FrontPage 5.0
1328 Script Info: | http-methods:
1329 Script Info: | Supported Methods: GET HEAD POST OPTIONS TRACE
1330 Script Info: |_ Potentially risky methods: TRACE
1331 Script Info: |_http-title: Andy Pioneer Top Sites
1332 Port: 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
1333 Script Info: |_pop3-capabilities: PIPELINING AUTH-RESP-CODE USER CAPA RESP-CODES UIDL STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) TOP
1334 Script Info: |_ssl-date: TLS randomness does not represent time
1335 Port: 143/tcp open imap syn-ack ttl 52 Dovecot imapd
1336 Script Info: |_imap-capabilities: LOGIN-REFERRALS AUTH=DIGEST-MD5 SASL-IR OK IDLE ENABLE LITERAL+ listed post-login ID more AUTH=CRAM-MD5A0001 have capabilities STARTTLS Pre-login IMAP4rev1 AUTH=LOGIN AUTH=PLAIN
1337 Script Info: |_ssl-date: TLS randomness does not represent time
1338 Port: 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
1339 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
1340 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1341 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1342 Script Info: | Public Key type: rsa
1343 Script Info: | Public Key bits: 1024
1344 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1345 Script Info: | Not valid before: 2018-03-05T07:49:40
1346 Script Info: | Not valid after: 2028-03-02T07:49:40
1347 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1348 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1349 Script Info: |_ssl-date: TLS randomness does not represent time
1350 Port: 993/tcp open ssl/imaps? syn-ack ttl 52
1351 Script Info: |_ssl-date: TLS randomness does not represent time
1352 Port: 995/tcp open ssl/pop3s? syn-ack ttl 52
1353 Script Info: |_ssl-date: TLS randomness does not represent time
1354 Os Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1355
1356--------------End Summary --------------
1357-----------------------------------------
1358################################################################################################################################
1359----- katmod.com -----
1360
1361
1362Host's addresses:
1363__________________
1364
1365katmod.com. 2750 IN A 94.102.51.112
1366
1367
1368Name Servers:
1369______________
1370
1371ns2.monchekin.com. 2221 IN A 94.102.51.112
1372ns1.monchekin.com. 2221 IN A 94.102.51.111
1373
1374
1375Mail (MX) Servers:
1376___________________
1377
1378mail.katmod.com. 2758 IN A 94.102.51.112
1379mail.katmod.com. 2758 IN A 94.102.51.112
1380
1381
1382Trying Zone Transfers and getting Bind Versions:
1383_________________________________________________
1384
1385
1386Trying Zone Transfer for katmod.com on ns2.monchekin.com ...
1387AXFR record query failed: REFUSED
1388
1389Trying Zone Transfer for katmod.com on ns1.monchekin.com ...
1390AXFR record query failed: REFUSED
1391
1392
1393Scraping katmod.com subdomains from Google:
1394____________________________________________
1395
1396
1397 ---- Google search page: 1 ----
1398
1399
1400
1401Google Results:
1402________________
1403
1404 perhaps Google is blocking our queries.
1405 Check manually.
1406
1407
1408Brute forcing with /usr/share/dnsenum/dns.txt:
1409_______________________________________________
1410
1411ftp.katmod.com. 2734 IN A 94.102.51.112
1412mail.katmod.com. 2727 IN A 94.102.51.112
1413pop.katmod.com. 3084 IN A 94.102.51.112
1414smtp.katmod.com. 3076 IN A 94.102.51.112
1415www.katmod.com. 2166 IN A 94.102.51.112
1416
1417
1418Launching Whois Queries:
1419_________________________
1420
1421 whois ip result: 94.102.51.0 -> 94.102.51.0/24
1422
1423
1424katmod.com__________
1425
1426 94.102.51.0/24
1427#################################################################################################################################
1428URLCrazy Domain Report
1429Domain : www.katmod.com
1430Keyboard : qwerty
1431At : 2020-03-21 19:00:37 -0400
1432
1433# Please wait. 129 hostnames to process
1434
1435Typo Type Typo DNS-A CC-A DNS-MX Extn
1436----------------------------------------------------------------------------------------------------------------------
1437Character Omission ww.katmod.com ? com
1438Character Omission www.atmod.com 91.195.240.126 DE,GERMANY mail.pickelhost.com com
1439Character Omission www.kamod.com 185.181.104.74 com
1440Character Omission www.katmd.com 184.168.221.51 US,UNITED STATES mailstore1.secureserver.net com
1441Character Omission www.katmo.com 23.20.239.12 US,UNITED STATES com
1442Character Omission www.katmod.cm ? cm
1443Character Omission www.katod.com 69.172.201.153 US,UNITED STATES mx247.in-mx.net com
1444Character Omission www.ktmod.com 23.227.38.64 com
1445Character Omission wwwkatmod.com ? com
1446Character Repeat www.kaatmod.com ? com
1447Character Repeat www.katmmod.com ? com
1448Character Repeat www.katmodd.com ? com
1449Character Repeat www.katmood.com ? com
1450Character Repeat www.kattmod.com ? com
1451Character Repeat www.kkatmod.com ? com
1452Character Repeat wwww.katmod.com ? com
1453Character Swap ww.wkatmod.com ? com
1454Character Swap www.aktmod.com ? com
1455Character Swap www.kamtod.com ? com
1456Character Swap www.katmdo.com ? com
1457Character Swap www.katomd.com ? com
1458Character Swap www.ktamod.com ? com
1459Character Swap wwwk.atmod.com 91.195.240.126 DE,GERMANY mail.pickelhost.com com
1460Character Replacement eww.katmod.com ? com
1461Character Replacement qww.katmod.com ? com
1462Character Replacement wew.katmod.com ? com
1463Character Replacement wqw.katmod.com ? com
1464Character Replacement wwe.katmod.com ? com
1465Character Replacement wwq.katmod.com ? com
1466Character Replacement www.jatmod.com ? com
1467Character Replacement www.karmod.com 213.159.30.140 NL,NETHERLANDS karmod.com com
1468Character Replacement www.katmid.com ? com
1469Character Replacement www.katmof.com ? com
1470Character Replacement www.katmos.com 23.20.239.12 US,UNITED STATES com
1471Character Replacement www.katmpd.com ? com
1472Character Replacement www.katnod.com ? com
1473Character Replacement www.kaymod.com ? com
1474Character Replacement www.kstmod.com ? com
1475Character Replacement www.latmod.com 104.27.129.73 com
1476Double Character Replacement eew.katmod.com ? com
1477Double Character Replacement qqw.katmod.com ? com
1478Double Character Replacement wee.katmod.com ? com
1479Double Character Replacement wqq.katmod.com ? com
1480Character Insertion weww.katmod.com ? com
1481Character Insertion wqww.katmod.com ? com
1482Character Insertion wwew.katmod.com ? com
1483Character Insertion wwqw.katmod.com ? com
1484Character Insertion www.kastmod.com ? com
1485Character Insertion www.katmnod.com ? com
1486Character Insertion www.katmodf.com ? com
1487Character Insertion www.katmods.com ? com
1488Character Insertion www.katmoid.com ? com
1489Character Insertion www.katmopd.com ? com
1490Character Insertion www.katrmod.com ? com
1491Character Insertion www.katymod.com ? com
1492Character Insertion www.kjatmod.com ? com
1493Character Insertion www.klatmod.com ? com
1494Character Insertion wwwe.katmod.com ? com
1495Character Insertion wwwq.katmod.com ? com
1496Missing Dot wwwwww.katmod.com ? com
1497Singular or Pluralise katmod.com 94.102.51.112 NL,NETHERLANDS mail.katmod.com com
1498Singular or Pluralise katmods.com ? com
1499Vowel Swap www.ketmod.com 14.128.39.55 AU,AUSTRALIA com
1500Vowel Swap www.kitmod.com 159.8.210.35 CH,SWITZERLAND com
1501Vowel Swap www.kotmod.com ? com
1502Vowel Swap www.kutmod.com ? com
1503Bit Flipping 7ww.katmod.com ? com
1504Bit Flipping gww.katmod.com ? com
1505Bit Flipping sww.katmod.com ? com
1506Bit Flipping uww.katmod.com ? com
1507Bit Flipping vww.katmod.com ? com
1508Bit Flipping w7w.katmod.com ? com
1509Bit Flipping wgw.katmod.com ? com
1510Bit Flipping wsw.katmod.com ? com
1511Bit Flipping wuw.katmod.com ? com
1512Bit Flipping wvw.katmod.com ? com
1513Bit Flipping ww7.katmod.com ? com
1514Bit Flipping wwg.katmod.com ? com
1515Bit Flipping wws.katmod.com ? com
1516Bit Flipping wwu.katmod.com ? com
1517Bit Flipping wwv.katmod.com ? com
1518Bit Flipping www.catmod.com 23.20.239.12 US,UNITED STATES com
1519Bit Flipping www.iatmod.com ? com
1520Bit Flipping www.ka4mod.com ? com
1521Bit Flipping www.kadmod.com ? com
1522Bit Flipping www.kapmod.com ? com
1523Bit Flipping www.kat-od.com ? com
1524Bit Flipping www.kateod.com ? com
1525Bit Flipping www.katiod.com ? com
1526Bit Flipping www.katlod.com ? com
1527Bit Flipping www.katmgd.com ? com
1528Bit Flipping www.katmkd.com ? com
1529Bit Flipping www.katmmd.com ? com
1530Bit Flipping www.katmnd.com ? com
1531Bit Flipping www.katmoe.com ? com
1532Bit Flipping www.katmol.com ? com
1533Bit Flipping www.katmot.com ? com
1534Bit Flipping www.katood.com 50.116.26.186 US,UNITED STATES katood.com com
1535Bit Flipping www.kaumod.com ? com
1536Bit Flipping www.kavmod.com ? com
1537Bit Flipping www.kctmod.com ? com
1538Bit Flipping www.kqtmod.com ? com
1539Bit Flipping www.oatmod.com ? com
1540Bit Flipping wwwnkatmod.com ? com
1541Homoglyphs vvvvvv.katmod.com ? com
1542Homoglyphs vvvvw.katmod.com ? com
1543Homoglyphs vvwvv.katmod.com ? com
1544Homoglyphs vvww.katmod.com ? com
1545Homoglyphs wvvvv.katmod.com ? com
1546Homoglyphs wvvw.katmod.com ? com
1547Homoglyphs wwvv.katmod.com ? com
1548Homoglyphs www.katm0d.com ? com
1549Homoglyphs www.katmocl.com ? com
1550Homoglyphs www.katrnod.com ? com
1551Wrong TLD katmod.ca ? ca
1552Wrong TLD katmod.ch ? ch
1553Wrong TLD katmod.de ? de
1554Wrong TLD katmod.edu ? edu
1555Wrong TLD katmod.es ? es
1556Wrong TLD katmod.fr ? fr
1557Wrong TLD katmod.it ? it
1558Wrong TLD katmod.jp ? jp
1559Wrong TLD katmod.net ? net
1560Wrong TLD katmod.nl ? nl
1561Wrong TLD katmod.no ? no
1562Wrong TLD katmod.org ? org
1563Wrong TLD katmod.ru ? ru
1564Wrong TLD katmod.se ? se
1565Wrong TLD katmod.us ? us
1566#################################################################################################################################
1567[+] www.katmod.com has no SPF record!
1568[*] No DMARC record found. Looking for organizational record
1569[+] No organizational DMARC record
1570[+] Spoofing possible for www.katmod.com!
1571#################################################################################################################################
1572WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1573Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:07 EDT
1574Nmap scan report for www.katmod.com (94.102.51.112)
1575Host is up (0.17s latency).
1576rDNS record for 94.102.51.112: no-reverse-dns-configured.com
1577Not shown: 486 filtered ports, 1 closed port
1578Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1579PORT STATE SERVICE
158022/tcp open ssh
158125/tcp open smtp
158253/tcp open domain
158380/tcp open http
1584110/tcp open pop3
1585143/tcp open imap
1586465/tcp open smtps
1587993/tcp open imaps
1588995/tcp open pop3s
1589
1590Nmap done: 1 IP address (1 host up) scanned in 5.65 seconds
1591#################################################################################################################################
1592Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:07 EDT
1593Nmap scan report for www.katmod.com (94.102.51.112)
1594Host is up.
1595rDNS record for 94.102.51.112: no-reverse-dns-configured.com
1596
1597PORT STATE SERVICE
159853/udp open|filtered domain
159967/udp open|filtered dhcps
160068/udp open|filtered dhcpc
160169/udp open|filtered tftp
160288/udp open|filtered kerberos-sec
1603123/udp open|filtered ntp
1604137/udp open|filtered netbios-ns
1605138/udp open|filtered netbios-dgm
1606139/udp open|filtered netbios-ssn
1607161/udp open|filtered snmp
1608162/udp open|filtered snmptrap
1609389/udp open|filtered ldap
1610500/udp open|filtered isakmp
1611520/udp open|filtered route
16122049/udp open|filtered nfs
1613
1614Nmap done: 1 IP address (1 host up) scanned in 5.26 seconds
1615#################################################################################################################################
1616# general
1617(gen) banner: SSH-2.0-OpenSSH_7.4
1618(gen) software: OpenSSH 7.4
1619(gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
1620(gen) compression: enabled (zlib@openssh.com)
1621
1622# key exchange algorithms
1623(kex) curve25519-sha256 -- [warn] unknown algorithm
1624(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
1625(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
1626 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1627(kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
1628 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1629(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
1630 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1631(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
1632 `- [info] available since OpenSSH 4.4
1633(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
1634(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
1635(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1636 `- [warn] using weak hashing algorithm
1637 `- [info] available since OpenSSH 2.3.0
1638(kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
1639(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
1640 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
1641(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1642 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
1643 `- [warn] using small 1024-bit modulus
1644 `- [warn] using weak hashing algorithm
1645 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
1646
1647# host-key algorithms
1648(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
1649(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
1650(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
1651(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
1652 `- [warn] using weak random number generator could reveal the key
1653 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1654(key) ssh-ed25519 -- [info] available since OpenSSH 6.5
1655
1656# encryption algorithms (ciphers)
1657(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
1658 `- [info] default cipher since OpenSSH 6.9.
1659(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
1660(enc) aes192-ctr -- [info] available since OpenSSH 3.7
1661(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
1662(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
1663(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
1664(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1665 `- [warn] using weak cipher mode
1666 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
1667(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1668 `- [warn] using weak cipher mode
1669 `- [info] available since OpenSSH 2.3.0
1670(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1671 `- [warn] using weak cipher mode
1672 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
1673(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1674 `- [fail] disabled since Dropbear SSH 0.53
1675 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1676 `- [warn] using weak cipher mode
1677 `- [warn] using small 64-bit block size
1678 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
1679(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1680 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1681 `- [warn] using weak cipher mode
1682 `- [warn] using small 64-bit block size
1683 `- [info] available since OpenSSH 2.1.0
1684(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1685 `- [warn] using weak cipher
1686 `- [warn] using weak cipher mode
1687 `- [warn] using small 64-bit block size
1688 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
1689
1690# message authentication code algorithms
1691(mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
1692 `- [info] available since OpenSSH 6.2
1693(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
1694(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
1695(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
1696(mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
1697 `- [info] available since OpenSSH 6.2
1698(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
1699 `- [warn] using small 64-bit tag size
1700 `- [info] available since OpenSSH 4.7
1701(mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
1702 `- [info] available since OpenSSH 6.2
1703(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
1704 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
1705(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
1706 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
1707(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
1708 `- [warn] using weak hashing algorithm
1709 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
1710
1711# algorithm recommendations (for OpenSSH 7.4)
1712(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
1713(rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
1714(rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
1715(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
1716(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
1717(rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
1718(rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
1719(rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
1720(rec) -blowfish-cbc -- enc algorithm to remove
1721(rec) -3des-cbc -- enc algorithm to remove
1722(rec) -aes256-cbc -- enc algorithm to remove
1723(rec) -cast128-cbc -- enc algorithm to remove
1724(rec) -aes192-cbc -- enc algorithm to remove
1725(rec) -aes128-cbc -- enc algorithm to remove
1726(rec) -hmac-sha2-512 -- mac algorithm to remove
1727(rec) -umac-128@openssh.com -- mac algorithm to remove
1728(rec) -hmac-sha2-256 -- mac algorithm to remove
1729(rec) -umac-64@openssh.com -- mac algorithm to remove
1730(rec) -hmac-sha1 -- mac algorithm to remove
1731(rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
1732(rec) -umac-64-etm@openssh.com -- mac algorithm to remove
1733#################################################################################################################################
1734Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:07 EDT
1735NSE: Loaded 51 scripts for scanning.
1736NSE: Script Pre-scanning.
1737Initiating NSE at 19:07
1738Completed NSE at 19:07, 0.00s elapsed
1739Initiating NSE at 19:07
1740Completed NSE at 19:07, 0.00s elapsed
1741Initiating Parallel DNS resolution of 1 host. at 19:07
1742Completed Parallel DNS resolution of 1 host. at 19:07, 0.02s elapsed
1743Initiating SYN Stealth Scan at 19:07
1744Scanning www.katmod.com (94.102.51.112) [1 port]
1745Discovered open port 22/tcp on 94.102.51.112
1746Completed SYN Stealth Scan at 19:07, 0.21s elapsed (1 total ports)
1747Initiating Service scan at 19:07
1748Scanning 1 service on www.katmod.com (94.102.51.112)
1749Completed Service scan at 19:07, 0.36s elapsed (1 service on 1 host)
1750Initiating OS detection (try #1) against www.katmod.com (94.102.51.112)
1751Retrying OS detection (try #2) against www.katmod.com (94.102.51.112)
1752Initiating Traceroute at 19:07
1753Completed Traceroute at 19:07, 3.15s elapsed
1754Initiating Parallel DNS resolution of 9 hosts. at 19:07
1755Completed Parallel DNS resolution of 9 hosts. at 19:07, 0.13s elapsed
1756NSE: Script scanning 94.102.51.112.
1757Initiating NSE at 19:07
1758NSE: [ssh-run 94.102.51.112:22] Failed to specify credentials and command to run.
1759NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: root:root
1760NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: admin:admin
1761NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: administrator:administrator
1762NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: webadmin:webadmin
1763NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: sysadmin:sysadmin
1764NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: netadmin:netadmin
1765NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: guest:guest
1766NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: user:user
1767NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: web:web
1768NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: test:test
1769NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: root:
1770NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: admin:
1771NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: administrator:
1772NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: webadmin:
1773NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: sysadmin:
1774NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: netadmin:
1775NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: guest:
1776NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: user:
1777NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: web:
1778NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: test:
1779NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: root:123456
1780NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: admin:123456
1781NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: administrator:123456
1782NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: webadmin:123456
1783NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: sysadmin:123456
1784NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: netadmin:123456
1785NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: guest:123456
1786NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: user:123456
1787NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: web:123456
1788NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: test:123456
1789NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: root:12345
1790NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: admin:12345
1791NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: administrator:12345
1792NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: webadmin:12345
1793NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: sysadmin:12345
1794NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: netadmin:12345
1795NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: guest:12345
1796NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: user:12345
1797NSE: [ssh-brute 94.102.51.112:22] Trying username/password pair: web:12345
1798Completed NSE at 19:09, 90.68s elapsed
1799Initiating NSE at 19:09
1800Completed NSE at 19:09, 0.05s elapsed
1801Nmap scan report for www.katmod.com (94.102.51.112)
1802Host is up (0.16s latency).
1803rDNS record for 94.102.51.112: no-reverse-dns-configured.com
1804
1805PORT STATE SERVICE VERSION
180622/tcp open ssh OpenSSH 7.4 (protocol 2.0)
1807| ssh-auth-methods:
1808| Supported authentication methods:
1809| publickey
1810| gssapi-keyex
1811| gssapi-with-mic
1812|_ password
1813| ssh-hostkey:
1814| 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
1815|_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuSDuH0ZZ1QaOQ2z9XwzG+h3EtdbvjlYz2TB9miT+5BD72uyS6mCppts/ADxxOIp3h39604aMln1X7MbBO/A59Wy2FURZ0/WMRFYTKnaheeBR9Lqr7BFpG/8i4Gh9ipvvqIkVQzGSVtANXXYNG5z9VbheQ/hf915CG/yCuuWqqJR/dZSYjk1JpI2Y5dFi7eglRLpQX647So85fELR1/88AGAKZaXLCWH7e0ECEDHt96FcK5jmsKD01N51w1NG6i8Bx+QMnPLLf/hgja0LzD1jdMZ3uwxu0jgWml3NigX0fTHYU5Ppo3CFwDIPWplHKOBDOVNb2KLFKx0GaLxZPDXvF
1816| ssh-publickey-acceptance:
1817|_ Accepted Public Keys: No public keys accepted
1818|_ssh-run: Failed to specify credentials and command to run.
1819| vulners:
1820| cpe:/a:openbsd:openssh:7.4:
1821| CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
1822|_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1823Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1824Device type: WAP|general purpose|specialized|broadband router
1825Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
1826OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
1827Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
1828No exact OS matches for host (test conditions non-ideal).
1829Network Distance: 12 hops
1830TCP Sequence Prediction: Difficulty=248 (Good luck!)
1831IP ID Sequence Generation: All zeros
1832
1833TRACEROUTE (using port 22/tcp)
1834HOP RTT ADDRESS
18351 133.16 ms 10.203.19.1
18362 ...
18373 134.28 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
18384 133.99 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
18395 140.12 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
18406 135.38 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
18417 135.40 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
18428 ...
18439 160.30 ms 195.122.181.130
184410 165.06 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
184511 ...
184612 164.09 ms no-reverse-dns-configured.com (94.102.51.112)
1847
1848NSE: Script Post-scanning.
1849Initiating NSE at 19:09
1850Completed NSE at 19:09, 0.00s elapsed
1851Initiating NSE at 19:09
1852Completed NSE at 19:09, 0.00s elapsed
1853#################################################################################################################################
1854Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:09 EDT
1855NSE: Loaded 55 scripts for scanning.
1856NSE: Script Pre-scanning.
1857Initiating NSE at 19:09
1858Completed NSE at 19:09, 0.00s elapsed
1859Initiating NSE at 19:09
1860Completed NSE at 19:09, 0.00s elapsed
1861Initiating Parallel DNS resolution of 1 host. at 19:09
1862Completed Parallel DNS resolution of 1 host. at 19:09, 0.02s elapsed
1863Initiating SYN Stealth Scan at 19:09
1864Scanning www.katmod.com (94.102.51.112) [1 port]
1865Discovered open port 25/tcp on 94.102.51.112
1866Completed SYN Stealth Scan at 19:09, 0.21s elapsed (1 total ports)
1867Initiating Service scan at 19:09
1868Scanning 1 service on www.katmod.com (94.102.51.112)
1869Completed Service scan at 19:09, 0.35s elapsed (1 service on 1 host)
1870Initiating OS detection (try #1) against www.katmod.com (94.102.51.112)
1871Retrying OS detection (try #2) against www.katmod.com (94.102.51.112)
1872adjust_timeouts2: packet supposedly had rtt of -86123 microseconds. Ignoring time.
1873adjust_timeouts2: packet supposedly had rtt of -86123 microseconds. Ignoring time.
1874adjust_timeouts2: packet supposedly had rtt of -87049 microseconds. Ignoring time.
1875adjust_timeouts2: packet supposedly had rtt of -87049 microseconds. Ignoring time.
1876adjust_timeouts2: packet supposedly had rtt of -51505 microseconds. Ignoring time.
1877adjust_timeouts2: packet supposedly had rtt of -51505 microseconds. Ignoring time.
1878Initiating Traceroute at 19:09
1879Completed Traceroute at 19:10, 3.14s elapsed
1880Initiating Parallel DNS resolution of 9 hosts. at 19:10
1881Completed Parallel DNS resolution of 9 hosts. at 19:10, 0.13s elapsed
1882NSE: Script scanning 94.102.51.112.
1883Initiating NSE at 19:10
1884Completed NSE at 19:11, 91.03s elapsed
1885Initiating NSE at 19:11
1886Completed NSE at 19:11, 0.02s elapsed
1887Nmap scan report for www.katmod.com (94.102.51.112)
1888Host is up (0.17s latency).
1889rDNS record for 94.102.51.112: no-reverse-dns-configured.com
1890
1891PORT STATE SERVICE VERSION
189225/tcp open smtp Exim smtpd 4.89
1893|_smtp-commands: SMTP EHLO www.katmod.com: failed to receive data: connection closed
1894| smtp-enum-users:
1895|_ Method RCPT returned a unhandled status code.
1896|_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
1897| smtp-vuln-cve2010-4344:
1898| Exim version: 4.89
1899| Exim heap overflow vulnerability (CVE-2010-4344):
1900| Exim (CVE-2010-4344): NOT VULNERABLE
1901| Exim privileges escalation vulnerability (CVE-2010-4345):
1902| Exim (CVE-2010-4345): NOT VULNERABLE
1903|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
1904| vulners:
1905| cpe:/a:exim:exim:4.89:
1906| CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1907| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1908| CVE-2019-10149 7.5 https://vulners.com/cve/CVE-2019-10149
1909| CVE-2018-6789 7.5 https://vulners.com/cve/CVE-2018-6789
1910| CVE-2017-16943 7.5 https://vulners.com/cve/CVE-2017-16943
1911| CVE-2017-16944 5.0 https://vulners.com/cve/CVE-2017-16944
1912|_ CVE-2017-1000369 2.1 https://vulners.com/cve/CVE-2017-1000369
1913Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1914Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), Crestron XPanel control system (93%), OpenWrt (Linux 2.4.32) (92%), Philips Hue Bridge 2.0 (Linux) (91%), Linux 2.6.24 (91%), OpenWrt (Linux 2.4.30 - 2.4.34) (90%), Linux 2.4.18 (90%), Linux 3.12 - 4.10 (89%)
1915No exact OS matches for host (test conditions non-ideal).
1916Network Distance: 12 hops
1917TCP Sequence Prediction: Difficulty=264 (Good luck!)
1918IP ID Sequence Generation: All zeros
1919Service Info: Host: a13s08.host.com
1920
1921TRACEROUTE (using port 25/tcp)
1922HOP RTT ADDRESS
19231 129.77 ms 10.203.19.1
19242 ...
19253 130.69 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
19264 130.65 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
19275 136.21 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
19286 136.52 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
19297 136.49 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
19308 ...
19319 161.44 ms 195.122.181.130
193210 166.01 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
193311 ...
193412 167.70 ms no-reverse-dns-configured.com (94.102.51.112)
1935
1936NSE: Script Post-scanning.
1937Initiating NSE at 19:11
1938Completed NSE at 19:11, 0.00s elapsed
1939Initiating NSE at 19:11
1940Completed NSE at 19:11, 0.00s elapsed
1941#################################################################################################################################
1942Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:11 EDT
1943NSE: Loaded 64 scripts for scanning.
1944NSE: Script Pre-scanning.
1945Initiating NSE at 19:11
1946Completed NSE at 19:11, 0.00s elapsed
1947Initiating NSE at 19:11
1948Completed NSE at 19:11, 0.00s elapsed
1949Initiating Parallel DNS resolution of 1 host. at 19:11
1950Completed Parallel DNS resolution of 1 host. at 19:11, 0.02s elapsed
1951Initiating SYN Stealth Scan at 19:11
1952Scanning www.katmod.com (94.102.51.112) [1 port]
1953Discovered open port 53/tcp on 94.102.51.112
1954Completed SYN Stealth Scan at 19:11, 0.20s elapsed (1 total ports)
1955Initiating Service scan at 19:11
1956Scanning 1 service on www.katmod.com (94.102.51.112)
1957Completed Service scan at 19:11, 6.33s elapsed (1 service on 1 host)
1958Initiating OS detection (try #1) against www.katmod.com (94.102.51.112)
1959Retrying OS detection (try #2) against www.katmod.com (94.102.51.112)
1960adjust_timeouts2: packet supposedly had rtt of -84551 microseconds. Ignoring time.
1961adjust_timeouts2: packet supposedly had rtt of -84551 microseconds. Ignoring time.
1962Initiating Traceroute at 19:11
1963Completed Traceroute at 19:11, 3.14s elapsed
1964Initiating Parallel DNS resolution of 9 hosts. at 19:11
1965Completed Parallel DNS resolution of 9 hosts. at 19:11, 0.13s elapsed
1966NSE: Script scanning 94.102.51.112.
1967Initiating NSE at 19:11
1968Completed NSE at 19:12, 14.06s elapsed
1969Initiating NSE at 19:12
1970Completed NSE at 19:12, 0.00s elapsed
1971Nmap scan report for www.katmod.com (94.102.51.112)
1972Host is up (0.16s latency).
1973rDNS record for 94.102.51.112: no-reverse-dns-configured.com
1974
1975PORT STATE SERVICE VERSION
197653/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1977|_dns-fuzz: Server didn't response to our probe, can't fuzz
1978| dns-nsec-enum:
1979|_ No NSEC records found
1980| dns-nsec3-enum:
1981|_ DNSSEC NSEC3 not supported
1982| dns-nsid:
1983|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1984| vulners:
1985| cpe:/a:isc:bind:9.9.4:
1986| CVE-2015-4620 7.8 https://vulners.com/cve/CVE-2015-4620
1987| CVE-2014-8500 7.8 https://vulners.com/cve/CVE-2014-8500
1988| CVE-2017-3141 7.2 https://vulners.com/cve/CVE-2017-3141
1989| CVE-2015-8461 7.1 https://vulners.com/cve/CVE-2015-8461
1990| CVE-2015-1349 5.4 https://vulners.com/cve/CVE-2015-1349
1991| CVE-2018-5740 5.0 https://vulners.com/cve/CVE-2018-5740
1992| CVE-2017-3145 5.0 https://vulners.com/cve/CVE-2017-3145
1993| CVE-2016-9131 5.0 https://vulners.com/cve/CVE-2016-9131
1994| CVE-2016-8864 5.0 https://vulners.com/cve/CVE-2016-8864
1995| CVE-2016-1286 5.0 https://vulners.com/cve/CVE-2016-1286
1996| CVE-2015-8000 5.0 https://vulners.com/cve/CVE-2015-8000
1997| CVE-2019-6465 4.3 https://vulners.com/cve/CVE-2019-6465
1998| CVE-2018-5743 4.3 https://vulners.com/cve/CVE-2018-5743
1999| CVE-2018-5742 4.3 https://vulners.com/cve/CVE-2018-5742
2000| CVE-2017-3143 4.3 https://vulners.com/cve/CVE-2017-3143
2001| CVE-2017-3142 4.3 https://vulners.com/cve/CVE-2017-3142
2002| CVE-2017-3136 4.3 https://vulners.com/cve/CVE-2017-3136
2003| CVE-2016-2775 4.3 https://vulners.com/cve/CVE-2016-2775
2004| CVE-2016-1285 4.3 https://vulners.com/cve/CVE-2016-1285
2005| CVE-2018-5741 4.0 https://vulners.com/cve/CVE-2018-5741
2006| CVE-2016-6170 4.0 https://vulners.com/cve/CVE-2016-6170
2007|_ CVE-2018-5745 3.5 https://vulners.com/cve/CVE-2018-5745
2008Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2009Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), Crestron XPanel control system (93%), OpenWrt (Linux 2.4.32) (92%), Philips Hue Bridge 2.0 (Linux) (91%), Linux 2.6.24 (91%), OpenWrt (Linux 2.4.30 - 2.4.34) (90%), Linux 2.4.18 (90%), Linux 3.12 - 4.10 (89%)
2010No exact OS matches for host (test conditions non-ideal).
2011Network Distance: 12 hops
2012TCP Sequence Prediction: Difficulty=261 (Good luck!)
2013IP ID Sequence Generation: All zeros
2014Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2015
2016Host script results:
2017| dns-blacklist:
2018| SPAM
2019|_ l2.apews.org - SPAM
2020| dns-brute:
2021| DNS Brute-force hostnames:
2022| www.katmod.com - 94.102.51.112
2023| smtp.katmod.com - 94.102.51.112
2024| mail.katmod.com - 94.102.51.112
2025|_ ftp.katmod.com - 94.102.51.112
2026
2027TRACEROUTE (using port 53/tcp)
2028HOP RTT ADDRESS
20291 130.42 ms 10.203.19.1
20302 ...
20313 130.48 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
20324 130.47 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
20335 135.54 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
20346 135.68 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
20357 138.26 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
20368 ...
20379 161.91 ms 195.122.181.130
203810 172.85 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
203911 ...
204012 162.44 ms no-reverse-dns-configured.com (94.102.51.112)
2041
2042NSE: Script Post-scanning.
2043Initiating NSE at 19:12
2044Completed NSE at 19:12, 0.00s elapsed
2045Initiating NSE at 19:12
2046Completed NSE at 19:12, 0.00s elapsed
2047#################################################################################################################################
2048HTTP/1.1 200 OK
2049Server: nginx
2050Date: Sat, 21 Mar 2020 23:12:07 GMT
2051Content-Type: text/html
2052Connection: keep-alive
2053Vary: Accept-Encoding
2054
2055Allow: GET,HEAD,POST,OPTIONS,TRACE
2056#################################################################################################################################
2057
2058wig - WebApp Information Gatherer
2059
2060
2061Scanning http://www.katmod.com...
2062_________________________________________ SITE INFO _________________________________________
2063IP Title
206494.102.51.112 Katrin Child Model
2065
2066__________________________________________ VERSION __________________________________________
2067Name Versions Type
2068phpMyAdmin 4_4_15_8 CMS
2069Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
2070 2.4.9
2071PHP 5.4.45 Platform
2072nginx Platform
2073FreeBSD 10 | 11 OS
2074OpenBSD 5.9 OS
2075
2076_____________________________________________________________________________________________
2077Time: 51.0 sec Urls: 724 Fingerprints: 40401
2078#################################################################################################################################
2079Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:13 EDT
2080NSE: Loaded 161 scripts for scanning.
2081NSE: Script Pre-scanning.
2082Initiating NSE at 19:13
2083Completed NSE at 19:13, 0.00s elapsed
2084Initiating NSE at 19:13
2085Completed NSE at 19:13, 0.00s elapsed
2086Initiating Parallel DNS resolution of 1 host. at 19:13
2087Completed Parallel DNS resolution of 1 host. at 19:13, 0.02s elapsed
2088Initiating SYN Stealth Scan at 19:13
2089Scanning www.katmod.com (94.102.51.112) [1 port]
2090Discovered open port 80/tcp on 94.102.51.112
2091Completed SYN Stealth Scan at 19:13, 0.22s elapsed (1 total ports)
2092Initiating Service scan at 19:13
2093Scanning 1 service on www.katmod.com (94.102.51.112)
2094Completed Service scan at 19:13, 6.34s elapsed (1 service on 1 host)
2095Initiating OS detection (try #1) against www.katmod.com (94.102.51.112)
2096Retrying OS detection (try #2) against www.katmod.com (94.102.51.112)
2097Initiating Traceroute at 19:13
2098Completed Traceroute at 19:13, 3.15s elapsed
2099Initiating Parallel DNS resolution of 9 hosts. at 19:13
2100Completed Parallel DNS resolution of 9 hosts. at 19:13, 0.17s elapsed
2101NSE: Script scanning 94.102.51.112.
2102Initiating NSE at 19:13
2103Completed NSE at 19:14, 50.65s elapsed
2104Initiating NSE at 19:14
2105Completed NSE at 19:14, 0.68s elapsed
2106Nmap scan report for www.katmod.com (94.102.51.112)
2107Host is up (0.17s latency).
2108rDNS record for 94.102.51.112: no-reverse-dns-configured.com
2109
2110PORT STATE SERVICE VERSION
211180/tcp open http nginx
2112| http-brute:
2113|_ Path "/" does not require authentication
2114|_http-chrono: Request times for /; avg: 747.11ms; min: 561.32ms; max: 901.96ms
2115| http-csrf:
2116| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=www.katmod.com
2117| Found the following possible CSRF vulnerabilities:
2118|
2119| Path: http://www.katmod.com:80/join.html
2120| Form id:
2121| Form action: https://nnpay.net/
2122|
2123| Path: http://www.katmod.com:80/join.html
2124| Form id:
2125| Form action: https://nnpay.net/
2126|
2127| Path: http://www.katmod.com:80/join.html
2128| Form id:
2129|_ Form action: https://nnpay.net/
2130|_http-date: Sat, 21 Mar 2020 23:13:31 GMT; -6s from local time.
2131|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
2132|_http-dombased-xss: Couldn't find any DOM based XSS.
2133|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
2134| http-errors:
2135| Spidering limited to: maxpagecount=40; withinhost=www.katmod.com
2136| Found the following error pages:
2137|
2138| Error Code: 404
2139|_ http://www.katmod.com:80/imgOff;
2140|_http-feed: Couldn't find any feeds.
2141|_http-fetch: Please enter the complete path of the directory to save data in.
2142| http-headers:
2143| Server: nginx
2144| Date: Sat, 21 Mar 2020 23:13:37 GMT
2145| Content-Type: text/html
2146| Connection: close
2147| Vary: Accept-Encoding
2148|
2149|_ (Request type: HEAD)
2150|_http-jsonp-detection: Couldn't find any JSONP endpoints.
2151| http-methods:
2152| Supported Methods: GET HEAD POST OPTIONS TRACE
2153|_ Potentially risky methods: TRACE
2154|_http-mobileversion-checker: No mobile version detected.
2155| http-php-version: Logo query returned unknown hash ce9267efdcfde70058f9b539c356b55c
2156|_Credits query returned unknown hash ce9267efdcfde70058f9b539c356b55c
2157|_http-security-headers:
2158| http-sitemap-generator:
2159| Directory structure:
2160| /
2161| Other: 1; html: 4
2162| /images/
2163| jpg: 12
2164| /imagestop/
2165| jpg: 2
2166| Longest directory structure:
2167| Depth: 1
2168| Dir: /images/
2169| Total files found (by extension):
2170|_ Other: 1; html: 4; jpg: 14
2171|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
2172|_http-title: Katrin Child Model
2173| http-vhosts:
2174| 126 names had status 200
2175|_ns2.katmod.com
2176|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
2177|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
2178|_http-xssed: No previously reported XSS vuln.
2179Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2180Device type: WAP|general purpose|specialized|broadband router
2181Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
2182OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2183Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2184No exact OS matches for host (test conditions non-ideal).
2185Network Distance: 12 hops
2186TCP Sequence Prediction: Difficulty=257 (Good luck!)
2187IP ID Sequence Generation: All zeros
2188
2189TRACEROUTE (using port 80/tcp)
2190HOP RTT ADDRESS
21911 132.09 ms 10.203.19.1
21922 ...
21933 132.64 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
21944 132.61 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
21955 138.19 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
21966 138.37 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
21977 138.60 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
21988 ...
21999 159.68 ms 195.122.181.130
220010 164.75 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
220111 ...
220212 166.59 ms no-reverse-dns-configured.com (94.102.51.112)
2203
2204NSE: Script Post-scanning.
2205Initiating NSE at 19:14
2206Completed NSE at 19:14, 0.00s elapsed
2207Initiating NSE at 19:14
2208Completed NSE at 19:14, 0.00s elapsed
2209#################################################################################################################################
2210Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:15 EDT
2211NSE: Loaded 49 scripts for scanning.
2212NSE: Script Pre-scanning.
2213Initiating NSE at 19:15
2214Completed NSE at 19:15, 0.00s elapsed
2215Initiating NSE at 19:15
2216Completed NSE at 19:15, 0.00s elapsed
2217Initiating Ping Scan at 19:15
2218Scanning www.katmod.com (94.102.51.112) [4 ports]
2219Completed Ping Scan at 19:15, 0.24s elapsed (1 total hosts)
2220Initiating Parallel DNS resolution of 1 host. at 19:15
2221Completed Parallel DNS resolution of 1 host. at 19:15, 0.02s elapsed
2222Initiating SYN Stealth Scan at 19:15
2223Scanning www.katmod.com (94.102.51.112) [1 port]
2224Discovered open port 110/tcp on 94.102.51.112
2225Completed SYN Stealth Scan at 19:15, 0.20s elapsed (1 total ports)
2226Initiating Service scan at 19:15
2227Scanning 1 service on www.katmod.com (94.102.51.112)
2228Completed Service scan at 19:15, 0.34s elapsed (1 service on 1 host)
2229Initiating OS detection (try #1) against www.katmod.com (94.102.51.112)
2230Retrying OS detection (try #2) against www.katmod.com (94.102.51.112)
2231Initiating Traceroute at 19:15
2232Completed Traceroute at 19:15, 3.15s elapsed
2233Initiating Parallel DNS resolution of 9 hosts. at 19:15
2234Completed Parallel DNS resolution of 9 hosts. at 19:15, 0.13s elapsed
2235NSE: Script scanning 94.102.51.112.
2236Initiating NSE at 19:15
2237NSE Timing: About 68.66% done; ETC: 19:16 (0:00:30 remaining)
2238Completed NSE at 19:16, 91.07s elapsed
2239Initiating NSE at 19:16
2240Completed NSE at 19:16, 0.05s elapsed
2241Nmap scan report for www.katmod.com (94.102.51.112)
2242Host is up (0.17s latency).
2243rDNS record for 94.102.51.112: no-reverse-dns-configured.com
2244
2245PORT STATE SERVICE VERSION
2246110/tcp open pop3 Dovecot pop3d
2247|_pop3-capabilities: USER PIPELINING AUTH-RESP-CODE UIDL CAPA SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) TOP RESP-CODES STLS
2248Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2249Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), Crestron XPanel control system (93%), OpenWrt (Linux 2.4.32) (92%), Philips Hue Bridge 2.0 (Linux) (92%), Linux 2.6.24 (91%), OpenWrt (Linux 2.4.30 - 2.4.34) (90%), Linux 2.4.18 (90%), Linux 3.12 - 4.10 (90%)
2250No exact OS matches for host (test conditions non-ideal).
2251Network Distance: 12 hops
2252TCP Sequence Prediction: Difficulty=263 (Good luck!)
2253IP ID Sequence Generation: All zeros
2254
2255TRACEROUTE (using port 80/tcp)
2256HOP RTT ADDRESS
22571 132.72 ms 10.203.19.1
22582 ...
22593 133.38 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
22604 133.34 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
22615 138.80 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
22626 138.77 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
22637 145.63 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
22648 ...
22659 161.41 ms 195.122.181.130
226610 166.24 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
226711 ...
226812 168.38 ms no-reverse-dns-configured.com (94.102.51.112)
2269#################################################################################################################################
2270--------------------------------------------------------
2271<<<Yasuo discovered following vulnerable applications>>>
2272--------------------------------------------------------
2273+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2274| App Name | URL to Application | Potential Exploit | Username | Password |
2275+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2276| phpMyAdmin | http://94.102.51.112:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
2277+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2278#################################################################################################################################
2279Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:00 EDT
2280Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2281Host is up (0.16s latency).
2282Not shown: 466 filtered ports, 1 closed port
2283Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2284PORT STATE SERVICE VERSION
228522/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2286| ssh-hostkey:
2287| 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
2288| 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
2289|_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
229025/tcp open smtp Exim smtpd 4.89
2291| smtp-commands: a13s08.host.com Hello no-reverse-dns-configured.com [45.132.192.69], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
2292|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2293| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2294| Not valid before: 2018-03-05T07:49:40
2295|_Not valid after: 2028-03-02T07:49:40
2296|_ssl-date: TLS randomness does not represent time
229753/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2298| dns-nsid:
2299|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
230080/tcp open http nginx
2301|_http-generator: Microsoft FrontPage 5.0
2302| http-methods:
2303|_ Potentially risky methods: TRACE
2304|_http-title: Andy Pioneer Top Sites
2305110/tcp open pop3 Dovecot pop3d
2306|_pop3-capabilities: CAPA PIPELINING TOP STLS AUTH-RESP-CODE UIDL SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) RESP-CODES USER
2307|_ssl-date: TLS randomness does not represent time
2308143/tcp open imap Dovecot imapd
2309|_imap-capabilities: capabilities ID AUTH=CRAM-MD5A0001 OK STARTTLS Pre-login IMAP4rev1 AUTH=LOGIN AUTH=DIGEST-MD5 listed post-login LOGIN-REFERRALS IDLE AUTH=PLAIN more have ENABLE SASL-IR LITERAL+
2310|_ssl-date: TLS randomness does not represent time
2311465/tcp open ssl/smtp Exim smtpd 4.89
2312|_smtp-commands: Couldn't establish connection on port 465
2313| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2314| Not valid before: 2018-03-05T07:49:40
2315|_Not valid after: 2028-03-02T07:49:40
2316|_ssl-date: TLS randomness does not represent time
2317993/tcp open ssl/imaps?
2318|_ssl-date: TLS randomness does not represent time
2319995/tcp open ssl/pop3s?
2320|_ssl-date: TLS randomness does not represent time
2321Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (97%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Linux 2.4.18 (93%), Asus RT-AC66U router (Linux 2.6) (92%), Asus RT-N16 WAP (Linux 2.6) (92%), Asus RT-N66U WAP (Linux 2.6) (92%), Tomato 1.28 (Linux 2.6.22) (92%), Philips Hue Bridge 2.0 (Linux) (91%), Linux 3.0 (89%)
2322No exact OS matches for host (test conditions non-ideal).
2323Network Distance: 12 hops
2324Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2325
2326TRACEROUTE (using port 993/tcp)
2327HOP RTT ADDRESS
23281 132.18 ms 10.203.19.1
23292 ...
23303 132.69 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
23314 132.53 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
23325 137.72 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
23336 138.52 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
23347 134.30 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
23358 ...
23369 160.16 ms 195.122.181.130
233710 170.37 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
233811 ...
233912 162.12 ms no-reverse-dns-configured.com (94.102.51.112)
2340#################################################################################################################################
2341Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:03 EDT
2342Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2343Host is up (0.17s latency).
2344Not shown: 13 filtered ports
2345Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2346PORT STATE SERVICE VERSION
234753/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
234853/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2349| dns-nsid:
2350|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
235167/udp open|filtered dhcps
235268/udp open|filtered dhcpc
235369/udp open|filtered tftp
235488/udp open|filtered kerberos-sec
2355123/udp open|filtered ntp
2356137/udp open|filtered netbios-ns
2357138/udp open|filtered netbios-dgm
2358139/udp open|filtered netbios-ssn
2359161/udp open|filtered snmp
2360162/udp open|filtered snmptrap
2361389/udp open|filtered ldap
2362520/udp open|filtered route
23632049/udp open|filtered nfs
2364Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2365Device type: WAP|general purpose|specialized|broadband router
2366Running (JUST GUESSING): Linux 2.4.X|2.6.X (94%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
2367OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2368Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2369No exact OS matches for host (test conditions non-ideal).
2370Network Distance: 12 hops
2371Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2372
2373TRACEROUTE (using port 53/tcp)
2374HOP RTT ADDRESS
23751 127.21 ms 10.203.19.1
23762 ...
23773 128.58 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
23784 127.80 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
23795 133.58 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
23806 133.55 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
23817 133.80 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
23828 ...
23839 158.68 ms 195.122.181.130
238410 164.14 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
238511 ...
238612 162.26 ms no-reverse-dns-configured.com (94.102.51.112)
2387#################################################################################################################################
2388Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:08 EDT
2389Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2390Host is up (0.17s latency).
2391
2392PORT STATE SERVICE VERSION
239322/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2394|_ssh-auth-methods: ERROR: Script execution failed (use -d to debug)
2395|_ssh-brute: ERROR: Script execution failed (use -d to debug)
2396|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
2397|_ssh-run: ERROR: Script execution failed (use -d to debug)
2398Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2399Device type: WAP|general purpose|specialized|broadband router
2400Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Crestron 2-Series (90%), Philips embedded (89%), Asus embedded (87%)
2401OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:crestron:2_series cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2402Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Philips Hue Bridge 2.0 (Linux) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2403No exact OS matches for host (test conditions non-ideal).
2404Network Distance: 12 hops
2405
2406TRACEROUTE (using port 22/tcp)
2407HOP RTT ADDRESS
24081 133.82 ms 10.203.19.1
24092 ...
24103 135.85 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
24114 134.24 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
24125 140.67 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
24136 140.73 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
24147 140.72 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
24158 ...
24169 165.50 ms 195.122.181.130
241710 167.10 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
241811 ...
241912 168.24 ms no-reverse-dns-configured.com (94.102.51.112)
2420#################################################################################################################################
2421Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:09 EDT
2422NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
2423NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
2424NSE: [smtp-brute] passwords: Time limit 3m00s exceeded.
2425Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2426Host is up (0.17s latency).
2427
2428PORT STATE SERVICE VERSION
242925/tcp open smtp Exim smtpd 4.89
2430| smtp-brute:
2431| Accounts: No valid accounts found
2432|_ Statistics: Performed 2136 guesses in 181 seconds, average tps: 11.7
2433| smtp-commands: a13s08.host.com Hello no-reverse-dns-configured.com [45.132.192.69], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
2434|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2435| smtp-enum-users:
2436|_ Couldn't find any accounts
2437|_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
2438| smtp-vuln-cve2010-4344:
2439| Exim version: 4.89
2440| Exim heap overflow vulnerability (CVE-2010-4344):
2441| Exim (CVE-2010-4344): NOT VULNERABLE
2442| Exim privileges escalation vulnerability (CVE-2010-4345):
2443| Exim (CVE-2010-4345): NOT VULNERABLE
2444|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
2445Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2446Device type: WAP|general purpose|specialized|broadband router
2447Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
2448OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2449Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2450No exact OS matches for host (test conditions non-ideal).
2451Network Distance: 12 hops
2452Service Info: Host: a13s08.host.com
2453
2454TRACEROUTE (using port 25/tcp)
2455HOP RTT ADDRESS
24561 136.95 ms 10.203.19.1
24572 ...
24583 133.73 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
24594 133.45 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
24605 138.90 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
24616 138.93 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
24627 139.71 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
24638 ...
24649 164.39 ms 195.122.181.130
246510 168.78 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
246611 ...
246712 165.48 ms no-reverse-dns-configured.com (94.102.51.112)
2468#################################################################################################################################
2469Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:14 EDT
2470Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2471Host is up (0.17s latency).
2472
2473PORT STATE SERVICE VERSION
247453/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2475|_dns-fuzz: Server didn't response to our probe, can't fuzz
2476| dns-nsec-enum:
2477|_ No NSEC records found
2478| dns-nsec3-enum:
2479|_ DNSSEC NSEC3 not supported
2480| dns-nsid:
2481|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
2482Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2483Device type: WAP|general purpose|specialized|broadband router
2484Running (JUST GUESSING): Linux 2.4.X|2.6.X (94%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
2485OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2486Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2487No exact OS matches for host (test conditions non-ideal).
2488Network Distance: 12 hops
2489Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2490
2491Host script results:
2492| dns-blacklist:
2493| SPAM
2494|_ l2.apews.org - SPAM
2495| dns-brute:
2496|_ DNS Brute-force hostnames: No results.
2497
2498TRACEROUTE (using port 53/tcp)
2499HOP RTT ADDRESS
25001 129.67 ms 10.203.19.1
25012 ...
25023 129.75 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
25034 129.71 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
25045 135.20 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
25056 135.23 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
25067 135.26 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
25078 ...
25089 160.94 ms 195.122.181.130
250910 165.76 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
251011 ...
251112 165.31 ms no-reverse-dns-configured.com (94.102.51.112)
2512#################################################################################################################################
2513Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:14 EDT
2514Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2515Host is up (0.16s latency).
2516
2517PORT STATE SERVICE VERSION
251867/tcp filtered dhcps
251967/udp open|filtered dhcps
2520|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
2521Too many fingerprints match this host to give specific OS details
2522Network Distance: 12 hops
2523
2524TRACEROUTE (using proto 1/icmp)
2525HOP RTT ADDRESS
25261 132.87 ms 10.203.19.1
25272 ...
25283 133.89 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
25294 133.87 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
25305 139.07 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
25316 139.85 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
25327 139.88 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
25338 169.46 ms ae-2-3203.ear3.Frankfurt1.Level3.net (4.69.163.90)
25349 165.89 ms 195.122.181.130
253510 169.53 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
253611 ...
253712 165.04 ms no-reverse-dns-configured.com (94.102.51.112)
2538#################################################################################################################################
2539Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:16 EDT
2540Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2541Host is up (0.16s latency).
2542
2543PORT STATE SERVICE VERSION
254468/tcp filtered dhcpc
254568/udp open|filtered dhcpc
2546Too many fingerprints match this host to give specific OS details
2547Network Distance: 12 hops
2548
2549TRACEROUTE (using proto 1/icmp)
2550HOP RTT ADDRESS
25511 131.20 ms 10.203.19.1
25522 ...
25533 131.90 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
25544 131.73 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
25555 137.77 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
25566 134.18 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
25577 134.56 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
25588 ...
25599 159.57 ms 195.122.181.130
256010 164.89 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
256111 ...
256212 169.15 ms no-reverse-dns-configured.com (94.102.51.112)
2563#################################################################################################################################
2564Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:18 EDT
2565Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2566Host is up (0.16s latency).
2567
2568PORT STATE SERVICE VERSION
256969/tcp filtered tftp
257069/udp open|filtered tftp
2571Too many fingerprints match this host to give specific OS details
2572Network Distance: 12 hops
2573
2574TRACEROUTE (using proto 1/icmp)
2575HOP RTT ADDRESS
25761 132.54 ms 10.203.19.1
25772 ...
25783 133.80 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
25794 133.76 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
25805 140.35 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
25816 138.73 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
25827 137.84 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
25838 ...
25849 160.57 ms 195.122.181.130
258510 169.02 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
258611 ...
258712 163.69 ms no-reverse-dns-configured.com (94.102.51.112)
2588#################################################################################################################################
2589
2590wig - WebApp Information Gatherer
2591
2592
2593Scanning http://94.102.51.112...
2594_________________________________________ SITE INFO _________________________________________
2595IP Title
259694.102.51.112 Andy Pioneer Top Sites
2597
2598__________________________________________ VERSION __________________________________________
2599Name Versions Type
2600phpMyAdmin 4_4_15_8 CMS
2601Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
2602 2.4.9
2603PHP 5.4.45 Platform
2604nginx Platform
2605FreeBSD 10 | 11 OS
2606OpenBSD 5.9 OS
2607
2608_____________________________________________________________________________________________
2609Time: 39.3 sec Urls: 714
2610#################################################################################################################################
2611HTTP/1.1 200 OK
2612Server: nginx
2613Date: Sat, 21 Mar 2020 23:21:35 GMT
2614Content-Type: text/html
2615Connection: keep-alive
2616Vary: Accept-Encoding
2617
2618HTTP/1.1 200 OK
2619Server: nginx
2620Date: Sat, 21 Mar 2020 23:21:36 GMT
2621Content-Type: text/html
2622Connection: keep-alive
2623Vary: Accept-Encoding
2624#################################################################################################################################
2625Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:21 EDT
2626NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
2627NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
2628NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
2629Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2630Host is up (0.16s latency).
2631
2632PORT STATE SERVICE VERSION
2633110/tcp open pop3 Dovecot pop3d
2634| pop3-brute:
2635| Accounts: No valid accounts found
2636|_ Statistics: Performed 225 guesses in 196 seconds, average tps: 1.1
2637|_pop3-capabilities: RESP-CODES PIPELINING SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) CAPA AUTH-RESP-CODE STLS UIDL USER TOP
2638Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2639Device type: WAP|general purpose|specialized|broadband router
2640Running (JUST GUESSING): Linux 2.4.X|2.6.X (94%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
2641OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2642Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2643No exact OS matches for host (test conditions non-ideal).
2644Network Distance: 12 hops
2645
2646TRACEROUTE (using port 110/tcp)
2647HOP RTT ADDRESS
26481 133.24 ms 10.203.19.1
26492 ...
26503 133.87 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
26514 133.55 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
26525 139.16 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
26536 139.98 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
26547 135.69 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
26558 ...
26569 162.00 ms 195.122.181.130
265710 166.69 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
265811 ...
265912 165.46 ms no-reverse-dns-configured.com (94.102.51.112)
2660#################################################################################################################################
2661Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:25 EDT
2662Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2663Host is up (0.17s latency).
2664
2665PORT STATE SERVICE VERSION
2666123/tcp filtered ntp
2667123/udp open|filtered ntp
2668Too many fingerprints match this host to give specific OS details
2669Network Distance: 12 hops
2670
2671TRACEROUTE (using proto 1/icmp)
2672HOP RTT ADDRESS
26731 136.83 ms 10.203.19.1
26742 ...
26753 137.91 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
26764 137.55 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
26775 142.80 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
26786 142.86 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
26797 149.89 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
26808 ...
26819 168.25 ms 195.122.181.130
268210 168.49 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
268311 ...
268412 162.20 ms no-reverse-dns-configured.com (94.102.51.112)
2685################################################################################################################################
2686--------------------------------------------------------
2687<<<Yasuo discovered following vulnerable applications>>>
2688--------------------------------------------------------
2689+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2690| App Name | URL to Application | Potential Exploit | Username | Password |
2691+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2692| phpMyAdmin | http://94.102.51.112:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
2693+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2694#################################################################################################################################
2695Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:31 EDT
2696Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2697Host is up (0.17s latency).
2698Not shown: 64514 filtered ports, 1012 closed ports
2699PORT STATE SERVICE VERSION
270022/tcp open ssh?
2701|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
270225/tcp open smtp Exim smtpd 4.89
2703| smtp-commands: a13s08.host.com Hello no-reverse-dns-configured.com [45.132.192.69], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
2704|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2705|_ssl-date: TLS randomness does not represent time
270653/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2707| dns-nsid:
2708|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
270980/tcp open http nginx
2710|_http-generator: Microsoft FrontPage 5.0
2711| http-methods:
2712|_ Potentially risky methods: TRACE
2713|_http-title: Andy Pioneer Top Sites
2714110/tcp open pop3 Dovecot pop3d
2715|_pop3-capabilities: UIDL AUTH-RESP-CODE STLS RESP-CODES PIPELINING SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) USER TOP CAPA
2716|_ssl-date: TLS randomness does not represent time
2717143/tcp open imap Dovecot imapd
2718|_imap-capabilities: ENABLE STARTTLS AUTH=LOGIN Pre-login AUTH=DIGEST-MD5 ID IMAP4rev1 AUTH=CRAM-MD5A0001 LOGIN-REFERRALS capabilities AUTH=PLAIN SASL-IR post-login OK more have listed IDLE LITERAL+
2719|_ssl-date: TLS randomness does not represent time
2720465/tcp open ssl/smtp Exim smtpd 4.89
2721| smtp-commands: a13s08.host.com Hello no-reverse-dns-configured.com [45.132.192.69], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, HELP,
2722|_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2723| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2724| Not valid before: 2018-03-05T07:49:40
2725|_Not valid after: 2028-03-02T07:49:40
2726993/tcp open ssl/imaps?
2727|_ssl-date: TLS randomness does not represent time
2728995/tcp open ssl/pop3s?
2729|_ssl-date: TLS randomness does not represent time
2730Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (97%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Linux 2.4.18 (90%), Asus RT-AC66U router (Linux 2.6) (89%), Asus RT-N16 WAP (Linux 2.6) (89%), Asus RT-N66U WAP (Linux 2.6) (89%), Tomato 1.28 (Linux 2.6.22) (89%), Crestron XPanel control system (89%), Philips Hue Bridge 2.0 (Linux) (89%)
2731No exact OS matches for host (test conditions non-ideal).
2732Network Distance: 12 hops
2733Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2734
2735TRACEROUTE (using port 443/tcp)
2736HOP RTT ADDRESS
27371 130.76 ms 10.203.19.1
27382 ...
27393 131.47 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
27404 131.44 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
27415 136.70 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
27426 136.75 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
27437 137.13 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
27448 ...
27459 157.98 ms 195.122.181.130
274610 163.61 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
274711 ...
274812 165.82 ms no-reverse-dns-configured.com (94.102.51.112)
2749#################################################################################################################################
2750Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:39 EDT
2751Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
2752Host is up (0.17s latency).
2753
2754PORT STATE SERVICE VERSION
275553/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
275667/tcp filtered dhcps
275768/tcp filtered dhcpc
275869/tcp filtered tftp
275988/tcp filtered kerberos-sec
2760123/tcp filtered ntp
2761137/tcp filtered netbios-ns
2762138/tcp filtered netbios-dgm
2763139/tcp filtered netbios-ssn
2764161/tcp filtered snmp
2765162/tcp filtered snmptrap
2766389/tcp filtered ldap
2767520/tcp filtered efs
27682049/tcp filtered nfs
276953/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2770| dns-nsid:
2771|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
277267/udp open|filtered dhcps
277368/udp open|filtered dhcpc
277469/udp open|filtered tftp
277588/udp open|filtered kerberos-sec
2776123/udp open|filtered ntp
2777137/udp open|filtered netbios-ns
2778138/udp open|filtered netbios-dgm
2779139/udp open|filtered netbios-ssn
2780161/udp open|filtered snmp
2781162/udp open|filtered snmptrap
2782389/udp open|filtered ldap
2783520/udp open|filtered route
27842049/udp open|filtered nfs
2785Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2786Device type: WAP|general purpose|specialized|broadband router
2787Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Crestron 2-Series (90%), Philips embedded (89%), Asus embedded (87%)
2788OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:crestron:2_series cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2789Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Philips Hue Bridge 2.0 (Linux) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2790No exact OS matches for host (test conditions non-ideal).
2791Network Distance: 12 hops
2792Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2793
2794TRACEROUTE (using port 53/tcp)
2795HOP RTT ADDRESS
27961 132.44 ms 10.203.19.1
27972 ...
27983 133.25 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
27994 133.21 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
28005 138.38 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
28016 138.45 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
28027 138.44 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
28038 ...
28049 165.03 ms 195.122.181.130
280510 169.07 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
280611 ...
280712 165.55 ms no-reverse-dns-configured.com (94.102.51.112)
2808#################################################################################################################################
2809Hosts
2810=====
2811
2812address mac name os_name os_flavor os_sp purpose info comments
2813------- --- ---- ------- --------- ----- ------- ---- --------
28143.83.211.23 ec2-3-83-211-23.compute-1.amazonaws.com embedded device
28153.216.98.236 ec2-3-216-98-236.compute-1.amazonaws.com Linux 3.X server
28165.45.67.166 dns.sflex.net Unknown device
281723.229.234.138 ip-23-229-234-138.ip.secureserver.net Linux 3.X server
281834.224.171.238 ec2-34-224-171-238.compute-1.amazonaws.com Linux server
281934.236.0.217 ec2-34-236-0-217.compute-1.amazonaws.com Linux 3.X server
282034.253.89.155 ec2-34-253-89-155.eu-west-1.compute.amazonaws.com Linux 4.X server
282137.1.207.121 teens-sins.net 2-Series 3.X device
282243.245.223.4 Linux 2.6.X server
282345.60.47.218 Linux 3.X server
282445.88.202.111 Linux 3.X server
282545.239.108.252 whale.ecohosting.cl Linux 3.X server
282652.1.2.24 ec2-52-1-2-24.compute-1.amazonaws.com Linux server
282752.1.174.10 ec2-52-1-174-10.compute-1.amazonaws.com Linux 3.X server
282852.30.54.73 ec2-52-30-54-73.eu-west-1.compute.amazonaws.com Linux 4.X server
282952.52.234.222 ec2-52-52-234-222.us-west-1.compute.amazonaws.com Unknown device
283052.138.144.162 Unknown device
283154.36.158.42 lb.xtgem.com Linux 3.X server
283254.72.57.25 ec2-54-72-57-25.eu-west-1.compute.amazonaws.com Linux 4.X server
283354.85.59.109 ec2-54-85-59-109.compute-1.amazonaws.com Linux 3.X server
283454.194.134.190 ec2-54-194-134-190.eu-west-1.compute.amazonaws.com Linux 4.X server
283564.69.94.253 Unknown device
283667.205.1.246 ps614624.dreamhost.com Android 5.X device
283769.163.233.4 ps54052.dreamhostps.com Linux 14.04 server
283874.117.180.192 embedded device
283982.94.222.131 Unknown device
284092.123.250.35 a92-123-250-35.deploy.static.akamaitechnologies.com embedded device
284192.123.250.65 a92-123-250-65.deploy.static.akamaitechnologies.com Linux 3.X server
284294.102.51.111 Linux 2.6.X server
284394.102.51.112 no-reverse-dns-configured.com Linux 2.6.X server
2844104.244.73.40 Unknown device
2845104.244.76.231 Linux 3.X server
2846104.244.77.188 Linux 3.X server
2847104.244.79.89 Linux 3.X server
2848107.180.28.114 ip-107-180-28-114.ip.secureserver.net Unknown device
2849111.90.145.39 web16.support-emilid.com Linux 2.6.X server
2850143.95.110.248 ip-143-95-110-248.iplocal Linux 3.X server
2851146.83.222.104 callecalle5.uach.cl Unknown device
2852149.126.72.220 149.126.72.220.ip.incapdns.net Linux 3.X server
2853151.106.38.107 ns3152160.ip-151-106-38.eu embedded device
2854158.69.13.254 ip254.ip-158-69-13.net 2-Series 2.6.X device
2855162.244.35.13 xnlog.com FreeBSD 7.X device
2856163.247.48.46 Unknown device
2857163.247.127.20 Unknown device
2858163.247.130.114 embedded device
2859163.247.175.176 Unknown device
2860165.22.143.229 Linux 2.6.X server
2861165.227.99.239 Linux 3.X server
2862169.239.218.20 cp10.domains.co.za Linux 2.6.X server
2863170.239.85.227 gesaguas.cl Unknown device
2864173.214.244.169 173.214.244.169.serverel.net Unknown device
2865174.142.53.51 mail.marineland.ca Linux 3.X server
2866186.64.118.40 mail.blue127.dnsmisitio.net embedded device
2867190.98.209.37 static.190.98.209.37.gtdinternet.com Unknown device
2868190.107.177.35 srv25.cpanelhost.cl Linux 2.6.X server
2869190.110.121.175 todofutbol.hn.cl Unknown device
2870190.153.209.187 static.190.153.209.187.gtdinternet.com Unknown device
2871190.153.219.254 mail.evopoli.cl Linux 3.X server
2872192.185.134.58 ns36.accountservergroup.com Linux 3.X server
2873199.38.245.243 embedded device
2874200.2.249.28 Linux 3.X server
2875200.10.251.82 homer.sii.cl Unknown device
2876200.12.19.101 embedded device
2877200.29.0.33 cp33.puntoweb.cl Unknown device
2878200.54.92.108 Linux 9.0 server
2879200.54.230.247 plesk.tdata.cloud Linux 3.X server
2880200.55.198.228 Linux 2.4.X server
2881200.68.30.227 mail.gorecoquimbo.cl Unknown device
2882200.68.34.99 Unknown device
2883200.73.54.34 mail.maxtel.cl Linux 2.6.X server
2884200.91.40.252 200-91-40-252.avz.cl Unknown device
2885200.91.41.5 cruzblanca.cl Unknown device
2886200.126.100.83 toqui.gorearaucania.cl Unknown device
2887201.159.170.136 soloweb.sinc.cl Unknown device
2888204.93.193.141 suzuka.mochahost.com Unknown device
2889206.48.140.40 Unknown device
2890207.246.147.189 2-Series device
2891207.246.147.190 Linux 4.X server
2892207.246.147.247 Linux 4.X server
2893207.246.147.248 Linux 4.X server
2894211.13.196.135 sv3.isle.ne.jp Linux 2.6.X server
2895212.174.0.150 Windows 2012 server
2896216.172.184.117 Linux 3.X server
2897218.45.5.97 www.town.koya.wakayama.jp Linux 2.6.X server
2898#################################################################################################################################
2899Services
2900========
2901
2902host port proto name state info
2903---- ---- ----- ---- ----- ----
29043.83.211.23 53 tcp domain filtered
29053.83.211.23 53 udp domain unknown
29063.83.211.23 67 tcp dhcps filtered
29073.83.211.23 67 udp dhcps unknown
29083.83.211.23 68 tcp dhcpc filtered
29093.83.211.23 68 udp dhcpc unknown
29103.83.211.23 69 tcp tftp filtered
29113.83.211.23 69 udp tftp unknown
29123.83.211.23 80 tcp http open Microsoft IIS httpd 10.0
29133.83.211.23 88 tcp kerberos-sec filtered
29143.83.211.23 88 udp kerberos-sec unknown
29153.83.211.23 123 tcp ntp filtered
29163.83.211.23 123 udp ntp unknown
29173.83.211.23 137 tcp netbios-ns filtered
29183.83.211.23 137 udp netbios-ns unknown
29193.83.211.23 138 tcp netbios-dgm filtered
29203.83.211.23 138 udp netbios-dgm unknown
29213.83.211.23 139 tcp netbios-ssn filtered
29223.83.211.23 139 udp netbios-ssn unknown
29233.83.211.23 161 tcp snmp filtered
29243.83.211.23 161 udp snmp unknown
29253.83.211.23 162 tcp snmptrap filtered
29263.83.211.23 162 udp snmptrap unknown
29273.83.211.23 389 tcp ldap filtered
29283.83.211.23 389 udp ldap unknown
29293.83.211.23 443 tcp ssl/http open Microsoft IIS httpd 10.0
29303.83.211.23 520 tcp efs filtered
29313.83.211.23 520 udp route unknown
29323.83.211.23 2049 tcp nfs filtered
29333.83.211.23 2049 udp nfs unknown
29343.216.98.236 53 tcp domain filtered
29353.216.98.236 53 udp domain unknown
29363.216.98.236 67 tcp dhcps filtered
29373.216.98.236 67 udp dhcps unknown
29383.216.98.236 68 tcp dhcpc filtered
29393.216.98.236 68 udp dhcpc unknown
29403.216.98.236 69 tcp tftp filtered
29413.216.98.236 69 udp tftp unknown
29423.216.98.236 80 tcp http open Microsoft IIS httpd 10.0
29433.216.98.236 88 tcp kerberos-sec filtered
29443.216.98.236 88 udp kerberos-sec unknown
29453.216.98.236 123 tcp ntp filtered
29463.216.98.236 123 udp ntp unknown
29473.216.98.236 137 tcp netbios-ns filtered
29483.216.98.236 137 udp netbios-ns unknown
29493.216.98.236 138 tcp netbios-dgm filtered
29503.216.98.236 138 udp netbios-dgm unknown
29513.216.98.236 139 tcp netbios-ssn filtered
29523.216.98.236 139 udp netbios-ssn unknown
29533.216.98.236 161 tcp snmp filtered
29543.216.98.236 161 udp snmp unknown
29553.216.98.236 162 tcp snmptrap filtered
29563.216.98.236 162 udp snmptrap unknown
29573.216.98.236 389 tcp ldap filtered
29583.216.98.236 389 udp ldap unknown
29593.216.98.236 443 tcp ssl/http open Microsoft IIS httpd 10.0
29603.216.98.236 520 tcp efs filtered
29613.216.98.236 520 udp route unknown
29623.216.98.236 2049 tcp nfs filtered
29633.216.98.236 2049 udp nfs unknown
29645.45.67.166 22 tcp ssh open SSH-2.0-OpenSSH_7.4
29655.45.67.166 53 tcp domain closed
29665.45.67.166 53 udp domain closed
29675.45.67.166 67 tcp dhcps closed
29685.45.67.166 67 udp dhcps closed
29695.45.67.166 68 tcp dhcpc closed
29705.45.67.166 68 udp dhcpc closed
29715.45.67.166 69 tcp tftp closed
29725.45.67.166 69 udp tftp closed
29735.45.67.166 88 tcp kerberos-sec closed
29745.45.67.166 88 udp kerberos-sec unknown
29755.45.67.166 123 tcp ntp closed
29765.45.67.166 123 udp ntp unknown
29775.45.67.166 137 tcp netbios-ns filtered
29785.45.67.166 137 udp netbios-ns unknown
29795.45.67.166 138 tcp netbios-dgm filtered
29805.45.67.166 138 udp netbios-dgm unknown
29815.45.67.166 139 tcp netbios-ssn filtered
29825.45.67.166 139 udp netbios-ssn closed
29835.45.67.166 161 tcp snmp closed
29845.45.67.166 161 udp snmp unknown
29855.45.67.166 162 tcp snmptrap closed
29865.45.67.166 162 udp snmptrap unknown
29875.45.67.166 389 tcp ldap closed
29885.45.67.166 389 udp ldap unknown
29895.45.67.166 520 tcp efs closed
29905.45.67.166 520 udp route closed
29915.45.67.166 2049 tcp nfs closed
29925.45.67.166 2049 udp nfs closed
299323.229.234.138 21 tcp ftp open Pure-FTPd
299423.229.234.138 22 tcp ssh open OpenSSH 5.3 protocol 2.0
299523.229.234.138 25 tcp smtp open
299623.229.234.138 53 udp domain unknown
299723.229.234.138 67 udp dhcps unknown
299823.229.234.138 68 udp dhcpc unknown
299923.229.234.138 69 udp tftp unknown
300023.229.234.138 80 tcp http open Apache httpd PHP 5.6.40
300123.229.234.138 88 udp kerberos-sec unknown
300223.229.234.138 110 tcp pop3 open Dovecot pop3d
300323.229.234.138 123 udp ntp unknown
300423.229.234.138 137 udp netbios-ns unknown
300523.229.234.138 138 udp netbios-dgm unknown
300623.229.234.138 139 udp netbios-ssn unknown
300723.229.234.138 143 tcp imap open Dovecot imapd
300823.229.234.138 161 udp snmp unknown
300923.229.234.138 162 udp snmptrap unknown
301023.229.234.138 389 udp ldap unknown
301123.229.234.138 443 tcp ssl/http open Apache httpd PHP 5.6.40
301223.229.234.138 465 tcp ssl/smtp open Exim smtpd 4.92
301323.229.234.138 520 udp route unknown
301423.229.234.138 587 tcp smtp open Exim smtpd 4.92
301523.229.234.138 993 tcp ssl/imaps open
301623.229.234.138 995 tcp ssl/pop3s open
301723.229.234.138 2049 udp nfs unknown
301823.229.234.138 3306 tcp mysql open MySQL 5.6.44-cll-lve
301934.224.171.238 53 tcp domain filtered
302034.224.171.238 53 udp domain unknown
302134.224.171.238 67 tcp dhcps filtered
302234.224.171.238 67 udp dhcps unknown
302334.224.171.238 68 tcp dhcpc filtered
302434.224.171.238 68 udp dhcpc unknown
302534.224.171.238 69 tcp tftp filtered
302634.224.171.238 69 udp tftp unknown
302734.224.171.238 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
302834.224.171.238 88 tcp kerberos-sec filtered
302934.224.171.238 88 udp kerberos-sec unknown
303034.224.171.238 123 tcp ntp filtered
303134.224.171.238 123 udp ntp unknown
303234.224.171.238 137 tcp netbios-ns filtered
303334.224.171.238 137 udp netbios-ns unknown
303434.224.171.238 138 tcp netbios-dgm filtered
303534.224.171.238 138 udp netbios-dgm unknown
303634.224.171.238 139 tcp netbios-ssn filtered
303734.224.171.238 139 udp netbios-ssn unknown
303834.224.171.238 161 tcp snmp filtered
303934.224.171.238 161 udp snmp unknown
304034.224.171.238 162 tcp snmptrap filtered
304134.224.171.238 162 udp snmptrap unknown
304234.224.171.238 389 tcp ldap filtered
304334.224.171.238 389 udp ldap unknown
304434.224.171.238 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
304534.224.171.238 520 tcp efs filtered
304634.224.171.238 520 udp route unknown
304734.224.171.238 2049 tcp nfs filtered
304834.224.171.238 2049 udp nfs unknown
304934.236.0.217 53 tcp domain filtered
305034.236.0.217 53 udp domain unknown
305134.236.0.217 67 tcp dhcps filtered
305234.236.0.217 67 udp dhcps unknown
305334.236.0.217 68 tcp dhcpc filtered
305434.236.0.217 68 udp dhcpc unknown
305534.236.0.217 69 tcp tftp filtered
305634.236.0.217 69 udp tftp unknown
305734.236.0.217 80 tcp http open nginx
305834.236.0.217 88 tcp kerberos-sec filtered
305934.236.0.217 88 udp kerberos-sec unknown
306034.236.0.217 123 tcp ntp filtered
306134.236.0.217 123 udp ntp unknown
306234.236.0.217 137 tcp netbios-ns filtered
306334.236.0.217 137 udp netbios-ns unknown
306434.236.0.217 138 tcp netbios-dgm filtered
306534.236.0.217 138 udp netbios-dgm unknown
306634.236.0.217 139 tcp netbios-ssn filtered
306734.236.0.217 139 udp netbios-ssn unknown
306834.236.0.217 161 tcp snmp filtered
306934.236.0.217 161 udp snmp unknown
307034.236.0.217 162 tcp snmptrap filtered
307134.236.0.217 162 udp snmptrap unknown
307234.236.0.217 389 tcp ldap filtered
307334.236.0.217 389 udp ldap unknown
307434.236.0.217 443 tcp ssl/http open nginx
307534.236.0.217 520 tcp efs filtered
307634.236.0.217 520 udp route unknown
307734.236.0.217 2049 tcp nfs filtered
307834.236.0.217 2049 udp nfs unknown
307934.253.89.155 53 tcp domain closed
308034.253.89.155 53 udp domain unknown
308134.253.89.155 67 tcp dhcps closed
308234.253.89.155 67 udp dhcps unknown
308334.253.89.155 68 tcp dhcpc closed
308434.253.89.155 68 udp dhcpc unknown
308534.253.89.155 69 tcp tftp closed
308634.253.89.155 69 udp tftp unknown
308734.253.89.155 80 tcp http open nginx
308834.253.89.155 88 tcp kerberos-sec closed
308934.253.89.155 88 udp kerberos-sec unknown
309034.253.89.155 123 tcp ntp closed
309134.253.89.155 123 udp ntp unknown
309234.253.89.155 137 tcp netbios-ns closed
309334.253.89.155 137 udp netbios-ns unknown
309434.253.89.155 138 tcp netbios-dgm closed
309534.253.89.155 138 udp netbios-dgm unknown
309634.253.89.155 139 tcp netbios-ssn closed
309734.253.89.155 139 udp netbios-ssn unknown
309834.253.89.155 161 tcp snmp closed
309934.253.89.155 161 udp snmp unknown
310034.253.89.155 162 tcp snmptrap closed
310134.253.89.155 162 udp snmptrap unknown
310234.253.89.155 389 tcp ldap closed
310334.253.89.155 389 udp ldap unknown
310434.253.89.155 443 tcp ssl/http open nginx
310534.253.89.155 520 tcp efs closed
310634.253.89.155 520 udp route unknown
310734.253.89.155 2049 tcp nfs closed
310834.253.89.155 2049 udp nfs unknown
310937.1.207.121 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
311037.1.207.121 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
311137.1.207.121 67 tcp dhcps filtered
311237.1.207.121 67 udp dhcps unknown
311337.1.207.121 68 tcp dhcpc filtered
311437.1.207.121 68 udp dhcpc filtered
311537.1.207.121 69 tcp tftp filtered
311637.1.207.121 69 udp tftp unknown
311737.1.207.121 88 tcp kerberos-sec filtered
311837.1.207.121 88 udp kerberos-sec filtered
311937.1.207.121 123 tcp ntp filtered
312037.1.207.121 123 udp ntp unknown
312137.1.207.121 137 tcp netbios-ns filtered
312237.1.207.121 137 udp netbios-ns unknown
312337.1.207.121 138 tcp netbios-dgm filtered
312437.1.207.121 138 udp netbios-dgm unknown
312537.1.207.121 139 tcp netbios-ssn filtered
312637.1.207.121 139 udp netbios-ssn unknown
312737.1.207.121 161 tcp snmp filtered
312837.1.207.121 161 udp snmp unknown
312937.1.207.121 162 tcp snmptrap filtered
313037.1.207.121 162 udp snmptrap unknown
313137.1.207.121 389 tcp ldap filtered
313237.1.207.121 389 udp ldap unknown
313337.1.207.121 520 tcp efs filtered
313437.1.207.121 520 udp route unknown
313537.1.207.121 2049 tcp nfs filtered
313637.1.207.121 2049 udp nfs filtered
313743.245.223.4 80 tcp http open nginx
313843.245.223.4 443 tcp ssl/http open nginx
313943.245.223.4 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
314045.60.47.218 25 tcp http open Incapsula CDN httpd
314145.60.47.218 53 tcp domain open
314245.60.47.218 53 udp domain open
314345.60.47.218 67 udp dhcps unknown
314445.60.47.218 68 udp dhcpc unknown
314545.60.47.218 69 udp tftp unknown
314645.60.47.218 80 tcp http open Incapsula CDN httpd
314745.60.47.218 81 tcp http open Incapsula CDN httpd
314845.60.47.218 85 tcp http open Incapsula CDN httpd
314945.60.47.218 88 tcp http open Incapsula CDN httpd
315045.60.47.218 88 udp kerberos-sec unknown
315145.60.47.218 123 udp ntp unknown
315245.60.47.218 137 udp netbios-ns unknown
315345.60.47.218 138 udp netbios-dgm unknown
315445.60.47.218 139 udp netbios-ssn unknown
315545.60.47.218 161 udp snmp unknown
315645.60.47.218 162 udp snmptrap unknown
315745.60.47.218 389 tcp ssl/http open Incapsula CDN httpd
315845.60.47.218 389 udp ldap unknown
315945.60.47.218 443 tcp ssl/http open Incapsula CDN httpd
316045.60.47.218 444 tcp ssl/http open Incapsula CDN httpd
316145.60.47.218 445 tcp ssl/http open Incapsula CDN httpd
316245.60.47.218 446 tcp http open Incapsula CDN httpd
316345.60.47.218 520 udp route unknown
316445.60.47.218 587 tcp http open Incapsula CDN httpd
316545.60.47.218 631 tcp http open Incapsula CDN httpd
316645.60.47.218 888 tcp http open Incapsula CDN httpd
316745.60.47.218 995 tcp ssl/http open Incapsula CDN httpd
316845.60.47.218 998 tcp ssl/http open Incapsula CDN httpd
316945.60.47.218 999 tcp http open Incapsula CDN httpd
317045.60.47.218 1000 tcp http open Incapsula CDN httpd
317145.60.47.218 1024 tcp http open Incapsula CDN httpd
317245.60.47.218 1103 tcp http open Incapsula CDN httpd
317345.60.47.218 1234 tcp http open Incapsula CDN httpd
317445.60.47.218 1433 tcp http open Incapsula CDN httpd
317545.60.47.218 1494 tcp http open Incapsula CDN httpd
317645.60.47.218 2000 tcp ssl/http open Incapsula CDN httpd
317745.60.47.218 2001 tcp http open Incapsula CDN httpd
317845.60.47.218 2049 tcp http open Incapsula CDN httpd
317945.60.47.218 2049 udp nfs unknown
318045.60.47.218 2067 tcp http open Incapsula CDN httpd
318145.60.47.218 2100 tcp ssl/http open Incapsula CDN httpd
318245.60.47.218 2222 tcp http open Incapsula CDN httpd
318345.60.47.218 2598 tcp http open Incapsula CDN httpd
318445.60.47.218 3000 tcp http open Incapsula CDN httpd
318545.60.47.218 3050 tcp http open Incapsula CDN httpd
318645.60.47.218 3057 tcp http open Incapsula CDN httpd
318745.60.47.218 3299 tcp http open Incapsula CDN httpd
318845.60.47.218 3306 tcp ssl/http open Incapsula CDN httpd
318945.60.47.218 3333 tcp http open Incapsula CDN httpd
319045.60.47.218 3389 tcp ssl/http open Incapsula CDN httpd
319145.60.47.218 3500 tcp http open Incapsula CDN httpd
319245.60.47.218 3790 tcp http open Incapsula CDN httpd
319345.60.47.218 4000 tcp http open Incapsula CDN httpd
319445.60.47.218 4444 tcp ssl/http open Incapsula CDN httpd
319545.60.47.218 4445 tcp ssl/http open Incapsula CDN httpd
319645.60.47.218 4848 tcp http open Incapsula CDN httpd
319745.60.47.218 5000 tcp http open Incapsula CDN httpd
319845.60.47.218 5009 tcp http open Incapsula CDN httpd
319945.60.47.218 5051 tcp ssl/http open Incapsula CDN httpd
320045.60.47.218 5060 tcp ssl/http open Incapsula CDN httpd
320145.60.47.218 5061 tcp ssl/http open Incapsula CDN httpd
320245.60.47.218 5227 tcp ssl/http open Incapsula CDN httpd
320345.60.47.218 5247 tcp ssl/http open Incapsula CDN httpd
320445.60.47.218 5250 tcp ssl/http open Incapsula CDN httpd
320545.60.47.218 5555 tcp http open Incapsula CDN httpd
320645.60.47.218 5900 tcp http open Incapsula CDN httpd
320745.60.47.218 5901 tcp ssl/http open Incapsula CDN httpd
320845.60.47.218 5902 tcp ssl/http open Incapsula CDN httpd
320945.60.47.218 5903 tcp ssl/http open Incapsula CDN httpd
321045.60.47.218 5904 tcp ssl/http open Incapsula CDN httpd
321145.60.47.218 5905 tcp ssl/http open Incapsula CDN httpd
321245.60.47.218 5906 tcp ssl/http open Incapsula CDN httpd
321345.60.47.218 5907 tcp ssl/http open Incapsula CDN httpd
321445.60.47.218 5908 tcp ssl/http open Incapsula CDN httpd
321545.60.47.218 5909 tcp ssl/http open Incapsula CDN httpd
321645.60.47.218 5910 tcp ssl/http open Incapsula CDN httpd
321745.60.47.218 5920 tcp ssl/http open Incapsula CDN httpd
321845.60.47.218 5984 tcp ssl/http open Incapsula CDN httpd
321945.60.47.218 5985 tcp http open Incapsula CDN httpd
322045.60.47.218 5986 tcp ssl/http open Incapsula CDN httpd
322145.60.47.218 5999 tcp ssl/http open Incapsula CDN httpd
322245.60.47.218 6000 tcp http open Incapsula CDN httpd
322345.60.47.218 6060 tcp http open Incapsula CDN httpd
322445.60.47.218 6161 tcp http open Incapsula CDN httpd
322545.60.47.218 6379 tcp http open Incapsula CDN httpd
322645.60.47.218 6661 tcp ssl/http open Incapsula CDN httpd
322745.60.47.218 6789 tcp http open Incapsula CDN httpd
322845.60.47.218 7000 tcp ssl/http open Incapsula CDN httpd
322945.60.47.218 7001 tcp http open Incapsula CDN httpd
323045.60.47.218 7021 tcp http open Incapsula CDN httpd
323145.60.47.218 7071 tcp ssl/http open Incapsula CDN httpd
323245.60.47.218 7080 tcp http open Incapsula CDN httpd
323345.60.47.218 7272 tcp ssl/http open Incapsula CDN httpd
323445.60.47.218 7443 tcp ssl/http open Incapsula CDN httpd
323545.60.47.218 7700 tcp http open Incapsula CDN httpd
323645.60.47.218 7777 tcp http open Incapsula CDN httpd
323745.60.47.218 7778 tcp http open Incapsula CDN httpd
323845.60.47.218 8000 tcp http open Incapsula CDN httpd
323945.60.47.218 8001 tcp http open Incapsula CDN httpd
324045.60.47.218 8008 tcp http open Incapsula CDN httpd
324145.60.47.218 8014 tcp http open Incapsula CDN httpd
324245.60.47.218 8020 tcp http open Incapsula CDN httpd
324345.60.47.218 8023 tcp http open Incapsula CDN httpd
324445.60.47.218 8028 tcp http open Incapsula CDN httpd
324545.60.47.218 8030 tcp http open Incapsula CDN httpd
324645.60.47.218 8050 tcp http open Incapsula CDN httpd
324745.60.47.218 8051 tcp http open Incapsula CDN httpd
324845.60.47.218 8080 tcp http open Incapsula CDN httpd
324945.60.47.218 8081 tcp http open Incapsula CDN httpd
325045.60.47.218 8082 tcp http open Incapsula CDN httpd
325145.60.47.218 8085 tcp http open Incapsula CDN httpd
325245.60.47.218 8086 tcp http open Incapsula CDN httpd
325345.60.47.218 8087 tcp http open Incapsula CDN httpd
325445.60.47.218 8088 tcp http open Incapsula CDN httpd
325545.60.47.218 8090 tcp http open Incapsula CDN httpd
325645.60.47.218 8091 tcp http open Incapsula CDN httpd
325745.60.47.218 8095 tcp http open Incapsula CDN httpd
325845.60.47.218 8101 tcp http open Incapsula CDN httpd
325945.60.47.218 8161 tcp http open Incapsula CDN httpd
326045.60.47.218 8180 tcp http open Incapsula CDN httpd
326145.60.47.218 8222 tcp http open Incapsula CDN httpd
326245.60.47.218 8333 tcp http open Incapsula CDN httpd
326345.60.47.218 8443 tcp ssl/http open Incapsula CDN httpd
326445.60.47.218 8444 tcp http open Incapsula CDN httpd
326545.60.47.218 8445 tcp http open Incapsula CDN httpd
326645.60.47.218 8503 tcp ssl/http open Incapsula CDN httpd
326745.60.47.218 8686 tcp http open Incapsula CDN httpd
326845.60.47.218 8701 tcp ssl/http open Incapsula CDN httpd
326945.60.47.218 8787 tcp http open Incapsula CDN httpd
327045.60.47.218 8800 tcp http open Incapsula CDN httpd
327145.60.47.218 8812 tcp http open Incapsula CDN httpd
327245.60.47.218 8834 tcp http open Incapsula CDN httpd
327345.60.47.218 8880 tcp http open Incapsula CDN httpd
327445.60.47.218 8888 tcp http open Incapsula CDN httpd
327545.60.47.218 8889 tcp http open Incapsula CDN httpd
327645.60.47.218 8890 tcp http open Incapsula CDN httpd
327745.60.47.218 8899 tcp http open Incapsula CDN httpd
327845.60.47.218 8901 tcp http open Incapsula CDN httpd
327945.60.47.218 8902 tcp http open Incapsula CDN httpd
328045.60.47.218 8999 tcp http open Incapsula CDN httpd
328145.60.47.218 9000 tcp http open Incapsula CDN httpd
328245.60.47.218 9001 tcp http open Incapsula CDN httpd
328345.60.47.218 9002 tcp http open Incapsula CDN httpd
328445.60.47.218 9003 tcp http open Incapsula CDN httpd
328545.60.47.218 9004 tcp http open Incapsula CDN httpd
328645.60.47.218 9005 tcp http open Incapsula CDN httpd
328745.60.47.218 9010 tcp http open Incapsula CDN httpd
328845.60.47.218 9050 tcp http open Incapsula CDN httpd
328945.60.47.218 9080 tcp http open Incapsula CDN httpd
329045.60.47.218 9081 tcp ssl/http open Incapsula CDN httpd
329145.60.47.218 9084 tcp http open Incapsula CDN httpd
329245.60.47.218 9090 tcp http open Incapsula CDN httpd
329345.60.47.218 9099 tcp http open Incapsula CDN httpd
329445.60.47.218 9100 tcp jetdirect open
329545.60.47.218 9111 tcp http open Incapsula CDN httpd
329645.60.47.218 9200 tcp http open Incapsula CDN httpd
329745.60.47.218 9300 tcp http open Incapsula CDN httpd
329845.60.47.218 9500 tcp http open Incapsula CDN httpd
329945.60.47.218 9711 tcp ssl/http open Incapsula CDN httpd
330045.60.47.218 9991 tcp http open Incapsula CDN httpd
330145.60.47.218 9999 tcp http open Incapsula CDN httpd
330245.60.47.218 10000 tcp http open Incapsula CDN httpd
330345.60.47.218 10001 tcp http open Incapsula CDN httpd
330445.60.47.218 10008 tcp http open Incapsula CDN httpd
330545.60.47.218 10443 tcp ssl/http open Incapsula CDN httpd
330645.60.47.218 11001 tcp ssl/http open Incapsula CDN httpd
330745.60.47.218 12174 tcp http open Incapsula CDN httpd
330845.60.47.218 12203 tcp http open Incapsula CDN httpd
330945.60.47.218 12221 tcp http open Incapsula CDN httpd
331045.60.47.218 12345 tcp http open Incapsula CDN httpd
331145.60.47.218 12397 tcp http open Incapsula CDN httpd
331245.60.47.218 12401 tcp http open Incapsula CDN httpd
331345.60.47.218 14330 tcp http open Incapsula CDN httpd
331445.60.47.218 16000 tcp http open Incapsula CDN httpd
331545.60.47.218 20000 tcp http open Incapsula CDN httpd
331645.60.47.218 20010 tcp ssl/http open Incapsula CDN httpd
331745.60.47.218 25000 tcp ssl/http open Incapsula CDN httpd
331845.60.47.218 30000 tcp http open Incapsula CDN httpd
331945.60.47.218 44334 tcp ssl/http open Incapsula CDN httpd
332045.60.47.218 50000 tcp http open Incapsula CDN httpd
332145.60.47.218 50001 tcp ssl/http open Incapsula CDN httpd
332245.60.47.218 50050 tcp ssl/http open Incapsula CDN httpd
332345.88.202.111 22 tcp ssh open OpenSSH 7.9p1 Debian 10+deb10u1 protocol 2.0
332445.88.202.111 53 tcp domain open PowerDNS Authoritative Server 4.2.0-rc3
332545.88.202.111 53 udp domain open PowerDNS Authoritative Server 4.2.0-rc3
332645.88.202.111 67 tcp dhcps closed
332745.88.202.111 67 udp dhcps unknown
332845.88.202.111 68 tcp dhcpc closed
332945.88.202.111 68 udp dhcpc unknown
333045.88.202.111 69 tcp tftp closed
333145.88.202.111 69 udp tftp closed
333245.88.202.111 80 tcp http open nginx
333345.88.202.111 88 tcp kerberos-sec closed
333445.88.202.111 88 udp kerberos-sec unknown
333545.88.202.111 123 tcp ntp closed
333645.88.202.111 123 udp ntp closed
333745.88.202.111 137 tcp netbios-ns closed
333845.88.202.111 137 udp netbios-ns filtered
333945.88.202.111 138 tcp netbios-dgm closed
334045.88.202.111 138 udp netbios-dgm filtered
334145.88.202.111 139 tcp netbios-ssn closed
334245.88.202.111 139 udp netbios-ssn closed
334345.88.202.111 161 tcp snmp closed
334445.88.202.111 161 udp snmp closed
334545.88.202.111 162 tcp snmptrap closed
334645.88.202.111 162 udp snmptrap closed
334745.88.202.111 179 tcp bgp filtered
334845.88.202.111 389 tcp ldap closed
334945.88.202.111 389 udp ldap unknown
335045.88.202.111 443 tcp ssl/http open nginx
335145.88.202.111 520 tcp efs closed
335245.88.202.111 520 udp route unknown
335345.88.202.111 2049 tcp nfs closed
335445.88.202.111 2049 udp nfs closed
335545.88.202.111 10050 tcp tcpwrapped open
335645.239.108.252 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
335745.239.108.252 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
335845.239.108.252 67 tcp dhcps filtered
335945.239.108.252 67 udp dhcps unknown
336045.239.108.252 68 tcp dhcpc filtered
336145.239.108.252 68 udp dhcpc unknown
336245.239.108.252 69 tcp tftp filtered
336345.239.108.252 69 udp tftp unknown
336445.239.108.252 88 tcp kerberos-sec filtered
336545.239.108.252 88 udp kerberos-sec unknown
336645.239.108.252 123 tcp ntp filtered
336745.239.108.252 123 udp ntp unknown
336845.239.108.252 137 tcp netbios-ns filtered
336945.239.108.252 137 udp netbios-ns unknown
337045.239.108.252 138 tcp netbios-dgm filtered
337145.239.108.252 138 udp netbios-dgm unknown
337245.239.108.252 139 tcp netbios-ssn filtered
337345.239.108.252 139 udp netbios-ssn unknown
337445.239.108.252 161 tcp snmp filtered
337545.239.108.252 161 udp snmp unknown
337645.239.108.252 162 tcp snmptrap filtered
337745.239.108.252 162 udp snmptrap unknown
337845.239.108.252 389 tcp ldap filtered
337945.239.108.252 389 udp ldap unknown
338045.239.108.252 520 tcp efs filtered
338145.239.108.252 520 udp route unknown
338245.239.108.252 2049 tcp nfs filtered
338345.239.108.252 2049 udp nfs unknown
338452.1.2.24 53 tcp domain filtered
338552.1.2.24 53 udp domain unknown
338652.1.2.24 67 tcp dhcps filtered
338752.1.2.24 67 udp dhcps unknown
338852.1.2.24 68 tcp dhcpc filtered
338952.1.2.24 68 udp dhcpc unknown
339052.1.2.24 69 tcp tftp filtered
339152.1.2.24 69 udp tftp unknown
339252.1.2.24 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
339352.1.2.24 88 tcp kerberos-sec filtered
339452.1.2.24 88 udp kerberos-sec unknown
339552.1.2.24 123 tcp ntp filtered
339652.1.2.24 123 udp ntp unknown
339752.1.2.24 137 tcp netbios-ns filtered
339852.1.2.24 137 udp netbios-ns unknown
339952.1.2.24 138 tcp netbios-dgm filtered
340052.1.2.24 138 udp netbios-dgm unknown
340152.1.2.24 139 tcp netbios-ssn filtered
340252.1.2.24 139 udp netbios-ssn unknown
340352.1.2.24 161 tcp snmp filtered
340452.1.2.24 161 udp snmp unknown
340552.1.2.24 162 tcp snmptrap filtered
340652.1.2.24 162 udp snmptrap unknown
340752.1.2.24 389 tcp ldap filtered
340852.1.2.24 389 udp ldap unknown
340952.1.2.24 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
341052.1.2.24 520 tcp efs filtered
341152.1.2.24 520 udp route unknown
341252.1.2.24 2049 tcp nfs filtered
341352.1.2.24 2049 udp nfs unknown
341452.1.174.10 53 tcp domain filtered
341552.1.174.10 53 udp domain unknown
341652.1.174.10 67 tcp dhcps filtered
341752.1.174.10 67 udp dhcps unknown
341852.1.174.10 68 tcp dhcpc filtered
341952.1.174.10 68 udp dhcpc unknown
342052.1.174.10 69 tcp tftp filtered
342152.1.174.10 69 udp tftp unknown
342252.1.174.10 80 tcp http open nginx
342352.1.174.10 88 tcp kerberos-sec filtered
342452.1.174.10 88 udp kerberos-sec unknown
342552.1.174.10 123 tcp ntp filtered
342652.1.174.10 123 udp ntp unknown
342752.1.174.10 137 tcp netbios-ns filtered
342852.1.174.10 137 udp netbios-ns unknown
342952.1.174.10 138 tcp netbios-dgm filtered
343052.1.174.10 138 udp netbios-dgm unknown
343152.1.174.10 139 tcp netbios-ssn filtered
343252.1.174.10 139 udp netbios-ssn unknown
343352.1.174.10 161 tcp snmp filtered
343452.1.174.10 161 udp snmp unknown
343552.1.174.10 162 tcp snmptrap filtered
343652.1.174.10 162 udp snmptrap unknown
343752.1.174.10 389 tcp ldap filtered
343852.1.174.10 389 udp ldap unknown
343952.1.174.10 443 tcp ssl/http open nginx
344052.1.174.10 520 tcp efs filtered
344152.1.174.10 520 udp route unknown
344252.1.174.10 2049 tcp nfs filtered
344352.1.174.10 2049 udp nfs unknown
344452.30.54.73 53 tcp domain closed
344552.30.54.73 53 udp domain unknown
344652.30.54.73 67 tcp dhcps closed
344752.30.54.73 67 udp dhcps unknown
344852.30.54.73 68 tcp dhcpc closed
344952.30.54.73 68 udp dhcpc unknown
345052.30.54.73 69 tcp tftp closed
345152.30.54.73 69 udp tftp unknown
345252.30.54.73 80 tcp http open nginx
345352.30.54.73 88 tcp kerberos-sec closed
345452.30.54.73 88 udp kerberos-sec unknown
345552.30.54.73 123 tcp ntp closed
345652.30.54.73 123 udp ntp unknown
345752.30.54.73 137 tcp netbios-ns closed
345852.30.54.73 137 udp netbios-ns unknown
345952.30.54.73 138 tcp netbios-dgm closed
346052.30.54.73 138 udp netbios-dgm unknown
346152.30.54.73 139 tcp netbios-ssn closed
346252.30.54.73 139 udp netbios-ssn unknown
346352.30.54.73 161 tcp snmp closed
346452.30.54.73 161 udp snmp unknown
346552.30.54.73 162 tcp snmptrap closed
346652.30.54.73 162 udp snmptrap unknown
346752.30.54.73 389 tcp ldap closed
346852.30.54.73 389 udp ldap unknown
346952.30.54.73 443 tcp ssl/http open nginx
347052.30.54.73 520 tcp efs closed
347152.30.54.73 520 udp route unknown
347252.30.54.73 2049 tcp nfs closed
347352.30.54.73 2049 udp nfs unknown
347452.52.234.222 53 tcp domain filtered
347552.52.234.222 53 udp domain unknown
347652.52.234.222 67 tcp dhcps filtered
347752.52.234.222 67 udp dhcps unknown
347852.52.234.222 68 tcp dhcpc filtered
347952.52.234.222 68 udp dhcpc unknown
348052.52.234.222 69 tcp tftp filtered
348152.52.234.222 69 udp tftp unknown
348252.52.234.222 88 tcp kerberos-sec filtered
348352.52.234.222 88 udp kerberos-sec unknown
348452.52.234.222 123 tcp ntp filtered
348552.52.234.222 123 udp ntp unknown
348652.52.234.222 137 tcp netbios-ns filtered
348752.52.234.222 137 udp netbios-ns unknown
348852.52.234.222 138 tcp netbios-dgm filtered
348952.52.234.222 138 udp netbios-dgm unknown
349052.52.234.222 139 tcp netbios-ssn filtered
349152.52.234.222 139 udp netbios-ssn unknown
349252.52.234.222 161 tcp snmp filtered
349352.52.234.222 161 udp snmp unknown
349452.52.234.222 162 tcp snmptrap filtered
349552.52.234.222 162 udp snmptrap unknown
349652.52.234.222 389 tcp ldap filtered
349752.52.234.222 389 udp ldap unknown
349852.52.234.222 520 tcp efs filtered
349952.52.234.222 520 udp route unknown
350052.52.234.222 2049 tcp nfs filtered
350152.52.234.222 2049 udp nfs unknown
350252.138.144.162 53 tcp domain filtered
350352.138.144.162 53 udp domain unknown
350452.138.144.162 67 tcp dhcps filtered
350552.138.144.162 67 udp dhcps unknown
350652.138.144.162 68 tcp dhcpc filtered
350752.138.144.162 68 udp dhcpc unknown
350852.138.144.162 69 tcp tftp filtered
350952.138.144.162 69 udp tftp unknown
351052.138.144.162 80 tcp http open Microsoft IIS httpd 7.5
351152.138.144.162 88 tcp kerberos-sec filtered
351252.138.144.162 88 udp kerberos-sec unknown
351352.138.144.162 123 tcp ntp filtered
351452.138.144.162 123 udp ntp unknown
351552.138.144.162 137 tcp netbios-ns filtered
351652.138.144.162 137 udp netbios-ns unknown
351752.138.144.162 138 tcp netbios-dgm filtered
351852.138.144.162 138 udp netbios-dgm unknown
351952.138.144.162 139 tcp netbios-ssn filtered
352052.138.144.162 139 udp netbios-ssn unknown
352152.138.144.162 161 tcp snmp filtered
352252.138.144.162 161 udp snmp unknown
352352.138.144.162 162 tcp snmptrap filtered
352452.138.144.162 162 udp snmptrap unknown
352552.138.144.162 389 tcp ldap filtered
352652.138.144.162 389 udp ldap unknown
352752.138.144.162 443 tcp ssl/http open Microsoft IIS httpd 7.5
352852.138.144.162 520 tcp efs filtered
352952.138.144.162 520 udp route unknown
353052.138.144.162 2049 tcp nfs filtered
353152.138.144.162 2049 udp nfs unknown
353252.138.144.162 3911 tcp http open Microsoft IIS httpd 7.5
353352.138.144.162 3912 tcp ssl/http open Microsoft IIS httpd 7.5
353452.138.144.162 7777 tcp http open Microsoft IIS httpd 7.5
353552.138.144.162 8080 tcp ssl/http open Microsoft IIS httpd 10.0
353652.138.144.162 8089 tcp ssl/http open Microsoft IIS httpd 7.5
353752.138.144.162 8888 tcp http open Microsoft IIS httpd 7.5
353852.138.144.162 9090 tcp http open Microsoft IIS httpd 7.5
353952.138.144.162 9191 tcp http open Microsoft IIS httpd 7.5
354052.138.144.162 9999 tcp http open Microsoft IIS httpd 7.5
354152.138.144.162 65503 tcp http open Microsoft HTTPAPI httpd 2.0 SSDP/UPnP
354252.138.144.162 65504 tcp http open Microsoft HTTPAPI httpd 2.0 SSDP/UPnP
354354.36.158.42 22 tcp ssh open OpenSSH 7.4 protocol 2.0
354454.36.158.42 53 udp domain unknown
354554.36.158.42 67 udp dhcps unknown
354654.36.158.42 68 udp dhcpc unknown
354754.36.158.42 80 tcp http-proxy open HAProxy http proxy 1.3.1 or later
354854.36.158.42 137 udp netbios-ns unknown
354954.36.158.42 139 udp netbios-ssn unknown
355054.36.158.42 443 tcp ssl/http-proxy open HAProxy http proxy 1.3.1 or later
355154.36.158.42 2049 udp nfs unknown
355254.36.158.42 5000 tcp http open Apache httpd
355354.36.158.42 8088 tcp radan-http open
355454.36.158.42 22222 tcp ssh open OpenSSH 7.4 protocol 2.0
355554.72.57.25 53 tcp domain closed
355654.72.57.25 53 udp domain unknown
355754.72.57.25 67 tcp dhcps closed
355854.72.57.25 67 udp dhcps unknown
355954.72.57.25 68 tcp dhcpc closed
356054.72.57.25 68 udp dhcpc unknown
356154.72.57.25 69 tcp tftp closed
356254.72.57.25 69 udp tftp unknown
356354.72.57.25 80 tcp http open nginx
356454.72.57.25 88 tcp kerberos-sec closed
356554.72.57.25 88 udp kerberos-sec unknown
356654.72.57.25 123 tcp ntp closed
356754.72.57.25 123 udp ntp unknown
356854.72.57.25 137 tcp netbios-ns closed
356954.72.57.25 137 udp netbios-ns unknown
357054.72.57.25 138 tcp netbios-dgm closed
357154.72.57.25 138 udp netbios-dgm unknown
357254.72.57.25 139 tcp netbios-ssn closed
357354.72.57.25 139 udp netbios-ssn unknown
357454.72.57.25 161 tcp snmp closed
357554.72.57.25 161 udp snmp unknown
357654.72.57.25 162 tcp snmptrap closed
357754.72.57.25 162 udp snmptrap unknown
357854.72.57.25 389 tcp ldap closed
357954.72.57.25 389 udp ldap unknown
358054.72.57.25 443 tcp ssl/http open nginx
358154.72.57.25 520 tcp efs closed
358254.72.57.25 520 udp route unknown
358354.72.57.25 2049 tcp nfs closed
358454.72.57.25 2049 udp nfs unknown
358554.85.59.109 53 tcp domain filtered
358654.85.59.109 53 udp domain unknown
358754.85.59.109 67 tcp dhcps filtered
358854.85.59.109 67 udp dhcps unknown
358954.85.59.109 68 tcp dhcpc filtered
359054.85.59.109 68 udp dhcpc unknown
359154.85.59.109 69 tcp tftp filtered
359254.85.59.109 69 udp tftp unknown
359354.85.59.109 80 tcp http open nginx
359454.85.59.109 88 tcp kerberos-sec filtered
359554.85.59.109 88 udp kerberos-sec unknown
359654.85.59.109 123 tcp ntp filtered
359754.85.59.109 123 udp ntp unknown
359854.85.59.109 137 tcp netbios-ns filtered
359954.85.59.109 137 udp netbios-ns unknown
360054.85.59.109 138 tcp netbios-dgm filtered
360154.85.59.109 138 udp netbios-dgm unknown
360254.85.59.109 139 tcp netbios-ssn filtered
360354.85.59.109 139 udp netbios-ssn unknown
360454.85.59.109 161 tcp snmp filtered
360554.85.59.109 161 udp snmp unknown
360654.85.59.109 162 tcp snmptrap filtered
360754.85.59.109 162 udp snmptrap unknown
360854.85.59.109 389 tcp ldap filtered
360954.85.59.109 389 udp ldap unknown
361054.85.59.109 443 tcp ssl/http open nginx
361154.85.59.109 520 tcp efs filtered
361254.85.59.109 520 udp route unknown
361354.85.59.109 2049 tcp nfs filtered
361454.85.59.109 2049 udp nfs unknown
361554.194.134.190 53 tcp domain closed
361654.194.134.190 53 udp domain unknown
361754.194.134.190 67 tcp dhcps closed
361854.194.134.190 67 udp dhcps unknown
361954.194.134.190 68 tcp dhcpc closed
362054.194.134.190 68 udp dhcpc unknown
362154.194.134.190 69 tcp tftp closed
362254.194.134.190 69 udp tftp unknown
362354.194.134.190 80 tcp http open nginx
362454.194.134.190 88 tcp kerberos-sec closed
362554.194.134.190 88 udp kerberos-sec unknown
362654.194.134.190 123 tcp ntp closed
362754.194.134.190 123 udp ntp unknown
362854.194.134.190 137 tcp netbios-ns closed
362954.194.134.190 137 udp netbios-ns unknown
363054.194.134.190 138 tcp netbios-dgm closed
363154.194.134.190 138 udp netbios-dgm unknown
363254.194.134.190 139 tcp netbios-ssn closed
363354.194.134.190 139 udp netbios-ssn unknown
363454.194.134.190 161 tcp snmp closed
363554.194.134.190 161 udp snmp unknown
363654.194.134.190 162 tcp snmptrap closed
363754.194.134.190 162 udp snmptrap unknown
363854.194.134.190 389 tcp ldap closed
363954.194.134.190 389 udp ldap unknown
364054.194.134.190 443 tcp ssl/http open nginx
364154.194.134.190 520 tcp efs closed
364254.194.134.190 520 udp route unknown
364354.194.134.190 2049 tcp nfs closed
364454.194.134.190 2049 udp nfs unknown
364564.69.94.253 53 tcp domain filtered
364664.69.94.253 53 udp domain unknown
364764.69.94.253 67 tcp dhcps filtered
364864.69.94.253 67 udp dhcps unknown
364964.69.94.253 68 tcp dhcpc filtered
365064.69.94.253 68 udp dhcpc unknown
365164.69.94.253 69 tcp tftp filtered
365264.69.94.253 69 udp tftp unknown
365364.69.94.253 88 tcp kerberos-sec filtered
365464.69.94.253 88 udp kerberos-sec unknown
365564.69.94.253 123 tcp ntp filtered
365664.69.94.253 123 udp ntp unknown
365764.69.94.253 137 tcp netbios-ns filtered
365864.69.94.253 137 udp netbios-ns unknown
365964.69.94.253 138 tcp netbios-dgm filtered
366064.69.94.253 138 udp netbios-dgm unknown
366164.69.94.253 139 tcp netbios-ssn filtered
366264.69.94.253 139 udp netbios-ssn unknown
366364.69.94.253 161 tcp snmp filtered
366464.69.94.253 161 udp snmp unknown
366564.69.94.253 162 tcp snmptrap filtered
366664.69.94.253 162 udp snmptrap unknown
366764.69.94.253 389 tcp ldap filtered
366864.69.94.253 389 udp ldap unknown
366964.69.94.253 520 tcp efs filtered
367064.69.94.253 520 udp route unknown
367164.69.94.253 2049 tcp nfs filtered
367264.69.94.253 2049 udp nfs unknown
367367.205.1.246 21 tcp ftp open ProFTPD
367467.205.1.246 22 tcp ssh open OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 Ubuntu Linux; protocol 2.0
367567.205.1.246 25 tcp smtp open Postfix smtpd
367667.205.1.246 53 tcp domain closed
367767.205.1.246 53 udp domain closed
367867.205.1.246 67 tcp dhcps closed
367967.205.1.246 67 udp dhcps closed
368067.205.1.246 68 tcp dhcpc closed
368167.205.1.246 68 udp dhcpc closed
368267.205.1.246 69 tcp tftp closed
368367.205.1.246 69 udp tftp unknown
368467.205.1.246 80 tcp http open Apache httpd
368567.205.1.246 88 tcp kerberos-sec closed
368667.205.1.246 88 udp kerberos-sec unknown
368767.205.1.246 111 tcp rpcbind filtered
368867.205.1.246 123 tcp ntp closed
368967.205.1.246 123 udp ntp unknown
369067.205.1.246 137 tcp netbios-ns closed
369167.205.1.246 137 udp netbios-ns closed
369267.205.1.246 138 tcp netbios-dgm closed
369367.205.1.246 138 udp netbios-dgm unknown
369467.205.1.246 139 tcp netbios-ssn closed
369567.205.1.246 139 udp netbios-ssn closed
369667.205.1.246 161 tcp snmp closed
369767.205.1.246 161 udp snmp unknown
369867.205.1.246 162 tcp snmptrap closed
369967.205.1.246 162 udp snmptrap unknown
370067.205.1.246 389 tcp ldap closed
370167.205.1.246 389 udp ldap unknown
370267.205.1.246 443 tcp ssl/http open Apache httpd
370367.205.1.246 520 tcp efs closed
370467.205.1.246 520 udp route unknown
370567.205.1.246 587 tcp smtp open Postfix smtpd
370667.205.1.246 1030 tcp iad1 filtered
370767.205.1.246 2049 tcp nfs closed
370867.205.1.246 2049 udp nfs unknown
370967.205.1.246 5666 tcp nrpe filtered
371067.205.1.246 8901 tcp jmb-cds2 filtered
371167.205.1.246 8902 tcp filtered
371269.163.233.4 21 tcp ftp open 220 DreamHost FTP Server\x0d\x0a
371369.163.233.4 22 tcp ssh open SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
371469.163.233.4 25 tcp open
371569.163.233.4 53 tcp domain closed
371669.163.233.4 53 udp domain unknown
371769.163.233.4 67 tcp dhcps closed
371869.163.233.4 67 udp dhcps closed
371969.163.233.4 68 tcp dhcpc closed
372069.163.233.4 68 udp dhcpc unknown
372169.163.233.4 69 tcp tftp closed
372269.163.233.4 69 udp tftp closed
372369.163.233.4 88 tcp kerberos-sec closed
372469.163.233.4 88 udp kerberos-sec unknown
372569.163.233.4 123 tcp ntp closed
372669.163.233.4 123 udp ntp unknown
372769.163.233.4 137 tcp netbios-ns closed
372869.163.233.4 137 udp netbios-ns closed
372969.163.233.4 138 tcp netbios-dgm closed
373069.163.233.4 138 udp netbios-dgm closed
373169.163.233.4 139 tcp netbios-ssn closed
373269.163.233.4 139 udp netbios-ssn unknown
373369.163.233.4 161 tcp snmp closed
373469.163.233.4 161 udp snmp closed
373569.163.233.4 162 tcp snmptrap closed
373669.163.233.4 162 udp snmptrap closed
373769.163.233.4 389 tcp ldap closed
373869.163.233.4 389 udp ldap unknown
373969.163.233.4 520 tcp efs closed
374069.163.233.4 520 udp route closed
374169.163.233.4 2049 tcp nfs closed
374269.163.233.4 2049 udp nfs unknown
374374.117.180.192 21 tcp ftp filtered 220 Hello.\x0d\x0a
374474.117.180.192 22 tcp ssh filtered
374574.117.180.192 25 tcp smtp filtered
374674.117.180.192 53 tcp domain closed
374774.117.180.192 53 udp domain unknown
374874.117.180.192 67 tcp dhcps closed
374974.117.180.192 67 udp dhcps unknown
375074.117.180.192 68 tcp dhcpc closed
375174.117.180.192 68 udp dhcpc closed
375274.117.180.192 69 tcp tftp closed
375374.117.180.192 69 udp tftp closed
375474.117.180.192 80 tcp http filtered
375574.117.180.192 88 tcp kerberos-sec closed
375674.117.180.192 88 udp kerberos-sec closed
375774.117.180.192 110 tcp pop3 filtered
375874.117.180.192 111 tcp rpcbind filtered
375974.117.180.192 123 tcp ntp closed
376074.117.180.192 123 udp ntp unknown
376174.117.180.192 137 tcp netbios-ns closed
376274.117.180.192 137 udp netbios-ns closed
376374.117.180.192 138 tcp netbios-dgm closed
376474.117.180.192 138 udp netbios-dgm unknown
376574.117.180.192 139 tcp netbios-ssn closed
376674.117.180.192 139 udp netbios-ssn unknown
376774.117.180.192 143 tcp imap filtered
376874.117.180.192 161 tcp snmp closed
376974.117.180.192 161 udp snmp closed
377074.117.180.192 162 tcp snmptrap closed
377174.117.180.192 162 udp snmptrap unknown
377274.117.180.192 323 tcp rpki-rtr filtered
377374.117.180.192 389 tcp ldap closed
377474.117.180.192 389 udp ldap closed
377574.117.180.192 443 tcp https filtered
377674.117.180.192 465 tcp ssl/smtp open Exim smtpd 4.92.3
377774.117.180.192 520 tcp efs closed
377874.117.180.192 520 udp route unknown
377974.117.180.192 587 tcp submission filtered
378074.117.180.192 873 tcp rsync filtered
378174.117.180.192 993 tcp imaps filtered
378274.117.180.192 995 tcp pop3s filtered
378374.117.180.192 2049 tcp nfs closed
378474.117.180.192 2049 udp nfs closed
378574.117.180.192 2525 tcp smtp open Exim smtpd
378674.117.180.192 3306 tcp mysql filtered
378774.117.180.192 4949 tcp tcpwrapped open
378874.117.180.192 5666 tcp tcpwrapped open
378974.117.180.192 6380 tcp filtered
379074.117.180.192 9306 tcp sphinx-search open Sphinx Search daemon 2.1.5-id64-release
379174.117.180.192 11211 tcp memcache filtered
379282.94.222.131 53 udp domain unknown
379382.94.222.131 67 udp dhcps unknown
379482.94.222.131 68 udp dhcpc unknown
379582.94.222.131 69 udp tftp unknown
379682.94.222.131 88 udp kerberos-sec unknown
379782.94.222.131 123 udp ntp unknown
379882.94.222.131 137 udp netbios-ns unknown
379982.94.222.131 138 udp netbios-dgm unknown
380082.94.222.131 139 udp netbios-ssn unknown
380182.94.222.131 161 udp snmp unknown
380282.94.222.131 162 udp snmptrap unknown
380382.94.222.131 389 udp ldap unknown
380482.94.222.131 520 udp route unknown
380582.94.222.131 2049 udp nfs unknown
380692.123.250.35 53 tcp domain closed
380792.123.250.35 53 udp domain closed
380892.123.250.35 67 tcp dhcps filtered
380992.123.250.35 67 udp dhcps unknown
381092.123.250.35 68 tcp dhcpc filtered
381192.123.250.35 68 udp dhcpc unknown
381292.123.250.35 69 tcp tftp filtered
381392.123.250.35 69 udp tftp unknown
381492.123.250.35 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
381592.123.250.35 88 tcp kerberos-sec filtered
381692.123.250.35 88 udp kerberos-sec unknown
381792.123.250.35 123 tcp ntp filtered
381892.123.250.35 123 udp ntp unknown
381992.123.250.35 137 tcp netbios-ns filtered
382092.123.250.35 137 udp netbios-ns unknown
382192.123.250.35 138 tcp netbios-dgm filtered
382292.123.250.35 138 udp netbios-dgm unknown
382392.123.250.35 139 tcp netbios-ssn filtered
382492.123.250.35 139 udp netbios-ssn unknown
382592.123.250.35 161 tcp snmp filtered
382692.123.250.35 161 udp snmp unknown
382792.123.250.35 162 tcp snmptrap filtered
382892.123.250.35 162 udp snmptrap unknown
382992.123.250.35 389 tcp ldap filtered
383092.123.250.35 389 udp ldap unknown
383192.123.250.35 443 tcp ssl/https open
383292.123.250.35 520 tcp efs filtered
383392.123.250.35 520 udp route unknown
383492.123.250.35 2049 tcp nfs filtered
383592.123.250.35 2049 udp nfs unknown
383692.123.250.35 8883 tcp secure-mqtt open
383792.123.250.65 53 tcp domain filtered
383892.123.250.65 53 udp domain unknown
383992.123.250.65 67 tcp dhcps filtered
384092.123.250.65 67 udp dhcps unknown
384192.123.250.65 68 tcp dhcpc filtered
384292.123.250.65 68 udp dhcpc unknown
384392.123.250.65 69 tcp tftp filtered
384492.123.250.65 69 udp tftp unknown
384592.123.250.65 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
384692.123.250.65 88 tcp kerberos-sec filtered
384792.123.250.65 88 udp kerberos-sec unknown
384892.123.250.65 123 tcp ntp filtered
384992.123.250.65 123 udp ntp unknown
385092.123.250.65 137 tcp netbios-ns filtered
385192.123.250.65 137 udp netbios-ns unknown
385292.123.250.65 138 tcp netbios-dgm filtered
385392.123.250.65 138 udp netbios-dgm unknown
385492.123.250.65 139 tcp netbios-ssn filtered
385592.123.250.65 139 udp netbios-ssn unknown
385692.123.250.65 161 tcp snmp filtered
385792.123.250.65 161 udp snmp unknown
385892.123.250.65 162 tcp snmptrap filtered
385992.123.250.65 162 udp snmptrap unknown
386092.123.250.65 389 tcp ldap filtered
386192.123.250.65 389 udp ldap unknown
386292.123.250.65 443 tcp ssl/https open
386392.123.250.65 520 tcp efs filtered
386492.123.250.65 520 udp route unknown
386592.123.250.65 2049 tcp nfs filtered
386692.123.250.65 2049 udp nfs unknown
386792.123.250.65 8883 tcp secure-mqtt open
386894.102.51.111 22 tcp ssh open
386994.102.51.111 25 tcp smtp open Exim smtpd 4.89
387094.102.51.111 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
387194.102.51.111 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
387294.102.51.111 67 tcp dhcps filtered
387394.102.51.111 67 udp dhcps unknown
387494.102.51.111 68 tcp dhcpc filtered
387594.102.51.111 68 udp dhcpc unknown
387694.102.51.111 69 tcp tftp filtered
387794.102.51.111 69 udp tftp unknown
387894.102.51.111 80 tcp http open nginx
387994.102.51.111 88 tcp kerberos-sec filtered
388094.102.51.111 88 udp kerberos-sec unknown
388194.102.51.111 110 tcp pop3 open Dovecot pop3d
388294.102.51.111 123 tcp ntp filtered
388394.102.51.111 123 udp ntp unknown
388494.102.51.111 137 tcp netbios-ns filtered
388594.102.51.111 137 udp netbios-ns unknown
388694.102.51.111 138 tcp netbios-dgm filtered
388794.102.51.111 138 udp netbios-dgm unknown
388894.102.51.111 139 tcp netbios-ssn filtered
388994.102.51.111 139 udp netbios-ssn unknown
389094.102.51.111 143 tcp imap open Dovecot imapd
389194.102.51.111 161 tcp snmp filtered
389294.102.51.111 161 udp snmp unknown
389394.102.51.111 162 tcp snmptrap filtered
389494.102.51.111 162 udp snmptrap unknown
389594.102.51.111 389 tcp ldap filtered
389694.102.51.111 389 udp ldap unknown
389794.102.51.111 465 tcp ssl/smtp open Exim smtpd 4.89
389894.102.51.111 520 tcp efs filtered
389994.102.51.111 520 udp route unknown
390094.102.51.111 993 tcp ssl/imaps open
390194.102.51.111 995 tcp ssl/pop3s open
390294.102.51.111 2049 tcp nfs filtered
390394.102.51.111 2049 udp nfs unknown
390494.102.51.112 22 tcp ssh open
390594.102.51.112 25 tcp smtp open Exim smtpd 4.89
390694.102.51.112 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
390794.102.51.112 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
390894.102.51.112 67 tcp dhcps filtered
390994.102.51.112 67 udp dhcps unknown
391094.102.51.112 68 tcp dhcpc filtered
391194.102.51.112 68 udp dhcpc unknown
391294.102.51.112 69 tcp tftp filtered
391394.102.51.112 69 udp tftp unknown
391494.102.51.112 80 tcp http open nginx
391594.102.51.112 88 tcp kerberos-sec filtered
391694.102.51.112 88 udp kerberos-sec unknown
391794.102.51.112 110 tcp pop3 open Dovecot pop3d
391894.102.51.112 123 tcp ntp filtered
391994.102.51.112 123 udp ntp unknown
392094.102.51.112 137 tcp netbios-ns filtered
392194.102.51.112 137 udp netbios-ns unknown
392294.102.51.112 138 tcp netbios-dgm filtered
392394.102.51.112 138 udp netbios-dgm unknown
392494.102.51.112 139 tcp netbios-ssn filtered
392594.102.51.112 139 udp netbios-ssn unknown
392694.102.51.112 143 tcp imap open Dovecot imapd
392794.102.51.112 161 tcp snmp filtered
392894.102.51.112 161 udp snmp unknown
392994.102.51.112 162 tcp snmptrap filtered
393094.102.51.112 162 udp snmptrap unknown
393194.102.51.112 389 tcp ldap filtered
393294.102.51.112 389 udp ldap unknown
393394.102.51.112 465 tcp ssl/smtp open Exim smtpd 4.89
393494.102.51.112 520 tcp efs filtered
393594.102.51.112 520 udp route unknown
393694.102.51.112 993 tcp ssl/imaps open
393794.102.51.112 995 tcp ssl/pop3s open
393894.102.51.112 2049 tcp nfs filtered
393994.102.51.112 2049 udp nfs unknown
3940104.244.73.40 53 udp domain unknown
3941104.244.73.40 67 udp dhcps unknown
3942104.244.73.40 68 udp dhcpc unknown
3943104.244.73.40 69 udp tftp unknown
3944104.244.73.40 88 udp kerberos-sec unknown
3945104.244.73.40 123 udp ntp unknown
3946104.244.73.40 137 udp netbios-ns unknown
3947104.244.73.40 138 udp netbios-dgm unknown
3948104.244.73.40 139 udp netbios-ssn unknown
3949104.244.73.40 161 udp snmp unknown
3950104.244.73.40 162 udp snmptrap unknown
3951104.244.73.40 389 udp ldap unknown
3952104.244.73.40 520 udp route unknown
3953104.244.73.40 2049 udp nfs unknown
3954104.244.76.231 53 tcp domain filtered
3955104.244.76.231 53 udp domain unknown
3956104.244.76.231 67 tcp dhcps filtered
3957104.244.76.231 67 udp dhcps unknown
3958104.244.76.231 68 tcp dhcpc filtered
3959104.244.76.231 68 udp dhcpc unknown
3960104.244.76.231 69 tcp tftp filtered
3961104.244.76.231 69 udp tftp unknown
3962104.244.76.231 80 tcp http open nginx
3963104.244.76.231 88 tcp kerberos-sec filtered
3964104.244.76.231 88 udp kerberos-sec unknown
3965104.244.76.231 123 tcp ntp filtered
3966104.244.76.231 123 udp ntp unknown
3967104.244.76.231 137 tcp netbios-ns filtered
3968104.244.76.231 137 udp netbios-ns unknown
3969104.244.76.231 138 tcp netbios-dgm filtered
3970104.244.76.231 138 udp netbios-dgm unknown
3971104.244.76.231 139 tcp netbios-ssn filtered
3972104.244.76.231 139 udp netbios-ssn unknown
3973104.244.76.231 161 tcp snmp filtered
3974104.244.76.231 161 udp snmp unknown
3975104.244.76.231 162 tcp snmptrap filtered
3976104.244.76.231 162 udp snmptrap unknown
3977104.244.76.231 389 tcp ldap filtered
3978104.244.76.231 389 udp ldap unknown
3979104.244.76.231 443 tcp ssl/http open nginx
3980104.244.76.231 520 tcp efs filtered
3981104.244.76.231 520 udp route unknown
3982104.244.76.231 2049 tcp nfs filtered
3983104.244.76.231 2049 udp nfs unknown
3984104.244.76.231 5040 tcp unknown closed
3985104.244.76.231 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
3986104.244.76.231 16221 tcp closed
3987104.244.76.231 23022 tcp closed
3988104.244.76.231 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3989104.244.77.188 53 tcp domain filtered
3990104.244.77.188 53 udp domain unknown
3991104.244.77.188 67 tcp dhcps filtered
3992104.244.77.188 67 udp dhcps unknown
3993104.244.77.188 68 tcp dhcpc filtered
3994104.244.77.188 68 udp dhcpc unknown
3995104.244.77.188 69 tcp tftp filtered
3996104.244.77.188 69 udp tftp unknown
3997104.244.77.188 80 tcp http open nginx
3998104.244.77.188 88 tcp kerberos-sec filtered
3999104.244.77.188 88 udp kerberos-sec unknown
4000104.244.77.188 123 tcp ntp filtered
4001104.244.77.188 123 udp ntp unknown
4002104.244.77.188 137 tcp netbios-ns filtered
4003104.244.77.188 137 udp netbios-ns unknown
4004104.244.77.188 138 tcp netbios-dgm filtered
4005104.244.77.188 138 udp netbios-dgm unknown
4006104.244.77.188 139 tcp netbios-ssn filtered
4007104.244.77.188 139 udp netbios-ssn unknown
4008104.244.77.188 161 tcp snmp filtered
4009104.244.77.188 161 udp snmp unknown
4010104.244.77.188 162 tcp snmptrap filtered
4011104.244.77.188 162 udp snmptrap unknown
4012104.244.77.188 389 tcp ldap filtered
4013104.244.77.188 389 udp ldap unknown
4014104.244.77.188 443 tcp ssl/http open nginx
4015104.244.77.188 520 tcp efs filtered
4016104.244.77.188 520 udp route unknown
4017104.244.77.188 2049 tcp nfs filtered
4018104.244.77.188 2049 udp nfs unknown
4019104.244.77.188 5040 tcp unknown closed
4020104.244.77.188 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
4021104.244.77.188 16221 tcp closed
4022104.244.77.188 23022 tcp closed
4023104.244.77.188 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
4024104.244.79.89 53 tcp domain filtered
4025104.244.79.89 53 udp domain unknown
4026104.244.79.89 67 tcp dhcps filtered
4027104.244.79.89 67 udp dhcps unknown
4028104.244.79.89 68 tcp dhcpc filtered
4029104.244.79.89 68 udp dhcpc unknown
4030104.244.79.89 69 tcp tftp filtered
4031104.244.79.89 69 udp tftp unknown
4032104.244.79.89 80 tcp http open nginx
4033104.244.79.89 88 tcp kerberos-sec filtered
4034104.244.79.89 88 udp kerberos-sec unknown
4035104.244.79.89 123 tcp ntp filtered
4036104.244.79.89 123 udp ntp unknown
4037104.244.79.89 137 tcp netbios-ns filtered
4038104.244.79.89 137 udp netbios-ns unknown
4039104.244.79.89 138 tcp netbios-dgm filtered
4040104.244.79.89 138 udp netbios-dgm unknown
4041104.244.79.89 139 tcp netbios-ssn filtered
4042104.244.79.89 139 udp netbios-ssn unknown
4043104.244.79.89 161 tcp snmp filtered
4044104.244.79.89 161 udp snmp unknown
4045104.244.79.89 162 tcp snmptrap filtered
4046104.244.79.89 162 udp snmptrap unknown
4047104.244.79.89 389 tcp ldap filtered
4048104.244.79.89 389 udp ldap unknown
4049104.244.79.89 443 tcp ssl/http open nginx
4050104.244.79.89 520 tcp efs filtered
4051104.244.79.89 520 udp route unknown
4052104.244.79.89 2049 tcp nfs filtered
4053104.244.79.89 2049 udp nfs unknown
4054104.244.79.89 7910 tcp ssl/http open nginx
4055104.244.79.89 7920 tcp unknown closed
4056104.244.79.89 7930 tcp closed
4057104.244.79.89 16001 tcp http open MiniServ 1.930 Webmin httpd
4058104.244.79.89 16010 tcp ssl/http open nginx
4059104.244.79.89 16221 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
4060104.244.79.89 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
4061107.180.28.114 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 3 of 500 allowed.\x0d\x0a220-Local time is now 05:54. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
4062107.180.28.114 22 tcp ssh open SSH-2.0-OpenSSH_5.3
4063107.180.28.114 53 tcp domain filtered
4064107.180.28.114 53 udp domain unknown
4065107.180.28.114 67 tcp dhcps filtered
4066107.180.28.114 67 udp dhcps unknown
4067107.180.28.114 68 tcp dhcpc filtered
4068107.180.28.114 68 udp dhcpc unknown
4069107.180.28.114 69 tcp tftp filtered
4070107.180.28.114 69 udp tftp unknown
4071107.180.28.114 88 tcp kerberos-sec filtered
4072107.180.28.114 88 udp kerberos-sec unknown
4073107.180.28.114 123 tcp ntp filtered
4074107.180.28.114 123 udp ntp unknown
4075107.180.28.114 137 tcp netbios-ns filtered
4076107.180.28.114 137 udp netbios-ns unknown
4077107.180.28.114 138 tcp netbios-dgm filtered
4078107.180.28.114 138 udp netbios-dgm unknown
4079107.180.28.114 139 tcp netbios-ssn filtered
4080107.180.28.114 139 udp netbios-ssn unknown
4081107.180.28.114 161 tcp snmp filtered
4082107.180.28.114 161 udp snmp unknown
4083107.180.28.114 162 tcp snmptrap filtered
4084107.180.28.114 162 udp snmptrap unknown
4085107.180.28.114 389 tcp ldap filtered
4086107.180.28.114 389 udp ldap unknown
4087107.180.28.114 520 tcp efs filtered
4088107.180.28.114 520 udp route unknown
4089107.180.28.114 2049 tcp nfs filtered
4090107.180.28.114 2049 udp nfs unknown
4091111.90.145.39 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 15:04. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
4092111.90.145.39 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
4093111.90.145.39 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
4094111.90.145.39 67 tcp dhcps closed
4095111.90.145.39 67 udp dhcps closed
4096111.90.145.39 68 tcp dhcpc closed
4097111.90.145.39 68 udp dhcpc unknown
4098111.90.145.39 69 tcp tftp closed
4099111.90.145.39 69 udp tftp unknown
4100111.90.145.39 88 tcp kerberos-sec closed
4101111.90.145.39 88 udp kerberos-sec unknown
4102111.90.145.39 123 tcp ntp closed
4103111.90.145.39 123 udp ntp closed
4104111.90.145.39 137 tcp netbios-ns closed
4105111.90.145.39 137 udp netbios-ns unknown
4106111.90.145.39 138 tcp netbios-dgm closed
4107111.90.145.39 138 udp netbios-dgm unknown
4108111.90.145.39 139 tcp netbios-ssn filtered
4109111.90.145.39 139 udp netbios-ssn closed
4110111.90.145.39 161 tcp snmp closed
4111111.90.145.39 161 udp snmp unknown
4112111.90.145.39 162 tcp snmptrap closed
4113111.90.145.39 162 udp snmptrap closed
4114111.90.145.39 389 tcp ldap closed
4115111.90.145.39 389 udp ldap unknown
4116111.90.145.39 520 tcp efs closed
4117111.90.145.39 520 udp route closed
4118111.90.145.39 2049 tcp nfs closed
4119111.90.145.39 2049 udp nfs closed
4120143.95.110.248 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 150 allowed.\x0d\x0a220-Local time is now 05:55. Server port: 21.\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
4121143.95.110.248 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
4122143.95.110.248 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
4123143.95.110.248 67 tcp dhcps closed
4124143.95.110.248 67 udp dhcps unknown
4125143.95.110.248 68 tcp dhcpc closed
4126143.95.110.248 68 udp dhcpc unknown
4127143.95.110.248 69 tcp tftp closed
4128143.95.110.248 69 udp tftp unknown
4129143.95.110.248 88 tcp kerberos-sec closed
4130143.95.110.248 88 udp kerberos-sec unknown
4131143.95.110.248 123 tcp ntp closed
4132143.95.110.248 123 udp ntp unknown
4133143.95.110.248 137 tcp netbios-ns closed
4134143.95.110.248 137 udp netbios-ns unknown
4135143.95.110.248 138 tcp netbios-dgm closed
4136143.95.110.248 138 udp netbios-dgm closed
4137143.95.110.248 139 tcp netbios-ssn closed
4138143.95.110.248 139 udp netbios-ssn unknown
4139143.95.110.248 161 tcp snmp closed
4140143.95.110.248 161 udp snmp closed
4141143.95.110.248 162 tcp snmptrap closed
4142143.95.110.248 162 udp snmptrap unknown
4143143.95.110.248 389 tcp ldap closed
4144143.95.110.248 389 udp ldap closed
4145143.95.110.248 520 tcp efs closed
4146143.95.110.248 520 udp route unknown
4147143.95.110.248 2049 tcp nfs closed
4148143.95.110.248 2049 udp nfs unknown
4149146.83.222.104 53 tcp domain filtered
4150146.83.222.104 53 udp domain unknown
4151146.83.222.104 67 tcp dhcps filtered
4152146.83.222.104 67 udp dhcps unknown
4153146.83.222.104 68 tcp dhcpc filtered
4154146.83.222.104 68 udp dhcpc unknown
4155146.83.222.104 69 tcp tftp filtered
4156146.83.222.104 69 udp tftp filtered
4157146.83.222.104 88 tcp kerberos-sec filtered
4158146.83.222.104 88 udp kerberos-sec unknown
4159146.83.222.104 123 tcp ntp filtered
4160146.83.222.104 123 udp ntp unknown
4161146.83.222.104 137 tcp netbios-ns filtered
4162146.83.222.104 137 udp netbios-ns unknown
4163146.83.222.104 138 tcp netbios-dgm filtered
4164146.83.222.104 138 udp netbios-dgm unknown
4165146.83.222.104 139 tcp netbios-ssn filtered
4166146.83.222.104 139 udp netbios-ssn unknown
4167146.83.222.104 161 tcp snmp filtered
4168146.83.222.104 161 udp snmp unknown
4169146.83.222.104 162 tcp snmptrap filtered
4170146.83.222.104 162 udp snmptrap unknown
4171146.83.222.104 389 tcp ldap filtered
4172146.83.222.104 389 udp ldap unknown
4173146.83.222.104 520 tcp efs filtered
4174146.83.222.104 520 udp route unknown
4175146.83.222.104 2049 tcp nfs filtered
4176146.83.222.104 2049 udp nfs unknown
4177149.126.72.220 25 tcp smtp closed
4178149.126.72.220 51 tcp tcpwrapped open
4179149.126.72.220 53 tcp domain open
4180149.126.72.220 53 udp domain open
4181149.126.72.220 65 tcp tcpwrapped open
4182149.126.72.220 66 tcp tcpwrapped open
4183149.126.72.220 67 tcp dhcps filtered
4184149.126.72.220 67 udp dhcps unknown
4185149.126.72.220 68 tcp dhcpc filtered
4186149.126.72.220 68 udp dhcpc unknown
4187149.126.72.220 69 tcp tftp filtered
4188149.126.72.220 69 udp tftp unknown
4189149.126.72.220 80 tcp tcpwrapped open
4190149.126.72.220 81 tcp tcpwrapped open
4191149.126.72.220 82 tcp tcpwrapped open
4192149.126.72.220 83 tcp tcpwrapped open
4193149.126.72.220 84 tcp tcpwrapped open
4194149.126.72.220 85 tcp tcpwrapped open
4195149.126.72.220 86 tcp tcpwrapped open
4196149.126.72.220 88 tcp http open Incapsula CDN httpd
4197149.126.72.220 88 udp kerberos-sec unknown
4198149.126.72.220 89 tcp tcpwrapped open
4199149.126.72.220 90 tcp tcpwrapped open
4200149.126.72.220 91 tcp tcpwrapped open
4201149.126.72.220 92 tcp tcpwrapped open
4202149.126.72.220 98 tcp tcpwrapped open
4203149.126.72.220 99 tcp tcpwrapped open
4204149.126.72.220 123 tcp ntp filtered
4205149.126.72.220 123 udp ntp unknown
4206149.126.72.220 137 tcp netbios-ns filtered
4207149.126.72.220 137 udp netbios-ns filtered
4208149.126.72.220 138 tcp netbios-dgm filtered
4209149.126.72.220 138 udp netbios-dgm filtered
4210149.126.72.220 139 tcp netbios-ssn closed
4211149.126.72.220 139 udp netbios-ssn unknown
4212149.126.72.220 160 tcp sgmp-traps closed
4213149.126.72.220 161 tcp snmp filtered
4214149.126.72.220 161 udp snmp unknown
4215149.126.72.220 162 tcp snmptrap filtered
4216149.126.72.220 162 udp snmptrap unknown
4217149.126.72.220 189 tcp tcpwrapped open
4218149.126.72.220 190 tcp tcpwrapped open
4219149.126.72.220 192 tcp tcpwrapped open
4220149.126.72.220 243 tcp tcpwrapped open
4221149.126.72.220 285 tcp tcpwrapped open
4222149.126.72.220 314 tcp tcpwrapped open
4223149.126.72.220 343 tcp tcpwrapped open
4224149.126.72.220 347 tcp tcpwrapped open
4225149.126.72.220 385 tcp tcpwrapped open
4226149.126.72.220 389 tcp ssl/http open Incapsula CDN httpd
4227149.126.72.220 389 udp ldap unknown
4228149.126.72.220 400 tcp tcpwrapped open
4229149.126.72.220 440 tcp tcpwrapped open
4230149.126.72.220 441 tcp tcpwrapped open
4231149.126.72.220 442 tcp tcpwrapped open
4232149.126.72.220 443 tcp ssl/tcpwrapped open
4233149.126.72.220 444 tcp tcpwrapped open
4234149.126.72.220 445 tcp microsoft-ds closed
4235149.126.72.220 446 tcp tcpwrapped open
4236149.126.72.220 447 tcp tcpwrapped open
4237149.126.72.220 448 tcp tcpwrapped open
4238149.126.72.220 449 tcp tcpwrapped open
4239149.126.72.220 452 tcp tcpwrapped open
4240149.126.72.220 461 tcp tcpwrapped open
4241149.126.72.220 462 tcp tcpwrapped open
4242149.126.72.220 480 tcp tcpwrapped open
4243149.126.72.220 485 tcp tcpwrapped open
4244149.126.72.220 487 tcp tcpwrapped open
4245149.126.72.220 488 tcp tcpwrapped open
4246149.126.72.220 491 tcp tcpwrapped open
4247149.126.72.220 520 tcp efs filtered
4248149.126.72.220 520 udp route unknown
4249149.126.72.220 555 tcp tcpwrapped open
4250149.126.72.220 556 tcp tcpwrapped open
4251149.126.72.220 587 tcp tcpwrapped open
4252149.126.72.220 631 tcp tcpwrapped open
4253149.126.72.220 632 tcp tcpwrapped open
4254149.126.72.220 636 tcp tcpwrapped open
4255149.126.72.220 743 tcp tcpwrapped open
4256149.126.72.220 772 tcp tcpwrapped open
4257149.126.72.220 777 tcp tcpwrapped open
4258149.126.72.220 782 tcp tcpwrapped open
4259149.126.72.220 785 tcp tcpwrapped open
4260149.126.72.220 800 tcp tcpwrapped open
4261149.126.72.220 801 tcp tcpwrapped open
4262149.126.72.220 805 tcp tcpwrapped open
4263149.126.72.220 806 tcp tcpwrapped open
4264149.126.72.220 809 tcp tcpwrapped open
4265149.126.72.220 843 tcp tcpwrapped open
4266149.126.72.220 853 tcp tcpwrapped open
4267149.126.72.220 885 tcp tcpwrapped open
4268149.126.72.220 886 tcp tcpwrapped open
4269149.126.72.220 887 tcp tcpwrapped open
4270149.126.72.220 888 tcp tcpwrapped open
4271149.126.72.220 943 tcp tcpwrapped open
4272149.126.72.220 947 tcp tcpwrapped open
4273149.126.72.220 953 tcp tcpwrapped open
4274149.126.72.220 990 tcp tcpwrapped open
4275149.126.72.220 995 tcp tcpwrapped open
4276149.126.72.220 998 tcp tcpwrapped open
4277149.126.72.220 999 tcp tcpwrapped open
4278149.126.72.220 1000 tcp tcpwrapped open
4279149.126.72.220 1002 tcp tcpwrapped open
4280149.126.72.220 1024 tcp tcpwrapped open
4281149.126.72.220 1025 tcp tcpwrapped open
4282149.126.72.220 1028 tcp tcpwrapped open
4283149.126.72.220 1080 tcp tcpwrapped open
4284149.126.72.220 1103 tcp tcpwrapped open
4285149.126.72.220 1111 tcp tcpwrapped open
4286149.126.72.220 1180 tcp tcpwrapped open
4287149.126.72.220 1181 tcp tcpwrapped open
4288149.126.72.220 1207 tcp tcpwrapped open
4289149.126.72.220 1234 tcp tcpwrapped open
4290149.126.72.220 1250 tcp tcpwrapped open
4291149.126.72.220 1283 tcp tcpwrapped open
4292149.126.72.220 1291 tcp tcpwrapped open
4293149.126.72.220 1292 tcp tcpwrapped open
4294149.126.72.220 1293 tcp tcpwrapped open
4295149.126.72.220 1337 tcp tcpwrapped open
4296149.126.72.220 1344 tcp tcpwrapped open
4297149.126.72.220 1355 tcp tcpwrapped open
4298149.126.72.220 1364 tcp tcpwrapped open
4299149.126.72.220 1366 tcp tcpwrapped open
4300149.126.72.220 1377 tcp tcpwrapped open
4301149.126.72.220 1387 tcp tcpwrapped open
4302149.126.72.220 1388 tcp tcpwrapped open
4303149.126.72.220 1433 tcp tcpwrapped open
4304149.126.72.220 1443 tcp tcpwrapped open
4305149.126.72.220 1447 tcp tcpwrapped open
4306149.126.72.220 1450 tcp tcpwrapped open
4307149.126.72.220 1451 tcp tcpwrapped open
4308149.126.72.220 1452 tcp tcpwrapped open
4309149.126.72.220 1453 tcp tcpwrapped open
4310149.126.72.220 1454 tcp tcpwrapped open
4311149.126.72.220 1455 tcp tcpwrapped open
4312149.126.72.220 1456 tcp tcpwrapped open
4313149.126.72.220 1457 tcp tcpwrapped open
4314149.126.72.220 1458 tcp tcpwrapped open
4315149.126.72.220 1459 tcp tcpwrapped open
4316149.126.72.220 1460 tcp tcpwrapped open
4317149.126.72.220 1494 tcp tcpwrapped open
4318149.126.72.220 1935 tcp tcpwrapped open
4319149.126.72.220 1950 tcp tcpwrapped open
4320149.126.72.220 1951 tcp tcpwrapped open
4321149.126.72.220 1952 tcp tcpwrapped open
4322149.126.72.220 1953 tcp tcpwrapped open
4323149.126.72.220 1954 tcp tcpwrapped open
4324149.126.72.220 1955 tcp tcpwrapped open
4325149.126.72.220 1956 tcp tcpwrapped open
4326149.126.72.220 1957 tcp tcpwrapped open
4327149.126.72.220 1958 tcp tcpwrapped open
4328149.126.72.220 1959 tcp tcpwrapped open
4329149.126.72.220 1960 tcp tcpwrapped open
4330149.126.72.220 1964 tcp tcpwrapped open
4331149.126.72.220 1965 tcp tcpwrapped open
4332149.126.72.220 1966 tcp tcpwrapped open
4333149.126.72.220 1967 tcp tcpwrapped open
4334149.126.72.220 1968 tcp tcpwrapped open
4335149.126.72.220 1969 tcp tcpwrapped open
4336149.126.72.220 1970 tcp tcpwrapped open
4337149.126.72.220 1971 tcp tcpwrapped open
4338149.126.72.220 1972 tcp tcpwrapped open
4339149.126.72.220 1973 tcp tcpwrapped open
4340149.126.72.220 1974 tcp tcpwrapped open
4341149.126.72.220 1975 tcp tcpwrapped open
4342149.126.72.220 1976 tcp tcpwrapped open
4343149.126.72.220 1977 tcp tcpwrapped open
4344149.126.72.220 1978 tcp tcpwrapped open
4345149.126.72.220 1979 tcp tcpwrapped open
4346149.126.72.220 1980 tcp tcpwrapped open
4347149.126.72.220 1981 tcp tcpwrapped open
4348149.126.72.220 1982 tcp tcpwrapped open
4349149.126.72.220 1983 tcp tcpwrapped open
4350149.126.72.220 1984 tcp tcpwrapped open
4351149.126.72.220 1985 tcp tcpwrapped open
4352149.126.72.220 1986 tcp tcpwrapped open
4353149.126.72.220 1987 tcp tcpwrapped open
4354149.126.72.220 1988 tcp tcpwrapped open
4355149.126.72.220 1989 tcp tcpwrapped open
4356149.126.72.220 2000 tcp tcpwrapped open
4357149.126.72.220 2001 tcp tcpwrapped open
4358149.126.72.220 2006 tcp tcpwrapped open
4359149.126.72.220 2012 tcp tcpwrapped open
4360149.126.72.220 2020 tcp tcpwrapped open
4361149.126.72.220 2048 tcp tcpwrapped open
4362149.126.72.220 2049 tcp http open Incapsula CDN httpd
4363149.126.72.220 2049 udp nfs unknown
4364149.126.72.220 2050 tcp tcpwrapped open
4365149.126.72.220 2051 tcp tcpwrapped open
4366149.126.72.220 2052 tcp tcpwrapped open
4367149.126.72.220 2053 tcp tcpwrapped open
4368149.126.72.220 2054 tcp tcpwrapped open
4369149.126.72.220 2055 tcp tcpwrapped open
4370149.126.72.220 2056 tcp tcpwrapped open
4371149.126.72.220 2057 tcp tcpwrapped open
4372149.126.72.220 2058 tcp tcpwrapped open
4373149.126.72.220 2059 tcp tcpwrapped open
4374149.126.72.220 2060 tcp tcpwrapped open
4375149.126.72.220 2061 tcp tcpwrapped open
4376149.126.72.220 2062 tcp tcpwrapped open
4377149.126.72.220 2063 tcp tcpwrapped open
4378149.126.72.220 2064 tcp tcpwrapped open
4379149.126.72.220 2065 tcp tcpwrapped open
4380149.126.72.220 2066 tcp tcpwrapped open
4381149.126.72.220 2067 tcp tcpwrapped open
4382149.126.72.220 2068 tcp tcpwrapped open
4383149.126.72.220 2069 tcp tcpwrapped open
4384149.126.72.220 2070 tcp tcpwrapped open
4385149.126.72.220 2072 tcp tcpwrapped open
4386149.126.72.220 2082 tcp tcpwrapped open
4387149.126.72.220 2083 tcp tcpwrapped open
4388149.126.72.220 2087 tcp tcpwrapped open
4389149.126.72.220 2096 tcp tcpwrapped open
4390149.126.72.220 2100 tcp tcpwrapped open
4391149.126.72.220 2108 tcp tcpwrapped open
4392149.126.72.220 2200 tcp tcpwrapped open
4393149.126.72.220 2209 tcp tcpwrapped open
4394149.126.72.220 2222 tcp tcpwrapped open
4395149.126.72.220 2226 tcp tcpwrapped open
4396149.126.72.220 2248 tcp tcpwrapped open
4397149.126.72.220 2344 tcp tcpwrapped open
4398149.126.72.220 2345 tcp tcpwrapped open
4399149.126.72.220 2353 tcp tcpwrapped open
4400149.126.72.220 2363 tcp tcpwrapped open
4401149.126.72.220 2423 tcp tcpwrapped open
4402149.126.72.220 2433 tcp tcpwrapped open
4403149.126.72.220 2435 tcp tcpwrapped open
4404149.126.72.220 2443 tcp tcpwrapped open
4405149.126.72.220 2453 tcp tcpwrapped open
4406149.126.72.220 2480 tcp tcpwrapped open
4407149.126.72.220 2548 tcp tcpwrapped open
4408149.126.72.220 2549 tcp tcpwrapped open
4409149.126.72.220 2550 tcp tcpwrapped open
4410149.126.72.220 2551 tcp tcpwrapped open
4411149.126.72.220 2552 tcp tcpwrapped open
4412149.126.72.220 2553 tcp tcpwrapped open
4413149.126.72.220 2554 tcp tcpwrapped open
4414149.126.72.220 2555 tcp tcpwrapped open
4415149.126.72.220 2556 tcp tcpwrapped open
4416149.126.72.220 2557 tcp tcpwrapped open
4417149.126.72.220 2558 tcp tcpwrapped open
4418149.126.72.220 2559 tcp tcpwrapped open
4419149.126.72.220 2560 tcp tcpwrapped open
4420149.126.72.220 2561 tcp tcpwrapped open
4421149.126.72.220 2562 tcp tcpwrapped open
4422149.126.72.220 2563 tcp tcpwrapped open
4423149.126.72.220 2566 tcp tcpwrapped open
4424149.126.72.220 2567 tcp tcpwrapped open
4425149.126.72.220 2568 tcp tcpwrapped open
4426149.126.72.220 2569 tcp tcpwrapped open
4427149.126.72.220 2570 tcp tcpwrapped open
4428149.126.72.220 2572 tcp tcpwrapped open
4429149.126.72.220 2598 tcp tcpwrapped open
4430149.126.72.220 2599 tcp tcpwrapped open
4431149.126.72.220 2850 tcp tcpwrapped open
4432149.126.72.220 2985 tcp tcpwrapped open
4433149.126.72.220 2995 tcp tcpwrapped open
4434149.126.72.220 3000 tcp tcpwrapped open
4435149.126.72.220 3001 tcp tcpwrapped open
4436149.126.72.220 3002 tcp tcpwrapped open
4437149.126.72.220 3003 tcp tcpwrapped open
4438149.126.72.220 3004 tcp tcpwrapped open
4439149.126.72.220 3005 tcp tcpwrapped open
4440149.126.72.220 3006 tcp tcpwrapped open
4441149.126.72.220 3007 tcp tcpwrapped open
4442149.126.72.220 3008 tcp tcpwrapped open
4443149.126.72.220 3009 tcp tcpwrapped open
4444149.126.72.220 3010 tcp tcpwrapped open
4445149.126.72.220 3011 tcp tcpwrapped open
4446149.126.72.220 3012 tcp tcpwrapped open
4447149.126.72.220 3013 tcp tcpwrapped open
4448149.126.72.220 3014 tcp tcpwrapped open
4449149.126.72.220 3015 tcp tcpwrapped open
4450149.126.72.220 3016 tcp tcpwrapped open
4451149.126.72.220 3017 tcp tcpwrapped open
4452149.126.72.220 3018 tcp tcpwrapped open
4453149.126.72.220 3019 tcp tcpwrapped open
4454149.126.72.220 3020 tcp tcpwrapped open
4455149.126.72.220 3021 tcp tcpwrapped open
4456149.126.72.220 3022 tcp tcpwrapped open
4457149.126.72.220 3030 tcp tcpwrapped open
4458149.126.72.220 3047 tcp tcpwrapped open
4459149.126.72.220 3048 tcp tcpwrapped open
4460149.126.72.220 3049 tcp tcpwrapped open
4461149.126.72.220 3050 tcp tcpwrapped open
4462149.126.72.220 3051 tcp tcpwrapped open
4463149.126.72.220 3052 tcp tcpwrapped open
4464149.126.72.220 3053 tcp tcpwrapped open
4465149.126.72.220 3054 tcp tcpwrapped open
4466149.126.72.220 3055 tcp tcpwrapped open
4467149.126.72.220 3056 tcp tcpwrapped open
4468149.126.72.220 3057 tcp tcpwrapped open
4469149.126.72.220 3058 tcp tcpwrapped open
4470149.126.72.220 3059 tcp tcpwrapped open
4471149.126.72.220 3060 tcp tcpwrapped open
4472149.126.72.220 3061 tcp tcpwrapped open
4473149.126.72.220 3062 tcp tcpwrapped open
4474149.126.72.220 3063 tcp tcpwrapped open
4475149.126.72.220 3064 tcp tcpwrapped open
4476149.126.72.220 3065 tcp tcpwrapped open
4477149.126.72.220 3066 tcp tcpwrapped open
4478149.126.72.220 3067 tcp tcpwrapped open
4479149.126.72.220 3068 tcp tcpwrapped open
4480149.126.72.220 3069 tcp tcpwrapped open
4481149.126.72.220 3070 tcp tcpwrapped open
4482149.126.72.220 3071 tcp tcpwrapped open
4483149.126.72.220 3072 tcp tcpwrapped open
4484149.126.72.220 3073 tcp tcpwrapped open
4485149.126.72.220 3074 tcp tcpwrapped open
4486149.126.72.220 3075 tcp tcpwrapped open
4487149.126.72.220 3076 tcp tcpwrapped open
4488149.126.72.220 3077 tcp tcpwrapped open
4489149.126.72.220 3078 tcp tcpwrapped open
4490149.126.72.220 3079 tcp tcpwrapped open
4491149.126.72.220 3080 tcp tcpwrapped open
4492149.126.72.220 3081 tcp tcpwrapped open
4493149.126.72.220 3082 tcp tcpwrapped open
4494149.126.72.220 3083 tcp tcpwrapped open
4495149.126.72.220 3084 tcp tcpwrapped open
4496149.126.72.220 3085 tcp tcpwrapped open
4497149.126.72.220 3086 tcp tcpwrapped open
4498149.126.72.220 3087 tcp tcpwrapped open
4499149.126.72.220 3088 tcp tcpwrapped open
4500149.126.72.220 3089 tcp tcpwrapped open
4501149.126.72.220 3090 tcp tcpwrapped open
4502149.126.72.220 3091 tcp tcpwrapped open
4503149.126.72.220 3092 tcp tcpwrapped open
4504149.126.72.220 3093 tcp tcpwrapped open
4505149.126.72.220 3094 tcp tcpwrapped open
4506149.126.72.220 3095 tcp tcpwrapped open
4507149.126.72.220 3096 tcp tcpwrapped open
4508149.126.72.220 3097 tcp tcpwrapped open
4509149.126.72.220 3098 tcp tcpwrapped open
4510149.126.72.220 3099 tcp tcpwrapped open
4511149.126.72.220 3100 tcp tcpwrapped open
4512149.126.72.220 3101 tcp tcpwrapped open
4513149.126.72.220 3102 tcp tcpwrapped open
4514149.126.72.220 3103 tcp tcpwrapped open
4515149.126.72.220 3104 tcp tcpwrapped open
4516149.126.72.220 3105 tcp tcpwrapped open
4517149.126.72.220 3106 tcp tcpwrapped open
4518149.126.72.220 3107 tcp tcpwrapped open
4519149.126.72.220 3108 tcp tcpwrapped open
4520149.126.72.220 3109 tcp tcpwrapped open
4521149.126.72.220 3110 tcp tcpwrapped open
4522149.126.72.220 3111 tcp tcpwrapped open
4523149.126.72.220 3112 tcp tcpwrapped open
4524149.126.72.220 3113 tcp tcpwrapped open
4525149.126.72.220 3114 tcp tcpwrapped open
4526149.126.72.220 3115 tcp tcpwrapped open
4527149.126.72.220 3116 tcp tcpwrapped open
4528149.126.72.220 3117 tcp tcpwrapped open
4529149.126.72.220 3118 tcp tcpwrapped open
4530149.126.72.220 3119 tcp tcpwrapped open
4531149.126.72.220 3120 tcp tcpwrapped open
4532149.126.72.220 3121 tcp tcpwrapped open
4533149.126.72.220 3150 tcp tcpwrapped open
4534149.126.72.220 3155 tcp tcpwrapped open
4535149.126.72.220 3160 tcp tcpwrapped open
4536149.126.72.220 3165 tcp tcpwrapped open
4537149.126.72.220 3270 tcp tcpwrapped open
4538149.126.72.220 3299 tcp tcpwrapped open
4539149.126.72.220 3306 tcp tcpwrapped open
4540149.126.72.220 3333 tcp tcpwrapped open
4541149.126.72.220 3389 tcp tcpwrapped open
4542149.126.72.220 3391 tcp tcpwrapped open
4543149.126.72.220 3400 tcp tcpwrapped open
4544149.126.72.220 3401 tcp tcpwrapped open
4545149.126.72.220 3402 tcp tcpwrapped open
4546149.126.72.220 3403 tcp tcpwrapped open
4547149.126.72.220 3404 tcp tcpwrapped open
4548149.126.72.220 3405 tcp tcpwrapped open
4549149.126.72.220 3406 tcp tcpwrapped open
4550149.126.72.220 3407 tcp tcpwrapped open
4551149.126.72.220 3408 tcp tcpwrapped open
4552149.126.72.220 3409 tcp tcpwrapped open
4553149.126.72.220 3410 tcp tcpwrapped open
4554149.126.72.220 3412 tcp tcpwrapped open
4555149.126.72.220 3443 tcp tcpwrapped open
4556149.126.72.220 3500 tcp tcpwrapped open
4557149.126.72.220 3510 tcp tcpwrapped open
4558149.126.72.220 3521 tcp tcpwrapped open
4559149.126.72.220 3522 tcp tcpwrapped open
4560149.126.72.220 3523 tcp tcpwrapped open
4561149.126.72.220 3524 tcp tcpwrapped open
4562149.126.72.220 3530 tcp tcpwrapped open
4563149.126.72.220 3531 tcp tcpwrapped open
4564149.126.72.220 3540 tcp tcpwrapped open
4565149.126.72.220 3548 tcp tcpwrapped open
4566149.126.72.220 3549 tcp tcpwrapped open
4567149.126.72.220 3550 tcp tcpwrapped open
4568149.126.72.220 3551 tcp tcpwrapped open
4569149.126.72.220 3552 tcp tcpwrapped open
4570149.126.72.220 3553 tcp tcpwrapped open
4571149.126.72.220 3554 tcp tcpwrapped open
4572149.126.72.220 3555 tcp tcpwrapped open
4573149.126.72.220 3556 tcp tcpwrapped open
4574149.126.72.220 3557 tcp tcpwrapped open
4575149.126.72.220 3558 tcp tcpwrapped open
4576149.126.72.220 3559 tcp tcpwrapped open
4577149.126.72.220 3560 tcp tcpwrapped open
4578149.126.72.220 3561 tcp tcpwrapped open
4579149.126.72.220 3562 tcp tcpwrapped open
4580149.126.72.220 3563 tcp tcpwrapped open
4581149.126.72.220 3566 tcp tcpwrapped open
4582149.126.72.220 3567 tcp tcpwrapped open
4583149.126.72.220 3568 tcp tcpwrapped open
4584149.126.72.220 3569 tcp tcpwrapped open
4585149.126.72.220 3570 tcp tcpwrapped open
4586149.126.72.220 3572 tcp tcpwrapped open
4587149.126.72.220 3580 tcp tcpwrapped open
4588149.126.72.220 3590 tcp tcpwrapped open
4589149.126.72.220 3790 tcp tcpwrapped open
4590149.126.72.220 3791 tcp tcpwrapped open
4591149.126.72.220 3792 tcp tcpwrapped open
4592149.126.72.220 3793 tcp tcpwrapped open
4593149.126.72.220 3794 tcp tcpwrapped open
4594149.126.72.220 3838 tcp tcpwrapped open
4595149.126.72.220 3841 tcp tcpwrapped open
4596149.126.72.220 3842 tcp tcpwrapped open
4597149.126.72.220 3950 tcp tcpwrapped open
4598149.126.72.220 3951 tcp tcpwrapped open
4599149.126.72.220 3952 tcp tcpwrapped open
4600149.126.72.220 3953 tcp tcpwrapped open
4601149.126.72.220 3954 tcp adrep open
4602149.126.72.220 4000 tcp tcpwrapped open
4603149.126.72.220 4001 tcp newoak open
4604149.126.72.220 4002 tcp mlchat-proxy open
4605149.126.72.220 4021 tcp nexus-portal open
4606149.126.72.220 4022 tcp dnox open
4607149.126.72.220 4023 tcp esnm-zoning open
4608149.126.72.220 4043 tcp nirp open
4609149.126.72.220 4072 tcp zieto-sock open
4610149.126.72.220 4080 tcp lorica-in open
4611149.126.72.220 4085 tcp ezmessagesrv open
4612149.126.72.220 4120 tcp minirem open
4613149.126.72.220 4147 tcp vrxpservman open
4614149.126.72.220 4148 tcp hhb-handheld open
4615149.126.72.220 4150 tcp poweralert-nsa open
4616149.126.72.220 4155 tcp bzr open
4617149.126.72.220 4160 tcp jini-discovery open
4618149.126.72.220 4165 tcp altcp open
4619149.126.72.220 4172 tcp pcoip open
4620149.126.72.220 4243 tcp vrml-multi-use open
4621149.126.72.220 4244 tcp vrml-multi-use open
4622149.126.72.220 4250 tcp vrml-multi-use open
4623149.126.72.220 4300 tcp corelccam open
4624149.126.72.220 4333 tcp msql open
4625149.126.72.220 4343 tcp unicall open
4626149.126.72.220 4344 tcp vinainstall open
4627149.126.72.220 4400 tcp ds-srv open
4628149.126.72.220 4401 tcp tcpwrapped open
4629149.126.72.220 4402 tcp tcpwrapped open
4630149.126.72.220 4430 tcp tcpwrapped open
4631149.126.72.220 4431 tcp tcpwrapped open
4632149.126.72.220 4432 tcp tcpwrapped open
4633149.126.72.220 4434 tcp tcpwrapped open
4634149.126.72.220 4435 tcp tcpwrapped open
4635149.126.72.220 4436 tcp tcpwrapped open
4636149.126.72.220 4437 tcp tcpwrapped open
4637149.126.72.220 4439 tcp tcpwrapped open
4638149.126.72.220 4440 tcp tcpwrapped open
4639149.126.72.220 4443 tcp tcpwrapped open
4640149.126.72.220 4444 tcp tcpwrapped open
4641149.126.72.220 4445 tcp tcpwrapped open
4642149.126.72.220 4451 tcp tcpwrapped open
4643149.126.72.220 4455 tcp tcpwrapped open
4644149.126.72.220 4457 tcp tcpwrapped open
4645149.126.72.220 4459 tcp tcpwrapped open
4646149.126.72.220 4461 tcp tcpwrapped open
4647149.126.72.220 4463 tcp tcpwrapped open
4648149.126.72.220 4477 tcp tcpwrapped open
4649149.126.72.220 4482 tcp tcpwrapped open
4650149.126.72.220 4500 tcp tcpwrapped open
4651149.126.72.220 4502 tcp tcpwrapped open
4652149.126.72.220 4505 tcp tcpwrapped open
4653149.126.72.220 4572 tcp tcpwrapped open
4654149.126.72.220 4602 tcp tcpwrapped open
4655149.126.72.220 4620 tcp tcpwrapped open
4656149.126.72.220 4643 tcp tcpwrapped open
4657149.126.72.220 4848 tcp tcpwrapped open
4658149.126.72.220 4933 tcp tcpwrapped open
4659149.126.72.220 4993 tcp tcpwrapped open
4660149.126.72.220 5000 tcp tcpwrapped open
4661149.126.72.220 5001 tcp tcpwrapped open
4662149.126.72.220 5002 tcp tcpwrapped open
4663149.126.72.220 5003 tcp tcpwrapped open
4664149.126.72.220 5004 tcp tcpwrapped open
4665149.126.72.220 5005 tcp tcpwrapped open
4666149.126.72.220 5006 tcp tcpwrapped open
4667149.126.72.220 5007 tcp tcpwrapped open
4668149.126.72.220 5008 tcp tcpwrapped open
4669149.126.72.220 5009 tcp tcpwrapped open
4670149.126.72.220 5010 tcp tcpwrapped open
4671149.126.72.220 5011 tcp tcpwrapped open
4672149.126.72.220 5022 tcp tcpwrapped open
4673149.126.72.220 5050 tcp tcpwrapped open
4674149.126.72.220 5053 tcp tcpwrapped open
4675149.126.72.220 5060 tcp tcpwrapped open
4676149.126.72.220 5061 tcp tcpwrapped open
4677149.126.72.220 5080 tcp tcpwrapped open
4678149.126.72.220 5083 tcp tcpwrapped open
4679149.126.72.220 5089 tcp tcpwrapped open
4680149.126.72.220 5090 tcp tcpwrapped open
4681149.126.72.220 5100 tcp tcpwrapped open
4682149.126.72.220 5105 tcp tcpwrapped open
4683149.126.72.220 5119 tcp tcpwrapped open
4684149.126.72.220 5120 tcp tcpwrapped open
4685149.126.72.220 5130 tcp tcpwrapped open
4686149.126.72.220 5140 tcp tcpwrapped open
4687149.126.72.220 5150 tcp tcpwrapped open
4688149.126.72.220 5160 tcp tcpwrapped open
4689149.126.72.220 5180 tcp tcpwrapped open
4690149.126.72.220 5201 tcp tcpwrapped open
4691149.126.72.220 5222 tcp tcpwrapped open
4692149.126.72.220 5223 tcp tcpwrapped open
4693149.126.72.220 5224 tcp tcpwrapped open
4694149.126.72.220 5225 tcp tcpwrapped open
4695149.126.72.220 5226 tcp tcpwrapped open
4696149.126.72.220 5227 tcp tcpwrapped open
4697149.126.72.220 5228 tcp tcpwrapped open
4698149.126.72.220 5229 tcp tcpwrapped open
4699149.126.72.220 5230 tcp tcpwrapped open
4700149.126.72.220 5231 tcp tcpwrapped open
4701149.126.72.220 5232 tcp tcpwrapped open
4702149.126.72.220 5233 tcp tcpwrapped open
4703149.126.72.220 5234 tcp tcpwrapped open
4704149.126.72.220 5235 tcp tcpwrapped open
4705149.126.72.220 5236 tcp tcpwrapped open
4706149.126.72.220 5237 tcp tcpwrapped open
4707149.126.72.220 5238 tcp tcpwrapped open
4708149.126.72.220 5239 tcp tcpwrapped open
4709149.126.72.220 5240 tcp tcpwrapped open
4710149.126.72.220 5241 tcp tcpwrapped open
4711149.126.72.220 5242 tcp tcpwrapped open
4712149.126.72.220 5243 tcp tcpwrapped open
4713149.126.72.220 5244 tcp tcpwrapped open
4714149.126.72.220 5245 tcp tcpwrapped open
4715149.126.72.220 5246 tcp tcpwrapped open
4716149.126.72.220 5247 tcp tcpwrapped open
4717149.126.72.220 5248 tcp tcpwrapped open
4718149.126.72.220 5249 tcp tcpwrapped open
4719149.126.72.220 5250 tcp tcpwrapped open
4720149.126.72.220 5251 tcp tcpwrapped open
4721149.126.72.220 5252 tcp tcpwrapped open
4722149.126.72.220 5253 tcp tcpwrapped open
4723149.126.72.220 5254 tcp tcpwrapped open
4724149.126.72.220 5255 tcp tcpwrapped open
4725149.126.72.220 5256 tcp tcpwrapped open
4726149.126.72.220 5257 tcp tcpwrapped open
4727149.126.72.220 5258 tcp tcpwrapped open
4728149.126.72.220 5259 tcp tcpwrapped open
4729149.126.72.220 5260 tcp tcpwrapped open
4730149.126.72.220 5261 tcp tcpwrapped open
4731149.126.72.220 5262 tcp tcpwrapped open
4732149.126.72.220 5263 tcp tcpwrapped open
4733149.126.72.220 5264 tcp tcpwrapped open
4734149.126.72.220 5265 tcp tcpwrapped open
4735149.126.72.220 5266 tcp tcpwrapped open
4736149.126.72.220 5267 tcp tcpwrapped open
4737149.126.72.220 5268 tcp tcpwrapped open
4738149.126.72.220 5269 tcp tcpwrapped open
4739149.126.72.220 5270 tcp tcpwrapped open
4740149.126.72.220 5271 tcp tcpwrapped open
4741149.126.72.220 5272 tcp tcpwrapped open
4742149.126.72.220 5273 tcp tcpwrapped open
4743149.126.72.220 5274 tcp tcpwrapped open
4744149.126.72.220 5275 tcp tcpwrapped open
4745149.126.72.220 5276 tcp tcpwrapped open
4746149.126.72.220 5277 tcp tcpwrapped open
4747149.126.72.220 5278 tcp tcpwrapped open
4748149.126.72.220 5279 tcp tcpwrapped open
4749149.126.72.220 5280 tcp tcpwrapped open
4750149.126.72.220 5440 tcp tcpwrapped open
4751149.126.72.220 5443 tcp tcpwrapped open
4752149.126.72.220 5456 tcp tcpwrapped open
4753149.126.72.220 5494 tcp tcpwrapped open
4754149.126.72.220 5495 tcp tcpwrapped open
4755149.126.72.220 5500 tcp tcpwrapped open
4756149.126.72.220 5503 tcp tcpwrapped open
4757149.126.72.220 5552 tcp tcpwrapped open
4758149.126.72.220 5555 tcp tcpwrapped open
4759149.126.72.220 5556 tcp tcpwrapped open
4760149.126.72.220 5557 tcp tcpwrapped open
4761149.126.72.220 5567 tcp tcpwrapped open
4762149.126.72.220 5568 tcp tcpwrapped open
4763149.126.72.220 5569 tcp tcpwrapped open
4764149.126.72.220 5590 tcp tcpwrapped open
4765149.126.72.220 5591 tcp tcpwrapped open
4766149.126.72.220 5592 tcp tcpwrapped open
4767149.126.72.220 5593 tcp tcpwrapped open
4768149.126.72.220 5594 tcp tcpwrapped open
4769149.126.72.220 5595 tcp tcpwrapped open
4770149.126.72.220 5596 tcp tcpwrapped open
4771149.126.72.220 5597 tcp tcpwrapped open
4772149.126.72.220 5598 tcp tcpwrapped open
4773149.126.72.220 5599 tcp tcpwrapped open
4774149.126.72.220 5600 tcp tcpwrapped open
4775149.126.72.220 5601 tcp tcpwrapped open
4776149.126.72.220 5602 tcp tcpwrapped open
4777149.126.72.220 5603 tcp tcpwrapped open
4778149.126.72.220 5604 tcp tcpwrapped open
4779149.126.72.220 5605 tcp tcpwrapped open
4780149.126.72.220 5606 tcp tcpwrapped open
4781149.126.72.220 5607 tcp tcpwrapped open
4782149.126.72.220 5608 tcp tcpwrapped open
4783149.126.72.220 5609 tcp tcpwrapped open
4784149.126.72.220 5613 tcp tcpwrapped open
4785149.126.72.220 5614 tcp tcpwrapped open
4786149.126.72.220 5620 tcp tcpwrapped open
4787149.126.72.220 5630 tcp tcpwrapped open
4788149.126.72.220 5640 tcp tcpwrapped open
4789149.126.72.220 5650 tcp tcpwrapped open
4790149.126.72.220 5660 tcp tcpwrapped open
4791149.126.72.220 5671 tcp tcpwrapped open
4792149.126.72.220 5672 tcp tcpwrapped open
4793149.126.72.220 5673 tcp tcpwrapped open
4794149.126.72.220 5680 tcp tcpwrapped open
4795149.126.72.220 5696 tcp tcpwrapped open
4796149.126.72.220 5698 tcp tcpwrapped open
4797149.126.72.220 5701 tcp tcpwrapped open
4798149.126.72.220 5721 tcp tcpwrapped open
4799149.126.72.220 5900 tcp tcpwrapped open
4800149.126.72.220 5901 tcp tcpwrapped open
4801149.126.72.220 5902 tcp tcpwrapped open
4802149.126.72.220 5903 tcp tcpwrapped open
4803149.126.72.220 5904 tcp tcpwrapped open
4804149.126.72.220 5905 tcp tcpwrapped open
4805149.126.72.220 5906 tcp tcpwrapped open
4806149.126.72.220 5907 tcp tcpwrapped open
4807149.126.72.220 5908 tcp tcpwrapped open
4808149.126.72.220 5909 tcp tcpwrapped open
4809149.126.72.220 5910 tcp tcpwrapped open
4810149.126.72.220 5911 tcp tcpwrapped open
4811149.126.72.220 5912 tcp tcpwrapped open
4812149.126.72.220 5913 tcp tcpwrapped open
4813149.126.72.220 5914 tcp tcpwrapped open
4814149.126.72.220 5915 tcp tcpwrapped open
4815149.126.72.220 5916 tcp tcpwrapped open
4816149.126.72.220 5917 tcp tcpwrapped open
4817149.126.72.220 5918 tcp tcpwrapped open
4818149.126.72.220 5919 tcp tcpwrapped open
4819149.126.72.220 5920 tcp tcpwrapped open
4820149.126.72.220 5984 tcp tcpwrapped open
4821149.126.72.220 5985 tcp tcpwrapped open
4822149.126.72.220 5986 tcp tcpwrapped open
4823149.126.72.220 5987 tcp tcpwrapped open
4824149.126.72.220 5988 tcp tcpwrapped open
4825149.126.72.220 5989 tcp tcpwrapped open
4826149.126.72.220 5990 tcp tcpwrapped open
4827149.126.72.220 5991 tcp tcpwrapped open
4828149.126.72.220 5992 tcp tcpwrapped open
4829149.126.72.220 5993 tcp tcpwrapped open
4830149.126.72.220 5994 tcp tcpwrapped open
4831149.126.72.220 5995 tcp tcpwrapped open
4832149.126.72.220 5996 tcp tcpwrapped open
4833149.126.72.220 5997 tcp tcpwrapped open
4834149.126.72.220 5998 tcp tcpwrapped open
4835149.126.72.220 5999 tcp tcpwrapped open
4836149.126.72.220 6000 tcp tcpwrapped open
4837149.126.72.220 6001 tcp tcpwrapped open
4838149.126.72.220 6002 tcp tcpwrapped open
4839149.126.72.220 6003 tcp tcpwrapped open
4840149.126.72.220 6004 tcp tcpwrapped open
4841149.126.72.220 6005 tcp tcpwrapped open
4842149.126.72.220 6006 tcp tcpwrapped open
4843149.126.72.220 6007 tcp tcpwrapped open
4844149.126.72.220 6008 tcp tcpwrapped open
4845149.126.72.220 6009 tcp tcpwrapped open
4846149.126.72.220 6010 tcp tcpwrapped open
4847149.126.72.220 6011 tcp tcpwrapped open
4848149.126.72.220 6021 tcp tcpwrapped open
4849149.126.72.220 6060 tcp tcpwrapped open
4850149.126.72.220 6061 tcp tcpwrapped open
4851149.126.72.220 6081 tcp tcpwrapped open
4852149.126.72.220 6100 tcp tcpwrapped open
4853149.126.72.220 6102 tcp tcpwrapped open
4854149.126.72.220 6134 tcp tcpwrapped open
4855149.126.72.220 6161 tcp tcpwrapped open
4856149.126.72.220 6331 tcp tcpwrapped open
4857149.126.72.220 6348 tcp tcpwrapped open
4858149.126.72.220 6379 tcp tcpwrapped open
4859149.126.72.220 6380 tcp tcpwrapped open
4860149.126.72.220 6433 tcp tcpwrapped open
4861149.126.72.220 6440 tcp tcpwrapped open
4862149.126.72.220 6443 tcp tcpwrapped open
4863149.126.72.220 6488 tcp tcpwrapped open
4864149.126.72.220 6500 tcp tcpwrapped open
4865149.126.72.220 6505 tcp tcpwrapped open
4866149.126.72.220 6510 tcp tcpwrapped open
4867149.126.72.220 6511 tcp tcpwrapped open
4868149.126.72.220 6512 tcp tcpwrapped open
4869149.126.72.220 6514 tcp tcpwrapped open
4870149.126.72.220 6543 tcp tcpwrapped open
4871149.126.72.220 6544 tcp tcpwrapped open
4872149.126.72.220 6560 tcp tcpwrapped open
4873149.126.72.220 6561 tcp tcpwrapped open
4874149.126.72.220 6565 tcp tcpwrapped open
4875149.126.72.220 6580 tcp tcpwrapped open
4876149.126.72.220 6581 tcp tcpwrapped open
4877149.126.72.220 6590 tcp tcpwrapped open
4878149.126.72.220 6601 tcp tcpwrapped open
4879149.126.72.220 6603 tcp tcpwrapped open
4880149.126.72.220 6605 tcp tcpwrapped open
4881149.126.72.220 6661 tcp tcpwrapped open
4882149.126.72.220 6662 tcp tcpwrapped open
4883149.126.72.220 6666 tcp tcpwrapped open
4884149.126.72.220 6686 tcp tcpwrapped open
4885149.126.72.220 6688 tcp tcpwrapped open
4886149.126.72.220 6700 tcp tcpwrapped open
4887149.126.72.220 6755 tcp tcpwrapped open
4888149.126.72.220 6775 tcp tcpwrapped open
4889149.126.72.220 6779 tcp tcpwrapped open
4890149.126.72.220 6789 tcp tcpwrapped open
4891149.126.72.220 6799 tcp tcpwrapped open
4892149.126.72.220 7000 tcp tcpwrapped open
4893149.126.72.220 7001 tcp tcpwrapped open
4894149.126.72.220 7002 tcp tcpwrapped open
4895149.126.72.220 7003 tcp tcpwrapped open
4896149.126.72.220 7004 tcp tcpwrapped open
4897149.126.72.220 7005 tcp tcpwrapped open
4898149.126.72.220 7007 tcp tcpwrapped open
4899149.126.72.220 7010 tcp tcpwrapped open
4900149.126.72.220 7011 tcp tcpwrapped open
4901149.126.72.220 7021 tcp tcpwrapped open
4902149.126.72.220 7070 tcp tcpwrapped open
4903149.126.72.220 7071 tcp tcpwrapped open
4904149.126.72.220 7079 tcp tcpwrapped open
4905149.126.72.220 7080 tcp tcpwrapped open
4906149.126.72.220 7081 tcp tcpwrapped open
4907149.126.72.220 7082 tcp tcpwrapped open
4908149.126.72.220 7083 tcp tcpwrapped open
4909149.126.72.220 7084 tcp tcpwrapped open
4910149.126.72.220 7085 tcp tcpwrapped open
4911149.126.72.220 7086 tcp tcpwrapped open
4912149.126.72.220 7087 tcp tcpwrapped open
4913149.126.72.220 7088 tcp tcpwrapped open
4914149.126.72.220 7090 tcp tcpwrapped open
4915149.126.72.220 7171 tcp tcpwrapped open
4916149.126.72.220 7172 tcp tcpwrapped open
4917149.126.72.220 7272 tcp tcpwrapped open
4918149.126.72.220 7348 tcp tcpwrapped open
4919149.126.72.220 7403 tcp tcpwrapped open
4920149.126.72.220 7433 tcp tcpwrapped open
4921149.126.72.220 7441 tcp tcpwrapped open
4922149.126.72.220 7443 tcp tcpwrapped open
4923149.126.72.220 7444 tcp tcpwrapped open
4924149.126.72.220 7445 tcp tcpwrapped open
4925149.126.72.220 7473 tcp tcpwrapped open
4926149.126.72.220 7500 tcp tcpwrapped open
4927149.126.72.220 7537 tcp tcpwrapped open
4928149.126.72.220 7687 tcp tcpwrapped open
4929149.126.72.220 7700 tcp tcpwrapped open
4930149.126.72.220 7771 tcp tcpwrapped open
4931149.126.72.220 7773 tcp tcpwrapped open
4932149.126.72.220 7774 tcp tcpwrapped open
4933149.126.72.220 7775 tcp tcpwrapped open
4934149.126.72.220 7776 tcp tcpwrapped open
4935149.126.72.220 7777 tcp tcpwrapped open
4936149.126.72.220 7778 tcp tcpwrapped open
4937149.126.72.220 7779 tcp tcpwrapped open
4938149.126.72.220 7788 tcp tcpwrapped open
4939149.126.72.220 7799 tcp tcpwrapped open
4940149.126.72.220 7998 tcp tcpwrapped open
4941149.126.72.220 7999 tcp tcpwrapped open
4942149.126.72.220 8000 tcp tcpwrapped open
4943149.126.72.220 8001 tcp tcpwrapped open
4944149.126.72.220 8002 tcp tcpwrapped open
4945149.126.72.220 8003 tcp tcpwrapped open
4946149.126.72.220 8004 tcp tcpwrapped open
4947149.126.72.220 8005 tcp tcpwrapped open
4948149.126.72.220 8006 tcp tcpwrapped open
4949149.126.72.220 8007 tcp tcpwrapped open
4950149.126.72.220 8008 tcp tcpwrapped open
4951149.126.72.220 8009 tcp tcpwrapped open
4952149.126.72.220 8010 tcp tcpwrapped open
4953149.126.72.220 8011 tcp tcpwrapped open
4954149.126.72.220 8012 tcp tcpwrapped open
4955149.126.72.220 8013 tcp tcpwrapped open
4956149.126.72.220 8014 tcp tcpwrapped open
4957149.126.72.220 8015 tcp tcpwrapped open
4958149.126.72.220 8016 tcp tcpwrapped open
4959149.126.72.220 8017 tcp tcpwrapped open
4960149.126.72.220 8018 tcp tcpwrapped open
4961149.126.72.220 8019 tcp tcpwrapped open
4962149.126.72.220 8020 tcp tcpwrapped open
4963149.126.72.220 8021 tcp tcpwrapped open
4964149.126.72.220 8022 tcp tcpwrapped open
4965149.126.72.220 8023 tcp tcpwrapped open
4966149.126.72.220 8024 tcp tcpwrapped open
4967149.126.72.220 8025 tcp tcpwrapped open
4968149.126.72.220 8026 tcp tcpwrapped open
4969149.126.72.220 8027 tcp tcpwrapped open
4970149.126.72.220 8028 tcp tcpwrapped open
4971149.126.72.220 8029 tcp tcpwrapped open
4972149.126.72.220 8030 tcp tcpwrapped open
4973149.126.72.220 8031 tcp tcpwrapped open
4974149.126.72.220 8032 tcp tcpwrapped open
4975149.126.72.220 8033 tcp tcpwrapped open
4976149.126.72.220 8034 tcp tcpwrapped open
4977149.126.72.220 8035 tcp tcpwrapped open
4978149.126.72.220 8036 tcp tcpwrapped open
4979149.126.72.220 8037 tcp tcpwrapped open
4980149.126.72.220 8038 tcp tcpwrapped open
4981149.126.72.220 8039 tcp tcpwrapped open
4982149.126.72.220 8040 tcp tcpwrapped open
4983149.126.72.220 8041 tcp tcpwrapped open
4984149.126.72.220 8042 tcp tcpwrapped open
4985149.126.72.220 8043 tcp tcpwrapped open
4986149.126.72.220 8044 tcp tcpwrapped open
4987149.126.72.220 8045 tcp tcpwrapped open
4988149.126.72.220 8046 tcp tcpwrapped open
4989149.126.72.220 8047 tcp tcpwrapped open
4990149.126.72.220 8048 tcp tcpwrapped open
4991149.126.72.220 8049 tcp tcpwrapped open
4992149.126.72.220 8050 tcp tcpwrapped open
4993149.126.72.220 8051 tcp tcpwrapped open
4994149.126.72.220 8052 tcp tcpwrapped open
4995149.126.72.220 8053 tcp tcpwrapped open
4996149.126.72.220 8054 tcp tcpwrapped open
4997149.126.72.220 8055 tcp tcpwrapped open
4998149.126.72.220 8056 tcp tcpwrapped open
4999149.126.72.220 8057 tcp tcpwrapped open
5000149.126.72.220 8058 tcp tcpwrapped open
5001149.126.72.220 8060 tcp tcpwrapped open
5002149.126.72.220 8064 tcp tcpwrapped open
5003149.126.72.220 8065 tcp tcpwrapped open
5004149.126.72.220 8069 tcp tcpwrapped open
5005149.126.72.220 8070 tcp tcpwrapped open
5006149.126.72.220 8071 tcp tcpwrapped open
5007149.126.72.220 8072 tcp tcpwrapped open
5008149.126.72.220 8074 tcp tcpwrapped open
5009149.126.72.220 8079 tcp tcpwrapped open
5010149.126.72.220 8080 tcp tcpwrapped open
5011149.126.72.220 8081 tcp tcpwrapped open
5012149.126.72.220 8082 tcp tcpwrapped open
5013149.126.72.220 8083 tcp tcpwrapped open
5014149.126.72.220 8084 tcp tcpwrapped open
5015149.126.72.220 8085 tcp tcpwrapped open
5016149.126.72.220 8086 tcp tcpwrapped open
5017149.126.72.220 8087 tcp tcpwrapped open
5018149.126.72.220 8088 tcp tcpwrapped open
5019149.126.72.220 8089 tcp tcpwrapped open
5020149.126.72.220 8090 tcp tcpwrapped open
5021149.126.72.220 8091 tcp tcpwrapped open
5022149.126.72.220 8092 tcp tcpwrapped open
5023149.126.72.220 8093 tcp tcpwrapped open
5024149.126.72.220 8094 tcp tcpwrapped open
5025149.126.72.220 8095 tcp tcpwrapped open
5026149.126.72.220 8096 tcp tcpwrapped open
5027149.126.72.220 8097 tcp tcpwrapped open
5028149.126.72.220 8098 tcp tcpwrapped open
5029149.126.72.220 8099 tcp tcpwrapped open
5030149.126.72.220 8100 tcp tcpwrapped open
5031149.126.72.220 8101 tcp tcpwrapped open
5032149.126.72.220 8102 tcp tcpwrapped open
5033149.126.72.220 8103 tcp tcpwrapped open
5034149.126.72.220 8104 tcp tcpwrapped open
5035149.126.72.220 8105 tcp tcpwrapped open
5036149.126.72.220 8106 tcp tcpwrapped open
5037149.126.72.220 8107 tcp tcpwrapped open
5038149.126.72.220 8108 tcp tcpwrapped open
5039149.126.72.220 8109 tcp tcpwrapped open
5040149.126.72.220 8110 tcp tcpwrapped open
5041149.126.72.220 8113 tcp tcpwrapped open
5042149.126.72.220 8114 tcp tcpwrapped open
5043149.126.72.220 8115 tcp tcpwrapped open
5044149.126.72.220 8118 tcp tcpwrapped open
5045149.126.72.220 8119 tcp tcpwrapped open
5046149.126.72.220 8120 tcp tcpwrapped open
5047149.126.72.220 8121 tcp tcpwrapped open
5048149.126.72.220 8123 tcp tcpwrapped open
5049149.126.72.220 8125 tcp tcpwrapped open
5050149.126.72.220 8126 tcp tcpwrapped open
5051149.126.72.220 8128 tcp tcpwrapped open
5052149.126.72.220 8129 tcp tcpwrapped open
5053149.126.72.220 8130 tcp tcpwrapped open
5054149.126.72.220 8131 tcp tcpwrapped open
5055149.126.72.220 8132 tcp tcpwrapped open
5056149.126.72.220 8133 tcp tcpwrapped open
5057149.126.72.220 8136 tcp tcpwrapped open
5058149.126.72.220 8140 tcp tcpwrapped open
5059149.126.72.220 8142 tcp tcpwrapped open
5060149.126.72.220 8143 tcp tcpwrapped open
5061149.126.72.220 8144 tcp tcpwrapped open
5062149.126.72.220 8147 tcp tcpwrapped open
5063149.126.72.220 8148 tcp tcpwrapped open
5064149.126.72.220 8149 tcp tcpwrapped open
5065149.126.72.220 8150 tcp tcpwrapped open
5066149.126.72.220 8154 tcp tcpwrapped open
5067149.126.72.220 8156 tcp tcpwrapped open
5068149.126.72.220 8157 tcp tcpwrapped open
5069149.126.72.220 8158 tcp tcpwrapped open
5070149.126.72.220 8160 tcp tcpwrapped open
5071149.126.72.220 8161 tcp tcpwrapped open
5072149.126.72.220 8162 tcp tcpwrapped open
5073149.126.72.220 8163 tcp tcpwrapped open
5074149.126.72.220 8164 tcp tcpwrapped open
5075149.126.72.220 8165 tcp tcpwrapped open
5076149.126.72.220 8166 tcp tcpwrapped open
5077149.126.72.220 8167 tcp tcpwrapped open
5078149.126.72.220 8168 tcp tcpwrapped open
5079149.126.72.220 8169 tcp tcpwrapped open
5080149.126.72.220 8170 tcp tcpwrapped open
5081149.126.72.220 8171 tcp tcpwrapped open
5082149.126.72.220 8172 tcp tcpwrapped open
5083149.126.72.220 8173 tcp tcpwrapped open
5084149.126.72.220 8175 tcp tcpwrapped open
5085149.126.72.220 8176 tcp tcpwrapped open
5086149.126.72.220 8178 tcp tcpwrapped open
5087149.126.72.220 8179 tcp tcpwrapped open
5088149.126.72.220 8180 tcp tcpwrapped open
5089149.126.72.220 8181 tcp tcpwrapped open
5090149.126.72.220 8182 tcp tcpwrapped open
5091149.126.72.220 8183 tcp tcpwrapped open
5092149.126.72.220 8184 tcp tcpwrapped open
5093149.126.72.220 8185 tcp tcpwrapped open
5094149.126.72.220 8186 tcp tcpwrapped open
5095149.126.72.220 8187 tcp tcpwrapped open
5096149.126.72.220 8188 tcp tcpwrapped open
5097149.126.72.220 8189 tcp tcpwrapped open
5098149.126.72.220 8190 tcp tcpwrapped open
5099149.126.72.220 8191 tcp tcpwrapped open
5100149.126.72.220 8192 tcp tcpwrapped open
5101149.126.72.220 8193 tcp tcpwrapped open
5102149.126.72.220 8194 tcp tcpwrapped open
5103149.126.72.220 8195 tcp tcpwrapped open
5104149.126.72.220 8198 tcp tcpwrapped open
5105149.126.72.220 8199 tcp tcpwrapped open
5106149.126.72.220 8200 tcp tcpwrapped open
5107149.126.72.220 8203 tcp tcpwrapped open
5108149.126.72.220 8222 tcp tcpwrapped open
5109149.126.72.220 8230 tcp tcpwrapped open
5110149.126.72.220 8236 tcp tcpwrapped open
5111149.126.72.220 8237 tcp tcpwrapped open
5112149.126.72.220 8238 tcp tcpwrapped open
5113149.126.72.220 8239 tcp tcpwrapped open
5114149.126.72.220 8241 tcp tcpwrapped open
5115149.126.72.220 8243 tcp tcpwrapped open
5116149.126.72.220 8248 tcp tcpwrapped open
5117149.126.72.220 8249 tcp tcpwrapped open
5118149.126.72.220 8250 tcp tcpwrapped open
5119149.126.72.220 8251 tcp tcpwrapped open
5120149.126.72.220 8252 tcp tcpwrapped open
5121149.126.72.220 8280 tcp tcpwrapped open
5122149.126.72.220 8282 tcp tcpwrapped open
5123149.126.72.220 8333 tcp tcpwrapped open
5124149.126.72.220 8340 tcp tcpwrapped open
5125149.126.72.220 8343 tcp tcpwrapped open
5126149.126.72.220 8350 tcp tcpwrapped open
5127149.126.72.220 8381 tcp tcpwrapped open
5128149.126.72.220 8382 tcp tcpwrapped open
5129149.126.72.220 8383 tcp tcpwrapped open
5130149.126.72.220 8384 tcp tcpwrapped open
5131149.126.72.220 8385 tcp tcpwrapped open
5132149.126.72.220 8388 tcp tcpwrapped open
5133149.126.72.220 8393 tcp tcpwrapped open
5134149.126.72.220 8401 tcp tcpwrapped open
5135149.126.72.220 8402 tcp tcpwrapped open
5136149.126.72.220 8403 tcp tcpwrapped open
5137149.126.72.220 8404 tcp tcpwrapped open
5138149.126.72.220 8405 tcp tcpwrapped open
5139149.126.72.220 8406 tcp tcpwrapped open
5140149.126.72.220 8407 tcp tcpwrapped open
5141149.126.72.220 8408 tcp tcpwrapped open
5142149.126.72.220 8409 tcp tcpwrapped open
5143149.126.72.220 8410 tcp tcpwrapped open
5144149.126.72.220 8411 tcp tcpwrapped open
5145149.126.72.220 8412 tcp tcpwrapped open
5146149.126.72.220 8413 tcp tcpwrapped open
5147149.126.72.220 8414 tcp tcpwrapped open
5148149.126.72.220 8415 tcp tcpwrapped open
5149149.126.72.220 8416 tcp tcpwrapped open
5150149.126.72.220 8417 tcp tcpwrapped open
5151149.126.72.220 8418 tcp tcpwrapped open
5152149.126.72.220 8419 tcp tcpwrapped open
5153149.126.72.220 8420 tcp tcpwrapped open
5154149.126.72.220 8421 tcp tcpwrapped open
5155149.126.72.220 8422 tcp tcpwrapped open
5156149.126.72.220 8423 tcp tcpwrapped open
5157149.126.72.220 8424 tcp tcpwrapped open
5158149.126.72.220 8425 tcp tcpwrapped open
5159149.126.72.220 8426 tcp tcpwrapped open
5160149.126.72.220 8427 tcp tcpwrapped open
5161149.126.72.220 8428 tcp tcpwrapped open
5162149.126.72.220 8429 tcp tcpwrapped open
5163149.126.72.220 8430 tcp tcpwrapped open
5164149.126.72.220 8431 tcp tcpwrapped open
5165149.126.72.220 8432 tcp tcpwrapped open
5166149.126.72.220 8433 tcp tcpwrapped open
5167149.126.72.220 8435 tcp tcpwrapped open
5168149.126.72.220 8440 tcp tcpwrapped open
5169149.126.72.220 8441 tcp tcpwrapped open
5170149.126.72.220 8442 tcp tcpwrapped open
5171149.126.72.220 8443 tcp tcpwrapped open
5172149.126.72.220 8444 tcp tcpwrapped open
5173149.126.72.220 8445 tcp tcpwrapped open
5174149.126.72.220 8446 tcp tcpwrapped open
5175149.126.72.220 8447 tcp tcpwrapped open
5176149.126.72.220 8448 tcp tcpwrapped open
5177149.126.72.220 8449 tcp tcpwrapped open
5178149.126.72.220 8450 tcp tcpwrapped open
5179149.126.72.220 8451 tcp tcpwrapped open
5180149.126.72.220 8452 tcp tcpwrapped open
5181149.126.72.220 8453 tcp tcpwrapped open
5182149.126.72.220 8454 tcp tcpwrapped open
5183149.126.72.220 8455 tcp tcpwrapped open
5184149.126.72.220 8456 tcp tcpwrapped open
5185149.126.72.220 8457 tcp tcpwrapped open
5186149.126.72.220 8458 tcp tcpwrapped open
5187149.126.72.220 8459 tcp tcpwrapped open
5188149.126.72.220 8460 tcp tcpwrapped open
5189149.126.72.220 8461 tcp tcpwrapped open
5190149.126.72.220 8462 tcp tcpwrapped open
5191149.126.72.220 8463 tcp tcpwrapped open
5192149.126.72.220 8464 tcp tcpwrapped open
5193149.126.72.220 8465 tcp tcpwrapped open
5194149.126.72.220 8466 tcp tcpwrapped open
5195149.126.72.220 8467 tcp tcpwrapped open
5196149.126.72.220 8470 tcp tcpwrapped open
5197149.126.72.220 8472 tcp tcpwrapped open
5198149.126.72.220 8473 tcp tcpwrapped open
5199149.126.72.220 8475 tcp tcpwrapped open
5200149.126.72.220 8480 tcp tcpwrapped open
5201149.126.72.220 8481 tcp tcpwrapped open
5202149.126.72.220 8482 tcp tcpwrapped open
5203149.126.72.220 8484 tcp tcpwrapped open
5204149.126.72.220 8485 tcp tcpwrapped open
5205149.126.72.220 8488 tcp tcpwrapped open
5206149.126.72.220 8493 tcp tcpwrapped open
5207149.126.72.220 8494 tcp tcpwrapped open
5208149.126.72.220 8500 tcp tcpwrapped open
5209149.126.72.220 8502 tcp tcpwrapped open
5210149.126.72.220 8503 tcp tcpwrapped open
5211149.126.72.220 8504 tcp tcpwrapped open
5212149.126.72.220 8505 tcp tcpwrapped open
5213149.126.72.220 8506 tcp tcpwrapped open
5214149.126.72.220 8510 tcp tcpwrapped open
5215149.126.72.220 8513 tcp tcpwrapped open
5216149.126.72.220 8514 tcp tcpwrapped open
5217149.126.72.220 8515 tcp tcpwrapped open
5218149.126.72.220 8519 tcp tcpwrapped open
5219149.126.72.220 8520 tcp tcpwrapped open
5220149.126.72.220 8521 tcp tcpwrapped open
5221149.126.72.220 8523 tcp tcpwrapped open
5222149.126.72.220 8524 tcp tcpwrapped open
5223149.126.72.220 8525 tcp tcpwrapped open
5224149.126.72.220 8526 tcp tcpwrapped open
5225149.126.72.220 8528 tcp tcpwrapped open
5226149.126.72.220 8529 tcp tcpwrapped open
5227149.126.72.220 8530 tcp tcpwrapped open
5228149.126.72.220 8531 tcp tcpwrapped open
5229149.126.72.220 8532 tcp tcpwrapped open
5230149.126.72.220 8533 tcp tcpwrapped open
5231149.126.72.220 8536 tcp tcpwrapped open
5232149.126.72.220 8540 tcp tcpwrapped open
5233149.126.72.220 8543 tcp tcpwrapped open
5234149.126.72.220 8544 tcp tcpwrapped open
5235149.126.72.220 8548 tcp tcpwrapped open
5236149.126.72.220 8549 tcp tcpwrapped open
5237149.126.72.220 8550 tcp tcpwrapped open
5238149.126.72.220 8551 tcp tcpwrapped open
5239149.126.72.220 8553 tcp tcpwrapped open
5240149.126.72.220 8556 tcp tcpwrapped open
5241149.126.72.220 8557 tcp tcpwrapped open
5242149.126.72.220 8558 tcp tcpwrapped open
5243149.126.72.220 8560 tcp tcpwrapped open
5244149.126.72.220 8561 tcp tcpwrapped open
5245149.126.72.220 8562 tcp tcpwrapped open
5246149.126.72.220 8563 tcp tcpwrapped open
5247149.126.72.220 8564 tcp tcpwrapped open
5248149.126.72.220 8565 tcp tcpwrapped open
5249149.126.72.220 8566 tcp tcpwrapped open
5250149.126.72.220 8567 tcp tcpwrapped open
5251149.126.72.220 8568 tcp tcpwrapped open
5252149.126.72.220 8569 tcp tcpwrapped open
5253149.126.72.220 8570 tcp tcpwrapped open
5254149.126.72.220 8571 tcp tcpwrapped open
5255149.126.72.220 8573 tcp tcpwrapped open
5256149.126.72.220 8574 tcp tcpwrapped open
5257149.126.72.220 8575 tcp tcpwrapped open
5258149.126.72.220 8576 tcp tcpwrapped open
5259149.126.72.220 8577 tcp tcpwrapped open
5260149.126.72.220 8578 tcp tcpwrapped open
5261149.126.72.220 8579 tcp tcpwrapped open
5262149.126.72.220 8580 tcp tcpwrapped open
5263149.126.72.220 8581 tcp tcpwrapped open
5264149.126.72.220 8582 tcp tcpwrapped open
5265149.126.72.220 8583 tcp tcpwrapped open
5266149.126.72.220 8585 tcp tcpwrapped open
5267149.126.72.220 8586 tcp tcpwrapped open
5268149.126.72.220 8588 tcp tcpwrapped open
5269149.126.72.220 8589 tcp tcpwrapped open
5270149.126.72.220 8590 tcp tcpwrapped open
5271149.126.72.220 8591 tcp tcpwrapped open
5272149.126.72.220 8592 tcp tcpwrapped open
5273149.126.72.220 8593 tcp tcpwrapped open
5274149.126.72.220 8594 tcp tcpwrapped open
5275149.126.72.220 8595 tcp tcpwrapped open
5276149.126.72.220 8596 tcp tcpwrapped open
5277149.126.72.220 8597 tcp tcpwrapped open
5278149.126.72.220 8598 tcp tcpwrapped open
5279149.126.72.220 8599 tcp tcpwrapped open
5280149.126.72.220 8600 tcp tcpwrapped open
5281149.126.72.220 8601 tcp tcpwrapped open
5282149.126.72.220 8605 tcp tcpwrapped open
5283149.126.72.220 8606 tcp tcpwrapped open
5284149.126.72.220 8630 tcp tcpwrapped open
5285149.126.72.220 8640 tcp tcpwrapped open
5286149.126.72.220 8641 tcp tcpwrapped open
5287149.126.72.220 8643 tcp tcpwrapped open
5288149.126.72.220 8663 tcp tcpwrapped open
5289149.126.72.220 8666 tcp tcpwrapped open
5290149.126.72.220 8686 tcp tcpwrapped open
5291149.126.72.220 8688 tcp tcpwrapped open
5292149.126.72.220 8700 tcp tcpwrapped open
5293149.126.72.220 8701 tcp tcpwrapped open
5294149.126.72.220 8702 tcp tcpwrapped open
5295149.126.72.220 8703 tcp tcpwrapped open
5296149.126.72.220 8704 tcp tcpwrapped open
5297149.126.72.220 8705 tcp tcpwrapped open
5298149.126.72.220 8706 tcp tcpwrapped open
5299149.126.72.220 8707 tcp tcpwrapped open
5300149.126.72.220 8708 tcp tcpwrapped open
5301149.126.72.220 8709 tcp tcpwrapped open
5302149.126.72.220 8723 tcp tcpwrapped open
5303149.126.72.220 8724 tcp tcpwrapped open
5304149.126.72.220 8731 tcp tcpwrapped open
5305149.126.72.220 8732 tcp tcpwrapped open
5306149.126.72.220 8764 tcp tcpwrapped open
5307149.126.72.220 8765 tcp tcpwrapped open
5308149.126.72.220 8766 tcp tcpwrapped open
5309149.126.72.220 8767 tcp tcpwrapped open
5310149.126.72.220 8771 tcp tcpwrapped open
5311149.126.72.220 8787 tcp tcpwrapped open
5312#################################################################################################################################
5313Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-21 19:00 EDT
5314Nmap scan report for no-reverse-dns-configured.com (94.102.51.112)
5315Host is up (0.17s latency).
5316Not shown: 989 filtered ports
5317PORT STATE SERVICE VERSION
531822/tcp open ssh OpenSSH 7.4 (protocol 2.0)
5319| vulscan: VulDB - https://vuldb.com:
5320| [130671] gsi-openssh-server 7.9p1 on Fedora /etc/gsissh/sshd_config weak authentication
5321| [130371] OpenSSH 7.9 scp Man-in-the-Middle directory traversal
5322| [130370] OpenSSH 7.9 Man-in-the-Middle spoofing
5323| [130369] OpenSSH 7.9 Encoding progressmeter.c refresh_progress_meter() spoofing
5324| [129007] OpenSSH 7.9 scp Client scp.c Filename privilege escalation
5325| [123343] OpenSSH up to 7.8 GSS2 auth-gss2.c information disclosure
5326| [123011] OpenSSH up to 7.7 auth2-gss.c Request information disclosure
5327| [112267] OpenSSH up to 7.3 sshd kex.c/packet.c NEWKEYS Message denial of service
5328| [108627] OpenSSH up to 7.5 Readonly Mode sftp-server.c process_open unknown vulnerability
5329| [94611] OpenSSH up to 7.3 Access Control privilege escalation
5330| [94610] OpenSSH up to 7.3 Shared Memory Manager privilege escalation
5331| [94608] OpenSSH up to 7.3 Unix-Domain Socket privilege escalation
5332| [94607] OpenSSH up to 7.3 Forwarded Agent Channel privilege escalation
5333| [90671] OpenSSH up to 7.2 auth-passwd.c auth_password denial of service
5334| [90405] OpenSSH up to 7.2p2 sshd information disclosure
5335| [90404] OpenSSH up to 7.2p2 sshd information disclosure
5336| [90403] OpenSSH up to 7.2p2 sshd CPU Exhaustion denial of service
5337| [89622] OpenSSH 7.2p2 Authentication Username information disclosure
5338| [81320] OpenSSH up to 7.2p1 X11 Authentication Credential xauth privilege escalation
5339| [80656] OpenBSD OpenSSH 7.1 X11 Forwarding privilege escalation
5340| [80330] OpenSSH up to 7.1p1 packet.c ssh_packet_read_poll2 memory corruption
5341|
5342| MITRE CVE - https://cve.mitre.org:
5343| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
5344| [CVE-1999-0661] A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
5345|
5346| SecurityFocus - https://www.securityfocus.com/bid/:
5347| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
5348| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
5349| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
5350| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
5351| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
5352| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
5353| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
5354| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
5355| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
5356| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
5357| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
5358| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
5359| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
5360| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
5361| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
5362| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
5363| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
5364| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
5365| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
5366| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
5367| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
5368| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
5369| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
5370| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
5371| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
5372| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
5373| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
5374| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
5375| [75990] OpenSSH Login Handling Security Bypass Weakness
5376| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
5377| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
5378| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
5379| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
5380| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
5381| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
5382| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
5383| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
5384| [61286] OpenSSH Remote Denial of Service Vulnerability
5385| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
5386| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
5387| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
5388| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
5389| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
5390| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
5391| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
5392| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
5393| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
5394| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
5395| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
5396| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
5397| [30794] Red Hat OpenSSH Backdoor Vulnerability
5398| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
5399| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
5400| [28531] OpenSSH ForceCommand Command Execution Weakness
5401| [28444] OpenSSH X Connections Session Hijacking Vulnerability
5402| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
5403| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
5404| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
5405| [20956] OpenSSH Privilege Separation Key Signature Weakness
5406| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
5407| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
5408| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
5409| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
5410| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
5411| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
5412| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
5413| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
5414| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
5415| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
5416| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
5417| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
5418| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
5419| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
5420| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
5421| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
5422| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
5423| [6168] OpenSSH Visible Password Vulnerability
5424| [5374] OpenSSH Trojan Horse Vulnerability
5425| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
5426| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
5427| [4241] OpenSSH Channel Code Off-By-One Vulnerability
5428| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
5429| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
5430| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
5431| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
5432| [2917] OpenSSH PAM Session Evasion Vulnerability
5433| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
5434| [2356] OpenSSH Private Key Authentication Check Vulnerability
5435| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
5436| [1334] OpenSSH UseLogin Vulnerability
5437|
5438| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5439| [83258] GSI-OpenSSH auth-pam.c security bypass
5440| [82781] OpenSSH time limit denial of service
5441| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
5442| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
5443| [72756] Debian openssh-server commands information disclosure
5444| [68339] OpenSSH pam_thread buffer overflow
5445| [67264] OpenSSH ssh-keysign unauthorized access
5446| [65910] OpenSSH remote_glob function denial of service
5447| [65163] OpenSSH certificate information disclosure
5448| [64387] OpenSSH J-PAKE security bypass
5449| [63337] Cisco Unified Videoconferencing OpenSSH weak security
5450| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
5451| [45202] OpenSSH signal handler denial of service
5452| [44747] RHEL OpenSSH backdoor
5453| [44280] OpenSSH PermitRootLogin information disclosure
5454| [44279] OpenSSH sshd weak security
5455| [44037] OpenSSH sshd SELinux role unauthorized access
5456| [43940] OpenSSH X11 forwarding information disclosure
5457| [41549] OpenSSH ForceCommand directive security bypass
5458| [41438] OpenSSH sshd session hijacking
5459| [40897] OpenSSH known_hosts weak security
5460| [40587] OpenSSH username weak security
5461| [37371] OpenSSH username data manipulation
5462| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
5463| [37112] RHSA update for OpenSSH signal handler race condition not installed
5464| [37107] RHSA update for OpenSSH identical block denial of service not installed
5465| [36637] OpenSSH X11 cookie privilege escalation
5466| [35167] OpenSSH packet.c newkeys[mode] denial of service
5467| [34490] OpenSSH OPIE information disclosure
5468| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
5469| [32975] Apple Mac OS X OpenSSH denial of service
5470| [32387] RHSA-2006:0738 updates for openssh not installed
5471| [32359] RHSA-2006:0697 updates for openssh not installed
5472| [32230] RHSA-2006:0298 updates for openssh not installed
5473| [32132] RHSA-2006:0044 updates for openssh not installed
5474| [30120] OpenSSH privilege separation monitor authentication verification weakness
5475| [29255] OpenSSH GSSAPI user enumeration
5476| [29254] OpenSSH signal handler race condition
5477| [29158] OpenSSH identical block denial of service
5478| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
5479| [25116] OpenSSH OpenPAM denial of service
5480| [24305] OpenSSH SCP shell expansion command execution
5481| [22665] RHSA-2005:106 updates for openssh not installed
5482| [22117] OpenSSH GSSAPI allows elevated privileges
5483| [22115] OpenSSH GatewayPorts security bypass
5484| [20930] OpenSSH sshd.c LoginGraceTime denial of service
5485| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
5486| [17213] OpenSSH allows port bouncing attacks
5487| [16323] OpenSSH scp file overwrite
5488| [13797] OpenSSH PAM information leak
5489| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
5490| [13264] OpenSSH PAM code could allow an attacker to gain access
5491| [13215] OpenSSH buffer management errors could allow an attacker to execute code
5492| [13214] OpenSSH memory vulnerabilities
5493| [13191] OpenSSH large packet buffer overflow
5494| [12196] OpenSSH could allow an attacker to bypass login restrictions
5495| [11970] OpenSSH could allow an attacker to obtain valid administrative account
5496| [11902] OpenSSH PAM support enabled information leak
5497| [9803] OpenSSH "
5498| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
5499| [9307] OpenSSH is running on the system
5500| [9169] OpenSSH "
5501| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
5502| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
5503| [8383] OpenSSH off-by-one error in channel code
5504| [7647] OpenSSH UseLogin option arbitrary code execution
5505| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
5506| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
5507| [7179] OpenSSH source IP access control bypass
5508| [6757] OpenSSH "
5509| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
5510| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
5511| [5517] OpenSSH allows unauthorized access to resources
5512| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
5513|
5514| Exploit-DB - https://www.exploit-db.com:
5515| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
5516| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
5517| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
5518| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
5519| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
5520| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
5521| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
5522| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
5523| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
5524| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
5525| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
5526| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
5527| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
5528| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
5529|
5530| OpenVAS (Nessus) - http://www.openvas.org:
5531| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
5532| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
5533| [881183] CentOS Update for openssh CESA-2012:0884 centos6
5534| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
5535| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
5536| [870763] RedHat Update for openssh RHSA-2012:0884-04
5537| [870129] RedHat Update for openssh RHSA-2008:0855-01
5538| [861813] Fedora Update for openssh FEDORA-2010-5429
5539| [861319] Fedora Update for openssh FEDORA-2007-395
5540| [861170] Fedora Update for openssh FEDORA-2007-394
5541| [861012] Fedora Update for openssh FEDORA-2007-715
5542| [840345] Ubuntu Update for openssh vulnerability USN-597-1
5543| [840300] Ubuntu Update for openssh update USN-612-5
5544| [840271] Ubuntu Update for openssh vulnerability USN-612-2
5545| [840268] Ubuntu Update for openssh update USN-612-7
5546| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
5547| [840214] Ubuntu Update for openssh vulnerability USN-566-1
5548| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
5549| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
5550| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
5551| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
5552| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
5553| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
5554| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
5555| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
5556| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
5557| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
5558| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
5559| [100584] OpenSSH X Connections Session Hijacking Vulnerability
5560| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
5561| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
5562| [65987] SLES10: Security update for OpenSSH
5563| [65819] SLES10: Security update for OpenSSH
5564| [65514] SLES9: Security update for OpenSSH
5565| [65513] SLES9: Security update for OpenSSH
5566| [65334] SLES9: Security update for OpenSSH
5567| [65248] SLES9: Security update for OpenSSH
5568| [65218] SLES9: Security update for OpenSSH
5569| [65169] SLES9: Security update for openssh,openssh-askpass
5570| [65126] SLES9: Security update for OpenSSH
5571| [65019] SLES9: Security update for OpenSSH
5572| [65015] SLES9: Security update for OpenSSH
5573| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
5574| [61639] Debian Security Advisory DSA 1638-1 (openssh)
5575| [61030] Debian Security Advisory DSA 1576-2 (openssh)
5576| [61029] Debian Security Advisory DSA 1576-1 (openssh)
5577| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
5578| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
5579| [60667] Slackware Advisory SSA:2008-095-01 openssh
5580| [59014] Slackware Advisory SSA:2007-255-01 openssh
5581| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
5582| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
5583| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
5584| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
5585| [57492] Slackware Advisory SSA:2006-272-02 openssh
5586| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
5587| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
5588| [57470] FreeBSD Ports: openssh
5589| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
5590| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
5591| [56294] Slackware Advisory SSA:2006-045-06 openssh
5592| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
5593| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
5594| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
5595| [53788] Debian Security Advisory DSA 025-1 (openssh)
5596| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
5597| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
5598| [11343] OpenSSH Client Unauthorized Remote Forwarding
5599| [10954] OpenSSH AFS/Kerberos ticket/token passing
5600| [10883] OpenSSH Channel Code Off by 1
5601| [10823] OpenSSH UseLogin Environment Variables
5602|
5603| SecurityTracker - https://www.securitytracker.com:
5604| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
5605| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
5606| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
5607| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
5608| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
5609| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
5610| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
5611| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
5612| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
5613| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
5614| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
5615| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
5616| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
5617| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
5618| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
5619| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
5620| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
5621| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
5622| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
5623| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
5624| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
5625| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
5626| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
5627| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
5628| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
5629| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
5630| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
5631| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
5632| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
5633| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
5634| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
5635| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
5636| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
5637| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
5638| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
5639| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
5640| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
5641| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
5642|
5643| OSVDB - http://www.osvdb.org:
5644| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
5645| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
5646| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
5647| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
5648| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
5649| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
5650| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
5651| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
5652| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
5653| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
5654| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
5655| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
5656| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
5657| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
5658| [56921] OpenSSH Unspecified Remote Compromise
5659| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
5660| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
5661| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
5662| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
5663| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
5664| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
5665| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
5666| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
5667| [43745] OpenSSH X11 Forwarding Local Session Hijacking
5668| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
5669| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
5670| [37315] pam_usb OpenSSH Authentication Unspecified Issue
5671| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
5672| [34601] OPIE w/ OpenSSH Account Enumeration
5673| [34600] OpenSSH S/KEY Authentication Account Enumeration
5674| [32721] OpenSSH Username Password Complexity Account Enumeration
5675| [30232] OpenSSH Privilege Separation Monitor Weakness
5676| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
5677| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
5678| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
5679| [29152] OpenSSH Identical Block Packet DoS
5680| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
5681| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
5682| [22692] OpenSSH scp Command Line Filename Processing Command Injection
5683| [20216] OpenSSH with KerberosV Remote Authentication Bypass
5684| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
5685| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
5686| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
5687| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
5688| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
5689| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
5690| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
5691| [6601] OpenSSH *realloc() Unspecified Memory Errors
5692| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
5693| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
5694| [6072] OpenSSH PAM Conversation Function Stack Modification
5695| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
5696| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
5697| [5408] OpenSSH echo simulation Information Disclosure
5698| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
5699| [4536] OpenSSH Portable AIX linker Privilege Escalation
5700| [3938] OpenSSL and OpenSSH /dev/random Check Failure
5701| [3456] OpenSSH buffer_append_space() Heap Corruption
5702| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
5703| [2140] OpenSSH w/ PAM Username Validity Timing Attack
5704| [2112] OpenSSH Reverse DNS Lookup Bypass
5705| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
5706| [1853] OpenSSH Symbolic Link 'cookies' File Removal
5707| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
5708| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
5709| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
5710| [688] OpenSSH UseLogin Environment Variable Local Command Execution
5711| [642] OpenSSH Multiple Key Type ACL Bypass
5712| [504] OpenSSH SSHv2 Public Key Authentication Bypass
5713| [341] OpenSSH UseLogin Local Privilege Escalation
5714|_
571525/tcp open smtp Exim smtpd 4.89
5716| vulscan: VulDB - https://vuldb.com:
5717| [109969] Exim 4.88/4.89 SMTP Daemon receive.c bdat_getc denial of service
5718| [109968] Exim 4.88/4.89 SMTP Daemon receive.c receive_msg memory corruption
5719| [94599] Exim up to 4.87 information disclosure
5720| [13422] Exim 4.82 Mail Header dmarc.c expand_string memory corruption
5721| [6817] Exim up to 4.80 src/dkim.c dkim_exim_query_dns_txt memory corruption
5722| [141327] Exim up to 4.92.1 Backslash privilege escalation
5723| [138827] Exim up to 4.92 Expansion Code Execution
5724| [135932] Exim up to 4.92 privilege escalation
5725| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
5726| [58841] exim up to 4.69 dkim_exim_verify_finish memory corruption
5727| [57462] Exim up to 4.75 Filesystem memory corruption
5728| [4280] Exim Server 4.x open_log race condition
5729|
5730| MITRE CVE - https://cve.mitre.org:
5731| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
5732| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
5733| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
5734| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
5735| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
5736| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
5737| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
5738| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
5739| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
5740| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
5741| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
5742| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
5743| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
5744| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
5745| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
5746| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
5747|
5748| SecurityFocus - https://www.securityfocus.com/bid/:
5749| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
5750| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
5751| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
5752| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
5753| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
5754| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
5755| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
5756| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
5757| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
5758| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
5759| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
5760| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
5761| [45308] Exim Crafted Header Remote Code Execution Vulnerability
5762| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
5763| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
5764| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
5765| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
5766| [17110] sa-exim Unauthorized File Access Vulnerability
5767| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
5768| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
5769| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
5770| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
5771| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
5772| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
5773| [6314] Exim Internet Mailer Format String Vulnerability
5774| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
5775| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
5776| [2828] Exim Format String Vulnerability
5777| [1859] Exim Buffer Overflow Vulnerability
5778|
5779| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5780| [84758] Exim sender_address parameter command execution
5781| [84015] Exim command execution
5782| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
5783| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
5784| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
5785| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
5786| [67455] Exim DKIM processing code execution
5787| [67299] Exim dkim_exim_verify_finish() format string
5788| [65028] Exim open_log privilege escalation
5789| [63967] Exim config file privilege escalation
5790| [63960] Exim header buffer overflow
5791| [59043] Exim mail directory privilege escalation
5792| [59042] Exim MBX symlink
5793| [52922] ikiwiki teximg plugin information disclosure
5794| [34265] Exim spamd buffer overflow
5795| [25286] Sa-exim greylistclean.cron file deletion
5796| [22687] RHSA-2005:025 updates for exim not installed
5797| [18901] Exim dns_build_reverse buffer overflow
5798| [18764] Exim spa_base64_to_bits function buffer overflow
5799| [18763] Exim host_aton buffer overflow
5800| [16079] Exim require_verify buffer overflow
5801| [16077] Exim header_check_syntax buffer overflow
5802| [16075] Exim sender_verify buffer overflow
5803| [13067] Exim HELO or EHLO command heap overflow
5804| [10761] Exim daemon.c format string
5805| [8194] Exim configuration file -c command-line argument buffer overflow
5806| [7738] Exim allows attacker to hide commands in localhost names using pipes
5807| [6671] Exim "
5808| [1893] Exim MTA allows local users to gain root privileges
5809|
5810| Exploit-DB - https://www.exploit-db.com:
5811| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
5812| [15725] Exim 4.63 Remote Root Exploit
5813| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
5814| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
5815| [796] Exim <= 4.42 Local Root Exploit
5816| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
5817|
5818| OpenVAS (Nessus) - http://www.openvas.org:
5819| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
5820|
5821| SecurityTracker - https://www.securitytracker.com:
5822| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
5823| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
5824| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
5825| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
5826| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
5827| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
5828| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
5829| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
5830| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
5831| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
5832| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
5833| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
5834|
5835| OSVDB - http://www.osvdb.org:
5836| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
5837| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
5838| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
5839| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
5840| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
5841| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
5842| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
5843| [70696] Exim log.c open_log() Function Local Privilege Escalation
5844| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
5845| [69685] Exim string_format Function Remote Overflow
5846| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
5847| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
5848| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
5849| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
5850| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
5851| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
5852| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
5853| [12726] Exim -be Command Line Option host_aton Function Local Overflow
5854| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
5855| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
5856| [10032] libXpm CreateXImage Function Integer Overflow
5857| [7160] Exim .forward :include: Option Privilege Escalation
5858| [6479] Vexim COOKIE Authentication Credential Disclosure
5859| [6478] Vexim Multiple Parameter SQL Injection
5860| [5930] Exim Parenthesis File Name Filter Bypass
5861| [5897] Exim header_syntax Function Remote Overflow
5862| [5896] Exim sender_verify Function Remote Overflow
5863| [5530] Exim Localhost Name Arbitrary Command Execution
5864| [5330] Exim Configuration File Variable Overflow
5865| [1855] Exim Batched SMTP Mail Header Format String
5866|_
586753/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
5868| vulscan: VulDB - https://vuldb.com:
5869| [11804] ISC BIND up to 9.9.4 DNS Query bin/named/query.c query_findclosestnsec3 denial of service
5870| [11104] ISC BIND up to 9.9.4 WSAloctl Winsock API Bypass privilege escalation
5871| [9764] ISC BIND up to 9.9.4 RDATA rdata.c denial of service
5872| [119548] ISC BIND 9.9.12/9.10.7/9.11.3/9.12.1-P2 Recursion information disclosure
5873| [95202] ISC BIND up to 9.9.9-P4/9.10.4-P4/9.11.0-P1 DNSSEC denial of service
5874| [95201] ISC BIND up to 9.9.9-P4/9.10.4-P4/9.11.0-P1 DS Record Response denial of service
5875| [95200] ISC BIND up to 9.9.9-P4/9.10.4-P4/9.11.0-P1 ANY Query Response denial of service
5876| [89850] ISC BIND up to 9.9.9-P1/9.10.4-P1/9.11.0b1 Lightweight Resolution named.conf denial of service
5877| [81312] ISC BIND up to 9.9.8-P3/9.10.3-P3 named db.c/resolver.c Signature Record denial of service
5878| [81311] ISC BIND up to 9.9.8-P3/9.10.3-P3 named alist.c/sexpr.c denial of service
5879| [80787] ISC BIND up to 9.9.8-S4 Query rdataset.c denial of service
5880| [79802] ISC BIND 9.9.0/9.10.0/9.10.1-P1 Socket Error resolver.c denial of service
5881| [79801] ISC BIND 9.9.0/9.10.0/9.10.1-P1 Response db.c denial of service
5882| [76834] ISC BIND up to 9.9.7-P1/9.10.2-P2 TKEY Query Packet Crash denial of service
5883| [8108] ISC BIND up to 9.9.3 on Unix/Linux Regular Expression denial of service
5884| [7079] ISC BIND up to 9.9.1 DNS64 IPv6 Transition Mechanism denial of service
5885| [6295] ISC BIND up to 9.9.1-P2 Assertion Error Resource Record Parser RDATA Query denial of service
5886| [5875] ISC BIND 9.9.0/9.9.1 denial of service
5887| [5874] ISC BIND up to 9.9.1-P1 denial of service
5888| [5483] ISC BIND up to 9.9.1 DNS Resource Record information disclosure
5889|
5890| MITRE CVE - https://cve.mitre.org:
5891| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
5892| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
5893| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
5894| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
5895| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
5896| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
5897| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
5898| [CVE-2012-3868] Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
5899| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
5900| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
5901| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
5902| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
5903|
5904| SecurityFocus - https://www.securityfocus.com/bid/:
5905| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
5906| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
5907| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
5908| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
5909| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
5910| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
5911| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
5912| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
5913| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
5914| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
5915| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
5916| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
5917| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
5918| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
5919| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
5920| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
5921| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
5922| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
5923| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
5924| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
5925| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
5926| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
5927| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
5928| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
5929| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
5930| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
5931| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
5932| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
5933| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
5934| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
5935| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
5936| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
5937| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
5938| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
5939| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
5940| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
5941| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
5942| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
5943| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
5944| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
5945| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
5946| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
5947| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
5948| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
5949| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
5950| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
5951| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
5952| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
5953| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
5954| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
5955| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
5956| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
5957| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
5958| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
5959| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
5960| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
5961| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
5962| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
5963| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
5964| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
5965| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
5966| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
5967| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
5968| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
5969| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
5970| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
5971| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
5972| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
5973| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
5974| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
5975| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
5976| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
5977| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
5978| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
5979|
5980| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5981| [85799] Cisco Unified IP Phones 9900 Series directory traversal
5982| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
5983| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
5984| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
5985| [9250] BIND 9 dns_message_findtype() denial of service
5986| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
5987| [539] Microsoft Windows 95 and Internet Explorer password disclosure
5988| [86004] ISC BIND RDATA denial of service
5989| [84767] ISC BIND denial of service
5990| [83066] ISC BIND denial of service
5991| [81504] ISC BIND AAAA denial of service
5992| [80510] ISC BIND DNS64 denial of service
5993| [79121] ISC BIND queries denial of service
5994| [78479] ISC BIND RDATA denial of service
5995| [77185] ISC BIND TCP queries denial of service
5996| [77184] ISC BIND bad cache denial of service
5997| [76034] ISC BIND rdata denial of service
5998| [73053] ISC BIND cache update policy security bypass
5999| [71332] ISC BIND recursive queries denial of service
6000| [68375] ISC BIND UPDATE denial of service
6001| [68374] ISC BIND Response Policy Zones denial of service
6002| [67665] ISC BIND RRSIG Rrsets denial of service
6003| [67297] ISC BIND RRSIG denial of service
6004| [65554] ISC BIND IXFR transfer denial of service
6005| [63602] ISC BIND allow-query security bypass
6006| [63596] ISC BIND zone data security bypass
6007| [63595] ISC BIND RRSIG denial of service
6008| [62072] ISC BIND DNSSEC query denial of service
6009| [62071] ISC BIND ACL security bypass
6010| [61871] ISC BIND anchors denial of service
6011| [60421] ISC BIND RRSIG denial of service
6012| [56049] ISC BIND out-of-bailiwick weak security
6013| [55937] ISC Bind unspecified cache poisoning
6014| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
6015| [54416] ISC BIND DNSSEC cache poisoning
6016| [52073] ISC BIND dns_db_findrdataset() denial of service
6017| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
6018| [45234] ISC BIND UDP denial of service
6019| [39670] ISC BIND inet_network buffer overflow
6020| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
6021| [37128] RHSA update for ISC BIND RRset denial of service not installed
6022| [37127] RHSA update for ISC BIND named service denial of service not installed
6023| [36275] ISC BIND DNS query spoofing
6024| [35575] ISC BIND query ID cache poisoning
6025| [35571] ISC BIND ACL security bypass
6026| [31838] ISC BIND RRset denial of service
6027| [31799] ISC BIND named service denial of service
6028| [29876] HP Tru64 ypbind core dump information disclosure
6029| [28745] ISC BIND DNSSEC RRset denial of service
6030| [28744] ISC BIND recursive INSIST denial of service
6031| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
6032| [18836] BIND hostname disclosure
6033| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
6034| [10333] ISC BIND SIG null pointer dereference denial of service
6035| [10332] ISC BIND OPT resource record (RR) denial of service
6036| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
6037| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
6038| [5814] ISC BIND "
6039| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
6040| [5462] ISC BIND AXFR host command remote buffer overflow
6041|
6042| Exploit-DB - https://www.exploit-db.com:
6043| [24689] cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure
6044| [23059] Netbula Anyboard 9.9.5 6 Information Disclosure Vulnerability
6045| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
6046|
6047| OpenVAS (Nessus) - http://www.openvas.org:
6048| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
6049| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
6050| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
6051| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
6052| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
6053| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
6054| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
6055| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
6056| [11226] Oracle 9iAS default error information disclosure
6057|
6058| SecurityTracker - https://www.securitytracker.com:
6059| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
6060| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
6061| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
6062| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
6063| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
6064| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6065| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6066| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6067| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6068| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6069| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6070| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6071| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6072| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6073| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
6074| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
6075| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
6076| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
6077| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
6078| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
6079| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
6080| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
6081| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
6082| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
6083| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
6084| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
6085|
6086| OSVDB - http://www.osvdb.org:
6087| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
6088| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
6089| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
6090| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
6091|_
609280/tcp open http nginx
6093| vulscan: VulDB - https://vuldb.com:
6094| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
6095| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
6096| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
6097| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
6098| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
6099| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
6100| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
6101| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
6102| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
6103| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
6104| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
6105| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
6106| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
6107| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
6108| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
6109| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
6110| [67677] nginx up to 1.7.3 SSL weak authentication
6111| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
6112| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
6113| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
6114| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
6115| [65364] nginx up to 1.1.13 Default Configuration information disclosure
6116| [8671] nginx up to 1.4 proxy_pass denial of service
6117| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
6118| [7247] nginx 1.2.6 Proxy Function spoofing
6119| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
6120| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
6121| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
6122| [59645] nginx up to 0.8.9 Heap-based memory corruption
6123| [53592] nginx 0.8.36 memory corruption
6124| [53590] nginx up to 0.8.9 unknown vulnerability
6125| [51533] nginx 0.7.64 Terminal privilege escalation
6126| [50905] nginx up to 0.8.9 directory traversal
6127| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
6128| [50043] nginx up to 0.8.10 memory corruption
6129|
6130| MITRE CVE - https://cve.mitre.org:
6131| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
6132| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
6133| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
6134| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
6135| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
6136| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
6137| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
6138| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
6139| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
6140| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
6141| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
6142| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
6143| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
6144|
6145| SecurityFocus - https://www.securityfocus.com/bid/:
6146| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
6147| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
6148| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
6149| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
6150| [82230] nginx Multiple Denial of Service Vulnerabilities
6151| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
6152| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
6153| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
6154| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
6155| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
6156| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
6157| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
6158| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
6159| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
6160| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
6161| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
6162| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
6163| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
6164| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
6165| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
6166| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
6167| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
6168| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
6169| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
6170| [40420] nginx Directory Traversal Vulnerability
6171| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
6172| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
6173| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
6174| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
6175| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
6176|
6177| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6178| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
6179| [84172] nginx denial of service
6180| [84048] nginx buffer overflow
6181| [83923] nginx ngx_http_close_connection() integer overflow
6182| [83688] nginx null byte code execution
6183| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
6184| [82319] nginx access.log information disclosure
6185| [80952] nginx SSL spoofing
6186| [77244] nginx and Microsoft Windows request security bypass
6187| [76778] Naxsi module for Nginx nx_extract.py directory traversal
6188| [74831] nginx ngx_http_mp4_module.c buffer overflow
6189| [74191] nginx ngx_cpystrn() information disclosure
6190| [74045] nginx header response information disclosure
6191| [71355] nginx ngx_resolver_copy() buffer overflow
6192| [59370] nginx characters denial of service
6193| [59369] nginx DATA source code disclosure
6194| [59047] nginx space source code disclosure
6195| [58966] nginx unspecified directory traversal
6196| [54025] nginx ngx_http_parse.c denial of service
6197| [53431] nginx WebDAV component directory traversal
6198| [53328] Nginx CRC-32 cached domain name spoofing
6199| [53250] Nginx ngx_http_parse_complex_uri() function code execution
6200|
6201| Exploit-DB - https://www.exploit-db.com:
6202| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
6203| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
6204| [25499] nginx 1.3.9-1.4.0 DoS PoC
6205| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
6206| [14830] nginx 0.6.38 - Heap Corruption Exploit
6207| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
6208| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
6209| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
6210| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
6211| [9829] nginx 0.7.61 WebDAV directory traversal
6212|
6213| OpenVAS (Nessus) - http://www.openvas.org:
6214| [864418] Fedora Update for nginx FEDORA-2012-3846
6215| [864310] Fedora Update for nginx FEDORA-2012-6238
6216| [864209] Fedora Update for nginx FEDORA-2012-6411
6217| [864204] Fedora Update for nginx FEDORA-2012-6371
6218| [864121] Fedora Update for nginx FEDORA-2012-4006
6219| [864115] Fedora Update for nginx FEDORA-2012-3991
6220| [864065] Fedora Update for nginx FEDORA-2011-16075
6221| [863654] Fedora Update for nginx FEDORA-2011-16110
6222| [861232] Fedora Update for nginx FEDORA-2007-1158
6223| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
6224| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
6225| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
6226| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
6227| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
6228| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
6229| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
6230| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
6231| [100659] nginx Directory Traversal Vulnerability
6232| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
6233| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
6234| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
6235| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
6236| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
6237| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
6238| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
6239| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
6240| [71297] FreeBSD Ports: nginx
6241| [71276] FreeBSD Ports: nginx
6242| [71239] Debian Security Advisory DSA 2434-1 (nginx)
6243| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
6244| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
6245| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
6246| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
6247| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
6248| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
6249| [64894] FreeBSD Ports: nginx
6250| [64869] Debian Security Advisory DSA 1884-1 (nginx)
6251|
6252| SecurityTracker - https://www.securitytracker.com:
6253| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
6254| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
6255| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
6256| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
6257|
6258| OSVDB - http://www.osvdb.org:
6259| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
6260| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
6261| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
6262| [92796] nginx ngx_http_close_connection Function Crafted r->
6263| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
6264| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
6265| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
6266| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
6267| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
6268| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
6269| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
6270| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
6271| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
6272| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
6273| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
6274| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
6275| [62617] nginx Internal DNS Cache Poisoning Weakness
6276| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
6277| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
6278| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
6279| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
6280| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
6281| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
6282| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
6283| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
6284| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
6285| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
6286|_
6287110/tcp open pop3 Dovecot pop3d
6288| vulscan: VulDB - https://vuldb.com:
6289| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
6290| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
6291| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
6292| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
6293| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
6294| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
6295| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
6296| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
6297| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
6298| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
6299| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
6300| [69835] Dovecot 2.2.0/2.2.1 denial of service
6301| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
6302| [65684] Dovecot up to 2.2.6 unknown vulnerability
6303| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
6304| [63692] Dovecot up to 2.0.15 spoofing
6305| [7062] Dovecot 2.1.10 mail-search.c denial of service
6306| [57517] Dovecot up to 2.0.12 Login directory traversal
6307| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
6308| [57515] Dovecot up to 2.0.12 Crash denial of service
6309| [54944] Dovecot up to 1.2.14 denial of service
6310| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
6311| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
6312| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
6313| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
6314| [53277] Dovecot up to 1.2.10 denial of service
6315| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
6316| [45256] Dovecot up to 1.1.5 directory traversal
6317| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
6318| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6319| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6320| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
6321| [40356] Dovecot 1.0.9 Cache unknown vulnerability
6322| [38222] Dovecot 1.0.2 directory traversal
6323| [36376] Dovecot up to 1.0.x directory traversal
6324| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
6325|
6326| MITRE CVE - https://cve.mitre.org:
6327| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
6328| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
6329| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
6330| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
6331| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
6332| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
6333| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
6334| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6335| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6336| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
6337| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
6338| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
6339| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
6340| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
6341| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
6342| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
6343| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
6344| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
6345| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
6346| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
6347| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
6348| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
6349| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
6350| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
6351| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
6352| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
6353| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
6354| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
6355| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
6356| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
6357| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
6358| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
6359| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
6360| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
6361| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
6362| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
6363| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
6364|
6365| SecurityFocus - https://www.securityfocus.com/bid/:
6366| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
6367| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
6368| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
6369| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
6370| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
6371| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
6372| [67306] Dovecot Denial of Service Vulnerability
6373| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
6374| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
6375| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
6376| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
6377| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
6378| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
6379| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
6380| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
6381| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
6382| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
6383| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
6384| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
6385| [39838] tpop3d Remote Denial of Service Vulnerability
6386| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
6387| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
6388| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
6389| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
6390| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
6391| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
6392| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
6393| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
6394| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
6395| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
6396| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
6397| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
6398| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
6399| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
6400| [17961] Dovecot Remote Information Disclosure Vulnerability
6401| [16672] Dovecot Double Free Denial of Service Vulnerability
6402| [8495] akpop3d User Name SQL Injection Vulnerability
6403| [8473] Vpop3d Remote Denial Of Service Vulnerability
6404| [3990] ZPop3D Bad Login Logging Failure Vulnerability
6405| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
6406|
6407| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6408| [86382] Dovecot POP3 Service denial of service
6409| [84396] Dovecot IMAP APPEND denial of service
6410| [80453] Dovecot mail-search.c denial of service
6411| [71354] Dovecot SSL Common Name (CN) weak security
6412| [67675] Dovecot script-login security bypass
6413| [67674] Dovecot script-login directory traversal
6414| [67589] Dovecot header name denial of service
6415| [63267] Apple Mac OS X Dovecot information disclosure
6416| [62340] Dovecot mailbox security bypass
6417| [62339] Dovecot IMAP or POP3 denial of service
6418| [62256] Dovecot mailbox security bypass
6419| [62255] Dovecot ACL entry security bypass
6420| [60639] Dovecot ACL plugin weak security
6421| [57267] Apple Mac OS X Dovecot Kerberos security bypass
6422| [56763] Dovecot header denial of service
6423| [54363] Dovecot base_dir privilege escalation
6424| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
6425| [46323] Dovecot dovecot.conf information disclosure
6426| [46227] Dovecot message parsing denial of service
6427| [45669] Dovecot ACL mailbox security bypass
6428| [45667] Dovecot ACL plugin rights security bypass
6429| [41085] Dovecot TAB characters authentication bypass
6430| [41009] Dovecot mail_extra_groups option unauthorized access
6431| [39342] Dovecot LDAP auth cache configuration security bypass
6432| [35767] Dovecot ACL plugin security bypass
6433| [34082] Dovecot mbox-storage.c directory traversal
6434| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
6435| [26578] Cyrus IMAP pop3d buffer overflow
6436| [26536] Dovecot IMAP LIST information disclosure
6437| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
6438| [24709] Dovecot APPEND command denial of service
6439| [13018] akpop3d authentication code SQL injection
6440| [7345] Slackware Linux imapd and ipop3d core dump
6441| [6269] imap, ipop2d and ipop3d buffer overflows
6442| [5923] Linuxconf vpop3d symbolic link
6443| [4918] IPOP3D, Buffer overflow attack
6444| [1560] IPOP3D, user login successful
6445| [1559] IPOP3D user login to remote host successful
6446| [1525] IPOP3D, user logout
6447| [1524] IPOP3D, user auto-logout
6448| [1523] IPOP3D, user login failure
6449| [1522] IPOP3D, brute force attack
6450| [1521] IPOP3D, user kiss of death logout
6451| [418] pop3d mktemp creates insecure temporary files
6452|
6453| Exploit-DB - https://www.exploit-db.com:
6454| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
6455| [23053] Vpop3d Remote Denial of Service Vulnerability
6456| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
6457| [11893] tPop3d 1.5.3 DoS
6458| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
6459| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
6460| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
6461| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
6462|
6463| OpenVAS (Nessus) - http://www.openvas.org:
6464| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
6465| [901025] Dovecot Version Detection
6466| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
6467| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
6468| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
6469| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
6470| [870607] RedHat Update for dovecot RHSA-2011:0600-01
6471| [870471] RedHat Update for dovecot RHSA-2011:1187-01
6472| [870153] RedHat Update for dovecot RHSA-2008:0297-02
6473| [863272] Fedora Update for dovecot FEDORA-2011-7612
6474| [863115] Fedora Update for dovecot FEDORA-2011-7258
6475| [861525] Fedora Update for dovecot FEDORA-2007-664
6476| [861394] Fedora Update for dovecot FEDORA-2007-493
6477| [861333] Fedora Update for dovecot FEDORA-2007-1485
6478| [860845] Fedora Update for dovecot FEDORA-2008-9202
6479| [860663] Fedora Update for dovecot FEDORA-2008-2475
6480| [860169] Fedora Update for dovecot FEDORA-2008-2464
6481| [860089] Fedora Update for dovecot FEDORA-2008-9232
6482| [840950] Ubuntu Update for dovecot USN-1295-1
6483| [840668] Ubuntu Update for dovecot USN-1143-1
6484| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
6485| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
6486| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
6487| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
6488| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
6489| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
6490| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
6491| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
6492| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
6493| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
6494| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
6495| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
6496| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
6497| [70259] FreeBSD Ports: dovecot
6498| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
6499| [66522] FreeBSD Ports: dovecot
6500| [65010] Ubuntu USN-838-1 (dovecot)
6501| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
6502| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
6503| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
6504| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
6505| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
6506| [62854] FreeBSD Ports: dovecot-managesieve
6507| [61916] FreeBSD Ports: dovecot
6508| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
6509| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
6510| [60528] FreeBSD Ports: dovecot
6511| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
6512| [60089] FreeBSD Ports: dovecot
6513| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
6514| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
6515|
6516| SecurityTracker - https://www.securitytracker.com:
6517| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
6518| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
6519| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
6520|
6521| OSVDB - http://www.osvdb.org:
6522| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
6523| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
6524| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
6525| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
6526| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
6527| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
6528| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
6529| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
6530| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
6531| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
6532| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
6533| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
6534| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
6535| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
6536| [66113] Dovecot Mail Root Directory Creation Permission Weakness
6537| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
6538| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
6539| [66110] Dovecot Multiple Unspecified Buffer Overflows
6540| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
6541| [64783] Dovecot E-mail Message Header Unspecified DoS
6542| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
6543| [62796] Dovecot mbox Format Email Header Handling DoS
6544| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
6545| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
6546| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
6547| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
6548| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
6549| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
6550| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
6551| [43137] Dovecot mail_extra_groups Symlink File Manipulation
6552| [42979] Dovecot passdbs Argument Injection Authentication Bypass
6553| [39876] Dovecot LDAP Auth Cache Security Bypass
6554| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
6555| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
6556| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
6557| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
6558| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
6559| [23281] Dovecot imap/pop3-login dovecot-auth DoS
6560| [23280] Dovecot Malformed APPEND Command DoS
6561| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
6562| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
6563| [5857] Linux pop3d Arbitrary Mail File Access
6564| [2471] akpop3d username SQL Injection
6565|_
6566143/tcp open imap Dovecot imapd
6567| vulscan: VulDB - https://vuldb.com:
6568| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
6569| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
6570| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
6571| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
6572| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
6573| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
6574| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
6575| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
6576| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
6577| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
6578| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
6579| [69835] Dovecot 2.2.0/2.2.1 denial of service
6580| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
6581| [65684] Dovecot up to 2.2.6 unknown vulnerability
6582| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
6583| [63692] Dovecot up to 2.0.15 spoofing
6584| [7062] Dovecot 2.1.10 mail-search.c denial of service
6585| [59792] Cyrus IMAPd 2.4.11 weak authentication
6586| [57517] Dovecot up to 2.0.12 Login directory traversal
6587| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
6588| [57515] Dovecot up to 2.0.12 Crash denial of service
6589| [54944] Dovecot up to 1.2.14 denial of service
6590| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
6591| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
6592| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
6593| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
6594| [53277] Dovecot up to 1.2.10 denial of service
6595| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
6596| [45256] Dovecot up to 1.1.5 directory traversal
6597| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
6598| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6599| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6600| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
6601| [40356] Dovecot 1.0.9 Cache unknown vulnerability
6602| [38222] Dovecot 1.0.2 directory traversal
6603| [37927] Ipswitch Ipswitch Collaboration Suite up to 2006.1 IMAP Service imapd32.exe memory corruption
6604| [36376] Dovecot up to 1.0.x directory traversal
6605| [35759] Atrium MERCUR IMAPD IMAP4 mcrimap4.exe memory corruption
6606| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
6607|
6608| MITRE CVE - https://cve.mitre.org:
6609| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
6610| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
6611| [CVE-2011-3481] The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
6612| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
6613| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
6614| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
6615| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
6616| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
6617| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
6618| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
6619| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6620| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6621| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
6622| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
6623| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
6624| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
6625| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
6626| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
6627| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
6628| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
6629| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
6630| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
6631| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
6632| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
6633| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
6634| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
6635| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
6636| [CVE-2007-5740] The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.
6637| [CVE-2007-5018] Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211.
6638| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
6639| [CVE-2007-3925] Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
6640| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
6641| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
6642| [CVE-2007-1579] Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command.
6643| [CVE-2007-1578] Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.
6644| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
6645| [CVE-2006-6762] The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.
6646| [CVE-2006-6761] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
6647| [CVE-2006-6425] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
6648| [CVE-2006-6424] Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow
6649| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
6650| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
6651| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
6652| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
6653| [CVE-2005-2278] Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
6654| [CVE-2005-1256] Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.
6655| [CVE-2005-1249] The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.
6656| [CVE-2005-1015] Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
6657| [CVE-2005-0546] Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
6658| [CVE-2003-1322] Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.
6659| [CVE-2002-1782] The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
6660| [CVE-2002-1604] Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
6661| [CVE-2002-0997] Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
6662| [CVE-2002-0379] Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
6663| [CVE-2001-0691] Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations.
6664| [CVE-2000-0284] Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
6665| [CVE-1999-1557] Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
6666| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
6667| [CVE-1999-1224] IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
6668|
6669| SecurityFocus - https://www.securityfocus.com/bid/:
6670| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
6671| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
6672| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
6673| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
6674| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
6675| [84478] imapd CVE-1999-1224 Denial-Of-Service Vulnerability
6676| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
6677| [67306] Dovecot Denial of Service Vulnerability
6678| [65650] Eudora WorldMail imapd 'UID' Command Buffer Overflow Vulnerability
6679| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
6680| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
6681| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
6682| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
6683| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
6684| [51403] Eudora WorldMail imapd 'LIST' Command Buffer Overflow Vulnerability
6685| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
6686| [49949] Cyrus IMAPd NTTP Logic Error Authentication Bypass Vulnerability
6687| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
6688| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
6689| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
6690| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
6691| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
6692| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
6693| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
6694| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
6695| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
6696| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
6697| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
6698| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
6699| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
6700| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
6701| [26270] Perdition IMAPD __STR_VWRITE Remote Format String Vulnerability
6702| [25733] Mercury/32 IMAPD SEARCH Command Remote Stack Buffer Overflow Vulnerability
6703| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
6704| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
6705| [23058] Atrium Mercur IMapD NTLM Buffer Overflow Vulnerability
6706| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
6707| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
6708| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
6709| [17961] Dovecot Remote Information Disclosure Vulnerability
6710| [16672] Dovecot Double Free Denial of Service Vulnerability
6711| [15980] Qualcomm WorldMail IMAPD Buffer Overflow Vulnerability
6712| [15753] Ipswitch Collaboration Suite and IMail Server IMAPD LIST Command Denial Of Service Vulnerability
6713| [12636] Cyrus IMAPD Multiple Remote Buffer Overflow Vulnerabilities
6714| [11738] Cyrus IMAPD Multiple Remote Unspecified Vulnerabilities
6715| [11729] Cyrus IMAPD Multiple Remote Vulnerabilities
6716| [6298] Cyrus IMAPD Pre-Login Heap Corruption Vulnerability
6717| [4713] Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability
6718| [2856] Imapd 'Local' Buffer Overflow Vulnerabilities
6719| [1110] Univ. Of Washington imapd Buffer Overflow Vulnerabilities
6720| [502] NT IMail Imapd Buffer Overflow DoS Vulnerability
6721| [130] imapd Buffer Overflow Vulnerability
6722|
6723| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6724| [86382] Dovecot POP3 Service denial of service
6725| [84396] Dovecot IMAP APPEND denial of service
6726| [80453] Dovecot mail-search.c denial of service
6727| [71354] Dovecot SSL Common Name (CN) weak security
6728| [70325] Cyrus IMAPd NNTP security bypass
6729| [67675] Dovecot script-login security bypass
6730| [67674] Dovecot script-login directory traversal
6731| [67589] Dovecot header name denial of service
6732| [63267] Apple Mac OS X Dovecot information disclosure
6733| [62340] Dovecot mailbox security bypass
6734| [62339] Dovecot IMAP or POP3 denial of service
6735| [62256] Dovecot mailbox security bypass
6736| [62255] Dovecot ACL entry security bypass
6737| [60639] Dovecot ACL plugin weak security
6738| [57267] Apple Mac OS X Dovecot Kerberos security bypass
6739| [56763] Dovecot header denial of service
6740| [54363] Dovecot base_dir privilege escalation
6741| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
6742| [47526] UW-imapd rfc822_output_char() denial of service
6743| [46323] Dovecot dovecot.conf information disclosure
6744| [46227] Dovecot message parsing denial of service
6745| [45669] Dovecot ACL mailbox security bypass
6746| [45667] Dovecot ACL plugin rights security bypass
6747| [41085] Dovecot TAB characters authentication bypass
6748| [41009] Dovecot mail_extra_groups option unauthorized access
6749| [39342] Dovecot LDAP auth cache configuration security bypass
6750| [35767] Dovecot ACL plugin security bypass
6751| [34082] Dovecot mbox-storage.c directory traversal
6752| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
6753| [26536] Dovecot IMAP LIST information disclosure
6754| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
6755| [24709] Dovecot APPEND command denial of service
6756| [22629] RHSA-2005:408 updates for cyrus-imapd not installed
6757| [19460] Cyrus IMAP imapd buffer overflow
6758| [19455] Cyrus IMAP imapd extension off-by-one buffer overflow
6759| [18492] Novell NetMail IMAPD 101_mEna buffer overflow
6760| [10803] UW IMAP (wu-imapd) authenticated user buffer overflow
6761| [9238] UW IMAP (wu-imapd) could allow a remote attacker to access arbitrary files
6762| [9055] UW IMAP (wu-imapd) partial mailbox attributes to request buffer overflow
6763| [7345] Slackware Linux imapd and ipop3d core dump
6764| [573] Imapd denial of service
6765|
6766| Exploit-DB - https://www.exploit-db.com:
6767| [30724] Perdition 1.17 IMAPD __STR_VWRITE Remote Format String Vulnerability
6768| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
6769| [22061] Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 Pre-Login Heap Corruption Vulnerability
6770| [21443] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (2)
6771| [21442] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (1)
6772| [19849] UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)
6773| [19848] UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)
6774| [19847] UoW imapd 10.234/12.264 Buffer Overflow Vulnerabilities
6775| [19377] Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability
6776| [19107] Netscape Messaging Server 3.55,University of Washington imapd 10.234 Buffer Overflow Vulnerability
6777| [18354] WorldMail imapd 3.0 SEH overflow (egg hunter)
6778| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
6779| [16485] MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow
6780| [16482] MDaemon 9.6.4 IMAPD FETCH Buffer Overflow
6781| [16480] MailEnable IMAPD W3C Logging Buffer Overflow
6782| [16477] Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
6783| [16475] MailEnable IMAPD (2.35) Login Request Buffer Overflow
6784| [16474] Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
6785| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
6786| [4429] Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit
6787| [3627] IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit
6788| [3527] Mercur IMAPD 5.00.14 Remote Denial of Service Exploit (win32)
6789| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
6790| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
6791| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
6792| [1380] Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit
6793| [1332] MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit
6794| [1327] FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC
6795| [1151] MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit
6796| [1124] IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit
6797| [915] MailEnable Enterprise 1.x Imapd Remote Exploit
6798| [903] Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit
6799| [340] Linux imapd Remote Overflow File Retrieve Exploit
6800|
6801| OpenVAS (Nessus) - http://www.openvas.org:
6802| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
6803| [901025] Dovecot Version Detection
6804| [881425] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 x86_64
6805| [881403] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 x86_64
6806| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
6807| [881397] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x86_64
6808| [881370] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 x86_64
6809| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
6810| [881318] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 x86_64
6811| [881255] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 x86_64
6812| [881050] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 i386
6813| [881049] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 i386
6814| [881007] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 i386
6815| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
6816| [880978] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 i386
6817| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
6818| [880958] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 i386
6819| [880905] CentOS Update for cyrus-imapd CESA-2009:1459 centos4 i386
6820| [880864] CentOS Update for cyrus-imapd CESA-2009:1459 centos5 i386
6821| [880826] CentOS Update for cyrus-imapd CESA-2009:1116 centos5 i386
6822| [880536] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 i386
6823| [870607] RedHat Update for dovecot RHSA-2011:0600-01
6824| [870520] RedHat Update for cyrus-imapd RHSA-2011:1508-01
6825| [870489] RedHat Update for cyrus-imapd RHSA-2011:1317-01
6826| [870471] RedHat Update for dovecot RHSA-2011:1187-01
6827| [870443] RedHat Update for cyrus-imapd RHSA-2011:0859-01
6828| [870153] RedHat Update for dovecot RHSA-2008:0297-02
6829| [864075] Fedora Update for cyrus-imapd FEDORA-2011-13832
6830| [863585] Fedora Update for cyrus-imapd FEDORA-2011-13869
6831| [863579] Fedora Update for cyrus-imapd FEDORA-2011-13860
6832| [863281] Fedora Update for cyrus-imapd FEDORA-2011-7193
6833| [863273] Fedora Update for cyrus-imapd FEDORA-2011-7217
6834| [863272] Fedora Update for dovecot FEDORA-2011-7612
6835| [863115] Fedora Update for dovecot FEDORA-2011-7258
6836| [861525] Fedora Update for dovecot FEDORA-2007-664
6837| [861394] Fedora Update for dovecot FEDORA-2007-493
6838| [861333] Fedora Update for dovecot FEDORA-2007-1485
6839| [860845] Fedora Update for dovecot FEDORA-2008-9202
6840| [860663] Fedora Update for dovecot FEDORA-2008-2475
6841| [860169] Fedora Update for dovecot FEDORA-2008-2464
6842| [860089] Fedora Update for dovecot FEDORA-2008-9232
6843| [840950] Ubuntu Update for dovecot USN-1295-1
6844| [840668] Ubuntu Update for dovecot USN-1143-1
6845| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
6846| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
6847| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
6848| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
6849| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
6850| [831590] Mandriva Update for cyrus-imapd MDVSA-2012:037 (cyrus-imapd)
6851| [831468] Mandriva Update for cyrus-imapd MDVSA-2011:149 (cyrus-imapd)
6852| [831410] Mandriva Update for cyrus-imapd MDVSA-2011:100 (cyrus-imapd)
6853| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
6854| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
6855| [831207] Mandriva Update for cyrus-imapd MDVA-2010:208 (cyrus-imapd)
6856| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
6857| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
6858| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
6859| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
6860| [800149] UW-imapd tmail and dmail BOF Vulnerabilities (Linux)
6861| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
6862| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
6863| [70696] Debian Security Advisory DSA 2377-1 (cyrus-imapd-2.2)
6864| [70407] Debian Security Advisory DSA 2318-1 (cyrus-imapd-2.2)
6865| [70259] FreeBSD Ports: dovecot
6866| [69965] Debian Security Advisory DSA 2258-1 (kolab-cyrus-imapd)
6867| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
6868| [69740] Debian Security Advisory DSA 2242-1 (cyrus-imapd-2.2)
6869| [66522] FreeBSD Ports: dovecot
6870| [66416] Mandriva Security Advisory MDVSA-2009:229-1 (cyrus-imapd)
6871| [66233] SLES10: Security update for Cyrus IMAPD
6872| [66226] SLES11: Security update for Cyrus IMAPD
6873| [66222] SLES9: Security update for Cyrus IMAPD
6874| [65938] SLES10: Security update for Cyrus IMAPD
6875| [65723] SLES11: Security update for Cyrus IMAPD
6876| [65523] SLES9: Security update for Cyrus IMAPD
6877| [65479] SLES9: Security update for cyrus-imapd
6878| [65094] SLES9: Security update for cyrus-imapd
6879| [65010] Ubuntu USN-838-1 (dovecot)
6880| [64989] CentOS Security Advisory CESA-2009:1459 (cyrus-imapd)
6881| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
6882| [64977] Debian Security Advisory DSA 1893-1 (cyrus-imapd-2.2 kolab-cyrus-imapd)
6883| [64965] Fedora Core 11 FEDORA-2009-9901 (cyrus-imapd)
6884| [64963] Fedora Core 10 FEDORA-2009-9869 (cyrus-imapd)
6885| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
6886| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
6887| [64898] FreeBSD Ports: cyrus-imapd
6888| [64864] Debian Security Advisory DSA 1881-1 (cyrus-imapd-2.2)
6889| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
6890| [64847] Fedora Core 10 FEDORA-2009-9428 (cyrus-imapd)
6891| [64846] Fedora Core 11 FEDORA-2009-9417 (cyrus-imapd)
6892| [64838] Mandrake Security Advisory MDVSA-2009:229 (cyrus-imapd)
6893| [64271] CentOS Security Advisory CESA-2009:1116 (cyrus-imapd)
6894| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
6895| [62854] FreeBSD Ports: dovecot-managesieve
6896| [61916] FreeBSD Ports: dovecot
6897| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
6898| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
6899| [60528] FreeBSD Ports: dovecot
6900| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
6901| [60089] FreeBSD Ports: dovecot
6902| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
6903| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
6904| [55807] Slackware Advisory SSA:2005-310-06 imapd
6905| [54861] Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
6906| [54755] Gentoo Security Advisory GLSA 200411-34 (cyrus-imapd)
6907| [53739] Debian Security Advisory DSA 215-1 (cyrus-imapd)
6908| [53288] Debian Security Advisory DSA 597-1 (cyrus-imapd)
6909| [52297] FreeBSD Ports: cyrus-imapd
6910| [52296] FreeBSD Ports: cyrus-imapd
6911| [52295] FreeBSD Ports: cyrus-imapd
6912| [52294] FreeBSD Ports: cyrus-imapd
6913| [52172] FreeBSD Ports: cyrus-imapd
6914|
6915| SecurityTracker - https://www.securitytracker.com:
6916| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
6917| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
6918| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
6919| [1013278] Cyrus IMAPd Buffer Overflows in Annotate Extension, Cached Header, and Fetchnews May Let Remote Users Execute Arbitrary Code
6920|
6921| OSVDB - http://www.osvdb.org:
6922| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
6923| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
6924| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
6925| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
6926| [78304] Eudora WorldMail imapd SEH LIST Command Parsing Remote Overflow
6927| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
6928| [75445] Cyrus IMAP Server imapd index.c index_get_ids Function References Header NULL Dereference Remote DoS
6929| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
6930| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
6931| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
6932| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
6933| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
6934| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
6935| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
6936| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
6937| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
6938| [66113] Dovecot Mail Root Directory Creation Permission Weakness
6939| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
6940| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
6941| [66110] Dovecot Multiple Unspecified Buffer Overflows
6942| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
6943| [64783] Dovecot E-mail Message Header Unspecified DoS
6944| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
6945| [62796] Dovecot mbox Format Email Header Handling DoS
6946| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
6947| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
6948| [57843] Cyrus IMAP Server (cyrus-imapd) SIEVE Script Component (sieve/script.c) Crafted Script Handling Overflow
6949| [57681] UoW imap Server (uw-imapd) Arbitrary Remote File Access
6950| [52906] UW-imapd c-client Initial Request Remote Format String
6951| [52905] UW-imapd c-client Library RFC822BUFFER Routines rfc822_output_char Function Off-by-one
6952| [52456] UW-imapd on Debian Linux LOGIN Command Remote DoS
6953| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
6954| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
6955| [49485] UW-imapd dmail Utility Mailbox Name Handling Overflow
6956| [49484] UW-imapd tmail Utility Mailbox Name Handling Overflow
6957| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
6958| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
6959| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
6960| [43137] Dovecot mail_extra_groups Symlink File Manipulation
6961| [42979] Dovecot passdbs Argument Injection Authentication Bypass
6962| [42004] Perdition Mail Retrieval Proxy IMAPD IMAP Tag Remote Format String Arbitrary Code Execution
6963| [39876] Dovecot LDAP Auth Cache Security Bypass
6964| [39670] Mercury Mail Transport System IMAPD SEARCH Command Remote Overflow
6965| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
6966| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
6967| [31362] Novell NetMail IMAP Daemon (IMAPD) APPEND Command Remote Overflow
6968| [31361] Novell NetMail IMAP Daemon (IMAPD) APPEND Command DoS
6969| [31360] Novell NetMail IMAP Daemon (IMAPD) SUBSCRIBE Command Remote Overflow
6970| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
6971| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
6972| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
6973| [23281] Dovecot imap/pop3-login dovecot-auth DoS
6974| [23280] Dovecot Malformed APPEND Command DoS
6975| [18179] HP Tru64 UNIX imapd NLSPATH Environment Variable Local Overflow
6976| [13242] UW-imapd CRAM-MD5 Authentication Bypass
6977| [12385] Novell NetMail IMAPD 101_mEna Script Remote Overflow
6978| [12042] UoW imapd Multiple Unspecified Overflows
6979| [12037] UoW imapd (UW-IMAP) Multiple Command Remote Overflows
6980| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
6981| [911] UoW imapd AUTHENTICATE Command Remote Overflow
6982| [790] UoW imap Server (uw-imapd) BODY Request Remote Overflow
6983| [519] UoW imapd SIGABRT Signal Forced Crash Information Disclosure
6984|_
6985443/tcp closed https
6986465/tcp open ssl/smtp Exim smtpd 4.89
6987| vulscan: VulDB - https://vuldb.com:
6988| [109969] Exim 4.88/4.89 SMTP Daemon receive.c bdat_getc denial of service
6989| [109968] Exim 4.88/4.89 SMTP Daemon receive.c receive_msg memory corruption
6990| [94599] Exim up to 4.87 information disclosure
6991| [13422] Exim 4.82 Mail Header dmarc.c expand_string memory corruption
6992| [6817] Exim up to 4.80 src/dkim.c dkim_exim_query_dns_txt memory corruption
6993| [141327] Exim up to 4.92.1 Backslash privilege escalation
6994| [138827] Exim up to 4.92 Expansion Code Execution
6995| [135932] Exim up to 4.92 privilege escalation
6996| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
6997| [58841] exim up to 4.69 dkim_exim_verify_finish memory corruption
6998| [57462] Exim up to 4.75 Filesystem memory corruption
6999| [4280] Exim Server 4.x open_log race condition
7000|
7001| MITRE CVE - https://cve.mitre.org:
7002| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
7003| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
7004| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
7005| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
7006| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
7007| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
7008| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
7009| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
7010| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
7011| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
7012| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
7013| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
7014| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
7015| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
7016| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
7017| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
7018|
7019| SecurityFocus - https://www.securityfocus.com/bid/:
7020| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
7021| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
7022| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
7023| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
7024| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
7025| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
7026| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
7027| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
7028| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
7029| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
7030| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
7031| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
7032| [45308] Exim Crafted Header Remote Code Execution Vulnerability
7033| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
7034| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
7035| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
7036| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
7037| [17110] sa-exim Unauthorized File Access Vulnerability
7038| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
7039| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
7040| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
7041| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
7042| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
7043| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
7044| [6314] Exim Internet Mailer Format String Vulnerability
7045| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
7046| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
7047| [2828] Exim Format String Vulnerability
7048| [1859] Exim Buffer Overflow Vulnerability
7049|
7050| IBM X-Force - https://exchange.xforce.ibmcloud.com:
7051| [84758] Exim sender_address parameter command execution
7052| [84015] Exim command execution
7053| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
7054| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
7055| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
7056| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
7057| [67455] Exim DKIM processing code execution
7058| [67299] Exim dkim_exim_verify_finish() format string
7059| [65028] Exim open_log privilege escalation
7060| [63967] Exim config file privilege escalation
7061| [63960] Exim header buffer overflow
7062| [59043] Exim mail directory privilege escalation
7063| [59042] Exim MBX symlink
7064| [52922] ikiwiki teximg plugin information disclosure
7065| [34265] Exim spamd buffer overflow
7066| [25286] Sa-exim greylistclean.cron file deletion
7067| [22687] RHSA-2005:025 updates for exim not installed
7068| [18901] Exim dns_build_reverse buffer overflow
7069| [18764] Exim spa_base64_to_bits function buffer overflow
7070| [18763] Exim host_aton buffer overflow
7071| [16079] Exim require_verify buffer overflow
7072| [16077] Exim header_check_syntax buffer overflow
7073| [16075] Exim sender_verify buffer overflow
7074| [13067] Exim HELO or EHLO command heap overflow
7075| [10761] Exim daemon.c format string
7076| [8194] Exim configuration file -c command-line argument buffer overflow
7077| [7738] Exim allows attacker to hide commands in localhost names using pipes
7078| [6671] Exim "
7079| [1893] Exim MTA allows local users to gain root privileges
7080|
7081| Exploit-DB - https://www.exploit-db.com:
7082| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
7083| [15725] Exim 4.63 Remote Root Exploit
7084| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
7085| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
7086| [796] Exim <= 4.42 Local Root Exploit
7087| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
7088|
7089| OpenVAS (Nessus) - http://www.openvas.org:
7090| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
7091|
7092| SecurityTracker - https://www.securitytracker.com:
7093| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
7094| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
7095| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
7096| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
7097| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
7098| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
7099| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
7100| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
7101| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
7102| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
7103| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
7104| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
7105|
7106| OSVDB - http://www.osvdb.org:
7107| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
7108| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
7109| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
7110| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
7111| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
7112| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
7113| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
7114| [70696] Exim log.c open_log() Function Local Privilege Escalation
7115| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
7116| [69685] Exim string_format Function Remote Overflow
7117| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
7118| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
7119| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
7120| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
7121| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
7122| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
7123| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
7124| [12726] Exim -be Command Line Option host_aton Function Local Overflow
7125| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
7126| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
7127| [10032] libXpm CreateXImage Function Integer Overflow
7128| [7160] Exim .forward :include: Option Privilege Escalation
7129| [6479] Vexim COOKIE Authentication Credential Disclosure
7130| [6478] Vexim Multiple Parameter SQL Injection
7131| [5930] Exim Parenthesis File Name Filter Bypass
7132| [5897] Exim header_syntax Function Remote Overflow
7133| [5896] Exim sender_verify Function Remote Overflow
7134| [5530] Exim Localhost Name Arbitrary Command Execution
7135| [5330] Exim Configuration File Variable Overflow
7136| [1855] Exim Batched SMTP Mail Header Format String
7137|_
7138993/tcp open ssl/imaps?
7139995/tcp open ssl/pop3s?
714035500/tcp closed unknown
7141Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
7142##################################################################################################################################
7143 Anonymous JTSEC #OpDeathEathers Full Recon #31