· 5 years ago · Feb 11, 2020, 07:22 AM
1####################################################################################################################################
2=======================================================================================================================================
3Hostname boysmaster.com ISP SoftLayer Technologies Inc.
4Continent North America Flag
5US
6Country United States Country Code US
7Region Virginia Local time 11 Feb 2020 01:06 EST
8City Ashburn Postal Code 20147
9IP Address 169.47.149.241 Latitude 39.018
10 Longitude -77.539
11======================================================================================================================================
12###################################################################################################################################
13> boysmaster.com
14Server: 38.132.106.139
15Address: 38.132.106.139#53
16
17Non-authoritative answer:
18Name: boysmaster.com
19Address: 169.47.149.241
20>
21####################################################################################################################################
22 Domain Name: BOYSMASTER.COM
23 Registry Domain ID: 94876794_DOMAIN_COM-VRSN
24 Registrar WHOIS Server: whois.danesconames.com
25 Registrar URL: http://www.danesconames.com
26 Updated Date: 2020-01-04T11:06:43Z
27 Creation Date: 2003-02-12T02:06:41Z
28 Registry Expiry Date: 2021-02-12T02:06:41Z
29 Registrar: Danesco Trading Ltd.
30 Registrar IANA ID: 1418
31 Registrar Abuse Contact Email: abuse@danesconames.com
32 Registrar Abuse Contact Phone: +357.95713635
33 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
34 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
35 Name Server: NS1.ALPHA-SPACE.COM
36 Name Server: NS1.ONYX7.COM
37 Name Server: NS2.ALPHA-SPACE.COM
38 Name Server: NS2.ONYX7.COM
39 DNSSEC: unsigned
40###################################################################################################################################
41Domain Name: BOYSMASTER.COM
42Registry Domain ID:
43Registrar WHOIS Server: whois.danesconames.com
44Registrar URL: https://danesconames.com/
45Updated Date: 2020-01-04 11:07:26.712834
46Creation Date: 2003-02-12
47Registrar Registration Expiration Date: 2021-02-12
48Registrar: DANESCO TRADING LTD
49Registrar IANA ID: 1418
50Registrar Abuse Contact Email: abuse@danesconames.com
51Registrar Abuse Contact Phone: +357.95713635
52Reseller: AHnames.com https://www.AHnames.com/
53Domain Status: clientDeleteProhibited
54Domain Status: clientTransferProhibited
55Registry Registrant ID: MR_9908672WP
56Registrant Name: DANESCO TRADING LTD
57Registrant Organization: DANESCO TRADING LTD.
58Registrant Street: 157, Archbishop Makarios Ave, office 1
59Registrant City: Limassol
60Registrant State/Province:
61Registrant Postal Code: 3026
62Registrant Country: Cyprus
63Registrant Phone: +357.95713635
64Registrant Phone Ext:
65Registrant Fax: +357.95713635
66Registrant Fax Ext:
67Registrant Email: boysmaster.com@whoisprotectservice.net
68Registry Admin ID: MR_9908672WP
69Admin Name: DANESCO TRADING LTD
70Admin Organization: DANESCO TRADING LTD.
71Admin Street: 157, Archbishop Makarios Ave, office 1
72Admin City: Limassol
73Admin State/Province:
74Admin Postal Code: 3026
75Admin Country: Cyprus
76Admin Phone: +357.95713635
77Admin Phone Ext:
78Admin Fax: +357.95713635
79Admin Fax Ext:
80Admin Email: boysmaster.com@whoisprotectservice.net
81Registry Tech ID: MR_9908672WP
82Tech Name: DANESCO TRADING LTD
83Tech Organization: DANESCO TRADING LTD.
84Tech Street: 157, Archbishop Makarios Ave, office 1
85Tech City: Limassol
86Tech State/Province:
87Tech Postal Code: 3026
88Tech Country: Cyprus
89Tech Phone: +357.95713635
90Tech Phone Ext:
91Tech Fax: +357.95713635
92Tech Fax Ext:
93Tech Email: boysmaster.com@whoisprotectservice.net
94Registry Billing ID: MR_9908672WP
95Billing Name: DANESCO TRADING LTD
96Billing Organization: DANESCO TRADING LTD.
97Billing Street: 157, Archbishop Makarios Ave, office 1
98Billing City: Limassol
99Billing State/Province:
100Billing Postal Code: 3026
101Billing Country: Cyprus
102Billing Phone: +357.95713635
103Billing Phone Ext:
104Billing Fax: +357.95713635
105Billing Fax Ext:
106Billing Email: boysmaster.com@whoisprotectservice.net
107Name Server: NS2.ONYX7.COM
108Name Server: NS2.ALPHA-SPACE.COM
109Name Server: NS1.ONYX7.COM
110Name Server: NS1.ALPHA-SPACE.COM
111DNSSEC: unsigned
112####################################################################################################################################
113[+] Target : boysmaster.com
114
115[+] IP Address : 169.47.149.241
116
117[+] Headers :
118
119[+] Server : nginx/1.14.0
120[+] Date : Tue, 11 Feb 2020 06:12:43 GMT
121[+] Content-Type : text/html
122[+] Transfer-Encoding : chunked
123[+] Connection : keep-alive
124[+] Keep-Alive : timeout=20
125[+] Set-Cookie : xid=CA.1581401563-654725; path=/; domain=boysmaster.com; expires=Sun, 30-Jun-2022 22:22:07 GMT, xvc=1; path=/; domain=boysmaster.com; expires=Sun, 30-Jun-2022 22:22:07 GMT, xpageid=1; path=/; domain=boysmaster.com; expires=Fri, 14-Feb-2020 06:12:43 GMT, xstate=noref|noref|1|0|0|noref; path=/; domain=boysmaster.com
126[+] Expires : Thu, 01 Jan 1970 00:00:01 GMT
127[+] Pragma : no-cache
128[+] Cache-Control : no-store, no-cache, must-revalidate
129[+] Content-Encoding : gzip
130
131[+] SSL Certificate Information :
132
133[-] SSL is not Present on Target URL...Skipping...
134
135[+] Whois Lookup :
136
137[+] NIR : None
138[+] ASN Registry : ripencc
139[+] ASN : 36351
140[+] ASN CIDR : 169.47.128.0/18
141[+] ASN Country Code : US
142[+] ASN Date : 1993-09-01
143[+] ASN Description : SOFTLAYER, US
144[+] cidr : 169.47.149.128/25
145[+] name : NETBLK-SOFTLAYER-RIPE-CUST-NO1606-RIPE
146[+] handle : NO1606-RIPE
147[+] range : 169.47.149.128 - 169.47.149.255
148[+] description : Hosting Services Inc. (dba Midphase)
149[+] country : US
150[+] state : None
151[+] city : None
152[+] address : 517 W 100 N
153Suite 225
154Providence, UT 84332 US
155[+] postal_code : None
156[+] emails : None
157[+] created : 2018-01-03T23:56:49Z
158[+] updated : 2018-01-03T23:56:49Z
159
160[+] Crawling Target...
161
162[+] Looking for robots.txt........[ Not Found ]
163[+] Looking for sitemap.xml.......[ Not Found ]
164[+] Extracting CSS Links..........[ 1 ]
165[+] Extracting Javascript Links...[ 1 ]
166[+] Extracting Internal Links.....[ 4 ]
167[+] Extracting External Links.....[ 195 ]
168[+] Extracting Images.............[ 138 ]
169
170[+] Total Links Extracted : 339
171
172[+] Dumping Links in /opt/FinalRecon/dumps/boysmaster.com.dump
173[+] Completed!
174###################################################################################################################################
175[i] Scanning Site: http://boysmaster.com
176
177
178
179B A S I C I N F O
180====================
181
182
183[+] Site Title: Boys Master - Always fresh Gays galleries
184[+] IP address: 169.47.149.241
185[+] Web Server: nginx/1.14.0
186[+] CMS: Could Not Detect
187[+] Cloudflare: Not Detected
188[+] Robots File: Could NOT Find robots.txt!
189
190
191
192
193W H O I S L O O K U P
194========================
195
196 Domain Name: BOYSMASTER.COM
197 Registry Domain ID: 94876794_DOMAIN_COM-VRSN
198 Registrar WHOIS Server: whois.danesconames.com
199 Registrar URL: http://www.danesconames.com
200 Updated Date: 2020-01-04T11:06:43Z
201 Creation Date: 2003-02-12T02:06:41Z
202 Registry Expiry Date: 2021-02-12T02:06:41Z
203 Registrar: Danesco Trading Ltd.
204 Registrar IANA ID: 1418
205 Registrar Abuse Contact Email: abuse@danesconames.com
206 Registrar Abuse Contact Phone: +357.95713635
207 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
208 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
209 Name Server: NS1.ALPHA-SPACE.COM
210 Name Server: NS1.ONYX7.COM
211 Name Server: NS2.ALPHA-SPACE.COM
212 Name Server: NS2.ONYX7.COM
213 DNSSEC: unsigned
214 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
215>>> Last update of whois database: 2020-02-11T06:12:44Z <<<
216
217For more information on Whois status codes, please visit https://icann.org/epp
218
219
220
221The Registry database contains ONLY .COM, .NET, .EDU domains and
222Registrars.
223
224
225
226
227G E O I P L O O K U P
228=========================
229
230[i] IP Address: 169.47.149.241
231[i] Country: United States
232[i] State: Virginia
233[i] City: Ashburn
234[i] Latitude: 39.018
235[i] Longitude: -77.539
236
237
238
239
240H T T P H E A D E R S
241=======================
242
243
244[i] HTTP/1.1 200 OK
245[i] Server: nginx/1.14.0
246[i] Date: Tue, 11 Feb 2020 06:12:56 GMT
247[i] Content-Type: text/html
248[i] Connection: close
249[i] Set-Cookie: xid=CA.1581401576-971410; path=/; domain=boysmaster.com; expires=Sun, 30-Jun-2022 22:22:07 GMT
250[i] Set-Cookie: xvc=1; path=/; domain=boysmaster.com; expires=Sun, 30-Jun-2022 22:22:07 GMT
251[i] Set-Cookie: xpageid=1; path=/; domain=boysmaster.com; expires=Fri, 14-Feb-2020 06:12:56 GMT
252[i] Set-Cookie: xstate=noref|noref|1|0|0|noref; path=/; domain=boysmaster.com
253[i] Expires: Thu, 01 Jan 1970 00:00:01 GMT
254[i] Pragma: no-cache
255[i] Cache-Control: no-store, no-cache, must-revalidate
256
257
258
259
260D N S L O O K U P
261===================
262
263boysmaster.com. 21599 IN SOA ns1.alpha-space.com. hostmaster.alpha-space.com. 2003091002 28800 7200 2592000 86400
264boysmaster.com. 21599 IN NS ns2.alpha-space.com.
265boysmaster.com. 21599 IN NS ns2.onyx7.com.
266boysmaster.com. 21599 IN NS ns1.onyx7.com.
267boysmaster.com. 21599 IN NS ns1.alpha-space.com.
268boysmaster.com. 21599 IN A 169.47.149.241
269boysmaster.com. 21599 IN MX 10 mail.alpha-space.com.
270
271
272
273
274S U B N E T C A L C U L A T I O N
275====================================
276
277Address = 169.47.149.241
278Network = 169.47.149.241 / 32
279Netmask = 255.255.255.255
280Broadcast = not needed on Point-to-Point links
281Wildcard Mask = 0.0.0.0
282Hosts Bits = 0
283Max. Hosts = 1 (2^0 - 0)
284Host Range = { 169.47.149.241 - 169.47.149.241 }
285
286
287
288N M A P P O R T S C A N
289============================
290
291Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-11 06:13 UTC
292Nmap scan report for boysmaster.com (169.47.149.241)
293Host is up (0.0069s latency).
294rDNS record for 169.47.149.241: f1.95.2fa9.ip4.static.sl-reverse.com
295
296PORT STATE SERVICE
29721/tcp closed ftp
29822/tcp open ssh
29923/tcp closed telnet
30080/tcp open http
301110/tcp closed pop3
302143/tcp closed imap
303443/tcp closed https
3043389/tcp closed ms-wbt-server
305
306Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
307
308
309
310S U B - D O M A I N F I N D E R
311==================================
312
313
314[i] Total Subdomains Found : 1
315
316[+] Subdomain: www.boysmaster.com
317[-] IP: 169.47.149.241
318
319
320#######################################################################################################################################
321[+] Starting At 2020-02-11 01:14:30.588891
322[+] Collecting Information On: http://boysmaster.com/
323[#] Status: 200
324--------------------------------------------------
325[#] Web Server Detected: nginx/1.14.0
326[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
327- Server: nginx/1.14.0
328- Date: Tue, 11 Feb 2020 06:14:18 GMT
329- Content-Type: text/html
330- Transfer-Encoding: chunked
331- Connection: keep-alive
332- Keep-Alive: timeout=20
333- Set-Cookie: xid=CA.1581401658-690389; path=/; domain=boysmaster.com; expires=Sun, 30-Jun-2022 22:22:07 GMT, xvc=1; path=/; domain=boysmaster.com; expires=Sun, 30-Jun-2022 22:22:07 GMT, xpageid=1; path=/; domain=boysmaster.com; expires=Fri, 14-Feb-2020 06:14:18 GMT, xstate=noref|noref|1|0|0|noref; path=/; domain=boysmaster.com
334- Expires: Thu, 01 Jan 1970 00:00:01 GMT
335- Pragma: no-cache
336- Cache-Control: no-store, no-cache, must-revalidate
337- Content-Encoding: gzip
338--------------------------------------------------
339[#] Finding Location..!
340[#] status: success
341[#] country: United States
342[#] countryCode: US
343[#] region: IL
344[#] regionName: Illinois
345[#] city: Chicago
346[#] zip: 60666
347[#] lat: 41.8781
348[#] lon: -87.6298
349[#] timezone: America/Chicago
350[#] isp: SoftLayer
351[#] org: Hosting Services Inc. (dba Midphase)
352[#] as: AS36351 SoftLayer Technologies Inc.
353[#] query: 169.47.149.241
354--------------------------------------------------
355[x] Didn't Detect WAF Presence on: http://boysmaster.com/
356--------------------------------------------------
357[#] Starting Reverse DNS
358[-] Failed ! Fail
359--------------------------------------------------
360[!] Scanning Open Port
361[#] 22/tcp open ssh
362[#] 53/tcp open domain
363[#] 80/tcp open http
364[#] 222/tcp open rsh-spx
365[#] 587/tcp open submission
366[#] 3306/tcp open mysql
367[#] 8888/tcp open sun-answerbook
368[#] 9999/tcp open abyss
369--------------------------------------------------
370[+] Getting SSL Info
371[Errno 111] Connection refused
372--------------------------------------------------
373[+] Collecting Information Disclosure!
374[#] Detecting sitemap.xml file
375[-] sitemap.xml file not Found!?
376[#] Detecting robots.txt file
377[-] robots.txt file not Found!?
378[#] Detecting GNU Mailman
379[-] GNU Mailman App Not Detected!?
380--------------------------------------------------
381[+] Crawling Url Parameter On: http://boysmaster.com/
382--------------------------------------------------
383[#] Searching Html Form !
384[-] No Html Form Found!?
385--------------------------------------------------
386[-] No DOM Paramter Found!?
387--------------------------------------------------
388[!] 121 Internal Dynamic Parameter Discovered
389[+] http://boysmaster.com///x.xxx?link=MeNu
390[+] http://boysmaster.com///x.xxx?p=55.000.I0p1.729654.***&url=http://html.freebuddymovies.com/5/1/vids/748/3005/15/1_9d7b1_01.html?pr=9%26su=2%26ad=12195
391[+] http://boysmaster.com///x.xxx?p=55.000.I1p1.581521.***&url=http://www1.bfcollection.com/994833/bfc/pictures/10bf/Brad-and-Shayne/index.html
392[+] http://boysmaster.com///x.xxx?p=55.000.I2p1.729748.***&url=http://galleries2.adult-empire.com/9388/480803/5088/index.php
393[+] http://boysmaster.com///x.xxx?p=55.000.I3p1.413423.***&url=http://www1.bfcollection.com/994833/bfc/pictures/06bf/Brad/index.html
394[+] http://boysmaster.com///x.xxx?p=55.000.I4p1.642597.***&url=http://gays.itslive.com/movies/222/?ILREVS=murdoc
395[+] http://boysmaster.com///x.xxx?p=55.000.I5p1.670495.***&url=http://galleries.adult-empire.com/10399/607759/5088/index.php
396[+] http://boysmaster.com///x.xxx?p=55.000.I6p1.683626.***&url=http://alexbucks.com/fhg/ab/frodo.htm?id=1439982
397[+] http://boysmaster.com///x.xxx?p=55.000.I7p1.688506.***&url=http://alexbucks.com/fhg/ab/janusz.htm?id=1439982
398[+] http://boysmaster.com///x.xxx?p=55.000.I8p1.647370.***&url=http://alexbucks.com/fhg/ab/akilo_5.htm?id=1439982
399[+] http://boysmaster.com///x.xxx?p=55.000.I9p1.669863.***&url=http://html.freebuddymovies.com/5/41/pics/11906/nude/88_c1848_01.html?pr=9%26su=1%26ad=12195
400[+] http://boysmaster.com///x.xxx?p=55.000.I10p1.729674.***&url=http://html.freebuddymovies.com/5/14/vids/2548/9979/15/15_045b6_01.html?pr=9%26su=2%26ad=12195
401[+] http://boysmaster.com///x.xxx?p=55.000.I11p1.669016.***&url=http://promo.nakedkombat.com/g/20593-a1gaytgp:KOD20RevLife/7426/i/2/h/
402[+] http://boysmaster.com///x.xxx?p=55.000.I12p1.724126.***&url=http://galleries.adult-empire.com/10399/607788/5088/index.php
403[+] http://boysmaster.com///x.xxx?p=55.000.I13p1.439312.***&url=http://www1.bfcollection.com/994833/bfc/pictures/bfc-05/index.html
404[+] http://boysmaster.com///x.xxx?p=55.000.I14p1.723432.***&url=http://galleries.adult-empire.com/4133/34802/5088/index.php
405[+] http://boysmaster.com///x.xxx?p=55.000.I15p1.729621.***&url=http://html.freebuddymovies.com/5/14/vids/3292/12729/15/15_11bcb_01.html?pr=9%26su=2%26ad=12195
406[+] http://boysmaster.com///x.xxx?p=55.000.I16p1.686799.***&url=http://gallys.realitykings.com/bf/608/?id=jennyxxx
407[+] http://boysmaster.com///x.xxx?p=55.000.I17p1.494885.***&url=http://www1.bfcollection.com/994833/bfc/pictures/02/index.html
408[+] http://boysmaster.com///x.xxx?p=55.000.I18p1.682704.***&url=http://alexbucks.com/fhg/ab/arpad_zoltan.htm?id=1439982
409[+] http://boysmaster.com///x.xxx?p=55.000.I19p1.725290.***&url=http://galleries2.adult-empire.com/8836/413777/5088/index.php
410[+] http://boysmaster.com///x.xxx?p=55.000.I20p1.398841.***&url=http://www1.bfcollection.com/994833/bfc/pictures/08/danny-aidan.html
411[+] http://boysmaster.com///x.xxx?p=55.000.I21p1.716370.***&url=http://alexbucks.com/fhg/ab/nathan.htm?id=1439982
412[+] http://boysmaster.com///x.xxx?p=55.000.I22p1.652068.***&url=http://gallys.realitykings.com/bf/766/?id=jennyxxx
413[+] http://boysmaster.com///x.xxx?p=55.000.I23p1.693550.***&url=http://galleries2.adult-empire.com/8793/409026/5088/index.php
414[+] http://boysmaster.com///x.xxx?p=54.000.I24p1.723433.***&url=http://galleries.adult-empire.com/4133/34791/5088/index.php
415[+] http://boysmaster.com///x.xxx?p=54.000.I25p1.729672.***&url=http://html.freebuddymovies.com/5/14/vids/1770/6970/15/15_e0e95_01.html?pr=9%26su=2%26ad=12195
416[+] http://boysmaster.com///x.xxx?p=54.000.I26p1.456488.***&url=http://www1.bfcollection.com/994833/bfc/pictures/09/leo.html
417[+] http://boysmaster.com///x.xxx?p=54.000.I27p1.724390.***&url=http://tgp.gammacash.com/galleries/pictures/pornication_live/bio/valentino/h/0/index.60.html?adv_id=176661
418[+] http://boysmaster.com///x.xxx?p=54.000.I28p1.597764.***&url=http://www1.bfcollection.com/994833/bfc/pictures/bfc-02/index.html
419[+] http://boysmaster.com///x.xxx?p=54.000.I29p1.725797.***&url=http://html.freebuddymovies.com/5/80/pics/99574/nude/187_c1848_01.html?pr=9%26su=1%26ad=12195
420[+] http://boysmaster.com///x.xxx?p=54.000.I30p1.724400.***&url=http://galleries2.adult-empire.com/8793/408840/5088/index.php
421[+] http://boysmaster.com///x.xxx?p=54.000.I31p1.669811.***&url=http://promo.boundgods.com/g/20593-a1gaytgp:KOD20RevLife/8202/i/3/h/
422[+] http://boysmaster.com///x.xxx?p=54.000.I32p1.722945.***&url=http://galleries2.adult-empire.com/9033/446962/5088/index.php
423[+] http://boysmaster.com///x.xxx?p=54.000.I33p1.723362.***&url=http://galleries2.adult-empire.com/9033/447172/5088/index.php
424[+] http://boysmaster.com///x.xxx?p=100.000.I34p1.729035.***&url=http://go.trafficshop.com/81a627a6/gay
425[+] http://boysmaster.com///x.xxx?p=54.000.I35p1.506622.***&url=http://www1.bfcollection.com/994833/bfc/pictures/bfc-15/austin.html
426[+] http://boysmaster.com///x.xxx?p=54.000.I36p1.725403.***&url=http://alexbucks.com/fhg/ab/akilo_02.htm?id=1439982
427[+] http://boysmaster.com///x.xxx?p=54.000.I37p1.719986.***&url=http://galleries2.adult-empire.com/8793/409031/5088/index.php
428[+] http://boysmaster.com///x.xxx?p=54.000.I38p1.725438.***&url=http://html.freebuddymovies.com/5/12/vids/4269/15505/15/13_3414a_01.html?pr=9%26su=2%26ad=12195
429[+] http://boysmaster.com///x.xxx?p=54.000.I39p1.687772.***&url=http://galleries2.adult-empire.com/8793/409039/5088/index.php
430[+] http://boysmaster.com///x.xxx?p=54.000.I40p1.654721.***&url=http://alexbucks.com/fhg/ab/john_d_2.htm?id=1439982
431[+] http://boysmaster.com///x.xxx?p=54.000.I41p1.729212.***&url=http://www3.fetishhitsgallery.com/movie/ggsv/59/?t1/pps=murdoc
432[+] http://boysmaster.com///x.xxx?p=54.000.I42p1.725222.***&url=http://html.freebuddymovies.com/5/14/vids/3398/13003/15/15_070f0_01.html?pr=9%26su=2%26ad=12195
433[+] http://boysmaster.com///x.xxx?p=54.000.I43p1.666576.***&url=http://collegeguys.itslive.com/movies/56/?ILREVS=murdoc
434[+] http://boysmaster.com///x.xxx?p=54.000.I44p1.668769.***&url=http://galleries2.adult-empire.com/9417/485156/5088/index.php
435[+] http://boysmaster.com///x.xxx?p=54.000.I45p1.658171.***&url=http://alexbucks.com/fhg/ab/camillo.htm?id=1439982
436[+] http://boysmaster.com///x.xxx?p=54.000.I46p1.723430.***&url=http://galleries.adult-empire.com/10212/640357/5088/index.php
437[+] http://boysmaster.com///x.xxx?p=54.000.I47p1.723436.***&url=http://galleries2.adult-empire.com/9388/480587/5088/index.php
438[+] http://boysmaster.com///x.xxx?p=53.000.I48p1.682298.***&url=http://html.freebuddymovies.com/5/1/pics/1697/nude/7_c1848_01.html?pr=9%26su=2%26ad=12195
439[+] http://boysmaster.com///x.xxx?p=53.000.I49p1.666375.***&url=http://galleries.adult-empire.com/10399/607837/5088/index.php
440[+] http://boysmaster.com///x.xxx?p=53.000.I50p1.725249.***&url=http://www2.fetishhitsgallery.com/movie/ggv/15/?t1/pps=murdoc
441[+] http://boysmaster.com///x.xxx?p=53.000.I51p1.693541.***&url=http://galleries2.adult-empire.com/9033/447112/5088/index.php
442[+] http://boysmaster.com///x.xxx?p=53.000.I52p1.725957.***&url=http://html.freebuddymovies.com/5/3/vids/937/5418/15/4_284d0_01.html?pr=9%26su=2%26ad=12195
443[+] http://boysmaster.com///x.xxx?p=53.000.I53p1.724526.***&url=http://galleries2.adult-empire.com/9756/529375/5088/index.php
444[+] http://boysmaster.com///x.xxx?p=53.000.I54p1.729505.***&url=http://html.freebuddymovies.com/5/41/pics/99647/nude/88_c1848_01.html?pr=9%26su=1%26ad=12195
445[+] http://boysmaster.com///x.xxx?p=53.000.I55p1.728804.***&url=http://www2.fetishhitsgallery.com/movie/gbh/26/?t1/pps=murdoc
446[+] http://boysmaster.com///x.xxx?p=53.000.I56p1.616245.***&url=http://gallys.rk.com/bf/1013/?id=jennyxxx
447[+] http://boysmaster.com///x.xxx?p=53.000.I57p1.649634.***&url=http://galleries2.adult-empire.com/9033/446945/5088/index.php
448[+] http://boysmaster.com///x.xxx?p=53.000.I58p1.656221.***&url=http://alexbucks.com/fhg/ab/dog.htm?id=1439982
449[+] http://boysmaster.com///x.xxx?p=53.000.I59p1.729615.***&url=http://www2.fetishhitsgallery.com/movie/tgc/2/?t1/pps=murdoc
450[+] http://boysmaster.com///x.xxx?p=53.000.I60p1.729223.***&url=http://html.freebuddymovies.com/5/40/pics/15060/nude/83_c1848_01.html?pr=9%26su=1%26ad=12195
451[+] http://boysmaster.com///x.xxx?p=53.000.I61p1.666934.***&url=http://galleries2.adult-empire.com/9756/529396/5088/index.php
452[+] http://boysmaster.com///x.xxx?p=53.000.I62p1.705821.***&url=http://galleries2.adult-empire.com/9756/529363/5088/index.php
453[+] http://boysmaster.com///x.xxx?p=53.000.I63p1.688797.***&url=http://alexbucks.com/fhg/ab/lucas_harry_02.htm?id=1439982
454[+] http://boysmaster.com///x.xxx?p=53.000.I64p1.728598.***&url=http://galleries2.adult-empire.com/9033/447088/5088/index.php
455[+] http://boysmaster.com///x.xxx?p=100.000.I65p1.699212.***&url=http://go.trafficshop.com/81a627a6/gay
456[+] http://boysmaster.com///x.xxx?p=53.000.I66p1.693539.***&url=http://galleries.adult-empire.com/10399/607758/5088/index.php
457[+] http://boysmaster.com///x.xxx?p=53.000.I67p1.648049.***&url=http://gallys.rk.com/bf/1052/?id=jennyxxx
458[+] http://boysmaster.com///x.xxx?p=53.000.I68p1.729274.***&url=http://galleries1.adult-empire.com/5974/244670/5088/index.php
459[+] http://boysmaster.com///x.xxx?p=53.000.I69p1.724606.***&url=http://galleries2.adult-empire.com/9756/529373/5088/index.php
460[+] http://boysmaster.com///x.xxx?p=53.000.I70p1.717396.***&url=http://galleries2.adult-empire.com/8793/408648/5088/index.php
461[+] http://boysmaster.com///x.xxx?p=53.000.I71p1.726000.***&url=http://galleries2.adult-empire.com/8793/408858/5088/index.php
462[+] http://boysmaster.com///x.xxx?p=52.000.I72p1.698671.***&url=http://galleries.adult-empire.com/4133/34781/5088/index.php
463[+] http://boysmaster.com///x.xxx?p=52.000.I73p1.729252.***&url=http://galleries2.adult-empire.com/9756/529362/5088/index.php
464[+] http://boysmaster.com///x.xxx?p=100.000.I74p1.728808.***&url=http://go.trafficshop.com/81a627a6/gay
465[+] http://boysmaster.com///x.xxx?p=100.000.I75p1.667062.***&url=http://go.trafficshop.com/81a627a6/gay
466[+] http://boysmaster.com///x.xxx?p=52.000.I76p1.729657.***&url=http://html.freebuddymovies.com/5/14/vids/3770/14001/15/15_2cdcb_01.html?pr=9%26su=2%26ad=12195
467[+] http://boysmaster.com///x.xxx?p=52.000.I77p1.725641.***&url=http://html.freebuddymovies.com/5/12/vids/2667/10180/15/13_1fc67_01.html?pr=9%26su=2%26ad=12195
468[+] http://boysmaster.com///x.xxx?p=52.000.I78p1.725148.***&url=http://html.freebuddymovies.com/5/2/vids/3951/14930/15/3_73a74_01.html?pr=9%26su=2%26ad=12195
469[+] http://boysmaster.com///x.xxx?p=52.000.I79p1.724372.***&url=http://galleries1.adult-empire.com/6980/164243/5088/index.php
470[+] http://boysmaster.com///x.xxx?p=52.000.I80p1.729558.***&url=http://html.freebuddymovies.com/5/12/vids/1958/7612/15/13_4845c_01.html?pr=9%26su=2%26ad=12195
471[+] http://boysmaster.com///x.xxx?p=52.000.I81p1.728661.***&url=http://galleries2.adult-empire.com/9440/492626/5088/index.php
472[+] http://boysmaster.com///x.xxx?p=52.000.I82p1.710153.***&url=http://galleries.adult-empire.com/4851/8345/5088/index.php
473[+] http://boysmaster.com///x.xxx?p=52.000.I83p1.729548.***&url=http://html.freebuddymovies.com/5/12/vids/4004/15117/15/13_91efa_01.html?pr=9%26su=2%26ad=12195
474[+] http://boysmaster.com///x.xxx?p=52.000.I84p1.727147.***&url=http://galleries1.adult-empire.com/6474/95701/5088/index.php
475[+] http://boysmaster.com///x.xxx?p=52.000.I85p1.707970.***&url=http://galleries2.adult-empire.com/9756/529371/5088/index.php
476[+] http://boysmaster.com///x.xxx?p=52.000.I86p1.725238.***&url=http://galleries2.adult-empire.com/9756/529399/5088/index.php
477[+] http://boysmaster.com///x.xxx?p=52.000.I87p1.729727.***&url=http://galleries.adult-empire.com/7309/212297/5088/index.php
478[+] http://boysmaster.com///x.xxx?p=52.000.I88p1.711337.***&url=http://galleries2.adult-empire.com/9756/529361/5088/index.php
479[+] http://boysmaster.com///x.xxx?p=52.000.I89p1.619733.***&url=http://gallys.realitykings.com/bf/740/?id=jennyxxx
480[+] http://boysmaster.com///x.xxx?p=52.000.I90p1.678819.***&url=http://promo.nakedkombat.com/g/20593-a1gaytgp:KOD20RevLife/6440/i/0/h/
481[+] http://boysmaster.com///x.xxx?p=52.000.I91p1.725822.***&url=http://html.freebuddymovies.com/5/33/pics/99475/nude/53_c1848_01.html?pr=9%26su=1%26ad=12195
482[+] http://boysmaster.com///x.xxx?p=52.000.I92p1.729426.***&url=http://www3.fetishhitsgallery.com/movie/sgt/40/?t1/pps=murdoc
483[+] http://boysmaster.com///x.xxx?p=52.000.I93p1.614607.***&url=http://alexbucks.com/fhg/ab/felix2.htm?id=1439982
484[+] http://boysmaster.com///x.xxx?p=52.000.I94p1.726075.***&url=http://www2.fetishhitsgallery.com/movie/gbh/19/?t1/pps=murdoc
485[+] http://boysmaster.com///x.xxx?p=52.000.I95p1.724796.***&url=http://html.freebuddymovies.com/5/4/vids/803/3105/15/5_1f6f6_02.html?pr=9%26su=2%26ad=12195
486[+] http://boysmaster.com///x.xxx?p=51.000.I96p1.728401.***&url=http://html.freebuddymovies.com/5/1/pics/24930/nude/7_c1848_01.html?pr=9%26su=1%26ad=12195
487[+] http://boysmaster.com///x.xxx?p=51.000.I97p1.688504.***&url=http://alexbucks.com/fhg/ab/jan.htm?id=1439982
488[+] http://boysmaster.com///x.xxx?p=51.000.I98p1.729455.***&url=http://html.freebuddymovies.com/5/48/pics/25316/nude/123_c1848_01.html?pr=9%26su=1%26ad=12195
489[+] http://boysmaster.com///x.xxx?p=51.000.I99p1.553688.***&url=http://www1.bfcollection.com/994833/bfc/pictures/10bf/Marcus/index.html
490[+] http://boysmaster.com///x.xxx?p=51.000.I100p1.570655.***&url=http://gallys.realitykings.com/bf/594/?id=jennyxxx
491[+] http://boysmaster.com///x.xxx?p=51.000.I101p1.725949.***&url=http://galleries.adult-empire.com/10399/607802/5088/index.php
492[+] http://boysmaster.com///x.xxx?p=51.000.I102p1.724516.***&url=http://galleries2.adult-empire.com/9756/529389/5088/index.php
493[+] http://boysmaster.com///x.xxx?p=51.000.I103p1.699218.***&url=http://galleries2.adult-empire.com/8793/409025/5088/index.php
494[+] http://boysmaster.com///x.xxx?p=51.000.I104p1.727026.***&url=http://www2.fetishhitsgallery.com/movie/jgh/20/?t1/pps=murdoc
495[+] http://boysmaster.com///x.xxx?p=51.000.I105p1.606464.***&url=http://galleries2.adult-empire.com/8793/408884/5088/index.php
496[+] http://boysmaster.com///x.xxx?p=51.000.I106p1.725574.***&url=http://galleries2.adult-empire.com/8211/353162/5088/index.php
497[+] http://boysmaster.com///x.xxx?p=51.000.I107p1.729525.***&url=http://galleries.adult-empire.com/10212/640349/5088/index.php
498[+] http://boysmaster.com///x.xxx?p=51.000.I108p1.728748.***&url=http://galleries2.adult-empire.com/9637/587297/5088/index.php
499[+] http://boysmaster.com///x.xxx?p=51.000.I109p1.680728.***&url=http://promo.boundgods.com/g/20593-a1gaytgp:KOD20RevLife/5464/i/6/h/
500[+] http://boysmaster.com///x.xxx?p=51.000.I110p1.676400.***&url=http://html.freebuddymovies.com/5/1/pics/1625/nude/7_c1848_01.html?pr=9%26su=1%26ad=12195
501[+] http://boysmaster.com///x.xxx?p=51.000.I111p1.728945.***&url=http://galleries.adult-empire.com/7313/212798/5088/index.php
502[+] http://boysmaster.com///x.xxx?p=51.000.I112p1.717626.***&url=http://galleries2.adult-empire.com/9033/446995/5088/index.php
503[+] http://boysmaster.com///x.xxx?p=51.000.I113p1.729481.***&url=http://html.freebuddymovies.com/5/12/vids/3012/11837/15/13_de867_01.html?pr=9%26su=2%26ad=12195
504[+] http://boysmaster.com///x.xxx?p=51.000.I114p1.723737.***&url=http://galleries2.adult-empire.com/8793/409055/5088/index.php
505[+] http://boysmaster.com///x.xxx?p=51.000.I115p1.723418.***&url=http://galleries2.adult-empire.com/9756/529386/5088/index.php
506[+] http://boysmaster.com///x.xxx?p=51.000.I116p1.597652.***&url=http://www1.bfcollection.com/994833/bfc/movies/bfcv-020/david-jarrin.html
507[+] http://boysmaster.com///x.xxx?p=51.000.I117p1.728975.***&url=http://www3.fetishhitsgallery.com/movie/jgh/39/?t1/pps=murdoc
508[+] http://boysmaster.com///x.xxx?p=51.000.I118p1.725476.***&url=http://www3.fetishhitsgallery.com/movie/gbh/54/?t1/pps=murdoc
509[+] http://boysmaster.com///x.xxx?p=51.000.I119p1.698678.***&url=http://html.freebuddymovies.com/5/1/pics/1641/nude/7_c1848_01.html?pr=9%2632su=1%2632ad=12195
510--------------------------------------------------
511[!] 58 External Dynamic Parameter Discovered
512[#] http://adultfriendfinder.com/p/memsearch.cgi?pid=g794868-pct&show=M-M&find_sex=1
513[#] http://mt.livecamfun.com/xtarc/576687/366/0/arg_tour=rex1?mta=330162
514[#] http://www.premiumhdv.com/?cGlkPTM5OCZjYXQ9MTgmcHJnPTcmdG91cj0xOA==
515[#] http://c.actiondesk.com/?s=17494&p=22&pp=1&bp=1
516[#] http://www.addthis.com/bookmark.php?v=250&username=murdoc
517[#] http://www.bananasblue.com/?
518[#] http://askmystack.com/?
519[#] http://gallys.rk.com/dk/152/?id=jennyxxx
520[#] http://html.freebuddymovies.com/5/12/vids/4163/15328/15/13_8d365_01.html?pr=9&su=2&ad=12195
521[#] http://www3.fetishhitsgallery.com/movie/gsg/32/?t1/pps=murdoc
522[#] http://www3.fetishhitsgallery.com/movie/gsg/78/?t1/pps=murdoc
523[#] http://galleries.allgaysitespass.com/movie/agsp/71/?t1/revs=murdoc
524[#] http://www2.fetishhitsgallery.com/movie/gbh/6/?t1/pps=murdoc
525[#] http://www3.fetishhitsgallery.com/movie/ggsv/57/?t1/pps=murdoc
526[#] http://galleries.sinfulgay.com/movies/197/?t1/revs=murdoc
527[#] http://www3.fetishhitsgallery.com/movie/tgh/35/?t1/pps=murdoc
528[#] http://html.freebuddymovies.com/5/14/vids/1834/8605/15/15_958bd_01.html?pr=9&su=2&ad=12195
529[#] http://gallys.rk.com/bf/1133/?id=jennyxxx
530[#] http://alexbucks.com/fhg/ab/eowyn_ward.htm?id=1439982
531[#] http://www3.fetishhitsgallery.com/movie/gss/35/?t1/pps=murdoc
532[#] http://www3.fetishhitsgallery.com/movie/gbh/39/?t1/pps=murdoc
533[#] http://html.freebuddymovies.com/5/14/vids/1836/8625/15/15_cbafc_01.html?pr=9&su=2&ad=12195
534[#] http://html.freebuddymovies.com/5/46/pics/99809/nude/118_c1848_01.html?pr=9&su=1&ad=12195
535[#] http://www3.fetishhitsgallery.com/movie/gss/39/?t1/pps=murdoc
536[#] http://html.freebuddymovies.com/5/4/vids/966/5461/15/5_90f04_01.html?pr=9&su=2&ad=12195
537[#] http://www2.fetishhitsgallery.com/movie/gsg/22/?t1/pps=murdoc
538[#] http://gallys.nastydollars.com/bf/190/?id=jennyxxx
539[#] http://www3.fetishhitsgallery.com/movie/gss/55/?t1/pps=murdoc
540[#] http://www3.fetishhitsgallery.com/movie/gsg/43/?t1/pps=murdoc
541[#] http://www3.fetishhitsgallery.com/movie/gbh/65/?t1/pps=murdoc
542[#] http://www2.fetishhitsgallery.com/movie/gss/25/?t1/pps=murdoc
543[#] http://www3.fetishhitsgallery.com/movie/sgt/41/?t1/pps=murdoc
544[#] http://html.freebuddymovies.com/5/3/vids/938/5419/15/4_97579_01.html?pr=9&su=2&ad=12195
545[#] http://www.straightboygalleries.com/flv/hosted/bsb_galleries/006/index.php?nats=jennyxxx:persignup:bstraightboys,0,0,0,
546[#] http://html.freebuddymovies.com/5/14/vids/1801/7146/15/15_77563_01.html?pr=9&su=2&ad=12195
547[#] http://html.freebuddymovies.com/5/1/pics/0320/non_nude/7_c1848_06.html?pr=9&su=1&ad=12195
548[#] http://html.freebuddymovies.com/5/19/pics/8049/nude/50_c1848_01.html?pr=9&32su=1&32ad=12195
549[#] http://gallys.realitykings.com/bf/577/?id=jennyxxx
550[#] http://gallys.nastydollars.com/bf/201/?id=jennyxxx
551[#] http://www3.fetishhitsgallery.com/movie/sg/19/?t1/pps=murdoc
552[#] http://html.freebuddymovies.com/5/37/pics/9536/nude/68_c1848_01.html?pr=9&su=1&ad=12195
553[#] http://html.freebuddymovies.com/5/46/pics/90447/nude/118_c1848_01.html?pr=9&su=1&ad=12195
554[#] http://html.freebuddymovies.com/5/14/vids/2520/9852/15/15_d7e80_01.html?pr=9&su=2&ad=12195
555[#] http://html.freebuddymovies.com/5/12/vids/1603/6293/15/13_576ac_01.html?pr=9&su=2&ad=12195
556[#] http://www.thesexfolder.com/movie/gss/82/?t1/revs=murdoc
557[#] http://html.freebuddymovies.com/5/14/vids/1849/8094/15/15_1296c_01.html?pr=9&su=2&ad=12195
558[#] http://gallery.eurotwinkin.com/fhg/59/?nats=MTA0MjA6MjoxMA,0,0,0,597
559[#] http://www3.fetishhitsgallery.com/movie/gbh/35/?t1/pps=murdoc
560[#] http://galleries.hardlatingays.com/movies/70/?t1/revs=murdoc
561[#] http://tgp.gammacash.com/pic_gallery/cumon/jordan!_08a-2002-12-10/bluethb_15.html?adv_id=176661
562[#] http://gays.itslive.com/movies/35/?ILREVS=murdoc
563[#] http://www2.fetishhitsgallery.com/movie/ggv/9/?t1/pps=murdoc
564[#] http://gallys.rk.com/bf/916/?id=jennyxxx
565[#] http://www.bananasblue.com/?
566[#] http://askmystack.com/?
567[#] http://trafficholder.com/aff.php?droider
568[#] http://lobby.sexlist.com/?TSLID=199393=501
569[#] http://trafficholder.com/aff.php?droider
570--------------------------------------------------
571[!] 13 Internal links Discovered
572[+] http://www.boysmaster.com/favicon.ico
573[+] http://www.boysmaster.com/favicon.ico
574[+] http://boysmaster.com//css/style.css
575[+] http://www.boysmaster.com/
576[+] http://www.boysmaster.com/main1.html
577[+] http://www.boysmaster.com/main2.html
578[+] http://www.boysmaster.com/main3.html
579[+] http://boysmaster.com//javascript:bookmark();
580[+] http://www.boysmaster.com/main1.html
581[+] http://www.boysmaster.com/main2.html
582[+] http://www.boysmaster.com/main3.html
583[+] http://www.boysmaster.com/
584[+] http://boysmaster.com///2257.html
585--------------------------------------------------
586[!] 34 External links Discovered
587[#] http://moregaytwinks.com
588[#] http://twinkhot.com/
589[#] http://www.sexgaytgp.com/
590[#] http://www.free-pics-tgp.com/
591[#] http://www.columbian-boys.com/
592[#] http://bestgayssex.com/
593[#] http://www.fucktgp.net/
594[#] http://www.5star-boys.com/
595[#] http://sexyboys.name/
596[#] http://sweetgays.net/
597[#] http://www.virginboys.net/tgp/
598[#] http://twinkass.net/
599[#] http://twinkpeaks.com/twink-pics.shtml
600[#] http://moregaytwinks.com
601[#] http://twinkhot.com/
602[#] http://www.sexgaytgp.com/
603[#] http://www.free-pics-tgp.com/
604[#] http://www.columbian-boys.com/
605[#] http://bestgayssex.com/
606[#] http://www.fucktgp.net/
607[#] http://www.5star-boys.com/
608[#] http://sexyboys.name/
609[#] http://sweetgays.net/
610[#] http://www.virginboys.net/tgp/
611[#] http://twinkass.net/
612[#] http://twinkpeaks.com/twink-pics.shtml
613[#] http://veryyoungtwinks.net/
614[#] http://www.gayproject.com
615[#] http://futuregay.com
616[#] http://sunnytgp.com
617[#] http://sunnytgp.com
618[#] http://TGP.outster.com/e/11/77544/
619[#] http://the.sextracker.com/e/393735
620[#] http://gay.xxxcounter.com/e/3/221853/
621--------------------------------------------------
622[#] Mapping Subdomain..
623[!] Found 2 Subdomain
624- boysmaster.com
625- www.boysmaster.com
626--------------------------------------------------
627[!] Done At 2020-02-11 01:14:47.714328
628###################################################################################################################################
629[INFO] ------TARGET info------
630[*] TARGET: http://boysmaster.com/
631[*] TARGET IP: 169.47.149.241
632[INFO] NO load balancer detected for boysmaster.com...
633[*] DNS servers: ns1.alpha-space.com.
634[*] TARGET server: nginx/1.14.0
635[*] CC: US
636[*] Country: United States
637[*] RegionCode: IL
638[*] RegionName: Illinois
639[*] City: Chicago
640[*] ASN: AS36351
641[*] BGP_PREFIX: 169.47.128.0/18
642[*] ISP: SOFTLAYER, US
643[INFO] DNS enumeration:
644[*] ad.boysmaster.com 169.47.149.241
645[*] admin.boysmaster.com 169.47.149.241
646[*] ads.boysmaster.com 169.47.149.241
647[*] alpha.boysmaster.com 169.47.149.241
648[*] api.boysmaster.com 169.47.149.241
649[*] api-online.boysmaster.com 169.47.149.241
650[*] apolo.boysmaster.com 169.47.149.241
651[*] app.boysmaster.com 169.47.149.241
652[*] beta.boysmaster.com 169.47.149.241
653[*] bi.boysmaster.com 169.47.149.241
654[*] blog.boysmaster.com 169.47.149.241
655[*] cdn.boysmaster.com 169.47.149.241
656[*] events.boysmaster.com 169.47.149.241
657[*] ex.boysmaster.com 169.47.149.241
658[*] files.boysmaster.com 169.47.149.241
659[*] ftp.boysmaster.com 169.47.149.241
660[*] gateway.boysmaster.com 169.47.149.241
661[*] go.boysmaster.com 169.47.149.241
662[*] help.boysmaster.com 169.47.149.241
663[*] ib.boysmaster.com 169.47.149.241
664[*] images.boysmaster.com 169.47.149.241
665[*] internetbanking.boysmaster.com 169.47.149.241
666[*] intranet.boysmaster.com 169.47.149.241
667[*] jobs.boysmaster.com 169.47.149.241
668[*] join.boysmaster.com 169.47.149.241
669[*] live.boysmaster.com 169.47.149.241
670[*] login.boysmaster.com 169.47.149.241
671[*] m.boysmaster.com 169.47.149.241
672[*] mail.boysmaster.com 169.47.149.241
673[*] mail2.boysmaster.com 169.47.149.241
674[*] mobile.boysmaster.com 169.47.149.241
675[*] moodle.boysmaster.com 169.47.149.241
676[*] mx.boysmaster.com 169.47.149.241
677[*] mx2.boysmaster.com 169.47.149.241
678[*] mx3.boysmaster.com 169.47.149.241
679[*] my.boysmaster.com 169.47.149.241
680[*] new.boysmaster.com 169.47.149.241
681[*] news.boysmaster.com 169.47.149.241
682[*] ns1.boysmaster.com 169.47.149.241
683[*] ns2.boysmaster.com 169.47.149.241
684[*] ns3.boysmaster.com 169.47.149.241
685[*] oauth.boysmaster.com 169.47.149.241
686[*] old.boysmaster.com 169.47.149.241
687[*] one.boysmaster.com 169.47.149.241
688[*] open.boysmaster.com 169.47.149.241
689[*] out.boysmaster.com 169.47.149.241
690[*] outlook.boysmaster.com 169.47.149.241
691[*] portfolio.boysmaster.com 169.47.149.241
692[*] raw.boysmaster.com 169.47.149.241
693[*] repo.boysmaster.com 169.47.149.241
694[*] router.boysmaster.com 169.47.149.241
695[*] search.boysmaster.com 169.47.149.241
696[*] siem.boysmaster.com 169.47.149.241
697[*] slack.boysmaster.com 169.47.149.241
698[*] slackbot.boysmaster.com 169.47.149.241
699[*] snmp.boysmaster.com 169.47.149.241
700[*] stream.boysmaster.com 169.47.149.241
701[*] support.boysmaster.com 169.47.149.241
702[*] syslog.boysmaster.com 169.47.149.241
703[*] tags.boysmaster.com 169.47.149.241
704[*] test.boysmaster.com 169.47.149.241
705[*] upload.boysmaster.com 169.47.149.241
706[*] video.boysmaster.com 169.47.149.241
707[*] vpn.boysmaster.com 169.47.149.241
708[*] webconf.boysmaster.com 169.47.149.241
709[*] webmail.boysmaster.com 169.47.149.241
710[*] webportal.boysmaster.com 169.47.149.241
711[*] wiki.boysmaster.com 169.47.149.241
712[*] www2.boysmaster.com 169.47.149.241
713[*] www3.boysmaster.com 169.47.149.241
714[*] zendesk.boysmaster.com 169.47.149.241
715[INFO] Possible abuse mails are:
716[*] abuse@boysmaster.com
717[*] abuse@softlayer.com
718[INFO] NO PAC (Proxy Auto Configuration) file FOUND
719[INFO] Starting FUZZing in http://boysmaster.com/FUzZzZzZzZz...
720[INFO] Status code Folders
721[ALERT] Look in the source code. It may contain passwords
722[INFO] Links found from http://boysmaster.com/ http://169.47.149.241/:
723[*] http://adultfriendfinder.com/p/memsearch.cgi?pid=g794868-pct&show=M-M&find_sex=1
724[*] http://alexbucks.com/fhg/ab/eowyn_ward.htm?id=1439982
725[*] http://askmystack.com/?
726[*] http://bestgayssex.com/
727[*] http://boysmaster.com/
728[*] http://boysmaster.com/2257.html
729[*] http://boysmaster.com/x.xxx?link=MeNu
730[*] http://boysmaster.com/x.xxx?p=100.000.I34p1.729035.***&url=http://go.trafficshop.com/81a627a6/gay
731[*] http://boysmaster.com/x.xxx?p=100.000.I65p1.699212.***&url=http://go.trafficshop.com/81a627a6/gay
732[*] http://boysmaster.com/x.xxx?p=100.000.I74p1.728808.***&url=http://go.trafficshop.com/81a627a6/gay
733[*] http://boysmaster.com/x.xxx?p=100.000.I75p1.667062.***&url=http://go.trafficshop.com/81a627a6/gay
734[*] http://boysmaster.com/x.xxx?p=51.000.I100p1.570655.***&url=http://gallys.realitykings.com/bf/594/?id=jennyxxx
735[*] http://boysmaster.com/x.xxx?p=51.000.I101p1.725949.***&url=http://galleries.adult-empire.com/10399/607802/5088/index.php
736[*] http://boysmaster.com/x.xxx?p=51.000.I102p1.724516.***&url=http://galleries2.adult-empire.com/9756/529389/5088/index.php
737[*] http://boysmaster.com/x.xxx?p=51.000.I103p1.699218.***&url=http://galleries2.adult-empire.com/8793/409025/5088/index.php
738[*] http://boysmaster.com/x.xxx?p=51.000.I104p1.727026.***&url=http://www2.fetishhitsgallery.com/movie/jgh/20/?t1/pps=murdoc
739[*] http://boysmaster.com/x.xxx?p=51.000.I105p1.606464.***&url=http://galleries2.adult-empire.com/8793/408884/5088/index.php
740[*] http://boysmaster.com/x.xxx?p=51.000.I106p1.725574.***&url=http://galleries2.adult-empire.com/8211/353162/5088/index.php
741[*] http://boysmaster.com/x.xxx?p=51.000.I107p1.729525.***&url=http://galleries.adult-empire.com/10212/640349/5088/index.php
742[*] http://boysmaster.com/x.xxx?p=51.000.I108p1.728748.***&url=http://galleries2.adult-empire.com/9637/587297/5088/index.php
743[*] http://boysmaster.com/x.xxx?p=51.000.I109p1.680728.***&url=http://promo.boundgods.com/g/20593-a1gaytgp:KOD20RevLife/5464/i/6/h/
744[*] http://boysmaster.com/x.xxx?p=51.000.I110p1.676400.***&url=http://html.freebuddymovies.com/5/1/pics/1625/nude/7_c1848_01.html?pr=9&su=1&ad=12195
745[*] http://boysmaster.com/x.xxx?p=51.000.I111p1.728945.***&url=http://galleries.adult-empire.com/7313/212798/5088/index.php
746[*] http://boysmaster.com/x.xxx?p=51.000.I112p1.717626.***&url=http://galleries2.adult-empire.com/9033/446995/5088/index.php
747[*] http://boysmaster.com/x.xxx?p=51.000.I113p1.729481.***&url=http://html.freebuddymovies.com/5/12/vids/3012/11837/15/13_de867_01.html?pr=9&su=2&ad=12195
748[*] http://boysmaster.com/x.xxx?p=51.000.I114p1.723737.***&url=http://galleries2.adult-empire.com/8793/409055/5088/index.php
749[*] http://boysmaster.com/x.xxx?p=51.000.I115p1.723418.***&url=http://galleries2.adult-empire.com/9756/529386/5088/index.php
750[*] http://boysmaster.com/x.xxx?p=51.000.I116p1.597652.***&url=http://www1.bfcollection.com/994833/bfc/movies/bfcv-020/david-jarrin.html
751[*] http://boysmaster.com/x.xxx?p=51.000.I117p1.728975.***&url=http://www3.fetishhitsgallery.com/movie/jgh/39/?t1/pps=murdoc
752[*] http://boysmaster.com/x.xxx?p=51.000.I118p1.725476.***&url=http://www3.fetishhitsgallery.com/movie/gbh/54/?t1/pps=murdoc
753[*] http://boysmaster.com/x.xxx?p=51.000.I119p1.698678.***&url=http://html.freebuddymovies.com/5/1/pics/1641/nude/7_c1848_01.html?pr=9&32su=1&32ad=12195
754[*] http://boysmaster.com/x.xxx?p=51.000.I96p1.728401.***&url=http://html.freebuddymovies.com/5/1/pics/24930/nude/7_c1848_01.html?pr=9&su=1&ad=12195
755[*] http://boysmaster.com/x.xxx?p=51.000.I97p1.688504.***&url=http://alexbucks.com/fhg/ab/jan.htm?id=1439982
756[*] http://boysmaster.com/x.xxx?p=51.000.I98p1.729455.***&url=http://html.freebuddymovies.com/5/48/pics/25316/nude/123_c1848_01.html?pr=9&su=1&ad=12195
757[*] http://boysmaster.com/x.xxx?p=51.000.I99p1.553688.***&url=http://www1.bfcollection.com/994833/bfc/pictures/10bf/Marcus/index.html
758[*] http://boysmaster.com/x.xxx?p=52.000.I72p1.698671.***&url=http://galleries.adult-empire.com/4133/34781/5088/index.php
759[*] http://boysmaster.com/x.xxx?p=52.000.I73p1.729252.***&url=http://galleries2.adult-empire.com/9756/529362/5088/index.php
760[*] http://boysmaster.com/x.xxx?p=52.000.I76p1.729657.***&url=http://html.freebuddymovies.com/5/14/vids/3770/14001/15/15_2cdcb_01.html?pr=9&su=2&ad=12195
761[*] http://boysmaster.com/x.xxx?p=52.000.I77p1.725641.***&url=http://html.freebuddymovies.com/5/12/vids/2667/10180/15/13_1fc67_01.html?pr=9&su=2&ad=12195
762[*] http://boysmaster.com/x.xxx?p=52.000.I78p1.725148.***&url=http://html.freebuddymovies.com/5/2/vids/3951/14930/15/3_73a74_01.html?pr=9&su=2&ad=12195
763[*] http://boysmaster.com/x.xxx?p=52.000.I79p1.724372.***&url=http://galleries1.adult-empire.com/6980/164243/5088/index.php
764[*] http://boysmaster.com/x.xxx?p=52.000.I80p1.729558.***&url=http://html.freebuddymovies.com/5/12/vids/1958/7612/15/13_4845c_01.html?pr=9&su=2&ad=12195
765[*] http://boysmaster.com/x.xxx?p=52.000.I81p1.728661.***&url=http://galleries2.adult-empire.com/9440/492626/5088/index.php
766[*] http://boysmaster.com/x.xxx?p=52.000.I82p1.710153.***&url=http://galleries.adult-empire.com/4851/8345/5088/index.php
767[*] http://boysmaster.com/x.xxx?p=52.000.I83p1.729548.***&url=http://html.freebuddymovies.com/5/12/vids/4004/15117/15/13_91efa_01.html?pr=9&su=2&ad=12195
768[*] http://boysmaster.com/x.xxx?p=52.000.I84p1.727147.***&url=http://galleries1.adult-empire.com/6474/95701/5088/index.php
769[*] http://boysmaster.com/x.xxx?p=52.000.I85p1.707970.***&url=http://galleries2.adult-empire.com/9756/529371/5088/index.php
770[*] http://boysmaster.com/x.xxx?p=52.000.I86p1.725238.***&url=http://galleries2.adult-empire.com/9756/529399/5088/index.php
771[*] http://boysmaster.com/x.xxx?p=52.000.I87p1.729727.***&url=http://galleries.adult-empire.com/7309/212297/5088/index.php
772[*] http://boysmaster.com/x.xxx?p=52.000.I88p1.711337.***&url=http://galleries2.adult-empire.com/9756/529361/5088/index.php
773[*] http://boysmaster.com/x.xxx?p=52.000.I89p1.619733.***&url=http://gallys.realitykings.com/bf/740/?id=jennyxxx
774[*] http://boysmaster.com/x.xxx?p=52.000.I90p1.678819.***&url=http://promo.nakedkombat.com/g/20593-a1gaytgp:KOD20RevLife/6440/i/0/h/
775[*] http://boysmaster.com/x.xxx?p=52.000.I91p1.725822.***&url=http://html.freebuddymovies.com/5/33/pics/99475/nude/53_c1848_01.html?pr=9&su=1&ad=12195
776[*] http://boysmaster.com/x.xxx?p=52.000.I92p1.729426.***&url=http://www3.fetishhitsgallery.com/movie/sgt/40/?t1/pps=murdoc
777[*] http://boysmaster.com/x.xxx?p=52.000.I93p1.614607.***&url=http://alexbucks.com/fhg/ab/felix2.htm?id=1439982
778[*] http://boysmaster.com/x.xxx?p=52.000.I94p1.726075.***&url=http://www2.fetishhitsgallery.com/movie/gbh/19/?t1/pps=murdoc
779[*] http://boysmaster.com/x.xxx?p=52.000.I95p1.724796.***&url=http://html.freebuddymovies.com/5/4/vids/803/3105/15/5_1f6f6_02.html?pr=9&su=2&ad=12195
780[*] http://boysmaster.com/x.xxx?p=53.000.I48p1.682298.***&url=http://html.freebuddymovies.com/5/1/pics/1697/nude/7_c1848_01.html?pr=9&su=2&ad=12195
781[*] http://boysmaster.com/x.xxx?p=53.000.I49p1.666375.***&url=http://galleries.adult-empire.com/10399/607837/5088/index.php
782[*] http://boysmaster.com/x.xxx?p=53.000.I50p1.725249.***&url=http://www2.fetishhitsgallery.com/movie/ggv/15/?t1/pps=murdoc
783[*] http://boysmaster.com/x.xxx?p=53.000.I51p1.693541.***&url=http://galleries2.adult-empire.com/9033/447112/5088/index.php
784[*] http://boysmaster.com/x.xxx?p=53.000.I52p1.725957.***&url=http://html.freebuddymovies.com/5/3/vids/937/5418/15/4_284d0_01.html?pr=9&su=2&ad=12195
785[*] http://boysmaster.com/x.xxx?p=53.000.I53p1.724526.***&url=http://galleries2.adult-empire.com/9756/529375/5088/index.php
786[*] http://boysmaster.com/x.xxx?p=53.000.I54p1.729505.***&url=http://html.freebuddymovies.com/5/41/pics/99647/nude/88_c1848_01.html?pr=9&su=1&ad=12195
787[*] http://boysmaster.com/x.xxx?p=53.000.I55p1.728804.***&url=http://www2.fetishhitsgallery.com/movie/gbh/26/?t1/pps=murdoc
788[*] http://boysmaster.com/x.xxx?p=53.000.I56p1.616245.***&url=http://gallys.rk.com/bf/1013/?id=jennyxxx
789[*] http://boysmaster.com/x.xxx?p=53.000.I57p1.649634.***&url=http://galleries2.adult-empire.com/9033/446945/5088/index.php
790[*] http://boysmaster.com/x.xxx?p=53.000.I58p1.656221.***&url=http://alexbucks.com/fhg/ab/dog.htm?id=1439982
791[*] http://boysmaster.com/x.xxx?p=53.000.I59p1.729615.***&url=http://www2.fetishhitsgallery.com/movie/tgc/2/?t1/pps=murdoc
792[*] http://boysmaster.com/x.xxx?p=53.000.I60p1.729223.***&url=http://html.freebuddymovies.com/5/40/pics/15060/nude/83_c1848_01.html?pr=9&su=1&ad=12195
793[*] http://boysmaster.com/x.xxx?p=53.000.I61p1.666934.***&url=http://galleries2.adult-empire.com/9756/529396/5088/index.php
794[*] http://boysmaster.com/x.xxx?p=53.000.I62p1.705821.***&url=http://galleries2.adult-empire.com/9756/529363/5088/index.php
795[*] http://boysmaster.com/x.xxx?p=53.000.I63p1.688797.***&url=http://alexbucks.com/fhg/ab/lucas_harry_02.htm?id=1439982
796[*] http://boysmaster.com/x.xxx?p=53.000.I64p1.728598.***&url=http://galleries2.adult-empire.com/9033/447088/5088/index.php
797[*] http://boysmaster.com/x.xxx?p=53.000.I66p1.693539.***&url=http://galleries.adult-empire.com/10399/607758/5088/index.php
798[*] http://boysmaster.com/x.xxx?p=53.000.I67p1.648049.***&url=http://gallys.rk.com/bf/1052/?id=jennyxxx
799[*] http://boysmaster.com/x.xxx?p=53.000.I68p1.729274.***&url=http://galleries1.adult-empire.com/5974/244670/5088/index.php
800[*] http://boysmaster.com/x.xxx?p=53.000.I69p1.724606.***&url=http://galleries2.adult-empire.com/9756/529373/5088/index.php
801[*] http://boysmaster.com/x.xxx?p=53.000.I70p1.717396.***&url=http://galleries2.adult-empire.com/8793/408648/5088/index.php
802[*] http://boysmaster.com/x.xxx?p=53.000.I71p1.726000.***&url=http://galleries2.adult-empire.com/8793/408858/5088/index.php
803[*] http://boysmaster.com/x.xxx?p=54.000.I24p1.723433.***&url=http://galleries.adult-empire.com/4133/34791/5088/index.php
804[*] http://boysmaster.com/x.xxx?p=54.000.I25p1.729672.***&url=http://html.freebuddymovies.com/5/14/vids/1770/6970/15/15_e0e95_01.html?pr=9&su=2&ad=12195
805[*] http://boysmaster.com/x.xxx?p=54.000.I26p1.456488.***&url=http://www1.bfcollection.com/994833/bfc/pictures/09/leo.html
806[*] http://boysmaster.com/x.xxx?p=54.000.I27p1.724390.***&url=http://tgp.gammacash.com/galleries/pictures/pornication_live/bio/valentino/h/0/index.60.html?adv_id=176661
807[*] http://boysmaster.com/x.xxx?p=54.000.I28p1.597764.***&url=http://www1.bfcollection.com/994833/bfc/pictures/bfc-02/index.html
808[*] http://boysmaster.com/x.xxx?p=54.000.I29p1.725797.***&url=http://html.freebuddymovies.com/5/80/pics/99574/nude/187_c1848_01.html?pr=9&su=1&ad=12195
809[*] http://boysmaster.com/x.xxx?p=54.000.I30p1.724400.***&url=http://galleries2.adult-empire.com/8793/408840/5088/index.php
810[*] http://boysmaster.com/x.xxx?p=54.000.I31p1.669811.***&url=http://promo.boundgods.com/g/20593-a1gaytgp:KOD20RevLife/8202/i/3/h/
811[*] http://boysmaster.com/x.xxx?p=54.000.I32p1.722945.***&url=http://galleries2.adult-empire.com/9033/446962/5088/index.php
812[*] http://boysmaster.com/x.xxx?p=54.000.I33p1.723362.***&url=http://galleries2.adult-empire.com/9033/447172/5088/index.php
813[*] http://boysmaster.com/x.xxx?p=54.000.I35p1.506622.***&url=http://www1.bfcollection.com/994833/bfc/pictures/bfc-15/austin.html
814[*] http://boysmaster.com/x.xxx?p=54.000.I36p1.725403.***&url=http://alexbucks.com/fhg/ab/akilo_02.htm?id=1439982
815[*] http://boysmaster.com/x.xxx?p=54.000.I37p1.719986.***&url=http://galleries2.adult-empire.com/8793/409031/5088/index.php
816[*] http://boysmaster.com/x.xxx?p=54.000.I38p1.725438.***&url=http://html.freebuddymovies.com/5/12/vids/4269/15505/15/13_3414a_01.html?pr=9&su=2&ad=12195
817[*] http://boysmaster.com/x.xxx?p=54.000.I39p1.687772.***&url=http://galleries2.adult-empire.com/8793/409039/5088/index.php
818[*] http://boysmaster.com/x.xxx?p=54.000.I40p1.654721.***&url=http://alexbucks.com/fhg/ab/john_d_2.htm?id=1439982
819[*] http://boysmaster.com/x.xxx?p=54.000.I41p1.729212.***&url=http://www3.fetishhitsgallery.com/movie/ggsv/59/?t1/pps=murdoc
820[*] http://boysmaster.com/x.xxx?p=54.000.I42p1.725222.***&url=http://html.freebuddymovies.com/5/14/vids/3398/13003/15/15_070f0_01.html?pr=9&su=2&ad=12195
821[*] http://boysmaster.com/x.xxx?p=54.000.I43p1.666576.***&url=http://collegeguys.itslive.com/movies/56/?ILREVS=murdoc
822[*] http://boysmaster.com/x.xxx?p=54.000.I44p1.668769.***&url=http://galleries2.adult-empire.com/9417/485156/5088/index.php
823[*] http://boysmaster.com/x.xxx?p=54.000.I45p1.658171.***&url=http://alexbucks.com/fhg/ab/camillo.htm?id=1439982
824[*] http://boysmaster.com/x.xxx?p=54.000.I46p1.723430.***&url=http://galleries.adult-empire.com/10212/640357/5088/index.php
825[*] http://boysmaster.com/x.xxx?p=54.000.I47p1.723436.***&url=http://galleries2.adult-empire.com/9388/480587/5088/index.php
826[*] http://boysmaster.com/x.xxx?p=55.000.I0p1.729654.***&url=http://html.freebuddymovies.com/5/1/vids/748/3005/15/1_9d7b1_01.html?pr=9&su=2&ad=12195
827[*] http://boysmaster.com/x.xxx?p=55.000.I10p1.729674.***&url=http://html.freebuddymovies.com/5/14/vids/2548/9979/15/15_045b6_01.html?pr=9&su=2&ad=12195
828[*] http://boysmaster.com/x.xxx?p=55.000.I11p1.669016.***&url=http://promo.nakedkombat.com/g/20593-a1gaytgp:KOD20RevLife/7426/i/2/h/
829[*] http://boysmaster.com/x.xxx?p=55.000.I12p1.724126.***&url=http://galleries.adult-empire.com/10399/607788/5088/index.php
830[*] http://boysmaster.com/x.xxx?p=55.000.I13p1.439312.***&url=http://www1.bfcollection.com/994833/bfc/pictures/bfc-05/index.html
831[*] http://boysmaster.com/x.xxx?p=55.000.I14p1.723432.***&url=http://galleries.adult-empire.com/4133/34802/5088/index.php
832[*] http://boysmaster.com/x.xxx?p=55.000.I15p1.729621.***&url=http://html.freebuddymovies.com/5/14/vids/3292/12729/15/15_11bcb_01.html?pr=9&su=2&ad=12195
833[*] http://boysmaster.com/x.xxx?p=55.000.I16p1.686799.***&url=http://gallys.realitykings.com/bf/608/?id=jennyxxx
834[*] http://boysmaster.com/x.xxx?p=55.000.I17p1.494885.***&url=http://www1.bfcollection.com/994833/bfc/pictures/02/index.html
835[*] http://boysmaster.com/x.xxx?p=55.000.I18p1.682704.***&url=http://alexbucks.com/fhg/ab/arpad_zoltan.htm?id=1439982
836[*] http://boysmaster.com/x.xxx?p=55.000.I19p1.725290.***&url=http://galleries2.adult-empire.com/8836/413777/5088/index.php
837[*] http://boysmaster.com/x.xxx?p=55.000.I1p1.581521.***&url=http://www1.bfcollection.com/994833/bfc/pictures/10bf/Brad-and-Shayne/index.html
838[*] http://boysmaster.com/x.xxx?p=55.000.I20p1.398841.***&url=http://www1.bfcollection.com/994833/bfc/pictures/08/danny-aidan.html
839[*] http://boysmaster.com/x.xxx?p=55.000.I21p1.716370.***&url=http://alexbucks.com/fhg/ab/nathan.htm?id=1439982
840[*] http://boysmaster.com/x.xxx?p=55.000.I22p1.652068.***&url=http://gallys.realitykings.com/bf/766/?id=jennyxxx
841[*] http://boysmaster.com/x.xxx?p=55.000.I23p1.693550.***&url=http://galleries2.adult-empire.com/8793/409026/5088/index.php
842[*] http://boysmaster.com/x.xxx?p=55.000.I2p1.729748.***&url=http://galleries2.adult-empire.com/9388/480803/5088/index.php
843[*] http://boysmaster.com/x.xxx?p=55.000.I3p1.413423.***&url=http://www1.bfcollection.com/994833/bfc/pictures/06bf/Brad/index.html
844[*] http://boysmaster.com/x.xxx?p=55.000.I4p1.642597.***&url=http://gays.itslive.com/movies/222/?ILREVS=murdoc
845[*] http://boysmaster.com/x.xxx?p=55.000.I5p1.670495.***&url=http://galleries.adult-empire.com/10399/607759/5088/index.php
846[*] http://boysmaster.com/x.xxx?p=55.000.I6p1.683626.***&url=http://alexbucks.com/fhg/ab/frodo.htm?id=1439982
847[*] http://boysmaster.com/x.xxx?p=55.000.I7p1.688506.***&url=http://alexbucks.com/fhg/ab/janusz.htm?id=1439982
848[*] http://boysmaster.com/x.xxx?p=55.000.I8p1.647370.***&url=http://alexbucks.com/fhg/ab/akilo_5.htm?id=1439982
849[*] http://boysmaster.com/x.xxx?p=55.000.I9p1.669863.***&url=http://html.freebuddymovies.com/5/41/pics/11906/nude/88_c1848_01.html?pr=9&su=1&ad=12195
850[*] http://c.actiondesk.com/?s=17494&p=22&pp=1&bp=1
851[*] http://futuregay.com/
852[*] http://galleries.allgaysitespass.com/movie/agsp/71/?t1/revs=murdoc
853[*] http://galleries.hardlatingays.com/movies/70/?t1/revs=murdoc
854[*] http://galleries.sinfulgay.com/movies/197/?t1/revs=murdoc
855[*] http://gallery.eurotwinkin.com/fhg/59/?nats=MTA0MjA6MjoxMA,0,0,0,597
856[*] http://gallys.nastydollars.com/bf/190/?id=jennyxxx
857[*] http://gallys.nastydollars.com/bf/201/?id=jennyxxx
858[*] http://gallys.realitykings.com/bf/577/?id=jennyxxx
859[*] http://gallys.rk.com/bf/1133/?id=jennyxxx
860[*] http://gallys.rk.com/bf/916/?id=jennyxxx
861[*] http://gallys.rk.com/dk/152/?id=jennyxxx
862[*] http://gays.itslive.com/movies/35/?ILREVS=murdoc
863[*] http://gay.xxxcounter.com/e/3/221853/
864[*] http://html.freebuddymovies.com/5/12/vids/1603/6293/15/13_576ac_01.html?pr=9&su=2&ad=12195
865[*] http://html.freebuddymovies.com/5/12/vids/4163/15328/15/13_8d365_01.html?pr=9&su=2&ad=12195
866[*] http://html.freebuddymovies.com/5/14/vids/1801/7146/15/15_77563_01.html?pr=9&su=2&ad=12195
867[*] http://html.freebuddymovies.com/5/14/vids/1834/8605/15/15_958bd_01.html?pr=9&su=2&ad=12195
868[*] http://html.freebuddymovies.com/5/14/vids/1836/8625/15/15_cbafc_01.html?pr=9&su=2&ad=12195
869[*] http://html.freebuddymovies.com/5/14/vids/1849/8094/15/15_1296c_01.html?pr=9&su=2&ad=12195
870[*] http://html.freebuddymovies.com/5/14/vids/2520/9852/15/15_d7e80_01.html?pr=9&su=2&ad=12195
871[*] http://html.freebuddymovies.com/5/19/pics/8049/nude/50_c1848_01.html?pr=9&32su=1&32ad=12195
872[*] http://html.freebuddymovies.com/5/1/pics/0320/non_nude/7_c1848_06.html?pr=9&su=1&ad=12195
873[*] http://html.freebuddymovies.com/5/37/pics/9536/nude/68_c1848_01.html?pr=9&su=1&ad=12195
874[*] http://html.freebuddymovies.com/5/3/vids/938/5419/15/4_97579_01.html?pr=9&su=2&ad=12195
875[*] http://html.freebuddymovies.com/5/46/pics/90447/nude/118_c1848_01.html?pr=9&su=1&ad=12195
876[*] http://html.freebuddymovies.com/5/46/pics/99809/nude/118_c1848_01.html?pr=9&su=1&ad=12195
877[*] http://html.freebuddymovies.com/5/4/vids/966/5461/15/5_90f04_01.html?pr=9&su=2&ad=12195
878[*] http://link.masterstats.com/stat-redir?id=14516
879[*] http://lobby.sexlist.com/?TSLID=199393=501
880[*] http://moregaytwinks.com/
881[*] http://mt.livecamfun.com/xtarc/576687/366/0/arg_tour=rex1?mta=330162
882[*] http://sexyboys.name/
883[*] http://sunnytgp.com/
884[*] http://sweetgays.net/
885[*] http://tgp.gammacash.com/pic_gallery/cumon/jordan!_08a-2002-12-10/bluethb_15.html?adv_id=176661
886[*] http://TGP.outster.com/e/11/77544/
887[*] http://the.sextracker.com/e/393735
888[*] http://trafficholder.com/aff.php?droider
889[*] http://twinkass.net/
890[*] http://twinkhot.com/
891[*] http://twinkpeaks.com/twink-pics.shtml
892[*] http://veryyoungtwinks.net/
893[*] http://www2.fetishhitsgallery.com/movie/gbh/6/?t1/pps=murdoc
894[*] http://www2.fetishhitsgallery.com/movie/ggv/9/?t1/pps=murdoc
895[*] http://www2.fetishhitsgallery.com/movie/gsg/22/?t1/pps=murdoc
896[*] http://www2.fetishhitsgallery.com/movie/gss/25/?t1/pps=murdoc
897[*] http://www3.fetishhitsgallery.com/movie/gbh/35/?t1/pps=murdoc
898[*] http://www3.fetishhitsgallery.com/movie/gbh/39/?t1/pps=murdoc
899[*] http://www3.fetishhitsgallery.com/movie/gbh/65/?t1/pps=murdoc
900[*] http://www3.fetishhitsgallery.com/movie/ggsv/57/?t1/pps=murdoc
901[*] http://www3.fetishhitsgallery.com/movie/gsg/32/?t1/pps=murdoc
902[*] http://www3.fetishhitsgallery.com/movie/gsg/43/?t1/pps=murdoc
903[*] http://www3.fetishhitsgallery.com/movie/gsg/78/?t1/pps=murdoc
904[*] http://www3.fetishhitsgallery.com/movie/gss/35/?t1/pps=murdoc
905[*] http://www3.fetishhitsgallery.com/movie/gss/39/?t1/pps=murdoc
906[*] http://www3.fetishhitsgallery.com/movie/gss/55/?t1/pps=murdoc
907[*] http://www3.fetishhitsgallery.com/movie/sg/19/?t1/pps=murdoc
908[*] http://www3.fetishhitsgallery.com/movie/sgt/41/?t1/pps=murdoc
909[*] http://www3.fetishhitsgallery.com/movie/tgh/35/?t1/pps=murdoc
910[*] http://www.5star-boys.com/
911[*] http://www.addthis.com/bookmark.php?v=250&username=murdoc
912[*] http://www.bananasblue.com/?
913[*] http://www.boysmaster.com/
914[*] http://www.boysmaster.com/main1.html
915[*] http://www.boysmaster.com/main2.html
916[*] http://www.boysmaster.com/main3.html
917[*] http://www.columbian-boys.com/
918[*] http://www.free-pics-tgp.com/
919[*] http://www.fucktgp.net/
920[*] http://www.gayproject.com/
921[*] http://www.sexgaytgp.com/
922[*] http://www.straightboygalleries.com/flv/hosted/bsb_galleries/006/index.php?nats=jennyxxx:persignup:bstraightboys,0,0,0,
923[*] http://www.thesexfolder.com/movie/gss/82/?t1/revs=murdoc
924[*] http://www.virginboys.net/tgp/
925cut: intervalle de champ incorrecte
926Saisissez « cut --help » pour plus d'informations.
927[INFO] Shodan detected the following opened ports on 169.47.149.241:
928[*] 25
929[*] 3306
930[*] 53
931[*] 80
932[*] 8888
933[INFO] ------VirusTotal SECTION------
934[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
935[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
936[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
937[INFO] ------Alexa Rank SECTION------
938[INFO] Percent of Visitors Rank in Country:
939[INFO] Percent of Search Traffic:
940[INFO] Percent of Unique Visits:
941[INFO] Total Sites Linking In:
942[*] Total Sites
943[INFO] Useful links related to boysmaster.com - 169.47.149.241:
944[*] https://www.virustotal.com/pt/ip-address/169.47.149.241/information/
945[*] https://www.hybrid-analysis.com/search?host=169.47.149.241
946[*] https://www.shodan.io/host/169.47.149.241
947[*] https://www.senderbase.org/lookup/?search_string=169.47.149.241
948[*] https://www.alienvault.com/open-threat-exchange/ip/169.47.149.241
949[*] http://pastebin.com/search?q=169.47.149.241
950[*] http://urlquery.net/search.php?q=169.47.149.241
951[*] http://www.alexa.com/siteinfo/boysmaster.com
952[*] http://www.google.com/safebrowsing/diagnostic?site=boysmaster.com
953[*] https://censys.io/ipv4/169.47.149.241
954[*] https://www.abuseipdb.com/check/169.47.149.241
955[*] https://urlscan.io/search/#169.47.149.241
956[*] https://github.com/search?q=169.47.149.241&type=Code
957[INFO] Useful links related to AS36351 - 169.47.128.0/18:
958[*] http://www.google.com/safebrowsing/diagnostic?site=AS:36351
959[*] https://www.senderbase.org/lookup/?search_string=169.47.128.0/18
960[*] http://bgp.he.net/AS36351
961[*] https://stat.ripe.net/AS36351
962[INFO] Date: 11/02/20 | Time: 01:15:09
963[INFO] Total time: 0 minute(s) and 35 second(s)
964#####################################################################################################################################
965Trying "boysmaster.com"
966;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50718
967;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 4
968
969;; QUESTION SECTION:
970;boysmaster.com. IN ANY
971
972;; ANSWER SECTION:
973boysmaster.com. 43200 IN MX 10 mail.alpha-space.com.
974boysmaster.com. 43200 IN A 169.47.149.241
975boysmaster.com. 43200 IN SOA ns1.alpha-space.com. hostmaster.alpha-space.com. 2003091002 28800 7200 2592000 86400
976boysmaster.com. 34014 IN NS ns2.alpha-space.com.
977boysmaster.com. 34014 IN NS ns2.onyx7.com.
978boysmaster.com. 34014 IN NS ns1.alpha-space.com.
979boysmaster.com. 34014 IN NS ns1.onyx7.com.
980
981;; ADDITIONAL SECTION:
982ns2.onyx7.com. 15725 IN A 169.47.149.241
983ns2.alpha-space.com. 15725 IN A 169.47.149.241
984ns1.onyx7.com. 15725 IN A 209.95.51.189
985ns1.alpha-space.com. 15725 IN A 209.95.51.189
986
987Received 270 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 59 ms
988####################################################################################################################################
989; <<>> DiG 9.11.14-3-Debian <<>> +trace boysmaster.com any
990;; global options: +cmd
991. 83012 IN NS f.root-servers.net.
992. 83012 IN NS i.root-servers.net.
993. 83012 IN NS b.root-servers.net.
994. 83012 IN NS l.root-servers.net.
995. 83012 IN NS m.root-servers.net.
996. 83012 IN NS j.root-servers.net.
997. 83012 IN NS a.root-servers.net.
998. 83012 IN NS d.root-servers.net.
999. 83012 IN NS k.root-servers.net.
1000. 83012 IN NS h.root-servers.net.
1001. 83012 IN NS g.root-servers.net.
1002. 83012 IN NS c.root-servers.net.
1003. 83012 IN NS e.root-servers.net.
1004. 83012 IN RRSIG NS 8 0 518400 20200224010000 20200211000000 33853 . r44UE3ExPImOSD5Eu7uzTdRCM3lmGp/SC5Vfc4xsKaYp0ZzUEdEHCj6P sP5gRik3wdJaZs9X5+53FCN/6838/iI65EUYa/wwBBTix1/WNBDYkLxd R7ERnwYRpFJJV6t+uwvMP+x4f+BGexxnZOtW3nG8azF1uTSJlrqmOZHb M4I1iI978+vOBGfCk5nQc8rgGErvsqGQPiefd/yusEDIbRi0B2MW5gFJ j/2rE7uLUTgJXuYE+5j29svHLJIJh+RkddlM2Z5ZYm/e0RUsIgyuONoV HqUyG36VG4OKXrwDDIE8XSiVSlFzE0y+u6srLFEee4UYN5E1WPXl91u8 7sifPQ==
1005;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 198 ms
1006
1007com. 172800 IN NS l.gtld-servers.net.
1008com. 172800 IN NS c.gtld-servers.net.
1009com. 172800 IN NS g.gtld-servers.net.
1010com. 172800 IN NS h.gtld-servers.net.
1011com. 172800 IN NS f.gtld-servers.net.
1012com. 172800 IN NS j.gtld-servers.net.
1013com. 172800 IN NS d.gtld-servers.net.
1014com. 172800 IN NS a.gtld-servers.net.
1015com. 172800 IN NS k.gtld-servers.net.
1016com. 172800 IN NS m.gtld-servers.net.
1017com. 172800 IN NS i.gtld-servers.net.
1018com. 172800 IN NS e.gtld-servers.net.
1019com. 172800 IN NS b.gtld-servers.net.
1020com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
1021com. 86400 IN RRSIG DS 8 1 86400 20200224010000 20200211000000 33853 . UKrnkb7QaQmB5XVa8wwDvLzQZhuAL2comoN19PX3Vf737Ztg+FF9iGcS JPzIfRp3so0Muqqf4smMxbkwvocrx8PJszHNlnD0I4IQIqtAf0nEvjYQ fM8NHV4rTP31HWA0aaKzMCHe/nsjQ/3ACgVTGNUJPQefGorT1g1WqKpC mnNBzwh/BlINCiUgyy8R0tu/T+WWDj5F2hf8+ba+04CvePswT2kRaXuA 2Ywl0V0XqmNEL0ny1nXGAb5fAVNtX06F/IrxyYCdJ1+bwJpNFvPhXFq/ 4LbWnPj6w0TkUHtxPxRXN8tYI9oiCfCXUlzHWMWLexY+Bqotp5oQx3ti OkyMgQ==
1022;; Received 1174 bytes from 2001:7fe::53#53(i.root-servers.net) in 42 ms
1023
1024boysmaster.com. 172800 IN NS ns1.alpha-space.com.
1025boysmaster.com. 172800 IN NS ns2.alpha-space.com.
1026boysmaster.com. 172800 IN NS ns1.onyx7.com.
1027boysmaster.com. 172800 IN NS ns2.onyx7.com.
1028CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
1029CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200215054817 20200208043817 56311 com. xe9g9xpfm5me3nPoh8UBmt50pWF9oGbO2ZGDV7k/6yp108FaBkHd52n8 w1SIPKwBAjVKH1GzsDRWhgMaV1bq97LkdJWYdSrAE+H3eJR376HBGe6L u8swByJn2uvtfCd8eK6XNvqD9ckKuMvb9Xt4epzQ++dR5VEHBNGMW4Gd aP3PYtlvoAhaPaXyKs0jzJx4kbMonLY67d9IyGyxlGj0jw==
1030TEMV0JC75KHLCILGNLRN09F9GKHU30TI.com. 86400 IN NSEC3 1 1 0 - TEN03MLG75816C8NCVLAFKQDP14L502P NS DS RRSIG
1031TEMV0JC75KHLCILGNLRN09F9GKHU30TI.com. 86400 IN RRSIG NSEC3 8 2 86400 20200216063212 20200209052212 56311 com. jPCy2E0DSKZDh6a7vPPpO5z1J9Q+po9IGQpjM0MHcupAu4TgsFSb6Jy5 6kGeo/6VgxFEId3n9s+yF0R5j5QftGzpL17d7M8fdYy7pTIiBas/Svi2 yCSoBv3fEWL/4uUEORwWyYN3VHaOI8NAT4NbRyZrUNR7iMqLjgwnIpxG LqGezxFVabL14oOHl/5S0OqlX+/jebm8YvAh0P2tEXgk0w==
1032;; Received 746 bytes from 192.31.80.30#53(d.gtld-servers.net) in 155 ms
1033
1034boysmaster.com. 86400 IN SOA ns1.alpha-space.com. hostmaster.alpha-space.com. 2003091002 28800 7200 2592000 86400
1035boysmaster.com. 86400 IN NS ns2.alpha-space.com.
1036boysmaster.com. 86400 IN NS ns2.onyx7.com.
1037boysmaster.com. 86400 IN NS ns1.alpha-space.com.
1038boysmaster.com. 86400 IN NS ns1.onyx7.com.
1039boysmaster.com. 86400 IN A 169.47.149.241
1040boysmaster.com. 86400 IN MX 10 mail.alpha-space.com.
1041;; Received 325 bytes from 209.95.51.189#53(ns1.alpha-space.com) in 157 ms
1042####################################################################################################################################
1043[*] Performing General Enumeration of Domain: boysmaster.com
1044[!] Wildcard resolution is enabled on this domain
1045[!] It is resolving to 169.47.149.241
1046[!] All queries will resolve to this address!!
1047[-] DNSSEC is not configured for boysmaster.com
1048[*] SOA ns1.alpha-space.com 209.95.51.189
1049[*] NS ns2.onyx7.com 169.47.149.241
1050[*] Bind Version for 169.47.149.241 9.11.4-P2
1051[*] NS ns2.alpha-space.com 169.47.149.241
1052[*] Bind Version for 169.47.149.241 9.11.4-P2
1053[*] NS ns1.onyx7.com 209.95.51.189
1054[*] Bind Version for 209.95.51.189 9.11.2-P1
1055[*] NS ns1.alpha-space.com 209.95.51.189
1056[*] Bind Version for 209.95.51.189 9.11.2-P1
1057[*] MX mail.alpha-space.com 209.95.50.172
1058[*] A boysmaster.com 169.47.149.241
1059[*] Enumerating SRV Records
1060[-] No SRV Records Found for boysmaster.com
1061[+] 0 Records Found
1062####################################################################################################################################
1063[*] Processing domain boysmaster.com
1064[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1065[+] Getting nameservers
1066169.47.149.241 - ns2.onyx7.com
1067[+] Zone transfer sucessful using nameserver ns2.onyx7.com
1068boysmaster.com. 86400 IN SOA ns1.alpha-space.com. hostmaster.alpha-space.com. 2003091002 28800 7200 2592000 86400
1069boysmaster.com. 86400 IN MX 10 mail.alpha-space.com.
1070boysmaster.com. 86400 IN A 169.47.149.241
1071boysmaster.com. 86400 IN NS ns1.onyx7.com.
1072boysmaster.com. 86400 IN NS ns1.alpha-space.com.
1073boysmaster.com. 86400 IN NS ns2.onyx7.com.
1074boysmaster.com. 86400 IN NS ns2.alpha-space.com.
1075*.boysmaster.com. 3600 IN A 169.47.149.241
1076*.boysmaster.com. 3600 IN MX 10 mail.alpha-space.com.
1077ad.boysmaster.com. 600 IN A 169.47.149.241
1078cdn.boysmaster.com. 86400 IN A 169.47.149.241
1079new.boysmaster.com. 600 IN A 169.47.149.241
1080##################################################################################################################################
1081
1082Domains still to check: 1
1083 Checking if the hostname boysmaster.com. given is in fact a domain...
1084
1085Analyzing domain: boysmaster.com.
1086 Checking NameServers using system default resolver...
1087 IP: 169.47.149.241 (United States)
1088 HostName: ns2.onyx7.com Type: NS
1089 HostName: f1.95.2fa9.ip4.static.sl-reverse.com Type: PTR
1090 IP: 169.47.149.241 (United States)
1091 HostName: ns2.onyx7.com Type: NS
1092 HostName: f1.95.2fa9.ip4.static.sl-reverse.com Type: PTR
1093 HostName: ns2.alpha-space.com Type: NS
1094 IP: 209.95.51.189 (United States)
1095 HostName: ns1.onyx7.com Type: NS
1096 HostName: 209.95.51.189.static.midphase.com Type: PTR
1097 IP: 209.95.51.189 (United States)
1098 HostName: ns1.onyx7.com Type: NS
1099 HostName: 209.95.51.189.static.midphase.com Type: PTR
1100 HostName: ns1.alpha-space.com Type: NS
1101
1102 Checking MailServers using system default resolver...
1103 IP: 209.95.50.172 (United States)
1104 HostName: mail.alpha-space.com Type: MX
1105 HostName: d15f32ac.setaptr.net Type: PTR
1106 WARNING!! This domain has wildcards activated for hostnames resolution. We are checking "www" anyway, but perhaps it doesn't exists!
1107
1108 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
1109 Zone transfer successful on name server 169.47.149.241 (5 hosts)
1110 Zone transfer successful on name server 169.47.149.241 (5 hosts)
1111 No zone transfer found on nameserver 209.95.51.189
1112 No zone transfer found on nameserver 209.95.51.189
1113
1114 Checking SPF record...
1115 No SPF record
1116
1117 Checking 5 most common hostnames using system default resolver...
1118 IP: 169.47.149.241 (United States)
1119 HostName: ns2.onyx7.com Type: NS
1120 HostName: f1.95.2fa9.ip4.static.sl-reverse.com Type: PTR
1121 HostName: ns2.alpha-space.com Type: NS
1122 HostName: @.boysmaster.com. Type: A
1123 IP: 169.47.149.241 (United States)
1124 HostName: ns2.onyx7.com Type: NS
1125 HostName: f1.95.2fa9.ip4.static.sl-reverse.com Type: PTR
1126 HostName: ns2.alpha-space.com Type: NS
1127 HostName: @.boysmaster.com. Type: A
1128 HostName: *.boysmaster.com. Type: A
1129 IP: 169.47.149.241 (United States)
1130 HostName: ns2.onyx7.com Type: NS
1131 HostName: f1.95.2fa9.ip4.static.sl-reverse.com Type: PTR
1132 HostName: ns2.alpha-space.com Type: NS
1133 HostName: @.boysmaster.com. Type: A
1134 HostName: *.boysmaster.com. Type: A
1135 HostName: new.boysmaster.com. Type: A
1136 IP: 169.47.149.241 (United States)
1137 HostName: ns2.onyx7.com Type: NS
1138 HostName: f1.95.2fa9.ip4.static.sl-reverse.com Type: PTR
1139 HostName: ns2.alpha-space.com Type: NS
1140 HostName: @.boysmaster.com. Type: A
1141 HostName: *.boysmaster.com. Type: A
1142 HostName: new.boysmaster.com. Type: A
1143 HostName: ad.boysmaster.com. Type: A
1144 IP: 169.47.149.241 (United States)
1145 HostName: ns2.onyx7.com Type: NS
1146 HostName: f1.95.2fa9.ip4.static.sl-reverse.com Type: PTR
1147 HostName: ns2.alpha-space.com Type: NS
1148 HostName: @.boysmaster.com. Type: A
1149 HostName: *.boysmaster.com. Type: A
1150 HostName: new.boysmaster.com. Type: A
1151 HostName: ad.boysmaster.com. Type: A
1152 HostName: cdn.boysmaster.com. Type: A
1153
1154 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
1155 Checking netblock 169.47.149.0
1156 Checking netblock 209.95.51.0
1157 Checking netblock 209.95.50.0
1158
1159 Searching for boysmaster.com. emails in Google
1160
1161 Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
1162 Host 169.47.149.241 is up (reset ttl 64)
1163 Host 209.95.51.189 is up (echo-reply ttl 55)
1164 Host 209.95.50.172 is up (reset ttl 64)
1165
1166 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
1167 Scanning ip 169.47.149.241 (cdn.boysmaster.com.):
1168 22/tcp open ssh? syn-ack ttl 53
1169 |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1170 53/tcp open domain syn-ack ttl 52 ISC BIND 9.11.4-P2
1171 | dns-nsid:
1172 |_ bind.version: 9.11.4-P2
1173 80/tcp open http syn-ack ttl 52 nginx 1.14.0
1174 | http-methods:
1175 |_ Supported Methods: GET HEAD POST OPTIONS
1176 |_http-server-header: nginx/1.14.0
1177 |_http-title: !
1178 587/tcp open smtp syn-ack ttl 53 Sendmail 8.15.2/8.15.2
1179 | smtp-commands: t.alpha-space.com Hello r43.static.amanah.com [104.245.144.137] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE, DSN, STARTTLS, DELIVERBY, HELP,
1180 |_ 2.0.0 This is sendmail version 8.15.2 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP <topic>". 2.0.0 To report bugs in the implementation see 2.0.0 http://www.sendmail.org/email-addresses.html 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info
1181 | ssl-cert: Subject: commonName=host927589.mpdedicated.com/organizationName=Some-org/stateOrProvinceName=Some-state/countryName=XX
1182 | Issuer: commonName=host927589.mpdedicated.com/organizationName=Some-org/stateOrProvinceName=Some-state/countryName=XX
1183 | Public Key type: rsa
1184 | Public Key bits: 2048
1185 | Signature Algorithm: sha256WithRSAEncryption
1186 | Not valid before: 2018-10-25T22:15:02
1187 | Not valid after: 2019-10-25T22:15:02
1188 | MD5: a25a c3c6 5ddd b974 9a79 414f b78a c6b0
1189 |_SHA-1: 6640 beb2 b47c dc2f dc4f fa9f 90eb d4f1 c067 23d1
1190 |_ssl-date: TLS randomness does not represent time
1191 3306/tcp open mysql syn-ack ttl 51 MySQL (unauthorized)
1192 8888/tcp open ssh syn-ack ttl 53 OpenSSH 7.5 (FreeBSD 20170903; protocol 2.0)
1193 | ssh-hostkey:
1194 | 2048 96:ca:58:70:84:07:7b:a2:b5:e6:91:e9:69:c9:cd:4a (RSA)
1195 | 256 12:9c:a5:1c:cd:9c:53:5f:88:b5:d0:01:67:ba:ab:a8 (ECDSA)
1196 |_ 256 7f:4e:48:e1:79:74:c5:91:e7:fe:2d:ba:dd:e3:d6:bd (ED25519)
1197 | vulners:
1198 | cpe:/a:openbsd:openssh:7.5:
1199 | CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
1200 |_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1201 9999/tcp open http syn-ack ttl 52 Apache httpd (PHP 5.6.38)
1202 | http-methods:
1203 |_ Supported Methods: GET HEAD POST OPTIONS
1204 |_http-server-header: Apache
1205 |_http-title: Site doesn't have a title (text/html; charset=UTF-8).
1206 OS Info: Service Info: Host: t.alpha-space.com; OSs: Unix, FreeBSD; CPE: cpe:/o:freebsd:freebsd
1207 Scanning ip 209.95.51.189 (ns1.alpha-space.com):
1208 22/tcp open ssh? syn-ack ttl 55
1209 |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1210 53/tcp open domain syn-ack ttl 55 ISC BIND 9.11.2-P1
1211 | dns-nsid:
1212 |_ bind.version: 9.11.2-P1
1213 80/tcp open http syn-ack ttl 55 nginx
1214 |_http-favicon: Unknown favicon MD5: 6A212C80A05477E0440BEDC3EC1C92DA
1215 | http-methods:
1216 |_ Supported Methods: GET HEAD
1217 | http-robots.txt: 1 disallowed entry
1218 |_/
1219 |_http-title: Site doesn't have a title (text/html).
1220 587/tcp open smtp syn-ack ttl 55 Sendmail 8.15.2/8.15.2
1221 |_smtp-commands: leo.alpha-space.com Hello r43.static.amanah.com [104.245.144.137] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES,
1222 8888/tcp open ssh syn-ack ttl 55 OpenSSH 7.5 (FreeBSD 20170903; protocol 2.0)
1223 | ssh-hostkey:
1224 | 2048 80:83:8f:14:c8:c4:28:55:14:d1:f6:3a:14:fe:01:5b (RSA)
1225 | 256 6c:da:81:b2:09:a4:e0:de:56:85:14:a4:93:88:a6:0e (ECDSA)
1226 |_ 256 d5:2a:28:6f:4b:f2:c8:19:49:cf:bc:c6:43:ab:17:58 (ED25519)
1227 | vulners:
1228 | cpe:/a:openbsd:openssh:7.5:
1229 | CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
1230 |_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1231 OS Info: Service Info: Host: leo.alpha-space.com; OSs: Unix, FreeBSD; CPE: cpe:/o:freebsd:freebsd
1232 Scanning ip 209.95.50.172 (d15f32ac.setaptr.net (PTR)):
1233 22/tcp open ssh? syn-ack ttl 55
1234 |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1235 53/tcp open domain syn-ack ttl 55 ISC BIND 9.11.2-P1
1236 | dns-nsid:
1237 |_ bind.version: 9.11.2-P1
1238 587/tcp open smtp syn-ack ttl 55 Sendmail 8.15.2/8.15.2
1239 |_smtp-commands: leo.alpha-space.com Hello r43.static.amanah.com [104.245.144.137] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES,
1240 8888/tcp open ssh syn-ack ttl 55 OpenSSH 7.5 (FreeBSD 20170903; protocol 2.0)
1241 | ssh-hostkey:
1242 | 2048 80:83:8f:14:c8:c4:28:55:14:d1:f6:3a:14:fe:01:5b (RSA)
1243 | 256 6c:da:81:b2:09:a4:e0:de:56:85:14:a4:93:88:a6:0e (ECDSA)
1244 |_ 256 d5:2a:28:6f:4b:f2:c8:19:49:cf:bc:c6:43:ab:17:58 (ED25519)
1245 | vulners:
1246 | cpe:/a:openbsd:openssh:7.5:
1247 | CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
1248 |_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1249 OS Info: Service Info: Host: leo.alpha-space.com; OSs: Unix, FreeBSD; CPE: cpe:/o:freebsd:freebsd
1250 WebCrawling domain's web servers... up to 50 max links.
1251
1252 + URL to crawl: http://@.boysmaster.com.
1253 + Date: 2020-02-11
1254
1255 + Crawling URL: http://@.boysmaster.com.:
1256 + Links:
1257 + Crawling http://@.boysmaster.com. ([Errno -2] Name or service not known)
1258 + Searching for directories...
1259 + Searching open folders...
1260
1261
1262 + URL to crawl: http://cdn.boysmaster.com.
1263 + Date: 2020-02-11
1264
1265 + Crawling URL: http://cdn.boysmaster.com.:
1266 + Links:
1267 + Crawling http://cdn.boysmaster.com.
1268 + Searching for directories...
1269 + Searching open folders...
1270
1271
1272 + URL to crawl: http://ad.boysmaster.com.
1273 + Date: 2020-02-11
1274
1275 + Crawling URL: http://ad.boysmaster.com.:
1276 + Links:
1277 + Crawling http://ad.boysmaster.com.
1278 + Searching for directories...
1279 + Searching open folders...
1280
1281
1282 + URL to crawl: http://new.boysmaster.com.
1283 + Date: 2020-02-11
1284
1285 + Crawling URL: http://new.boysmaster.com.:
1286 + Links:
1287 + Crawling http://new.boysmaster.com.
1288 + Searching for directories...
1289 + Searching open folders...
1290
1291
1292 + URL to crawl: http://ns2.onyx7.com
1293 + Date: 2020-02-11
1294
1295 + Crawling URL: http://ns2.onyx7.com:
1296 + Links:
1297 + Crawling http://ns2.onyx7.com
1298 + Searching for directories...
1299 + Searching open folders...
1300
1301
1302 + URL to crawl: http://ns2.alpha-space.com
1303 + Date: 2020-02-11
1304
1305 + Crawling URL: http://ns2.alpha-space.com:
1306 + Links:
1307 + Crawling http://ns2.alpha-space.com
1308 + Searching for directories...
1309 + Searching open folders...
1310
1311
1312 + URL to crawl: http://*.boysmaster.com.
1313 + Date: 2020-02-11
1314
1315 + Crawling URL: http://*.boysmaster.com.:
1316 + Links:
1317 + Crawling http://*.boysmaster.com. ([Errno -2] Name or service not known)
1318 + Searching for directories...
1319 + Searching open folders...
1320
1321
1322 + URL to crawl: http://@.boysmaster.com.:9999
1323 + Date: 2020-02-11
1324
1325 + Crawling URL: http://@.boysmaster.com.:9999:
1326 + Links:
1327 + Crawling http://@.boysmaster.com.:9999 ([Errno -2] Name or service not known)
1328 + Searching for directories...
1329 + Searching open folders...
1330
1331
1332 + URL to crawl: http://cdn.boysmaster.com.:9999
1333 + Date: 2020-02-11
1334
1335 + Crawling URL: http://cdn.boysmaster.com.:9999:
1336 + Links:
1337 + Crawling http://cdn.boysmaster.com.:9999
1338 + Searching for directories...
1339 + Searching open folders...
1340
1341
1342 + URL to crawl: http://ad.boysmaster.com.:9999
1343 + Date: 2020-02-11
1344
1345 + Crawling URL: http://ad.boysmaster.com.:9999:
1346 + Links:
1347 + Crawling http://ad.boysmaster.com.:9999
1348 + Searching for directories...
1349 + Searching open folders...
1350
1351
1352 + URL to crawl: http://new.boysmaster.com.:9999
1353 + Date: 2020-02-11
1354
1355 + Crawling URL: http://new.boysmaster.com.:9999:
1356 + Links:
1357 + Crawling http://new.boysmaster.com.:9999
1358 + Searching for directories...
1359 + Searching open folders...
1360
1361
1362 + URL to crawl: http://ns2.onyx7.com:9999
1363 + Date: 2020-02-11
1364
1365 + Crawling URL: http://ns2.onyx7.com:9999:
1366 + Links:
1367 + Crawling http://ns2.onyx7.com:9999
1368 + Searching for directories...
1369 + Searching open folders...
1370
1371
1372 + URL to crawl: http://ns2.alpha-space.com:9999
1373 + Date: 2020-02-11
1374
1375 + Crawling URL: http://ns2.alpha-space.com:9999:
1376 + Links:
1377 + Crawling http://ns2.alpha-space.com:9999
1378 + Searching for directories...
1379 + Searching open folders...
1380
1381
1382 + URL to crawl: http://*.boysmaster.com.:9999
1383 + Date: 2020-02-11
1384
1385 + Crawling URL: http://*.boysmaster.com.:9999:
1386 + Links:
1387 + Crawling http://*.boysmaster.com.:9999 ([Errno -2] Name or service not known)
1388 + Searching for directories...
1389 + Searching open folders...
1390
1391
1392 + URL to crawl: http://ns1.alpha-space.com
1393 + Date: 2020-02-11
1394
1395 + Crawling URL: http://ns1.alpha-space.com:
1396 + Links:
1397 + Crawling http://ns1.alpha-space.com
1398 + Searching for directories...
1399 + Searching open folders...
1400
1401
1402 + URL to crawl: http://ns1.onyx7.com
1403 + Date: 2020-02-11
1404
1405 + Crawling URL: http://ns1.onyx7.com:
1406 + Links:
1407 + Crawling http://ns1.onyx7.com
1408 + Searching for directories...
1409 + Searching open folders...
1410
1411--Finished--
1412Summary information for domain boysmaster.com.
1413-----------------------------------------
1414
1415 Domain Ips Information:
1416 IP: 169.47.149.241
1417 HostName: ns2.onyx7.com Type: NS
1418 HostName: f1.95.2fa9.ip4.static.sl-reverse.com Type: PTR
1419 HostName: ns2.alpha-space.com Type: NS
1420 HostName: @.boysmaster.com. Type: A
1421 HostName: *.boysmaster.com. Type: A
1422 HostName: new.boysmaster.com. Type: A
1423 HostName: ad.boysmaster.com. Type: A
1424 HostName: cdn.boysmaster.com. Type: A
1425 Country: United States
1426 Zone Transfer: 5
1427 Zone Transfer: 5
1428 Is Active: True (reset ttl 64)
1429 Port: 22/tcp open ssh? syn-ack ttl 53
1430 Script Info: |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1431 Port: 53/tcp open domain syn-ack ttl 52 ISC BIND 9.11.4-P2
1432 Script Info: | dns-nsid:
1433 Script Info: |_ bind.version: 9.11.4-P2
1434 Port: 80/tcp open http syn-ack ttl 52 nginx 1.14.0
1435 Script Info: | http-methods:
1436 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1437 Script Info: |_http-server-header: nginx/1.14.0
1438 Script Info: |_http-title: !
1439 Port: 587/tcp open smtp syn-ack ttl 53 Sendmail 8.15.2/8.15.2
1440 Script Info: | smtp-commands: t.alpha-space.com Hello r43.static.amanah.com [104.245.144.137] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE, DSN, STARTTLS, DELIVERBY, HELP,
1441 Script Info: |_ 2.0.0 This is sendmail version 8.15.2 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP <topic>". 2.0.0 To report bugs in the implementation see 2.0.0 http://www.sendmail.org/email-addresses.html 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info
1442 Script Info: | ssl-cert: Subject: commonName=host927589.mpdedicated.com/organizationName=Some-org/stateOrProvinceName=Some-state/countryName=XX
1443 Script Info: | Issuer: commonName=host927589.mpdedicated.com/organizationName=Some-org/stateOrProvinceName=Some-state/countryName=XX
1444 Script Info: | Public Key type: rsa
1445 Script Info: | Public Key bits: 2048
1446 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1447 Script Info: | Not valid before: 2018-10-25T22:15:02
1448 Script Info: | Not valid after: 2019-10-25T22:15:02
1449 Script Info: | MD5: a25a c3c6 5ddd b974 9a79 414f b78a c6b0
1450 Script Info: |_SHA-1: 6640 beb2 b47c dc2f dc4f fa9f 90eb d4f1 c067 23d1
1451 Script Info: |_ssl-date: TLS randomness does not represent time
1452 Port: 3306/tcp open mysql syn-ack ttl 51 MySQL (unauthorized)
1453 Port: 8888/tcp open ssh syn-ack ttl 53 OpenSSH 7.5 (FreeBSD 20170903; protocol 2.0)
1454 Script Info: | ssh-hostkey:
1455 Script Info: | 2048 96:ca:58:70:84:07:7b:a2:b5:e6:91:e9:69:c9:cd:4a (RSA)
1456 Script Info: | 256 12:9c:a5:1c:cd:9c:53:5f:88:b5:d0:01:67:ba:ab:a8 (ECDSA)
1457 Script Info: |_ 256 7f:4e:48:e1:79:74:c5:91:e7:fe:2d:ba:dd:e3:d6:bd (ED25519)
1458 Script Info: | vulners:
1459 Script Info: | cpe:/a:openbsd:openssh:7.5:
1460 Script Info: | CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
1461 Script Info: |_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1462 Port: 9999/tcp open http syn-ack ttl 52 Apache httpd (PHP 5.6.38)
1463 Script Info: | http-methods:
1464 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1465 Script Info: |_http-server-header: Apache
1466 Script Info: |_http-title: Site doesn't have a title (text/html; charset=UTF-8).
1467 Os Info: Host: t.alpha-space.com; OSs: Unix, FreeBSD; CPE: cpe:/o:freebsd:freebsd
1468 IP: 209.95.51.189
1469 HostName: ns1.onyx7.com Type: NS
1470 HostName: 209.95.51.189.static.midphase.com Type: PTR
1471 HostName: ns1.alpha-space.com Type: NS
1472 Country: United States
1473 Is Active: True (echo-reply ttl 55)
1474 Port: 22/tcp open ssh? syn-ack ttl 55
1475 Script Info: |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1476 Port: 53/tcp open domain syn-ack ttl 55 ISC BIND 9.11.2-P1
1477 Script Info: | dns-nsid:
1478 Script Info: |_ bind.version: 9.11.2-P1
1479 Port: 80/tcp open http syn-ack ttl 55 nginx
1480 Script Info: |_http-favicon: Unknown favicon MD5: 6A212C80A05477E0440BEDC3EC1C92DA
1481 Script Info: | http-methods:
1482 Script Info: |_ Supported Methods: GET HEAD
1483 Script Info: | http-robots.txt: 1 disallowed entry
1484 Script Info: |_/
1485 Script Info: |_http-title: Site doesn't have a title (text/html).
1486 Port: 587/tcp open smtp syn-ack ttl 55 Sendmail 8.15.2/8.15.2
1487 Script Info: |_smtp-commands: leo.alpha-space.com Hello r43.static.amanah.com [104.245.144.137] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES,
1488 Port: 8888/tcp open ssh syn-ack ttl 55 OpenSSH 7.5 (FreeBSD 20170903; protocol 2.0)
1489 Script Info: | ssh-hostkey:
1490 Script Info: | 2048 80:83:8f:14:c8:c4:28:55:14:d1:f6:3a:14:fe:01:5b (RSA)
1491 Script Info: | 256 6c:da:81:b2:09:a4:e0:de:56:85:14:a4:93:88:a6:0e (ECDSA)
1492 Script Info: |_ 256 d5:2a:28:6f:4b:f2:c8:19:49:cf:bc:c6:43:ab:17:58 (ED25519)
1493 Script Info: | vulners:
1494 Script Info: | cpe:/a:openbsd:openssh:7.5:
1495 Script Info: | CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
1496 Script Info: |_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1497 Os Info: Host: leo.alpha-space.com; OSs: Unix, FreeBSD; CPE: cpe:/o:freebsd:freebsd
1498 IP: 209.95.50.172
1499 HostName: mail.alpha-space.com Type: MX
1500 HostName: d15f32ac.setaptr.net Type: PTR
1501 Country: United States
1502 Is Active: True (reset ttl 64)
1503 Port: 22/tcp open ssh? syn-ack ttl 55
1504 Script Info: |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1505 Port: 53/tcp open domain syn-ack ttl 55 ISC BIND 9.11.2-P1
1506 Script Info: | dns-nsid:
1507 Script Info: |_ bind.version: 9.11.2-P1
1508 Port: 587/tcp open smtp syn-ack ttl 55 Sendmail 8.15.2/8.15.2
1509 Script Info: |_smtp-commands: leo.alpha-space.com Hello r43.static.amanah.com [104.245.144.137] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES,
1510 Port: 8888/tcp open ssh syn-ack ttl 55 OpenSSH 7.5 (FreeBSD 20170903; protocol 2.0)
1511 Script Info: | ssh-hostkey:
1512 Script Info: | 2048 80:83:8f:14:c8:c4:28:55:14:d1:f6:3a:14:fe:01:5b (RSA)
1513 Script Info: | 256 6c:da:81:b2:09:a4:e0:de:56:85:14:a4:93:88:a6:0e (ECDSA)
1514 Script Info: |_ 256 d5:2a:28:6f:4b:f2:c8:19:49:cf:bc:c6:43:ab:17:58 (ED25519)
1515 Script Info: | vulners:
1516 Script Info: | cpe:/a:openbsd:openssh:7.5:
1517 Script Info: | CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
1518 Script Info: |_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1519 Os Info: Host: leo.alpha-space.com; OSs: Unix, FreeBSD; CPE: cpe:/o:freebsd:freebsd
1520
1521--------------End Summary --------------
1522-----------------------------------------
1523###################################################################################################################################
1524traceroute to boysmaster.com (169.47.149.241), 30 hops max, 60 byte packets
1525 1 10.247.204.1 (10.247.204.1) 30.064 ms 60.768 ms 90.168 ms
1526 2 R43.static.amanah.com (104.245.144.129) 90.267 ms 90.242 ms 90.217 ms
1527 3 te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113) 90.070 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9) 90.067 ms 90.039 ms
1528 4 toro-b3-link.telia.net (62.115.187.238) 89.967 ms 89.943 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37) 89.953 ms
1529 5 te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161) 89.906 ms toro-b1-link.telia.net (62.115.116.181) 89.783 ms 89.757 ms
1530 6 softlayer-ic-310012-toro-b1.c.telia.net (213.248.89.182) 171.486 ms softlayer-ic-309536-toro-b1.c.telia.net (62.115.51.98) 69.924 ms 93.569 ms
1531 7 ae-0-11.bar1.Toronto1.Level3.net (4.69.151.241) 61.905 ms 93.436 ms ae-1-9.bar1.Toronto1.Level3.net (4.69.151.109) 93.426 ms
1532 8 ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126) 93.420 ms 93.413 ms ae7.bbr02.cl01.mon02.networklayer.com (50.97.19.131) 123.604 ms
1533 9 ae7.bbr02.cl01.tor02.networklayer.com (50.97.19.13) 123.584 ms 123.562 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129) 93.293 ms
153410 ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126) 93.270 ms 93.251 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129) 93.163 ms
153511 ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38) 123.320 ms 123.318 ms ae7.bbr02.cl01.mon02.networklayer.com (50.97.19.131) 65.795 ms
153612 ae2.dar04.wdc04.networklayer.com (169.45.18.237) 99.723 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129) 113.594 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188) 99.600 ms
153713 ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38) 113.586 ms 113.547 ms 113.557 ms
153814 po1002.fcr03b.wdc04.networklayer.com (169.55.118.211) 99.603 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188) 99.614 ms po1004.fcr03b.wdc04.networklayer.com (169.55.118.215) 99.575 ms
153915 ae2.dar03.wdc04.networklayer.com (169.45.18.235) 99.474 ms ae2.dar04.wdc04.networklayer.com (169.45.18.237) 99.563 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241) 99.346 ms
1540###################################################################################################################################
1541----- boysmaster.com -----
1542
1543
1544Host's addresses:
1545__________________
1546
1547boysmaster.com. 85532 IN A 169.47.149.241
1548
1549
1550Wildcard detection using: syrjwxsdvkew
1551_______________________________________
1552
1553syrjwxsdvkew.boysmaster.com. 3600 IN A 169.47.149.241
1554
1555
1556!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1557
1558 Wildcards detected, all subdomains will point to the same IP address
1559 Omitting results containing 169.47.149.241.
1560 Maybe you are using OpenDNS servers.
1561
1562!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1563
1564
1565Name Servers:
1566______________
1567
1568ns1.alpha-space.com. 85535 IN A 209.95.51.189
1569ns1.onyx7.com. 85532 IN A 209.95.51.189
1570
1571
1572Mail (MX) Servers:
1573___________________
1574
1575mail.alpha-space.com. 3312 IN A 209.95.50.172
1576
1577
1578Trying Zone Transfers and getting Bind Versions:
1579_________________________________________________
1580
1581
1582Trying Zone Transfer for boysmaster.com on ns2.onyx7.com ...
1583boysmaster.com. 86400 IN SOA (
1584boysmaster.com. 86400 IN MX 10
1585boysmaster.com. 86400 IN A 169.47.149.241
1586boysmaster.com. 86400 IN NS ns1.onyx7.com.
1587boysmaster.com. 86400 IN NS ns1.alpha-space.com.
1588boysmaster.com. 86400 IN NS ns2.onyx7.com.
1589boysmaster.com. 86400 IN NS ns2.alpha-space.com.
1590*.boysmaster.com. 3600 IN A 169.47.149.241
1591*.boysmaster.com. 3600 IN MX 10
1592ad.boysmaster.com. 600 IN A 169.47.149.241
1593cdn.boysmaster.com. 86400 IN A 169.47.149.241
1594new.boysmaster.com. 600 IN A 169.47.149.241
1595
1596Trying Zone Transfer for boysmaster.com on ns2.alpha-space.com ...
1597boysmaster.com. 86400 IN SOA (
1598boysmaster.com. 86400 IN MX 10
1599boysmaster.com. 86400 IN A 169.47.149.241
1600boysmaster.com. 86400 IN NS ns1.onyx7.com.
1601boysmaster.com. 86400 IN NS ns1.alpha-space.com.
1602boysmaster.com. 86400 IN NS ns2.onyx7.com.
1603boysmaster.com. 86400 IN NS ns2.alpha-space.com.
1604*.boysmaster.com. 3600 IN A 169.47.149.241
1605*.boysmaster.com. 3600 IN MX 10
1606ad.boysmaster.com. 600 IN A 169.47.149.241
1607cdn.boysmaster.com. 86400 IN A 169.47.149.241
1608new.boysmaster.com. 600 IN A 169.47.149.241
1609
1610
1611Brute forcing with /usr/share/dnsenum/dns.txt:
1612_______________________________________________
1613
1614
1615
1616Launching Whois Queries:
1617_________________________
1618
1619 whois ip result: 169.47.149.0 -> 169.47.149.0/28
1620
1621
1622boysmaster.com______________
1623
1624 169.47.149.0/28
1625###################################################################################################################################
1626dnsenum VERSION:1.2.6
1627
1628----- boysmaster.com -----
1629
1630
1631Host's addresses:
1632__________________
1633
1634boysmaster.com. 85820 IN A 169.47.149.241
1635
1636
1637Wildcard detection using: xbfmyzugtkmf
1638_______________________________________
1639
1640xbfmyzugtkmf.boysmaster.com. 3600 IN A 169.47.149.241
1641
1642
1643!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1644
1645 Wildcards detected, all subdomains will point to the same IP address
1646 Omitting results containing 169.47.149.241.
1647 Maybe you are using OpenDNS servers.
1648
1649!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1650
1651
1652Name Servers:
1653______________
1654
1655ns1.onyx7.com. 85820 IN A 209.95.51.189
1656ns1.alpha-space.com. 85823 IN A 209.95.51.189
1657
1658
1659Mail (MX) Servers:
1660___________________
1661
1662mail.alpha-space.com. 3600 IN A 209.95.50.172
1663
1664
1665Trying Zone Transfers and getting Bind Versions:
1666_________________________________________________
1667
1668
1669Trying Zone Transfer for boysmaster.com on ns1.onyx7.com ...
1670
1671Trying Zone Transfer for boysmaster.com on ns2.alpha-space.com ...
1672boysmaster.com. 86400 IN SOA (
1673boysmaster.com. 86400 IN MX 10
1674boysmaster.com. 86400 IN A 169.47.149.241
1675boysmaster.com. 86400 IN NS ns1.onyx7.com.
1676boysmaster.com. 86400 IN NS ns1.alpha-space.com.
1677boysmaster.com. 86400 IN NS ns2.onyx7.com.
1678boysmaster.com. 86400 IN NS ns2.alpha-space.com.
1679*.boysmaster.com. 3600 IN A 169.47.149.241
1680*.boysmaster.com. 3600 IN MX 10
1681ad.boysmaster.com. 600 IN A 169.47.149.241
1682cdn.boysmaster.com. 86400 IN A 169.47.149.241
1683new.boysmaster.com. 600 IN A 169.47.149.241
1684
1685Trying Zone Transfer for boysmaster.com on ns2.onyx7.com ...
1686boysmaster.com. 86400 IN SOA (
1687boysmaster.com. 86400 IN MX 10
1688boysmaster.com. 86400 IN A 169.47.149.241
1689boysmaster.com. 86400 IN NS ns1.onyx7.com.
1690boysmaster.com. 86400 IN NS ns1.alpha-space.com.
1691boysmaster.com. 86400 IN NS ns2.onyx7.com.
1692boysmaster.com. 86400 IN NS ns2.alpha-space.com.
1693*.boysmaster.com. 3600 IN A 169.47.149.241
1694*.boysmaster.com. 3600 IN MX 10
1695ad.boysmaster.com. 600 IN A 169.47.149.241
1696cdn.boysmaster.com. 86400 IN A 169.47.149.241
1697new.boysmaster.com. 600 IN A 169.47.149.241
1698
1699Trying Zone Transfer for boysmaster.com on ns1.alpha-space.com ...
1700
1701
1702Brute forcing with /usr/share/sniper/wordlists/vhosts.txt:
1703___________________________________________________________
1704
1705
1706
1707boysmaster.com class C netranges:
1708__________________________________
1709
1710 169.47.149.0/24
1711
1712
1713boysmaster.com ip blocks:
1714__________________________
1715
1716 169.47.149.241/32
1717
1718done.
1719####################################################################################################################################
1720URLCrazy Domain Report
1721Domain : boysmaster.com
1722Keyboard : qwerty
1723At : 2020-02-11 01:17:26 -0500
1724
1725# Please wait. 136 hostnames to process
1726
1727Typo Type Typo DNS-A CC-A DNS-MX Extn
1728----------------------------------------------------------------------------------------------------------
1729Character Omission bosmaster.com ? com
1730Character Omission boymaster.com 23.20.239.12 US,UNITED STATES com
1731Character Omission boysaster.com ? com
1732Character Omission boysmaser.com ? com
1733Character Omission boysmaste.com ? com
1734Character Omission boysmaster.cm ? cm
1735Character Omission boysmastr.com ? com
1736Character Omission boysmater.com ? com
1737Character Omission boysmster.com ? com
1738Character Omission bysmaster.com ? com
1739Character Repeat bboysmaster.com ? com
1740Character Repeat booysmaster.com ? com
1741Character Repeat boysmaaster.com ? com
1742Character Repeat boysmasster.com ? com
1743Character Repeat boysmasteer.com ? com
1744Character Repeat boysmasterr.com ? com
1745Character Repeat boysmastter.com ? com
1746Character Repeat boysmmaster.com ? com
1747Character Repeat boyssmaster.com ? com
1748Character Repeat boyysmaster.com ? com
1749Character Swap bosymaster.com ? com
1750Character Swap boymsaster.com ? com
1751Character Swap boysamster.com ? com
1752Character Swap boysmasetr.com ? com
1753Character Swap boysmastre.com ? com
1754Character Swap boysmatser.com ? com
1755Character Swap boysmsater.com ? com
1756Character Swap byosmaster.com ? com
1757Character Swap obysmaster.com ? com
1758Character Replacement biysmaster.com ? com
1759Character Replacement botsmaster.com ? com
1760Character Replacement bousmaster.com ? com
1761Character Replacement boyamaster.com ? com
1762Character Replacement boydmaster.com ? com
1763Character Replacement boysmaater.com ? com
1764Character Replacement boysmadter.com ? com
1765Character Replacement boysmasrer.com ? com
1766Character Replacement boysmastee.com ? com
1767Character Replacement boysmastet.com ? com
1768Character Replacement boysmastrr.com ? com
1769Character Replacement boysmastwr.com ? com
1770Character Replacement boysmasyer.com ? com
1771Character Replacement boysmsster.com ? com
1772Character Replacement boysnaster.com ? com
1773Character Replacement bpysmaster.com ? com
1774Character Replacement noysmaster.com ? com
1775Character Replacement voysmaster.com ? com
1776Character Insertion bnoysmaster.com ? com
1777Character Insertion boiysmaster.com ? com
1778Character Insertion bopysmaster.com ? com
1779Character Insertion boysamaster.com ? com
1780Character Insertion boysdmaster.com ? com
1781Character Insertion boysmasater.com ? com
1782Character Insertion boysmasdter.com ? com
1783Character Insertion boysmastere.com ? com
1784Character Insertion boysmastert.com ? com
1785Character Insertion boysmastewr.com ? com
1786Character Insertion boysmastrer.com ? com
1787Character Insertion boysmastyer.com ? com
1788Character Insertion boysmnaster.com ? com
1789Character Insertion boytsmaster.com ? com
1790Character Insertion boyusmaster.com ? com
1791Character Insertion bvoysmaster.com ? com
1792Missing Dot boysmastercom.com ? com
1793Missing Dot wwwboysmaster.com ? com
1794Singular or Pluralise boysmasters.com 184.168.131.241 US,UNITED STATES smtp.secureserver.net com
1795Vowel Swap boysmastar.com ? com
1796Vowel Swap boysmastir.com ? com
1797Vowel Swap boysmastor.com ? com
1798Vowel Swap boysmastur.com ? com
1799Vowel Swap boysmester.com ? com
1800Vowel Swap boysmister.com ? com
1801Vowel Swap boysmoster.com ? com
1802Vowel Swap boysmuster.com ? com
1803Homophones boysmasseder.com ? com
1804Homophones buoysmaster.com ? com
1805Bit Flipping bgysmaster.com ? com
1806Bit Flipping bkysmaster.com ? com
1807Bit Flipping bmysmaster.com ? com
1808Bit Flipping bnysmaster.com ? com
1809Bit Flipping bo9smaster.com ? com
1810Bit Flipping boismaster.com ? com
1811Bit Flipping boqsmaster.com 184.168.221.40 US,UNITED STATES com
1812Bit Flipping boxsmaster.com ? com
1813Bit Flipping boy3master.com ? com
1814Bit Flipping boycmaster.com ? com
1815Bit Flipping boyqmaster.com ? com
1816Bit Flipping boyrmaster.com ? com
1817Bit Flipping boys-aster.com ? com
1818Bit Flipping boyseaster.com ? com
1819Bit Flipping boysiaster.com ? com
1820Bit Flipping boyslaster.com ? com
1821Bit Flipping boysma3ter.com ? com
1822Bit Flipping boysmacter.com ? com
1823Bit Flipping boysmaqter.com ? com
1824Bit Flipping boysmarter.com 23.20.239.12 US,UNITED STATES com
1825Bit Flipping boysmas4er.com ? com
1826Bit Flipping boysmasder.com ? com
1827Bit Flipping boysmasper.com ? com
1828Bit Flipping boysmastdr.com ? com
1829Bit Flipping boysmaste2.com ? com
1830Bit Flipping boysmasteb.com ? com
1831Bit Flipping boysmastep.com ? com
1832Bit Flipping boysmastes.com ? com
1833Bit Flipping boysmastev.com ? com
1834Bit Flipping boysmastez.com ? com
1835Bit Flipping boysmastgr.com ? com
1836Bit Flipping boysmastmr.com ? com
1837Bit Flipping boysmasuer.com ? com
1838Bit Flipping boysmasver.com ? com
1839Bit Flipping boysmawter.com ? com
1840Bit Flipping boysmcster.com ? com
1841Bit Flipping boysmqster.com ? com
1842Bit Flipping boysoaster.com ? com
1843Bit Flipping boywmaster.com ? com
1844Bit Flipping coysmaster.com ? com
1845Bit Flipping foysmaster.com ? com
1846Bit Flipping joysmaster.com ? com
1847Bit Flipping roysmaster.com ? com
1848Homoglyphs b0ysmaster.com ? com
1849Homoglyphs boysrnaster.com ? com
1850Wrong TLD boysmaster.ca ? ca
1851Wrong TLD boysmaster.ch ? ch
1852Wrong TLD boysmaster.de ? de
1853Wrong TLD boysmaster.edu ? edu
1854Wrong TLD boysmaster.es ? es
1855Wrong TLD boysmaster.fr ? fr
1856Wrong TLD boysmaster.it ? it
1857Wrong TLD boysmaster.jp ? jp
1858Wrong TLD boysmaster.net ? net
1859Wrong TLD boysmaster.nl ? nl
1860Wrong TLD boysmaster.no ? no
1861Wrong TLD boysmaster.org ? org
1862Wrong TLD boysmaster.ru ? ru
1863Wrong TLD boysmaster.se ? se
1864Wrong TLD boysmaster.us ? us
1865####################################################################################################################################
1866[-] Enumerating subdomains now for boysmaster.com
1867[-] verbosity is enabled, will show the subdomains results in realtime
1868[-] Searching now in Baidu..
1869[-] Searching now in Yahoo..
1870[-] Searching now in Google..
1871[-] Searching now in Bing..
1872[-] Searching now in Ask..
1873[-] Searching now in Netcraft..
1874[-] Searching now in DNSdumpster..
1875[-] Searching now in Virustotal..
1876[-] Searching now in ThreatCrowd..
1877[-] Searching now in SSL Certificates..
1878[-] Searching now in PassiveDNS..
1879Virustotal: www.boysmaster.com
1880DNSdumpster: www.boysmaster.com
1881Yahoo: www.boysmaster.com
1882[-] Saving results to file: /usr/share/sniper/loot/workspace/boysmaster.com/domains/domains-boysmaster.com.txt
1883[-] Total Unique Subdomains Found: 1
1884www.boysmaster.com
1885####################################################################################################################################
1886[*] Processing domain boysmaster.com
1887[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1888[+] Getting nameservers
1889169.47.149.241 - ns2.onyx7.com
1890[+] Zone transfer sucessful using nameserver ns2.onyx7.com
1891boysmaster.com. 86400 IN SOA ns1.alpha-space.com. hostmaster.alpha-space.com. 2003091002 28800 7200 2592000 86400
1892boysmaster.com. 86400 IN MX 10 mail.alpha-space.com.
1893boysmaster.com. 86400 IN A 169.47.149.241
1894boysmaster.com. 86400 IN NS ns1.onyx7.com.
1895boysmaster.com. 86400 IN NS ns1.alpha-space.com.
1896boysmaster.com. 86400 IN NS ns2.onyx7.com.
1897boysmaster.com. 86400 IN NS ns2.alpha-space.com.
1898*.boysmaster.com. 3600 IN A 169.47.149.241
1899*.boysmaster.com. 3600 IN MX 10 mail.alpha-space.com.
1900ad.boysmaster.com. 600 IN A 169.47.149.241
1901cdn.boysmaster.com. 86400 IN A 169.47.149.241
1902new.boysmaster.com. 600 IN A 169.47.149.241
1903###################################################################################################################################
1904[+] boysmaster.com has no SPF record!
1905[*] No DMARC record found. Looking for organizational record
1906[+] No organizational DMARC record
1907[+] Spoofing possible for boysmaster.com!
1908###################################################################################################################################
1909WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1910Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:20 EST
1911Nmap scan report for boysmaster.com (169.47.149.241)
1912Host is up (0.063s latency).
1913rDNS record for 169.47.149.241: f1.95.2fa9.ip4.static.sl-reverse.com
1914Not shown: 334 closed ports, 154 filtered ports
1915Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1916PORT STATE SERVICE
191722/tcp open ssh
191853/tcp open domain
191980/tcp open http
1920222/tcp open rsh-spx
1921587/tcp open submission
19223306/tcp open mysql
19238888/tcp open sun-answerbook
19249999/tcp open abyss
1925
1926Nmap done: 1 IP address (1 host up) scanned in 2.15 seconds
1927###################################################################################################################################
1928Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:20 EST
1929Nmap scan report for boysmaster.com (169.47.149.241)
1930Host is up (0.085s latency).
1931rDNS record for 169.47.149.241: f1.95.2fa9.ip4.static.sl-reverse.com
1932Not shown: 10 closed ports, 2 filtered ports
1933PORT STATE SERVICE
193453/udp open|filtered domain
1935123/udp open|filtered ntp
1936161/udp open|filtered snmp
1937
1938Nmap done: 1 IP address (1 host up) scanned in 1.63 seconds
1939####################################################################################################################################
1940Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:20 EST
1941NSE: Loaded 51 scripts for scanning.
1942NSE: Script Pre-scanning.
1943Initiating NSE at 01:20
1944Completed NSE at 01:20, 0.00s elapsed
1945Initiating NSE at 01:20
1946Completed NSE at 01:20, 0.00s elapsed
1947Initiating Parallel DNS resolution of 1 host. at 01:20
1948Completed Parallel DNS resolution of 1 host. at 01:20, 0.02s elapsed
1949Initiating SYN Stealth Scan at 01:20
1950Scanning boysmaster.com (169.47.149.241) [1 port]
1951Discovered open port 22/tcp on 169.47.149.241
1952Completed SYN Stealth Scan at 01:20, 0.08s elapsed (1 total ports)
1953Initiating Service scan at 01:20
1954Scanning 1 service on boysmaster.com (169.47.149.241)
1955Completed Service scan at 01:22, 153.36s elapsed (1 service on 1 host)
1956Initiating OS detection (try #1) against boysmaster.com (169.47.149.241)
1957Retrying OS detection (try #2) against boysmaster.com (169.47.149.241)
1958Initiating Traceroute at 01:23
1959Completed Traceroute at 01:23, 0.20s elapsed
1960Initiating Parallel DNS resolution of 16 hosts. at 01:23
1961Completed Parallel DNS resolution of 16 hosts. at 01:23, 0.28s elapsed
1962NSE: Script scanning 169.47.149.241.
1963Initiating NSE at 01:23
1964Completed NSE at 01:23, 5.29s elapsed
1965Initiating NSE at 01:23
1966Completed NSE at 01:23, 1.13s elapsed
1967Nmap scan report for boysmaster.com (169.47.149.241)
1968Host is up (0.082s latency).
1969rDNS record for 169.47.149.241: f1.95.2fa9.ip4.static.sl-reverse.com
1970
1971PORT STATE SERVICE VERSION
197222/tcp open ssh?
1973|_ssh-auth-methods: ERROR: Script execution failed (use -d to debug)
1974|_ssh-brute: ERROR: Script execution failed (use -d to debug)
1975|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1976|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
1977|_ssh-run: ERROR: Script execution failed (use -d to debug)
1978Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1979Aggressive OS guesses: FreeBSD 11.0-RELEASE (95%), FreeBSD 11.0-STABLE (95%), FreeBSD 11.0-RELEASE - 12.0-CURRENT (93%), FreeBSD 8.2-STABLE (90%), FreeBSD 11.0-CURRENT (89%), Vodavi XTS-IP PBX (89%), FreeBSD 7.0-STABLE (88%), Crestron XPanel control system (87%), OpenBSD 4.0 (x86) (87%), FreeBSD 7.0-RELEASE (87%)
1980No exact OS matches for host (test conditions non-ideal).
1981Uptime guess: 0.000 days (since Tue Feb 11 01:22:59 2020)
1982Network Distance: 16 hops
1983TCP Sequence Prediction: Difficulty=253 (Good luck!)
1984IP ID Sequence Generation: All zeros
1985
1986TRACEROUTE (using port 22/tcp)
1987HOP RTT ADDRESS
19881 88.18 ms 10.247.204.1
19892 88.22 ms R43.static.amanah.com (104.245.144.129)
19903 88.27 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
19914 88.80 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
19925 89.01 ms toro-b1-link.telia.net (62.115.116.181)
19936 109.60 ms ae-4.bar4.Toronto1.Level3.net (4.68.38.245)
19947 79.01 ms ae-1-9.bar1.Toronto1.Level3.net (4.69.151.109)
19958 139.62 ms 4.16.48.14
19969 139.61 ms ae7.bbr02.cl01.tor02.networklayer.com (50.97.19.13)
199710 109.71 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
199811 109.70 ms ae7.bbr02.cl01.mon02.networklayer.com (50.97.19.131)
199912 109.69 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
200013 109.67 ms ae2.dar03.wdc04.networklayer.com (169.45.18.235)
200114 109.69 ms 8d.76.3fa9.ip4.static.sl-reverse.com (169.63.118.141)
200215 48.07 ms po1003.fcr03b.wdc04.networklayer.com (169.55.118.213)
200316 88.24 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
2004
2005NSE: Script Post-scanning.
2006Initiating NSE at 01:23
2007Completed NSE at 01:23, 0.00s elapsed
2008Initiating NSE at 01:23
2009Completed NSE at 01:23, 0.00s elapsed
2010####################################################################################################################################
2011USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
2012RHOSTS => boysmaster.com
2013RHOST => boysmaster.com
2014[*] 169.47.149.241:22 - SSH - Using malformed packet technique
2015[*] 169.47.149.241:22 - SSH - Starting scan
2016[-] 169.47.149.241:22 - SSH - User 'admin' not found
2017[-] 169.47.149.241:22 - SSH - User 'administrator' not found
2018[-] 169.47.149.241:22 - SSH - User 'anonymous' not found
2019[-] 169.47.149.241:22 - SSH - User 'backup' not found
2020[-] 169.47.149.241:22 - SSH - User 'bee' not found
2021[-] 169.47.149.241:22 - SSH - User 'ftp' not found
2022[-] 169.47.149.241:22 - SSH - User 'guest' not found
2023[-] 169.47.149.241:22 - SSH - User 'GUEST' not found
2024[-] 169.47.149.241:22 - SSH - User 'info' not found
2025[-] 169.47.149.241:22 - SSH - User 'mail' not found
2026[-] 169.47.149.241:22 - SSH - User 'mailadmin' not found
2027[-] 169.47.149.241:22 - SSH - User 'msfadmin' not found
2028[-] 169.47.149.241:22 - SSH - User 'mysql' not found
2029[-] 169.47.149.241:22 - SSH - User 'nobody' not found
2030[-] 169.47.149.241:22 - SSH - User 'oracle' not found
2031[-] 169.47.149.241:22 - SSH - User 'owaspbwa' not found
2032[-] 169.47.149.241:22 - SSH - User 'postfix' not found
2033[-] 169.47.149.241:22 - SSH - User 'postgres' not found
2034[-] 169.47.149.241:22 - SSH - User 'private' not found
2035[-] 169.47.149.241:22 - SSH - User 'proftpd' not found
2036[-] 169.47.149.241:22 - SSH - User 'public' not found
2037[-] 169.47.149.241:22 - SSH - User 'root' not found
2038[-] 169.47.149.241:22 - SSH - User 'superadmin' not found
2039[-] 169.47.149.241:22 - SSH - User 'support' not found
2040[-] 169.47.149.241:22 - SSH - User 'sys' not found
2041[-] 169.47.149.241:22 - SSH - User 'system' not found
2042[-] 169.47.149.241:22 - SSH - User 'systemadmin' not found
2043[-] 169.47.149.241:22 - SSH - User 'systemadministrator' not found
2044[-] 169.47.149.241:22 - SSH - User 'test' not found
2045[-] 169.47.149.241:22 - SSH - User 'tomcat' not found
2046[-] 169.47.149.241:22 - SSH - User 'user' not found
2047[-] 169.47.149.241:22 - SSH - User 'webmaster' not found
2048[-] 169.47.149.241:22 - SSH - User 'www-data' not found
2049[-] 169.47.149.241:22 - SSH - User 'Fortimanager_Access' not found
2050[*] Scanned 1 of 1 hosts (100% complete)
2051[*] Auxiliary module execution completed
2052###################################################################################################################################
2053Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:26 EST
2054NSE: Loaded 64 scripts for scanning.
2055NSE: Script Pre-scanning.
2056Initiating NSE at 01:26
2057Completed NSE at 01:26, 0.00s elapsed
2058Initiating NSE at 01:26
2059Completed NSE at 01:26, 0.00s elapsed
2060Initiating Parallel DNS resolution of 1 host. at 01:26
2061Completed Parallel DNS resolution of 1 host. at 01:26, 0.02s elapsed
2062Initiating SYN Stealth Scan at 01:26
2063Scanning boysmaster.com (169.47.149.241) [1 port]
2064Discovered open port 53/tcp on 169.47.149.241
2065Completed SYN Stealth Scan at 01:26, 0.08s elapsed (1 total ports)
2066Initiating Service scan at 01:26
2067Scanning 1 service on boysmaster.com (169.47.149.241)
2068Completed Service scan at 01:26, 6.21s elapsed (1 service on 1 host)
2069Initiating OS detection (try #1) against boysmaster.com (169.47.149.241)
2070Retrying OS detection (try #2) against boysmaster.com (169.47.149.241)
2071Initiating Traceroute at 01:26
2072Completed Traceroute at 01:26, 0.27s elapsed
2073Initiating Parallel DNS resolution of 15 hosts. at 01:26
2074Completed Parallel DNS resolution of 15 hosts. at 01:26, 0.37s elapsed
2075NSE: Script scanning 169.47.149.241.
2076Initiating NSE at 01:26
2077Completed NSE at 01:27, 10.88s elapsed
2078Initiating NSE at 01:27
2079Completed NSE at 01:27, 0.00s elapsed
2080Nmap scan report for boysmaster.com (169.47.149.241)
2081Host is up (0.085s latency).
2082rDNS record for 169.47.149.241: f1.95.2fa9.ip4.static.sl-reverse.com
2083
2084PORT STATE SERVICE VERSION
208553/tcp open domain ISC BIND 9.11.4-P2
2086|_dns-fuzz: Server didn't response to our probe, can't fuzz
2087| dns-nsec-enum:
2088|_ No NSEC records found
2089| dns-nsec3-enum:
2090|_ DNSSEC NSEC3 not supported
2091| dns-nsid:
2092|_ bind.version: 9.11.4-P2
2093| dns-zone-transfer:
2094| boysmaster.com. SOA ns1.alpha-space.com. hostmaster.alpha-space.com.
2095| boysmaster.com. MX 10 mail.alpha-space.com.
2096| boysmaster.com. A 169.47.149.241
2097| boysmaster.com. NS ns1.onyx7.com.
2098| boysmaster.com. NS ns1.alpha-space.com.
2099| boysmaster.com. NS ns2.onyx7.com.
2100| boysmaster.com. NS ns2.alpha-space.com.
2101| *.boysmaster.com. A 169.47.149.241
2102| *.boysmaster.com. MX 10 mail.alpha-space.com.
2103| ad.boysmaster.com. A 169.47.149.241
2104| cdn.boysmaster.com. A 169.47.149.241
2105| new.boysmaster.com. A 169.47.149.241
2106|_boysmaster.com. SOA ns1.alpha-space.com. hostmaster.alpha-space.com.
2107Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2108Aggressive OS guesses: FreeBSD 11.0-RELEASE (94%), FreeBSD 11.0-STABLE (94%), FreeBSD 11.0-RELEASE - 12.0-CURRENT (92%), Vodavi XTS-IP PBX (89%), FreeBSD 8.2-STABLE (89%), FreeBSD 11.0-CURRENT (88%), FreeBSD 7.0-RELEASE (87%), FreeBSD 7.0-STABLE (87%), OpenBSD 4.0 (x86) (86%), Crestron XPanel control system (86%)
2109No exact OS matches for host (test conditions non-ideal).
2110Uptime guess: 0.000 days (since Tue Feb 11 01:26:35 2020)
2111Network Distance: 16 hops
2112TCP Sequence Prediction: Difficulty=257 (Good luck!)
2113IP ID Sequence Generation: All zeros
2114
2115Host script results:
2116| dns-brute:
2117|_ DNS Brute-force hostnames: No results.
2118
2119TRACEROUTE (using port 53/tcp)
2120HOP RTT ADDRESS
21211 93.07 ms 10.247.204.1
21222 174.83 ms R43.static.amanah.com (104.245.144.129)
21233 174.90 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
21244 174.92 ms toro-b3-link.telia.net (62.115.187.238)
21255 174.90 ms toro-b1-link.telia.net (62.115.116.181)
21266 174.96 ms ae-4.bar4.Toronto1.Level3.net (4.68.38.245)
21277 175.03 ms ae-1-9.bar1.Toronto1.Level3.net (4.69.151.109)
21288 92.77 ms 4.16.48.14
21299 84.52 ms ae7.bbr02.cl01.mon02.networklayer.com (50.97.19.131)
213010 84.54 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
213111 84.49 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
213212 84.46 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
213313 84.40 ms 89.76.3fa9.ip4.static.sl-reverse.com (169.63.118.137)
213414 84.42 ms po1003.fcr03a.wdc04.networklayer.com (169.55.118.205)
213515 84.49 ms ae2.dar04.wdc04.networklayer.com (169.45.18.237)
213616 84.36 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
2137
2138NSE: Script Post-scanning.
2139Initiating NSE at 01:27
2140Completed NSE at 01:27, 0.00s elapsed
2141Initiating NSE at 01:27
2142Completed NSE at 01:27, 0.00s elapsed
2143####################################################################################################################################
2144<!--
2145<SCRIPT language=JavaScript1.2><!--
2146 <!-- <LI><A href="http://www.premiumhdv.com/?cGlkPTM5OCZjYXQ9MTgmcHJnPTcmdG91cj0xOA==" target=_blank>HD Videos</A> -->
2147 <LI><!-- AddThis Button BEGIN -->
2148<!-- AddThis Button END --></LI>
2149<!-- AddThis Socialbox -->
2150<!-- AddThis Socialbox End -->
2151 <!--START ADS-->
2152 <!--END ADS-->
2153 <!--START ADS-->
2154 <!--END ADS-->
2155 <!--START ADS-->
2156 <!--END ADS-->
2157 <!--START ADS-->
2158 <!--END ADS-->
2159 <!--START ADS-->
2160 <!--END ADS-->
2161 <!-- OUTSTER CODE -->
2162<script language="JavaScript"><!--
2163<script language="JavaScript1.2"><!--
2164<script language="JavaScript"><!--
2165<!-- END OUTSTER CODE --></td>
2166 <!-- Begin SexList Counter Code -->
2167<!-- End SexList Counter Code--></td>
2168 <!-- MASTERSTATS.COM COUNTER -->
2169<SCRIPT language="JavaScript"><!--
2170<SCRIPT language="JavaScript"><!--
2171<SCRIPT language="JavaScript"><!--
2172<!-- MASTERSTATS.COM COUNTER END --></td>
2173 <!-- BEGIN SEXTRACKER CODE - ALTERATION WILL RESULT IN ACCOUNT CANCELLATION -->
2174<!-- END SEXTRACKER CODE -->
2175<!-- BEGIN SEXTRACKER CLIT CODE v2.2_f - ALTERATION WILL RESULT IN INACCURATE STATS -->
2176<!-- THE FOLLOWING CODE IS COPYRIGHT 1997-2002 FLYING CROCODILE, INC -->
2177<script language="JavaScript"><!--
2178<script language="JavaScript1.1"><!--
2179<script language="JavaScript1.2"><!--
2180<script language="JavaScript"><!--
2181<!-- DONE WITH SEXTRACKER CLIT CODE -- HAVE A NICE DAY -->
2182 <!-- XXX COUNTER -->
2183<!-- END XXXCOUNTER --> </td>
2184####################################################################################################################################
2185/2257.html
2186clit8.sextracker.com/clit?CID=393735&
2187css/style.css
2188</font>
2189http://adultfriendfinder.com/p/memsearch.cgi?pid=g794868-pct&show=M-M&find_sex=1
2190http://alexbucks.com/fhg/ab/eowyn_ward.htm?id=1439982
2191http://askmystack.com/?
2192http://bestgayssex.com/
2193http://c.actiondesk.com/?s=17494&p=22&pp=1&bp=1
2194http://clit8.sextracker.com/clit?CID=393735&jv=00
2195http://futuregay.com
2196http://galleries.allgaysitespass.com/movie/agsp/71/?t1/revs=murdoc
2197http://galleries.hardlatingays.com/movies/70/?t1/revs=murdoc
2198http://galleries.sinfulgay.com/movies/197/?t1/revs=murdoc
2199http://gallery.eurotwinkin.com/fhg/59/?nats=MTA0MjA6MjoxMA,0,0,0,597
2200http://gallys.nastydollars.com/bf/190/?id=jennyxxx
2201http://gallys.nastydollars.com/bf/201/?id=jennyxxx
2202http://gallys.realitykings.com/bf/577/?id=jennyxxx
2203http://gallys.rk.com/bf/1133/?id=jennyxxx
2204http://gallys.rk.com/bf/916/?id=jennyxxx
2205http://gallys.rk.com/dk/152/?id=jennyxxx
2206http://gays.itslive.com/movies/35/?ILREVS=murdoc
2207http://gay.xxxcounter.com/e/3/221853/
2208http://html.freebuddymovies.com/5/12/vids/1603/6293/15/13_576ac_01.html?pr=9&su=2&ad=12195
2209http://html.freebuddymovies.com/5/12/vids/4163/15328/15/13_8d365_01.html?pr=9&su=2&ad=12195
2210http://html.freebuddymovies.com/5/14/vids/1801/7146/15/15_77563_01.html?pr=9&su=2&ad=12195
2211http://html.freebuddymovies.com/5/14/vids/1834/8605/15/15_958bd_01.html?pr=9&su=2&ad=12195
2212http://html.freebuddymovies.com/5/14/vids/1836/8625/15/15_cbafc_01.html?pr=9&su=2&ad=12195
2213http://html.freebuddymovies.com/5/14/vids/1849/8094/15/15_1296c_01.html?pr=9&su=2&ad=12195
2214http://html.freebuddymovies.com/5/14/vids/2520/9852/15/15_d7e80_01.html?pr=9&su=2&ad=12195
2215http://html.freebuddymovies.com/5/19/pics/8049/nude/50_c1848_01.html?pr=9&32su=1&32ad=12195
2216http://html.freebuddymovies.com/5/1/pics/0320/non_nude/7_c1848_06.html?pr=9&su=1&ad=12195
2217http://html.freebuddymovies.com/5/37/pics/9536/nude/68_c1848_01.html?pr=9&su=1&ad=12195
2218http://html.freebuddymovies.com/5/3/vids/938/5419/15/4_97579_01.html?pr=9&su=2&ad=12195
2219http://html.freebuddymovies.com/5/46/pics/90447/nude/118_c1848_01.html?pr=9&su=1&ad=12195
2220http://html.freebuddymovies.com/5/46/pics/99809/nude/118_c1848_01.html?pr=9&su=1&ad=12195
2221http://html.freebuddymovies.com/5/4/vids/966/5461/15/5_90f04_01.html?pr=9&su=2&ad=12195
2222http://image.masterstats.com/cnt?id=14516
2223http://link.masterstats.com/stat-redir?id=14516
2224http://lobby.sexlist.com/?TSLID=199393=501
2225http://moregaytwinks.com
2226http://mt.livecamfun.com/xtarc/576687/366/0/arg_tour=rex1?mta=330162
2227http://refer105.outster.com/refer?CID=77544
2228http://s7.addthis.com/static/btn/v2/lg-bookmark-en.gif
2229http://sexyboys.name/
2230http://sunnytgp.com
2231http://sweetgays.net/
2232http://tgp.gammacash.com/pic_gallery/cumon/jordan!_08a-2002-12-10/bluethb_15.html?adv_id=176661
2233http://TGP.outster.com/e/11/77544/
2234http://the.sextracker.com/e/393735
2235http://trafficholder.com/aff.php?droider
2236http://twinkass.net/
2237http://twinkhot.com/
2238http://twinkpeaks.com/twink-pics.shtml
2239http://veryyoungtwinks.net/
2240http://www2.fetishhitsgallery.com/movie/gbh/6/?t1/pps=murdoc
2241http://www2.fetishhitsgallery.com/movie/ggv/9/?t1/pps=murdoc
2242http://www2.fetishhitsgallery.com/movie/gsg/22/?t1/pps=murdoc
2243http://www2.fetishhitsgallery.com/movie/gss/25/?t1/pps=murdoc
2244http://www3.fetishhitsgallery.com/movie/gbh/35/?t1/pps=murdoc
2245http://www3.fetishhitsgallery.com/movie/gbh/39/?t1/pps=murdoc
2246http://www3.fetishhitsgallery.com/movie/gbh/65/?t1/pps=murdoc
2247http://www3.fetishhitsgallery.com/movie/ggsv/57/?t1/pps=murdoc
2248http://www3.fetishhitsgallery.com/movie/gsg/32/?t1/pps=murdoc
2249http://www3.fetishhitsgallery.com/movie/gsg/43/?t1/pps=murdoc
2250http://www3.fetishhitsgallery.com/movie/gsg/78/?t1/pps=murdoc
2251http://www3.fetishhitsgallery.com/movie/gss/35/?t1/pps=murdoc
2252http://www3.fetishhitsgallery.com/movie/gss/39/?t1/pps=murdoc
2253http://www3.fetishhitsgallery.com/movie/gss/55/?t1/pps=murdoc
2254http://www3.fetishhitsgallery.com/movie/sg/19/?t1/pps=murdoc
2255http://www3.fetishhitsgallery.com/movie/sgt/41/?t1/pps=murdoc
2256http://www3.fetishhitsgallery.com/movie/tgh/35/?t1/pps=murdoc
2257http://www.5star-boys.com/
2258http://www.bananasblue.com/?
2259http://www.boysmaster.com/
2260http://www.boysmaster.com/main1.html
2261http://www.boysmaster.com/main2.html
2262http://www.boysmaster.com/main3.html
2263http://www.columbian-boys.com/
2264http://www.free-pics-tgp.com/
2265http://www.fucktgp.net/
2266http://www.gayproject.com
2267http://www.premiumhdv.com/?cGlkPTM5OCZjYXQ9MTgmcHJnPTcmdG91cj0xOA==
2268http://www.sexgaytgp.com/
2269http://www.straightboygalleries.com/flv/hosted/bsb_galleries/006/index.php?nats=jennyxxx:persignup:bstraightboys,0,0,0,
2270http://www.thesexfolder.com/movie/gss/82/?t1/revs=murdoc
2271http://www.virginboys.net/tgp/
2272http://www.w3.org/1999/xhtml
2273text/javascript
2274-//W3C//DTD HTML 4.01 Transitional//EN
2275-//W3C//DTD XHTML 1.0 Transitional//EN
2276/x.xxx?link=MeNu
2277/x.xxx?p=100.000.I34p1.729035.***&url=http://go.trafficshop.com/81a627a6/gay
2278/x.xxx?p=100.000.I65p1.699212.***&url=http://go.trafficshop.com/81a627a6/gay
2279/x.xxx?p=100.000.I74p1.728808.***&url=http://go.trafficshop.com/81a627a6/gay
2280/x.xxx?p=100.000.I75p1.667062.***&url=http://go.trafficshop.com/81a627a6/gay
2281/x.xxx?p=51.000.I100p1.570655.***&url=http://gallys.realitykings.com/bf/594/?id=jennyxxx
2282/x.xxx?p=51.000.I101p1.725949.***&url=http://galleries.adult-empire.com/10399/607802/5088/index.php
2283/x.xxx?p=51.000.I102p1.724516.***&url=http://galleries2.adult-empire.com/9756/529389/5088/index.php
2284/x.xxx?p=51.000.I103p1.699218.***&url=http://galleries2.adult-empire.com/8793/409025/5088/index.php
2285/x.xxx?p=51.000.I104p1.727026.***&url=http://www2.fetishhitsgallery.com/movie/jgh/20/?t1/pps=murdoc
2286/x.xxx?p=51.000.I105p1.606464.***&url=http://galleries2.adult-empire.com/8793/408884/5088/index.php
2287/x.xxx?p=51.000.I106p1.725574.***&url=http://galleries2.adult-empire.com/8211/353162/5088/index.php
2288/x.xxx?p=51.000.I107p1.729525.***&url=http://galleries.adult-empire.com/10212/640349/5088/index.php
2289/x.xxx?p=51.000.I108p1.728748.***&url=http://galleries2.adult-empire.com/9637/587297/5088/index.php
2290/x.xxx?p=51.000.I109p1.680728.***&url=http://promo.boundgods.com/g/20593-a1gaytgp:KOD20RevLife/5464/i/6/h/
2291/x.xxx?p=51.000.I110p1.676400.***&url=http://html.freebuddymovies.com/5/1/pics/1625/nude/7_c1848_01.html?pr=9%26su=1%26ad=12195
2292/x.xxx?p=51.000.I111p1.728945.***&url=http://galleries.adult-empire.com/7313/212798/5088/index.php
2293/x.xxx?p=51.000.I112p1.717626.***&url=http://galleries2.adult-empire.com/9033/446995/5088/index.php
2294/x.xxx?p=51.000.I113p1.729481.***&url=http://html.freebuddymovies.com/5/12/vids/3012/11837/15/13_de867_01.html?pr=9%26su=2%26ad=12195
2295/x.xxx?p=51.000.I114p1.723737.***&url=http://galleries2.adult-empire.com/8793/409055/5088/index.php
2296/x.xxx?p=51.000.I115p1.723418.***&url=http://galleries2.adult-empire.com/9756/529386/5088/index.php
2297/x.xxx?p=51.000.I116p1.597652.***&url=http://www1.bfcollection.com/994833/bfc/movies/bfcv-020/david-jarrin.html
2298/x.xxx?p=51.000.I117p1.728975.***&url=http://www3.fetishhitsgallery.com/movie/jgh/39/?t1/pps=murdoc
2299/x.xxx?p=51.000.I118p1.725476.***&url=http://www3.fetishhitsgallery.com/movie/gbh/54/?t1/pps=murdoc
2300/x.xxx?p=51.000.I119p1.698678.***&url=http://html.freebuddymovies.com/5/1/pics/1641/nude/7_c1848_01.html?pr=9%2632su=1%2632ad=12195
2301/x.xxx?p=51.000.I96p1.728401.***&url=http://html.freebuddymovies.com/5/1/pics/24930/nude/7_c1848_01.html?pr=9%26su=1%26ad=12195
2302/x.xxx?p=51.000.I97p1.688504.***&url=http://alexbucks.com/fhg/ab/jan.htm?id=1439982
2303/x.xxx?p=51.000.I98p1.729455.***&url=http://html.freebuddymovies.com/5/48/pics/25316/nude/123_c1848_01.html?pr=9%26su=1%26ad=12195
2304/x.xxx?p=51.000.I99p1.553688.***&url=http://www1.bfcollection.com/994833/bfc/pictures/10bf/Marcus/index.html
2305/x.xxx?p=52.000.I72p1.698671.***&url=http://galleries.adult-empire.com/4133/34781/5088/index.php
2306/x.xxx?p=52.000.I73p1.729252.***&url=http://galleries2.adult-empire.com/9756/529362/5088/index.php
2307/x.xxx?p=52.000.I76p1.729657.***&url=http://html.freebuddymovies.com/5/14/vids/3770/14001/15/15_2cdcb_01.html?pr=9%26su=2%26ad=12195
2308/x.xxx?p=52.000.I77p1.725641.***&url=http://html.freebuddymovies.com/5/12/vids/2667/10180/15/13_1fc67_01.html?pr=9%26su=2%26ad=12195
2309/x.xxx?p=52.000.I78p1.725148.***&url=http://html.freebuddymovies.com/5/2/vids/3951/14930/15/3_73a74_01.html?pr=9%26su=2%26ad=12195
2310/x.xxx?p=52.000.I79p1.724372.***&url=http://galleries1.adult-empire.com/6980/164243/5088/index.php
2311/x.xxx?p=52.000.I80p1.729558.***&url=http://html.freebuddymovies.com/5/12/vids/1958/7612/15/13_4845c_01.html?pr=9%26su=2%26ad=12195
2312/x.xxx?p=52.000.I81p1.728661.***&url=http://galleries2.adult-empire.com/9440/492626/5088/index.php
2313/x.xxx?p=52.000.I82p1.710153.***&url=http://galleries.adult-empire.com/4851/8345/5088/index.php
2314/x.xxx?p=52.000.I83p1.729548.***&url=http://html.freebuddymovies.com/5/12/vids/4004/15117/15/13_91efa_01.html?pr=9%26su=2%26ad=12195
2315/x.xxx?p=52.000.I84p1.727147.***&url=http://galleries1.adult-empire.com/6474/95701/5088/index.php
2316/x.xxx?p=52.000.I85p1.707970.***&url=http://galleries2.adult-empire.com/9756/529371/5088/index.php
2317/x.xxx?p=52.000.I86p1.725238.***&url=http://galleries2.adult-empire.com/9756/529399/5088/index.php
2318/x.xxx?p=52.000.I87p1.729727.***&url=http://galleries.adult-empire.com/7309/212297/5088/index.php
2319/x.xxx?p=52.000.I88p1.711337.***&url=http://galleries2.adult-empire.com/9756/529361/5088/index.php
2320/x.xxx?p=52.000.I89p1.619733.***&url=http://gallys.realitykings.com/bf/740/?id=jennyxxx
2321/x.xxx?p=52.000.I90p1.678819.***&url=http://promo.nakedkombat.com/g/20593-a1gaytgp:KOD20RevLife/6440/i/0/h/
2322/x.xxx?p=52.000.I91p1.725822.***&url=http://html.freebuddymovies.com/5/33/pics/99475/nude/53_c1848_01.html?pr=9%26su=1%26ad=12195
2323/x.xxx?p=52.000.I92p1.729426.***&url=http://www3.fetishhitsgallery.com/movie/sgt/40/?t1/pps=murdoc
2324/x.xxx?p=52.000.I93p1.614607.***&url=http://alexbucks.com/fhg/ab/felix2.htm?id=1439982
2325/x.xxx?p=52.000.I94p1.726075.***&url=http://www2.fetishhitsgallery.com/movie/gbh/19/?t1/pps=murdoc
2326/x.xxx?p=52.000.I95p1.724796.***&url=http://html.freebuddymovies.com/5/4/vids/803/3105/15/5_1f6f6_02.html?pr=9%26su=2%26ad=12195
2327/x.xxx?p=53.000.I48p1.682298.***&url=http://html.freebuddymovies.com/5/1/pics/1697/nude/7_c1848_01.html?pr=9%26su=2%26ad=12195
2328/x.xxx?p=53.000.I49p1.666375.***&url=http://galleries.adult-empire.com/10399/607837/5088/index.php
2329/x.xxx?p=53.000.I50p1.725249.***&url=http://www2.fetishhitsgallery.com/movie/ggv/15/?t1/pps=murdoc
2330/x.xxx?p=53.000.I51p1.693541.***&url=http://galleries2.adult-empire.com/9033/447112/5088/index.php
2331/x.xxx?p=53.000.I52p1.725957.***&url=http://html.freebuddymovies.com/5/3/vids/937/5418/15/4_284d0_01.html?pr=9%26su=2%26ad=12195
2332/x.xxx?p=53.000.I53p1.724526.***&url=http://galleries2.adult-empire.com/9756/529375/5088/index.php
2333/x.xxx?p=53.000.I54p1.729505.***&url=http://html.freebuddymovies.com/5/41/pics/99647/nude/88_c1848_01.html?pr=9%26su=1%26ad=12195
2334/x.xxx?p=53.000.I55p1.728804.***&url=http://www2.fetishhitsgallery.com/movie/gbh/26/?t1/pps=murdoc
2335/x.xxx?p=53.000.I56p1.616245.***&url=http://gallys.rk.com/bf/1013/?id=jennyxxx
2336/x.xxx?p=53.000.I57p1.649634.***&url=http://galleries2.adult-empire.com/9033/446945/5088/index.php
2337/x.xxx?p=53.000.I58p1.656221.***&url=http://alexbucks.com/fhg/ab/dog.htm?id=1439982
2338/x.xxx?p=53.000.I59p1.729615.***&url=http://www2.fetishhitsgallery.com/movie/tgc/2/?t1/pps=murdoc
2339/x.xxx?p=53.000.I60p1.729223.***&url=http://html.freebuddymovies.com/5/40/pics/15060/nude/83_c1848_01.html?pr=9%26su=1%26ad=12195
2340/x.xxx?p=53.000.I61p1.666934.***&url=http://galleries2.adult-empire.com/9756/529396/5088/index.php
2341/x.xxx?p=53.000.I62p1.705821.***&url=http://galleries2.adult-empire.com/9756/529363/5088/index.php
2342/x.xxx?p=53.000.I63p1.688797.***&url=http://alexbucks.com/fhg/ab/lucas_harry_02.htm?id=1439982
2343/x.xxx?p=53.000.I64p1.728598.***&url=http://galleries2.adult-empire.com/9033/447088/5088/index.php
2344/x.xxx?p=53.000.I66p1.693539.***&url=http://galleries.adult-empire.com/10399/607758/5088/index.php
2345/x.xxx?p=53.000.I67p1.648049.***&url=http://gallys.rk.com/bf/1052/?id=jennyxxx
2346/x.xxx?p=53.000.I68p1.729274.***&url=http://galleries1.adult-empire.com/5974/244670/5088/index.php
2347/x.xxx?p=53.000.I69p1.724606.***&url=http://galleries2.adult-empire.com/9756/529373/5088/index.php
2348/x.xxx?p=53.000.I70p1.717396.***&url=http://galleries2.adult-empire.com/8793/408648/5088/index.php
2349/x.xxx?p=53.000.I71p1.726000.***&url=http://galleries2.adult-empire.com/8793/408858/5088/index.php
2350/x.xxx?p=54.000.I24p1.723433.***&url=http://galleries.adult-empire.com/4133/34791/5088/index.php
2351/x.xxx?p=54.000.I25p1.729672.***&url=http://html.freebuddymovies.com/5/14/vids/1770/6970/15/15_e0e95_01.html?pr=9%26su=2%26ad=12195
2352/x.xxx?p=54.000.I26p1.456488.***&url=http://www1.bfcollection.com/994833/bfc/pictures/09/leo.html
2353/x.xxx?p=54.000.I27p1.724390.***&url=http://tgp.gammacash.com/galleries/pictures/pornication_live/bio/valentino/h/0/index.60.html?adv_id=176661
2354/x.xxx?p=54.000.I28p1.597764.***&url=http://www1.bfcollection.com/994833/bfc/pictures/bfc-02/index.html
2355/x.xxx?p=54.000.I29p1.725797.***&url=http://html.freebuddymovies.com/5/80/pics/99574/nude/187_c1848_01.html?pr=9%26su=1%26ad=12195
2356/x.xxx?p=54.000.I30p1.724400.***&url=http://galleries2.adult-empire.com/8793/408840/5088/index.php
2357/x.xxx?p=54.000.I31p1.669811.***&url=http://promo.boundgods.com/g/20593-a1gaytgp:KOD20RevLife/8202/i/3/h/
2358/x.xxx?p=54.000.I32p1.722945.***&url=http://galleries2.adult-empire.com/9033/446962/5088/index.php
2359/x.xxx?p=54.000.I33p1.723362.***&url=http://galleries2.adult-empire.com/9033/447172/5088/index.php
2360/x.xxx?p=54.000.I35p1.506622.***&url=http://www1.bfcollection.com/994833/bfc/pictures/bfc-15/austin.html
2361/x.xxx?p=54.000.I36p1.725403.***&url=http://alexbucks.com/fhg/ab/akilo_02.htm?id=1439982
2362/x.xxx?p=54.000.I37p1.719986.***&url=http://galleries2.adult-empire.com/8793/409031/5088/index.php
2363/x.xxx?p=54.000.I38p1.725438.***&url=http://html.freebuddymovies.com/5/12/vids/4269/15505/15/13_3414a_01.html?pr=9%26su=2%26ad=12195
2364/x.xxx?p=54.000.I39p1.687772.***&url=http://galleries2.adult-empire.com/8793/409039/5088/index.php
2365/x.xxx?p=54.000.I40p1.654721.***&url=http://alexbucks.com/fhg/ab/john_d_2.htm?id=1439982
2366/x.xxx?p=54.000.I41p1.729212.***&url=http://www3.fetishhitsgallery.com/movie/ggsv/59/?t1/pps=murdoc
2367/x.xxx?p=54.000.I42p1.725222.***&url=http://html.freebuddymovies.com/5/14/vids/3398/13003/15/15_070f0_01.html?pr=9%26su=2%26ad=12195
2368/x.xxx?p=54.000.I43p1.666576.***&url=http://collegeguys.itslive.com/movies/56/?ILREVS=murdoc
2369/x.xxx?p=54.000.I44p1.668769.***&url=http://galleries2.adult-empire.com/9417/485156/5088/index.php
2370/x.xxx?p=54.000.I45p1.658171.***&url=http://alexbucks.com/fhg/ab/camillo.htm?id=1439982
2371/x.xxx?p=54.000.I46p1.723430.***&url=http://galleries.adult-empire.com/10212/640357/5088/index.php
2372/x.xxx?p=54.000.I47p1.723436.***&url=http://galleries2.adult-empire.com/9388/480587/5088/index.php
2373/x.xxx?p=55.000.I0p1.729654.***&url=http://html.freebuddymovies.com/5/1/vids/748/3005/15/1_9d7b1_01.html?pr=9%26su=2%26ad=12195
2374/x.xxx?p=55.000.I10p1.729674.***&url=http://html.freebuddymovies.com/5/14/vids/2548/9979/15/15_045b6_01.html?pr=9%26su=2%26ad=12195
2375/x.xxx?p=55.000.I11p1.669016.***&url=http://promo.nakedkombat.com/g/20593-a1gaytgp:KOD20RevLife/7426/i/2/h/
2376/x.xxx?p=55.000.I12p1.724126.***&url=http://galleries.adult-empire.com/10399/607788/5088/index.php
2377/x.xxx?p=55.000.I13p1.439312.***&url=http://www1.bfcollection.com/994833/bfc/pictures/bfc-05/index.html
2378/x.xxx?p=55.000.I14p1.723432.***&url=http://galleries.adult-empire.com/4133/34802/5088/index.php
2379/x.xxx?p=55.000.I15p1.729621.***&url=http://html.freebuddymovies.com/5/14/vids/3292/12729/15/15_11bcb_01.html?pr=9%26su=2%26ad=12195
2380/x.xxx?p=55.000.I16p1.686799.***&url=http://gallys.realitykings.com/bf/608/?id=jennyxxx
2381/x.xxx?p=55.000.I17p1.494885.***&url=http://www1.bfcollection.com/994833/bfc/pictures/02/index.html
2382/x.xxx?p=55.000.I18p1.682704.***&url=http://alexbucks.com/fhg/ab/arpad_zoltan.htm?id=1439982
2383/x.xxx?p=55.000.I19p1.725290.***&url=http://galleries2.adult-empire.com/8836/413777/5088/index.php
2384/x.xxx?p=55.000.I1p1.581521.***&url=http://www1.bfcollection.com/994833/bfc/pictures/10bf/Brad-and-Shayne/index.html
2385/x.xxx?p=55.000.I20p1.398841.***&url=http://www1.bfcollection.com/994833/bfc/pictures/08/danny-aidan.html
2386/x.xxx?p=55.000.I21p1.716370.***&url=http://alexbucks.com/fhg/ab/nathan.htm?id=1439982
2387/x.xxx?p=55.000.I22p1.652068.***&url=http://gallys.realitykings.com/bf/766/?id=jennyxxx
2388/x.xxx?p=55.000.I23p1.693550.***&url=http://galleries2.adult-empire.com/8793/409026/5088/index.php
2389/x.xxx?p=55.000.I2p1.729748.***&url=http://galleries2.adult-empire.com/9388/480803/5088/index.php
2390/x.xxx?p=55.000.I3p1.413423.***&url=http://www1.bfcollection.com/994833/bfc/pictures/06bf/Brad/index.html
2391/x.xxx?p=55.000.I4p1.642597.***&url=http://gays.itslive.com/movies/222/?ILREVS=murdoc
2392/x.xxx?p=55.000.I5p1.670495.***&url=http://galleries.adult-empire.com/10399/607759/5088/index.php
2393/x.xxx?p=55.000.I6p1.683626.***&url=http://alexbucks.com/fhg/ab/frodo.htm?id=1439982
2394/x.xxx?p=55.000.I7p1.688506.***&url=http://alexbucks.com/fhg/ab/janusz.htm?id=1439982
2395/x.xxx?p=55.000.I8p1.647370.***&url=http://alexbucks.com/fhg/ab/akilo_5.htm?id=1439982
2396/x.xxx?p=55.000.I9p1.669863.***&url=http://html.freebuddymovies.com/5/41/pics/11906/nude/88_c1848_01.html?pr=9%26su=1%26ad=12195
2397####################################################################################################################################
2398http://boysmaster.com [200 OK] AddThis, Cookies[xid,xpageid,xstate,xvc], Country[SWITZERLAND][CH], Google-Analytics[UA-17168657-5], HTTPServer[nginx/1.14.0], IP[169.47.149.241], Script[JavaScript,JavaScript1.1,JavaScript1.2,text/javascript], Title[Boys Master - Always fresh Gays galleries], nginx[1.14.0]
2399####################################################################################################################################
2400------------------------------------------------------------------------------------------------------------------------
2401
2402[ ! ] Starting SCANNER INURLBR 2.1 at [11-02-2020 01:28:37]
2403[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
2404It is the end user's responsibility to obey all applicable local, state and federal laws.
2405Developers assume no liability and are not responsible for any misuse or damage caused by this program
2406
2407[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/boysmaster.com/output/inurlbr-boysmaster.com ]
2408[ INFO ][ DORK ]::[ site:boysmaster.com ]
2409[ INFO ][ SEARCHING ]:: {
2410[ INFO ][ ENGINE ]::[ GOOGLE - www.google.bj ]
2411
2412[ INFO ][ SEARCHING ]::
2413-[:::]
2414[ INFO ][ ENGINE ]::[ GOOGLE API ]
2415
2416[ INFO ][ SEARCHING ]::
2417-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2418[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.ms ID: 006688160405527839966:yhpefuwybre ]
2419
2420[ INFO ][ SEARCHING ]::
2421-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
2422
2423[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
2424
2425
2426 _[ - ]::--------------------------------------------------------------------------------------------------------------
2427|_[ + ] [ 0 / 100 ]-[01:28:51] [ ! ]
2428|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/ ]
2429|_[ + ] Exploit::
2430|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2431|_[ + ] More details:: / - / , ISP:
2432|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2433|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2434
2435 _[ - ]::--------------------------------------------------------------------------------------------------------------
2436|_[ + ] [ 1 / 100 ]-[01:28:52] [ ! ]
2437|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/main3.html ]
2438|_[ + ] Exploit::
2439|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2440|_[ + ] More details:: / - / , ISP:
2441|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2442|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2443
2444 _[ - ]::--------------------------------------------------------------------------------------------------------------
2445|_[ + ] [ 2 / 100 ]-[01:28:53] [ ! ]
2446|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/main2.html ]
2447|_[ + ] Exploit::
2448|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2449|_[ + ] More details:: / - / , ISP:
2450|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2451|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2452
2453 _[ - ]::--------------------------------------------------------------------------------------------------------------
2454|_[ + ] [ 3 / 100 ]-[01:28:54] [ ! ]
2455|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/?allboysnude.com ]
2456|_[ + ] Exploit::
2457|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2458|_[ + ] More details:: / - / , ISP:
2459|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2460|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2461
2462 _[ - ]::--------------------------------------------------------------------------------------------------------------
2463|_[ + ] [ 4 / 100 ]-[01:28:55] [ ! ]
2464|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/?virginboys.net ]
2465|_[ + ] Exploit::
2466|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2467|_[ + ] More details:: / - / , ISP:
2468|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2469|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2470
2471 _[ - ]::--------------------------------------------------------------------------------------------------------------
2472|_[ + ] [ 5 / 100 ]-[01:28:56] [ ! ]
2473|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/?tenderboys.net ]
2474|_[ + ] Exploit::
2475|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2476|_[ + ] More details:: / - / , ISP:
2477|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2478|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2479
2480 _[ - ]::--------------------------------------------------------------------------------------------------------------
2481|_[ + ] [ 6 / 100 ]-[01:28:57] [ ! ]
2482|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/?gayz.us ]
2483|_[ + ] Exploit::
2484|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2485|_[ + ] More details:: / - / , ISP:
2486|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2487|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2488
2489 _[ - ]::--------------------------------------------------------------------------------------------------------------
2490|_[ + ] [ 7 / 100 ]-[01:28:58] [ ! ]
2491|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/?x=6236. ]
2492|_[ + ] Exploit::
2493|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2494|_[ + ] More details:: / - / , ISP:
2495|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2496|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2497
2498 _[ - ]::--------------------------------------------------------------------------------------------------------------
2499|_[ + ] [ 8 / 100 ]-[01:28:59] [ ! ]
2500|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/?innocent-boys.com ]
2501|_[ + ] Exploit::
2502|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2503|_[ + ] More details:: / - / , ISP:
2504|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2505|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2506
2507 _[ - ]::--------------------------------------------------------------------------------------------------------------
2508|_[ + ] [ 9 / 100 ]-[01:29:00] [ ! ]
2509|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://boysmaster.com/?free-pics-tgp.com ]
2510|_[ + ] Exploit::
2511|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2512|_[ + ] More details:: / - / , ISP:
2513|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2514|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2515
2516 _[ - ]::--------------------------------------------------------------------------------------------------------------
2517|_[ + ] [ 10 / 100 ]-[01:29:01] [ ! ]
2518|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/?referer=www.domainratio.com ]
2519|_[ + ] Exploit::
2520|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2521|_[ + ] More details:: / - / , ISP:
2522|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2523|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2524
2525 _[ - ]::--------------------------------------------------------------------------------------------------------------
2526|_[ + ] [ 11 / 100 ]-[01:29:02] [ ! ]
2527|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) http://www.boysmaster.com/?sms_ss=twitter&at_xt=4d10064190eec00d ]
2528|_[ + ] Exploit::
2529|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2530|_[ + ] More details:: / - / , ISP:
2531|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
2532|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-boysmaster.com
2533
2534 _[ - ]::--------------------------------------------------------------------------------------------------------------
2535|_[ + ] [ 12 / 100 ]-[01:29:03] [ - ]
2536|_[ + ] Target:: [ http://www.boysmaster.com/x/wm.php ]
2537|_[ + ] Exploit::
2538|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx/1.14.0 , IP:169.47.149.241:80
2539|_[ + ] More details:: / - / , ISP:
2540|_[ + ] Found:: UNIDENTIFIED
2541
2542 _[ - ]::--------------------------------------------------------------------------------------------------------------
2543|_[ + ] [ 13 / 100 ]-[01:29:04] [ - ]
2544|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I46p1.673384. ]
2545|_[ + ] Exploit::
2546|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2547|_[ + ] More details:: / - / , ISP:
2548|_[ + ] Found:: UNIDENTIFIED
2549
2550 _[ - ]::--------------------------------------------------------------------------------------------------------------
2551|_[ + ] [ 14 / 100 ]-[01:29:05] [ - ]
2552|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I26p3.723088. ]
2553|_[ + ] Exploit::
2554|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2555|_[ + ] More details:: / - / , ISP:
2556|_[ + ] Found:: UNIDENTIFIED
2557
2558 _[ - ]::--------------------------------------------------------------------------------------------------------------
2559|_[ + ] [ 15 / 100 ]-[01:29:05] [ - ]
2560|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I108p2.723536. ]
2561|_[ + ] Exploit::
2562|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2563|_[ + ] More details:: / - / , ISP:
2564|_[ + ] Found:: UNIDENTIFIED
2565
2566 _[ - ]::--------------------------------------------------------------------------------------------------------------
2567|_[ + ] [ 16 / 100 ]-[01:29:06] [ - ]
2568|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I34p3.704653. ]
2569|_[ + ] Exploit::
2570|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2571|_[ + ] More details:: / - / , ISP:
2572|_[ + ] Found:: UNIDENTIFIED
2573
2574 _[ - ]::--------------------------------------------------------------------------------------------------------------
2575|_[ + ] [ 17 / 100 ]-[01:29:07] [ - ]
2576|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I38p1.634571. ]
2577|_[ + ] Exploit::
2578|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2579|_[ + ] More details:: / - / , ISP:
2580|_[ + ] Found:: UNIDENTIFIED
2581
2582 _[ - ]::--------------------------------------------------------------------------------------------------------------
2583|_[ + ] [ 18 / 100 ]-[01:29:08] [ - ]
2584|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I0p1.698177. ]
2585|_[ + ] Exploit::
2586|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2587|_[ + ] More details:: / - / , ISP:
2588|_[ + ] Found:: UNIDENTIFIED
2589
2590 _[ - ]::--------------------------------------------------------------------------------------------------------------
2591|_[ + ] [ 19 / 100 ]-[01:29:08] [ - ]
2592|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I36p1.681810. ]
2593|_[ + ] Exploit::
2594|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2595|_[ + ] More details:: / - / , ISP:
2596|_[ + ] Found:: UNIDENTIFIED
2597
2598 _[ - ]::--------------------------------------------------------------------------------------------------------------
2599|_[ + ] [ 20 / 100 ]-[01:29:09] [ - ]
2600|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I103p1.707602. ]
2601|_[ + ] Exploit::
2602|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2603|_[ + ] More details:: / - / , ISP:
2604|_[ + ] Found:: UNIDENTIFIED
2605
2606 _[ - ]::--------------------------------------------------------------------------------------------------------------
2607|_[ + ] [ 21 / 100 ]-[01:29:10] [ - ]
2608|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I90p1.600822. ]
2609|_[ + ] Exploit::
2610|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2611|_[ + ] More details:: / - / , ISP:
2612|_[ + ] Found:: UNIDENTIFIED
2613
2614 _[ - ]::--------------------------------------------------------------------------------------------------------------
2615|_[ + ] [ 22 / 100 ]-[01:29:11] [ - ]
2616|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I52p1.707612. ]
2617|_[ + ] Exploit::
2618|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2619|_[ + ] More details:: / - / , ISP:
2620|_[ + ] Found:: UNIDENTIFIED
2621
2622 _[ - ]::--------------------------------------------------------------------------------------------------------------
2623|_[ + ] [ 23 / 100 ]-[01:29:12] [ - ]
2624|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I119p3.678359. ]
2625|_[ + ] Exploit::
2626|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2627|_[ + ] More details:: / - / , ISP:
2628|_[ + ] Found:: UNIDENTIFIED
2629
2630 _[ - ]::--------------------------------------------------------------------------------------------------------------
2631|_[ + ] [ 24 / 100 ]-[01:29:12] [ - ]
2632|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I107p2.644390. ]
2633|_[ + ] Exploit::
2634|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2635|_[ + ] More details:: / - / , ISP:
2636|_[ + ] Found:: UNIDENTIFIED
2637
2638 _[ - ]::--------------------------------------------------------------------------------------------------------------
2639|_[ + ] [ 25 / 100 ]-[01:29:13] [ - ]
2640|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I3p3.699690. ]
2641|_[ + ] Exploit::
2642|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2643|_[ + ] More details:: / - / , ISP:
2644|_[ + ] Found:: UNIDENTIFIED
2645
2646 _[ - ]::--------------------------------------------------------------------------------------------------------------
2647|_[ + ] [ 26 / 100 ]-[01:29:14] [ - ]
2648|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I104p1.620425. ]
2649|_[ + ] Exploit::
2650|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2651|_[ + ] More details:: / - / , ISP:
2652|_[ + ] Found:: UNIDENTIFIED
2653
2654 _[ - ]::--------------------------------------------------------------------------------------------------------------
2655|_[ + ] [ 27 / 100 ]-[01:29:15] [ - ]
2656|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=51.000.I104p1.703353. ]
2657|_[ + ] Exploit::
2658|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2659|_[ + ] More details:: / - / , ISP:
2660|_[ + ] Found:: UNIDENTIFIED
2661
2662 _[ - ]::--------------------------------------------------------------------------------------------------------------
2663|_[ + ] [ 28 / 100 ]-[01:29:15] [ - ]
2664|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I73p1.675017. ]
2665|_[ + ] Exploit::
2666|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2667|_[ + ] More details:: / - / , ISP:
2668|_[ + ] Found:: UNIDENTIFIED
2669
2670 _[ - ]::--------------------------------------------------------------------------------------------------------------
2671|_[ + ] [ 29 / 100 ]-[01:29:16] [ - ]
2672|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I2p1.683944. ]
2673|_[ + ] Exploit::
2674|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2675|_[ + ] More details:: / - / , ISP:
2676|_[ + ] Found:: UNIDENTIFIED
2677
2678 _[ - ]::--------------------------------------------------------------------------------------------------------------
2679|_[ + ] [ 30 / 100 ]-[01:29:17] [ - ]
2680|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I32p1.709604. ]
2681|_[ + ] Exploit::
2682|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2683|_[ + ] More details:: / - / , ISP:
2684|_[ + ] Found:: UNIDENTIFIED
2685
2686 _[ - ]::--------------------------------------------------------------------------------------------------------------
2687|_[ + ] [ 31 / 100 ]-[01:29:18] [ - ]
2688|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=48.000.i55p1.689052. ]
2689|_[ + ] Exploit::
2690|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2691|_[ + ] More details:: / - / , ISP:
2692|_[ + ] Found:: UNIDENTIFIED
2693
2694 _[ - ]::--------------------------------------------------------------------------------------------------------------
2695|_[ + ] [ 32 / 100 ]-[01:29:19] [ - ]
2696|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I90p2.612024. ]
2697|_[ + ] Exploit::
2698|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2699|_[ + ] More details:: / - / , ISP:
2700|_[ + ] Found:: UNIDENTIFIED
2701
2702 _[ - ]::--------------------------------------------------------------------------------------------------------------
2703|_[ + ] [ 33 / 100 ]-[01:29:19] [ - ]
2704|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I98p2.644580. ]
2705|_[ + ] Exploit::
2706|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2707|_[ + ] More details:: / - / , ISP:
2708|_[ + ] Found:: UNIDENTIFIED
2709
2710 _[ - ]::--------------------------------------------------------------------------------------------------------------
2711|_[ + ] [ 34 / 100 ]-[01:29:20] [ - ]
2712|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=51.000.I98p1.707578. ]
2713|_[ + ] Exploit::
2714|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2715|_[ + ] More details:: / - / , ISP:
2716|_[ + ] Found:: UNIDENTIFIED
2717
2718 _[ - ]::--------------------------------------------------------------------------------------------------------------
2719|_[ + ] [ 35 / 100 ]-[01:29:21] [ - ]
2720|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I1p1.606921. ]
2721|_[ + ] Exploit::
2722|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2723|_[ + ] More details:: / - / , ISP:
2724|_[ + ] Found:: UNIDENTIFIED
2725
2726 _[ - ]::--------------------------------------------------------------------------------------------------------------
2727|_[ + ] [ 36 / 100 ]-[01:29:22] [ - ]
2728|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I109p1.698166. ]
2729|_[ + ] Exploit::
2730|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2731|_[ + ] More details:: / - / , ISP:
2732|_[ + ] Found:: UNIDENTIFIED
2733
2734 _[ - ]::--------------------------------------------------------------------------------------------------------------
2735|_[ + ] [ 37 / 100 ]-[01:29:22] [ - ]
2736|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I72p1.611026. ]
2737|_[ + ] Exploit::
2738|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2739|_[ + ] More details:: / - / , ISP:
2740|_[ + ] Found:: UNIDENTIFIED
2741
2742 _[ - ]::--------------------------------------------------------------------------------------------------------------
2743|_[ + ] [ 38 / 100 ]-[01:29:23] [ - ]
2744|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I77p1.615229. ]
2745|_[ + ] Exploit::
2746|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2747|_[ + ] More details:: / - / , ISP:
2748|_[ + ] Found:: UNIDENTIFIED
2749
2750 _[ - ]::--------------------------------------------------------------------------------------------------------------
2751|_[ + ] [ 39 / 100 ]-[01:29:24] [ - ]
2752|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I13p1.681542. ]
2753|_[ + ] Exploit::
2754|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2755|_[ + ] More details:: / - / , ISP:
2756|_[ + ] Found:: UNIDENTIFIED
2757
2758 _[ - ]::--------------------------------------------------------------------------------------------------------------
2759|_[ + ] [ 40 / 100 ]-[01:29:25] [ - ]
2760|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I3p1.603127. ]
2761|_[ + ] Exploit::
2762|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2763|_[ + ] More details:: / - / , ISP:
2764|_[ + ] Found:: UNIDENTIFIED
2765
2766 _[ - ]::--------------------------------------------------------------------------------------------------------------
2767|_[ + ] [ 41 / 100 ]-[01:29:25] [ - ]
2768|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I61p1.687801. ]
2769|_[ + ] Exploit::
2770|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2771|_[ + ] More details:: / - / , ISP:
2772|_[ + ] Found:: UNIDENTIFIED
2773
2774 _[ - ]::--------------------------------------------------------------------------------------------------------------
2775|_[ + ] [ 42 / 100 ]-[01:29:26] [ - ]
2776|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I50p1.680048. ]
2777|_[ + ] Exploit::
2778|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2779|_[ + ] More details:: / - / , ISP:
2780|_[ + ] Found:: UNIDENTIFIED
2781
2782 _[ - ]::--------------------------------------------------------------------------------------------------------------
2783|_[ + ] [ 43 / 100 ]-[01:29:27] [ - ]
2784|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=48.000.i51p1.709556. ]
2785|_[ + ] Exploit::
2786|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2787|_[ + ] More details:: / - / , ISP:
2788|_[ + ] Found:: UNIDENTIFIED
2789
2790 _[ - ]::--------------------------------------------------------------------------------------------------------------
2791|_[ + ] [ 44 / 100 ]-[01:29:28] [ - ]
2792|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I95p3.717850. ]
2793|_[ + ] Exploit::
2794|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2795|_[ + ] More details:: / - / , ISP:
2796|_[ + ] Found:: UNIDENTIFIED
2797
2798 _[ - ]::--------------------------------------------------------------------------------------------------------------
2799|_[ + ] [ 45 / 100 ]-[01:29:28] [ - ]
2800|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I3p2.715515. ]
2801|_[ + ] Exploit::
2802|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2803|_[ + ] More details:: / - / , ISP:
2804|_[ + ] Found:: UNIDENTIFIED
2805
2806 _[ - ]::--------------------------------------------------------------------------------------------------------------
2807|_[ + ] [ 46 / 100 ]-[01:29:29] [ - ]
2808|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=53.000.I59p1.621565. ]
2809|_[ + ] Exploit::
2810|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2811|_[ + ] More details:: / - / , ISP:
2812|_[ + ] Found:: UNIDENTIFIED
2813
2814 _[ - ]::--------------------------------------------------------------------------------------------------------------
2815|_[ + ] [ 47 / 100 ]-[01:29:30] [ - ]
2816|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I83p1.602122. ]
2817|_[ + ] Exploit::
2818|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2819|_[ + ] More details:: / - / , ISP:
2820|_[ + ] Found:: UNIDENTIFIED
2821
2822 _[ - ]::--------------------------------------------------------------------------------------------------------------
2823|_[ + ] [ 48 / 100 ]-[01:29:31] [ - ]
2824|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I35p2.713053. ]
2825|_[ + ] Exploit::
2826|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2827|_[ + ] More details:: / - / , ISP:
2828|_[ + ] Found:: UNIDENTIFIED
2829
2830 _[ - ]::--------------------------------------------------------------------------------------------------------------
2831|_[ + ] [ 49 / 100 ]-[01:29:32] [ - ]
2832|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I23p1.671599. ]
2833|_[ + ] Exploit::
2834|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2835|_[ + ] More details:: / - / , ISP:
2836|_[ + ] Found:: UNIDENTIFIED
2837
2838 _[ - ]::--------------------------------------------------------------------------------------------------------------
2839|_[ + ] [ 50 / 100 ]-[01:29:32] [ - ]
2840|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I110p2.699054. ]
2841|_[ + ] Exploit::
2842|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2843|_[ + ] More details:: / - / , ISP:
2844|_[ + ] Found:: UNIDENTIFIED
2845
2846 _[ - ]::--------------------------------------------------------------------------------------------------------------
2847|_[ + ] [ 51 / 100 ]-[01:29:33] [ - ]
2848|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I84p2.685653. ]
2849|_[ + ] Exploit::
2850|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2851|_[ + ] More details:: / - / , ISP:
2852|_[ + ] Found:: UNIDENTIFIED
2853
2854 _[ - ]::--------------------------------------------------------------------------------------------------------------
2855|_[ + ] [ 52 / 100 ]-[01:29:34] [ - ]
2856|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I100p2.688887. ]
2857|_[ + ] Exploit::
2858|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2859|_[ + ] More details:: / - / , ISP:
2860|_[ + ] Found:: UNIDENTIFIED
2861
2862 _[ - ]::--------------------------------------------------------------------------------------------------------------
2863|_[ + ] [ 53 / 100 ]-[01:29:35] [ - ]
2864|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I77p1.715119. ]
2865|_[ + ] Exploit::
2866|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2867|_[ + ] More details:: / - / , ISP:
2868|_[ + ] Found:: UNIDENTIFIED
2869
2870 _[ - ]::--------------------------------------------------------------------------------------------------------------
2871|_[ + ] [ 54 / 100 ]-[01:29:36] [ - ]
2872|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I58p1.568997. ]
2873|_[ + ] Exploit::
2874|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2875|_[ + ] More details:: / - / , ISP:
2876|_[ + ] Found:: UNIDENTIFIED
2877
2878 _[ - ]::--------------------------------------------------------------------------------------------------------------
2879|_[ + ] [ 55 / 100 ]-[01:29:37] [ - ]
2880|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I4p1.716360. ]
2881|_[ + ] Exploit::
2882|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2883|_[ + ] More details:: / - / , ISP:
2884|_[ + ] Found:: UNIDENTIFIED
2885
2886 _[ - ]::--------------------------------------------------------------------------------------------------------------
2887|_[ + ] [ 56 / 100 ]-[01:29:37] [ - ]
2888|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I90p1.703333. ]
2889|_[ + ] Exploit::
2890|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2891|_[ + ] More details:: / - / , ISP:
2892|_[ + ] Found:: UNIDENTIFIED
2893
2894 _[ - ]::--------------------------------------------------------------------------------------------------------------
2895|_[ + ] [ 57 / 100 ]-[01:29:38] [ - ]
2896|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I104p2.723776. ]
2897|_[ + ] Exploit::
2898|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2899|_[ + ] More details:: / - / , ISP:
2900|_[ + ] Found:: UNIDENTIFIED
2901
2902 _[ - ]::--------------------------------------------------------------------------------------------------------------
2903|_[ + ] [ 58 / 100 ]-[01:29:39] [ - ]
2904|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=47.000.i86p1.549751. ]
2905|_[ + ] Exploit::
2906|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2907|_[ + ] More details:: / - / , ISP:
2908|_[ + ] Found:: UNIDENTIFIED
2909
2910 _[ - ]::--------------------------------------------------------------------------------------------------------------
2911|_[ + ] [ 59 / 100 ]-[01:29:40] [ - ]
2912|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I113p1.691789. ]
2913|_[ + ] Exploit::
2914|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2915|_[ + ] More details:: / - / , ISP:
2916|_[ + ] Found:: UNIDENTIFIED
2917
2918 _[ - ]::--------------------------------------------------------------------------------------------------------------
2919|_[ + ] [ 60 / 100 ]-[01:29:40] [ - ]
2920|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I94p2.689671. ]
2921|_[ + ] Exploit::
2922|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2923|_[ + ] More details:: / - / , ISP:
2924|_[ + ] Found:: UNIDENTIFIED
2925
2926 _[ - ]::--------------------------------------------------------------------------------------------------------------
2927|_[ + ] [ 61 / 100 ]-[01:29:41] [ - ]
2928|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I83p3.673009. ]
2929|_[ + ] Exploit::
2930|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2931|_[ + ] More details:: / - / , ISP:
2932|_[ + ] Found:: UNIDENTIFIED
2933
2934 _[ - ]::--------------------------------------------------------------------------------------------------------------
2935|_[ + ] [ 62 / 100 ]-[01:29:42] [ - ]
2936|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I87p3.699054. ]
2937|_[ + ] Exploit::
2938|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2939|_[ + ] More details:: / - / , ISP:
2940|_[ + ] Found:: UNIDENTIFIED
2941
2942 _[ - ]::--------------------------------------------------------------------------------------------------------------
2943|_[ + ] [ 63 / 100 ]-[01:29:43] [ - ]
2944|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I65p1.530194. ]
2945|_[ + ] Exploit::
2946|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2947|_[ + ] More details:: / - / , ISP:
2948|_[ + ] Found:: UNIDENTIFIED
2949
2950 _[ - ]::--------------------------------------------------------------------------------------------------------------
2951|_[ + ] [ 64 / 100 ]-[01:29:44] [ - ]
2952|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I60p1.725470. ]
2953|_[ + ] Exploit::
2954|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2955|_[ + ] More details:: / - / , ISP:
2956|_[ + ] Found:: UNIDENTIFIED
2957
2958 _[ - ]::--------------------------------------------------------------------------------------------------------------
2959|_[ + ] [ 65 / 100 ]-[01:29:45] [ - ]
2960|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I6p1.683626. ]
2961|_[ + ] Exploit::
2962|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2963|_[ + ] More details:: / - / , ISP:
2964|_[ + ] Found:: UNIDENTIFIED
2965
2966 _[ - ]::--------------------------------------------------------------------------------------------------------------
2967|_[ + ] [ 66 / 100 ]-[01:29:45] [ - ]
2968|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=47.000.i77p1.728319. ]
2969|_[ + ] Exploit::
2970|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2971|_[ + ] More details:: / - / , ISP:
2972|_[ + ] Found:: UNIDENTIFIED
2973
2974 _[ - ]::--------------------------------------------------------------------------------------------------------------
2975|_[ + ] [ 67 / 100 ]-[01:29:46] [ - ]
2976|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I80p3.687706. ]
2977|_[ + ] Exploit::
2978|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2979|_[ + ] More details:: / - / , ISP:
2980|_[ + ] Found:: UNIDENTIFIED
2981
2982 _[ - ]::--------------------------------------------------------------------------------------------------------------
2983|_[ + ] [ 68 / 100 ]-[01:29:47] [ - ]
2984|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=55.000.I5p1.682704. ]
2985|_[ + ] Exploit::
2986|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2987|_[ + ] More details:: / - / , ISP:
2988|_[ + ] Found:: UNIDENTIFIED
2989
2990 _[ - ]::--------------------------------------------------------------------------------------------------------------
2991|_[ + ] [ 69 / 100 ]-[01:29:47] [ - ]
2992|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I74p1.676392. ]
2993|_[ + ] Exploit::
2994|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
2995|_[ + ] More details:: / - / , ISP:
2996|_[ + ] Found:: UNIDENTIFIED
2997
2998 _[ - ]::--------------------------------------------------------------------------------------------------------------
2999|_[ + ] [ 70 / 100 ]-[01:29:48] [ - ]
3000|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I27p1.641590. ]
3001|_[ + ] Exploit::
3002|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3003|_[ + ] More details:: / - / , ISP:
3004|_[ + ] Found:: UNIDENTIFIED
3005
3006 _[ - ]::--------------------------------------------------------------------------------------------------------------
3007|_[ + ] [ 71 / 100 ]-[01:29:49] [ - ]
3008|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=49.000.i28p1.729394. ]
3009|_[ + ] Exploit::
3010|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3011|_[ + ] More details:: / - / , ISP:
3012|_[ + ] Found:: UNIDENTIFIED
3013
3014 _[ - ]::--------------------------------------------------------------------------------------------------------------
3015|_[ + ] [ 72 / 100 ]-[01:29:50] [ - ]
3016|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I84p1.618073. ]
3017|_[ + ] Exploit::
3018|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3019|_[ + ] More details:: / - / , ISP:
3020|_[ + ] Found:: UNIDENTIFIED
3021
3022 _[ - ]::--------------------------------------------------------------------------------------------------------------
3023|_[ + ] [ 73 / 100 ]-[01:29:51] [ - ]
3024|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I96p1.657315. ]
3025|_[ + ] Exploit::
3026|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3027|_[ + ] More details:: / - / , ISP:
3028|_[ + ] Found:: UNIDENTIFIED
3029
3030 _[ - ]::--------------------------------------------------------------------------------------------------------------
3031|_[ + ] [ 74 / 100 ]-[01:29:51] [ - ]
3032|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I34p1.726841. ]
3033|_[ + ] Exploit::
3034|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3035|_[ + ] More details:: / - / , ISP:
3036|_[ + ] Found:: UNIDENTIFIED
3037
3038 _[ - ]::--------------------------------------------------------------------------------------------------------------
3039|_[ + ] [ 75 / 100 ]-[01:29:52] [ - ]
3040|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=55.000.I8p1.728662. ]
3041|_[ + ] Exploit::
3042|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3043|_[ + ] More details:: / - / , ISP:
3044|_[ + ] Found:: UNIDENTIFIED
3045
3046 _[ - ]::--------------------------------------------------------------------------------------------------------------
3047|_[ + ] [ 76 / 100 ]-[01:29:53] [ - ]
3048|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=54.000.I24p1.729125. ]
3049|_[ + ] Exploit::
3050|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3051|_[ + ] More details:: / - / , ISP:
3052|_[ + ] Found:: UNIDENTIFIED
3053
3054 _[ - ]::--------------------------------------------------------------------------------------------------------------
3055|_[ + ] [ 77 / 100 ]-[01:29:53] [ - ]
3056|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I78p2.723827. ]
3057|_[ + ] Exploit::
3058|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3059|_[ + ] More details:: / - / , ISP:
3060|_[ + ] Found:: UNIDENTIFIED
3061
3062 _[ - ]::--------------------------------------------------------------------------------------------------------------
3063|_[ + ] [ 78 / 100 ]-[01:29:54] [ - ]
3064|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I5p1.680919. ]
3065|_[ + ] Exploit::
3066|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3067|_[ + ] More details:: / - / , ISP:
3068|_[ + ] Found:: UNIDENTIFIED
3069
3070 _[ - ]::--------------------------------------------------------------------------------------------------------------
3071|_[ + ] [ 79 / 100 ]-[01:29:55] [ - ]
3072|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I83p1.659542. ]
3073|_[ + ] Exploit::
3074|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3075|_[ + ] More details:: / - / , ISP:
3076|_[ + ] Found:: UNIDENTIFIED
3077
3078 _[ - ]::--------------------------------------------------------------------------------------------------------------
3079|_[ + ] [ 80 / 100 ]-[01:29:56] [ - ]
3080|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I4p1.676210. ]
3081|_[ + ] Exploit::
3082|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3083|_[ + ] More details:: / - / , ISP:
3084|_[ + ] Found:: UNIDENTIFIED
3085
3086 _[ - ]::--------------------------------------------------------------------------------------------------------------
3087|_[ + ] [ 81 / 100 ]-[01:29:56] [ - ]
3088|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I25p1.681545. ]
3089|_[ + ] Exploit::
3090|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3091|_[ + ] More details:: / - / , ISP:
3092|_[ + ] Found:: UNIDENTIFIED
3093
3094 _[ - ]::--------------------------------------------------------------------------------------------------------------
3095|_[ + ] [ 82 / 100 ]-[01:29:57] [ - ]
3096|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I5p1.727799. ]
3097|_[ + ] Exploit::
3098|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3099|_[ + ] More details:: / - / , ISP:
3100|_[ + ] Found:: UNIDENTIFIED
3101
3102 _[ - ]::--------------------------------------------------------------------------------------------------------------
3103|_[ + ] [ 83 / 100 ]-[01:29:58] [ - ]
3104|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I49p1.679471. ]
3105|_[ + ] Exploit::
3106|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3107|_[ + ] More details:: / - / , ISP:
3108|_[ + ] Found:: UNIDENTIFIED
3109
3110 _[ - ]::--------------------------------------------------------------------------------------------------------------
3111|_[ + ] [ 84 / 100 ]-[01:29:58] [ - ]
3112|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I36p3.593673. ]
3113|_[ + ] Exploit::
3114|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3115|_[ + ] More details:: / - / , ISP:
3116|_[ + ] Found:: UNIDENTIFIED
3117
3118 _[ - ]::--------------------------------------------------------------------------------------------------------------
3119|_[ + ] [ 85 / 100 ]-[01:29:59] [ - ]
3120|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I86p3.716698. ]
3121|_[ + ] Exploit::
3122|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3123|_[ + ] More details:: / - / , ISP:
3124|_[ + ] Found:: UNIDENTIFIED
3125
3126 _[ - ]::--------------------------------------------------------------------------------------------------------------
3127|_[ + ] [ 86 / 100 ]-[01:30:00] [ - ]
3128|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I106p1.678248. ]
3129|_[ + ] Exploit::
3130|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3131|_[ + ] More details:: / - / , ISP:
3132|_[ + ] Found:: UNIDENTIFIED
3133
3134 _[ - ]::--------------------------------------------------------------------------------------------------------------
3135|_[ + ] [ 87 / 100 ]-[01:30:01] [ - ]
3136|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I4p1.724121. ]
3137|_[ + ] Exploit::
3138|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3139|_[ + ] More details:: / - / , ISP:
3140|_[ + ] Found:: UNIDENTIFIED
3141
3142 _[ - ]::--------------------------------------------------------------------------------------------------------------
3143|_[ + ] [ 88 / 100 ]-[01:30:01] [ - ]
3144|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I71p1.622088. ]
3145|_[ + ] Exploit::
3146|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3147|_[ + ] More details:: / - / , ISP:
3148|_[ + ] Found:: UNIDENTIFIED
3149
3150 _[ - ]::--------------------------------------------------------------------------------------------------------------
3151|_[ + ] [ 89 / 100 ]-[01:30:02] [ - ]
3152|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I80p3.715068. ]
3153|_[ + ] Exploit::
3154|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3155|_[ + ] More details:: / - / , ISP:
3156|_[ + ] Found:: UNIDENTIFIED
3157
3158 _[ - ]::--------------------------------------------------------------------------------------------------------------
3159|_[ + ] [ 90 / 100 ]-[01:30:03] [ - ]
3160|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=52.000.I75p1.715967. ]
3161|_[ + ] Exploit::
3162|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3163|_[ + ] More details:: / - / , ISP:
3164|_[ + ] Found:: UNIDENTIFIED
3165
3166 _[ - ]::--------------------------------------------------------------------------------------------------------------
3167|_[ + ] [ 91 / 100 ]-[01:30:04] [ - ]
3168|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I2p1.666946. ]
3169|_[ + ] Exploit::
3170|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3171|_[ + ] More details:: / - / , ISP:
3172|_[ + ] Found:: UNIDENTIFIED
3173
3174 _[ - ]::--------------------------------------------------------------------------------------------------------------
3175|_[ + ] [ 92 / 100 ]-[01:30:05] [ - ]
3176|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I8p1.677002. ]
3177|_[ + ] Exploit::
3178|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3179|_[ + ] More details:: / - / , ISP:
3180|_[ + ] Found:: UNIDENTIFIED
3181
3182 _[ - ]::--------------------------------------------------------------------------------------------------------------
3183|_[ + ] [ 93 / 100 ]-[01:30:05] [ - ]
3184|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=54.000.I35p1.685272. ]
3185|_[ + ] Exploit::
3186|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3187|_[ + ] More details:: / - / , ISP:
3188|_[ + ] Found:: UNIDENTIFIED
3189
3190 _[ - ]::--------------------------------------------------------------------------------------------------------------
3191|_[ + ] [ 94 / 100 ]-[01:30:06] [ - ]
3192|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=51.000.I107p2.723876. ]
3193|_[ + ] Exploit::
3194|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3195|_[ + ] More details:: / - / , ISP:
3196|_[ + ] Found:: UNIDENTIFIED
3197
3198 _[ - ]::--------------------------------------------------------------------------------------------------------------
3199|_[ + ] [ 95 / 100 ]-[01:30:07] [ - ]
3200|_[ + ] Target:: [ http://boysmaster.com/x.xxx?p=55.000.I2p1.707624. ]
3201|_[ + ] Exploit::
3202|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3203|_[ + ] More details:: / - / , ISP:
3204|_[ + ] Found:: UNIDENTIFIED
3205
3206 _[ - ]::--------------------------------------------------------------------------------------------------------------
3207|_[ + ] [ 96 / 100 ]-[01:30:08] [ - ]
3208|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I8p2.714467. ]
3209|_[ + ] Exploit::
3210|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3211|_[ + ] More details:: / - / , ISP:
3212|_[ + ] Found:: UNIDENTIFIED
3213
3214 _[ - ]::--------------------------------------------------------------------------------------------------------------
3215|_[ + ] [ 97 / 100 ]-[01:30:08] [ - ]
3216|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I70p1.704667. ]
3217|_[ + ] Exploit::
3218|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3219|_[ + ] More details:: / - / , ISP:
3220|_[ + ] Found:: UNIDENTIFIED
3221
3222 _[ - ]::--------------------------------------------------------------------------------------------------------------
3223|_[ + ] [ 98 / 100 ]-[01:30:09] [ - ]
3224|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=55.000.I6p1.711093. ]
3225|_[ + ] Exploit::
3226|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3227|_[ + ] More details:: / - / , ISP:
3228|_[ + ] Found:: UNIDENTIFIED
3229
3230 _[ - ]::--------------------------------------------------------------------------------------------------------------
3231|_[ + ] [ 99 / 100 ]-[01:30:10] [ - ]
3232|_[ + ] Target:: [ http://www.boysmaster.com/x.xxx?p=53.000.I70p2.723409. ]
3233|_[ + ] Exploit::
3234|_[ + ] Information Server:: HTTP/1.1 500 Internal Server Error, Server: nginx/1.14.0 , IP:169.47.149.241:80
3235|_[ + ] More details:: / - / , ISP:
3236|_[ + ] Found:: UNIDENTIFIED
3237
3238[ INFO ] [ Shutting down ]
3239[ INFO ] [ End of process INURLBR at [11-02-2020 01:30:10]
3240[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 12 ]
3241[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/boysmaster.com/output/inurlbr-boysmaster.com ]
3242|_________________________________________________________________________________________
3243http://www.boysmaster.com/
3244http://www.boysmaster.com/main3.html
3245http://www.boysmaster.com/main2.html
3246http://www.boysmaster.com/?allboysnude.com
3247http://www.boysmaster.com/?virginboys.net
3248http://www.boysmaster.com/?tenderboys.net
3249http://www.boysmaster.com/?gayz.us
3250http://www.boysmaster.com/?x=6236.
3251http://www.boysmaster.com/?innocent-boys.com
3252http://boysmaster.com/?free-pics-tgp.com
3253http://www.boysmaster.com/?referer=www.domainratio.com
3254http://www.boysmaster.com/?sms_ss=twitter&at_xt=4d10064190eec00d
3255
3256\_________________________________________________________________________________________/
3257####################################################################################################################################
3258Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:30 EST
3259NSE: Loaded 57 scripts for scanning.
3260NSE: Script Pre-scanning.
3261Initiating NSE at 01:30
3262Completed NSE at 01:30, 0.00s elapsed
3263Initiating NSE at 01:30
3264Completed NSE at 01:30, 0.00s elapsed
3265Initiating Parallel DNS resolution of 1 host. at 01:30
3266Completed Parallel DNS resolution of 1 host. at 01:30, 0.02s elapsed
3267Initiating SYN Stealth Scan at 01:30
3268Scanning boysmaster.com (169.47.149.241) [1 port]
3269Discovered open port 3306/tcp on 169.47.149.241
3270Completed SYN Stealth Scan at 01:30, 0.08s elapsed (1 total ports)
3271Initiating Service scan at 01:30
3272Scanning 1 service on boysmaster.com (169.47.149.241)
3273Completed Service scan at 01:30, 0.15s elapsed (1 service on 1 host)
3274Initiating OS detection (try #1) against boysmaster.com (169.47.149.241)
3275Retrying OS detection (try #2) against boysmaster.com (169.47.149.241)
3276Initiating Traceroute at 01:30
3277Completed Traceroute at 01:30, 0.19s elapsed
3278Initiating Parallel DNS resolution of 14 hosts. at 01:30
3279Completed Parallel DNS resolution of 14 hosts. at 01:30, 0.21s elapsed
3280NSE: Script scanning 169.47.149.241.
3281Initiating NSE at 01:30
3282Completed NSE at 01:31, 90.97s elapsed
3283Initiating NSE at 01:31
3284Completed NSE at 01:31, 0.00s elapsed
3285Nmap scan report for boysmaster.com (169.47.149.241)
3286Host is up (0.080s latency).
3287rDNS record for 169.47.149.241: f1.95.2fa9.ip4.static.sl-reverse.com
3288
3289PORT STATE SERVICE VERSION
32903306/tcp open mysql MySQL (unauthorized)
3291|_mysql-empty-password: Host '104.245.144.137' is not allowed to connect to this MySQL server
3292| mysql-enum:
3293| Accounts: No valid accounts found
3294|_ Statistics: Performed 10 guesses in 1 seconds, average tps: 10.0
3295|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
3296Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3297Aggressive OS guesses: FreeBSD 11.0-RELEASE (95%), FreeBSD 11.0-STABLE (95%), FreeBSD 11.0-RELEASE - 12.0-CURRENT (93%), FreeBSD 8.2-STABLE (90%), FreeBSD 11.0-CURRENT (89%), Vodavi XTS-IP PBX (89%), FreeBSD 7.0-RELEASE (88%), FreeBSD 7.0-STABLE (88%), Crestron XPanel control system (87%), OpenBSD 4.0 (x86) (87%)
3298No exact OS matches for host (test conditions non-ideal).
3299Uptime guess: 0.001 days (since Tue Feb 11 01:30:16 2020)
3300Network Distance: 17 hops
3301TCP Sequence Prediction: Difficulty=260 (Good luck!)
3302IP ID Sequence Generation: All zeros
3303
3304TRACEROUTE (using port 3306/tcp)
3305HOP RTT ADDRESS
33061 57.99 ms 10.247.204.1
33072 58.01 ms R43.static.amanah.com (104.245.144.129)
33083 58.04 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
33094 58.04 ms toro-b3-link.telia.net (62.115.187.238)
33105 58.06 ms toro-b1-link.telia.net (62.115.116.181)
33116 98.61 ms ae-4.bar4.Toronto1.Level3.net (4.68.38.245)
33127 129.93 ms ae-0-11.bar1.Toronto1.Level3.net (4.69.151.241)
33138 130.00 ms 4.16.48.14
33149 129.98 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129)
331510 130.00 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
331611 130.00 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
331712 130.00 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129)
331813 130.02 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
331914 130.00 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
332015 130.00 ms po1004.fcr03a.wdc04.networklayer.com (169.55.118.207)
332116 51.30 ms 8d.76.3fa9.ip4.static.sl-reverse.com (169.63.118.141)
332217 58.05 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
3323
3324NSE: Script Post-scanning.
3325Initiating NSE at 01:31
3326Completed NSE at 01:31, 0.00s elapsed
3327Initiating NSE at 01:31
3328Completed NSE at 01:31, 0.00s elapsed
3329####################################################################################################################################
3330+-----------------+--------------------------------------+------------------------------------------------+----------+----------+
3331| App Name | URL to Application | Potential Exploit | Username | Password |
3332+-----------------+--------------------------------------+------------------------------------------------+----------+----------+
3333| Linksys WRT54GL | http://169.47.149.241:9999/apply.cgi | ./auxiliary/admin/http/linksys_wrt54gl_exec.rb | | |
3334+-----------------+--------------------------------------+------------------------------------------------+----------+----------+
3335###################################################################################################################################
3336Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:30 EST
3337Nmap scan report for f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
3338Host is up (0.071s latency).
3339Not shown: 991 closed ports
3340PORT STATE SERVICE VERSION
334119/tcp filtered chargen
334222/tcp open ssh?
334353/tcp open domain ISC BIND 9.11.4-P2
3344| vulscan: VulDB - https://vuldb.com:
3345| [129818] ISC BIND up to 9.11.4/9.12.2 DDNS privilege escalation
3346| [129803] ISC BIND up to 9.11.1 Response Policy Zone Query Loop denial of service
3347| [129802] ISC BIND up to 9.11.0-P1 nxdomain-redirect Query Assertion denial of service
3348| [102965] ISC BIND up to 9.11.1-P1 TSIG weak authentication
3349| [102964] ISC BIND up to 9.11.1-P1 TSIG weak authentication
3350| [99868] ISC BIND up to 9.11.1rc2 Control Channel Crash denial of service
3351| [99867] ISC BIND up to 9.11.1rc1 DNS64 State Crash denial of service
3352| [99866] ISC BIND up to 9.11.1rc1 CNAME/DNAME Crash denial of service
3353| [96827] ISC BIND up to 9.11.1b1 RPZ/DNS64 State Error NULL Pointer Dereference denial of service
3354|
3355| MITRE CVE - https://cve.mitre.org:
3356| [CVE-2007-0494] ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
3357| [CVE-2013-4869] Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service in Cisco Unified Presence Server through 9.1(2) use the same CTI and database-encryption key across different customers' installations, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key, aka Bug IDs CSCsc69187 and CSCui01756. NOTE: the vendor has provided a statement that the "hard-coded static encryption key is considered a hardening issue rather than a vulnerability, and as such, has a CVSS score of 0/0."
3358| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
3359| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
3360| [CVE-2013-3434] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242.
3361| [CVE-2013-3433] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.
3362| [CVE-2013-3412] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.
3363| [CVE-2013-3404] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.
3364| [CVE-2013-3403] Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454.
3365| [CVE-2013-3402] An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440.
3366| [CVE-2013-3382] The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.
3367| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
3368| [CVE-2013-1150] The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590.
3369| [CVE-2013-1139] The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.
3370| [CVE-2013-1137] Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
3371| [CVE-2013-1134] The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.
3372| [CVE-2013-0149] The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795.
3373| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
3374| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
3375| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
3376| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
3377| [CVE-2012-3868] Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
3378| [CVE-2012-3817] ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2
3379| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
3380| [CVE-2012-1328] Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237.
3381| [CVE-2012-1033] The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
3382| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
3383| [CVE-2011-5184] Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover
3384| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
3385| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
3386| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
3387| [CVE-2011-1910] Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
3388| [CVE-2011-1907] ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
3389| [CVE-2011-0414] ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
3390| [CVE-2010-3762] ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.
3391| [CVE-2010-3615] named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
3392| [CVE-2010-3614] named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
3393| [CVE-2010-3613] named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.
3394| [CVE-2010-0382] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022.
3395| [CVE-2010-0290] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.
3396| [CVE-2010-0218] ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.
3397| [CVE-2010-0097] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
3398| [CVE-2009-4022] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
3399| [CVE-2009-2028] Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."
3400| [CVE-2009-1905] The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.
3401| [CVE-2009-0696] The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
3402| [CVE-2009-0265] Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
3403| [CVE-2008-4163] Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.
3404| [CVE-2008-0122] Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
3405| [CVE-2007-2926] ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
3406| [CVE-2007-2925] The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
3407| [CVE-2007-2241] Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.
3408| [CVE-2007-0493] Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."
3409| [CVE-2002-2037] The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
3410| [CVE-2002-0400] ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.
3411| [CVE-2001-0497] dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
3412| [CVE-2000-0855] SunFTP build 9(1) allows remote attackers to cause a denial of service by connecting to the server and disconnecting before sending a newline.
3413| [CVE-2000-0368] Classic Cisco IOS 9.1 and later allows attackers with access to the loging prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
3414| [CVE-1999-1466] Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
3415| [CVE-1999-1306] Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
3416| [CVE-1999-1216] Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
3417|
3418| SecurityFocus - https://www.securityfocus.com/bid/:
3419| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
3420| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
3421| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
3422| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
3423| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
3424| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
3425| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
3426| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
3427| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
3428| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
3429| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
3430| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
3431| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
3432| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
3433| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
3434| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
3435| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
3436| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
3437| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
3438| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
3439| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
3440| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
3441| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
3442| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
3443| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
3444| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
3445| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
3446| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
3447| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
3448| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
3449| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
3450| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
3451| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
3452| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
3453| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
3454| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
3455| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
3456| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
3457| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
3458| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
3459| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
3460| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
3461| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
3462| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
3463| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
3464| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
3465| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
3466| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
3467| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
3468| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
3469| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
3470| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
3471| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
3472| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
3473| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
3474| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
3475| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
3476| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
3477| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
3478| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
3479| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
3480| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
3481| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
3482| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
3483| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
3484| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
3485| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
3486| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
3487| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
3488| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
3489| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
3490| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
3491| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
3492| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
3493|
3494| IBM X-Force - https://exchange.xforce.ibmcloud.com:
3495| [85799] Cisco Unified IP Phones 9900 Series directory traversal
3496| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
3497| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
3498| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
3499| [9250] BIND 9 dns_message_findtype() denial of service
3500| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
3501| [539] Microsoft Windows 95 and Internet Explorer password disclosure
3502| [86004] ISC BIND RDATA denial of service
3503| [84767] ISC BIND denial of service
3504| [83066] ISC BIND denial of service
3505| [81504] ISC BIND AAAA denial of service
3506| [80510] ISC BIND DNS64 denial of service
3507| [79121] ISC BIND queries denial of service
3508| [78479] ISC BIND RDATA denial of service
3509| [77185] ISC BIND TCP queries denial of service
3510| [77184] ISC BIND bad cache denial of service
3511| [76034] ISC BIND rdata denial of service
3512| [73053] ISC BIND cache update policy security bypass
3513| [71332] ISC BIND recursive queries denial of service
3514| [68375] ISC BIND UPDATE denial of service
3515| [68374] ISC BIND Response Policy Zones denial of service
3516| [67665] ISC BIND RRSIG Rrsets denial of service
3517| [67297] ISC BIND RRSIG denial of service
3518| [65554] ISC BIND IXFR transfer denial of service
3519| [63602] ISC BIND allow-query security bypass
3520| [63596] ISC BIND zone data security bypass
3521| [63595] ISC BIND RRSIG denial of service
3522| [62072] ISC BIND DNSSEC query denial of service
3523| [62071] ISC BIND ACL security bypass
3524| [61871] ISC BIND anchors denial of service
3525| [60421] ISC BIND RRSIG denial of service
3526| [56049] ISC BIND out-of-bailiwick weak security
3527| [55937] ISC Bind unspecified cache poisoning
3528| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
3529| [54416] ISC BIND DNSSEC cache poisoning
3530| [52073] ISC BIND dns_db_findrdataset() denial of service
3531| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
3532| [45234] ISC BIND UDP denial of service
3533| [39670] ISC BIND inet_network buffer overflow
3534| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
3535| [37128] RHSA update for ISC BIND RRset denial of service not installed
3536| [37127] RHSA update for ISC BIND named service denial of service not installed
3537| [36275] ISC BIND DNS query spoofing
3538| [35575] ISC BIND query ID cache poisoning
3539| [35571] ISC BIND ACL security bypass
3540| [31838] ISC BIND RRset denial of service
3541| [31799] ISC BIND named service denial of service
3542| [29876] HP Tru64 ypbind core dump information disclosure
3543| [28745] ISC BIND DNSSEC RRset denial of service
3544| [28744] ISC BIND recursive INSIST denial of service
3545| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
3546| [18836] BIND hostname disclosure
3547| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
3548| [10333] ISC BIND SIG null pointer dereference denial of service
3549| [10332] ISC BIND OPT resource record (RR) denial of service
3550| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
3551| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
3552| [5814] ISC BIND "
3553| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
3554| [5462] ISC BIND AXFR host command remote buffer overflow
3555|
3556| Exploit-DB - https://www.exploit-db.com:
3557| [25305] ColdFusion 9-10 - Credential Disclosure Exploit
3558| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
3559| [24689] cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure
3560| [23059] Netbula Anyboard 9.9.5 6 Information Disclosure Vulnerability
3561| [21812] MS Word 95/97/98/2000/2002 INCLUDEPICTURE Document Sharing File Disclosure
3562| [21764] MS Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure
3563| [19877] FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure
3564| [17376] Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability
3565| [13448] linux/x86 portbind port 5074 92 bytes
3566| [13388] linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes
3567| [13360] linux/x86 setuid/portbind shellcode 96 bytes
3568| [13245] bsd/x86 setuid/portbind shellcode 94 bytes
3569| [10638] Web Wiz Forums 9.64 - Database Disclosure Vulnerability
3570| [6775] Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
3571| [6236] BIND 9.5.0-P2 (randomized ports) Remote DNS Cache Poisoning Exploit
3572| [6130] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
3573| [6123] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
3574| [6122] BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)
3575| [4292] Diskeeper 9 Remote Memory Disclosure Exploit
3576| [4266] BIND 9 0.3beta - DNS Cache Poisoning Exploit
3577|
3578| OpenVAS (Nessus) - http://www.openvas.org:
3579| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
3580| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
3581| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
3582| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
3583| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
3584| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
3585| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
3586| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
3587| [11226] Oracle 9iAS default error information disclosure
3588|
3589| SecurityTracker - https://www.securitytracker.com:
3590| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
3591| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
3592| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
3593| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
3594| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
3595| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3596| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3597| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3598| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3599| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3600| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3601| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3602| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3603| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3604| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
3605| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
3606| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
3607| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
3608| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
3609| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
3610| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
3611| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
3612| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
3613| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
3614| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
3615| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
3616|
3617| OSVDB - http://www.osvdb.org:
3618| [95373] Cisco Unified IP Phones 9900 Series Serviceability Servlet Path Value Handling Arbitrary File Access
3619| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
3620| [76009] Cisco IOS DLSw FST IP Protocol 91 Packet Memory Leak Remote DoS
3621| [73985] Cisco ASR 9000 Series Line Card IPv4 Packet Parsing Remote DoS
3622| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
3623| [34520] Cisco Linksys Multiple Router UDP 916 Remote Information Disclosure
3624| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
3625| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
3626| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
3627| [18220] Oracle 9iAS httpd.confg /perl Location Alias Arbitrary CGI File Script Disclosure
3628| [18218] Oracle 9iAS echo2 Sample Application Information Disclosure
3629| [18217] Oracle 9iAS echo Sample Application Information Disclosure
3630| [18216] Oracle 9iAS printenv Sample Application Information Disclosure
3631| [18215] Oracle 9iAS info.jsp Sample Application Information Disclosure
3632| [6674] Microsoft Office 98 for Macintosh Disk Space Information Disclosure
3633| [3108] Microsoft Office 98 Macintosh Information Disclosure
3634| [1146] Microsoft Windows 9x Credential Cache Cleartext Password Disclosure
3635| [665] Microsoft Windows 95 Online Registration Information Disclosure
3636| [95707] ISC BIND rdata.c RFC 5011 Implementation Malformed RDATA Section Handling Remote DoS
3637| [93913] ISC BIND Recursive Resolver resolver.c Malformed Zone Query Handling Remote DoS
3638| [91712] ISC BIND Crafted Regular Expression Handling Memory Exhaustion Remote DoS
3639| [89584] ISC BIND DNS64 Nameserver Response Policy Zone (RPZ) AAAA Record Query Remapping Remote DoS
3640| [89401] Foswiki LocalSite.cfg LDAP BindPassword Plaintext Local Disclosure
3641| [88126] ISC BIND DNS64 IPv6 Transition Mechanism DNS Query Parsing Remote DoS
3642| [86118] ISC BIND Nameserver RDATA Record Query Parsing Remote DoS
3643| [85417] ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS
3644| [84229] ISC BIND Memory Leak TCP Query Parsing ns_client Object Out-of-memory Remote DoS
3645| [84228] ISC BIND Query Handling Bad Cache Data Structure Assertion Remote DoS
3646| [82609] ISC BIND named DNS Resource Record Zero Length Rdata Handling Remote Information Disclosure
3647| [78916] ISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness
3648| [77159] ISC BIND Recursive Query Parsing Remote DoS
3649| [73605] ISC BIND UPDATE Request Parsing Remote DoS
3650| [73604] ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS
3651| [72540] ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS
3652| [72539] ISC BIND Authoritative Server Crafted IXFR / DDNS Query Update Deadlock DoS
3653| [72172] ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS
3654| [69568] ISC BIND named allow-query ACL Restriction Bypass
3655| [69559] ISC BIND named Key Algorithm Rollover Weakness
3656| [69558] ISC BIND named RRSIG Negative Caching DoS
3657| [68271] ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS
3658| [68270] ISC BIND ACL Application Weakness Cache Recursion Access Restriction Bypass
3659| [66395] ISC BIND RRSIG Requests Infinite Loop DoS
3660| [63373] Apple Mac OS X Server Admin Authenticated Directory Binding Handling Unspecified Open Directory Information Disclosure
3661| [62008] ISC BIND Secure Response Refetch Weakness Unspecified Issue
3662| [62007] ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning
3663| [61853] ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning
3664| [60493] ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning
3665| [59272] ISC BIND named Multiple Symlink Arbitrary File Overwrite
3666| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
3667| [57060] ISC BIND DNS Message Malformed TSIG Remote DoS
3668| [56584] ISC BIND Dynamic Update Message Handling Remote DoS
3669| [56411] GNU wget DNS Rebinding Information Disclosure Weakness
3670| [53115] ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Weakness
3671| [48243] ISC BIND for Windows UDP Client Handler Remote DoS
3672| [46776] ISC BIND DNS Query ID Field Prediction Cache Poisoning
3673| [42655] ISC BIND on Red Hat Linux /etc/rndc.key Insecure File Permission Local named Manipulation
3674| [41211] ISC BIND libbind inet_network() Function Off-By-One Memory Corruption
3675| [40935] ISC BIND on SUSE Linux Enterprise Server libgssapi named GSS-TSIG Request Remote DoS
3676| [37301] ISC BIND Signed Zone Signature Verification Remote DoS
3677| [36796] ISC BIND Outgoing Query Predictable DNS Query ID
3678| [36236] ISC BIND allow-query-cache/allow-recursion ACL Bypass
3679| [36235] ISC BIND Predictable DNS Query IDs Cache Poisoning
3680| [34753] ISC BIND stub Resolver libbind Crafted Query Remote DoS
3681| [34752] ISC BIND so_linger Remote DoS
3682| [34751] ISC BIND Malformed SIG Record Remote DoS
3683| [34750] ISC BIND Malformed NAPTR Record Local DoS
3684| [34749] ISC BIND named maxdname DoS
3685| [34748] ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
3686| [31923] ISC BIND Crafted ANY Request Response Multiple RRsets DoS
3687| [31922] ISC BIND Unspecified Freed Fetch Context Dereference DoS
3688| [28558] ISC BIND Recursive Query Saturation DoS
3689| [28557] ISC BIND SIG Query Multiple RRsets Response DoS
3690| [25895] ISC BIND Cached Recursive Query DoS
3691| [24263] Samba winbindd Debug Log Server Credentials Local Disclosure
3692| [21353] BindView NetInventory HOSTCFG._NI Deletion Cleartext Password Disclosure
3693| [14878] ISC BIND rdataset Parameter Malformed DNS Packet DoS
3694| [14877] ISC BIND stub Resolver Libraries Malformed DNS Response DoS
3695| [14795] ISC BIND TSIG Handling Code Remote Overflow
3696| [14432] ISC BIND Multiple DNS Resolver Functions Remote Overflow
3697| [13752] ISC BIND host Command AXFR Response Remote Overflow
3698| [13176] ISC BIND q_usedns Array Remote Overflow DoS
3699| [13175] ISC BIND dnssec authvalidated Crafted Packet Remote DoS
3700| [9736] ISC BIND fdmax File Descriptor Consumption DoS
3701| [9735] ISC BIND -DALLOW_UPDATES Option Remote Record Modification
3702| [9734] ISC BIND CNAME Record Zone Transfer DoS
3703| [9733] ISC BIND Malformed DNS Message DoS
3704| [9725] ISC BIND SIG RR Elements Invalid Expirty Times DoS
3705| [9724] ISC BIND OPT Resource Record Large UDP Payload DoS
3706| [9723] Multiple Vendor LDAP Server NULL Bind Connection Information Disclosure
3707| [8330] ISC BIND DNS stub resolver (libresolv.a) DNS Response Overflow
3708| [7990] ISC BIND gethostbyname() DNS Handling Remote Overflow
3709| [5828] ISC BIND named SRV Remote DoS
3710| [5609] ISC BIND dnskeygen HMAC-MD5 Shared Secret Key File Disclosure
3711| [2866] ISC BIND Negative Record Cache Poisoning
3712| [1751] ISC BIND Environment Variable Information Disclosure
3713| [1747] ISC BIND 4 nslookupComplain() Remote Format String
3714| [1746] ISC BIND 4 nslookupComplain() Remote Overflow
3715| [913] ISC BIND Inverse-Query Remote Overflow
3716| [869] ISC BIND named SIG Resource Server Response RR Overflow
3717| [448] ISC BIND Compressed ZXFR Name Service Query Remote DoS
3718| [438] ISC BIND Predictable Query ID DNS Cache Poisoning
3719| [24] ISC BIND NXT Record Overflow
3720|_
372180/tcp open http nginx 1.14.0
3722|_http-server-header: nginx/1.14.0
3723| vulscan: VulDB - https://vuldb.com:
3724| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
3725| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
3726| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
3727|
3728| MITRE CVE - https://cve.mitre.org:
3729| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
3730| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
3731| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
3732| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
3733| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
3734| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
3735|
3736| SecurityFocus - https://www.securityfocus.com/bid/:
3737| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
3738| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
3739| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
3740| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
3741| [82230] nginx Multiple Denial of Service Vulnerabilities
3742| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
3743| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
3744| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
3745| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
3746| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
3747| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
3748| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
3749| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
3750| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
3751| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
3752| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
3753| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
3754| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
3755| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
3756| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
3757| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
3758| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
3759| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
3760| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
3761| [40420] nginx Directory Traversal Vulnerability
3762| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
3763| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
3764| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
3765| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
3766| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
3767|
3768| IBM X-Force - https://exchange.xforce.ibmcloud.com:
3769| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
3770| [84172] nginx denial of service
3771| [84048] nginx buffer overflow
3772| [83923] nginx ngx_http_close_connection() integer overflow
3773| [83688] nginx null byte code execution
3774| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
3775| [82319] nginx access.log information disclosure
3776| [80952] nginx SSL spoofing
3777| [77244] nginx and Microsoft Windows request security bypass
3778| [76778] Naxsi module for Nginx nx_extract.py directory traversal
3779| [74831] nginx ngx_http_mp4_module.c buffer overflow
3780| [74191] nginx ngx_cpystrn() information disclosure
3781| [74045] nginx header response information disclosure
3782| [71355] nginx ngx_resolver_copy() buffer overflow
3783| [59370] nginx characters denial of service
3784| [59369] nginx DATA source code disclosure
3785| [59047] nginx space source code disclosure
3786| [58966] nginx unspecified directory traversal
3787| [54025] nginx ngx_http_parse.c denial of service
3788| [53431] nginx WebDAV component directory traversal
3789| [53328] Nginx CRC-32 cached domain name spoofing
3790| [53250] Nginx ngx_http_parse_complex_uri() function code execution
3791|
3792| Exploit-DB - https://www.exploit-db.com:
3793| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
3794| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
3795| [25499] nginx 1.3.9-1.4.0 DoS PoC
3796|
3797| OpenVAS (Nessus) - http://www.openvas.org:
3798| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
3799| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
3800| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
3801| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
3802| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
3803| [64869] Debian Security Advisory DSA 1884-1 (nginx)
3804|
3805| SecurityTracker - https://www.securitytracker.com:
3806| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
3807| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
3808| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
3809| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
3810|
3811| OSVDB - http://www.osvdb.org:
3812| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
3813| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
3814| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
3815| [92796] nginx ngx_http_close_connection Function Crafted r->
3816| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
3817| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
3818| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
3819| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
3820| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
3821| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
3822| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
3823| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
3824| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
3825| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
3826| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
3827| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
3828| [62617] nginx Internal DNS Cache Poisoning Weakness
3829| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
3830| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
3831| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
3832| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
3833| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
3834| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
3835| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
3836| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
3837| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
3838| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
3839|_
3840222/tcp open rsh-spx?
3841587/tcp open smtp Sendmail 8.15.2/8.15.2
3842| vulscan: VulDB - https://vuldb.com:
3843| [51427] Sendmail up to 8.14.3 Access Restriction spoofing
3844| [35870] Sendmail 8.13.1.2 spoofing
3845| [35869] Sendmail 8.13.1.2 on Red Hat Encryption weak encryption
3846| [122672] zzcms 8.3 dl/dl_sendmail.php Parameter sql injection
3847|
3848| MITRE CVE - https://cve.mitre.org:
3849| [CVE-2009-4565] sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
3850| [CVE-2009-1490] Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
3851| [CVE-2007-2246] Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1
3852| [CVE-2006-7176] The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages.
3853| [CVE-2006-7175] The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired.
3854| [CVE-2006-4434] Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."
3855| [CVE-2006-1173] Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.
3856| [CVE-2006-0058] Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
3857| [CVE-2004-0833] Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
3858| [CVE-2003-0694] The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
3859| [CVE-2003-0688] The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
3860| [CVE-2003-0681] A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
3861| [CVE-2003-0308] The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
3862| [CVE-2003-0161] The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
3863| [CVE-2002-2423] Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.
3864| [CVE-2002-2261] Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.
3865| [CVE-2002-1827] Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.
3866| [CVE-2002-1337] Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
3867| [CVE-2002-1165] Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.
3868| [CVE-2002-0906] Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.
3869| [CVE-2001-1349] Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
3870| [CVE-2001-0715] Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode.
3871| [CVE-2001-0714] Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR option, or (3) via the -qS option.
3872| [CVE-2001-0713] Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as (1) macro names that are one character long, (2) a variable setting which is processed by the setoption function, or (3) a Modifiers setting which is processed by the getmodifiers function.
3873| [CVE-2001-0653] Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
3874| [CVE-2000-0319] mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.
3875| [CVE-1999-1109] Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.
3876| [CVE-1999-0661] A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
3877| [CVE-2003-1076] Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file.
3878| [CVE-2002-1278] The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email.
3879| [CVE-2001-0588] sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
3880| [CVE-1999-1309] Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.
3881| [CVE-1999-0684] Denial of service in Sendmail 8.8.6 in HPUX.
3882| [CVE-1999-0478] Denial of service in HP-UX sendmail 8.8.6 related to accepting connections.
3883| [CVE-1999-0393] Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
3884| [CVE-1999-0206] MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
3885| [CVE-1999-0205] Denial of service in Sendmail 8.6.11 and 8.6.12.
3886| [CVE-1999-0204] Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
3887| [CVE-1999-0131] Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
3888| [CVE-1999-0047] MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
3889|
3890| SecurityFocus - https://www.securityfocus.com/bid/:
3891| [98787] Sendmail Remote Code Execution Vulnerability
3892| [88042] Sendmail CVE-1999-0684 Denial-Of-Service Vulnerability
3893| [87124] Sendmail CVE-2003-0308 Local Security Vulnerability
3894| [86815] Sendmail CVE-2006-7175 Remote Security Vulnerability
3895| [86048] Sendmail CVE-1999-0565 Remote Security Vulnerability
3896| [83087] Sendmail CVE-1999-0206 Remote Security Vulnerability
3897| [82811] Sendmail CVE-1999-0478 Denial-Of-Service Vulnerability
3898| [82467] Sendmail CVE-1999-0418 Denial-Of-Service Vulnerability
3899| [80905] Sendmail CVE-1999-0205 Denial-Of-Service Vulnerability
3900| [80398] Sendmail CVE-1999-0163 Local Security Vulnerability
3901| [67791] Sendmail File Descriptor Security Vulnerability
3902| [54206] IBM AIX Sendmail Local Privilege Escalation Vulnerability
3903| [49431] Sendmail SMTP HELO Argument Buffer Overflow Vulnerability
3904| [37543] Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
3905| [37395] PEAR Sendmail 'Recipient' Parameter Arbitrary Argument Injection Vulnerability
3906| [37081] PEAR Sendmail 'From' Parameter Arbitrary Argument Injection Vulnerability
3907| [34944] Sendmail 'X-header' Remote Heap Buffer Overflow Vulnerability
3908| [24999] Apache Tomcat SendMailServlet Cross-Site Scripting Vulnerability
3909| [23742] Red Hat Sendmail Localhost.Localdomain Email Spoofing Vulnerability
3910| [23606] Sendmail Unspecified Denial Of Service Vulnerability
3911| [19714] Sendmail Long Header Denial Of Service Vulnerability
3912| [18433] Sendmail Malformed MIME Message Denial Of Service Vulnerability
3913| [17207] Retired: Sendmail SM_SysLog Remote Memory Leak Denial Of Service Vulnerability
3914| [17192] Sendmail Asynchronous Signal Handling Remote Code Execution Vulnerability
3915| [14047] Sendmail Milter Remote Denial Of Service Weakness
3916| [11262] Debian GNU/Linux Sendmail Package Default SASL Password Vulnerability
3917| [8674] Sendmail Headers Prescan Denial Of Service Vulnerability
3918| [8649] Sendmail Ruleset Parsing Buffer Overflow Vulnerability
3919| [8641] Sendmail Prescan() Variant Remote Buffer Overrun Vulnerability
3920| [8485] Sendmail DNS Maps Remote Denial of Service Vulnerability
3921| [7829] Sendmail V.5 -oR Privilege Escalation Vulnerability
3922| [7614] Sendmail Insecure Temporary File Privilege Escalation Vulnerability
3923| [7580] AIX Sendmail Open Relay Default Configuration Weakness
3924| [7230] Sendmail Address Prescan Memory Corruption Vulnerability
3925| [7033] Sun Sendmail Forward File Privilege Escalation Vulnerability
3926| [6991] Sendmail Header Processing Buffer Overflow Vulnerability
3927| [6878] HP-UX Bastille sendmail.cf Information Disclosure Weakness
3928| [6548] Sendmail check_relay Access Bypassing Vulnerability
3929| [5921] Sendmail Trojan Horse Vulnerability
3930| [5845] Sendmail SMRSH Double Pipe Access Validation Vulnerability
3931| [5770] Sendmail Long Ident Logging Circumvention Weakness
3932| [5122] Sendmail DNS Map TXT Record Buffer Overflow Vulnerability
3933| [4822] Sendmail File Locking Denial Of Service Vulnerability
3934| [3898] HP Sendmail Diagnostic Code Information Leakage Vulnerability
3935| [3378] Sendmail Queue Processing Data Loss/DoS Vulnerability
3936| [3377] Sendmail Inadequate Privilege Lowering Vulnerability
3937| [3163] Sendmail Debugger Arbitrary Code Execution Vulnerability
3938| [2900] Kaspersky Anti-Virus for Sendmail Remote Format String Vulnerability
3939| [2897] Sendmail WIZ Default Configuration Vulnerability
3940| [2794] Sendmail Unsafe Signal Handling Race Condition Vulnerability
3941| [2593] SCO OpenServer sendmail Buffer Overflow Vulnerability
3942| [2311] Sendmail IDENT Remote root Vulnerability
3943| [2308] Sendmail Invalid MAIL/RCPT Vulnerability
3944| [2077] WEBgais websendmail Remote Command Execution Vulnerability
3945| [1696] Horde IMP Remote Command Execution via Sendmail Vulnerability
3946| [1146] Sendmail mail.local Vulnerabilities
3947| [904] Sendmail ETRN Denial of Service Vulnerability
3948| [857] Sendmail Aliases Database Regeneration Vulnerability
3949| [774] Sendmail Socket Hijack Vulnerability
3950| [717] Berkeley Sendmail Starvation and Overflow Vulnerabilities
3951| [716] Berkeley Sendmail Daemon Mode Vulnerability
3952| [715] Berkeley Sendmail Group Permissions Vulnerability
3953| [685] Berkeley Sendmail MIME Vulnerability
3954| [611] Vixie Cron MAILTO Sendmail Vulnerability
3955| [363] Linux Sendmail Denial of Service Vulnerability
3956| [243] SunOS V8 Sendmail Vulnerability
3957| [110] Metainfo MetaIP and Sendmail Vulnerabilities
3958| [6] SunOS SMI Sendmail Vulnerability
3959| [1] Berkeley Sendmail DEBUG Vulnerability
3960|
3961| IBM X-Force - https://exchange.xforce.ibmcloud.com:
3962| [1838] Sendmail 8.6.11 and 8.6.12 can be tricked into destroying alias database
3963| [1837] Sendmail 8.7 through 8.8.2 could allow local users to gain root privileges
3964| [1836] Sendmail 8.8.0/8.8.1 contains an overflow that could allow remote root access
3965| [1835] Sendmail 8.8.3/8.8.4 contains an overflow that could allow remote root access
3966| [428] Sendmail 8.7.5 stack buffer overflow
3967|
3968| Exploit-DB - https://www.exploit-db.com:
3969| [23154] Sendmail 8.12.9 Prescan() Variant Remote Buffer Overrun Vulnerability
3970| [22442] sendmail 8.11.6 Address Prescan Memory Corruption Vulnerability
3971| [22314] Sendmail 8.12.x Header Processing Buffer Overflow Vulnerability (2)
3972| [22313] Sendmail 8.12.x Header Processing Buffer Overflow Vulnerability (1)
3973| [21919] Sendmail 8.12.6 Trojan Horse Vulnerability
3974| [21884] Sendmail 8.12.x SMRSH Double Pipe Access Validation Vulnerability
3975| [21063] Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (4)
3976| [21062] Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (3)
3977| [21061] Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (2)
3978| [21060] Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (1)
3979| [2051] Sendmail <= 8.13.5 - Remote Signal Handling Exploit PoC
3980| [411] Sendmail 8.11.x Exploit (i386-Linux)
3981| [24] Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit
3982| [23167] Sendmail 8.9.2 Headers Prescan Denial of Service Vulnerability
3983| [21477] Sendmail 8.9.x/8.10.x/8.11.x/8.12.x File Locking Denial of Service Vulnerability (2)
3984| [21476] Sendmail 8.9.x/8.10.x/8.11.x/8.12.x File Locking Denial of Service Vulnerability (1)
3985| [20599] Sendmail 8.6.9 IDENT Remote root Vulnerability
3986| [19701] Eric Allman Sendmail 8.9.1/8.9.3 ETRN Denial of Service Vulnerability
3987| [19602] Eric Allman Sendmail 8.8 .x Socket Hijack Vulnerability
3988| [19556] BSD 2,CND 1,Sendmail 8.x,FreeBSD 2.1.x,HP-UX 10.x,AIX 4,RedHat 4 Sendmail Daemon Vuln
3989|
3990| OpenVAS (Nessus) - http://www.openvas.org:
3991| [11321] Sendmail 8.8.8 to 8.12.7 Double Pipe Access Validation Vulnerability
3992| [11346] Sendmail 8.7.*/8.8.* local overflow
3993|
3994| SecurityTracker - https://www.securitytracker.com:
3995| [1027207] IBM AIX Sendmail Default Configuration Lets Local Users Gain Root Privileges
3996| [1023393] Sendmail NULL Character Flaw in Common Name Field Lets Remote Users Spoof Certficiates
3997| [1018610] Clam AntiVirus clamav-milter for sendmail Unsafe popen() Call Lets Remote Users Execute Arbitrary Code
3998| [1017966] HP-UX Sendmail Lets Remote Users Deny Service
3999| [1016753] Sendmail May Crash When Processing Mail with a Long Header
4000| [1016295] Sendmail Excessive Recursion in Processing Malformed MIME Messages Lets Remote Users Deny Service
4001| [1015801] Sendmail Race Condition in Signal Handler May Let Remote Users Trigger a Buffer Overflow to Execute Arbitrary Code
4002| [1011430] Sendmail 'sasl-bin' on Debian Linux Lets Remote Users Relay E-mail
4003| [1007737] Sendmail Ruleset Buffer Overflow Has Unspecified Impact
4004| [1007734] Sendmail Prescan Flaw May Let Remote Users Execute Arbitrary Code With Root Privileges
4005| [1007564] Sendmail DNS Map Initialization Flaw May Let Remote Users Crash the System
4006| [1006794] Sendmail Temporary File Flaw May Let Local Users Gain Elevated Privileges
4007| [1006409] Sendmail Buffer Overflow in Parsing Addresses May Let Remote or Local Users Execute Arbitrary Code With Root Privileges
4008| [1006234] Sun Solaris sendmail '.forward' Bug May Let Local Users Deny Service or Gain Root Privileges
4009| [1006199] Sendmail Buffer Overflow in Parsing Certain Header Comments May Let Remote Users Execute Arbitrary Code with Root Privileges
4010| [1006126] HP-UX Bastille Configuration Error Lets Remote Users Query Sendmail With EXPN and VRFY Commands to Obtain Information About Operating System Users
4011| [1005748] Sendmail 'check_relay' E-mail Access Control Features Can Be Bypassed By Remote Users
4012| [1005329] Sendmail Restricted Shell (smrsh) May Let Local Users Bypass Restrictions to Execute Code
4013| [1004633] Sendmail Mail Server 'Theoretical' Buffer Overflow May Allow Remote Users to Execute Arbitrary Code
4014| [1004368] Sendmail Default File Permissions and Configuration Allows Local Users to Deny Service to Sendmail
4015| [1003523] Sun Solaris mail(1) Utility Lets Programs Pass Command Line Options to Sendmail that Could Give a Local or Remote User Elevated Privileges on the System
4016| [1003258] HP/UX Release of Sendmail May Disclose Unauthorized Information to E-mail Users Under Certain Conditions
4017| [1002474] Sendmail Security Holes Let Local Users Obtain Elevated Privileges on the System, Access the E-mail Queue, and Cause Information Loss
4018| [1002224] Sendmail Command Line Debugging Validation Flaw Lets Local Users Execute Arbitrary Code and Gain Root Privileges
4019| [1001632] Sendmail Signal Handling Race Conditions May Allow Local Users to Modify the Heap and Cause Denial of Service
4020|
4021| OSVDB - http://www.osvdb.org:
4022| [86403] Symphony CMS symphony/system/preferences settings[email_sendmail][from_name] Parameter XSS
4023| [84105] Diary/Notebook Theme for WordPress wp-content/themes/diary/sendmail.php Email Spoofing
4024| [83789] Sendmail accept() Function Local Socket Hijacking Privileged Process Spoofing
4025| [83788] Sendmail on Linux Spoofed Packet Handling Remote DoS
4026| [83267] IBM AIX Sendmail $HOME/.forward Construct Handling Local Privilege Escalation
4027| [74952] WP Forum sendmail.php Arbitrary Mail Relay
4028| [74951] WP Forum sendmail.php Arbitrary User E-mail Address Disclosure
4029| [74746] Cronie Sendmail Invocation cron Job Local Privilege Escalation
4030| [71357] WP Forum Plugin for WordPress wp-content/plugins/wp-forum/sendmail.php id Parameter SQL Injection
4031| [70667] Mail Gem for Ruby lib/mail/network/delivery_methods/sendmail.rb Email From: Address Arbitrary Shell Command Injection
4032| [68761] PHP-Fusion includes/class.phpmailer.php sendmail Parameter Remote Command Execution
4033| [62373] Sendmail X.509 Certificate Null Character MiTM Spoofing Weakness
4034| [60563] PEAR Mail Mail/sendmail.php recipients Parameter Arbitrary File Creation
4035| [60335] HP-UX Bastille Sendmail Misconfiguration NOVRFY / NOEXPN Enablement
4036| [60322] PEAR Mail Sendmail Mail::Send() Function from Parameter Arbitrary Argument Command Injection
4037| [60141] Sendmail Macro Multiple Connection Session Persistence STARTTLS Requirement Bypass
4038| [60140] Sendmail Spoofed DNS Hostname check_relay Function Bypass
4039| [59769] Sendmail Multiple Configuration File Lock Local DoS
4040| [58100] Sendmail Controlling User Queue File Resource Starvation DoS
4041| [56374] Phlatline's Personal Information Manager (pPIM) sendmail.php Arbitrary Email Relay
4042| [54669] Sendmail Mail X-Header Handling Remote Overflow
4043| [53074] Sambar Server /session/sendmail Arbitrary Mail Relay
4044| [43595] Sendmail on Red Hat Enterprise Linux SSLv2 Configuration Persistence Weakness
4045| [39595] Sendmail on SunOS Multiple Unspecified Issues
4046| [39164] @Mail sendmail.php Unspecified XSS
4047| [39142] Sendmail Header Processing Multiple Unspecified Overflows
4048| [39000] Apache Tomcat SendMailServlet sendmail.jsp mailfrom Parameter XSS
4049| [37206] PHPMailer class.phpmailer.php SendmailSend Function Arbitrary Command Execution
4050| [37203] Bugzilla email_in.pl Email::Send::Sendmail Function Arbitrary Command Execution
4051| [36909] ClamAV clamav-milter black-hole-mode Sendmail Recipient Field Arbitrary Command Execution
4052| [36249] Mini Web Shop sendmail.php PATH_INFO Parameter XSS
4053| [35693] Sendmail on Red Hat Enterprise Linux localhost.localdomain Mail Spoofing
4054| [35301] Sendmail on HP-UX Unspecified DoS
4055| [32843] Indexu sendmail.php Multiple Parameter XSS
4056| [32173] Blue Magic Board sendmail.php Direct Request Path Disclosure
4057| [28423] Indexu sendmail.php theme_path Parameter Remote File Inclusion
4058| [28254] VBZooM sendmail.php UserID Parameter SQL Injection
4059| [28193] Sendmail Header Processing Overflow DoS
4060| [26197] Sendmail Multi-Part MIME Message Handling DoS
4061| [25270] PHP w/ Sendmail Mail Function additional_parameters Argument Arbitrary File Creation
4062| [24951] Manila sendMail referer Parameter XSS
4063| [24037] Sendmail Signal Handler Race Condition Remote Overflow
4064| [23721] bMail sendmail.php SQL Injection
4065| [18310] BMForum sendmail.php Path Disclosure
4066| [17005] Sendmail Forward/Include File Parent Directory Permission Issue
4067| [17004] Sendmail NFS Mount safechown Bypass
4068| [17003] Sendmail Alias Rebuild Symlink Issue
4069| [17002] Sendmail lstat Symlink Race Arbitrary Privileged File Creation
4070| [17001] Sendmail initgroups() Privilege Drop Failure Issue
4071| [16983] Sendmail -B Parameter Malformed Body Type Issue
4072| [16982] Sendmail Long Parameter syslog() Function Overflow
4073| [16862] Oracle Application Server sendmail.jsp Sample Script Arbitrary Mail Relay
4074| [16788] Sendmail .forward Symlink Arbitrary File Access
4075| [16745] Sendmail Terminal Connection Unspecified Issue
4076| [16744] Sendmail on SysV include File Privilege Escalation
4077| [16743] Sendmail Written File Symlink Issue
4078| [16742] Sendmail -odq Custom Queue Injection Privilege Escalation
4079| [16741] Sendmail Unspecified Traversal Arbitrary File Access
4080| [16740] Sendmail Restricted Shell NFS Mount .forward Arbitrary Command Execution
4081| [16739] Sendmail Arbitrary User .forward Ownership Modification
4082| [16738] Sendmail -oL Unprivileged Logging Disable
4083| [16737] Sendmail Unspecified Arbitrary Local File Access
4084| [16647] Sendmail .forward Arbitrary Non-root Command Execution
4085| [16627] Sendmail Unspecified Arbitrary File Write
4086| [16454] Sendmail mail from: Piped Command Execution
4087| [16128] Sendmail Unspecified Command Line Argument Issue
4088| [16076] Sendmail Unspecified Security Issue
4089| [16018] Mailreader with Sendmail compose.cgi Arbitrary Command Execution
4090| [15962] Sendmail wiz Command Remote Authentication Bypass
4091| [15961] Sendmail uucp Account .forward Arbitrary File Access
4092| [15901] Sendmail Configuration Freeze .fc File Ownership Issue
4093| [15872] Sendmail dead.letter Symlink Arbitrary File Modification
4094| [15824] PMDF Sendmail Debug Mode Symlink Arbitrary File Overwrite
4095| [15760] Sendmail Group Privilege Retention Privilege Escalation
4096| [15726] Sendmail -C Arbitrary Privilege File Disclosure
4097| [15617] Sendmail smtpmessage Unspecified Overflow
4098| [15454] Sendmail Double rcpt to: Arbitrary Remote File Modification
4099| [15265] Sendmail Unspecified Multiple Security Issues
4100| [15147] Solaris sendmail .forward Local Privilege Escalation
4101| [15042] Sendmail HUP Signal Arbitrary Privileged Command Execution
4102| [14880] SunOS Sendmail -oR Option IFS Variable Privilege Escalation
4103| [14702] Sendmail on ftp.sendmail.org Trojaned Distribution
4104| [12265] Sendmail Arbitrary File Append Privilege Escalation
4105| [11995] SunOS SMI Sendmail Unspecified Remote Issue
4106| [10374] Sendmail 'sasl-bin' on Debian Linux Arbitrary Mail Relay
4107| [9352] Sendmail Alias Piped Input Issue
4108| [9312] HP-UX Sendmail Unspecified Connection DoS
4109| [9311] Sendmail Parsing Policy Weakness Arbitrary Mail Relay
4110| [9310] Sendmail Header Prescan Function Message Header DoS
4111| [9309] Sendmail MIME Conversion Malformed Header Overflow
4112| [9308] Debian Sendmail doublebounce.pl Script Insecure Temp File Privilege Escalation
4113| [9307] Debian Sendmail checksendmail Script Insecure Temp File Privilege Escalation
4114| [9306] Debian Sendmail expn Script Insecure Temp File Privilege Escalation
4115| [9305] Sendmail Consortium smrsh Special Character Restriction Bypass
4116| [9303] Sendmail RestrictQueueRun Option Debug Mode Local Information Disclosure
4117| [9302] Sendmail RestrictQueueRun Option Multiple Argument Local DoS
4118| [9301] Sendmail -C Malformed Configuration Local Privilege Escalation
4119| [8745] SunOS SMI Sendmail Remote bin Access
4120| [8294] Sendmail NOCHAR Control Value prescan Remote Overflow
4121| [7993] IBM AIX sendmail.cf Configuration Unauthorized Mail Relay
4122| [7649] SCO OpenServer MMDF sendmail First Argument Local Overflow
4123| [7626] SCO UnixWare sendmail.cf Config File Privilege Escalation
4124| [7530] Sendmail -debug Local Privilege Escalation
4125| [6480] Sendmail DNS Map Code Remote DoS
4126| [6066] Linuxconf mailconf Improper Sendmail Relay Configuration
4127| [5935] Sendmail SMTP RCPT TO Saturation DoS
4128| [5853] Sendmail Alias Database Deletion DoS
4129| [5815] Sambar Server sendmail.stm Multiple Parameter XSS
4130| [5574] Sendmail DNS Response MIME QF Command Injection
4131| [5429] Sendmail Insecure Signal Handling Local DoS
4132| [5056] Sendmail Custom DNS Map TXT Query Overflow
4133| [4747] Sendmail IDENT Overflow Logging Bypass
4134| [4502] Sendmail headers.c crackaddr Function Address Field Handling Remote Overflow
4135| [3241] AUSCERT sendmail_wrapper.c Local Overflow
4136| [2577] Sendmail prescan() Function Remote Overflow
4137| [2129] Sendmail -oE Option Arbitrary Local File Access
4138| [1877] Sendmail Control File Descriptor Race Condition
4139| [1299] Sendmail mail.local Newline Handling Remote DoS
4140| [1182] Sendmail Crafted ETRN Commands Remote DoS
4141| [1154] Sendmail Aliases Database Unprivileged Regeneration DoS
4142| [1115] Sendmail GECOS Field Local Overflow
4143| [1114] Sendmail Daemon Mode Local Privilege Escalation
4144| [1113] Sendmail Group Write File Hardlink Privilege Escalation
4145| [1061] Vixie Cron MAILTO Sendmail Variable Manipulation
4146| [903] Sendmail -oQ Arbitrary Privileged File Local Access
4147| [676] Sendmail -bt Option Local Overflow
4148| [605] Sendmail -d category Value Local Overflow
4149| [485] Sendmail mime7to8() Function Remote Overflow
4150| [317] Sambar sendmail CGI Arbitrary Mail Relay
4151| [237] WebGais websendmail CGI Arbitrary Command Execution
4152| [219] Sendmail IDENT Function Remote Overflow
4153| [205] Sendmail HELO Command Mail Identity Concealment
4154| [203] SunOS Sendmail mail from/rcpt to Pipe Arbitrary Command Execution
4155| [198] Sendmail Multiple Method E-mail Relay
4156| [196] Sendmail decode Alias Arbitrary File Overwrite
4157| [195] Sendmail DEBUG Arbitrary Remote Command Execution
4158| [110] MetaInfo Sendmail Traversal Arbitrary Command Execution
4159|_
41603306/tcp open mysql MySQL (unauthorized)
4161| vulscan: VulDB - https://vuldb.com:
4162| [141414] LibreNMS up to 1.47 inventory.inc.php mysqli_escape_real_string Parameter cross site scripting
4163| [140101] Yandex ClickHouse MySQL Client information disclosure
4164| [139468] cPanel up to 60.0.24 MySQL Upgrade File privilege escalation
4165| [139350] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
4166| [139349] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
4167| [139308] cPanel up to 67.9999.102 WHM MySQL Password Change Interfaces Stored cross site scripting
4168| [138305] SaltStack Salt 2018.3/2019.2 mysqluser_chpass sql injection
4169| [138102] Oracle MySQL Server up to 8.0.16 InnoDB unknown vulnerability
4170| [138101] Oracle MySQL Server up to 8.0.16 Privileges unknown vulnerability
4171| [138100] Oracle MySQL Server up to 5.6.44/5.7.18 Privileges unknown vulnerability
4172| [138099] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Compiling information disclosure
4173| [138098] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Plug-in unknown vulnerability
4174| [138097] Oracle MySQL Server up to 5.7.26/8.0.16 Client programs denial of service
4175| [138096] Oracle MySQL Server up to 8.0.16 Roles denial of service
4176| [138095] Oracle MySQL Server up to 8.0.16 Privileges denial of service
4177| [138094] Oracle MySQL Server up to 5.7.25/8.0.15 Replication denial of service
4178| [138093] Oracle MySQL Server up to 8.0.16 Options denial of service
4179| [138092] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
4180| [138091] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
4181| [138090] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
4182| [138089] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
4183| [138088] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
4184| [138087] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
4185| [138086] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
4186| [138085] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
4187| [138084] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
4188| [138083] Oracle MySQL Server up to 8.0.12 GIS denial of service
4189| [138082] Oracle MySQL Server up to 8.0.16 FTS denial of service
4190| [138081] Oracle MySQL Server up to 8.0.16 DML denial of service
4191| [138080] Oracle MySQL Server up to 8.0.16 Components denial of service
4192| [138079] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Pluggable Auth denial of service
4193| [138078] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
4194| [138077] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
4195| [138076] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
4196| [138074] Oracle MySQL Server up to 8.0.12 Roles denial of service
4197| [138073] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Log denial of service
4198| [138072] Oracle MySQL Server up to 5.7.26/8.0.16 Privileges unknown vulnerability
4199| [138071] Oracle MySQL Server up to 5.7.23 Replication unknown vulnerability
4200| [138070] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Audit unknown vulnerability
4201| [138069] Oracle MySQL Server up to 5.7.26/8.0.16 InnoDB unknown vulnerability
4202| [138068] Oracle MySQL Workbench up to 8.0.16 OpenSSL information disclosure
4203| [138067] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 XML denial of service
4204| [138066] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Parser denial of service
4205| [138065] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
4206| [138064] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
4207| [138063] Oracle MySQL Server up to 8.0.12 Data Dictionary denial of service
4208| [138062] Oracle MySQL Server up to 8.0.16 Charsets denial of service
4209| [138061] Oracle MySQL Server up to 8.0.16 Replication unknown vulnerability
4210| [138060] Oracle MySQL Server up to 8.0.16 InnoDB Cluster unknown vulnerability
4211| [138059] Oracle MySQL Enterprise Monitor up to 4.0.9/8.0.14 Spring Framework denial of service
4212| [138058] Oracle MySQL Server up to 5.7.26/8.0.15 cURL unknown vulnerability
4213| [133701] Oracle MySQL Server up to 8.0.15 Replication denial of service
4214| [133700] Oracle MySQL Server up to 8.0.15 Replication denial of service
4215| [133698] Oracle MySQL Server up to 8.0.15 Group Replication Plugin denial of service
4216| [133697] Oracle MySQL Server up to 8.0.15 Roles denial of service
4217| [133695] Oracle MySQL Server up to 8.0.15 Privileges denial of service
4218| [133691] Oracle MySQL Server up to 8.0.15 Replication denial of service
4219| [133687] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4220| [133686] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4221| [133685] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4222| [133684] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4223| [133683] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4224| [133682] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4225| [133681] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4226| [133680] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4227| [133677] Oracle MySQL Server up to 8.0.15 Information Schema denial of service
4228| [133676] Oracle MySQL Server up to 8.0.15 DDL denial of service
4229| [133675] Oracle MySQL Server up to 8.0.15 DDL denial of service
4230| [133672] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
4231| [133668] Oracle MySQL Server up to 8.0.15 Replication denial of service
4232| [133666] Oracle MySQL Server up to 8.0.15 Options denial of service
4233| [133662] Oracle MySQL Connectors up to 8.0.15 Connector/J unknown vulnerability
4234| [133661] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4235| [133660] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4236| [133659] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
4237| [129647] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
4238| [129646] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
4239| [129645] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication denial of service
4240| [129644] Oracle MySQL Server up to 5.7.24/8.0.13 Partition denial of service
4241| [129643] Oracle MySQL Server up to 8.0.13 Optimizer denial of service
4242| [129642] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
4243| [129641] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
4244| [129640] Oracle MySQL Server up to 5.7.24/8.0.13 Optimizer denial of service
4245| [129639] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 DDL denial of service
4246| [129638] Oracle MySQL Server up to 8.0.13 DDL denial of service
4247| [129637] Oracle MySQL Server up to 8.0.13 DDL denial of service
4248| [129636] Oracle MySQL Server up to 8.0.13 Connection denial of service
4249| [129635] Oracle MySQL Server up to 5.7.24/8.0.13 InnoDB denial of service
4250| [129634] Oracle MySQL Server up to 8.0.13 InnoDB denial of service
4251| [129631] Oracle MySQL Server up to 8.0.13 Replication denial of service
4252| [129630] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Connection Handling denial of service
4253| [129629] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Parser denial of service
4254| [129628] Oracle MySQL Server up to 5.7.24/8.0.13 Parser denial of service
4255| [129627] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 PS denial of service
4256| [129626] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
4257| [129625] Oracle MySQL Server up to 8.0.13 Privileges unknown vulnerability
4258| [129624] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication unknown vulnerability
4259| [129623] Oracle MySQL Workbench up to 8.0.13 OpenSSL denial of service
4260| [129622] Oracle MySQL Connectors up to 2.1.8/8.0.13 Connector/Python unknown vulnerability
4261| [129621] Oracle MySQL Workbench up to 8.0.13 unknown vulnerability
4262| [127905] Open Dental up to 18.3 MySQL Database Default Credentials weak authentication
4263| [127404] Drobo 5N2 NAS 4.0.5-13.28.96115 MySQL API Error Page cross site scripting
4264| [127403] Drobo 5N2 NAS 4.0.5-13.28.96115 /mysql/api/droboapp/data information disclosure
4265| [127400] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/logfile.php Parameter information disclosure
4266| [127396] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/drobo.php information disclosure
4267| [127395] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/diags.php Parameter information disclosure
4268| [127350] Dell OpenManage Network Manager up to 6.4.x MySQL privilege escalation
4269| [126982] LAOBANCMS 2.0 install/mysql_hy.php directory traversal
4270| [126687] LAOBANCMS 2.0 mysql_hy.php privilege escalation
4271| [125937] mysql-binuuid-rails up to 1.1.0 Database Column sql injection
4272| [125825] ThinkPHP 3.2.4 Mysql.class.php parseKey Parameter sql injection
4273| [125568] Oracle MySQL Server up to 8.0.12 Privileges unknown vulnerability
4274| [125567] Oracle MySQL Server up to 5.7.23/8.0.12 Logging denial of service
4275| [125566] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
4276| [125565] Oracle MySQL Server up to 8.0.12 Windows denial of service
4277| [125564] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Storage Engines denial of service
4278| [125563] Oracle MySQL Server up to 8.0.12 Roles denial of service
4279| [125562] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 RBR denial of service
4280| [125561] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
4281| [125560] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
4282| [125559] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Memcached denial of service
4283| [125558] Oracle MySQL Server up to 8.0.12 JSON denial of service
4284| [125557] Oracle MySQL Server up to 8.0.12 Information Schema denial of service
4285| [125556] Oracle MySQL Server up to 8.0.12 DDL denial of service
4286| [125555] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
4287| [125554] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
4288| [125553] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
4289| [125552] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
4290| [125551] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
4291| [125549] Oracle MySQL Server up to 5.7.23/8.0.12 Optimizer denial of service
4292| [125548] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Merge denial of service
4293| [125547] Oracle MySQL Server up to 8.0.12 DDL denial of service
4294| [125546] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
4295| [125545] Oracle MySQL Server up to 5.7.23/8.0.12 Audit denial of service
4296| [125544] Oracle MySQL Server up to 8.0.12 Parser denial of service
4297| [125543] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Parser denial of service
4298| [125542] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
4299| [125541] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
4300| [125540] Oracle MySQL Server up to 8.0.12 DML denial of service
4301| [125539] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
4302| [125538] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
4303| [125537] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
4304| [125536] Oracle MySQL Server up to 5.7.23/8.0.12 Parser denial of service
4305| [125535] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 InnoDB unknown vulnerability
4306| [125534] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
4307| [125533] Oracle MySQL Connectors up to 8.0.12 Connector/J unknown vulnerability
4308| [125532] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
4309| [125531] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
4310| [125415] Oracle Enterprise Manager for MySQL Database 13.2 EM Plugin unknown vulnerability
4311| [122549] PHP up to 7.1.5 mysqli_real_escape_string memory corruption
4312| [122201] mysql_user Module up to 2.2.0 on Ansible Password Change weak authentication
4313| [121802] Oracle MySQL Server up to 8.0.11 DDL unknown vulnerability
4314| [121800] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Encryption weak encryption
4315| [121799] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Options unknown vulnerability
4316| [121798] Oracle MySQL Workbench up to 6.3.10 Encryption weak encryption
4317| [121797] Oracle MySQL Server up to 5.7.22/8.0.11 Privileges unknown vulnerability
4318| [121796] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 MyISAM information disclosure
4319| [121795] Oracle MySQL Server up to 8.0.11 Privileges denial of service
4320| [121794] Oracle MySQL Server up to 5.5.60 Privileges denial of service
4321| [121793] Oracle MySQL Server up to 8.0.11 Replication denial of service
4322| [121792] Oracle MySQL Server up to 5.7.22 DML denial of service
4323| [121791] Oracle MySQL Server up to 8.0.11 DDL denial of service
4324| [121790] Oracle MySQL Server up to 8.0.11 DDL denial of service
4325| [121789] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
4326| [121788] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
4327| [121787] Oracle MySQL Server up to 8.0.11 InnoDB denial of service
4328| [121786] Oracle MySQL Server up to 5.7.22 Audit Log denial of service
4329| [121785] Oracle MySQL Client up to 5.5.60/5.6.40/5.7.22/8.0.11 Client Programs denial of service
4330| [121784] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Memcached denial of service
4331| [121783] Oracle MySQL Server up to 8.0.11 Roles denial of service
4332| [121782] Oracle MySQL Workbench up to 8.0.11 denial of service
4333| [121781] Oracle MySQL Server up to 8.0.11 Optimizer denial of service
4334| [121780] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Installing denial of service
4335| [121779] Oracle MySQL Server up to 5.7.22/8.0.11 DML denial of service
4336| [121778] Oracle MySQL Server up to 5.7.22/8.0.11 InnoDB denial of service
4337| [121777] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Client mysqldump denial of service
4338| [121776] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Monitoring denial of service
4339| [121775] Oracle MySQL Connectors up to 5.3.10/8.0.11 Connector/ODBC denial of service
4340| [121774] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 InnoDB denial of service
4341| [121773] Oracle MySQL Workbench up to 8.0.11 unknown vulnerability
4342| [121772] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Service Manager unknown vulnerability
4343| [121613] Oracle Enterprise Manager for MySQL Database up to 13.2.2.0.0 EM Plugin unknown vulnerability
4344| [120277] query-mysql 0.0.0/0.0.1/0.0.2 on Node.js sql injection
4345| [118340] mysqljs on Node.js Backdoor privilege escalation
4346| [118305] MySQL Module up to v2.0.0-alpha7 on Node.js mysql.escape sql injection
4347| [117517] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd send_arp MMM Protocol Message command injection
4348| [117516] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd clear_ip MMM Protocol Message command injection
4349| [117515] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd clear_ip MMM Protocol Message command injection
4350| [117514] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd clear_ip MMM Protocol Message command injection
4351| [117513] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd add_ip MMM Protocol Message command injection
4352| [117512] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd add_ip MMM Protocol Message command injection
4353| [117511] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd add_ip MMM Protocol Message command injection
4354| [117510] MySQL Multi-Master Replication Manager 2.2.1 mmm_agentd _execute MMM Protocol Message command injection
4355| [117387] CSP MySQL User Manager 2.3.1 Username sql injection
4356| [116762] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL information disclosure
4357| [116761] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Locking denial of service
4358| [116759] Oracle MySQL Server up to 5.7.21 Group Replication GCS denial of service
4359| [116758] Oracle MySQL Server up to 5.7.21 Pluggable Auth denial of service
4360| [116757] Oracle MySQL Server up to 5.7.21 Performance Schema denial of service
4361| [116756] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
4362| [116755] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Optimizer denial of service
4363| [116754] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
4364| [116753] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
4365| [116752] Oracle MySQL Server up to 5.7.21 DML denial of service
4366| [116751] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Privileges denial of service
4367| [116750] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
4368| [116749] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
4369| [116748] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
4370| [116747] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
4371| [116745] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
4372| [116744] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
4373| [116743] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
4374| [116742] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Client programs denial of service
4375| [116741] Oracle MySQL Enterprise Monitor up to 3.3.7.3306/3.4.5.4248/4.0.2.5168 Monitoring: Agent (OpenSSL) information disclosure
4376| [116740] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
4377| [116739] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
4378| [116738] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL denial of service
4379| [116737] Oracle MySQL Server up to 5.6.39/5.7.21 Privileges denial of service
4380| [116736] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 InnoDB denial of service
4381| [116735] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
4382| [116734] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
4383| [116733] Oracle MySQL Server up to 5.6.39 GIS Extension denial of service
4384| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
4385| [116620] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Spring Framework) unknown vulnerability
4386| [116619] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General unknown vulnerability
4387| [115836] Juniper Junos Space up to 13.3R1.7 MySQL Server Default Credentials weak authentication
4388| [115216] MySQL for PCF Tiles up to 1.7.9 AWS Access Key privilege escalation
4389| [114055] Couch up to 2.0 mysql2i.func.php Request information disclosure
4390| [112112] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema information disclosure
4391| [112111] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema denial of service
4392| [112110] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
4393| [112109] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
4394| [112108] Oracle MySQL Server up to 5.7.20 InnoDB denial of service
4395| [112107] Oracle MySQL Server up to 5.7.20 DML denial of service
4396| [112106] Oracle MySQL Server up to 5.7.20 DML denial of service
4397| [112105] Oracle MySQL Server up to 5.7.20 DML denial of service
4398| [112104] Oracle MySQL Server up to 5.6.38/5.7.19 Partition denial of service
4399| [112103] Oracle MySQL Server up to 5.6.38/5.7.20 Replication denial of service
4400| [112102] Oracle MySQL Server up to 5.6.38/5.7.20 Packaging information disclosure
4401| [112101] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring information disclosure
4402| [112100] Oracle MySQL Connectors up to 5.3.9 ODBC Connector information disclosure
4403| [112099] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
4404| [112098] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
4405| [112097] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
4406| [112096] Oracle MySQL Server up to 5.6.38/5.7.20 GIS denial of service
4407| [112095] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 DDL denial of service
4408| [112094] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
4409| [112093] Oracle MySQL Server up to 5.6.38/5.7.20 InnoDB denial of service
4410| [112092] Oracle MySQL Server up to 5.6.38/5.7.20 Stored Procedure denial of service
4411| [112091] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.19 Partition denial of service
4412| [112090] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
4413| [112089] Oracle MySQL Connectors up to 6.9.9/6.10.4 Connector/Net denial of service
4414| [112088] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring privilege escalation
4415| [110974] puppetlabs-mysql up to 3.6.0 Parameter weak authentication
4416| [108192] Oracle MySQL Server up to 5.7.18 InnoDB denial of service
4417| [108190] Oracle MySQL Server up to 5.6.37/5.7.19 InnoDB denial of service
4418| [108189] Oracle MySQL Server up to 5.7.18 Stored Procedure denial of service
4419| [108188] Oracle MySQL Server up to 5.7.19 Replication denial of service
4420| [108187] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
4421| [108186] Oracle MySQL Server up to 5.6.36/5.7.18 Optimizer denial of service
4422| [108185] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
4423| [108184] Oracle MySQL Server up to 5.6.37/5.7.19 Memcached denial of service
4424| [108183] Oracle MySQL Server up to 5.7.19 InnoDB denial of service
4425| [108182] Oracle MySQL Server up to 5.7.19 FTS denial of service
4426| [108181] Oracle MySQL Server up to 5.7.18 DML denial of service
4427| [108180] Oracle MySQL Server up to 5.7.19 Group Replication GCS denial of service
4428| [108179] Oracle MySQL Server up to 5.6.37/5.7.19 Performance Schema denial of service
4429| [108178] Oracle MySQL Connectors up to 6.9.9 Connector/Net denial of service
4430| [108177] Oracle MySQL Connectors up to 6.9.9 Connector/Net unknown vulnerability
4431| [108176] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.11 Optimizer denial of service
4432| [108175] Oracle MySQL Server up to 5.7.19 Optimizer denial of service
4433| [108174] Oracle MySQL Server up to 5.6.37/5.7.19 FTS denial of service
4434| [108173] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 DDL denial of service
4435| [108172] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 Client programs information disclosure
4436| [108171] Oracle MySQL Server up to 5.6.35/5.7.18 OpenSSL denial of service
4437| [108170] Oracle MySQL Server up to 5.6.37/5.7.19 Pluggable Auth denial of service
4438| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
4439| [108168] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Web unknown vulnerability
4440| [104089] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
4441| [104088] Oracle MySQL Server up to 5.7.18 C API information disclosure
4442| [104087] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
4443| [104086] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Client mysqldump unknown vulnerability
4444| [104085] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
4445| [104084] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
4446| [104083] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Charsets denial of service
4447| [104082] Oracle MySQL Cluster up to 7.3.5 CLSTCONF memory corruption
4448| [104081] Oracle MySQL Server up to 5.7.16 X Plugin denial of service
4449| [104080] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
4450| [104079] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
4451| [104078] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
4452| [104077] Oracle MySQL Server up to 5.7.18 DML denial of service
4453| [104076] Oracle MySQL Server up to 5.7.18 DML denial of service
4454| [104075] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DML denial of service
4455| [104074] Oracle MySQL Server up to 5.7.18 DML denial of service
4456| [104073] Oracle MySQL Server up to 5.7.18 DML denial of service
4457| [104072] Oracle MySQL Server up to 5.7.18 X Plugin denial of service
4458| [104071] Oracle MySQL Server up to 5.7.18 UDF denial of service
4459| [104069] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 C API denial of service
4460| [104068] Oracle MySQL Connectors up to 6.1.10 Connector/C denial of service
4461| [104067] Oracle MySQL Server up to 5.6.35/5.7.17 OpenSSL unknown vulnerability
4462| [104066] Oracle MySQL Connectors up to 5.3.7 OpenSSL unknown vulnerability
4463| [104065] Oracle MySQL Connectors up to 6.1.9 OpenSSL unknown vulnerability
4464| [104064] Oracle MySQL Server up to 5.6.36/5.7.18 DML denial of service
4465| [104063] Oracle MySQL Server up to 5.6.36/5.7.18 Memcached denial of service
4466| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
4467| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
4468| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
4469| [103583] phpMyAdmin 4.0/4.4/4.6 MySQL Database Connection privilege escalation
4470| [103578] MySQL Dumper 1.24 Stored cross site scripting
4471| [102980] DBD::mysql Module up to 4.043 on Perl SSL weak encryption
4472| [102979] DBD::mysql Module up to 4.043 on Perl Error Use-After-Free memory corruption
4473| [102618] KBVault Mysql Free Knowledge Base 0.16a File Upload Explorer.aspx privilege escalation
4474| [100915] Accellion FTA communication_p2p.php mysql_real_escape_string sql injection
4475| [100543] Oracle MySQL up to 5.1.40 Connector/J privilege escalation
4476| [100232] Oracle MySQL Server up to 5.7.17 Encryption weak encryption
4477| [100231] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring denial of service
4478| [100228] Oracle MySQL Workbench up to 6.3.8 Encryption information disclosure
4479| [100227] Oracle MySQL Server up to 5.7.17 C API information disclosure
4480| [100226] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
4481| [100225] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DDL unknown vulnerability
4482| [100224] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
4483| [100223] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
4484| [100222] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
4485| [100221] Oracle MySQL Server up to 5.7.17 Optimizer denial of service
4486| [100220] Oracle MySQL Server up to 5.7.17 DML denial of service
4487| [100219] Oracle MySQL Server up to 5.7.17 DML denial of service
4488| [100218] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
4489| [100217] Oracle MySQL Server up to 5.7.17 Audit Plug-in denial of service
4490| [100215] Oracle MySQL Server up to 5.5.54/5.6.35 C API information disclosure
4491| [100214] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
4492| [100213] Oracle MySQL Cluster up to 7.2.27/7.3.16/7.4.14/7.5.5 DD denial of service
4493| [100212] Oracle MySQL Server up to 5.7.17 InnoDB denial of service
4494| [100211] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 OpenSSL information disclosure
4495| [100210] Oracle MySQL Enterprise Backup up to 3.12.3/4.0.3 ENTRBACK information disclosure
4496| [100209] Oracle MySQL Connectors up to 5.1.41 Connector/J unknown vulnerability
4497| [100208] Oracle MySQL Server up to 5.6.35 Optimizer denial of service
4498| [100207] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
4499| [100206] Oracle MySQL Server up to 5.7.17 DML denial of service
4500| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
4501| [100204] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Client mysqldump unknown vulnerability
4502| [100203] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Thread Pooling denial of service
4503| [100202] Oracle MySQL Server up to 5.6.35/5.7.17 Pluggable Auth Integer denial of service
4504| [100201] Oracle MySQL Server up to 5.6.35/5.7.17 Memcached denial of service
4505| [100200] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
4506| [100199] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
4507| [100198] Oracle MySQL Workbench up to 6.3.7 OpenSSL memory corruption
4508| [100197] Oracle MySQL Enterprise Backup up to 3.12.2/4.0.1 ENTRBACK memory corruption
4509| [100196] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring: Server denial of service
4510| [100195] Oracle MySQL Workbench up to 6.3.8 OpenSSL denial of service
4511| [100194] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Struts 2 privilege escalation
4512| [99815] ATutor 2.2.1 mysql_connect.inc.php searchFriends sql injection
4513| [97041] MySQL DBD::mysql up to 4.38 denial of service
4514| [96814] MariaDB up to 5.5.54/10.0.29/10.1.21/10.2.3 libmysqlclient.so denial of service
4515| [96808] Oracle MySQL up to 5.6.21/5.7.4 libmysqlclient.so denial of service
4516| [95832] Zabbix up to 2.0.17/2.2.12/3.0.2 Configuration Script userparameter_mysql.conf) privilege escalation
4517| [95730] Oracle MySQL Server up to 5.7.16 Encryption weak encryption
4518| [95729] Oracle MySQL Server up to 5.7.16 X Plugin unknown vulnerability
4519| [95728] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 Cluster NDBAPI denial of service
4520| [95727] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 denial of service
4521| [95726] Oracle MySQL Cluster 7.2.19/7.3.8/7.4.5 denial of service
4522| [95723] Oracle MySQL Server 5.6.34/5.7.16 Replication denial of service
4523| [95722] Oracle MySQL Server up to 5.5.53 Charsets denial of service
4524| [95720] Oracle MySQL Cluster 7.2.26/7.3.14/7.4.12 NDBAPI denial of service
4525| [95719] Oracle MySQL Server up to 5.7.16 Optimizer denial of service
4526| [95716] Oracle MySQL Server up to 5.7.16 Replication denial of service
4527| [95715] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 Optimizer denial of service
4528| [95714] Oracle MySQL Server 5.6.34 5.7.16 InnoDB denial of service
4529| [95713] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DML denial of service
4530| [95712] Oracle MySQL Server 5.6.34/5.7.16 DDL denial of service
4531| [95711] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DDL denial of service
4532| [95709] Oracle MySQL Server 5.6.34/5.7.16 Encryption denial of service
4533| [95708] Oracle MySQL Enterprise Monitor 3.1.3.7856 Monitoring Agent memory corruption
4534| [95707] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.4.1102/3.3.0.1098 Monitoring denial of service
4535| [95706] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring memory corruption
4536| [95705] Oracle MySQL Enterprise Monitor 3.1.5.7958/3.2.1.1049, Monitoring privilege escalation
4537| [95704] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring unknown vulnerability
4538| [93866] DBD-mysql up to 3.x/4.040 on Perl Use-After-Free memory corruption
4539| [92923] Oracle MySQL Server up to 5.6.33/5.7.15 Encryption denial of service
4540| [92911] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL weak encryption
4541| [92900] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Optimizer denial of service
4542| [92899] Oracle MySQL Server up to 5.6.31/5.7.13 InnoDB denial of service
4543| [92898] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 GIS denial of service
4544| [92897] Oracle MySQL Server up to 5.5.51 DML denial of service
4545| [92896] Oracle MySQL Server up to 5.5.50/5.6.31/5.7.13 DML denial of service
4546| [92895] Oracle MySQL Server up to 5.6.31 5.7.13 DML denial of service
4547| [92874] Oracle MySQL Connector up to 2.1.3/2.0.4 Connector/Python unknown vulnerability
4548| [92850] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
4549| [92835] Oracle MySQL Server up to 5.7.13 Audit denial of service
4550| [92834] Oracle MySQL Server up to 5.7.13 RBR denial of service
4551| [92833] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
4552| [92832] Oracle MySQL Server up to 5.7.14 Optimizer denial of service
4553| [92831] Oracle MySQL Server up to 5.7.13 Memcached denial of service
4554| [92830] Oracle MySQL Server up to 5.6.32/5.7.14 InnoDB denial of service
4555| [92829] Oracle MySQL Server up to 5.6.31 5.7.13 InnoDB denial of service
4556| [92828] Oracle MySQL Server up to 5.7.13 InnoDB denial of service
4557| [92827] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Federated denial of service
4558| [92826] Oracle MySQL Server up to 5.7.13 DML denial of service
4559| [92821] Oracle MySQL Server up to 5.7.13 Replication denial of service
4560| [92820] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
4561| [92819] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
4562| [92818] Oracle MySQL Server up to 5.5.52/5.6.33/5.7.15 Encryption information disclosure
4563| [92817] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Types denial of service
4564| [92815] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
4565| [92814] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
4566| [92813] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
4567| [92798] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
4568| [92797] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
4569| [92790] Oracle MySQL Server up to 5.7.14 Privileges information disclosure
4570| [92789] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB Plugin unknown vulnerability
4571| [92292] libdbd-mysql-perl 4.028 Error Message denial of service
4572| [91920] Open Dental up to 16.1 MySQL Server Default Credentials weak authentication
4573| [91625] PHP up to 5.6.25/7.0.10 mysqlnd Heap-based memory corruption
4574| [91505] Oracle MySQL up to 5.5.52/5.6.33/5.7.15 Logging my.cnf privilege escalation
4575| [90877] DBD::mysql up to 4.033 my_login memory corruption
4576| [90876] DBD::mysql up to 4.028 Use-After-Free memory corruption
4577| [90137] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.10 Encryption information disclosure
4578| [90136] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection information disclosure
4579| [90134] Oracle MySQL Server up to 5.7.12 Encryption denial of service
4580| [90133] Oracle MySQL Server up to 5.7.12 Replication denial of service
4581| [90132] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 RBR denial of service
4582| [90131] Oracle MySQL Server up to 5.6.30/5.7.12 Privileges denial of service
4583| [90130] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
4584| [90129] Oracle MySQL Server up to 5.7.12 Log denial of service
4585| [90128] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB denial of service
4586| [90127] Oracle MySQL Server up to 5.7.12 InnoDB denial of service
4587| [90126] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
4588| [90125] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 DML denial of service
4589| [90124] Oracle MySQL Server up to 5.7.12 InnoDB memory corruption
4590| [90123] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 Types denial of service
4591| [90122] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
4592| [90121] Oracle MySQL Server up to 5.6.30/5.7.12 Optimizer denial of service
4593| [90120] Oracle MySQL Server up to 5.6.30/5.7.12 FTS denial of service
4594| [90118] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
4595| [90117] Oracle MySQL Server up to 5.7.11 Optimizer denial of service
4596| [87408] PHP up to 5.4.42/5.5.26/5.6.10 SSL ext/mysqlnd/mysqlnd.c weak encryption
4597| [82687] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection Handling spoofing
4598| [82685] Oracle MySQL Enterprise Monitor up to 3.0.25/3.1.2 Monitoring unknown vulnerability
4599| [82684] Oracle MySQL Server up to 5.6.28/5.7.10 Encryption denial of service
4600| [82683] Oracle MySQL Server up to 5.6.29/5.7.11 Pluggable Authentication unknown vulnerability
4601| [82682] Oracle MySQL Server up to 5.6.29/5.7.11 Packaging memory corruption
4602| [80605] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Privileges denial of service
4603| [80604] Oracle MySQL Server up to 5.6.26 denial of service
4604| [80603] Oracle MySQL Server up to 5.5.45/5.6.26 Encryption information disclosure
4605| [80602] Oracle MySQL Server up to 5.6.27/5.7.9 Replication denial of service
4606| [80601] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 UDF denial of service
4607| [80600] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Encryption weak encryption
4608| [80599] Oracle MySQL Server 5.7.9 Partition denial of service
4609| [80598] Oracle MySQL Server 5.7.9 Optimizer denial of service
4610| [80597] Oracle MySQL Server up to 5.6.27 InnoDB denial of service
4611| [80596] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 InnoDB denial of service
4612| [80595] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 DML denial of service
4613| [80594] Oracle MySQL Server up to 5.5.46 Optimizer denial of service
4614| [80593] Oracle MySQL Server up to 5.6.27/5.7.9 Optimizer denial of service
4615| [80592] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Optimizer denial of service
4616| [80591] Oracle MySQL Server up to 5.5.31/5.6.11 Optimizer denial of service
4617| [80590] Oracle MySQL Server up to 5.5.46/5.6.27 DML denial of service
4618| [80589] Oracle MySQL Server up to 5.6.27/5.7.9 DML denial of service
4619| [80588] Oracle MySQL Server up to 5.6.27 DML denial of service
4620| [80587] Oracle MySQL Server up to 5.6.21 DML denial of service
4621| [80586] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Options unknown vulnerability
4622| [80585] Oracle MySQL Server up to 5.6.27/5.7.9 DML memory corruption
4623| [80184] Rename Plugin 1.0 on WordPress mysqldump_download.php directory traversal
4624| [78705] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
4625| [78703] Oracle MySQL Server up to 5.6.26 Memcached denial of service
4626| [78702] Oracle MySQL Server up to 5.5.45/5.6.26 SP denial of service
4627| [78701] Oracle MySQL Server up to 5.5.43/5.6.24 Privileges information disclosure
4628| [78700] Oracle MySQL Server up to 5.6.26 Privileges denial of service
4629| [78699] Oracle MySQL Server up to 5.6.26 Replication denial of service
4630| [78698] Oracle MySQL Server up to 5.5.45/5.6.26 Query Cache denial of service
4631| [78697] Oracle MySQL Server up to 5.5.45/5.6.26 InnoDB denial of service
4632| [78696] Oracle MySQL Server up to 5.6.25 InnoDB denial of service
4633| [78695] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
4634| [78694] Oracle MySQL Server up to 5.6.25 libmysqld denial of service
4635| [78693] Oracle MySQL Server up to 5.5.45/5.6.26 Types unknown vulnerability
4636| [78692] Oracle MySQL Server up to 5.6.20 Types denial of service
4637| [78691] Oracle MySQL Server up to 5.5.45/5.6.26 Privileges unknown vulnerability
4638| [78690] Oracle MySQL Server up to 5.6.25 Partition denial of service
4639| [78689] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
4640| [78688] Oracle MySQL Server up to 5.5.45/5.6.26 Parser denial of service
4641| [78687] Oracle MySQL Server up to 5.6.26 Optimizer denial of service
4642| [78686] Oracle MySQL Server up to 5.5.44 InnoDB denial of service
4643| [78685] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
4644| [78684] Oracle MySQL Server up to 5.6.26 DML denial of service
4645| [78683] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
4646| [78682] Oracle MySQL Server up to 5.6.23 DML denial of service
4647| [78681] Oracle MySQL Server up to 5.5.45/5.6.26 DDL denial of service
4648| [78680] Oracle MySQL Server up to 5.5.44/5.6.25 DML unknown vulnerability
4649| [78679] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.20 C-Agent / Service Manager denial of service
4650| [78678] Oracle MySQL Server up to 5.6.25 Encryption spoofing
4651| [78676] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.22 C-Agent denial of service
4652| [77699] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site scripting
4653| [77698] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site request forgery
4654| [76704] Oracle MySQL Server up to 5.6.24 Partition denial of service
4655| [76703] Oracle MySQL Server up to 5.6.24 RBR denial of service
4656| [76701] Oracle MySQL Server up to 5.6.24 Firewall denial of service
4657| [76699] Oracle MySQL Server up to 5.6.24 Firewall denial of service
4658| [76695] Oracle MySQL Server up to 5.6.24 MemCached denial of service
4659| [76691] Oracle MySQL Server up to 5.5.42 Optimizer denial of service
4660| [76690] Oracle MySQL Server up to 5.6.22 InnoDB denial of service
4661| [76686] Oracle MySQL Server up to 5.5.43/5.6.24 denial of service
4662| [76671] Oracle MySQL Server up to 5.5.43/5.6.23 Pluggable Auth information disclosure
4663| [76634] Oracle MySQL Server up to 5.5.43/5.6.24 DML denial of service
4664| [76629] Oracle MySQL Server up to 5.5.43/5.6.24 Optimizer denial of service
4665| [76628] Oracle MySQL Server up to 5.6.24 denial of service
4666| [76626] Oracle MySQL Server up to 5.6.24 Firewall information disclosure
4667| [76608] Oracle MySQL Server up to 5.5.43/5.6.23 information disclosure
4668| [76605] Oracle MySQL Server up to 5.6.24 Partition information disclosure
4669| [76599] Oracle MySQL Server up to 5.6.24 DML information disclosure
4670| [76571] Oracle MySQL Server up to 5.5.43/5.6.24 GIS denial of service
4671| [76081] MySQL Lite Administrator Beta-1 tabella.php cross site scripting
4672| [75579] lighttpd 1.4.35 Log File mod_mysql_vhost.c privilege escalation
4673| [75159] Oracle MySQL up to 5.7.2 SSL Client weak encryption
4674| [74969] Oracle MySQL Server up to 5.6.23 Replication denial of service
4675| [74967] Oracle MySQL Server up to 5.6.23 SP denial of service
4676| [74966] Oracle MySQL Server up to 5.6.22 DML weak encryption
4677| [74965] Oracle MySQL Server up to 5.6.23 Privileges denial of service
4678| [74964] Oracle MySQL Server up to 5.6.23 Memcached denial of service
4679| [74963] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
4680| [74962] Oracle MySQL Server up to 5.5.42/5.6.23 Federated unknown vulnerability
4681| [74961] Oracle MySQL Server up to 5.5.42/5.6.23 DDL unknown vulnerability
4682| [74960] Oracle MySQL Server up to 5.6.22 XA weak encryption
4683| [74959] Oracle MySQL Server up to 5.5.41/5.6.22 Encryption weak encryption
4684| [74958] Oracle MySQL Server up to 5.6.23 Partition denial of service
4685| [74957] Oracle MySQL Server up to 5.6.22 Partition weak encryption
4686| [74956] Oracle MySQL Server up to 5.5.42/5.6.23 Optimizer unknown vulnerability
4687| [74955] Oracle MySQL Server up to 5.6.22 Optimizer weak encryption
4688| [74954] Oracle MySQL Server up to 5.5.41/5.6.22 DML unknown vulnerability
4689| [74953] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
4690| [74952] Oracle MySQL Server up to 5.6.22 InnoDB weak encryption
4691| [74951] Oracle MySQL Server up to 5.6.23 Information Schema denial of service
4692| [74950] Oracle MySQL Server up to 5.5.41/5.6.22 DDL unknown vulnerability
4693| [74949] Oracle MySQL Connectors up to 5.1.34 Connector/J unknown vulnerability
4694| [74948] Oracle MySQL Server up to 5.5.41/5.6.22 Privileges unknown vulnerability
4695| [74947] Oracle MySQL Server up to 5.6.22 Encryption s23_srvr.c ssl23_get_client_hello denial of service
4696| [74946] Oracle MySQL Server up to 5.5.42/5.6.23 Compiling unknown vulnerability
4697| [74945] Oracle MySQL Enterprise Monitor up to 2.3.19/3.0.18 Service Manager s:token/ cross site request forgery
4698| [74944] Oracle MySQL Enterprise Monitor up to 2.3.16/3.0.10 Service Manager memory corruption
4699| [68810] Oracle MySQL Server up to 5.5.40/5.6.21 Foreign Key information disclosure
4700| [68809] Oracle MySQL Server up to 5.6.21 Pluggable Auth denial of service
4701| [68808] Oracle MySQL Server up to 5.5.40/5.6.21 DML denial of service
4702| [68807] Oracle MySQL Server up to 5.6.21 Optimizer denial of service
4703| [68806] Oracle MySQL Server up to 5.5.40 Foreign Key denial of service
4704| [68805] Oracle MySQL Server up to 5.5.38/5.6.19 DDL denial of service
4705| [68804] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
4706| [68803] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
4707| [68802] Oracle MySQL Server up to 5.5.40/5.6.21 Encryption weak encryption
4708| [67988] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
4709| [67987] Oracle MySQL Server up to 5.6.19 denial of service
4710| [67986] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
4711| [67985] Oracle MySQL Server up to 5.6.19 denial of service
4712| [67984] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
4713| [67983] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
4714| [67982] Oracle MySQL Server up to 5.5.38 denial of service
4715| [67981] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
4716| [67979] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
4717| [67978] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
4718| [67977] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
4719| [67976] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
4720| [67975] Oracle MySQL Server up to 5.5.39/5.6.20 information disclosure
4721| [67974] Oracle MySQL Server up to 5.5.38/5.6.19 Messages Stack-Based sql injection
4722| [67973] Oracle MySQL Server up to 5.6.19 unknown vulnerability
4723| [67972] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
4724| [67971] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
4725| [67970] Oracle MySQL Server up to 5.6.19 Messages NULL Pointer Dereference denial of service
4726| [67969] Oracle MySQL Server up to 5.5.39/5.6.20 directory traversal
4727| [67968] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
4728| [67967] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
4729| [67966] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
4730| [68555] McAfee Network Data Loss Prevention 9.2.0 MySQL Database weak authentication
4731| [67245] phpMyAdmin up to 4.2.5 MySQL User List server_user_groups.php privilege escalation
4732| [67166] Oracle MySQL Server up to 5.5.35/5.6.15 denial of service
4733| [67165] Oracle MySQL Server up to 5.6.17 denial of service
4734| [67163] Oracle MySQL Server up to 5.6.17 denial of service
4735| [67162] Oracle MySQL Server up to 5.5.37 denial of service
4736| [67161] Oracle MySQL Server up to 5.6.17 denial of service
4737| [67160] Oracle MySQL Server up to 5.5.37 denial of service
4738| [67159] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
4739| [67158] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
4740| [67157] Oracle MySQL Server up to 5.6.17 unknown vulnerability
4741| [13065] Django up to 1.7 MySQL Typecast privilege escalation
4742| [12983] Oracle MySQL Server up to 5.5.36/5.6.16 Options denial of service
4743| [12982] Oracle MySQL Server up to 5.5.35/5.6.15 Federated denial of service
4744| [12981] Oracle MySQL Server up to 5.5.35/5.6.15 Replication denial of service
4745| [12980] Oracle MySQL Server up to 5.6.15 Privileges denial of service
4746| [12979] Oracle MySQL Server up to 5.5.36/5.6.16 Performance Schema denial of service
4747| [12978] Oracle MySQL Server up to 5.5.35/5.6.15 XML denial of service
4748| [12977] Oracle MySQL Server up to 5.5.35/5.6.15 Partition denial of service
4749| [12976] Oracle MySQL Server up to 5.6.15 Optimizer denial of service
4750| [12975] Oracle MySQL Server up to 5.6.15 MyISAM denial of service
4751| [12974] Oracle MySQL Server up to 5.6.16 InnoDB denial of service
4752| [12973] Oracle MySQL Server up to 5.6.15 DML denial of service
4753| [12972] Oracle MySQL Client up to 5.5.36/5.6.16 unknown vulnerability
4754| [12971] Oracle MySQL Server up to 5.5.36/5.6.16 RBR unknown vulnerability
4755| [12970] Oracle MySQL Server up to 5.6.15 InnoDB unknown vulnerability
4756| [12613] lighttpd up to 1.4.34 MySQL Virtual Hosting Module mod_mysql_vhost.c sql injection
4757| [12135] Oracle MySQL client/mysql.cc Server Version memory corruption
4758| [66191] Cisco Video Surveillance Operations Manager MySQL Database denial of service
4759| [66079] CSP MySQL User Manager 2.3 Login Page sql injection
4760| [11948] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Error Handling Crash denial of service
4761| [11947] Oracle MySQL Server up to 5.5.34/5.6.14 Replication denial of service
4762| [11946] Oracle MySQL Server up to 5.6.13 Performance Schema Stored denial of service
4763| [11945] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 InnoDB memory corruption
4764| [11944] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Optimizer Crash denial of service
4765| [11943] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
4766| [11942] Oracle MySQL Server up to 5.6.13 FTS Stored denial of service
4767| [11941] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Privileges Crash denial of service
4768| [11940] Oracle MySQL Server up to 5.5.33/5.6.13 Partition denial of service
4769| [11939] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Optimizer Crash denial of service
4770| [11938] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Locking Crash denial of service
4771| [11937] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 InnoDB Crash denial of service
4772| [11936] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
4773| [11935] Oracle MySQL Server up to 5.6.13 InnoDB Stored denial of service
4774| [11934] Oracle MySQL Server up to 5.6.13 Thread Pooling Stored denial of service
4775| [11933] Oracle MySQL Server up to 5.6.13 Stored Procedure denial of service
4776| [11932] Oracle MySQL Server up to 5.6.14 GIS Stored denial of service
4777| [11931] Oracle MySQL Enterprise Monitor up to 2.3.14/3.0.4 Service Manager unknown vulnerability
4778| [10822] Oracle MySQL Server up to 5.6.12 Locking unknown vulnerability
4779| [10821] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
4780| [10820] Oracle MySQL Server up to 5.6.12 Optimizer unknown vulnerability
4781| [10819] Oracle MySQL Server up to 5.1.70/5.5.32/5.6.12 Optimizer memory corruption
4782| [10818] Oracle MySQL Server up to 5.1/5.5.22 Optimizer denial of service
4783| [10817] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
4784| [10816] Oracle MySQL Server up to 5.5.32/5.6.12 Replication unknown vulnerability
4785| [10815] Oracle MySQL Enterprise Monitor up to 2.3.13 Service Manager privilege escalation
4786| [65143] MariaDB up to 5.5.28 MySQL privilege escalation
4787| [9672] Oracle MySQL Server up to 5.6.11 XA Transactions denial of service
4788| [9671] Oracle MySQL Server up to 5.5.31/5.6.11 Server Replication denial of service
4789| [9670] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
4790| [9669] Oracle MySQL Server up to 5.6.11 Server Privileges unknown vulnerability
4791| [9668] Oracle MySQL Server up to 5.5.30/5.6.10 Server Partition Stored unknown vulnerability
4792| [9667] Oracle MySQL Server up to 5.5.31 Server Parser denial of service
4793| [9666] Oracle MySQL Server up to 5.5.30/5.6.10 Server Options Stored unknown vulnerability
4794| [9665] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Options denial of service
4795| [9664] Oracle MySQL Server up to 5.6.11 Server Optimizer unknown vulnerability
4796| [9663] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Server Optimizer denial of service
4797| [9662] Oracle MySQL Server up to 5.5.30/5.6.10 Prepared Statement Stored unknown vulnerability
4798| [9661] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
4799| [9660] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Full Text Search denial of service
4800| [9659] Oracle MySQL Server up to 5.6.11 Data Manipulation Language unknown vulnerability
4801| [9658] Oracle MySQL Server up to 5.5.31/5.6.11 Data Manipulation Language denial of service
4802| [9657] Oracle MySQL Server up to 5.5.31/5.6.11 Audit Log information disclosure
4803| [9656] Oracle MySQL Server up to 5.6.11 MemCached unknown vulnerability
4804| [9655] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 GIS Crash denial of service
4805| [64198] Wireshark up to 1.8.6 MySQL Dissector Integer denial of service
4806| [64010] Ruby on Rails 3.1.0 MySQL Database Stored unknown vulnerability
4807| [8418] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Server Locking unknown vulnerability
4808| [8416] Oracle MySQL Server up to 5.1.63 Server Types unknown vulnerability
4809| [8415] Oracle MySQL Server up to 5.6.10 Server Privileges denial of service
4810| [8414] Oracle MySQL Server up to 5.6.10 InnoDB denial of service
4811| [8413] Oracle MySQL Server up to 5.5.30/5.6.10 InnoDB unknown vulnerability
4812| [8412] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
4813| [8411] Oracle MySQL Server up to 5.5.30/5.6.10 Stored Procedure unknown vulnerability
4814| [8410] Oracle MySQL Server up to 5.1.67/5.5.29 Server XML denial of service
4815| [8409] Oracle MySQL Server up to 5.5.29 Server Replication denial of service
4816| [8408] Oracle MySQL Server up to 5.1.67/5.5.29 Server Partition unknown vulnerability
4817| [8407] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Optimizer unknown vulnerability
4818| [8406] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 InnoDB unknown vulnerability
4819| [8405] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Information Schema unknown vulnerability
4820| [8404] Oracle MySQL Server up to 5.5.29 Data Manipulation Language denial of service
4821| [8403] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Data Manipulation Language unknown vulnerability
4822| [8402] Oracle MySQL Server up to 5.5.29/5.6.10 Server Optimizer denial of service
4823| [8401] Oracle MySQL Server up to 5.6.10 MemCached denial of service
4824| [8400] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Privileges unknown vulnerability
4825| [8399] Oracle MySQL Server up to 5.1.66/5.5.28 Server Privileges unknown vulnerability
4826| [8398] Oracle MySQL Server up to 5.1.67/5.5.29 unknown vulnerability
4827| [8397] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Information Schema unknown vulnerability
4828| [8396] Oracle MySQL Server up to 5.1.67/5.5.29 Server Locking unknown vulnerability
4829| [8395] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
4830| [10871] Oracle MySQL 5.3.12/5.5.30/10.0.1 MyISAM Engine init_search SELECT Statement denial of service
4831| [8065] Oracle MySQL up to 5.5.27 yaSSL memory corruption
4832| [8064] Oracle MySQL up to 5.5.29 yaSSL memory corruption
4833| [8816] Wireshark up to 1.8.5 MySQL Dissector packet-mysql.c Packet denial of service
4834| [8019] Oracle MySQL 5.2.11 Representation Converter Eingabe Crash denial of service
4835| [7431] Oracle MySQL Server up to 5.5.28 Privileges denial of service
4836| [7430] Oracle MySQL Server up to 5.5.28 Partition denial of service
4837| [7429] Oracle MySQL Server up to 5.5.28 Optimizer denial of service
4838| [7428] Oracle MySQL Server up to 5.1.66/5.5.28 Optimizer unknown vulnerability
4839| [7427] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
4840| [7426] Oracle MySQL Server up to 5.5.28 MyISAM denial of service
4841| [7425] Oracle MySQL Server up to 5.1.66/5.5.28 InnoDB unknown vulnerability
4842| [7424] Oracle MySQL Server up to 5.5.28 InnoDB denial of service
4843| [7423] Oracle MySQL Server up to 5.1.66/5.5.28 Locking unknown vulnerability
4844| [7422] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
4845| [7421] Oracle MySQL Server up to 5.1.66/5.1.28 Replication unknown vulnerability
4846| [7419] Oracle MySQL Server up to 5.5.28 Stored Procedure denial of service
4847| [7418] Oracle MySQL Server up to 5.1.66/5.5.28 Server Optimizer unknown vulnerability
4848| [7417] Oracle MySQL Server up to 5.1.66/5.5.28 Information Schema unknown vulnerability
4849| [7416] Oracle MySQL Server up to 5.1.65/5.5.27 GIS Extension denial of service
4850| [7415] Oracle MySQL Server up to 5.1.66/5.5.28 Privileges Stack-based memory corruption
4851| [7414] Oracle MySQL Server up to 5.5.28 Parser Heap-based memory corruption
4852| [63111] Oracle MySQL 5.5.19 Installation denial of service
4853| [7068] Oracle MySQL Server up to 5.5.19 Authentication information disclosure
4854| [7067] Oracle MySQL Server up to 5.5.19 sql/sql_acl.cc acl_get memory corruption
4855| [7066] Oracle MySQL Server up to 5.5.19 SELECT Command Crash denial of service
4856| [7065] Oracle MySQL Server up to 5.5.19 Create Table MDL_key::mdl_key_init memory corruption
4857| [6795] Oracle MySQL Server up to 5.1.64/5.5.26 Server Replication denial of service
4858| [6794] Oracle MySQL Server up to 5.1.63/5.5.25 Server Full Text Search denial of service
4859| [6793] Oracle MySQL Server up to 5.5.25 unknown vulnerability
4860| [6792] Oracle MySQL Server up to 5.5.26 MySQL Client information disclosure
4861| [6791] Oracle MySQL Server up to 5.1.65/5.5.27 Server Optimizer denial of service
4862| [6790] Oracle MySQL Server up to 5.1.64/5.5.26 Server Optimizer denial of service
4863| [6789] Oracle MySQL Server up to 5.5.26 unknown vulnerability
4864| [6788] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB Plugin denial of service
4865| [6787] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB unknown vulnerability
4866| [6786] Oracle MySQL Server up to 5.5.26 MySQL Client sql injection
4867| [6785] Oracle MySQL Server up to 5.1.65/5.5.27 denial of service
4868| [6784] Oracle MySQL Server up to 5.1.64/5.5.26 Protocol unknown vulnerability
4869| [6783] Oracle MySQL Server up to 5.1.64/5.5.26 Information Schema memory corruption
4870| [62299] SilverStripe up to 2.4.5 MySQL Database sql injection
4871| [61672] MySQL unknown vulnerability
4872| [61567] MySQLDumper 1.24.4 Error Message information disclosure
4873| [61566] MySQLDumper 1.24.4 Restore information disclosure
4874| [61565] MySQLDumper 1.24.4 directory traversal
4875| [61564] MySQLDumper 1.24.4 deletehtaccess cross site request forgery
4876| [61563] MySQLDumper 1.24.4 index.php cross site scripting
4877| [5783] Oracle MySQL Server up to 5.1.62/5.5.22 Server Optimizer denial of service
4878| [5782] Oracle MySQL Server up to 5.1.62/5.5.23 Server Optimizer denial of service
4879| [5781] Oracle MySQL Server up to 5.5.23 denial of service
4880| [5780] Oracle MySQL Server up to 5.5.23 InnoDB denial of service
4881| [5779] Oracle MySQL Server up to 5.1.62/5.5.23 GIS Extension unknown vulnerability
4882| [5778] Oracle MySQL Server up to 5.5.23 Server Optimizer denial of service
4883| [5635] Oracle MySQL Server up to 5.5.25 on Linux InnoDB UPDATE denial of service
4884| [5503] Oracle MySQL up to 5.6.5 Password Authentication sql/password.c memcmp weak authentication
4885| [5168] Oracle MySQL Server Optimizer denial of service
4886| [5166] Oracle MySQL Server up to 5.5.21 Partition denial of service
4887| [5165] Oracle MySQL Server up to 5.5.19 Optimizer denial of service
4888| [5159] Oracle MySQL Server up to 5.1.61/5.5.21 Optimizer denial of service
4889| [5158] Oracle MySQL Server up to 5.1.61/5.5.21 DML denial of service
4890| [5151] Oracle MySQL Server up to 5.1.60/5.5.19 MyISAM denial of service
4891| [5981] Oracle MySQL Server 5.1.62/5.5.23 Sort Order Index Calculation denial of service
4892| [5072] Oracle MySQL Server up to 5.5.21 denial of service
4893| [4627] Oracle MySQL up to 5.5.20 memory corruption
4894| [60055] WordPress up to 1.2 MySQL Database denial of service
4895| [5236] Oracle MySQL Server 5.5.x unknown vulnerability
4896| [5235] Oracle MySQL Server 5.5.x denial of service
4897| [5233] Oracle MySQL Server 5.5.x denial of service
4898| [5232] Oracle MySQL Server 5.5.x denial of service
4899| [5231] Oracle MySQL Server 5.5.x denial of service
4900| [5230] Oracle MySQL Server 5.5.x denial of service
4901| [5229] Oracle MySQL Server 5.5.x denial of service
4902| [5228] Oracle MySQL Server 5.5.x denial of service
4903| [5227] Oracle MySQL Server 5.5.x unknown vulnerability
4904| [5226] Oracle MySQL Server 5.1.x/5.5.x denial of service
4905| [5225] Oracle MySQL Server 5.1.x/5.5.x denial of service
4906| [5224] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
4907| [5223] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
4908| [5222] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
4909| [5221] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
4910| [5220] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
4911| [5219] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
4912| [5218] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
4913| [5217] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
4914| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
4915| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
4916| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
4917| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
4918| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
4919| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
4920| [59882] MySQL 5.5.8 NULL Pointer Dereference denial of service
4921| [59384] Hiroyuki Oyama DBD::mysqlPP up to 0.04 MySQL sql injection
4922| [58706] Taskfreak! Multi-mysql 0.6 Error Message information disclosure
4923| [57356] Trustwave WebDefend 2.0/3.0/5.0 MySQL Database unknown vulnerability
4924| [56109] PHP 5.3.2/5.3.3 mysqli mysqli_fetch_assoc sql injection
4925| [56085] MySQL up to 5.1.25 init_from_wkb denial of service
4926| [56084] MySQL up to 5.1.25 Stored Procedure denial of service
4927| [56083] MySQL Crash denial of service
4928| [56082] MySQL Use-After-Free denial of service
4929| [56081] MySQL Optimizer Crash denial of service
4930| [56080] MySQL up to 5.1.25 Stored denial of service
4931| [56079] MySQL Crash denial of service
4932| [56078] MySQL Create Table Crash denial of service
4933| [56025] MySQL up to 5.1.25 Crash denial of service
4934| [56024] MySQL up to 5.1.25 store denial of service
4935| [56023] MySQL up to 5.1.25 Crash denial of service
4936| [56022] MySQL up to 5.1.25 Crash denial of service
4937| [56021] MySQL up to 5.1.25 Uninitialized Memory denial of service
4938| [56020] MySQL up to 5.1.25 Crash denial of service
4939| [56019] MySQL up to 5.1.25 Crash denial of service
4940| [56018] mysql up to 5.1.25 Configuration Parameter denial of service
4941| [60789] TYPO3 up to 4.4.4 MySQL Database escapeStrForLike information disclosure
4942| [62294] SilverStripe 2.4.0/2.4.1/2.4.2/2.4.3 MySQLDatabase.php unknown vulnerability
4943| [54434] PHP 5.3.0/5.3.1/5.3.2 php_mysqlnd_auth_write sql injection
4944| [54433] PHP 5.3.0/5.3.1/5.3.2 MySQL php_mysqlnd_read_error_from_line memory corruption
4945| [54432] PHP 5.3.0/5.3.1/5.3.2 mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read memory corruption
4946| [54026] MySQL up to 5.1.25 Crash denial of service
4947| [53483] MySQL up to 5.0.0.0 memory corruption
4948| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
4949| [53481] MySQL up to 5.0.0.0 directory traversal
4950| [53212] mysql 5.1.45 mysql_uninstall_plugin unknown vulnerability
4951| [53118] Csphere ClanSphere up to 2009.0.3 MySQL Database generate.php cs_sql_select sql injection
4952| [53053] TaskFreak TaskFreak! up to 0.1.3 tzn_mysql.php loadByKey sql injection
4953| [52985] Oracle MySQLConnector NET up to 6.0.2 SSL Certificate spoofing
4954| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
4955| [51581] TYPO3 Kiddog Mysqldumper up to 0.0.3 information disclosure
4956| [50962] MySQL Certificates viosslfactories.c vio_verify_callback spoofing
4957| [50961] mysql GeomFromWKB denial of service
4958| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
4959| [50531] mysql-ocaml 1.0.4 MySQL mysql_real_escape_string unknown vulnerability
4960| [48981] MySQL up to 4.0.23 sql_parse.cc dispatch_command denial of service
4961| [48263] Surat Kabar phpWebNews 0.2 MySQL index.php sql injection
4962| [48262] Surat Kabar phpWebNews 0.1/0.2 MySQL bukutamu.php sql injection
4963| [47455] auth2db up to 0.2.6 MySQL mysql_real_escape_string sql injection
4964| [46983] MySQL up to 6.0.10-bzr ExtractValue denial of service
4965| [46798] Getmiro Broadcast Machine 0.1 MySQLController.php privilege escalation
4966| [46636] MyBlog MySQL Database Cleartext information disclosure
4967| [46500] ProFTPD 1.3.1 mod_sql_mysql sql injection
4968| [46028] Joey Schulze Mod Auth Mysql 2.x mod_auth_mysql.c sql injection
4969| [45774] Constructr CMS up to 3.02.5 MySQL Database Cleartext information disclosure
4970| [45668] Nodstrum MySQL Calendar 1.1 index.php sql injection
4971| [45669] Nodstrum MySQL Calendar 1.1 unknown vulnerability
4972| [45016] Deeserver Panuwat PromoteWeb MySQL go.php sql injection
4973| [44358] MySQL up to 5.0.67 cross site scripting
4974| [44357] MySQL Quick Admin up to 1.5.5 index.php directory traversal
4975| [44356] MySQL Quick Admin 1.5.5 actions.php directory traversal
4976| [44131] NooMS 1.1 MySQL db.php information disclosure
4977| [44076] MySQL Create Table Symlink privilege escalation
4978| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
4979| [43987] MySQL Crash denial of service
4980| [43825] Aquagardensoft mysql-lists 1.2 cross site scripting
4981| [43819] Craftysyntax Crafty Syntax Live Help up to 1.7 MySQL Database Cleartext information disclosure
4982| [43625] Keld PHP-MySQL News Script 0.7.1 login.php sql injection
4983| [43123] BlognPlus 2.5.5 MySQL index.php sql injection
4984| [42939] Relative Real Estate Systems up to 3.0 MySQL Database Cleartext information disclosure
4985| [42912] AlstraSoft AskMe 2.1 MySQL Database Cleartext information disclosure
4986| [42868] BlognPlus 2.5.4 MySQL sql injection
4987| [42205] miniBB 2.2 MySQL setup_mysql.php sql injection
4988| [41891] Terong Advanced Web Photo Gallery 1.0 MySQL Database Cleartext information disclosure
4989| [40486] MySQL up to 1.7.5 handshake.cpp processoldclienthello memory corruption
4990| [40219] PHP MySQL Banner Exchange 2.2.1 inc/lib.inc unknown vulnerability
4991| [39993] MySQL denial of service
4992| [3499] Sun MySQL up to 6.0.3 System Table Information privilege escalation
4993| [40030] aurora framework 20071208 MySQL db_mysql.lib pack_var sql injection
4994| [3469] Sun MySQL 5.1.23 Bk InnoDB denial of service
4995| [39991] MySQL up to 6.0.4 denial of service
4996| [39292] Asterisk-Addons 1.2.7/1.4.3 MySQL sql injection
4997| [41090] MySQL Mysql Community Server up to 5.1.4 unknown vulnerability
4998| [38781] PHP 5.2.4 MySQL memory corruption
4999| [38618] PHP 4.4.7/5.2.3 mysqli sql injection
5000| [85747] InterWorx SiteWorx mysql.php cross site scripting
5001| [85735] InterWorx NodeWorx mysql.php cross site scripting
5002| [37818] MySQL Community Server up to 5.0.40 denial of service
5003| [39994] MySQL Federated Crash denial of service
5004| [37641] MySQLDumper htaccess privilege escalation
5005| [86077] NetClassifieds Mysql_db.php information disclosure
5006| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
5007| [36814] MySQL up to 5.1.17 information disclosure
5008| [36669] MySQL 4.0.1 unknown vulnerability
5009| [36813] mysql up to 5.1.17 thd::db_access denial of service
5010| [36812] MySQL up to 5.1.17 unknown vulnerability
5011| [36502] Burnstone burnCMS 0.2 mysql.class.php privilege escalation
5012| [36364] GPL PHP Board unstable-2001.11.14-1 mysqli db.mysql.inc.php privilege escalation
5013| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
5014| [35917] Advanced Website Creator MySQL sql injection
5015| [35916] Eve-Nuke Forum 0.1 MySQL db/mysql.php privilege escalation
5016| [35605] bitesser MySQL Commander up to 2.7 ressourcen/dbopen.php privilege escalation
5017| [85480] Fantastico includes/mysqlconfig.php directory traversal
5018| [85141] ActiveCalendar data/mysqlevents.php cross site scripting
5019| [85212] WGS-PPC config/mysql_config.php privilege escalation
5020| [34894] MySQLNewsEngine MySQL affichearticles.php3 privilege escalation
5021| [34576] MyODBC MySQL Database denial of service
5022| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
5023| [34117] The Address Book 1.04e MySQL Database export.php information disclosure
5024| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
5025| [33690] Widcomm BTSaveMySql 1.2 MySQL information disclosure
5026| [33257] iWonder Designs Storystream 0.4.0.0 mysql.php sql injection
5027| [33092] Pentaho Business Intelligence Suite up to 1.1 MySQL sql injection
5028| [32736] MysqlDumper 1.21 B6 sql.php cross site scripting
5029|
5030| MITRE CVE - https://cve.mitre.org:
5031| [CVE-2013-3812] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
5032| [CVE-2013-3811] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.
5033| [CVE-2013-3810] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
5034| [CVE-2013-3809] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
5035| [CVE-2013-3808] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
5036| [CVE-2013-3807] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
5037| [CVE-2013-3806] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
5038| [CVE-2013-3805] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
5039| [CVE-2013-3804] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5040| [CVE-2013-3802] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
5041| [CVE-2013-3801] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
5042| [CVE-2013-3798] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
5043| [CVE-2013-3796] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5044| [CVE-2013-3795] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
5045| [CVE-2013-3794] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
5046| [CVE-2013-3793] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
5047| [CVE-2013-3783] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
5048| [CVE-2013-3561] Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
5049| [CVE-2013-3221] The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database.
5050| [CVE-2013-2395] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.
5051| [CVE-2013-2392] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5052| [CVE-2013-2391] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
5053| [CVE-2013-2389] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
5054| [CVE-2013-2381] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
5055| [CVE-2013-2378] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
5056| [CVE-2013-2376] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
5057| [CVE-2013-2375] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
5058| [CVE-2013-1861] MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
5059| [CVE-2013-1570] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.
5060| [CVE-2013-1567] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.
5061| [CVE-2013-1566] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
5062| [CVE-2013-1555] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
5063| [CVE-2013-1552] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
5064| [CVE-2013-1548] Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
5065| [CVE-2013-1544] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
5066| [CVE-2013-1532] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
5067| [CVE-2013-1531] Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
5068| [CVE-2013-1526] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
5069| [CVE-2013-1523] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.
5070| [CVE-2013-1521] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
5071| [CVE-2013-1512] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
5072| [CVE-2013-1511] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
5073| [CVE-2013-1506] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
5074| [CVE-2013-1502] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
5075| [CVE-2013-1492] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
5076| [CVE-2013-0389] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5077| [CVE-2013-0386] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
5078| [CVE-2013-0385] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
5079| [CVE-2013-0384] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
5080| [CVE-2013-0383] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
5081| [CVE-2013-0375] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
5082| [CVE-2013-0371] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
5083| [CVE-2013-0368] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
5084| [CVE-2013-0367] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
5085| [CVE-2012-5615] MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
5086| [CVE-2012-5614] Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
5087| [CVE-2012-5613] ** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
5088| [CVE-2012-5612] Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
5089| [CVE-2012-5611] Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
5090| [CVE-2012-5383] ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation.
5091| [CVE-2012-5096] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.
5092| [CVE-2012-5060] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
5093| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
5094| [CVE-2012-4414] Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
5095| [CVE-2012-4255] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
5096| [CVE-2012-4254] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information (Notices) via a direct request to (1) learn/cubemail/restore.php or (2) learn/cubemail/dump.php.
5097| [CVE-2012-4253] Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php.
5098| [CVE-2012-4252] Multiple cross-site request forgery (CSRF) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to hijack the authentication of administrators for requests that (1) remove file access restriction via a deletehtaccess action, (2) drop a database via a kill value in a db action, (3) uninstall the application via a 101 value in the phase parameter to learn/cubemail/install.php, (4) delete config.php via a 2 value in the phase parameter to learn/cubemail/install.php, (5) change a password via a schutz action, or (6) execute arbitrary SQL commands via the sql_statement parameter to learn/cubemail/sql.php.
5099| [CVE-2012-4251] Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php, (2) phase parameter to install.php, (3) tablename or (4) dbid parameter to sql.php, or (5) filename parameter to restore.php in learn/cubemail/.
5100| [CVE-2012-3951] The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
5101| [CVE-2012-3441] The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
5102| [CVE-2012-3197] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
5103| [CVE-2012-3180] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5104| [CVE-2012-3177] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
5105| [CVE-2012-3173] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
5106| [CVE-2012-3167] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
5107| [CVE-2012-3166] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
5108| [CVE-2012-3163] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
5109| [CVE-2012-3160] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
5110| [CVE-2012-3158] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
5111| [CVE-2012-3156] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
5112| [CVE-2012-3150] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5113| [CVE-2012-3149] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.
5114| [CVE-2012-3147] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.
5115| [CVE-2012-3144] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
5116| [CVE-2012-2750] Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
5117| [CVE-2012-2749] MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
5118| [CVE-2012-2122] sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
5119| [CVE-2012-2102] MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
5120| [CVE-2012-1757] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
5121| [CVE-2012-1756] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
5122| [CVE-2012-1735] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5123| [CVE-2012-1734] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5124| [CVE-2012-1705] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5125| [CVE-2012-1703] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5126| [CVE-2012-1702] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
5127| [CVE-2012-1697] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
5128| [CVE-2012-1696] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5129| [CVE-2012-1690] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5130| [CVE-2012-1689] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5131| [CVE-2012-1688] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
5132| [CVE-2012-0937] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time.
5133| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
5134| [CVE-2012-0583] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
5135| [CVE-2012-0578] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
5136| [CVE-2012-0574] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
5137| [CVE-2012-0572] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
5138| [CVE-2012-0553] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
5139| [CVE-2012-0540] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
5140| [CVE-2012-0496] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
5141| [CVE-2012-0495] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493.
5142| [CVE-2012-0494] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
5143| [CVE-2012-0493] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.
5144| [CVE-2012-0492] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
5145| [CVE-2012-0491] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495.
5146| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
5147| [CVE-2012-0489] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
5148| [CVE-2012-0488] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
5149| [CVE-2012-0487] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
5150| [CVE-2012-0486] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
5151| [CVE-2012-0485] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
5152| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
5153| [CVE-2012-0120] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
5154| [CVE-2012-0119] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
5155| [CVE-2012-0118] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
5156| [CVE-2012-0117] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
5157| [CVE-2012-0116] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
5158| [CVE-2012-0115] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
5159| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
5160| [CVE-2012-0113] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
5161| [CVE-2012-0112] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
5162| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
5163| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
5164| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
5165| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
5166| [CVE-2011-5049] MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
5167| [CVE-2011-4959] SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
5168| [CVE-2011-4899] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue
5169| [CVE-2011-4898] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue
5170| [CVE-2011-3989] SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
5171| [CVE-2011-3805] TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain other files.
5172| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
5173| [CVE-2011-2531] Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation) by sending a large amount of data.
5174| [CVE-2011-2262] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
5175| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
5176| [CVE-2011-1513] Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
5177| [CVE-2011-0432] Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.
5178| [CVE-2010-5104] The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly escape input when the MySQL database is set to sql_mode NO_BACKSLASH_ESCAPES, which allows remote attackers to obtain sensitive information via wildcard characters in a LIKE query.
5179| [CVE-2010-4822] core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.
5180| [CVE-2010-4700] The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
5181| [CVE-2010-3840] The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
5182| [CVE-2010-3839] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
5183| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
5184| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
5185| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
5186| [CVE-2010-3835] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
5187| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
5188| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
5189| [CVE-2010-3683] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
5190| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
5191| [CVE-2010-3681] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
5192| [CVE-2010-3680] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
5193| [CVE-2010-3679] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
5194| [CVE-2010-3678] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
5195| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
5196| [CVE-2010-3676] storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
5197| [CVE-2010-3064] Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function.
5198| [CVE-2010-3063] The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
5199| [CVE-2010-3062] mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function
5200| [CVE-2010-3056] Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.
5201| [CVE-2010-2008] MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
5202| [CVE-2010-2003] Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
5203| [CVE-2010-1865] Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php).
5204| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
5205| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
5206| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
5207| [CVE-2010-1626] MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
5208| [CVE-2010-1621] The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
5209| [CVE-2010-1583] SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
5210| [CVE-2010-0336] Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
5211| [CVE-2010-0124] Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
5212| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
5213| [CVE-2009-4833] MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate.
5214| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
5215| [CVE-2009-4030] MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
5216| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
5217| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
5218| [CVE-2009-3696] Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
5219| [CVE-2009-3102] The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
5220| [CVE-2009-2942] The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
5221| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
5222| [CVE-2009-1246] Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php
5223| [CVE-2009-1208] SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
5224| [CVE-2009-0919] XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
5225| [CVE-2009-0819] sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
5226| [CVE-2009-0617] Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.
5227| [CVE-2009-0543] ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
5228| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
5229| [CVE-2008-6992] GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
5230| [CVE-2008-6813] SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
5231| [CVE-2008-6812] SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
5232| [CVE-2008-6655] Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php
5233| [CVE-2008-6287] Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.
5234| [CVE-2008-6193] Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
5235| [CVE-2008-5847] Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
5236| [CVE-2008-5738] Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
5237| [CVE-2008-5737] SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
5238| [CVE-2008-5069] SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
5239| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
5240| [CVE-2008-4455] Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the language cookie.
5241| [CVE-2008-4454] Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php. NOTE: the provenance of this information is unknown
5242| [CVE-2008-4180] Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
5243| [CVE-2008-4106] WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability." NOTE: the attacker can discover the random password by also exploiting CVE-2008-4107.
5244| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
5245| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
5246| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
5247| [CVE-2008-3846] Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
5248| [CVE-2008-3840] Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
5249| [CVE-2008-3820] Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
5250| [CVE-2008-3582] SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
5251| [CVE-2008-3090] Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
5252| [CVE-2008-2881] Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
5253| [CVE-2008-2857] AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
5254| [CVE-2008-2819] SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
5255| [CVE-2008-2667] SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
5256| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
5257| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
5258| [CVE-2008-2029] Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
5259| [CVE-2008-1711] Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
5260| [CVE-2008-1567] phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
5261| [CVE-2008-1486] SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
5262| [CVE-2008-0249] PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
5263| [CVE-2008-0227] yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.
5264| [CVE-2008-0226] Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
5265| [CVE-2007-6512] PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.
5266| [CVE-2007-6418] The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.
5267| [CVE-2007-6345] SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information.
5268| [CVE-2007-6313] MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
5269| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
5270| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
5271| [CVE-2007-6081] AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs.
5272| [CVE-2007-5970] MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
5273| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
5274| [CVE-2007-5925] The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
5275| [CVE-2007-5646] SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php.
5276| [CVE-2007-5626] make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.
5277| [CVE-2007-5488] Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.
5278| [CVE-2007-4889] The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
5279| [CVE-2007-3997] The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
5280| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
5281| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
5282| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
5283| [CVE-2007-3567] MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in the .htaccess authentication mechanism, which allows remote attackers to bypass authentication requirements via HTTP POST requests.
5284| [CVE-2007-2857] PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.
5285| [CVE-2007-2766] lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
5286| [CVE-2007-2693] MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
5287| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
5288| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
5289| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
5290| [CVE-2007-2554] Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank password for the MySQL root account, which allows remote attackers to insert or modify news articles via shows.tblscript.
5291| [CVE-2007-2429] ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown
5292| [CVE-2007-2364] Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/
5293| [CVE-2007-2204] Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.
5294| [CVE-2007-2016] Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.
5295| [CVE-2007-1779] Multiple SQL injection vulnerabilities in the MySQL back-end in Advanced Website Creator (AWC) before 1.9.0 might allow remote attackers to execute arbitrary SQL commands via unspecified parameters, related to use of mysql_escape_string instead of mysql_real_escape_string.
5296| [CVE-2007-1778] PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
5297| [CVE-2007-1548] SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.
5298| [CVE-2007-1455] Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
5299| [CVE-2007-1439] PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the home parameter.
5300| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
5301| [CVE-2007-1167] inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter.
5302| [CVE-2007-1111] Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.
5303| [CVE-2007-0926] The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.
5304| [CVE-2007-0890] Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
5305| [CVE-2007-0828] PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter.
5306| [CVE-2007-0167] Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/
5307| [CVE-2007-0124] Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.
5308| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
5309| [CVE-2006-7194] PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter.
5310| [CVE-2006-6948] MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL database.
5311| [CVE-2006-6457] tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
5312| [CVE-2006-6378] BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.
5313| [CVE-2006-6254] administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
5314| [CVE-2006-5893] Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
5315| [CVE-2006-5702] Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, and (21) tiki-webmail_contacts.php, which reveal the information in certain database error messages.
5316| [CVE-2006-5675] Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts.
5317| [CVE-2006-5381] Contenido CMS stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain database credentials and other information via a direct request to (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysqli.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, (7) db_pgsql.inc, or (8) db_sybase.inc in the conlib/ directory.
5318| [CVE-2006-5264] Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper 1.21 b6 allows remote attackers to inject arbitrary web script or HTML via the db parameter.
5319| [CVE-2006-5127] Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
5320| [CVE-2006-5079] PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
5321| [CVE-2006-5065] PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter.
5322| [CVE-2006-5029] SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.
5323| [CVE-2006-5027] Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysql.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, and (7) db_pgsql.inc
5324| [CVE-2006-5014] Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
5325| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
5326| [CVE-2006-4835] Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.
5327| [CVE-2006-4578] export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.
5328| [CVE-2006-4380] MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.
5329| [CVE-2006-4277] Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown
5330| [CVE-2006-4276] PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php.
5331| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
5332| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
5333| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
5334| [CVE-2006-3965] Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords.
5335| [CVE-2006-3964] PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter.
5336| [CVE-2006-3963] Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7) deleteuser parameters to (b) admin.php.
5337| [CVE-2006-3878] Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
5338| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
5339| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
5340| [CVE-2006-3330] Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php.
5341| [CVE-2006-3329] SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.
5342| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
5343| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
5344| [CVE-2006-2750] Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message.
5345| [CVE-2006-2748] SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php.
5346| [CVE-2006-2742] SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc.
5347| [CVE-2006-2543] Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors and possibly conduct SQL injection attacks via unspecified vectors in join.php.
5348| [CVE-2006-2329] AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_mssql.inc.php, (5) adodb-borland_ibase, (6) adodb-csv.inc.php, (7) adodb-db2.inc.php, (8) adodb-fbsql.inc.php, (9) adodb-firebird.inc.php, (10) adodb-ibase.inc.php, (11) adodb-informix.inc.php, (12) adodb-informix72.inc, (13) adodb-mssql.inc.php, (14) adodb-mssqlpo.inc.php, (15) adodb-mysql.inc.php, (16) adodb-mysqlt.inc.php, (17) adodb-oci8.inc.php, (18) adodb-oci805.inc.php, (19) adodb-oci8po.inc.php, and (20) adodb-odbc.inc.php, which reveal the path in various error messages
5349| [CVE-2006-2042] Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
5350| [CVE-2006-1930] ** DISPUTED ** Multiple SQL injection vulnerabilities in userscript.php in Green Minute 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) huserid, (2) pituus, or (3) date parameters. NOTE: this issue has been disputed by the vendor, saying "those parameters mentioned ARE checked (preg_match) before they are used in SQL-query... If someone decided to add SQL-injection stuff to certain parameter, they would see an error text, but only because _nothing_ was passed inside that parameter (to MySQL-database)." As allowed by the vendor, CVE investigated this report on 20060525 and found that the demo site demonstrated a non-sensitive SQL error when given standard SQL injection manipulations.
5351| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
5352| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
5353| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
5354| [CVE-2006-1451] MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.
5355| [CVE-2006-1396] Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL Based Message Board allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown
5356| [CVE-2006-1395] SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter. NOTE: the provenance of this information is unknown
5357| [CVE-2006-1324] Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.
5358| [CVE-2006-1211] IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
5359| [CVE-2006-1210] The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
5360| [CVE-2006-1112] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message.
5361| [CVE-2006-1111] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
5362| [CVE-2006-0909] Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Renderer/unified.php, (3) PEAR/Text/Diff3.php, (4) class_db.php, (5) class_db_mysql.php, and (6) class_xml.php in the ips_kernel/ directory
5363| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
5364| [CVE-2006-0692] Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote attackers to execute arbitrary SQL commands via the (1) yr, (2) month, (3) day, and (4) job parameters in (a) index.php and (b) changehrs.php.
5365| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
5366| [CVE-2006-0200] Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
5367| [CVE-2006-0146] The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
5368| [CVE-2006-0097] Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
5369| [CVE-2006-0056] Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL.
5370| [CVE-2005-4713] Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call.
5371| [CVE-2005-4661] The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.
5372| [CVE-2005-4626] The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request.
5373| [CVE-2005-4237] Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
5374| [CVE-2005-2865] Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.php, (3) theinternetcommerce.inc.php, (4) cdg.inc.php, (5) compuworld.inc.php, (6) directone.inc.php, (7) authorize_aim.inc.php, (8) beanstream.inc.php, (9) config.inc.php, (10) eprocessingnetwork.inc.php, (11) eway.inc.php, (12) linkpoint.inc.php, (13) logiccommerce.inc.php, (14) netbilling.inc.php, (15) payflow_pro.inc.php, (16) paymentsgateway.inc.php, (17) payos.inc.php, (18) payready.inc.php, or (19) plugnplay.inc.php.
5375| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
5376| [CVE-2005-2572] MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.
5377| [CVE-2005-2571] FunkBoard 0.66CF, and possibly earlier versions, does not properly restrict access to the (1) admin/mysql_install.php and (2) admin/pg_install.php scripts, which allows attackers to obtain the database username and password or inject arbitrary PHP code into info.php.
5378| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
5379| [CVE-2005-2468] Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
5380| [CVE-2005-2467] Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php.
5381| [CVE-2005-2174] Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.
5382| [CVE-2005-1944] xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.
5383| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
5384| [CVE-2005-1274] Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
5385| [CVE-2005-1121] Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
5386| [CVE-2005-0799] MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.
5387| [CVE-2005-0711] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
5388| [CVE-2005-0710] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.
5389| [CVE-2005-0709] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
5390| [CVE-2005-0684] Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
5391| [CVE-2005-0646] SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
5392| [CVE-2005-0544] phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
5393| [CVE-2005-0111] Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.
5394| [CVE-2005-0083] MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference.
5395| [CVE-2005-0082] The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
5396| [CVE-2005-0081] MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
5397| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
5398| [CVE-2004-2632] phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
5399| [CVE-2004-2398] Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
5400| [CVE-2004-2357] The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
5401| [CVE-2004-2354] SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
5402| [CVE-2004-2149] Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
5403| [CVE-2004-2138] Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field.
5404| [CVE-2004-1228] The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
5405| [CVE-2004-0957] Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
5406| [CVE-2004-0956] MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
5407| [CVE-2004-0931] MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.
5408| [CVE-2004-0837] MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
5409| [CVE-2004-0836] Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
5410| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
5411| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
5412| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
5413| [CVE-2004-0457] The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
5414| [CVE-2004-0388] The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
5415| [CVE-2004-0381] mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
5416| [CVE-2003-1480] MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
5417| [CVE-2003-1421] Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.
5418| [CVE-2003-1383] WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
5419| [CVE-2003-1331] Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
5420| [CVE-2003-0780] Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
5421| [CVE-2003-0515] SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
5422| [CVE-2003-0150] MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
5423| [CVE-2003-0073] Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
5424| [CVE-2002-2043] SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
5425| [CVE-2002-1952] phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.
5426| [CVE-2002-1923] The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.
5427| [CVE-2002-1921] The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
5428| [CVE-2002-1809] The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.
5429| [CVE-2002-1479] Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users modify databases as the Cacti user and possibly gain privileges.
5430| [CVE-2002-1376] libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
5431| [CVE-2002-1375] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
5432| [CVE-2002-1374] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.
5433| [CVE-2002-1373] Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
5434| [CVE-2002-0969] Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
5435| [CVE-2002-0229] Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
5436| [CVE-2001-1454] Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
5437| [CVE-2001-1453] Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.
5438| [CVE-2001-1275] MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
5439| [CVE-2001-1274] Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
5440| [CVE-2001-1255] WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
5441| [CVE-2001-1226] AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
5442| [CVE-2001-1044] Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
5443| [CVE-2001-0990] Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
5444| [CVE-2001-0645] Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
5445| [CVE-2001-0407] Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
5446| [CVE-2000-0981] MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
5447| [CVE-2000-0957] The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.
5448| [CVE-2000-0707] PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
5449| [CVE-2000-0148] MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
5450| [CVE-2000-0045] MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
5451| [CVE-1999-1188] mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
5452|
5453| SecurityFocus - https://www.securityfocus.com/bid/:
5454| [104370] MySQL Multi-Master Replication Manager Multiple Remote Command Injection Vulnerabilities
5455| [103954] Oracle MySQL CVE-2018-2767 Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
5456| [103876] Oracle MySQL Server CVE-2018-2769 Remote Security Vulnerability
5457| [103845] Oracle MySQL Server CVE-2018-2839 Remote Security Vulnerability
5458| [103838] Oracle MySQL Cluster CVE-2018-2877 Local Security Vulnerability
5459| [103836] Oracle MySQL Server CVE-2018-2812 Remote Security Vulnerability
5460| [103831] Oracle MySQL Server CVE-2018-2805 Remote Security Vulnerability
5461| [103830] Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
5462| [103828] Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
5463| [103825] Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
5464| [103824] Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
5465| [103820] Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
5466| [103818] Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
5467| [103814] Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
5468| [103811] Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
5469| [103807] Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
5470| [103805] Oracle MySQL Server CVE-2018-2766 Remote Security Vulnerability
5471| [103804] Oracle MySQL Server CVE-2018-2787 Remote Security Vulnerability
5472| [103802] Oracle MySQL Server CVE-2018-2758 Remote Security Vulnerability
5473| [103801] Oracle MySQL Server CVE-2018-2784 Remote Security Vulnerability
5474| [103799] Oracle MySQL Server CVE-2018-2782 Remote Security Vulnerability
5475| [103794] Oracle MySQL Server CVE-2018-2762 Remote Security Vulnerability
5476| [103791] Oracle MySQL Server CVE-2018-2776 Remote Security Vulnerability
5477| [103790] Oracle MySQL Server CVE-2018-2846 Remote Security Vulnerability
5478| [103789] Oracle MySQL Server CVE-2018-2816 Remote Security Vulnerability
5479| [103787] Oracle MySQL Server CVE-2018-2779 Remote Security Vulnerability
5480| [103785] Oracle MySQL Server CVE-2018-2778 Remote Security Vulnerability
5481| [103783] Oracle MySQL Server CVE-2018-2810 Remote Security Vulnerability
5482| [103781] Oracle MySQL Server CVE-2018-2777 Remote Security Vulnerability
5483| [103780] Oracle MySQL Server CVE-2018-2759 Remote Security Vulnerability
5484| [103779] Oracle MySQL Server CVE-2018-2786 Remote Security Vulnerability
5485| [103778] Oracle MySQL Server CVE-2018-2780 Remote Security Vulnerability
5486| [103777] Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
5487| [102714] Oracle MySQL Server CVE-2018-2591 Remote Security Vulnerability
5488| [102713] Oracle MySQL Server CVE-2018-2562 Remote Security Vulnerability
5489| [102712] Oracle MySQL Server CVE-2018-2565 Remote Security Vulnerability
5490| [102711] Oracle MySQL Server CVE-2018-2647 Remote Security Vulnerability
5491| [102710] Oracle MySQL Server CVE-2018-2573 Remote Security Vulnerability
5492| [102709] Oracle MySQL Server CVE-2018-2612 Remote Security Vulnerability
5493| [102708] Oracle MySQL Server CVE-2018-2583 Remote Security Vulnerability
5494| [102706] Oracle MySQL Server CVE-2018-2622 Remote Security Vulnerability
5495| [102704] Oracle MySQL Server CVE-2018-2703 Remote Security Vulnerability
5496| [102703] Oracle MySQL Server CVE-2018-2646 Remote Security Vulnerability
5497| [102701] Oracle MySQL Server CVE-2018-2696 Remote Security Vulnerability
5498| [102700] Oracle MySQL Server CVE-2018-2586 Remote Security Vulnerability
5499| [102698] Oracle MySQL Server CVE-2018-2645 Remote Security Vulnerability
5500| [102697] Oracle MySQL Server CVE-2018-2590 Remote Security Vulnerability
5501| [102696] Oracle MySQL Server CVE-2018-2600 Remote Security Vulnerability
5502| [102695] Oracle MySQL Server CVE-2018-2576 Remote Security Vulnerability
5503| [102685] Oracle MySQL Server CVE-2018-2667 Remote Security Vulnerability
5504| [102682] Oracle MySQL Server CVE-2018-2668 Remote Security Vulnerability
5505| [102681] Oracle MySQL Server CVE-2018-2665 Remote Security Vulnerability
5506| [102678] Oracle MySQL Server CVE-2018-2640 Remote Security Vulnerability
5507| [102674] Oracle MySQL Connectors CVE-2018-2585 Remote Security Vulnerability
5508| [101448] Oracle MySQL Server CVE-2017-10313 Remote Security Vulnerability
5509| [101446] Oracle MySQL Server CVE-2017-10311 Remote Security Vulnerability
5510| [101444] Oracle MySQL Server CVE-2017-10294 Remote Security Vulnerability
5511| [101441] Oracle MySQL Server CVE-2017-10276 Remote Security Vulnerability
5512| [101439] Oracle MySQL Connectors CVE-2017-10277 Remote Security Vulnerability
5513| [101433] Oracle MySQL Server CVE-2017-10167 Remote Security Vulnerability
5514| [101429] Oracle MySQL Server CVE-2017-10365 Remote Security Vulnerability
5515| [101424] Oracle MySQL Server CVE-2017-10165 Remote Security Vulnerability
5516| [101420] Oracle MySQL Server CVE-2017-10283 Remote Security Vulnerability
5517| [101415] Oracle MySQL Server CVE-2017-10379 Remote Security Vulnerability
5518| [101410] Oracle MySQL Server CVE-2017-10320 Remote Security Vulnerability
5519| [101406] Oracle MySQL Server CVE-2017-10384 Remote Security Vulnerability
5520| [101402] Oracle MySQL Server CVE-2017-10155 Remote Security Vulnerability
5521| [101397] Oracle MySQL Server CVE-2017-10286 Remote Security Vulnerability
5522| [101390] Oracle MySQL Server CVE-2017-10268 Local Security Vulnerability
5523| [101385] Oracle MySQL Server CVE-2017-10284 Remote Security Vulnerability
5524| [101381] Oracle MySQL Enterprise Monitor CVE-2017-10424 Remote Security Vulnerability
5525| [101375] Oracle MySQL Server CVE-2017-10378 Remote Security Vulnerability
5526| [101373] Oracle MySQL Server CVE-2017-10296 Remote Security Vulnerability
5527| [101337] Oracle MySQL Server CVE-2017-10227 Remote Security Vulnerability
5528| [101324] Oracle MySQL Connectors CVE-2017-10203 Remote Security Vulnerability
5529| [101316] Oracle MySQL Server CVE-2017-10279 Remote Security Vulnerability
5530| [101314] Oracle MySQL Server CVE-2017-10314 Remote Security Vulnerability
5531| [99810] Oracle MySQL Server CVE-2017-3653 Remote Security Vulnerability
5532| [99808] Oracle MySQL Server CVE-2017-3650 Remote Security Vulnerability
5533| [99805] Oracle MySQL Server CVE-2017-3652 Remote Security Vulnerability
5534| [99802] Oracle MySQL Server CVE-2017-3651 Remote Security Vulnerability
5535| [99799] Oracle MySQL Server CVE-2017-3649 Remote Security Vulnerability
5536| [99796] Oracle MySQL Server CVE-2017-3647 Remote Security Vulnerability
5537| [99789] Oracle MySQL Server CVE-2017-3648 Remote Security Vulnerability
5538| [99786] Oracle MySQL Server CVE-2017-3646 Remote Security Vulnerability
5539| [99783] Oracle MySQL Server CVE-2017-3645 Remote Security Vulnerability
5540| [99779] Oracle MySQL Server CVE-2017-3642 Remote Security Vulnerability
5541| [99778] Oracle MySQL Server CVE-2017-3638 Remote Security Vulnerability
5542| [99775] Oracle MySQL Server CVE-2017-3644 Remote Security Vulnerability
5543| [99772] Oracle MySQL Server CVE-2017-3643 Remote Security Vulnerability
5544| [99767] Oracle MySQL Server CVE-2017-3641 Remote Security Vulnerability
5545| [99765] Oracle MySQL Server CVE-2017-3640 Remote Security Vulnerability
5546| [99753] Oracle MySQL Server CVE-2017-3639 Remote Security Vulnerability
5547| [99748] Oracle MySQL Server CVE-2017-3637 Remote Security Vulnerability
5548| [99746] Oracle MySQL Server CVE-2017-3529 Remote Security Vulnerability
5549| [99736] Oracle MySQL Server CVE-2017-3636 Local Security Vulnerability
5550| [99730] Oracle MySQL Connectors/MySQL Server CVE-2017-3635 Remote Security Vulnerability
5551| [99729] Oracle MySQL Server CVE-2017-3634 Remote Security Vulnerability
5552| [99722] Oracle MySQL Server CVE-2017-3633 Remote Security Vulnerability
5553| [99374] Perl DBD::mysql Module CVE-2017-10788 Use After Free Denial of Service Vulnerability
5554| [99364] Perl DBD::mysql Module CVE-2017-10789 Man in the Middle Security Bypass Vulnerability
5555| [97982] Oracle MySQL Connectors CVE-2017-3523 Remote Security Vulnerability
5556| [97960] MySQL-GUI-tools CVE-2010-4178 Local Information Disclosure Vulnerability
5557| [97959] MySQL-GUI-tools CVE-2010-4177 Local Information Disclosure Vulnerability
5558| [97851] Oracle MySQL Server CVE-2017-3462 Remote Security Vulnerability
5559| [97849] Oracle MySQL Server CVE-2017-3463 Remote Security Vulnerability
5560| [97848] Oracle MySQL Server CVE-2017-3468 Remote Security Vulnerability
5561| [97847] Oracle MySQL Server CVE-2017-3459 Remote Security Vulnerability
5562| [97845] Oracle MySQL Server CVE-2017-3457 Remote Security Vulnerability
5563| [97844] Oracle MySQL Enterprise Monitor CVE-2017-3307 Remote Security Vulnerability
5564| [97840] Oracle MySQL Connectors CVE-2017-3590 Local Security Vulnerability
5565| [97837] Oracle MySQL Server CVE-2017-3458 Remote Security Vulnerability
5566| [97836] Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
5567| [97833] Oracle MySQL Workbench CVE-2017-3469 Remote Security Vulnerability
5568| [97831] Oracle MySQL Server CVE-2017-3456 Remote Security Vulnerability
5569| [97826] Oracle MySQL Server CVE-2017-3460 Remote Security Vulnerability
5570| [97825] Oracle MySQL Server CVE-2017-3467 Remote Security Vulnerability
5571| [97822] Oracle MySQL Server CVE-2017-3465 Remote Security Vulnerability
5572| [97820] Oracle MySQL Server CVE-2017-3455 Remote Security Vulnerability
5573| [97818] Oracle MySQL Server CVE-2017-3464 Remote Security Vulnerability
5574| [97815] Oracle MySQL Cluster CVE-2017-3304 Remote Security Vulnerability
5575| [97812] Oracle MySQL Server CVE-2017-3461 Remote Security Vulnerability
5576| [97791] Oracle MySQL Server CVE-2017-3454 Remote Security Vulnerability
5577| [97784] Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
5578| [97779] Oracle MySQL Server CVE-2017-3452 Remote Security Vulnerability
5579| [97776] Oracle MySQL Server CVE-2017-3453 Remote Security Vulnerability
5580| [97772] Oracle MySQL Server CVE-2017-3331 Remote Security Vulnerability
5581| [97765] Oracle MySQL Server CVE-2017-3600 Remote Security Vulnerability
5582| [97763] Oracle MySQL Server CVE-2017-3329 Remote Security Vulnerability
5583| [97754] Oracle MySQL Server CVE-2017-3599 Remote Security Vulnerability
5584| [97747] Oracle MySQL Server CVE-2017-3450 Remote Security Vulnerability
5585| [97742] Oracle MySQL Server CVE-2017-3309 Remote Security Vulnerability
5586| [97725] Oracle MySQL Server CVE-2017-3308 Remote Security Vulnerability
5587| [97724] Oracle MySQL Enterprise Monitor CVE-2017-3306 Remote Security Vulnerability
5588| [97023] MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
5589| [96300] PHP 'ext/mysqli/mysqli.c' Denial of Service Vulnerability
5590| [96162] MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
5591| [95592] Oracle MySQL Cluster CVE-2016-5541 Remote Security Vulnerability
5592| [95589] Oracle MySQL Server CVE-2017-3257 Remote Security Vulnerability
5593| [95588] Oracle MySQL Server CVE-2017-3318 Local Security Vulnerability
5594| [95585] Oracle MySQL Server CVE-2017-3317 Local Security Vulnerability
5595| [95583] Oracle MySQL Server CVE-2017-3273 Remote Security Vulnerability
5596| [95580] Oracle MySQL Server CVE-2016-8318 Remote Security Vulnerability
5597| [95575] Oracle MySQL Cluster CVE-2017-3323 Remote Security Vulnerability
5598| [95574] Oracle MySQL Cluster CVE-2017-3322 Remote Security Vulnerability
5599| [95571] Oracle MySQL Server CVE-2017-3238 Remote Security Vulnerability
5600| [95565] Oracle MySQL Server CVE-2017-3244 Remote Security Vulnerability
5601| [95562] Oracle MySQL Cluster CVE-2017-3321 Remote Security Vulnerability
5602| [95560] Oracle MySQL Server CVE-2017-3258 Remote Security Vulnerability
5603| [95542] Oracle MySQL Enterprise Monitor CVE-2016-5590 Remote Security Vulnerability
5604| [95538] Oracle MySQL Server CVE-2017-3243 Remote Security Vulnerability
5605| [95527] Oracle MySQL Server CVE-2017-3313 Local Security Vulnerability
5606| [95520] Oracle MySQL Server CVE-2017-3265 Local Security Vulnerability
5607| [95501] Oracle MySQL Server CVE-2017-3291 Local Security Vulnerability
5608| [95491] Oracle MySQL Server CVE-2017-3312 Local Security Vulnerability
5609| [95486] Oracle MySQL Server CVE-2017-3256 Remote Security Vulnerability
5610| [95482] Oracle MySQL Server CVE-2017-3251 Remote Security Vulnerability
5611| [95479] Oracle MySQL Server CVE-2017-3319 Remote Security Vulnerability
5612| [95470] Oracle MySQL Server CVE-2017-3320 Remote Security Vulnerability
5613| [95146] Pivotal MySQL for PCF CVE-2016-0898 Information Disclosure Vulnerability
5614| [94350] DBD::mysql CVE-2016-1249 Out-Of-Bounds Read Information Disclosure Vulnerability
5615| [93755] Oracle MySQL CVE-2016-8284 Local Security Vulnerability
5616| [93745] Oracle MySQL CVE-2016-8286 Remote Security Vulnerability
5617| [93740] Oracle MySQL CVE-2016-8288 Remote Security Vulnerability
5618| [93737] Oracle MySQL CVE-2016-8283 Remote Security Vulnerability
5619| [93735] Oracle MySQL CVE-2016-5584 Remote Security Vulnerability
5620| [93733] Oracle MySQL CVE-2016-8290 Remote Security Vulnerability
5621| [93727] Oracle MySQL CVE-2016-8287 Remote Security Vulnerability
5622| [93720] Oracle MySQL CVE-2016-8289 Local Security Vulnerability
5623| [93715] Oracle MySQL CVE-2016-5635 Remote Security Vulnerability
5624| [93709] Oracle MySQL CVE-2016-5634 Remote Security Vulnerability
5625| [93702] Oracle MySQL CVE-2016-5633 Remote Security Vulnerability
5626| [93693] Oracle MySQL CVE-2016-5632 Remote Security Vulnerability
5627| [93684] Oracle MySQL CVE-2016-5631 Remote Security Vulnerability
5628| [93678] Oracle MySQL CVE-2016-5507 Remote Security Vulnerability
5629| [93674] Oracle MySQL CVE-2016-5630 Remote Security Vulnerability
5630| [93670] Oracle MySQL CVE-2016-3495 Remote Security Vulnerability
5631| [93668] Oracle MySQL CVE-2016-5629 Remote Security Vulnerability
5632| [93662] Oracle MySQL CVE-2016-5628 Remote Security Vulnerability
5633| [93659] Oracle MySQL CVE-2016-7440 Local Security Vulnerability
5634| [93653] Oracle MySQL Connector CVE-2016-5598 Remote Security Vulnerability
5635| [93650] Oracle MySQL CVE-2016-3492 Remote Security Vulnerability
5636| [93642] Oracle MySQL CVE-2016-5627 Remote Security Vulnerability
5637| [93638] Oracle MySQL CVE-2016-5626 Remote Security Vulnerability
5638| [93635] Oracle MySQL CVE-2016-5624 Remote Security Vulnerability
5639| [93630] Oracle MySQL CVE-2016-5612 Remote Security Vulnerability
5640| [93622] Oracle MySQL CVE-2016-5609 Remote Security Vulnerability
5641| [93617] Oracle MySQL CVE-2016-5625 Local Security Vulnerability
5642| [93614] RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
5643| [93612] Oracle MySQL CVE-2016-6664 Local Security Vulnerability
5644| [93480] Pivotal Cloud Foundry cf-mysql CVE-2016-6653 Information Disclosure Vulnerability
5645| [93337] perl-DBD-MySQL CVE-2016-1246 Remote Buffer Overflow Vulnerability
5646| [92912] Oracle MySQL CVE-2016-6662 Remote Code Execution Vulnerability
5647| [92911] Oracle MySQL CVE-2016-6663 Unspecified Security Vulnerability
5648| [92149] DBD::mysql CVE-2014-9906 Incomplete Fix Use After Free Remote Code Execution Vulnerability
5649| [92118] DBD::mysql 'my_login()' Function Use After Free Remote Code Execution Vulnerability
5650| [91999] Oracle MySQL CVE-2016-3452 Remote Security Vulnerability
5651| [91992] Oracle MySQL CVE-2016-3614 Remote Security Vulnerability
5652| [91987] Oracle MySQL CVE-2016-5444 Remote Security Vulnerability
5653| [91983] Oracle MySQL CVE-2016-3588 Remote Security Vulnerability
5654| [91980] Oracle MySQL CVE-2016-3486 Remote Security Vulnerability
5655| [91976] Oracle MySQL CVE-2016-3424 Remote Security Vulnerability
5656| [91974] Oracle MySQL CVE-2016-5442 Remote Security Vulnerability
5657| [91969] Oracle MySQL CVE-2016-5439 Remote Security Vulnerability
5658| [91967] Oracle MySQL CVE-2016-3518 Remote Security Vulnerability
5659| [91963] Oracle MySQL CVE-2016-5443 Local Security Vulnerability
5660| [91960] Oracle MySQL CVE-2016-3615 Remote Security Vulnerability
5661| [91953] Oracle MySQL CVE-2016-5440 Remote Security Vulnerability
5662| [91949] Oracle MySQL CVE-2016-3501 Remote Security Vulnerability
5663| [91943] Oracle MySQL CVE-2016-3459 Remote Security Vulnerability
5664| [91932] Oracle MySQL CVE-2016-3521 Remote Security Vulnerability
5665| [91917] Oracle MySQL CVE-2016-5437 Remote Security Vulnerability
5666| [91915] Oracle MySQL CVE-2016-5441 Remote Security Vulnerability
5667| [91913] Oracle MySQL CVE-2016-3471 Local Security Vulnerability
5668| [91910] Oracle MySQL CVE-2016-3440 Remote Security Vulnerability
5669| [91906] Oracle MySQL CVE-2016-5436 Remote Security Vulnerability
5670| [91902] Oracle MySQL CVE-2016-3477 Local Security Vulnerability
5671| [90165] MySQL CVE-2005-0799 Denial-Of-Service Vulnerability
5672| [89812] xMySQLadmin CVE-2005-1944 Local Security Vulnerability
5673| [89412] MySQL CVE-2005-2573 Directory Traversal Vulnerability
5674| [88627] MySQL CVE-1999-1188 Local Security Vulnerability
5675| [88032] MySQL CVE-2001-1275 Local Security Vulnerability
5676| [87310] Btsavemysql CVE-2006-6378 Remote Security Vulnerability
5677| [86999] MySQL CVE-2001-1274 Denial-Of-Service Vulnerability
5678| [86513] Oracle MySQL CVE-2016-0665 Remote Security Vulnerability
5679| [86511] Oracle MySQL CVE-2016-0661 Remote Security Vulnerability
5680| [86509] Oracle MySQL CVE-2016-0666 Remote Security Vulnerability
5681| [86506] Oracle MySQL CVE-2016-0662 Remote Security Vulnerability
5682| [86504] Oracle MySQL CVE-2016-0654 Remote Security Vulnerability
5683| [86501] Oracle MySQL CVE-2016-0651 Remote Security Vulnerability
5684| [86498] Oracle MySQL CVE-2016-0649 Remote Security Vulnerability
5685| [86496] Oracle MySQL CVE-2016-0650 Remote Security Vulnerability
5686| [86495] Oracle MySQL CVE-2016-0647 Remote Security Vulnerability
5687| [86493] Oracle MySQL CVE-2016-0659 Remote Security Vulnerability
5688| [86489] Oracle MySQL CVE-2016-3461 Remote Security Vulnerability
5689| [86486] Oracle MySQL CVE-2016-0643 Remote Security Vulnerability
5690| [86484] Oracle MySQL CVE-2016-0667 Remote Security Vulnerability
5691| [86470] Oracle MySQL CVE-2016-0641 Remote Security Vulnerability
5692| [86467] Oracle MySQL CVE-2016-0668 Remote Security Vulnerability
5693| [86463] Oracle MySQL CVE-2016-0658 Remote Security Vulnerability
5694| [86457] Oracle MySQL CVE-2016-0648 Remote Security Vulnerability
5695| [86454] Oracle MySQL CVE-2016-0652 Remote Security Vulnerability
5696| [86451] Oracle MySQL CVE-2016-0663 Remote Security Vulnerability
5697| [86445] Oracle MySQL CVE-2016-0642 Remote Security Vulnerability
5698| [86442] Oracle MySQL CVE-2016-0644 Remote Security Vulnerability
5699| [86439] Oracle MySQL CVE-2016-0653 Remote Security Vulnerability
5700| [86436] Oracle MySQL CVE-2016-0646 Remote Security Vulnerability
5701| [86433] Oracle MySQL CVE-2016-0657 Remote Security Vulnerability
5702| [86431] Oracle MySQL CVE-2016-0656 Remote Security Vulnerability
5703| [86427] Oracle MySQL CVE-2016-0640 Remote Security Vulnerability
5704| [86424] Oracle MySQL CVE-2016-0655 Remote Security Vulnerability
5705| [86418] Oracle MySQL CVE-2016-0639 Remote Security Vulnerability
5706| [85985] MariaDB and MySQL CVE-2015-5969 Local Information Disclosure Vulnerability
5707| [85262] MySQL CVE-2007-5970 Remote Security Vulnerability
5708| [85246] Mysql Community Server CVE-2007-6313 Remote Security Vulnerability
5709| [85215] Mysql Banner Exchange CVE-2007-6512 Denial-Of-Service Vulnerability
5710| [83639] MySQLDumper CVE-2006-5264 Cross-Site Scripting Vulnerability
5711| [83232] MySQL Connector/Net CVE-2006-4227 Remote Security Vulnerability
5712| [83194] MySQL CVE-2004-0628 Denial Of Service Vulnerability
5713| [82913] MySQL CVE-2001-1453 Remote Security Vulnerability
5714| [82911] MySQL CVE-2001-1454 Remote Security Vulnerability
5715| [81810] MariaDB/MySQL/Percona Server CVE-2016-2047 SSL Certificate Validation Security Bypass Vulnerability
5716| [81258] Oracle MySQL CVE-2016-0609 Remote Security Vulnerability
5717| [81253] Oracle MySQL CVE-2016-0605 Remote Security Vulnerability
5718| [81245] Oracle MySQL CVE-2015-7744 Remote Security Vulnerability
5719| [81238] Oracle MySQL CVE-2016-0607 Remote Security Vulnerability
5720| [81226] Oracle MySQL CVE-2016-0608 Remote Security Vulnerability
5721| [81211] Oracle MySQL CVE-2016-0601 Remote Security Vulnerability
5722| [81203] Oracle MySQL CVE-2016-0599 Remote Security Vulnerability
5723| [81198] Oracle MySQL CVE-2016-0610 Remote Security Vulnerability
5724| [81188] Oracle MySQL CVE-2016-0600 Remote Security Vulnerability
5725| [81182] Oracle MySQL CVE-2016-0598 Remote Security Vulnerability
5726| [81176] Oracle MySQL CVE-2016-0616 Remote Security Vulnerability
5727| [81164] Oracle MySQL CVE-2016-0611 Remote Security Vulnerability
5728| [81151] Oracle MySQL CVE-2016-0597 Remote Security Vulnerability
5729| [81136] Oracle MySQL CVE-2016-0502 Remote Security Vulnerability
5730| [81130] Oracle MySQL CVE-2016-0596 Remote Security Vulnerability
5731| [81126] Oracle MySQL CVE-2016-0503 Remote Security Vulnerability
5732| [81121] Oracle MySQL CVE-2016-0595 Remote Security Vulnerability
5733| [81108] Oracle MySQL CVE-2016-0594 Remote Security Vulnerability
5734| [81088] Oracle MySQL CVE-2016-0505 Remote Security Vulnerability
5735| [81077] Oracle MySQL CVE-2016-0504 Remote Security Vulnerability
5736| [81066] Oracle MySQL CVE-2016-0546 Local Security Vulnerability
5737| [79408] Mysql-Ocaml CVE-2009-2942 Remote Security Vulnerability
5738| [79044] kiddog_mysqldumper CVE-2010-0336 Information Disclosure Vulnerability
5739| [78373] MySQL CVE-2011-5049 Denial-Of-Service Vulnerability
5740| [77237] Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
5741| [77234] Oracle MySQL Server CVE-2015-4910 Remote Security Vulnerability
5742| [77232] Oracle MySQL Server CVE-2015-4766 Local Security Vulnerability
5743| [77231] Oracle MySQL Server CVE-2015-4890 Remote Security Vulnerability
5744| [77228] Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
5745| [77222] Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
5746| [77219] Oracle MySQL Server CVE-2015-4904 Remote Security Vulnerability
5747| [77216] Oracle MySQL Server CVE-2015-4800 Remote Security Vulnerability
5748| [77213] Oracle MySQL Server CVE-2015-4791 Remote Security Vulnerability
5749| [77208] Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
5750| [77205] Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
5751| [77199] Oracle MySQL Server CVE-2015-4730 Remote Security Vulnerability
5752| [77196] Oracle MySQL Server CVE-2015-4819 Local Security Vulnerability
5753| [77190] Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
5754| [77187] Oracle MySQL Server CVE-2015-4864 Remote Security Vulnerability
5755| [77171] Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
5756| [77170] Oracle MySQL Server CVE-2015-4833 Remote Security Vulnerability
5757| [77165] Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
5758| [77153] Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
5759| [77147] Oracle MySQL Server CVE-2015-4862 Remote Security Vulnerability
5760| [77145] Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
5761| [77143] Oracle MySQL Server CVE-2015-4905 Remote Security Vulnerability
5762| [77140] Oracle MySQL Server CVE-2015-4879 Remote Security Vulnerability
5763| [77137] Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
5764| [77136] Oracle MySQL Server CVE-2015-4895 Remote Security Vulnerability
5765| [77134] Oracle MySQL Server CVE-2015-4816 Remote Security Vulnerability
5766| [77132] Oracle MySQL Server CVE-2015-4866 Remote Security Vulnerability
5767| [77015] Oracle MySQL Multiple Buffer Overflow Vulnerabilities
5768| [75849] Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
5769| [75844] Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
5770| [75837] Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
5771| [75835] Oracle MySQL Server CVE-2015-4771 Remote Security Vulnerability
5772| [75830] Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
5773| [75822] Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
5774| [75815] Oracle MySQL Server CVE-2015-2641 Remote Security Vulnerability
5775| [75813] Oracle MySQL Server CVE-2015-2661 Local Security Server Vulnerability
5776| [75802] Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
5777| [75785] Oracle MySQL Server CVE-2015-4756 Remote Security Vulnerability
5778| [75781] Oracle MySQL Server CVE-2015-4772 Remote Security Vulnerability
5779| [75774] Oracle MySQL Server CVE-2015-2617 Remote Security Vulnerability
5780| [75770] Oracle MySQL Server CVE-2015-4761 Remote Security Vulnerability
5781| [75762] Oracle MySQL Server CVE-2015-2611 Remote Security Vulnerability
5782| [75760] Oracle MySQL Server CVE-2015-2639 Remote Security Vulnerability
5783| [75759] Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
5784| [75753] Oracle MySQL Server CVE-2015-4769 Remote Security Vulnerability
5785| [75751] Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
5786| [75397] MySql Lite Administrator Multiple Cross Site Scripting Vulnerabilities
5787| [75394] WordPress wp-instance-rename Plugin 'mysqldump_download.php' Arbitrary File Download Vulnerability
5788| [74695] Tiny MySQL 'tinymy.php' Cross Site Scripting Vulnerability
5789| [74398] Oracle MySQL CVE-2015-3152 SSL Certificate Validation Security Bypass Vulnerability
5790| [74137] Oracle MySQL Utilities CVE-2015-2576 Local Security Vulnerability
5791| [74133] Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
5792| [74130] Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
5793| [74126] Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
5794| [74123] Oracle MySQL Server CVE-2015-2567 Remote Security Vulnerability
5795| [74121] Oracle MySQL Server CVE-2015-0507 Remote Security Vulnerability
5796| [74120] Oracle MySQL Server CVE-2015-0506 Remote Security Vulnerability
5797| [74115] Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
5798| [74112] Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
5799| [74110] Oracle MySQL Server CVE-2015-0405 Remote Security Vulnerability
5800| [74103] Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
5801| [74102] Oracle MySQL Server CVE-2015-0503 Remote Security Vulnerability
5802| [74098] Oracle MySQL Server CVE-2015-0438 Remote Security Vulnerability
5803| [74095] Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
5804| [74091] Oracle MySQL Server CVE-2015-0423 Remote Security Vulnerability
5805| [74089] Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
5806| [74086] Oracle MySQL Server CVE-2015-0508 Remote Security Vulnerability
5807| [74085] Oracle MySQL Server CVE-2015-0439 Remote Security Vulnerability
5808| [74081] Oracle MySQL Server CVE-2015-0500 Remote Security Vulnerability
5809| [74078] Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
5810| [74075] Oracle MySQL Connectors CVE-2015-2575 Remote Security Vulnerability
5811| [74073] Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
5812| [74070] Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
5813| [72728] RubyGems xaviershay-dm-rails 'storage.rb' MySQL Credential Information Disclosure Vulnerability
5814| [72229] Oracle MySQL Server CVE-2015-0385 Remote Security Vulnerability
5815| [72227] Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
5816| [72223] Oracle MySQL Server CVE-2015-0409 Remote Security Vulnerability
5817| [72217] Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
5818| [72214] Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
5819| [72210] Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
5820| [72205] Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
5821| [72200] Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
5822| [72191] Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
5823| [70550] Oracle MySQL Server CVE-2014-6507 Remote Security Vulnerability
5824| [70540] RETIRED: Oracle MySQL Server CVE-2012-5615 Remote Security Vulnerability
5825| [70532] Oracle MySQL Server CVE-2014-6463 Remote Security Vulnerability
5826| [70530] Oracle MySQL Server CVE-2014-6555 Remote Security Vulnerability
5827| [70525] Oracle MySQL Server CVE-2014-6489 Remote Security Vulnerability
5828| [70517] Oracle MySQL Server CVE-2014-4287 Remote Security Vulnerability
5829| [70516] Oracle MySQL Server CVE-2014-6505 Remote Security Vulnerability
5830| [70511] Oracle MySQL Server CVE-2014-6564 Remote Security Vulnerability
5831| [70510] Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
5832| [70497] Oracle MySQL Server CVE-2014-6494 Remote Security Vulnerability
5833| [70496] Oracle MySQL Server CVE-2014-6495 Remote Security Vulnerability
5834| [70489] Oracle MySQL Server CVE-2014-6478 Remote Security Vulnerability
5835| [70487] Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
5836| [70486] Oracle MySQL Server CVE-2014-6530 Remote Security Vulnerability
5837| [70478] Oracle MySQL Server CVE-2014-6500 Remote Security Vulnerability
5838| [70469] Oracle MySQL Server CVE-2014-6496 Remote Security Vulnerability
5839| [70462] Oracle MySQL Server CVE-2014-6551 Local Security Vulnerability
5840| [70455] Oracle MySQL Server CVE-2014-6484 Remote Security Vulnerability
5841| [70451] Oracle MySQL Server CVE-2014-6464 Remote Security Vulnerability
5842| [70448] Oracle MySQL Server CVE-2014-6474 Remote Security Vulnerability
5843| [70446] Oracle MySQL Server CVE-2014-6469 Remote Security Vulnerability
5844| [70444] Oracle MySQL Server CVE-2014-6491 Remote Security Vulnerability
5845| [69743] Oracle MySQL Client yaSSL Certificate Decode Buffer Overflow Vulnerability
5846| [69732] MySQL MyISAM Insecure Temporary File Creation Vulnerability
5847| [68736] RubyGems lean-ruport MySQL Credential Local Information Disclosure Vulnerability
5848| [68607] Oracle MySQL Server CVE-2014-4214 Remote Security Vulnerability
5849| [68602] Oracle MySQL Server CVE-2014-4240 Local Security Vulnerability
5850| [68598] Oracle MySQL Server CVE-2014-4233 Remote Security Vulnerability
5851| [68593] Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
5852| [68587] Oracle MySQL Server CVE-2014-4238 Remote Security Vulnerability
5853| [68579] Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
5854| [68573] Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
5855| [68564] Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
5856| [66896] Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
5857| [66890] Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
5858| [66885] Oracle MySQL Server CVE-2014-2444 Remote Security Vulnerability
5859| [66880] Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
5860| [66872] Oracle MySQL Server CVE-2014-2434 Remote Security Vulnerability
5861| [66863] Oracle MySQL Server CVE-2014-2450 Remote Security Vulnerability
5862| [66858] Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
5863| [66853] Oracle MySQL Server CVE-2014-2435 Remote Security Vulnerability
5864| [66850] Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
5865| [66846] Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
5866| [66835] Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
5867| [66828] Oracle MySQL Server CVE-2014-2451 Remote Security Vulnerability
5868| [66823] Oracle MySQL Server CVE-2014-2442 Remote Security Vulnerability
5869| [66153] lighttpd 'mod_mysql_vhost.c' SQL Injection Vulnerability
5870| [65890] InterWorx MySQL Password Information Disclosure Vulnerability
5871| [65621] Percona Toolkit for MySQL Automatic Version Check Information Disclosure Vulnerability
5872| [65298] Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
5873| [64908] Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
5874| [64904] Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
5875| [64898] Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
5876| [64897] Oracle MySQL Server CVE-2014-0431 Remote Security Vulnerability
5877| [64896] Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
5878| [64895] Oracle MySQL Server CVE-2014-0433 Remote Security Vulnerability
5879| [64893] Oracle MySQL Server CVE-2014-0430 Remote Security Vulnerability
5880| [64891] Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
5881| [64888] Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
5882| [64885] Oracle MySQL Server CVE-2013-5881 Remote Security Vulnerability
5883| [64880] Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
5884| [64877] Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
5885| [64873] Oracle MySQL Server CVE-2013-5894 Remote Security Vulnerability
5886| [64868] Oracle MySQL Server CVE-2014-0427 Remote Security Vulnerability
5887| [64864] Oracle MySQL Server CVE-2013-5860 Remote Security Vulnerability
5888| [64854] Oracle MySQL Server CVE-2013-5882 Remote Security Vulnerability
5889| [64849] Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
5890| [64731] CSP MySQL User Manager 'login.php' Script SQL Injection Vulnerability
5891| [64630] Zen Cart 'mysql_zencart.sql' Information Disclosure Vulnerability
5892| [63125] Oracle MySQL Server CVE-2012-2750 Remote Security Vulnerability
5893| [63119] Oracle MySQL Server CVE-2013-5770 Remote Security Vulnerability
5894| [63116] Oracle MySQL Server CVE-2013-5793 Remote Security Vulnerability
5895| [63113] Oracle MySQL Server CVE-2013-5767 Remote Security Vulnerability
5896| [63109] Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
5897| [63107] Oracle MySQL Server CVE-2013-5786 Remote Security Vulnerability
5898| [63105] Oracle MySQL Server CVE-2013-5807 Remote Security Vulnerability
5899| [62358] Oracle MySQL CVE-2005-2572 Remote Code Execution Vulnerability
5900| [61274] Oracle MySQL Server CVE-2013-3798 Remote Security Vulnerability
5901| [61272] Oracle MySQL Server CVE-2013-3809 Remote Security Vulnerability
5902| [61269] Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
5903| [61264] Oracle MySQL Server CVE-2013-3793 Remote Security Vulnerability
5904| [61260] Oracle MySQL Server CVE-2013-3804 Remote Security Vulnerability
5905| [61256] Oracle MySQL Server CVE-2013-3805 Remote Security Vulnerability
5906| [61252] Oracle MySQL Server CVE-2013-3811 Remote Security Vulnerability
5907| [61249] Oracle MySQL Server CVE-2013-3812 Remote Security Vulnerability
5908| [61244] Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
5909| [61241] Oracle MySQL Server CVE-2013-3795 Remote Security Vulnerability
5910| [61238] Oracle MySQL Server CVE-2013-3807 Remote Security Vulnerability
5911| [61235] Oracle MySQL Server CVE-2013-3806 Remote Security Vulnerability
5912| [61233] Oracle MySQL Server CVE-2013-3796 Remote Security Vulnerability
5913| [61227] Oracle MySQL Server CVE-2013-3808 Remote Security Vulnerability
5914| [61222] Oracle MySQL Server CVE-2013-3794 Remote Security Vulnerability
5915| [61214] Oracle MySQL Server CVE-2013-3810 Remote Security Vulnerability
5916| [61210] Oracle MySQL Server CVE-2013-3783 Remote Security Vulnerability
5917| [60424] Debian mysql-server CVE-2013-2162 Insecure File Creation Vulnerability
5918| [60001] Wireshark MySQL Dissector Denial of Service Vulnerability
5919| [59242] Oracle MySQL CVE-2013-2391 Local MySQL Server Vulnerability
5920| [59239] Oracle MySQL CVE-2013-1502 Local MySQL Server Vulnerability
5921| [59237] Oracle MySQL CVE-2013-1506 Remote MySQL Server Vulnerability
5922| [59232] Oracle MySQL CVE-2013-1567 Remote MySQL Server Vulnerability
5923| [59229] Oracle MySQL Server CVE-2013-1544 Remote Security Vulnerability
5924| [59227] Oracle MySQL CVE-2013-2376 Remote MySQL Server Vulnerability
5925| [59225] Oracle MySQL CVE-2013-1523 Remote MySQL Server Vulnerability
5926| [59224] Oracle MySQL Server CVE-2013-2392 Remote Security Vulnerability
5927| [59223] Oracle MySQL Server CVE-2013-1548 Remote Security Vulnerability
5928| [59222] RETIRED: Oracle MySQL CVE-2012-5614 Remote MySQL Server Vulnerability
5929| [59218] Oracle MySQL Server CVE-2013-1512 Remote Security Vulnerability
5930| [59217] Oracle MySQL CVE-2013-1526 Remote MySQL Server Vulnerability
5931| [59216] Oracle MySQL CVE-2013-1570 Remote MySQL Server Vulnerability
5932| [59215] Oracle MySQL Server CVE-2013-2381 Remote Security Vulnerability
5933| [59211] Oracle MySQL Server CVE-2013-1532 Remote Security Vulnerability
5934| [59210] Oracle MySQL CVE-2013-1555 Remote MySQL Server Vulnerability
5935| [59209] Oracle MySQL CVE-2013-2375 Remote MySQL Server Vulnerability
5936| [59207] Oracle MySQL Server CVE-2013-2389 Remote Security Vulnerability
5937| [59205] Oracle MySQL Server CVE-2013-1566 Remote Security Vulnerability
5938| [59202] Oracle MySQL CVE-2013-1531 Remote MySQL Server Vulnerability
5939| [59201] Oracle MySQL Server CVE-2013-1511 Remote Security Vulnerability
5940| [59196] Oracle MySQL CVE-2013-1552 Remote MySQL Server Vulnerability
5941| [59188] Oracle MySQL CVE-2013-2378 Remote MySQL Server Vulnerability
5942| [59180] Oracle MySQL CVE-2013-1521 Remote MySQL Server Vulnerability
5943| [59173] Oracle MySQL CVE-2013-2395 Remote MySQL Server Vulnerability
5944| [58511] MySQL and MariaDB Geometry Query Denial Of Service Vulnerability
5945| [57418] Oracle MySQL Server CVE-2013-0386 Remote Security Vulnerability
5946| [57417] Oracle MySQL Server CVE-2013-0389 Remote Security Vulnerability
5947| [57416] Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability
5948| [57415] Oracle MySQL Server CVE-2013-0371 Remote Security Vulnerability
5949| [57414] Oracle MySQL Server CVE-2012-0574 Remote Security Vulnerability
5950| [57412] Oracle MySQL Server CVE-2013-0385 Local Security Vulnerability
5951| [57411] Oracle MySQL Server CVE-2012-5060 Remote Security Vulnerability
5952| [57410] Oracle MySQL Server CVE-2012-1705 Remote Security Vulnerability
5953| [57408] Oracle MySQL Server CVE-2013-0367 Remote Security Vulnerability
5954| [57405] Oracle MySQL Server CVE-2013-0383 Remote Security Vulnerability
5955| [57400] Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
5956| [57397] Oracle MySQL Server CVE-2013-0368 Remote Security Vulnerability
5957| [57391] Oracle MySQL Server CVE-2013-0375 Remote Security Vulnerability
5958| [57388] Oracle MySQL Server CVE-2012-1702 Remote Security Vulnerability
5959| [57385] Oracle MySQL Server CVE-2012-0572 Remote Security Vulnerability
5960| [57334] Oracle MySQL Server CVE-2012-0578 Remote Security Vulnerability
5961| [56837] Oracle MySQL and MariaDB CVE-2012-5627 Insecure Salt Generation Security Bypass Weakness
5962| [56791] Oracle MySQL Remote Code Execution Vulnerability
5963| [56776] Oracle MySQL CVE-2012-5614 Denial of Service Vulnerability
5964| [56772] Oracle MySQL Remote Code Execution Vulnerability
5965| [56771] Oracle MySQL Server Privilege Escalation Vulnerability
5966| [56769] Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
5967| [56768] Oracle MySQL Server Heap Overflow Vulnerability
5968| [56766] Oracle MySQL Server Username Enumeration Weakness
5969| [56041] Oracle MySQL Server CVE-2012-3173 Remote MySQL Security Vulnerability
5970| [56036] Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
5971| [56028] Oracle MySQL Server CVE-2012-3166 Remote Security Vulnerability
5972| [56027] Oracle MySQL Server CVE-2012-3160 Local Security Vulnerability
5973| [56022] Oracle MySQL Server CVE-2012-3147 Remote Security Vulnerability
5974| [56021] Oracle MySQL Server CVE-2012-3197 Remote Security Vulnerability
5975| [56018] Oracle MySQL Server CVE-2012-3167 Remote Security Vulnerability
5976| [56017] Oracle MySQL Server CVE-2012-3158 Remote Security Vulnerability
5977| [56013] Oracle MySQL Server CVE-2012-3156 Remote Security Vulnerability
5978| [56008] Oracle MySQL Server CVE-2012-3144 Remote Security Vulnerability
5979| [56006] Oracle MySQL Server CVE-2012-3149 Remote Security Vulnerability
5980| [56005] Oracle MySQL Server CVE-2012-3177 Remote Security Vulnerability
5981| [56003] Oracle MySQL Server CVE-2012-3180 Remote Security Vulnerability
5982| [55990] Oracle MySQL Server CVE-2012-3150 Remote Security Vulnerability
5983| [55715] MySQL MyISAM Table Symbolic Link CVE-2012-4452 Local Privilege Escalation Vulnerability
5984| [55120] Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
5985| [54551] Oracle MySQL Server CVE-2012-0540 Remote Security Vulnerability
5986| [54549] Oracle MySQL Server CVE-2012-1735 Remote Security Vulnerability
5987| [54547] Oracle MySQL Server CVE-2012-1689 Remote Security Vulnerability
5988| [54540] Oracle MySQL Server CVE-2012-1734 Remote Security Vulnerability
5989| [54526] Oracle MySQL Server CVE-2012-1757 Remote Security Vulnerability
5990| [54524] Oracle MySQL Server CVE-2012-1756 Remote Security Vulnerability
5991| [53922] RETIRED: MySQL and MariaDB 'sql/password.c' Authentication Bypass Vulnerability
5992| [53911] Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
5993| [53310] MySQLDumper 'menu.php' Remote PHP Code Execution Vulnerability
5994| [53306] MySQLDumper Multiple Security Vulnerabilities
5995| [53074] Oracle MySQL CVE-2012-1690 Remote MySQL Server Vulnerability
5996| [53071] Oracle MySQL CVE-2012-1696 Remote MySQL Server Vulnerability
5997| [53067] Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
5998| [53064] Oracle MySQL CVE-2012-1697 Remote MySQL Server Vulnerability
5999| [53061] Oracle MySQL CVE-2012-0583 Remote MySQL Server Vulnerability
6000| [53058] Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability
6001| [52931] Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
6002| [52154] RETIRED: MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
6003| [51925] MySQL Unspecified Remote Code Execution Vulnerability
6004| [51526] Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
6005| [51525] Oracle MySQL CVE-2012-0493 Remote Vulnerability
6006| [51524] Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
6007| [51523] Oracle MySQL Server CVE-2012-0494 Local Security Vulnerability
6008| [51522] Oracle MySQL Server CVE-2012-0495 Remote Security Vulnerability
6009| [51521] Oracle MySQL Server CVE-2012-0117 Remote MySQL Server Vulnerability
6010| [51520] Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
6011| [51519] Oracle MySQL Server CVE-2012-0112 Remote MySQL Server Vulnerability
6012| [51518] Oracle MySQL Server CVE-2012-0491 Remote Security Vulnerability
6013| [51517] Oracle MySQL CVE-2012-0120 Remote Vulnerability
6014| [51516] Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability
6015| [51515] Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
6016| [51514] Oracle MySQL Server CVE-2012-0486 Remote Security Vulnerability
6017| [51513] Oracle MySQL Server CVE-2012-0485 Remote Security Vulnerability
6018| [51512] Oracle MySQL CVE-2012-0119 Remote Vulnerability
6019| [51511] Oracle MySQL CVE-2012-0118 Remote MySQL Server Vulnerability
6020| [51510] Oracle MySQL Server CVE-2012-0489 Remote MySQL Server Vulnerability
6021| [51509] Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
6022| [51508] Oracle MySQL CVE-2012-0116 Remote MySQL Server Vulnerability
6023| [51507] Oracle MySQL Server CVE-2012-0496 Remote Security Vulnerability
6024| [51506] Oracle MySQL Server CVE-2012-0488 Remote MySQL Server Vulnerability
6025| [51505] Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
6026| [51504] Oracle MySQL CVE-2012-0115 Remote Vulnerability
6027| [51503] Oracle MySQL Server CVE-2012-0487 Remote MySQL Server Vulnerability
6028| [51502] Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
6029| [51493] Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
6030| [51488] Oracle MySQL CVE-2012-0113 Remote MySQL Server Vulnerability
6031| [50139] DBD::mysqlPP Unspecified SQL Injection Vulnerability
6032| [48466] MySQLDriverCS SQL Injection Vulnerability
6033| [47919] Zend Framework 'PDO_MySql' Security Bypass Vulnerability
6034| [47871] Oracle MySQL Prior to 5.1.52 Multiple Denial Of Service Vulnerabilities
6035| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
6036| [46655] pywebdav MySQL Authentication Module SQL Injection Vulnerability
6037| [46456] MySQL Eventum 'full_name' Field HTML Injection Vulnerability
6038| [46380] MySQL Eventum Multiple HTML Injection Vulnerabilities
6039| [46056] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
6040| [43884] phpFK - PHP Forum Script ohne MySQL 'page_bottom.php' Local File Include Vulnerability
6041| [43677] Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability
6042| [43676] Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities
6043| [42646] Oracle MySQL Prior to 5.1.49 'JOIN' Statement Denial Of Service Vulnerability
6044| [42643] Oracle MySQL Prior to 5.1.49 'DDL' Statements Denial Of Service Vulnerability
6045| [42638] Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability
6046| [42633] Oracle MySQL 'HANDLER' interface Denial Of Service Vulnerability
6047| [42625] Oracle MySQL 'LOAD DATA INFILE' Denial Of Service Vulnerability
6048| [42599] Oracle MySQL 'EXPLAIN' Denial Of Service Vulnerability
6049| [42598] Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
6050| [42596] Oracle MySQL Prior to 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability
6051| [42586] RETIRED: Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities
6052| [42417] Zmanda Recovery Manager for MySQL Multiple Local Privilege Escalation Vulnerabilities
6053| [41440] phpFK - PHP Forum Script ohne MySQL 'upload.php' Arbitrary File Upload Vulnerability
6054| [41198] Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
6055| [40537] MySQL Enterprise Monitor Multiple Unspecified Cross Site Request Forgery Vulnerabilities
6056| [40506] RETIRED: phpGraphy 'mysql_cleanup.php' Remote File Include Vulnerability
6057| [40461] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
6058| [40257] Oracle MySQL DROP TABLE MyISAM Symbolic Link Local Security Bypass Vulnerability
6059| [40109] Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
6060| [40106] Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
6061| [40100] Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
6062| [40045] Advanced Poll 'mysql_host' Parameter Cross Site Scripting Vulnerability
6063| [39918] FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
6064| [39543] MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
6065| [38642] Timeclock Software 'mysqldump' Local Information Disclosure Vulnerability
6066| [38043] MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability
6067| [37943] MySQL with yaSSL SSL Certificate Handling Remote Stack Buffer Overflow Vulnerability
6068| [37770] TYPO3 kiddog_mysqldumper Unspecified Information Disclosure Vulnerability
6069| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
6070| [37297] MySQL Multiple Remote Denial Of Service Vulnerabilities
6071| [37076] MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability
6072| [37075] MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
6073| [36242] MySQL 5.x Unspecified Buffer Overflow Vulnerability
6074| [35858] MySQL Connector/J Unicode Character String SQL Injection Vulnerability
6075| [35609] MySQL 'sql_parse.cc' Multiple Format String Vulnerabilities
6076| [35514] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
6077| [33972] MySQL XPath Expression Remote Denial Of Service Vulnerability
6078| [33392] 'mod_auth_mysql' Package Multibyte Character Encoding SQL Injection Vulnerability
6079| [32978] MySQL Calendar 'username' Parameter SQL Injection Vulnerability
6080| [32914] MySQL Calendar Cookie Authentication Bypass Vulnerability
6081| [32157] MySQL Quick Admin 'actions.php' Local File Include Vulnerability
6082| [32000] Agora 'MysqlfinderAdmin.php' Remote File Include Vulnerability
6083| [31517] MySQL Quick Admin 'index.php' Local File Include Vulnerability
6084| [31486] MySQL Command Line Client HTML Special Characters HTML Injection Vulnerability
6085| [31425] PromoteWeb MySQL 'go.php' SQL Injection Vulnerability
6086| [31081] MySQL Empty Binary String Literal Remote Denial Of Service Vulnerability
6087| [30835] mysql-lists Unspecified Cross Site Scripting Vulnerability
6088| [30529] Keld PHP-MySQL News Script 'login.php' SQL Injection Vulnerability
6089| [30383] phpwebnews-mysql Multiple SQL Injection Vulnerabilities
6090| [29106] MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
6091| [29048] GEDCOM_to_MySQL2 Multiple Cross-Site Scripting Vulnerabilities
6092| [28351] MySQL INFORMATION_SCHEMA Remote Denial Of Service Vulnerability
6093| [27938] DSPAM Debian 'libdspam7-drv-mysql' Cron Job MySQL Calls Local Information Disclosure Vulnerability
6094| [27202] PHP Webquest MySQL Credentials Information Disclosure Vulnerability
6095| [27032] PHP MySQL Open Source Help Desk 'form.php' Code Injection Vulnerability
6096| [26947] MySQL Server Unspecified Remote Arbitrary Command Execution Vulnerability
6097| [26832] MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities
6098| [26829] aurora framework Db_mysql.LIB SQL Injection Vulnerability
6099| [26765] MySQL Server RENAME TABLE System Table Overwrite Vulnerability
6100| [26353] MySQL Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
6101| [26304] AdventNet EventLog Analyzer Insecure Default MySQL Password Unauthorized Access Vulnerability
6102| [26156] Bacula MySQL Password Information Disclosure Vulnerability
6103| [26095] Asterisk 'asterisk-addons' CDR_ADDON_MYSQL Module SQL Injection Vulnerability
6104| [25017] MySQL Access Validation and Denial of Service Vulnerabilities
6105| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
6106| [24016] MySQL Rename Table Function Access Validation Vulnerability
6107| [24011] MySQL Security Invoker Privilege Escalation Vulnerability
6108| [24008] MySQL Alter Table Function Information Disclosure Vulnerability
6109| [23911] MySQL IF Query Handling Remote Denial Of Service Vulnerability
6110| [23176] Eve-Nuke Forums MySQL.PHP Remote File Include Vulnerability
6111| [22941] MySQL Commander Remote File Include Vulnerability
6112| [22900] MySQL Single Row SubSelect Remote Denial Of Service Vulnerability
6113| [22474] CPanel PassWDMySQL Cross-Site Scripting Vulnerability
6114| [22431] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
6115| [20460] MySQLDumper SQL.PHP Cross-Site Scripting Vulnerability
6116| [20222] PABugs Class.MySQL.PHP Remote File Include Vulnerability
6117| [20165] ZoomStats MySQL.PHP Remote File Include Vulnerability
6118| [19794] MySQL Multiupdate and Subselects Denial Of Service Vulnerability
6119| [19559] MySQL Privilege Elevation and Security Bypass Vulnerabilities
6120| [19279] MySQL MERGE Privilege Revoke Bypass Vulnerability
6121| [19240] Banex PHP MySQL Banner Exchange Multiple Remote Vulnerabilities
6122| [19032] MySQL Server Date_Format Denial Of Service Vulnerability
6123| [18717] PHP/MySQL Classifieds AddAsset1.PHP Multiple HTML Injection Vulnerabilities
6124| [18439] MySQL Server Str_To_Date Remote Denial Of Service Vulnerability
6125| [18219] MySQL Mysql_real_escape Function SQL Injection Vulnerability
6126| [17780] MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
6127| [17224] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
6128| [17223] Cholod MySQL Based Message Board Multiple HTML Injection Vulnerabilities
6129| [17147] Woltlab Burning Board Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
6130| [16850] MySQL Query Logging Bypass Vulnerability
6131| [16620] PHP/MYSQL Timesheet Multiple SQL Injection Vulnerabilities
6132| [16564] PAM-MySQL Code Execution And Denial Of Service Vulnerabilities
6133| [16219] PHP MySQLI Error Logging Remote Format String Vulnerability
6134| [16145] PHP MySQL_Connect Remote Buffer Overflow Vulnerability
6135| [15852] MySQL Auction Search Module Cross-Site Scripting Vulnerability
6136| [14509] MySQL User-Defined Function Buffer Overflow Vulnerability
6137| [14437] MySQL Eventum Multiple SQL Injection Vulnerabilities
6138| [14436] MySQL Eventum Multiple Cross-Site Scripting Vulnerabilities
6139| [13913] xMySQLadmin Insecure Temporary File Creation Vulnerability
6140| [13660] MySQL mysql_install_db Insecure Temporary File Creation Vulnerability
6141| [13378] MySQL MaxDB WebDAV IF Parameter Remote Buffer Overflow Vulnerability
6142| [13369] MySQL MaxDB WebDAV Lock Token Remote Buffer Overflow Vulnerability
6143| [13368] MySQL MaxDB HTTP GET Request Remote Buffer Overflow Vulnerability
6144| [12805] MySQL MaxDB WebAgent Input Validation Multiple Remote Denial Of Service Vulnerabilities
6145| [12781] MySQL AB MySQL Multiple Remote Vulnerabilities
6146| [12313] MySQL MaxDB WebAgent Remote Denial of Service Vulnerabilities
6147| [12277] MySQL Database MySQLAccess Local Insecure Temporary File Creation Vulnerability
6148| [12265] MySQL MaxDB WebAgent WebSQL Password Parameter Remote Buffer Overflow Vulnerability
6149| [12133] MySQL Eventum Multiple Input Validation Vulnerabilities
6150| [11844] MySQL MaxDB WebDav Handler Overwrite Header Remote Buffer Overflow Vulnerability
6151| [11843] MySQL MaxDB WAHTTP Server Remote Denial Of Service Vulnerability
6152| [11435] MySQL Database Unauthorized GRANT Privilege Vulnerability
6153| [11432] MySQL Remote FULLTEXT Search Denial Of Service Vulnerability
6154| [11357] MySQL Multiple Local Vulnerabilities
6155| [11346] MySQL MaxDB WebDBM Server Name Denial of Service Vulnerability
6156| [11291] MySQL Unspecified Insecure Temporary File Creation Vulnerability
6157| [11261] MySQL Bounded Parameter Statement Execution Remote Buffer Overflow Vulnerability
6158| [11234] AllWebScripts MySQLGuest HTML Injection Vulnerability
6159| [10986] Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' Vulnerability
6160| [10981] MySQL Mysql_real_connect Function Potential Remote Buffer Overflow Vulnerability
6161| [10969] MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability
6162| [10655] MySQL Password Length Remote Buffer Overflow Vulnerability
6163| [10654] MySQL Authentication Bypass Vulnerability
6164| [10142] MySQL MYSQLD_Multi Insecure Temporary File Creation Vulnerability
6165| [9976] MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
6166| [8796] MySQL Multiple Vulnerabilities
6167| [8590] MySQL Password Handler Buffer Overflow Vulnerability
6168| [8245] MySQL AB ODBC Driver Plain Text Password Vulnerability
6169| [7887] MySQL libmysqlclient Library mysql_real_connect() Buffer Overrun Vulnerability
6170| [7500] MySQL Weak Password Encryption Vulnerability
6171| [7052] MySQL mysqld Privilege Escalation Vulnerability
6172| [7041] MySQL Control Center Insecure Default File Permission Vulnerability
6173| [6718] MySQL Double Free Heap Corruption Vulnerability
6174| [6375] MySQL COM_CHANGE_USER Password Memory Corruption Vulnerability
6175| [6374] MySQL libmysqlclient Library Read_One_Row Buffer Overflow Vulnerability
6176| [6373] MySQL COM_CHANGE_USER Password Length Account Compromise Vulnerability
6177| [6370] MySQL libmysqlclient Library Read_Rows Buffer Overflow Vulnerability
6178| [6368] MySQL COM_TABLE_DUMP Memory Corruption Vulnerability
6179| [5948] PHPRank MySQL Error Unauthorized Access Vulnerability
6180| [5853] MySQL DataDir Parameter Local Buffer Overflow Vulnerability
6181| [5513] MySQL Logging Not Enabled Weak Default Configuration Vulnerability
6182| [5511] MySQL Bind Address Not Enabled Weak Default Configuration Vulnerability
6183| [5503] MySQL Null Root Password Weak Default Configuration Vulnerability
6184| [4409] Cyrus SASL LDAP+MySQL Authentication Patch SQL Command Execution Vulnerability
6185| [4026] PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
6186| [3907] Conectiva Linux MySQL World Readable Log File Vulnerability
6187| [3381] WinMySQLadmin Plain Text Password Storage Vulnerability
6188| [3284] Inter7 vpopmail MySQL Authentication Data Recovery Vulnerability
6189| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
6190| [2522] MySQL Root Operation Symbolic Link File Overwriting Vulnerability
6191| [2380] MySQL SHOW GRANTS Pasword Hash Disclosure Vulnerability
6192| [2262] Mysql Local Buffer Overflow Vulnerability
6193| [1850] pam_mysql Authentication Input Validation Vulnerability
6194| [1826] MySQL Authentication Algorithm Vulnerability
6195| [1557] PCCS Mysql Database Admin Tool Username/Password Exposure Vulnerability
6196| [975] MySQL Unauthenticated Remote Access Vulnerability
6197| [926] MySQL GRANT Global Password Changing Vulnerability
6198|
6199| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6200| [85724] Oracle MySQL Server XA Transactions denial of service
6201| [85723] Oracle MySQL Server Server Replication denial of service
6202| [85722] Oracle MySQL Server InnoDB denial of service
6203| [85721] Oracle MySQL Server Server Privileges unspecified
6204| [85720] Oracle MySQL Server Server Partition denial of service
6205| [85719] Oracle MySQL Server Server Parser denial of service
6206| [85718] Oracle MySQL Server Server Options denial of service
6207| [85717] Oracle MySQL Server Server Options denial of service
6208| [85716] Oracle MySQL Server Server Optimizer denial of service
6209| [85715] Oracle MySQL Server Server Optimizer denial of service
6210| [85714] Oracle MySQL Server Prepared Statements denial of service
6211| [85713] Oracle MySQL Server InnoDB denial of service
6212| [85712] Oracle MySQL Server Full Text Search denial of service
6213| [85711] Oracle MySQL Server Data Manipulation Language denial of service
6214| [85710] Oracle MySQL Server Data Manipulation Language denial of service
6215| [85709] Oracle MySQL Server Audit Log unspecified
6216| [85708] Oracle MySQL Server MemCached unspecified
6217| [84846] Debian mysql-server package information disclosure
6218| [84375] Wireshark MySQL dissector denial of service
6219| [83554] Oracle MySQL Server Server Partition denial of service
6220| [83553] Oracle MySQL Server Server Locking denial of service
6221| [83552] Oracle MySQL Server Server Install unspecified
6222| [83551] Oracle MySQL Server Server Types denial of service
6223| [83550] Oracle MySQL Server Server Privileges unspecified
6224| [83549] Oracle MySQL Server InnoDB denial of service
6225| [83548] Oracle MySQL Server InnoDB denial of service
6226| [83547] Oracle MySQL Server Data Manipulation Language denial of service
6227| [83546] Oracle MySQL Server Stored Procedure denial of service
6228| [83545] Oracle MySQL Server Server Replication denial of service
6229| [83544] Oracle MySQL Server Server Partition denial of service
6230| [83543] Oracle MySQL Server Server Optimizer denial of service
6231| [83542] Oracle MySQL Server InnoDB denial of service
6232| [83541] Oracle MySQL Server Information Schema denial of service
6233| [83540] Oracle MySQL Server Data Manipulation Language denial of service
6234| [83539] Oracle MySQL Server Data Manipulation Language denial of service
6235| [83538] Oracle MySQL Server Server Optimizer unspecified
6236| [83537] Oracle MySQL Server MemCached denial of service
6237| [83536] Oracle MySQL Server Server Privileges unspecified
6238| [83535] Oracle MySQL Server Server Privileges unspecified
6239| [83534] Oracle MySQL Server Server unspecified
6240| [83533] Oracle MySQL Server Information Schema unspecified
6241| [83532] Oracle MySQL Server Server Locking unspecified
6242| [83531] Oracle MySQL Server Data Manipulation Language denial of service
6243| [83388] MySQL administrative login attempt detected
6244| [82963] Mambo MySQL database information disclosure
6245| [82946] Oracle MySQL buffer overflow
6246| [82945] Oracle MySQL buffer overflow
6247| [82895] Oracle MySQL and MariaDB geometry queries denial of service
6248| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
6249| [81325] Oracle MySQL Server Server Privileges denial of service
6250| [81324] Oracle MySQL Server Server Partition denial of service
6251| [81323] Oracle MySQL Server Server Optimizer denial of service
6252| [81322] Oracle MySQL Server Server Optimizer denial of service
6253| [81321] Oracle MySQL Server Server denial of service
6254| [81320] Oracle MySQL Server MyISAM denial of service
6255| [81319] Oracle MySQL Server InnoDB denial of service
6256| [81318] Oracle MySQL Server InnoDB denial of service
6257| [81317] Oracle MySQL Server Server Locking denial of service
6258| [81316] Oracle MySQL Server Server denial of service
6259| [81315] Oracle MySQL Server Server Replication unspecified
6260| [81314] Oracle MySQL Server Server Replication unspecified
6261| [81313] Oracle MySQL Server Stored Procedure denial of service
6262| [81312] Oracle MySQL Server Server Optimizer denial of service
6263| [81311] Oracle MySQL Server Information Schema denial of service
6264| [81310] Oracle MySQL Server GIS Extension denial of service
6265| [80790] Oracle MySQL yaSSL buffer overflow
6266| [80553] Oracle MySQL and MariaDB salt security bypass
6267| [80443] Oracle MySQL Server unspecified code execution
6268| [80442] Oracle MySQL Server acl_get() buffer overflow
6269| [80440] Oracle MySQL Server table buffer overflow
6270| [80435] Oracle MySQL Server database privilege escalation
6271| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
6272| [80433] Oracle MySQL Server Stuxnet privilege escalation
6273| [80432] Oracle MySQL Server authentication information disclosure
6274| [79394] Oracle MySQL Server Server Installation information disclosure
6275| [79393] Oracle MySQL Server Server Replication denial of service
6276| [79392] Oracle MySQL Server Server Full Text Search denial of service
6277| [79391] Oracle MySQL Server Server denial of service
6278| [79390] Oracle MySQL Server Client information disclosure
6279| [79389] Oracle MySQL Server Server Optimizer denial of service
6280| [79388] Oracle MySQL Server Server Optimizer denial of service
6281| [79387] Oracle MySQL Server Server denial of service
6282| [79386] Oracle MySQL Server InnoDB Plugin denial of service
6283| [79385] Oracle MySQL Server InnoDB denial of service
6284| [79384] Oracle MySQL Server Client unspecified
6285| [79383] Oracle MySQL Server Server denial of service
6286| [79382] Oracle MySQL Server Protocol unspecified
6287| [79381] Oracle MySQL Server Information Schema unspecified
6288| [78954] SilverStripe MySQLDatabase.php information disclosure
6289| [78948] MySQL MyISAM table symlink
6290| [77865] MySQL unknown vuln
6291| [77864] MySQL sort order denial of service
6292| [77768] MySQLDumper refresh_dblist.php information disclosure
6293| [77177] MySQL Squid Access Report unspecified cross-site scripting
6294| [77065] Oracle MySQL Server Optimizer denial of service
6295| [77064] Oracle MySQL Server Optimizer denial of service
6296| [77063] Oracle MySQL Server denial of service
6297| [77062] Oracle MySQL InnoDB denial of service
6298| [77061] Oracle MySQL GIS Extension denial of service
6299| [77060] Oracle MySQL Server Optimizer denial of service
6300| [76189] MySQL unspecified error
6301| [76188] MySQL attempts security bypass
6302| [75287] MySQLDumper restore.php information disclosure
6303| [75286] MySQLDumper filemanagement.php directory traversal
6304| [75285] MySQLDumper main.php cross-site request forgery
6305| [75284] MySQLDumper install.php cross-site scripting
6306| [75283] MySQLDumper install.php file include
6307| [75282] MySQLDumper menu.php code execution
6308| [75022] Oracle MySQL Server Server Optimizer denial of service
6309| [75021] Oracle MySQL Server Server Optimizer denial of service
6310| [75020] Oracle MySQL Server Server DML denial of service
6311| [75019] Oracle MySQL Server Partition denial of service
6312| [75018] Oracle MySQL Server MyISAM denial of service
6313| [75017] Oracle MySQL Server Server Optimizer denial of service
6314| [74672] Oracle MySQL Server multiple unspecified
6315| [73092] MySQL unspecified code execution
6316| [72540] Oracle MySQL Server denial of service
6317| [72539] Oracle MySQL Server unspecified
6318| [72538] Oracle MySQL Server denial of service
6319| [72537] Oracle MySQL Server denial of service
6320| [72536] Oracle MySQL Server unspecified
6321| [72535] Oracle MySQL Server denial of service
6322| [72534] Oracle MySQL Server denial of service
6323| [72533] Oracle MySQL Server denial of service
6324| [72532] Oracle MySQL Server denial of service
6325| [72531] Oracle MySQL Server denial of service
6326| [72530] Oracle MySQL Server denial of service
6327| [72529] Oracle MySQL Server denial of service
6328| [72528] Oracle MySQL Server denial of service
6329| [72527] Oracle MySQL Server denial of service
6330| [72526] Oracle MySQL Server denial of service
6331| [72525] Oracle MySQL Server information disclosure
6332| [72524] Oracle MySQL Server denial of service
6333| [72523] Oracle MySQL Server denial of service
6334| [72522] Oracle MySQL Server denial of service
6335| [72521] Oracle MySQL Server denial of service
6336| [72520] Oracle MySQL Server denial of service
6337| [72519] Oracle MySQL Server denial of service
6338| [72518] Oracle MySQL Server unspecified
6339| [72517] Oracle MySQL Server unspecified
6340| [72516] Oracle MySQL Server unspecified
6341| [72515] Oracle MySQL Server denial of service
6342| [72514] Oracle MySQL Server unspecified
6343| [71965] MySQL port denial of service
6344| [70680] DBD::mysqlPP unspecified SQL injection
6345| [70370] TaskFreak! multi-mysql unspecified path disclosure
6346| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
6347| [68294] MySQLDriverCS statement.cs sql injection
6348| [68175] Prosody MySQL denial of service
6349| [67539] Zend Framework MySQL PDO security bypass
6350| [67254] DirectAdmin MySQL information disclosure
6351| [66567] Xoops mysql.sql information disclosure
6352| [65871] PyWebDAV MySQLAuthHandler class SQL injection
6353| [65543] MySQL Select Arbitrary data into a File
6354| [65529] MySQL Eventum full_name field cross-site scripting
6355| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
6356| [65379] Oracle MySQL Eventum list.php cross-site scripting
6357| [65266] Accellion File Transfer Appliance MySQL default password
6358| [64878] MySQL Geometry denial of service
6359| [64877] MySQL EXPLAIN EXTENDED denial of service
6360| [64876] MySQL prepared statement denial of service
6361| [64845] MySQL extreme-value denial of service
6362| [64844] MySQL Gis_line_string::init_from_wkb denial of service
6363| [64843] MySQL user-variable denial of service
6364| [64842] MySQL view preparation denial of service
6365| [64841] MySQL prepared statement denial of service
6366| [64840] MySQL LONGBLOB denial of service
6367| [64839] MySQL invocations denial of service
6368| [64838] MySQL Gis_line_string::init_from_wkb denial of service
6369| [64689] MySQL dict0crea.c denial of service
6370| [64688] MySQL SET column denial of service
6371| [64687] MySQL BINLOG command denial of service
6372| [64686] MySQL InnoDB denial of service
6373| [64685] MySQL HANDLER interface denial of service
6374| [64684] MySQL Item_singlerow_subselect::store denial of service
6375| [64683] MySQL OK packet denial of service
6376| [63518] MySQL Query Browser GUI Tools information disclosure
6377| [63517] MySQL Administrator GUI Tools information disclosure
6378| [62272] MySQL PolyFromWKB() denial of service
6379| [62269] MySQL LIKE predicates denial of service
6380| [62268] MySQL joins denial of service
6381| [62267] MySQL GREATEST() or LEAST() denial of service
6382| [62266] MySQL GROUP_CONCAT() denial of service
6383| [62265] MySQL expression values denial of service
6384| [62264] MySQL temporary table denial of service
6385| [62263] MySQL LEAST() or GREATEST() denial of service
6386| [62262] MySQL replication privilege escalation
6387| [61739] MySQL WITH ROLLUP denial of service
6388| [61343] MySQL LOAD DATA INFILE denial of service
6389| [61342] MySQL EXPLAIN denial of service
6390| [61341] MySQL HANDLER denial of service
6391| [61340] MySQL BINLOG denial of service
6392| [61339] MySQL IN() or CASE denial of service
6393| [61338] MySQL SET denial of service
6394| [61337] MySQL DDL denial of service
6395| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
6396| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
6397| [61316] PHP php_mysqlnd_auth_write buffer overflow
6398| [61274] MySQL TEMPORARY InnoDB denial of service
6399| [59905] MySQL ALTER DATABASE denial of service
6400| [59841] CMySQLite updateUser.php cross-site request forgery
6401| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
6402| [59075] PHP php_mysqlnd_auth_write() buffer overflow
6403| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
6404| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
6405| [59072] PHP php_mysqlnd_ok_read() information disclosure
6406| [58842] MySQL DROP TABLE file deletion
6407| [58676] Template Shares MySQL information disclosure
6408| [58531] MySQL COM_FIELD_LIST buffer overflow
6409| [58530] MySQL packet denial of service
6410| [58529] MySQL COM_FIELD_LIST security bypass
6411| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
6412| [57925] MySQL UNINSTALL PLUGIN security bypass
6413| [57006] Quicksilver Forums mysqldump information disclosure
6414| [56800] Employee Timeclock Software mysqldump information disclosure
6415| [56200] Flex MySQL Connector ActionScript SQL injection
6416| [55877] MySQL yaSSL buffer overflow
6417| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
6418| [55416] MySQL unspecified buffer overflow
6419| [55382] Ublog UblogMySQL.sql information disclosure
6420| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
6421| [54597] MySQL sql_table.cc security bypass
6422| [54596] MySQL mysqld denial of service
6423| [54365] MySQL OpenSSL security bypass
6424| [54364] MySQL MyISAM table symlink
6425| [53950] The mysql-ocaml mysql_real_escape_string weak security
6426| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
6427| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
6428| [52660] iScouter PHP Web Portal MySQL Password Retrieval
6429| [52220] aa33code mysql.inc information disclosure
6430| [52122] MySQL Connector/J unicode SQL injection
6431| [51614] MySQL dispatch_command() denial of service
6432| [51406] MySQL Connector/NET SSL spoofing
6433| [49202] MySQL UDF command execution
6434| [49050] MySQL XPath denial of service
6435| [48919] Cisco Application Networking Manager MySQL default account password
6436| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
6437| [47544] MySQL Calendar index.php SQL injection
6438| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
6439| [45649] MySQL MyISAM symlink security bypass
6440| [45648] MySQL MyISAM symlinks security bypass
6441| [45607] MySQL Quick Admin actions.php file include
6442| [45606] MySQL Quick Admin index.php file include
6443| [45590] MySQL command-line client cross-site scripting
6444| [45436] PromoteWeb MySQL go.php SQL injection
6445| [45042] MySQL empty bit-string literal denial of service
6446| [44662] mysql-lists unspecified cross-site scripting
6447| [42267] MySQL MyISAM security bypass
6448| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
6449| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
6450| [40920] MySQL sql_select.cc denial of service
6451| [40734] MySQL Server BINLOG privilege escalation
6452| [40350] MySQL password information disclosure
6453| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
6454| [39402] PHP LOCAL INFILE and MySQL extension security bypass
6455| [38999] aurora framework db_mysql.lib SQL injection
6456| [38990] MySQL federated engine denial of service
6457| [38989] MySQL DEFINER value privilege escalation
6458| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
6459| [38964] MySQL RENAME TABLE symlink
6460| [38733] ManageEngine EventLog Analyzer MySQL default password
6461| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
6462| [38189] MySQL default root password
6463| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
6464| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
6465| [36555] PHP MySQL extension multiple functions security bypass
6466| [35960] MySQL view privilege escalation
6467| [35959] MySQL CREATE TABLE LIKE information disclosure
6468| [35958] MySQL connection protocol denial of service
6469| [35291] MySQLDumper main.php security bypass
6470| [34811] MySQL udf_init and mysql_create_function command execution
6471| [34809] MySQL mysql_update privilege escalation
6472| [34349] MySQL ALTER information disclosure
6473| [34348] MySQL mysql_change_db privilege escalation
6474| [34347] MySQL RENAME TABLE weak security
6475| [34232] MySQL IF clause denial of service
6476| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
6477| [33285] Eve-Nuke mysql.php file include
6478| [32957] MySQL Commander dbopen.php file include
6479| [32933] cPanel load_language.php and mysqlconfig.php file include
6480| [32911] MySQL filesort function denial of service
6481| [32462] cPanel passwdmysql cross-site scripting
6482| [32288] RHSA-2006:0544 updates for mysql not installed
6483| [32266] MySQLNewsEngine affichearticles.php3 file include
6484| [31244] The Address Book MySQL export.php password information disclosure
6485| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
6486| [30760] BTSaveMySql URL file disclosure
6487| [30191] StoryStream mysql.php and mysqli.php file include
6488| [30085] MySQL MS-DOS device name denial of service
6489| [30031] Agora MysqlfinderAdmin.php file include
6490| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
6491| [29179] paBugs class.mysql.php file include
6492| [29120] ZoomStats MySQL file include
6493| [28448] MySQL case sensitive database name privilege escalation
6494| [28442] MySQL GRANT EXECUTE privilege escalation
6495| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
6496| [28202] MySQL multiupdate subselect query denial of service
6497| [28180] MySQL MERGE table security bypass
6498| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
6499| [27995] Opsware Network Automation System MySQL plaintext password
6500| [27904] MySQL date_format() format string
6501| [27635] MySQL Instance Manager denial of service
6502| [27212] MySQL SELECT str_to_date denial of service
6503| [26875] MySQL ASCII escaping SQL injection
6504| [26420] Apple Mac OS X MySQL Manager blank password
6505| [26236] MySQL login packet information disclosure
6506| [26232] MySQL COM_TABLE_DUMP buffer overflow
6507| [26228] MySQL sql_parce.cc information disclosure
6508| [26042] MySQL running
6509| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
6510| [24966] MySQL mysql_real_query logging bypass
6511| [24653] PAM-MySQL logging function denial of service
6512| [24652] PAM-MySQL authentication double free code execution
6513| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
6514| [24095] PHP ext/mysqli exception handling format string
6515| [23990] PHP mysql_connect() buffer overflow
6516| [23596] MySQL Auction search module could allow cross-site scripting
6517| [22642] RHSA-2005:334 updates for mysql not installed
6518| [21757] MySQL UDF library functions command execution
6519| [21756] MySQL LoadLibraryEx function denial of service
6520| [21738] MySQL UDF mysql_create_function function directory traversal
6521| [21737] MySQL user defined function buffer overflow
6522| [21640] MySQL Eventum multiple class SQL injection
6523| [21638] MySQL Eventum multiple scripts cross-site scripting
6524| [20984] xmysqladmin temporary file symlink
6525| [20656] MySQL mysql_install_db script symlink
6526| [20333] Plans MySQL password information disclosure
6527| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
6528| [19658] MySQL udf_init function gain access
6529| [19576] auraCMS mysql_fetch_row function path disclosure
6530| [18922] MySQL mysqlaccess script symlink attack
6531| [18824] MySQL UDF root privileges
6532| [18464] mysql_auth unspecified vulnerability
6533| [18449] Sugar Sales plaintext MySQL password
6534| [17783] MySQL underscore allows elevated privileges
6535| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
6536| [17667] MySQL UNION change denial of service
6537| [17666] MySQL ALTER TABLE RENAME bypass restriction
6538| [17493] MySQL libmysqlclient bulk inserts buffer overflow
6539| [17462] MySQLGuest AWSguest.php script cross-site scripting
6540| [17047] MySQL mysql_real_connect buffer overflow
6541| [17030] MySQL mysqlhotcopy insecure temporary file
6542| [16612] MySQL my_rnd buffer overflow
6543| [16604] MySQL check_scramble_323 function allows unauthorized access
6544| [15883] MySQL mysqld_multi script symlink attack
6545| [15617] MySQL mysqlbug script symlink attack
6546| [15417] Confixx db_mysql_loeschen2.php SQL injection
6547| [15280] Proofpoint Protection Server MySQL allows unauthorized access
6548| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
6549| [13153] MySQL long password buffer overflow
6550| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
6551| [12540] Teapop PostSQL and MySQL modules SQL injection
6552| [12337] MySQL mysql_real_connect function buffer overflow
6553| [11510] MySQL datadir/my.cnf modification could allow root privileges
6554| [11493] mysqlcc configuration and connection files are world writable
6555| [11340] SuckBot mod_mysql_logger denial of service
6556| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
6557| [10850] MySQL libmysql client read_one_row buffer overflow
6558| [10849] MySQL libmysql client read_rows buffer overflow
6559| [10848] MySQL COM_CHANGE_USER password buffer overflow
6560| [10847] MySQL COM_CHANGE_USER command password authentication bypass
6561| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
6562| [10483] Bugzilla stores passwords in plain text in the MySQL database
6563| [10455] gBook MySQL could allow administrative access
6564| [10243] MySQL my.ini "
6565| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
6566| [9909] MySQL logging disabled by default on Windows
6567| [9908] MySQL binding to the loopback adapter is disabled
6568| [9902] MySQL default root password could allow unauthorized access
6569| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
6570| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
6571| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
6572| [7206] WinMySQLadmin stores MySQL password in plain text
6573| [6617] MySQL "
6574| [6419] MySQL drop database command buffer overflow
6575| [6418] MySQL libmysqlclient.so buffer overflow
6576| [5969] MySQL select buffer overflow
6577| [5447] pam_mysql authentication input
6578| [5409] MySQL authentication algorithm obtain password hash
6579| [5057] PCCS MySQL Database Admin Tool could reveal username and password
6580| [4228] MySQL unauthenticated remote access
6581| [3849] MySQL default test account could allow any user to connect to the database
6582| [1568] MySQL creates readable log files
6583|
6584| Exploit-DB - https://www.exploit-db.com:
6585| [30744] MySQL <= 5.1.23 Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
6586| [30677] Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability
6587| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
6588| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
6589| [29653] Active Calendar 1.2 data/mysqlevents.php css Parameter XSS
6590| [29572] CPanel <= 11 PassWDMySQL Cross-Site Scripting Vulnerability
6591| [29569] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
6592| [28783] MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability
6593| [28398] MySQL 4/5 SUID Routine Miscalculation Arbitrary DML Statement Execution
6594| [28308] Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion
6595| [28307] Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection
6596| [28306] Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection
6597| [28234] MySQL 4.x/5.x Server Date_Format Denial of Service Vulnerability
6598| [28026] MySQL Server 4/5 Str_To_Date Remote Denial of Service Vulnerability
6599| [27464] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
6600| [27444] Woltlab Burning Board 2.3.4 Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
6601| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
6602| [26058] MySQL AB Eventum 1.x get_jsrs_data.php F Parameter XSS
6603| [26057] MySQL AB Eventum 1.x list.php release Parameter XSS
6604| [26056] MySQL AB Eventum 1.x view.php id Parameter XSS
6605| [25211] MySQL 4.x CREATE TEMPORARY TABLE Symlink Privilege Escalation
6606| [25210] MySQL 4.x CREATE FUNCTION mysql.func Table Arbitrary Library Injection
6607| [25209] MySQL 4.x CREATE FUNCTION Arbitrary libc Code Execution
6608| [24805] MySQL MaxDB 7.5 WAHTTP Server Remote Denial of Service Vulnerability
6609| [24669] MySQL 3.x/4.x ALTER TABLE/RENAME Forces Old Permission Checks
6610| [24250] MySQL 4.1/5.0 Authentication Bypass Vulnerability
6611| [23179] Oracle MySQL for Microsoft Windows MOF Execution
6612| [23138] MySQL 3.23.x/4.0.x Password Handler Buffer Overflow Vulnerability
6613| [23083] MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
6614| [23081] MySQL Remote Preauth User Enumeration Zeroday
6615| [23078] MySQL Denial of Service Zeroday PoC
6616| [23077] MySQL (Linux) Database Privilege Elevation Zeroday Exploit
6617| [23076] MySQL (Linux) Heap Based Overrun PoC Zeroday
6618| [23075] MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday
6619| [23073] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
6620| [22946] MySQL AB ODBC Driver 3.51 Plain Text Password Vulnerability
6621| [22565] MySQL 3.x/4.0.x Weak Password Encryption Vulnerability
6622| [22340] MySQL 3.23.x mysqld Privilege Escalation Vulnerability
6623| [22085] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Memory Corruption Vulnerability
6624| [22084] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Length Account Compromise Vulnerability
6625| [21726] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (2)
6626| [21725] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (1)
6627| [21266] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (3)
6628| [21265] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2)
6629| [21264] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (1)
6630| [20718] MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting Vulnerability
6631| [20581] Mysql 3.22.x/3.23.x Local Buffer Overflow Vulnerability
6632| [20355] Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
6633| [20055] MySQL Squid Access Report 2.1.4 HTML Injection
6634| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
6635| [19721] MySQL 3.22.27/3.22.29/3.23.8 GRANT Global Password Changing Vulnerability
6636| [19092] MySQL Remote Root Authentication Bypass
6637| [18269] MySQL 5.5.8 - Remote Denial of Service (DOS)
6638| [16957] Oracle MySQL for Microsoft Windows Payload Execution
6639| [16850] MySQL yaSSL CertDecoder::GetName Buffer Overflow
6640| [16849] MySQL yaSSL SSL Hello Message Buffer Overflow
6641| [16701] MySQL yaSSL SSL Hello Message Buffer Overflow
6642| [15467] Oracle MySQL < 5.1.49 'WITH ROLLUP' Denial of Service Vulnerability
6643| [14654] CMSQLite <= 1.2 & CMySQLite <= 1.3.1 - Remote Code Execution Exploit
6644| [14537] Oracle MySQL 'ALTER DATABASE' Remote Denial of Service Vulnerability
6645| [14096] CMSQlite & CMySQLite CSRF Vulnerability
6646| [10876] PHP-MySQL-Quiz SQL Injection Vulnerability
6647| [10450] Linkster PHP/MySQL SQL Injection Vulnerability
6648| [10260] Robert Zimmerman PHP / MYSQL Scripts Admin Bypass
6649| [9953] MySQL <= 6.0 yaSSL <= 1.7.5 Hello Message Buffer Overflow
6650| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
6651| [8037] ProFTPd with mod_mysql Authentication Bypass Vulnerability
6652| [7856] MySQL 4/5/6 UDF for Command Execution
6653| [7020] MySQL Quick Admin 1.5.5 - Local File Inclusion Vulnerability
6654| [6641] MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability
6655| [6577] PromoteWeb MySQL (go.php id) Remote SQL Injection Vulnerability
6656| [6136] phpWebNews 0.2 MySQL Edition (SQL) Insecure Cookie Handling Vuln
6657| [5999] phpWebNews 0.2 MySQL Edition (det) SQL Injection Vulnerability
6658| [5998] phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection Vulnerability
6659| [5913] MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities
6660| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
6661| [4392] PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
6662| [3685] MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
6663| [3591] PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability
6664| [3468] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability
6665| [3450] NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit
6666| [3344] PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
6667| [3274] MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)
6668| [2969] Php/Mysql Site Builder 0.0.2 (htm2php.php) File Disclosure Vulnerability
6669| [2726] Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability
6670| [2554] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
6671| [2466] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit
6672| [2437] paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit
6673| [2420] ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability
6674| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
6675| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
6676| [1518] MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit
6677| [1406] PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit
6678| [1181] MySQL 4.0.17 UDF Dynamic Library Exploit
6679| [1134] MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
6680| [960] MySQL MaxDB Webtool <= 7.5.00.23 Remote Stack Overflow Exploit
6681| [311] MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit
6682| [98] MySQL 3.23.x/4.0.x Remote Exploit
6683|
6684| OpenVAS (Nessus) - http://www.openvas.org:
6685| [902675] MySQLDumper Multiple Vulnerabilities
6686| [881549] CentOS Update for mysql CESA-2012:1551 centos6
6687| [881538] CentOS Update for mysql CESA-2012:1462 centos6
6688| [881225] CentOS Update for mysql CESA-2012:0105 centos6
6689| [881185] CentOS Update for mysql CESA-2012:0127 centos5
6690| [881061] CentOS Update for mysql CESA-2012:0874 centos6
6691| [880760] CentOS Update for mysql CESA-2009:1289 centos5 i386
6692| [880613] CentOS Update for mysql CESA-2010:0109 centos5 i386
6693| [880577] CentOS Update for mysql CESA-2010:0442 centos5 i386
6694| [880452] CentOS Update for mysql CESA-2010:0824 centos4 i386
6695| [880366] CentOS Update for mysql CESA-2010:0110 centos4 i386
6696| [880329] CentOS Update for mysql CESA-2007:1155 centos4 x86_64
6697| [880324] CentOS Update for mysql CESA-2007:1155 centos4 i386
6698| [870870] RedHat Update for mysql RHSA-2012:1551-01
6699| [870861] RedHat Update for mysql RHSA-2012:1462-01
6700| [870778] RedHat Update for mysql RHSA-2012:0874-04
6701| [870736] RedHat Update for mysql RHSA-2011:0164-01
6702| [870647] RedHat Update for mysql RHSA-2012:0105-01
6703| [870547] RedHat Update for mysql RHSA-2012:0127-01
6704| [870357] RedHat Update for mysql RHSA-2010:0824-01
6705| [870356] RedHat Update for mysql RHSA-2010:0825-01
6706| [870272] RedHat Update for mysql RHSA-2010:0442-01
6707| [870218] RedHat Update for mysql RHSA-2010:0110-01
6708| [870216] RedHat Update for mysql RHSA-2010:0109-01
6709| [870195] RedHat Update for mysql RHSA-2007:1155-01
6710| [870069] RedHat Update for mysql RHSA-2008:0364-01
6711| [870033] RedHat Update for mysql RHSA-2008:0768-01
6712| [864951] Fedora Update for mysql FEDORA-2012-19823
6713| [864945] Fedora Update for mysql FEDORA-2012-19833
6714| [864504] Fedora Update for mysql FEDORA-2012-9324
6715| [864474] Fedora Update for mysql FEDORA-2012-9308
6716| [863910] Fedora Update for mysql FEDORA-2012-0972
6717| [863725] Fedora Update for mysql FEDORA-2012-0987
6718| [862844] Fedora Update for mod_auth_mysql FEDORA-2011-0100
6719| [862840] Fedora Update for mod_auth_mysql FEDORA-2011-0114
6720| [862676] Fedora Update for mysql FEDORA-2010-15147
6721| [862444] Fedora Update for mysql FEDORA-2010-15166
6722| [862300] Fedora Update for mysql FEDORA-2010-11126
6723| [862290] Fedora Update for mysql FEDORA-2010-11135
6724| [862149] Fedora Update for mysql FEDORA-2010-9053
6725| [862148] Fedora Update for mysql FEDORA-2010-9061
6726| [862136] Fedora Update for mysql FEDORA-2010-9016
6727| [861948] Fedora Update for mysql FEDORA-2010-7355
6728| [861936] Fedora Update for mysql FEDORA-2010-7414
6729| [861707] Fedora Update for mysql FEDORA-2010-1300
6730| [861651] Fedora Update for mysql FEDORA-2010-1348
6731| [861544] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3369
6732| [861392] Fedora Update for mysql FEDORA-2007-4471
6733| [861180] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3369
6734| [861162] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3376
6735| [861108] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3376
6736| [861033] Fedora Update for mysql FEDORA-2007-4465
6737| [855481] Solaris Update for mysql 120292-02
6738| [855333] Solaris Update for mysql 120293-02
6739| [850182] SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
6740| [841248] Ubuntu Update for mysql-5.5 USN-1658-1
6741| [841207] Ubuntu Update for mysql-5.5 USN-1621-1
6742| [841039] Ubuntu Update for mysql-5.5 USN-1467-1
6743| [840989] Ubuntu Update for mysql-5.1 USN-1427-1
6744| [840944] Ubuntu Update for mysql-5.1 USN-1397-1
6745| [840533] Ubuntu Update for MySQL vulnerabilities USN-1017-1
6746| [840442] Ubuntu Update for MySQL vulnerabilities USN-950-1
6747| [840384] Ubuntu Update for MySQL vulnerabilities USN-897-1
6748| [840292] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-671-1
6749| [840240] Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2
6750| [840219] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1
6751| [840106] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1
6752| [840042] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1
6753| [840012] Ubuntu Update for mysql-dfsg-5.0 vulnerability USN-440-1
6754| [835096] HP-UX Update for on HP 9000 Servers Running MySQL HPSBUX00287
6755| [831755] Mandriva Update for mysql MDVSA-2012:178 (mysql)
6756| [831684] Mandriva Update for mysql MDVA-2012:049 (mysql)
6757| [831547] Mandriva Update for mysql MDVA-2012:022 (mysql)
6758| [831532] Mandriva Update for mysql MDVA-2012:005 (mysql)
6759| [831519] Mandriva Update for mysql MDVA-2011:099 (mysql)
6760| [831425] Mandriva Update for mysql MDVA-2011:025 (mysql)
6761| [831327] Mandriva Update for mysql MDVA-2011:005 (mysql)
6762| [831315] Mandriva Update for mysql MDVSA-2011:012 (mysql)
6763| [831295] Mandriva Update for mysql MDVA-2010:240 (mysql)
6764| [831244] Mandriva Update for mysql MDVSA-2010:155-1 (mysql)
6765| [831243] Mandriva Update for mysql MDVSA-2010:222 (mysql)
6766| [831237] Mandriva Update for mysql MDVSA-2010:223 (mysql)
6767| [831202] Mandriva Update for mysql MDVA-2010:210 (mysql)
6768| [831134] Mandriva Update for mysql MDVSA-2010:155 (mysql)
6769| [831049] Mandriva Update for mysql MDVSA-2010:107 (mysql)
6770| [831048] Mandriva Update for mysql MDVSA-2010:101 (mysql)
6771| [831034] Mandriva Update for mysql MDVA-2010:146 (mysql)
6772| [831033] Mandriva Update for mysql MDVSA-2010:093 (mysql)
6773| [830902] Mandriva Update for mysql MDVSA-2010:044 (mysql)
6774| [830821] Mandriva Update for mysql MDVSA-2010:011 (mysql)
6775| [830806] Mandriva Update for mysql MDVSA-2010:012 (mysql)
6776| [830772] Mandriva Update for mysql MDVSA-2008:150 (mysql)
6777| [830664] Mandriva Update for mysql MDVA-2008:018 (mysql)
6778| [830659] Mandriva Update for mysql MDVSA-2008:017 (mysql)
6779| [830513] Mandriva Update for mysql MDVSA-2008:028 (mysql)
6780| [830421] Mandriva Update for mysql MDVSA-2008:149 (mysql)
6781| [830297] Mandriva Update for MySQL MDKSA-2007:177 (MySQL)
6782| [830223] Mandriva Update for perl-DBD-mysql MDKA-2007:066 (perl-DBD-mysql)
6783| [830063] Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
6784| [830032] Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
6785| [801593] Oracle MySQL Eventum Multiple Cross Site Scripting Vulnerabilities
6786| [801205] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
6787| [103051] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
6788| [100662] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
6789| [71475] Debian Security Advisory DSA 2496-1 (mysql-5.1)
6790| [71233] Debian Security Advisory DSA 2429-1 (mysql-5.1)
6791| [70803] Gentoo Security Advisory GLSA 201201-02 (MySQL)
6792| [70586] FreeBSD Ports: proftpd, proftpd-mysql
6793| [67541] Debian Security Advisory DSA 2057-1 (mysql-dfsg-5.0)
6794| [66577] Fedora Core 11 FEDORA-2009-13504 (mysql)
6795| [66573] Fedora Core 12 FEDORA-2009-13466 (mysql)
6796| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
6797| [66508] Fedora Core 10 FEDORA-2009-12180 (mysql)
6798| [66425] Mandriva Security Advisory MDVSA-2009:326 (mysql)
6799| [66256] Fedora Core 11 FEDORA-2009-10701 (ocaml-mysql)
6800| [66251] Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)
6801| [66056] Debian Security Advisory DSA 1910-1 (mysql-ocaml)
6802| [66035] Mandrake Security Advisory MDVSA-2009:279 (ocaml-mysql)
6803| [65937] SLES10: Security update for MySQL
6804| [65884] SLES10: Security update for MySQL
6805| [65827] SLES10: Security update for MySQL
6806| [65710] SLES11: Security update for MySQL
6807| [65610] SLES9: Security update for MySQL
6808| [65566] SLES9: Security update for MySQL
6809| [65507] SLES9: Security update for MySQL
6810| [65502] SLES9: Security update for mysql
6811| [65426] SLES9: Security update for MySQL
6812| [65385] SLES9: Security update for mysql
6813| [65341] SLES9: Security update for MySQL
6814| [65181] SLES9: Security update for MySQL
6815| [65176] SLES9: Security update for MySQL
6816| [64932] CentOS Security Advisory CESA-2009:1289 (mysql)
6817| [64820] Debian Security Advisory DSA 1877-1 (mysql-dfsg-5.0)
6818| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
6819| [64522] Mandrake Security Advisory MDVSA-2009:179 (mysql)
6820| [64461] Mandrake Security Advisory MDVSA-2009:159 (mysql)
6821| [63872] Mandrake Security Advisory MDVSA-2009:094 (mysql)
6822| [63630] FreeBSD Ports: proftpd, proftpd-mysql
6823| [63171] FreeBSD Ports: mysql-server
6824| [63170] FreeBSD Ports: mysql-server
6825| [63169] FreeBSD Ports: mysql-server
6826| [63168] FreeBSD Ports: mysql-server
6827| [63095] FreeBSD Ports: mysql-server
6828| [61852] Debian Security Advisory DSA 1662-1 (mysql-dfsg-5.0)
6829| [61699] FreeBSD Ports: mysql-client
6830| [61656] FreeBSD Ports: proftpd, proftpd-mysql
6831| [61618] FreeBSD Ports: mysql-server
6832| [61599] Gentoo Security Advisory GLSA 200809-04 (mysql)
6833| [61283] Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
6834| [60804] Gentoo Security Advisory GLSA 200804-04 (mysql)
6835| [60271] Debian Security Advisory DSA 1478-1 (mysql-dfsg-5.0)
6836| [60106] Debian Security Advisory DSA 1451-1 (mysql-dfsg-5.0)
6837| [60017] Slackware Advisory SSA:2007-348-01 mysql
6838| [59638] Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)
6839| [59245] Gentoo Security Advisory GLSA 200711-25 (mysql)
6840| [58863] FreeBSD Ports: freeradius, freeradius-mysql
6841| [58545] Gentoo Security Advisory GLSA 200708-10 (mysql)
6842| [58261] Gentoo Security Advisory GLSA 200705-11 (MySQL)
6843| [57859] Gentoo Security Advisory GLSA 200608-09 (mysql)
6844| [57725] FreeBSD Ports: proftpd, proftpd-mysql
6845| [57576] FreeBSD Ports: proftpd, proftpd-mysql
6846| [57527] FreeBSD Ports: mysql-server
6847| [57526] FreeBSD Ports: mysql-server
6848| [57337] Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)
6849| [57257] FreeBSD Ports: mysql-server
6850| [57167] Slackware Advisory SSA:2006-211-01 mysql
6851| [57109] Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
6852| [56964] Gentoo Security Advisory GLSA 200606-18 (pam_mysql)
6853| [56940] Gentoo Security Advisory GLSA 200606-13 (MySQL)
6854| [56924] Debian Security Advisory DSA 1092-1 (mysql-dfsg-4.1)
6855| [56861] Slackware Advisory SSA:2006-155-01 mysql
6856| [56850] FreeBSD Ports: mysql-server
6857| [56849] FreeBSD Ports: mysql-server
6858| [56833] Debian Security Advisory DSA 1079-1 (mysql-dfsg)
6859| [56789] Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
6860| [56788] Debian Security Advisory DSA 1071-1 (mysql)
6861| [56730] Slackware Advisory SSA:2006-129-02 mysql
6862| [56728] Gentoo Security Advisory GLSA 200605-13 (MySQL)
6863| [56714] FreeBSD Ports: mysql-server
6864| [55520] Debian Security Advisory DSA 833-2 (mysql-dfsg-4.1)
6865| [55514] Debian Security Advisory DSA 833-1 (mysql-dfsg-4.1)
6866| [55493] Debian Security Advisory DSA 829-1 (mysql)
6867| [55492] Debian Security Advisory DSA 831-1 (mysql-dfsg)
6868| [55164] Debian Security Advisory DSA 783-1 (mysql-dfsg-4.1)
6869| [54884] Gentoo Security Advisory GLSA 200503-19 (mysql)
6870| [54819] Gentoo Security Advisory GLSA 200501-33 (mysql)
6871| [54713] Gentoo Security Advisory GLSA 200410-22 (MySQL)
6872| [54659] Gentoo Security Advisory GLSA 200409-02 (MySQL)
6873| [54580] Gentoo Security Advisory GLSA 200405-20 (MySQL)
6874| [54483] FreeBSD Ports: proftpd, proftpd-mysql
6875| [54201] FreeBSD Ports: mysql-server
6876| [53776] Debian Security Advisory DSA 013-1 (mysql)
6877| [53755] Debian Security Advisory DSA 483-1 (mysql)
6878| [53750] Debian Security Advisory DSA 707-1 (mysql)
6879| [53666] Debian Security Advisory DSA 381-1 (mysql)
6880| [53595] Debian Security Advisory DSA 303-1 (mysql)
6881| [53585] Debian Security Advisory DSA 212-1 (mysql)
6882| [53481] Debian Security Advisory DSA 647-1 (mysql)
6883| [53251] Debian Security Advisory DSA 562-1 (mysql)
6884| [53230] Debian Security Advisory DSA 540-1 (mysql)
6885| [52466] FreeBSD Ports: exim, exim-ldap2, exim-mysql, exim-postgresql
6886| [52459] FreeBSD Ports: mysql-client
6887| [52419] FreeBSD Ports: mysql-scripts
6888| [52406] FreeBSD Ports: mysql-server
6889| [52375] FreeBSD Ports: mysql-server, mysql-client
6890| [52274] FreeBSD Ports: mysql-server
6891| [52273] FreeBSD Ports: mysql-server
6892| [52272] FreeBSD Ports: mysql-server
6893| [52271] FreeBSD Ports: mysql-server
6894| [52270] FreeBSD Ports: mysql-server
6895| [52233] FreeBSD Ports: mysql-scripts
6896| [52158] FreeBSD Ports: mysql-server
6897| [16093] MySQL Eventum Multiple flaws
6898| [12639] MySQL Authentication bypass through a zero-length password
6899| [10783] PCCS-Mysql User/Password Exposure
6900|
6901| SecurityTracker - https://www.securitytracker.com:
6902| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
6903| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
6904| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
6905| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
6906| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
6907| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
6908| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
6909| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
6910| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
6911| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
6912| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
6913| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
6914| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
6915| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
6916| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
6917| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
6918| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
6919| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
6920| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
6921| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
6922| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
6923| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
6924| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
6925| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
6926| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
6927| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
6928| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
6929| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
6930| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
6931| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
6932| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
6933| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
6934| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
6935| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
6936| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
6937| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
6938| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
6939| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
6940| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
6941| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
6942| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
6943| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
6944| [1016790] MySQL Replication Error Lets Local Users Deny Service
6945| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
6946| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
6947| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
6948| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
6949| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
6950| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
6951| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
6952| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
6953| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
6954| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
6955| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
6956| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
6957| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
6958| [1014172] xMySQLadmin Lets Local Users Delete Files
6959| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
6960| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
6961| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
6962| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
6963| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
6964| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
6965| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
6966| [1012500] mysql_auth Memory Leak Has Unspecified Impact
6967| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
6968| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
6969| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
6970| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
6971| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
6972| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
6973| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
6974| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
6975| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
6976| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
6977| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
6978| [1007518] DWebPro Discloses MySQL Database Password to Local Users
6979| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
6980| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
6981| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
6982| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
6983| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
6984| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
6985| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
6986| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
6987| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
6988| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
6989| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
6990| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
6991| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
6992|
6993| OSVDB - http://www.osvdb.org:
6994| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
6995| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
6996| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
6997| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
6998| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
6999| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
7000| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
7001| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
7002| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
7003| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
7004| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
7005| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
7006| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
7007| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
7008| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
7009| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
7010| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
7011| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
7012| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
7013| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
7014| [93174] MySQL Crafted Derived Table Handling DoS
7015| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
7016| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
7017| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
7018| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
7019| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
7020| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
7021| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
7022| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
7023| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
7024| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
7025| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
7026| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
7027| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
7028| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
7029| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
7030| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
7031| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
7032| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
7033| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
7034| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
7035| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
7036| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
7037| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
7038| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
7039| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
7040| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
7041| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
7042| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
7043| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
7044| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
7045| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
7046| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
7047| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
7048| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
7049| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
7050| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
7051| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
7052| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
7053| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
7054| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
7055| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
7056| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
7057| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
7058| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
7059| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
7060| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
7061| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
7062| [89042] ViciBox Server MySQL cron Service Default Credentials
7063| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
7064| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
7065| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
7066| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
7067| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
7068| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
7069| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
7070| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
7071| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
7072| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
7073| [87480] MySQL Malformed XML Comment Handling DoS
7074| [87466] MySQL SSL Certificate Revocation Weakness
7075| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
7076| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
7077| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
7078| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
7079| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
7080| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
7081| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
7082| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
7083| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
7084| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
7085| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
7086| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
7087| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
7088| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
7089| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
7090| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
7091| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
7092| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
7093| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
7094| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
7095| [84719] MySQLDumper index.php page Parameter XSS
7096| [84680] MySQL Squid Access Report access.log File Path XSS
7097| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
7098| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
7099| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
7100| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
7101| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
7102| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
7103| [83661] Oracle MySQL Unspecified Issue (59533)
7104| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
7105| [82803] Oracle MySQL Unspecified Issue (59387)
7106| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
7107| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
7108| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
7109| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
7110| [81614] MySQLDumper File Upload PHP Code Execution
7111| [81613] MySQLDumper main.php Multiple Function CSRF
7112| [81612] MySQLDumper restore.php filename Parameter XSS
7113| [81611] MySQLDumper sql.php Multiple Parameter XSS
7114| [81610] MySQLDumper install.php Multiple Parameter XSS
7115| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
7116| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
7117| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
7118| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
7119| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
7120| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
7121| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
7122| [81059] Oracle MySQL Server Multiple Unspecified Issues
7123| [79038] Webmin Process Listing MySQL Password Local Disclosure
7124| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
7125| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
7126| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
7127| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
7128| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
7129| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
7130| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
7131| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
7132| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
7133| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
7134| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
7135| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
7136| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
7137| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
7138| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
7139| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
7140| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
7141| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
7142| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
7143| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
7144| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
7145| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
7146| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
7147| [78375] Oracle MySQL Server Unspecified Local DoS
7148| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
7149| [78373] Oracle MySQL Server Unspecified Local Issue
7150| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
7151| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
7152| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
7153| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
7154| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
7155| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
7156| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
7157| [77040] DBD::mysqlPP Unspecified SQL Injection
7158| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
7159| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
7160| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
7161| [73387] Zend Framework PDO_MySql Character Set Security Bypass
7162| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
7163| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
7164| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
7165| [71368] Accellion File Transfer Appliance Weak MySQL root Password
7166| [70967] MySQL Eventum Admin User Creation CSRF
7167| [70966] MySQL Eventum preferences.php full_name Parameter XSS
7168| [70961] MySQL Eventum list.php Multiple Parameter XSS
7169| [70960] MySQL Eventum forgot_password.php URI XSS
7170| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
7171| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
7172| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
7173| [69395] MySQL Derived Table Grouping DoS
7174| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
7175| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
7176| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
7177| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
7178| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
7179| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
7180| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
7181| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
7182| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
7183| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
7184| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
7185| [68996] MySQL EXPLAIN EXTENDED Statement DoS
7186| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
7187| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
7188| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
7189| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
7190| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
7191| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
7192| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
7193| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
7194| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
7195| [67381] MySQL InnoDB Temporary Table Handling DoS
7196| [67380] MySQL BINLOG Statement Unspecified Argument DoS
7197| [67379] MySQL Multiple Operation NULL Argument Handling DoS
7198| [67378] MySQL Unique SET Column Join Statement Remote DoS
7199| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
7200| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
7201| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
7202| [66731] PHP Bundled MySQL Library Unspecified Issue
7203| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
7204| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
7205| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
7206| [65085] MySQL Enterprise Monitor Unspecified CSRF
7207| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
7208| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
7209| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
7210| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
7211| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
7212| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
7213| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
7214| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
7215| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
7216| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
7217| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
7218| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
7219| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
7220| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
7221| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
7222| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
7223| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
7224| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
7225| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
7226| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
7227| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
7228| [59907] MySQL on Windows bind-address Remote Connection Weakness
7229| [59906] MySQL on Windows Default Configuration Logging Weakness
7230| [59616] MySQL Hashed Password Weakness
7231| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
7232| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
7233| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
7234| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
7235| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
7236| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
7237| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
7238| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
7239| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
7240| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
7241| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
7242| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
7243| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
7244| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
7245| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
7246| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
7247| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
7248| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
7249| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
7250| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
7251| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
7252| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
7253| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
7254| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
7255| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
7256| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
7257| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
7258| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
7259| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
7260| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
7261| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
7262| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
7263| [52464] MySQL charset Column Truncation Weakness
7264| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
7265| [52378] Cisco ANM MySQL root Account Default Password
7266| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
7267| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
7268| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
7269| [50892] MySQL Calendar index.php username Parameter SQL Injection
7270| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
7271| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
7272| [48710] MySQL Command Line Client HTML Output XSS
7273| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
7274| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
7275| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
7276| [47789] mysql-lists Unspecified XSS
7277| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
7278| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
7279| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
7280| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
7281| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
7282| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
7283| [43179] MySQL Server BINLOG Statement Rights Checking Failure
7284| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
7285| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
7286| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
7287| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
7288| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
7289| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
7290| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
7291| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
7292| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
7293| [39279] PHP mysql_error() Function XSS
7294| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
7295| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
7296| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
7297| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
7298| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
7299| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
7300| [37782] MySQL Community Server External Table View Privilege Escalation
7301| [37781] MySQL ALTER TABLE Information Disclosure
7302| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
7303| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
7304| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
7305| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
7306| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
7307| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
7308| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
7309| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
7310| [36251] Associated Press (AP) Newspower Default MySQL root Password
7311| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
7312| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
7313| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
7314| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
7315| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
7316| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
7317| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
7318| [33974] MySQL information_schema Table Subselect Single-Row DoS
7319| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
7320| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
7321| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
7322| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
7323| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
7324| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
7325| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
7326| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
7327| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
7328| [32056] BTSaveMySql Direct Request Config File Disclosure
7329| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
7330| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
7331| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
7332| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
7333| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
7334| [29696] MySQLDumper sql.php db Parameter XSS
7335| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
7336| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
7337| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
7338| [28288] MySQL Instance_options::complete_initialization Function Overflow
7339| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
7340| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
7341| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
7342| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
7343| [28012] MySQL Case Sensitivity Unauthorized Database Creation
7344| [27919] MySQL VIEW Access information_schema.views Information Disclosure
7345| [27703] MySQL MERGE Table Privilege Persistence
7346| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
7347| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
7348| [27416] MySQL Server time.cc date_format Function Format String
7349| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
7350| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
7351| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
7352| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
7353| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
7354| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
7355| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
7356| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
7357| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
7358| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
7359| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
7360| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
7361| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
7362| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
7363| [25595] Apple Mac OS X MySQL Manager Blank root Password
7364| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
7365| [25227] MySQL COM_TABLE_DUMP Packet Overflow
7366| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
7367| [24245] Cholod Mysql Based Message Board Unspecified XSS
7368| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
7369| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
7370| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
7371| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
7372| [23526] MySQL Query NULL Charcter Logging Bypass
7373| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
7374| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
7375| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
7376| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
7377| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
7378| [22479] PHP mysqli Extension Error Message Format String
7379| [22232] PHP Pipe Variable mysql_connect() Function Overflow
7380| [21685] MySQL Auction Search Module keyword XSS
7381| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
7382| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
7383| [19457] aMember Pro mysql.inc.php Remote File Inclusion
7384| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
7385| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
7386| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
7387| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
7388| [18896] MySQL User-Defined Function init_syms() Function Overflow
7389| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
7390| [18894] MySQL drop database Request Remote Overflow
7391| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
7392| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
7393| [18406] MySQL Eventum releases.php SQL Injection
7394| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
7395| [18404] MySQL Eventum custom_fields.php SQL Injection
7396| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
7397| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
7398| [18401] MySQL Eventum list.php release Parameter XSS
7399| [18400] MySQL Eventum view.php id Parameter XSS
7400| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
7401| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
7402| [17223] xMySQLadmin Symlink Arbitrary File Deletion
7403| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
7404| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
7405| [16056] Plans Unspecified mySQL Remote Password Disclosure
7406| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
7407| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
7408| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
7409| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
7410| [14748] MySQL MS-DOS Device Names Request DoS
7411| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
7412| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
7413| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
7414| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
7415| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
7416| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
7417| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
7418| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
7419| [12919] MySQL MaxDB WebAgent websql Remote Overflow
7420| [12779] MySQL User Defined Function Privilege Escalation
7421| [12609] MySQL Eventum projects.php Multiple Parameter XSS
7422| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
7423| [12607] MySQL Eventum forgot_password.php email Parameter XSS
7424| [12606] MySQL Eventum index.php email Parameter XSS
7425| [12605] MySQL Eventum Default Vendor Account
7426| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
7427| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
7428| [11689] Roxen Web Server MySQL Socket Permission Weakness
7429| [10985] MySQL MATCH..AGAINST Query DoS
7430| [10959] MySQL GRANT ALL ON Privilege Escalation
7431| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
7432| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
7433| [10658] MySQL mysql_real_connect() Function Remote Overflow
7434| [10532] MySQL MaxDB webdbm Server Field DoS
7435| [10491] AWS MySQLguest AWSguest.php Script Insertion
7436| [10244] MySQL libmysqlclient Prepared Statements API Overflow
7437| [10226] MySQLGuest AWSguest.php Multiple Field XSS
7438| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
7439| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
7440| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
7441| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
7442| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
7443| [9907] MySQL SELECT Statement String Handling Overflow
7444| [9906] MySQL GRANT Privilege Arbitrary Password Modification
7445| [9509] teapop MySQL Authentication Module SQL Injection
7446| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
7447| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
7448| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
7449| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
7450| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
7451| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
7452| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
7453| [8886] MySQL libmysqlclient Library read_one_row Overflow
7454| [8885] MySQL libmysqlclient Library read_rows Overflow
7455| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
7456| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
7457| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
7458| [7128] MySQL show database Database Name Exposure
7459| [6716] MySQL Database Engine Weak Authentication Information Disclosure
7460| [6605] MySQL mysqld Readable Log File Information Disclosure
7461| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
7462| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
7463| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
7464| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
7465| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
7466| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
7467| [520] MySQL Database Name Traversal Arbitrary File Modification
7468| [380] MySQL Server on Windows Default Null Root Password
7469| [261] MySQL Short Check String Authentication Bypass
7470|_
74718888/tcp open ssh OpenSSH 7.5 (FreeBSD 20170903; protocol 2.0)
7472| vulscan: VulDB - https://vuldb.com:
7473| [108627] OpenSSH up to 7.5 Readonly Mode sftp-server.c process_open unknown vulnerability
7474| [130671] gsi-openssh-server 7.9p1 on Fedora /etc/gsissh/sshd_config weak authentication
7475| [130371] OpenSSH 7.9 scp Man-in-the-Middle directory traversal
7476| [130370] OpenSSH 7.9 Man-in-the-Middle spoofing
7477| [130369] OpenSSH 7.9 Encoding progressmeter.c refresh_progress_meter() spoofing
7478| [129007] OpenSSH 7.9 scp Client scp.c Filename privilege escalation
7479| [123343] OpenSSH up to 7.8 GSS2 auth-gss2.c information disclosure
7480| [123011] OpenSSH up to 7.7 auth2-gss.c Request information disclosure
7481| [112267] OpenSSH up to 7.3 sshd kex.c/packet.c NEWKEYS Message denial of service
7482| [94611] OpenSSH up to 7.3 Access Control privilege escalation
7483| [94610] OpenSSH up to 7.3 Shared Memory Manager privilege escalation
7484| [94608] OpenSSH up to 7.3 Unix-Domain Socket privilege escalation
7485| [94607] OpenSSH up to 7.3 Forwarded Agent Channel privilege escalation
7486| [90671] OpenSSH up to 7.2 auth-passwd.c auth_password denial of service
7487| [90405] OpenSSH up to 7.2p2 sshd information disclosure
7488| [90404] OpenSSH up to 7.2p2 sshd information disclosure
7489| [90403] OpenSSH up to 7.2p2 sshd CPU Exhaustion denial of service
7490| [89622] OpenSSH 7.2p2 Authentication Username information disclosure
7491| [81320] OpenSSH up to 7.2p1 X11 Authentication Credential xauth privilege escalation
7492| [80656] OpenBSD OpenSSH 7.1 X11 Forwarding privilege escalation
7493| [80330] OpenSSH up to 7.1p1 packet.c ssh_packet_read_poll2 memory corruption
7494|
7495| MITRE CVE - https://cve.mitre.org:
7496| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
7497| [CVE-1999-0661] A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
7498|
7499| SecurityFocus - https://www.securityfocus.com/bid/:
7500| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
7501| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
7502| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
7503| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
7504| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
7505| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
7506| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
7507| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
7508| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
7509| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
7510| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
7511| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
7512| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
7513| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
7514| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
7515| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
7516| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
7517| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
7518| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
7519| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
7520| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
7521| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
7522| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
7523| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
7524| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
7525| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
7526| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
7527| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
7528| [75990] OpenSSH Login Handling Security Bypass Weakness
7529| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
7530| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
7531| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
7532| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
7533| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
7534| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
7535| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
7536| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
7537| [61286] OpenSSH Remote Denial of Service Vulnerability
7538| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
7539| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
7540| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
7541| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
7542| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
7543| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
7544| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
7545| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
7546| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
7547| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
7548| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
7549| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
7550| [30794] Red Hat OpenSSH Backdoor Vulnerability
7551| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
7552| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
7553| [28531] OpenSSH ForceCommand Command Execution Weakness
7554| [28444] OpenSSH X Connections Session Hijacking Vulnerability
7555| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
7556| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
7557| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
7558| [20956] OpenSSH Privilege Separation Key Signature Weakness
7559| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
7560| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
7561| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
7562| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
7563| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
7564| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
7565| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
7566| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
7567| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
7568| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
7569| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
7570| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
7571| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
7572| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
7573| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
7574| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
7575| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
7576| [6168] OpenSSH Visible Password Vulnerability
7577| [5374] OpenSSH Trojan Horse Vulnerability
7578| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
7579| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
7580| [4241] OpenSSH Channel Code Off-By-One Vulnerability
7581| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
7582| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
7583| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
7584| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
7585| [2917] OpenSSH PAM Session Evasion Vulnerability
7586| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
7587| [2356] OpenSSH Private Key Authentication Check Vulnerability
7588| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
7589| [1334] OpenSSH UseLogin Vulnerability
7590|
7591| IBM X-Force - https://exchange.xforce.ibmcloud.com:
7592| [83258] GSI-OpenSSH auth-pam.c security bypass
7593| [82781] OpenSSH time limit denial of service
7594| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
7595| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
7596| [72756] Debian openssh-server commands information disclosure
7597| [68339] OpenSSH pam_thread buffer overflow
7598| [67264] OpenSSH ssh-keysign unauthorized access
7599| [65910] OpenSSH remote_glob function denial of service
7600| [65163] OpenSSH certificate information disclosure
7601| [64387] OpenSSH J-PAKE security bypass
7602| [63337] Cisco Unified Videoconferencing OpenSSH weak security
7603| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
7604| [45202] OpenSSH signal handler denial of service
7605| [44747] RHEL OpenSSH backdoor
7606| [44280] OpenSSH PermitRootLogin information disclosure
7607| [44279] OpenSSH sshd weak security
7608| [44037] OpenSSH sshd SELinux role unauthorized access
7609| [43940] OpenSSH X11 forwarding information disclosure
7610| [41549] OpenSSH ForceCommand directive security bypass
7611| [41438] OpenSSH sshd session hijacking
7612| [40897] OpenSSH known_hosts weak security
7613| [40587] OpenSSH username weak security
7614| [37371] OpenSSH username data manipulation
7615| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
7616| [37112] RHSA update for OpenSSH signal handler race condition not installed
7617| [37107] RHSA update for OpenSSH identical block denial of service not installed
7618| [36637] OpenSSH X11 cookie privilege escalation
7619| [35167] OpenSSH packet.c newkeys[mode] denial of service
7620| [34490] OpenSSH OPIE information disclosure
7621| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
7622| [32975] Apple Mac OS X OpenSSH denial of service
7623| [32387] RHSA-2006:0738 updates for openssh not installed
7624| [32359] RHSA-2006:0697 updates for openssh not installed
7625| [32230] RHSA-2006:0298 updates for openssh not installed
7626| [32132] RHSA-2006:0044 updates for openssh not installed
7627| [30120] OpenSSH privilege separation monitor authentication verification weakness
7628| [29255] OpenSSH GSSAPI user enumeration
7629| [29254] OpenSSH signal handler race condition
7630| [29158] OpenSSH identical block denial of service
7631| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
7632| [25116] OpenSSH OpenPAM denial of service
7633| [24305] OpenSSH SCP shell expansion command execution
7634| [22665] RHSA-2005:106 updates for openssh not installed
7635| [22117] OpenSSH GSSAPI allows elevated privileges
7636| [22115] OpenSSH GatewayPorts security bypass
7637| [20930] OpenSSH sshd.c LoginGraceTime denial of service
7638| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
7639| [17213] OpenSSH allows port bouncing attacks
7640| [16323] OpenSSH scp file overwrite
7641| [13797] OpenSSH PAM information leak
7642| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
7643| [13264] OpenSSH PAM code could allow an attacker to gain access
7644| [13215] OpenSSH buffer management errors could allow an attacker to execute code
7645| [13214] OpenSSH memory vulnerabilities
7646| [13191] OpenSSH large packet buffer overflow
7647| [12196] OpenSSH could allow an attacker to bypass login restrictions
7648| [11970] OpenSSH could allow an attacker to obtain valid administrative account
7649| [11902] OpenSSH PAM support enabled information leak
7650| [9803] OpenSSH "
7651| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
7652| [9307] OpenSSH is running on the system
7653| [9169] OpenSSH "
7654| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
7655| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
7656| [8383] OpenSSH off-by-one error in channel code
7657| [7647] OpenSSH UseLogin option arbitrary code execution
7658| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
7659| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
7660| [7179] OpenSSH source IP access control bypass
7661| [6757] OpenSSH "
7662| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
7663| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
7664| [5517] OpenSSH allows unauthorized access to resources
7665| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
7666|
7667| Exploit-DB - https://www.exploit-db.com:
7668| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
7669| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
7670| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
7671| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
7672| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
7673| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
7674| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
7675| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
7676| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
7677| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
7678| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
7679| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
7680| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
7681| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
7682|
7683| OpenVAS (Nessus) - http://www.openvas.org:
7684| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
7685| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
7686| [881183] CentOS Update for openssh CESA-2012:0884 centos6
7687| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
7688| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
7689| [870763] RedHat Update for openssh RHSA-2012:0884-04
7690| [870129] RedHat Update for openssh RHSA-2008:0855-01
7691| [861813] Fedora Update for openssh FEDORA-2010-5429
7692| [861319] Fedora Update for openssh FEDORA-2007-395
7693| [861170] Fedora Update for openssh FEDORA-2007-394
7694| [861012] Fedora Update for openssh FEDORA-2007-715
7695| [840345] Ubuntu Update for openssh vulnerability USN-597-1
7696| [840300] Ubuntu Update for openssh update USN-612-5
7697| [840271] Ubuntu Update for openssh vulnerability USN-612-2
7698| [840268] Ubuntu Update for openssh update USN-612-7
7699| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
7700| [840214] Ubuntu Update for openssh vulnerability USN-566-1
7701| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
7702| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
7703| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
7704| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
7705| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
7706| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
7707| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
7708| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
7709| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
7710| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
7711| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
7712| [100584] OpenSSH X Connections Session Hijacking Vulnerability
7713| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
7714| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
7715| [65987] SLES10: Security update for OpenSSH
7716| [65819] SLES10: Security update for OpenSSH
7717| [65514] SLES9: Security update for OpenSSH
7718| [65513] SLES9: Security update for OpenSSH
7719| [65334] SLES9: Security update for OpenSSH
7720| [65248] SLES9: Security update for OpenSSH
7721| [65218] SLES9: Security update for OpenSSH
7722| [65169] SLES9: Security update for openssh,openssh-askpass
7723| [65126] SLES9: Security update for OpenSSH
7724| [65019] SLES9: Security update for OpenSSH
7725| [65015] SLES9: Security update for OpenSSH
7726| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
7727| [61639] Debian Security Advisory DSA 1638-1 (openssh)
7728| [61030] Debian Security Advisory DSA 1576-2 (openssh)
7729| [61029] Debian Security Advisory DSA 1576-1 (openssh)
7730| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
7731| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
7732| [60667] Slackware Advisory SSA:2008-095-01 openssh
7733| [59014] Slackware Advisory SSA:2007-255-01 openssh
7734| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
7735| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
7736| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
7737| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
7738| [57492] Slackware Advisory SSA:2006-272-02 openssh
7739| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
7740| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
7741| [57470] FreeBSD Ports: openssh
7742| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
7743| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
7744| [56294] Slackware Advisory SSA:2006-045-06 openssh
7745| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
7746| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
7747| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
7748| [53788] Debian Security Advisory DSA 025-1 (openssh)
7749| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
7750| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
7751| [11343] OpenSSH Client Unauthorized Remote Forwarding
7752| [10954] OpenSSH AFS/Kerberos ticket/token passing
7753| [10883] OpenSSH Channel Code Off by 1
7754| [10823] OpenSSH UseLogin Environment Variables
7755|
7756| SecurityTracker - https://www.securitytracker.com:
7757| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
7758| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
7759| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
7760| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
7761| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
7762| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
7763| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
7764| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
7765| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
7766| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
7767| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
7768| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
7769| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
7770| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
7771| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
7772| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
7773| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
7774| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
7775| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
7776| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
7777| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
7778| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
7779| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
7780| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
7781| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
7782| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
7783| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
7784| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
7785| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
7786| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
7787| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
7788| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
7789| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
7790| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
7791| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
7792| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
7793| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
7794| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
7795|
7796| OSVDB - http://www.osvdb.org:
7797| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
7798| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
7799| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
7800| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
7801| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
7802| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
7803| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
7804| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
7805| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
7806| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
7807| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
7808| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
7809| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
7810| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
7811| [56921] OpenSSH Unspecified Remote Compromise
7812| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
7813| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
7814| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
7815| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
7816| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
7817| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
7818| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
7819| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
7820| [43745] OpenSSH X11 Forwarding Local Session Hijacking
7821| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
7822| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
7823| [37315] pam_usb OpenSSH Authentication Unspecified Issue
7824| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
7825| [34601] OPIE w/ OpenSSH Account Enumeration
7826| [34600] OpenSSH S/KEY Authentication Account Enumeration
7827| [32721] OpenSSH Username Password Complexity Account Enumeration
7828| [30232] OpenSSH Privilege Separation Monitor Weakness
7829| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
7830| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
7831| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
7832| [29152] OpenSSH Identical Block Packet DoS
7833| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
7834| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
7835| [22692] OpenSSH scp Command Line Filename Processing Command Injection
7836| [20216] OpenSSH with KerberosV Remote Authentication Bypass
7837| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
7838| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
7839| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
7840| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
7841| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
7842| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
7843| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
7844| [6601] OpenSSH *realloc() Unspecified Memory Errors
7845| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
7846| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
7847| [6072] OpenSSH PAM Conversation Function Stack Modification
7848| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
7849| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
7850| [5408] OpenSSH echo simulation Information Disclosure
7851| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
7852| [4536] OpenSSH Portable AIX linker Privilege Escalation
7853| [3938] OpenSSL and OpenSSH /dev/random Check Failure
7854| [3456] OpenSSH buffer_append_space() Heap Corruption
7855| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
7856| [2140] OpenSSH w/ PAM Username Validity Timing Attack
7857| [2112] OpenSSH Reverse DNS Lookup Bypass
7858| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
7859| [1853] OpenSSH Symbolic Link 'cookies' File Removal
7860| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
7861| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
7862| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
7863| [688] OpenSSH UseLogin Environment Variable Local Command Execution
7864| [642] OpenSSH Multiple Key Type ACL Bypass
7865| [504] OpenSSH SSHv2 Public Key Authentication Bypass
7866| [341] OpenSSH UseLogin Local Privilege Escalation
7867|_
78689999/tcp open http Apache httpd (PHP 5.6.38)
7869|_http-server-header: Apache
7870| vulscan: VulDB - https://vuldb.com:
7871| [141649] Apache OFBiz up to 16.11.05 Form Widget Freemarker Markup Code Execution
7872| [141648] Apache OFBiz up to 16.11.05 Application Stored cross site scripting
7873| [140386] Apache Commons Beanutils 1.9.2 BeanIntrospector unknown vulnerability
7874| [139708] Apache Ranger up to 1.2.0 Policy Import cross site scripting
7875| [139540] cPanel up to 60.0.24 Apache HTTP Server Key information disclosure
7876| [139386] Apache Tike up to 1.21 RecursiveParserWrapper Stack-based memory corruption
7877| [139385] Apache Tika 1.19/1.20/1.21 SAXParsers Hang denial of service
7878| [139384] Apache Tika up to 1.21 RecursiveParserWrapper ZIP File denial of service
7879| [139261] Apache Solr 8.2.0 DataImportHandler Parameter unknown vulnerability
7880| [139259] cPanel up to 68.0.26 WHM Apache Includes Editor information disclosure
7881| [139256] cPanel up to 68.0.26 WHM Apache Configuration Include Editor cross site scripting
7882| [139239] cPanel up to 70.0.22 Apache HTTP Server Log information disclosure
7883| [139141] Apache ActiveMQ Client up to 5.15.4 ActiveMQConnection.java ActiveMQConnection denial of service
7884| [139130] cPanel up to 73.x Apache HTTP Server Injection privilege escalation
7885| [138914] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 VM sql injection
7886| [138913] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Block Argument privilege escalation
7887| [138912] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Cookie sql injection
7888| [138816] Apache Storm up to 1.2.2 Logviewer Daemon Log information disclosure
7889| [138815] Apache Storm up to 1.2.2 UI Daemon Deserialization privilege escalation
7890| [138164] Oracle 2.7.0.1 Apache Log4j unknown vulnerability
7891| [138155] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Tomcat unknown vulnerability
7892| [138151] Oracle Transportation Management 6.3.7 Apache Tomcat unknown vulnerability
7893| [138149] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Commons FileUpload unknown vulnerability
7894| [138131] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Tomcat unknown vulnerability
7895| [138129] Oracle Retail Xstore Point of Service 7.0/7.1 Apache HTTP Server denial of service
7896| [138123] Oracle Retail Order Management System 5.0 Apache Struts 1 unknown vulnerability
7897| [138122] Oracle Retail Order Broker 5.2/15.0 Apache Tomcat unknown vulnerability
7898| [138121] Oracle Retail Order Broker 5.2/15.0 Apache CXF unknown vulnerability
7899| [138112] Oracle Retail Integration Bus 15.0/16.0 Apache Commons FileUpload unknown vulnerability
7900| [138111] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Commons FileUpload unknown vulnerability
7901| [138103] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56/8.57 Apache WSS4J information disclosure
7902| [138053] Oracle JD Edwards EnterpriseOne Tools 9.2 Apache Log4j unknown vulnerability
7903| [138036] Oracle Insurance Rules Palette 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
7904| [138035] Oracle Insurance Policy Administration J2EE 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
7905| [138034] Oracle Insurance Calculation Engine 9.7/10.0/10.1/10.2 Apache Commons FileUpload unknown vulnerability
7906| [138028] Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
7907| [138020] Oracle BI Publisher 11.1.1.9.0 Apache Tomcat unknown vulnerability
7908| [138019] Oracle BI Publisher (formerly XML Publisher) 11.1.1.9.0 Apache Tomcat unknown vulnerability
7909| [138017] Oracle Outside In Technology 8.5.4 Apache Commons FileUpload unknown vulnerability
7910| [138013] Oracle Outside In Technology 8.5.4 Apache Tomcat unknown vulnerability
7911| [138012] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
7912| [138009] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
7913| [138008] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Struts 1 denial of service
7914| [138007] Oracle WebCenter Sites 12.2.1.3.0 Apache Tomcat denial of service
7915| [138006] Oracle Enterprise Repository 12.1.3.0.0 Apache CXF denial of service
7916| [138000] Oracle WebCenter Sites 12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
7917| [137999] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
7918| [137995] Oracle Hospitality Simphony 18.2.1 Apache WSS4J information disclosure
7919| [137987] Oracle FLEXCUBE Universal Banking up to 12.0.3/12.4.0/14.2.0 Apache Log4j unknown vulnerability
7920| [137981] Oracle Insurance IFRS 17 Analyzer 8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
7921| [137980] Oracle Insurance Data Foundation 8.0.4/8.0.5/8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
7922| [137979] Oracle 8.0.8 Apache Commons FileUpload unknown vulnerability
7923| [137973] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Batik unknown vulnerability
7924| [137970] Oracle Financial Services Profitability Management 8.0.4/8.0.5/8.0.6/8.0.7 Apache ActiveMQ unknown vulnerability
7925| [137967] Oracle up to 8.0.7 Apache httpd unknown vulnerability
7926| [137966] Oracle 8.0.7/8.0.8 Apache Groovy unknown vulnerability
7927| [137965] Oracle Financial Services Liquidity Risk Management 8.0.1/8.0.2/8.0.4/8.0.5/8.0.6 Apache Commons FileUpload unknown vulnerability
7928| [137964] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Log4j unknown vulnerability
7929| [137933] Oracle Banking Platform up to 2.7.1 Apache Tika unknown vulnerability
7930| [137926] Oracle Enterprise Manager for Fusion Middleware 13.2/13.3 Apache Commons FileUpload information disclosure
7931| [137924] Oracle Enterprise Manager Base Platform 12.1.0.5.0/13.2.0.0.0/13.3.0.0.0 Apache Commons FileUpload unknown vulnerability
7932| [137914] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
7933| [137913] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
7934| [137911] Oracle E-Business Suite up to 12.2.8 Apache HTTP Server unknown vulnerability
7935| [137910] Oracle E-Business Suite up to 12.2.8 Apache CXF information disclosure
7936| [137909] Oracle E-Business Suite up to 12.2.8 Apache Commons FileUpload unknown vulnerability
7937| [137905] Oracle Primavera Gateway 15.2/16.2/17.12/18.8 Apache Tika denial of service
7938| [137901] Oracle Primavera Unifier up to 18.8 Apache HTTP Server unknown vulnerability
7939| [137895] Oracle Instant Messaging Server 10.0.1.2.0 Apache Tika information disclosure
7940| [137894] Oracle EAGLE (Software) 46.5/46.6/46.7 Apache Tomcat information disclosure
7941| [137892] Oracle Online Mediation Controller 6.1 Apache Batik denial of service
7942| [137891] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Tomcat unknown vulnerability
7943| [137885] Oracle Diameter Signaling Router (DSR) 8.0/8.1/8.2 Apache cxf unknown vulnerability
7944| [137882] Oracle Unified 8.0.0.2.0 Apache Commons FileUpload unknown vulnerability
7945| [137881] Oracle Online Mediation Controller 6.1 Apache Commons FileUpload unknown vulnerability
7946| [137880] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Log4j unknown vulnerability
7947| [137879] Oracle Convergence 3.0.2 Apache Commons FileUpload unknown vulnerability
7948| [137876] Oracle Application Session Controller 3.7.1/3.8.0 Apache Commons FileUpload unknown vulnerability
7949| [137829] Apache Roller 5.2.3 Math Comment Authenticator Reflected cross site scripting
7950| [137736] Apache Kafka 0.11.0.0/2.1.0 ACL Validation Request privilege escalation
7951| [136858] MakerBot Replicator 5G Printer Apache HTTP Server information disclosure
7952| [136849] Analogic Poste.io 2.1.6 on Apache RoundCube logs/ information disclosure
7953| [136822] Apache Tomcat up to 8.5.40/9.0.19 Incomplete Fix CVE-2019-0199 Resource Exhaustion denial of service
7954| [136808] Apache Geode up to 1.8.0 Secure Mode privilege escalation
7955| [136646] Apache Allura up to 1.10.x Dropdown Selector Stored cross site scripting
7956| [136374] Apache HTTP Server up to 2.4.38 Slash Regular Expression unknown vulnerability
7957| [136373] Apache HTTP Server 2.4.34/2.4.35/2.4.36/2.4.37/2.4.38 HTTP2 Request Crash denial of service
7958| [136372] Apache HTTP Server up to 2.4.38 HTTP2 Request unknown vulnerability
7959| [136370] Apache Fineract up to 1.2.x sql injection
7960| [136369] Apache Fineract up to 1.2.x sql injection
7961| [135731] Apache Hadoop up to 2.8.4/2.9.1/3.1.0 yarn privilege escalation
7962| [135664] Apache Tomcat up to 7.0.93/8.5.39/9.0.0.17 SSI printenv Command cross site scripting
7963| [135663] Apache Camel up to 2.23.x JSON-lib Library XML Data XML External Entity
7964| [135661] Apache Roller up to 5.2.1/5.2.0 XML-RPC Interface XML File Server-Side Request Forgery
7965| [135402] Apache Zookeeper up to 3.4.13/3.5.0-alpha to 3.5.4-beta getACL() information disclosure
7966| [135270] Apache JSPWiki up to 2.11.0.M3 Plugin Link cross site scripting
7967| [135269] Apache JSPWiki up to 2.11.0.M3 InterWiki Link cross site scripting
7968| [135268] Apache JSPWiki up to 2.11.0.M3 Attachment cross site scripting
7969| [134527] Apache Karaf up to 4.2.4 Config Service directory traversal
7970| [134416] Apache Sanselan 0.97-incubator Loop denial of service
7971| [134415] Apache Sanselan 0.97-incubator Hang denial of service
7972| [134291] Apache Axis up to 1.7.8 Server-Side Request Forgery
7973| [134290] Apache UIMA DUCC up to 2.2.2 cross site scripting
7974| [134248] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
7975| [134247] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
7976| [134246] Apache Camel up to 2.19/2.21.3/2.22.2/2.23.0 directory traversal
7977| [134138] Apache Pluto 3.0.0/3.0.1 Chat Room Demo Portlet cross site scripting
7978| [133992] Apache Qpid Proton up to 0.27.0 Certificate Validation Man-in-the-Middle weak authentication
7979| [133977] Apache Zeppelin up to 0.7.x Stored cross site scripting
7980| [133976] Apache Zeppelin up to 0.7.x Cron Scheduler privilege escalation
7981| [133975] Apache Zeppelin up to 0.7.2 Session Fixation weak authentication
7982| [133444] Apache PDFbox 2.0.14 XML Parser XML External Entity
7983| [133573] Oracle FLEXCUBE Private Banking 2.0.0.0/2.2.0.1/12.0.1.0/12.0.3.0/12.1.0.0 Apache ActiveMQ unknown vulnerability
7984| [133407] Apache Tomcat up to 7.0.93/8.5.39/9.0.17 on Windows JRE Command Line Argument Code Execution
7985| [133315] Apache Airflow up to 1.10.2 HTTP Endpoint cross site request forgery
7986| [133314] Apache Airflow up to 1.10.2 Metadata Database cross site scripting
7987| [133290] Apache Tomcat up to 8.5.37/9.0.14 HTTP2 Stream Execution denial of service
7988| [133112] Apache HTTP Server up to 2.4.38 mod_auth_digest race condition privilege escalation
7989| [133111] Apache HTTP Server 2.4.37/2.4.38 mod_ssl Bypass privilege escalation
7990| [133092] Airsonic 10.2.1 org.apache.commons.lang.RandomStringUtils RecoverController.java java.util.Random weak authentication
7991| [132568] Apache JSPWiki up to 2.11.0.M2 URL User information disclosure
7992| [132567] Apache JSPWiki up to 2.11.0.M2 URL cross site scripting
7993| [132566] Apache ActiveMQ up to 5.15.8 MQTT Frame Memory denial of service
7994| [132565] Apache HBase up to 2.1.3 REST Server Request privilege escalation
7995| [132183] Apache Mesos up to pre-1.4.x Docker Image Code Execution
7996| [131988] Apache Karaf up to 4.2.2 kar Deployer directory traversal
7997| [131859] Apache Hadoop up to 2.9.1 privilege escalation
7998| [131479] Apache Solr up to 7.6 HTTP GET Request Server-Side Request Forgery
7999| [131446] Apache Solr up to 5.0.5/6.6.5 Config API HTTP POST Request Code Execution
8000| [131385] Apache Qpid Broker-J up to 6.x/7.0.6/7.1.0 AMQP Command Crash denial of service
8001| [131315] Apache Mesos up to pre-1.4.x Mesos Masters Rendering JSON Payload Recursion denial of service
8002| [131236] Apache Airflow up to 1.10.1 Metadata Database cross site scripting
8003| [130755] Apache JSPWiki up to 2.10.5 URL cross site scripting
8004| [130629] Apache Guacamole Cookie Flag weak encryption
8005| [130628] Apache Hadoop up to 3.0.0 HDFS information disclosure
8006| [130529] Apache Subversion 1.10.0/1.10.1/1.10.2/1.10.3/1.11.0 mod_dav_svn Directory Crash denial of service
8007| [130353] Apache Open Office up to 4.1.5 Document Loader String memory corruption
8008| [130341] Apache HTTP Server 2.4.37 mod_ssl Loop denial of service
8009| [130330] Apache HTTP Server up to 2.4.37 mod_session Expired privilege escalation
8010| [130329] Apache HTTP Server 2.4.37 mod_http2 Slowloris denial of service
8011| [130212] Apache Airflow up to 1.10.0 LDAP Auth Backend Certificate weak authentication
8012| [130123] Apache Airflow up to 1.8.2 information disclosure
8013| [130122] Apache Airflow up to 1.8.2 command injection cross site request forgery
8014| [130121] Apache Airflow up to 1.8.2 Webserver Object Code Execution
8015| [129717] Oracle Secure Global Desktop 5.4 Apache HTTP Server denial of service
8016| [129688] Oracle Tape Library ACSLS 8.4 Apache Log4j unknown vulnerability
8017| [129673] Oracle Retail Returns Management 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
8018| [129672] Oracle Retail Central Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
8019| [129671] Oracle Retail Back Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
8020| [129574] Oracle Outside In Technology 8.5.3/8.5.4 Apache Tomcat denial of service
8021| [129573] Oracle WebLogic Server 10.3.6.0 Apache HTTP Server denial of service
8022| [129563] Oracle Enterprise Repository 12.1.3.0.0 Apache Log4j unknown vulnerability
8023| [129555] Oracle Outside In Technology 8.5.3 Apache Batik denial of service
8024| [129551] Oracle Outside In Technology 8.5.3/8.5.4 Apache Commons FileUpload denial of service
8025| [129542] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
8026| [129538] Oracle SOA Suite 12.1.3.0.0/12.2.1.3.0 Apache Batik unknown vulnerability
8027| [129519] Oracle Enterprise Manager Ops Center 12.2.2/12.3.3 Apache ActiveMQ unknown vulnerability
8028| [129508] Oracle Applications Manager up to 12.2.8 Apache Derby unknown vulnerability
8029| [129507] Oracle Mobile Field Service up to 12.2.8 Apache Log4j unknown vulnerability
8030| [129505] Oracle Email Center up to 12.2.8 Apache Log4j unknown vulnerability
8031| [129504] Oracle CRM Technical Foundation up to 12.2.8 Apache Commons FileUpload unknown vulnerability
8032| [129499] Oracle Partner Management up to 12.2.8 Apache Log4j unknown vulnerability
8033| [129498] Oracle Marketing up to 12.2.8 Apache Commons FileUpload unknown vulnerability
8034| [129480] Oracle Communications WebRTC Session Controller up to 7.1 Apache Batik unknown vulnerability
8035| [129479] Oracle Communications Diameter Signaling Router up to 8.2 Apache Batik unknown vulnerability
8036| [129474] Oracle Communications Diameter Signaling Router up to 8.2 Apache HTTP Server information disclosure
8037| [129472] Oracle Communications WebRTC Session Controller up to 7.1 Apache Struts 1 unknown vulnerability
8038| [129470] Oracle Communications Converged Application Server up to 7.0.0.0 Apache Struts 1 unknown vulnerability
8039| [129463] Oracle Communications WebRTC Session Controller up to 7.1 Apache Log4j unknown vulnerability
8040| [129461] Oracle Communications Services Gatekeeper up to 6.1.0.3.x Apache Commons Collections Fileupload unknown vulnerability
8041| [129460] Oracle Communications Service Broker 6.0 Apache Log4j unknown vulnerability
8042| [129459] Oracle Communications Policy Management up to 12.4 Apache Struts 2 unknown vulnerability
8043| [129458] Oracle Communications Online Mediation Controller 6.1 Apache Log4j unknown vulnerability
8044| [129457] Oracle Communications Diameter Signaling Router up to 8.2 Apache Commons Fileupload unknown vulnerability
8045| [129456] Oracle Communications Converged Application Server 6.1 Apache Log4j unknown vulnerability
8046| [128714] Apache Thrift Java Client Library up to 0.11.0 SASL Negotiation org.apache.thrift.transport.TSaslTransport unknown vulnerability
8047| [128713] Apache Thrift Node.js Static Web Server up to 0.11.0 directory traversal
8048| [128709] Apache Karaf up to 4.1.6/4.2.1 Features Deployer XMLInputFactory XML External Entity
8049| [128575] Apache NetBeans 9.0 Proxy Auto-Config Code Execution
8050| [128369] Apache Tika 1.8-1.19.1 SQLite3Parser Loop sql injection
8051| [128111] Apache NiFi 1.8.0 Template Upload Man-in-the-Middle cross site request forgery
8052| [128110] Apache NiFi 1.8.0 Cluster Request privilege escalation
8053| [128109] Apache NiFi 1.8.0 Error Page message-page.jsp Request Header cross site scripting
8054| [128108] Apache NiFi up to 1.7.x X-Frame-Options Header privilege escalation
8055| [128102] Apache Oozie up to 5.0.0 Workflow XML Impersonation spoofing
8056| [127994] WordPress up to 5.0.0 on Apache httpd MIME Restriction cross site scripting
8057| [127981] Apache OFBiz 16.11.01/16.11.02/16.11.03/16.11.04 HTTP Engine httpService GET Request privilege escalation
8058| [127161] Apache Hadoop 2.7.4/2.7.5/2.7.6 Incomplete Fix CVE-2016-6811 privilege escalation
8059| [127040] Loadbalancer.org Enterprise VA MAX up to 8.3.2 Apache HTTP Server Log cross site scripting
8060| [127007] Apache Spark Request Code Execution
8061| [126791] Apache Hadoop up to 0.23.11/2.7.6/2.8.4/2.9.1/3.0.2 ZIP File unknown vulnerability
8062| [126767] Apache Qpid Proton-J Transport 0.3 Certificate Verification Man-in-the-Middle weak authentication
8063| [126896] Apache Commons FileUpload 1.3.3 on LDAP Manager DiskFileItem File privilege escalation
8064| [126574] Apache Hive up to 2.3.3/3.1.0 Query privilege escalation
8065| [126573] Apache Hive up to 2.3.3/3.1.0 HiveServer2 privilege escalation
8066| [126564] Apache Superset up to 0.22 Pickle Library load Code Execution
8067| [126488] Apache Syncope up to 2.0.10/2.1.1 BPMN Definition xxe privilege escalation
8068| [126487] Apache Syncope up to 2.0.10/2.1.1 cross site scripting
8069| [126346] Apache Tomcat Path privilege escalation
8070| [125922] Apache Impala up to 3.0.0 ALTER privilege escalation
8071| [125921] Apache Impala up to 3.0.0 Queue Injection privilege escalation
8072| [125647] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Install (Apache Tomcat) information disclosure
8073| [125617] Oracle Retail Returns Management 14.1 Apache Batik unknown vulnerability
8074| [125616] Oracle Retail Point-of-Service 13.4/14.0/14.1 Apache Batik unknown vulnerability
8075| [125614] Oracle Retail Central Office 14.1 Apache Batik unknown vulnerability
8076| [125613] Oracle Retail Back Office 13.3/13.4/14/14.1 Apache Batik unknown vulnerability
8077| [125599] Oracle Retail Open Commerce Platform 5.3.0/6.0.0/6.0.1 Apache Log4j unknown vulnerability
8078| [125569] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56 Apache HTTP Server information disclosure
8079| [125494] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat information disclosure
8080| [125447] Oracle Business Intelligence Enterprise Edition 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Batik unknown vulnerability
8081| [125428] Oracle Identity Management Suite 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
8082| [125427] Oracle Identity Analytics 11.1.1.5.8 Apache Log4j unknown vulnerability
8083| [125424] Oracle API Gateway 11.1.2.4.0 Apache Log4j unknown vulnerability
8084| [125423] Oracle BI Publisher 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Log4j unknown vulnerability
8085| [125383] Oracle up to 10.2.0 Apache Trinidad unknown vulnerability
8086| [125379] Oracle up to 10.1.x Apache Struts 1 cross site scripting
8087| [125377] Oracle up to 10.2.0 Apache Commons Collections unknown vulnerability
8088| [125376] Oracle Communications Application Session Controller up to 3.7.0 Apache Commons Collections unknown vulnerability
8089| [125375] Oracle Communications User Data Repository up to 12.1.x Apache Xerces memory corruption
8090| [125248] Apache ActiveMQ up to 5.15.5 Web-based Administration Console queue.jsp Parameter cross site scripting
8091| [125133] Apache Tika up to 1.19 XML Parser reset() denial of service
8092| [124877] Apache PDFbox up to 2.0.11 PDF File denial of service
8093| [124876] Apache Ranger up to 1.1.x UnixAuthenticationService Stack-based memory corruption
8094| [124791] Apache Tomcat up to 7.0.90/8.5.33/9.0.11 URL Open Redirect
8095| [124787] Apache Pony Mail 0.7/0.8/0.9 Statistics Generator Timestamp Data information disclosure
8096| [124447] Apache HTTP Server up to 2.4.34 SETTINGS Frame denial of service
8097| [124346] Apache Mesos pre-1.4.2/1.5.0/1.5.1/1.6.0 on Executor HTTP API String Comparison validation JSON Web Token information disclosure
8098| [124286] Apache Tika up to 1.18 IptcAnpaParser Loop denial of service
8099| [124242] Apache Tika up to 0.18 C:/evil.bat" Directory unknown vulnerability
8100| [124241] Apache Tika up to 0.18 XML Parser Entity Expansion denial of service
8101| [124191] Apache Karaf up to 3.0.8/4.0.8/4.1.0 WebConsole .../gogo/ weak authentication
8102| [124190] Apache Karaf up to 4.1.x sshd privilege escalation
8103| [124152] Apache Camel Mail up to 2.22.0 Path directory traversal
8104| [124143] Apache SpamAssassin up to 3.4.1 PDFInfo Plugin Code Execution
8105| [124134] Apache SpamAssassin up to 3.4.1 Scan Engine HTML::Parser Email denial of service
8106| [124095] PHP up to 5.6.37/7.0.31/7.1.21/7.2.9 Apache2 sapi_apache2.c php_handler cross site scripting
8107| [124024] Apache Mesos 1.4.x/1.5.0 libprocess JSON Payload denial of service
8108| [123814] Apache ActiveMQ Client up to 5.15.5 TLS Hostname Verification Man-in-the-Middle weak authentication
8109| [123393] Apache Traffic Server up to 6.2.2/7.1.3 ESI Plugin Config privilege escalation
8110| [123392] Apache Traffic Server 6.2.2 TLS Handshake Segmentation Fault denial of service
8111| [123391] Apache Traffic Server up to 6.2.2/7.1.3 Range Request Performance denial of service
8112| [123390] Apache Traffic Server up to 6.2.2/7.1.3 Request HTTP Smuggling privilege escalation
8113| [123369] Apache Traffic Server up to 6.2.2/7.1.3 ACL remap.config Request denial of service
8114| [123197] Apache Sentry up to 2.0.0 privilege escalation
8115| [123145] Apache Struts up to 2.3.34/2.5.16 Namespace Code Execution
8116| [123144] Apache Cayenne up to 4.1.M1 CayenneModeler XML File File Transfer privilege escalation
8117| [122981] Apache Commons Compress 1.7 ZipArchiveInputStream ZIP Archive denial of service
8118| [122889] Apache HTTP Server up to 2.2.31/2.4.23 mod_userdir HTTP Response Splitting privilege escalation
8119| [122800] Apache Spark 1.3.0 REST API weak authentication
8120| [122642] Apache Airflow up to 1.8.x 404 Page Reflected cross site scripting
8121| [122568] Apache Tomcat up to 8.5.31/9.0.9 Connection Reuse weak authentication
8122| [122567] Apache Axis 1.0./1.1/1.2/1.3/1.4 cross site scripting
8123| [122556] Apache Tomcat up to 7.0.86/8.0.51/8.5.30/9.0.7 UTF-8 Decoder Loop denial of service
8124| [122531] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.9 WebSocket Client unknown vulnerability
8125| [122456] Apache Camel up to 2.20.3/2.21.0 XSD Validator XML External Entity
8126| [122455] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Revoked Certificate weak authentication
8127| [122454] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Responder Revoked Certificate weak authentication
8128| [122214] Apache Kafka up to 0.9.0.1/0.10.2.1/0.11.0.2/1.0.0 Broker Request Data Loss denial of service
8129| [122202] Apache Kafka up to 0.10.2.1/0.11.0.1 SASL Impersonation spoofing
8130| [122101] Docker Skeleton Runtime for Apache OpenWhisk Docker Action dockerskeleton:1.3.0 privilege escalation
8131| [122100] PHP Runtime for Apache OpenWhisk Docker Action action-php-v7.2:1.0.0 privilege escalation
8132| [122012] Apache Ignite up to 2.5 Serialization privilege escalation
8133| [121911] Apache Ambari up to 2.5.x/2.6.2 Log Message Credentials information disclosure
8134| [121910] Apache HTTP Server 2.4.33 mod_md HTTP Requests denial of service
8135| [121854] Oracle Tape Library ACSLS up to ACSLS 8.4.0-2 Apache Commons Collections unknown vulnerability
8136| [121752] Oracle Insurance Policy Administration 10.0/10.1/10.2/11.0 Apache Log4j unknown vulnerability
8137| [121370] Apache Spark up to 2.1.2/2.2.1/2.3.0 URL cross site scripting
8138| [121354] Apache CouchDB HTTP API Code Execution
8139| [121144] Apache LDAP API up to 1.0.1 SSL Filter information disclosure
8140| [121143] Apache Storm up to 0.10.2/1.0.6/1.1.2/1.2.1 Cluster privilege escalation
8141| [120436] Apache CXF Fediz up to 1.4.3 Application Plugin unknown vulnerability
8142| [120310] Apache PDFbox up to 1.8.14/2.0.10 AFMParser Loop denial of service
8143| [120168] Apache CXF weak authentication
8144| [120080] Apache Cassandra up to 3.11.1 JMX/RMI Interface RMI Request privilege escalation
8145| [120043] Apache HBase up to 1.2.6.0/1.3.2.0/1.4.4/2.0.0 Thrift 1 API Server weak authentication
8146| [119723] Apache Qpid Broker-J 7.0.0/7.0.1/7.0.2/7.0.3/7.0.4 AMQP Messages Crash denial of service
8147| [122569] Apache HTTP Server up to 2.4.33 HTTP2 Request denial of service
8148| [119486] Apache Geode up to 1.4.0 Security Manager Code Execution
8149| [119306] Apache MXNet Network Interface privilege escalation
8150| [118999] Apache Storm up to 1.0.6/1.1.2/1.2.1 Archive directory traversal
8151| [118996] Apache Storm up to 1.0.6/1.1.2/1.2.1 Daemon spoofing
8152| [118644] Apple macOS up to 10.13.5 apache_mod_php unknown vulnerability
8153| [118200] Apache Batik up to 1.9 Deserialization unknown vulnerability
8154| [118143] Apache NiFi activemq-client Library Deserialization denial of service
8155| [118142] Apache NiFi 1.6.0 SplitXML xxe privilege escalation
8156| [118051] Apache Zookeeper up to 3.4.9/3.5.3-beta weak authentication
8157| [117997] Apache ORC up to 1.4.3 ORC File Recursion denial of service
8158| [117825] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.8 CORS Filter privilege escalation
8159| [117405] Apache Derby up to 10.14.1.0 Network Server Network Packet privilege escalation
8160| [117347] Apache Ambari up to 2.6.1 HTTP Request directory traversal
8161| [117265] LibreOffice/Apache Office Writer SMB Connection XML Document information disclosure
8162| [117143] Apache uimaj/uima-as/uimaFIT/uimaDUCC XML XXE information disclosure
8163| [117117] Apache Tika up to 1.17 ChmParser Loop denial of service
8164| [117116] Apache Tika up to 1.17 BPGParser Loop denial of service
8165| [117115] Apache Tika up to 1.17 tika-server command injection
8166| [116929] Apache Fineract getReportType Parameter privilege escalation
8167| [116928] Apache Fineract REST Endpoint Parameter privilege escalation
8168| [116927] Apache Fineract MakercheckersApiResource Parameter sql injection
8169| [116926] Apache Fineract REST Parameter privilege escalation
8170| [116574] Apache wicket-jquery-ui up to 6.29.0/7.10.1/8.0.0-M9.1 WYSIWYG Editor privilege escalation
8171| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
8172| [115931] Apache Solr up to 6.6.2/7.2.1 XML Data Parameter XML External Entity
8173| [115883] Apache Hive up to 2.3.2 privilege escalation
8174| [115882] Apache Hive up to 2.3.2 xpath_short information disclosure
8175| [115881] Apache DriverHive JDBC Driver up to 2.3.2 Escape Argument Bypass privilege escalation
8176| [115518] Apache Ignite 2.3 Deserialization privilege escalation
8177| [115260] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache cross site scripting
8178| [115259] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache Cookie Stack-based memory corruption
8179| [115500] CA Workload Control Center up to r11.4 SP5 Apache MyFaces Component Code Execution
8180| [115121] Apache Struts REST Plugin up to 2.5.15 Xstream XML Data denial of service
8181| [115061] Apache HTTP Server up to 2.4.29 HTTP Digest Authentication Challenge HTTP Requests Replay privilege escalation
8182| [115060] Apache HTTP Server up to 2.4.29 mod_cache_socache Request Header Crash denial of service
8183| [115059] Apache HTTP Server up to 2.4.29 HTTP2 NULL Pointer Dereference denial of service
8184| [115058] Apache HTTP Server up to 2.4.29 HTTP Header Crash denial of service
8185| [115057] Apache HTTP Server up to 2.4.29 mod_session Variable Name Cache privilege escalation
8186| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
8187| [115038] Apache HTTP Server up to 2.0.65/2.2.34/2.4.29 mod_authnz_ldap Crash denial of service
8188| [114817] Apache Syncope up to 1.2.10/2.0.7 Search Parameter information disclosure
8189| [114816] Apache Syncope up to 1.2.10/2.0.7 XSLT Code Execution
8190| [114717] Apache Commons 1.11/1.12/1.13/1.14/1.15 ZIP Archive ZipFile/ZipArchiveInputStream denial of service
8191| [114661] Apache Allura up to 1.8.0 HTTP Response Splitting privilege escalation
8192| [114400] Apache Tomcat JK ISAPI Connector up to 1.2.42 IIS/ISAPI privilege escalation
8193| [114258] Apache HTTP Server up to 2.4.22 mod_cluster Segmentation Fault denial of service
8194| [114086] Apache ODE 1.3.3 ODE Process Deployment Web Service directory traversal
8195| [113955] Apache Xerces-C up to 3.2.0 XML Parser NULL Pointer Dereference denial of service
8196| [113945] Apache Tomcat up to 7.0.84/8.0.49/8.5.27/9.0.4 URL Pattern Empty String privilege escalation
8197| [113944] Apache OpenMeetings up to 3.x/4.0.1 CRUD Operation denial of service
8198| [113905] Apache Traffic Server up to 5.2.x/5.3.2/6.2.0/7.0.0 TLS Handshake Core Dump denial of service
8199| [113904] Apache Traffic Server up to 6.2.0 Host Header privilege escalation
8200| [113895] Apache Geode up to 1.3.x Code Execution
8201| [113894] Apache Geode up to 1.3.x TcpServer Code Execution
8202| [113888] Apache James Hupa WebMail 0.0.2 cross site scripting
8203| [113813] Apache Geode Cluster up to 1.3.x Secure Mode privilege escalation
8204| [113747] Apache Tomcat Servlets privilege escalation
8205| [113647] Apache Qpid up to 0.30 qpidd Broker AMQP Message Crash denial of service
8206| [113645] Apache VCL up to 2.1/2.2.1/2.3.1 Web GUI/XMLRPC API privilege escalation
8207| [113560] Apache jUDDI Console 3.0.0 Log Entries spoofing
8208| [113571] Apache Oozie up to 4.3.0/5.0.0-beta1 XML Data XML File privilege escalation
8209| [113569] Apache Karaf up to 4.0.7 LDAPLoginModule LDAP injection denial of service
8210| [113273] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
8211| [113198] Apache Qpid Dispatch Router 0.7.0/0.8.0 AMQP denial of service
8212| [113186] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
8213| [113145] Apache Thrift up to 0.9.3 Go Client Library privilege escalation
8214| [113106] Apache jUDDI up to 3.3.3 XML Data WADL2Java/WSDL2Java XML Document privilege escalation
8215| [113105] Apache Qpid Broker-J 7.0.0 AMQP Crash denial of service
8216| [112885] Apache Allura up to 1.8.0 File information disclosure
8217| [112856] Apache CloudStack up to 4.8.1.0/4.9.0.0 API weak authentication
8218| [112855] Apache CloudStack 4.1.0/4.1.1 API information disclosure
8219| [112678] Apache Tomcat up to 7.0.82/8.0.47/8.5.23/9.0.1 Bug Fix 61201 privilege escalation
8220| [112677] Apache Tomcat Native Connector up to 1.1.34/1.2.14 OCSP Checker Client weak authentication
8221| [112625] Apache POI up to 3.16 Loop denial of service
8222| [112448] Apache NiFi up to 1.3.x Deserialization privilege escalation
8223| [112396] Apache Hadoop 2.7.3/2.7.4 YARN NodeManager Credentials information disclosure
8224| [112339] Apache NiFi 1.5.0 Header privilege escalation
8225| [112330] Apache NiFi 1.5.0 Header HTTP Request privilege escalation
8226| [112314] NetGain Enterprise Manager 7.2.730 Build 1034 org.apache.jsp.u.jsp.tools.exec_jsp Servlet Parameter privilege escalation
8227| [112253] Apache Hadoop up to 0.23.x/2.7.4/2.8.2 MapReduce Job History Server Configuration File privilege escalation
8228| [112171] Oracle Secure Global Desktop 5.3 Apache Log4j privilege escalation
8229| [112164] Oracle Agile PLM 9.3.5/9.3.6 Apache Tomcat unknown vulnerability
8230| [112161] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Tomcat privilege escalation
8231| [112158] Oracle Autovue for Agile Product Lifecycle Management 21.0.0/21.0.1 Apache Log4j privilege escalation
8232| [112156] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Log4j privilege escalation
8233| [112155] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Apache Log4j privilege escalation
8234| [112137] Oracle MICROS Relate CRM Software 10.8.x/11.4.x/15.0.x, Apache Tomcat unknown vulnerability
8235| [112136] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat privilege escalation
8236| [112133] Oracle Retail Workforce Management 1.60.7/1.64.0 Apache Log4j privilege escalation
8237| [112129] Oracle Retail Assortment Planning 14.1.3/15.0.3/16.0.1 Apache Log4j privilege escalation
8238| [112114] Oracle 9.1 Apache Log4j privilege escalation
8239| [112113] Oracle 9.1 Apache Log4j privilege escalation
8240| [112045] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat privilege escalation
8241| [112038] Oracle Health Sciences Empirica Inspections 1.0.1.1 Apache Tomcat information disclosure
8242| [112019] Oracle Endeca Information Discovery Integrator 3.1.0/3.2.0 Apache Tomcat privilege escalation
8243| [112017] Oracle WebCenter Portal 11.1.1.9.0/12.2.1.2.0/12.2.1.3.0 Apache Struts 1 cross site scripting
8244| [112011] Oracle Identity Manager 11.1.2.3.0 Apache Commons Collections privilege escalation
8245| [111950] Oracle Database 12.2.0.1 Apache Tomcat information disclosure
8246| [111703] Apache Sling XSS Protection API 1.0.4 URL Encoding cross site scripting
8247| [111556] Apache Geode up to 1.2.x Secure Mode Parameter OQL privilege escalation
8248| [111555] Apache Geode up to 1.2.x Secure Mode OQL privilege escalation
8249| [111540] Apache Geode up to 1.2.x Secure Mode information disclosure
8250| [111519] Apache Sling JCR ContentLoader 2.1.4 xmlreader directory traversal
8251| [111338] Apache DeltaSpike-JSF 1.8.0 cross site scripting
8252| [111330] Apache OFBiz 16.11.01/16.11.02/16.11.03 BIRT Plugin cross site scripting
8253| [110789] Apache Sling up to 1.4.0 Authentication Service Credentials information disclosure
8254| [110785] Apache Drill up to 1.11.0 Query Page unknown vulnerability
8255| [110701] Apache Fineract Query Parameter sql injection
8256| [110484] Apache Synapse up to 3.0.0 Apache Commons Collections Serialized Object Code Injection privilege escalation
8257| [110426] Adobe Experience Manager 6.0/6.1/6.2/6.3 Apache Sling Servlets Post cross site scripting
8258| [110141] Apache Struts up to 2.5.14 REST Plugin denial of service
8259| [110140] Apache Qpid Broker-J up to 0.32 privilege escalation
8260| [110139] Apache Qpid Broker-J up to 6.1.4 AMQP Frame denial of service
8261| [110106] Apache CXF Fediz Spring cross site request forgery
8262| [109766] Apache OpenOffice up to 4.1.3 DOC File Parser WW8Fonts memory corruption
8263| [109750] Apache OpenOffice up to 4.1.3 DOC File Parser ImportOldFormatStyles memory corruption
8264| [109749] Apache OpenOffice up to 4.1.3 PPT File Parser PPTStyleSheet memory corruption
8265| [109606] October CMS Build 412 Apache Configuration File Upload privilege escalation
8266| [109419] Apache Camel up to 2.19.3/2.20.0 camel-castor Java Object Deserialization privilege escalation
8267| [109418] Apache Camel up to 2.19.3/2.20.0 camel-hessian Java Object Deserialization privilege escalation
8268| [109400] Apache CouchDB up to 1.6.x/2.1.0 Database Server Shell privilege escalation
8269| [109399] Apache CouchDB up to 1.6.x/2.1.0 JSON Parser Shell privilege escalation
8270| [109398] Apache CXF 3.1.14/3.2.1 JAX-WS/JAX-RS Attachment denial of service
8271| [108872] Apache Hive up to 2.1.1/2.2.0/2.3.0 Policy Enforcement privilege escalation
8272| [108939] Apple macOS up to 10.13.1 apache unknown vulnerability
8273| [108938] Apple macOS up to 10.13.1 apache denial of service
8274| [108937] Apple macOS up to 10.13.1 apache unknown vulnerability
8275| [108936] Apple macOS up to 10.13.1 apache unknown vulnerability
8276| [108935] Apple macOS up to 10.13.1 apache denial of service
8277| [108934] Apple macOS up to 10.13.1 apache unknown vulnerability
8278| [108933] Apple macOS up to 10.13.1 apache unknown vulnerability
8279| [108932] Apple macOS up to 10.13.1 apache unknown vulnerability
8280| [108931] Apple macOS up to 10.13.1 apache denial of service
8281| [108930] Apple macOS up to 10.13.1 apache unknown vulnerability
8282| [108929] Apple macOS up to 10.13.1 apache denial of service
8283| [108928] Apple macOS up to 10.13.1 apache unknown vulnerability
8284| [108797] Apache Struts up to 2.3.19 TextParseUtiltranslateVariables OGNL Expression privilege escalation
8285| [108795] Apache Traffic Server up to 5.3.0 HTTP2 set_dynamic_table_size memory corruption
8286| [108794] Apache WSS4J up to 1.6.16/2.0.1 Incomplete Fix Leak information disclosure
8287| [108793] Apache Qpid up to 0.30 qpidd Crash denial of service
8288| [108792] Apache Traffic Server up to 5.1.0 Access Restriction privilege escalation
8289| [108791] Apache Wicket up to 1.5.11/6.16.x/7.0.0-M2 Session information disclosure
8290| [108790] Apache Storm 0.9.0.1 Log Viewer directory traversal
8291| [108789] Apache Cordova In-App-Browser Standalone Plugin up to 0.3.1 on iOS CDVInAppBrowser privilege escalation
8292| [108788] Apache Cordova File-Transfer Standalone Plugin up to 0.4.1 on iOS ios/CDVFileTransfer.m spoofing
8293| [108787] Apache HttpClient up to 4.3.0 HttpClientBuilder.java unknown vulnerability
8294| [108786] Apache Wicket up to 1.4.21/1.5.9/6.3.x script Tag cross site scripting
8295| [108783] Apache Hadoop up to 0.23.3/1.0.3/2.0.1 Kerberos Security Feature Key weak encryption
8296| [108782] Apache Xerces2 XML Service denial of service
8297| [108781] Apache jUDDI up to 1.x happyjuddi.jsp Parameter cross site scripting
8298| [108780] Apache jUDDI up to 1.x Log File uddiget.jsp spoofing
8299| [108709] Apache Cordova Android up to 3.7.1/4.0.1 intent URL privilege escalation
8300| [108708] Apache ActiveMQ up to 5.10.0 XML Data XML External Entity
8301| [108707] Apache ActiveMQ up to 1.7.0 XML Data XML External Entity
8302| [108629] Apache OFBiz up to 10.04.01 privilege escalation
8303| [108543] Apache Derby 10.1.2.1/10.2.2.0/10.3.1.4/10.4.1.3 Export File privilege escalation
8304| [108312] Apache HTTP Server on RHEL IP Address Filter privilege escalation
8305| [108297] Apache NiFi up to 0.7.1/1.1.1 Proxy Chain Username Deserialization privilege escalation
8306| [108296] Apache NiFi up to 0.7.1/1.1.1 Cluster Request privilege escalation
8307| [108250] Oracle Secure Global Desktop 5.3 Apache HTTP Server memory corruption
8308| [108245] Oracle Transportation Management up to 6.3.7 Apache Tomcat unknown vulnerability
8309| [108244] Oracle Transportation Management 6.4.1/6.4.2 Apache Commons FileUpload denial of service
8310| [108243] Oracle Agile Engineering Data Management 6.1.3/6.2.0 Apache Commons Collections memory corruption
8311| [108222] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Batik denial of service
8312| [108219] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat unknown vulnerability
8313| [108217] Oracle Retail Store Inventory Management 13.2.9/14.0.4/14.1.3/15.0.1/16.0.1 Apache Groovy unknown vulnerability
8314| [108216] Oracle Retail Convenience and Fuel POS Software 2.1.132 Apache Groovy unknown vulnerability
8315| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
8316| [108113] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Batik denial of service
8317| [108107] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat unknown vulnerability
8318| [108102] Oracle Healthcare Master Person Index 4.x Apache Groovy unknown vulnerability
8319| [108085] Oracle Identity Manager 11.1.2.3.0 Apache Struts 1 memory corruption
8320| [108083] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
8321| [108080] Oracle GlassFish Server 3.1.2 Apache Commons FileUpload denial of service
8322| [108066] Oracle Management Pack for GoldenGate 11.2.1.0.12 Apache Tomcat memory corruption
8323| [108062] Oracle BI Publisher 11.1.1.7.0/12.2.1.1.0/12.2.1.2.0 Apache ActiveMQ memory corruption
8324| [108060] Oracle Enterprise Manager Ops Center 12.2.2/12.3.2 Apache Groovy unknown vulnerability
8325| [108033] Oracle Primavera Unifier 9.13/9.14/10.x/15.x/16.x, Apache Groovy unknown vulnerability
8326| [108013] Oracle Communications WebRTC Session Controller 7.0/7.1/7.2 Apache Groovy unknown vulnerability
8327| [108011] Oracle Communications Services Gatekeeper 5.1/6.0 Apache Trinidad unknown vulnerability
8328| [107904] Apache Struts up to 2.3.28 Double OGNL Evaluation privilege escalation
8329| [107860] Apache Solr up to 7.0 Apache Lucene RunExecutableListener XML External Entity
8330| [107834] Apache Ranger up to 0.6.1 Change Password privilege escalation
8331| [107639] Apache NiFi 1.4.0 XML External Entity
8332| [107606] Apache ZooKeper up to 3.4.9/3.5.2 Command CPU Exhaustion denial of service
8333| [107597] Apache Roller up to 5.0.2 XML-RPC Protocol Support XML External Entity
8334| [107429] Apache Impala up to 2.9.x Kudu Table privilege escalation
8335| [107411] Apache Tomcat up to 7.0.81/8.0.46/8.5.22/9.0.0 JSP File File Upload privilege escalation
8336| [107385] Apache Geode up to 1.2.0 Secure Mode privilege escalation
8337| [107339] Apache OpenNLP up to 1.5.3/1.6.0/1.7.2/1.8.1 XML Data XML External Entity
8338| [107333] Apache Wicket up to 8.0.0-M1 CSRF Prevention HTTP Header privilege escalation
8339| [107323] Apache Wicket 1.5.10/6.13.0 Class Request information disclosure
8340| [107310] Apache Geode up to 1.2.0 Command Line Utility Query privilege escalation
8341| [107276] ArcSight ESM/ArcSight ESM Express up to 6.9.1c Patch 3/6.11.0 Apache Tomcat Version information disclosure
8342| [107266] Apache Tika up to 1.12 XML Parser XML External Entity
8343| [107262] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
8344| [107258] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
8345| [107197] Apache Xerces Jelly Parser XML File XML External Entity
8346| [107193] ZTE NR8950 Apache Commons Collections RMI Request Deserialization privilege escalation
8347| [107084] Apache Struts up to 2.3.19 cross site scripting
8348| [106877] Apache Struts up to 2.0.33/2.5.10 Freemarker Tag privilege escalation
8349| [106875] Apache Struts up to 2.5.5 URL Validator denial of service
8350| [106874] Apache Struts up to 2.3.30 Convention Plugin directory traversal
8351| [106847] Apache Tomcat up to 7.0.80 VirtualDirContext Source information disclosure
8352| [106846] Apache Tomcat up to 7.0.79 on Windows HTTP PUT Method Parameter File Upload privilege escalation
8353| [106777] Apache HTTP Server up to 2.2.34/2.4.27 Limit Directive ap_limit_section HTTP Request information disclosure
8354| [106739] puppetlabs-apache up to 1.11.0/2.0.x weak authentication
8355| [106720] Apache Wicket up to 1.5.12/6.18.x/7.0.0-M4 CryptoMapper privilege escalation
8356| [106586] Apache Brooklyn up to 0.9.x REST Server cross site scripting
8357| [106562] Apache Spark up to 2.1.1 Launcher API Deserialization privilege escalation
8358| [106559] Apache Brooklyn up to 0.9.x SnakeYAML YAML Data Java privilege escalation
8359| [106558] Apache Brooklyn up to 0.9.x REST Server cross site request forgery
8360| [106556] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
8361| [106555] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
8362| [106171] Apache Directory LDAP API up to 1.0.0-M30 Timing unknown vulnerability
8363| [106167] Apache Struts up to 2.5.12 REST Plugin XML Data privilege escalation
8364| [106166] Apache Struts up to 2.3.33/2.5.12 REST Plugin denial of service
8365| [106165] Apache Struts up to 2.3.33/2.5.12 URLValidator Regex CPU Exhaustion denial of service
8366| [106115] Apache Hadoop up to 2.6.4/2.7.2 YARN NodeManager Password information disclosure
8367| [106012] Apache Solr up to 5.5.3/6.4.0 Replication directory traversal
8368| [105980] Apache Engine 16.11.01 Parameter Reflected unknown vulnerability
8369| [105962] Apache Atlas 0.6.0/0.7.0 Frame cross site scripting
8370| [105961] Apache Atlas 0.6.0/0.7.0 Stack Trace information disclosure
8371| [105960] Apache Atlas 0.6.0/0.7.0 Search Reflected cross site scripting
8372| [105959] Apache Atlas 0.6.0/0.7.0 edit Tag DOM cross site scripting
8373| [105958] Apache Atlas 0.6.0/0.7.0 edit Tag Stored cross site scripting
8374| [105957] Apache Atlas 0.6.0/0.7.0 Cookie privilege escalation
8375| [105905] Apache Atlas 0.6.0/0.7.0/0.7.1 /js privilege escalation
8376| [105878] Apache Struts up to 2.3.24.0 privilege escalation
8377| [105682] Apache2Triad 1.5.4 phpsftpd/users.php Parameter cross site scripting
8378| [105681] Apache2Triad 1.5.4 phpsftpd/users.php Request cross site request forgery
8379| [105680] Apache2Triad 1.5.4 Parameter Session Fixation weak authentication
8380| [105643] Apache Pony Mail up to 0.8b weak authentication
8381| [105288] Apache Sling up to 2.3.21 Sling.evalString() String cross site scripting
8382| [105219] Apache Tomcat up to 8.5.15/9.0.0.M21 HTTP2 Bypass directory traversal
8383| [105218] Apache Tomcat up to 7.0.78/8.0.44/8.5.15/9.0.0.M21 CORS Filter Cache Poisoning privilege escalation
8384| [105215] Apache CXF up to 3.0.12/3.1.9 OAuth2 Hawk/JOSE MAC Validation Timing unknown vulnerability
8385| [105206] Apache CXF up to 3.0.11/3.1.8 JAX-RS Module XML External Entity
8386| [105205] Apache CXF up to 3.0.11/3.1.8 HTTP Transport Module Parameter cross site scripting
8387| [105202] Apache Storm 1.0.0/1.0.1/1.0.2/1.0.3/1.1.0 Worker privilege escalation
8388| [104987] Apache Xerces-C++ XML Service CPU Exhaustion denial of service
8389| [104986] Apache CXF 2.4.5/2.5.1 WS-SP UsernameToken Policy SOAP Request weak authentication
8390| [104985] Apache MyFaces Core up to 2.1.4 EL Expression Parameter Injection information disclosure
8391| [104983] Apache Wink up to 1.1.1 XML Document xxe privilege escalation
8392| [104981] Apache Commons Email 1.0/1.1/1.2/1.3/1.4 Subject Linebreak SMTP privilege escalation
8393| [104591] MEDHOST Document Management System Apache Solr Default Credentials weak authentication
8394| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
8395| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
8396| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
8397| [103995] Oracle 8.3/8.4/15.1/15.2 Apache Trinidad unknown vulnerability
8398| [103993] Oracle Policy Automation up to 12.2.3 Apache Commons FileUplaod denial of service
8399| [103916] Oracle Banking Platform 2.3/2.4/2.4.1/2.5 Apache Commons FileUpload denial of service
8400| [103906] Oracle Communications BRM 11.2.0.0.0 Apache Commons Collections privilege escalation
8401| [103904] Oracle Communications BRM 11.2.0.0.0/11.3.0.0.0 Apache Groovy memory corruption
8402| [103866] Oracle Transportation Management 6.1/6.2 Apache Webserver unknown vulnerability
8403| [103816] Oracle BI Publisher 11.1.1.9.0/12.2.1.1.0/12.2.1.2.0 Apache Commons Fileupload denial of service
8404| [103797] Oracle Tuxedo System and Applications Monitor Apache Commons Collections privilege escalation
8405| [103792] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Commons Fileupload privilege escalation
8406| [103791] Oracle Endeca Server 7.6.0.0/7.6.1.0 Apache Commons Collections privilege escalation
8407| [103788] Oracle Enterprise Repository 11.1.1.7.0/12.1.3.0.0 Apache ActiveMQ memory corruption
8408| [103787] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Groovy memory corruption
8409| [103763] Apache Sling up to 1.0.11 XSS Protection API XSS.getValidXML() Application XML External Entity
8410| [103762] Apache Sling up to 1.0.12 XSS Protection API XSSAPI.encodeForJSString() Script Tag cross site scripting
8411| [103693] Apache OpenMeetings 1.0.0 HTTP Method privilege escalation
8412| [103692] Apache OpenMeetings 1.0.0 Tomcat Error information disclosure
8413| [103691] Apache OpenMeetings 3.2.0 Parameter privilege escalation
8414| [103690] Apache OpenMeetings 1.0.0 sql injection
8415| [103689] Apache OpenMeetings 1.0.0 crossdomain.xml privilege escalation
8416| [103688] Apache OpenMeetings 1.0.0 weak encryption
8417| [103687] Apache OpenMeetings 1.0.0 cross site request forgery
8418| [103556] Apache Roller 5.1.0/5.1.1 Weblog Page Template VTL privilege escalation
8419| [103554] Apache OpenMeetings 1.0.0 Password Update unknown vulnerability
8420| [103553] Apache OpenMeetings 1.0.0 File Upload privilege escalation
8421| [103552] Apache OpenMeetings 3.2.0 Chat cross site scripting
8422| [103551] Apache OpenMeetings 3.1.0 XML unknown vulnerability
8423| [103521] Apache HTTP Server 2.4.26 HTTP2 Free memory corruption
8424| [103520] Apache HTTP Server up to 2.2.33/2.4.26 mod_auth_digest Authorization Header memory corruption
8425| [103519] Apache Struts up to 2.5.11/2.3.32 Spring AOP denial of service
8426| [103518] Apache Struts up to 2.5.11 URLValidator directory traversal
8427| [103492] Apache Spark up to 2.1.x Web UI Reflected cross site scripting
8428| [103401] Apache Struts 2.3.x Struts 1 Plugin ActionMessage privilege escalation
8429| [103399] Apache Traffic Control Traffic Router TCP Connection Slowloris denial of service
8430| [103387] Apache Impala up to 2.8.0 StatestoreSubscriber weak encryption
8431| [103386] Apache Impala up to 2.7.x/2.8.0 Kerberos weak authentication
8432| [103352] Apache Solr Node weak authentication
8433| [102897] Apache Ignite up to 2.0 Update Notifier information disclosure
8434| [102878] Code42 CrashPlan 5.4.x RMI Server org.apache.commons.ssl.rmi.DateRMI privilege escalation
8435| [102698] Apache HTTP Server up to 2.2.32/2.4.25 mod_mime Content-Type memory corruption
8436| [102697] Apache HTTP Server 2.2.24/2.2.32 HTTP Strict Parsing ap_find_token Request Header memory corruption
8437| [102690] Apache HTTP Server up to 2.2.32/2.4.25 mod_ssl ap_hook_process_connection() denial of service
8438| [102689] Apache HTTP Server up to 2.2.32/2.4.25 ap_get_basic_auth_pw weak authentication
8439| [102622] Apache Thrift up to 0.9.2 Client Libraries skip denial of service
8440| [102538] Apache Ranger up to 0.7.0 Authorizer unknown vulnerability
8441| [102537] Apache Ranger up to 0.7.0 Wildcard Character unknown vulnerability
8442| [102536] Apache Ranger up to 0.6 Stored cross site scripting
8443| [102535] Apache Ranger up to 0.6.2 Policy Engine unknown vulnerability
8444| [102255] Apache NiFi up to 0.7.3/1.2.x Response Header privilege escalation
8445| [102254] Apache NiFi up to 0.7.3/1.2.x UI cross site scripting
8446| [102070] Apache CXF Fediz up to 1.1.2/1.2.0 Application Plugin denial of service
8447| [102020] Apache Tomcat up to 9.0.0.M1 Java Servlet HTTP Method unknown vulnerability
8448| [101858] Apache Hive up to 1.2.1/2.0.0 Client weak authentication
8449| [101802] Apache KNOX up to 0.11.0 WebHDFS privilege escalation
8450| [101928] HPE Aruba ClearPass Apache Tomcat information disclosure
8451| [101524] Apache Archiva up to 1.x/2.2.1 REST Endpoint cross site request forgery
8452| [101513] Apache jUDDI 3.1./3.1.2/3.1.3/3.1.4 Logout Open Redirect
8453| [101430] Apache CXF Fediz up to 1.3.1 OIDC Service cross site request forgery
8454| [101429] Apache CXF Fediz up to 1.2.3/1.3.1 Plugins cross site request forgery
8455| [100619] Apache Hadoop up to 2.6.x HDFS Servlet unknown vulnerability
8456| [100618] Apache Hadoop up to 2.7.0 HDFS Web UI cross site scripting
8457| [100621] Adobe ColdFusion 10/11/2016 Apache BlazeDS Library Deserialization privilege escalation
8458| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
8459| [100191] Oracle Secure Global Desktop 4.71/5.2/5.3 Web Server (Apache HTTP Server) information disclosure
8460| [100162] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Commons Collections privilege escalation
8461| [100160] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Trinidad unknown vulnerability
8462| [99969] Oracle WebCenter Sites 11.1.1.8.0 Apache Tomcat memory corruption
8463| [99937] Apache Batik up to 1.8 privilege escalation
8464| [99936] Apache FOP up to 2.1 privilege escalation
8465| [99935] Apache CXF up to 3.0.12/3.1.10 STSClient Cache information disclosure
8466| [99934] Apache CXF up to 3.0.12/3.1.10 JAX-RS XML Security Streaming Client spoofing
8467| [99930] Apache Traffic Server up to 6.2.0 denial of service
8468| [99929] Apache Log4j up to 2.8.1 Socket Server Deserialization privilege escalation
8469| [99925] Apache Traffic Server 6.0.0/6.1.0/6.2.0 HPACK Bomb denial of service
8470| [99738] Ping Identity OpenID Connect Authentication Module up to 2.13 on Apache Mod_auth_openidc.c spoofing
8471| [117569] Apache Hadoop up to 2.7.3 privilege escalation
8472| [99591] Apache TomEE up to 1.7.3/7.0.0-M2 EjbObjectInputStream Serialized Object privilege escalation
8473| [99370] Apache Ignite up to 1.8 update-notifier Document XML External Entity
8474| [99299] Apache Geode up to 1.1.0 Pulse OQL Query privilege escalation
8475| [99572] Apache Tomcat up to 7.0.75/8.0.41/8.5.11/9.0.0.M17 Application Listener privilege escalation
8476| [99570] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP Connector Cache information disclosure
8477| [99569] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP/2 GOAWAY Frame Resource Exhaustion denial of service
8478| [99568] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 Pipelined Request information disclosure
8479| [99048] Apache Ambari up to 2.3.x REST API Shell Metacharacter privilege escalation
8480| [99014] Apache Camel Jackson/JacksonXML privilege escalation
8481| [98610] Apple macOS up to 10.12.3 apache_mod_php memory corruption
8482| [98609] Apple macOS up to 10.12.3 apache_mod_php denial of service
8483| [98608] Apple macOS up to 10.12.3 apache_mod_php memory corruption
8484| [98607] Apple macOS up to 10.12.3 apache_mod_php denial of service
8485| [98606] Apple macOS up to 10.12.3 apache_mod_php denial of service
8486| [98605] Apple macOS up to 10.12.3 Apache denial of service
8487| [98604] Apple macOS up to 10.12.3 Apache denial of service
8488| [98603] Apple macOS up to 10.12.3 Apache denial of service
8489| [98602] Apple macOS up to 10.12.3 Apache denial of service
8490| [98601] Apple macOS up to 10.12.3 Apache denial of service
8491| [98517] Apache POI up to 3.14 OOXML File XXE denial of service
8492| [98405] Apache Hadoop up to 0.23.10 privilege escalation
8493| [98199] Apache Camel Validation XML External Entity
8494| [97892] Apache Tomcat up to 9.0.0.M15 Reverse-Proxy Http11InputBuffer.java information disclosure
8495| [97617] Apache Camel camel-snakeyaml Deserialization privilege escalation
8496| [97602] Apache Camel camel-jackson/camel-jacksonxml CamelJacksonUnmarshalType privilege escalation
8497| [97732] Apache Struts up to 2.3.31/2.5.10 Jakarta Multipart Parser Content-Type privilege escalation
8498| [97466] mod_auth_openidc up to 2.1.5 on Apache weak authentication
8499| [97455] mod_auth_openidc up to 2.1.4 on Apache weak authentication
8500| [97081] Apache Tomcat HTTPS Request denial of service
8501| [97162] EMC OpenText Documentum D2 BeanShell/Apache Commons privilege escalation
8502| [96949] Hanwha Techwin Smart Security Manager up to 1.5 Redis/Apache Felix Gogo privilege escalation
8503| [96314] Apache Cordova up to 6.1.1 on Android weak authentication
8504| [95945] Apple macOS up to 10.12.2 apache_mod_php denial of service
8505| [95944] Apple macOS up to 10.12.2 apache_mod_php denial of service
8506| [95943] Apple macOS up to 10.12.2 apache_mod_php memory corruption
8507| [95666] Oracle FLEXCUBE Direct Banking 12.0.0/12.0.1/12.0.2/12.0.3 Apache Commons Collections privilege escalation
8508| [95455] Apache NiFi up to 1.0.0/1.1.0 Connection Details Dialogue cross site scripting
8509| [95311] Apache Storm UI Daemon privilege escalation
8510| [95291] ZoneMinder 1.30.0 Apache httpd privilege escalation
8511| [94800] Apache Wicket up to 1.5.16/6.24.x Deserialize DiskFileItem denial of service
8512| [94705] Apache Qpid Broker for Java up to 6.1.0 SCRAM-SHA-1/SCRAM-SHA-256 User information disclosure
8513| [94627] Apache HTTP Server up to 2.4.24 mod_auth_digest Crash denial of service
8514| [94626] Apache HTTP Server up to 2.4.24 mod_session_crypto Padding weak encryption
8515| [94625] Apache HTTP Server up to 2.4.24 Response Split privilege escalation
8516| [94540] Apache Tika 1.9 tika-server File information disclosure
8517| [94600] Apache ActiveMQ up to 5.14.1 Administration Console cross site scripting
8518| [94348] Apple macOS up to 10.12.1 apache_mod_php denial of service
8519| [94347] Apple macOS up to 10.12.1 apache_mod_php denial of service
8520| [94346] Apple macOS up to 10.12.1 apache_mod_php denial of service
8521| [94345] Apple macOS up to 10.12.1 apache_mod_php denial of service
8522| [94344] Apple macOS up to 10.12.1 apache_mod_php denial of service
8523| [94343] Apple macOS up to 10.12.1 apache_mod_php memory corruption
8524| [94342] Apple macOS up to 10.12.1 apache_mod_php memory corruption
8525| [94128] Apache Tomcat up to 9.0.0.M13 Error information disclosure
8526| [93958] Apache HTTP Server up to 2.4.23 mod_http2 h2_stream.c denial of service
8527| [93874] Apache Subversion up to 1.8.16/1.9.4 mod_dontdothat XXE denial of service
8528| [93855] Apache Hadoop up to 2.6.4/2.7.2 HDFS Service privilege escalation
8529| [93609] Apache OpenMeetings 3.1.0 RMI Registry privilege escalation
8530| [93555] Apache Tika 1.6-1.13 jmatio MATLAB File privilege escalation
8531| [93799] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
8532| [93798] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
8533| [93797] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 HTTP Split privilege escalation
8534| [93796] Apache Tomcat up to 8.5.6/9.0.0.M11 HTTP/2 Header Parser denial of service
8535| [93532] Apache Commons Collections Library Java privilege escalation
8536| [93210] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 ResourceLinkFactory privilege escalation
8537| [93209] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Realm Authentication User information disclosure
8538| [93208] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 System Property Replacement information disclosure
8539| [93207] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Utility Method privilege escalation
8540| [93206] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Configuration privilege escalation
8541| [93098] Apache Commons FileUpload privilege escalation
8542| [92987] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Commons Collection memory corruption
8543| [92986] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Tomcat memory corruption
8544| [92982] Oracle Insurance IStream 4.3.2 Apache Commons Collections memory corruption
8545| [92981] Oracle Financial Services Lending and Leasing 14.1.0/14.2.0 Apache Commons Collections memory corruption
8546| [92979] Oracle up to 8.0.3 Apache Commons Collections memory corruption
8547| [92977] Oracle FLEXCUBE Universal Banking up to 12.2.0 Apache Commons Collections memory corruption
8548| [92976] Oracle FLEXCUBE Universal Banking 12.87.1/12.87.2 Apache Commons Collections memory corruption
8549| [92975] Oracle FLEXCUBE Private Banking up to 12.1.0 Apache Commons Collections memory corruption
8550| [92974] Oracle FLEXCUBE Investor Servicing 12.0.1 Apache Commons Collections memory corruption
8551| [92973] Oracle 12.0.0/12.1.0 Apache Commons Collections memory corruption
8552| [92972] Oracle FLEXCUBE Core Banking 11.5.0.0.0/11.6.0.0.0 Apache Commons Collections memory corruption
8553| [92962] Oracle Agile PLM 9.3.4/9.3.5 Apache Commons Collections memory corruption
8554| [92909] Oracle Agile PLM 9.3.4/9.3.5 Apache Tomcat unknown vulnerability
8555| [92786] Oracle Banking Digital Experience 15.1 Apache Commons Collections information disclosure
8556| [92549] Apache Tomcat on Red Hat privilege escalation
8557| [92509] Apache Tomcat JK ISAPI Connector up to 1.2.41 jk_uri_worker_map.c memory corruption
8558| [92314] Apache MyFaces Trinidad up to 1.0.13/1.2.15/2.0.1/2.1.1 CoreResponseStateManager memory corruption
8559| [92313] Apache Struts2 up to 2.3.28/2.5.0 Action Name Cleanup cross site request forgery
8560| [92299] Apache Derby up to 10.12.1.0 SqlXmlUtil XML External Entity
8561| [92217] Apache ActiveMQ Artemis up to 1.3.x Broker/REST GetObject privilege escalation
8562| [92174] Apache Ranger up to 0.6.0 Policy cross site scripting
8563| [91831] Apache Jackrabbit up to 2.13.2 HTTP Header cross site request forgery
8564| [91825] Apache Zookeeper up to 3.4.8/3.5.2 C CLI Shell memory corruption
8565| [91818] Apache CXF Fediz up to 1.2.2/1.3.0 Application Plugin privilege escalation
8566| [92056] Apple macOS up to 10.11 apache_mod_php memory corruption
8567| [92055] Apple macOS up to 10.11 apache_mod_php memory corruption
8568| [92054] Apple macOS up to 10.11 apache_mod_php denial of service
8569| [92053] Apple macOS up to 10.11 apache_mod_php denial of service
8570| [92052] Apple macOS up to 10.11 apache_mod_php denial of service
8571| [92051] Apple macOS up to 10.11 apache_mod_php memory corruption
8572| [92050] Apple macOS up to 10.11 apache_mod_php denial of service
8573| [92049] Apple macOS up to 10.11 apache_mod_php memory corruption
8574| [92048] Apple macOS up to 10.11 apache_mod_php denial of service
8575| [92047] Apple macOS up to 10.11 apache_mod_php memory corruption
8576| [92046] Apple macOS up to 10.11 apache_mod_php memory corruption
8577| [92045] Apple macOS up to 10.11 apache_mod_php memory corruption
8578| [92044] Apple macOS up to 10.11 apache_mod_php memory corruption
8579| [92043] Apple macOS up to 10.11 apache_mod_php denial of service
8580| [92042] Apple macOS up to 10.11 apache_mod_php memory corruption
8581| [92041] Apple macOS up to 10.11 apache_mod_php memory corruption
8582| [92040] Apple macOS up to 10.11 Apache Proxy privilege escalation
8583| [91785] Apache Shiro up to 1.3.1 Servlet Filter privilege escalation
8584| [90879] Apache OpenMeetings up to 3.1.1 SWF Panel cross site scripting
8585| [90878] Apache Sentry up to 1.6.x Blacklist Filter reflect/reflect2/java_method privilege escalation
8586| [90610] Apache POI up to 3.13 XLSX2CSV Example OpenXML Document XML External Entity
8587| [90584] Apache ActiveMQ up to 5.11.3/5.12.2/5.13/1 Administration Web Console privilege escalation
8588| [90385] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site scripting
8589| [90384] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site request forgery
8590| [90383] Apache OpenOffice up to 4.1.2 Impress File memory corruption
8591| [89670] Apache Tomcat up to 8.5.4 CGI Servlet Environment Variable Open Redirect
8592| [89669] Apache HTTP Server up to 2.4.23 RFC 3875 Namespace Conflict Environment Variable Open Redirect
8593| [89726] Apple Mac OS X up to 10.11.5 apache_mod_php memory corruption
8594| [89484] Apache Qpid up to 0.13.0 on Windows Proton Library Certificate weak authentication
8595| [89473] HPE iMC PLAT/EAD/APM/iMC NTA/iMC BIMS/iMC UAM_TAM up to 7.2 Apache Commons Collections Library Command privilege escalation
8596| [90263] Apache Archiva Header denial of service
8597| [90262] Apache Archiva Deserialize privilege escalation
8598| [90261] Apache Archiva XML DTD Connection privilege escalation
8599| [88827] Apache Xerces-C++ up to 3.1.3 DTD Stack-Based memory corruption
8600| [88747] Apache HTTP Server 2.4.17/2.4.18 mod_http2 denial of service
8601| [88608] Apache Struts up to 2.3.28.1/2.5.0 URLValidator Null Value denial of service
8602| [88607] Apache Struts up to 2.3.28.1 REST Plugin Expression privilege escalation
8603| [88606] Apache Struts up to 2.3.28.1 Restriction privilege escalation
8604| [88605] Apache Struts up to 2.3.28.1 Restriction privilege escalation
8605| [88604] Apache Struts up to 2.3.28.1 Token Validator cross site request forgery
8606| [88603] Apache Commons FileUpload up to 1.3.1 MultipartStream denial of service
8607| [88602] Apache Struts up to 1.3.10 ActionServlet.java cross site scripting
8608| [88601] Apache Struts up to 1.3.10 Multithreading ActionServlet.java memory corruption
8609| [88600] Apache Struts up to 1.3.10 MultiPageValidator privilege escalation
8610| [89005] Apache Qpid AMQP JMS Client getObject privilege escalation
8611| [87888] Apache Ranger up to 0.5.2 Policy Admin Tool eventTime sql injection
8612| [87835] Apache CloudStack up to 4.5.2.0/4.6.2.0/4.7.1.0/4.8.0.0 SAML-based Authentication privilege escalation
8613| [87806] HPE Discovery and Dependency Mapping Inventory up to 9.32 update 3 Apache Commons Collections Library privilege escalation
8614| [87805] HPE Universal CMDB up to 10.21 Apache Commons Collections Library privilege escalation
8615| [87768] Apache Shiro up to 1.2.4 Cipher Key privilege escalation
8616| [87765] Apache James Server 2.3.2 Command privilege escalation
8617| [88667] Apache HTTP Server up to 2.4.20 mod_http2 Certificate weak authentication
8618| [87718] Apache Struts up to 2.3.24.1 OGNL Caching denial of service
8619| [87717] Apache Struts up to 2.3.28 REST Plugin privilege escalation
8620| [87706] Apache Qpid Java up to 6.0.2 AMQP privilege escalation
8621| [87703] Apache Qbid Java up to 6.0.2 PlainSaslServer.java denial of service
8622| [87702] Apache ActiveMQ up to 5.13.x Fileserver Web Application Upload privilege escalation
8623| [87700] Apache PDFbox up to 1.8.11/2.0.0 XML Parser PDF Document XML External Entity
8624| [87679] HP Release Control 9.13/9.20/9.21 Apache Commons Collections Library Java Object privilege escalation
8625| [87540] Apache Ambari up to 2.2.0 File Browser View information disclosure
8626| [87433] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
8627| [87432] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
8628| [87431] Apple Mac OS X up to 10.11.4 apache_mod_php Format String
8629| [87430] Apple Mac OS X up to 10.11.4 apache_mod_php denial of service
8630| [87429] Apple Mac OS X up to 10.11.4 apache_mod_php information disclosure
8631| [87428] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
8632| [87427] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
8633| [87389] Apache Xerces C++ up to 3.1.3 XML Document DTDScanner.cpp memory corruption
8634| [87172] Adobe ColdFusion 11 Update 7/2016/up to 10 Update 18 Apache Commons Collections Library privilege escalation
8635| [87121] Apache Cordova iOS up to 3.x Plugin privilege escalation
8636| [87120] Apache Cordova iOS up to 3.x URL Whitelist privilege escalation
8637| [83806] HPE Network Node Manager i up to 10.01 Apache Commons Collections Library privilege escalation
8638| [83077] Apache Subversion up to 1.8.15/1.9.3 mod_authz_svn mod_authz_svn.c denial of service
8639| [83076] Apache Subversion up to 1.8.15/1.9.3 svnserve svnserve/cyrus_auth.c privilege escalation
8640| [82790] Apache Struts 2.0.0/2.3.24/2.3.28 Dynamic Method privilege escalation
8641| [82789] Apache Struts 2.0.0/2.3.24/2.3.28 XSLTResult privilege escalation
8642| [82725] HPE P9000 Command View up to 7.x/8.4.0 Apache Commons Collections Library privilege escalation
8643| [82444] Apache Camel up to 2.14.x/2.15.4/2.16.0 HTTP Request privilege escalation
8644| [82389] Apache Subversion up to 1.7.x/1.8.14/1.9.2 mod_dav_svn util.c memory corruption
8645| [82280] Apache Struts up to 1.7 JRE URLDecoder cross site scripting
8646| [82260] Apache OFBiz up to 12.04.05/13.07.02 Java Object privilege escalation
8647| [82259] Apache Qpid Proton up to 0.12.0 proton.reactor.Connector weak encryption
8648| [82250] Apache Ranger up to 0.5.0 Admin UI weak authentication
8649| [82214] Apache Wicket up to 1.5.14/6.21.x/7.1.x Input Element cross site scripting
8650| [82213] Apache Wicket up to 1.5.14/6.21.x/7.1.x ModalWindow Title getWindowOpenJavaScript cross site scripting
8651| [82212] Apache Ranger up to 0.5.0 Policy Admin Tool privilege escalation
8652| [82211] Apache OFBiz up to 12.04.06/13.07.02 ModelFormField.java DisplayEntityField.getDescription cross site scripting
8653| [82082] Apache JetSpeed up to 2.3.0 User Manager Service privilege escalation
8654| [82081] Apache OpenMeetings up to 3.1.0 SOAP API information disclosure
8655| [82080] Apache OpenMeetings up to 3.1.0 Event cross site scripting
8656| [82078] Apache OpenMeetings up to 3.1.0 Import/Export System Backup ZIP Archive directory traversal
8657| [82077] Apache OpenMeetings up to 3.1.0 Password Reset sendHashByUser privilege escalation
8658| [82076] Apache Ranger up to 0.5.1 privilege escalation
8659| [82075] Apache JetSpeed up to 2.3.0 Portal cross site scripting
8660| [82074] Apache JetSpeed up to 2.3.0 cross site scripting
8661| [82073] Apache JetSpeed up to 2.3.0 User Manager Service sql injection
8662| [82072] Apache JetSpeed up to 2.3.0 Portal Site Manager ZIP Archive directory traversal
8663| [82058] Apache LDAP Studio/Directory Studio up to 2.0.0-M9 CSV Export privilege escalation
8664| [82053] Apache Ranger up to 0.4.x Policy Admin Tool privilege escalation
8665| [82052] Apache Ranger up to 0.4.x Policy Admin Tool HTTP Request cross site scripting
8666| [81696] Apache ActiveMQ up to 5.13.1 HTTP Header privilege escalation
8667| [81695] Apache Xerces-C up to 3.1.2 internal/XMLReader.cpp memory corruption
8668| [81622] HPE Asset Manager 9.40/9.41/9.50 Apache Commons Collections Library Java Object privilege escalation
8669| [81406] HPE Service Manager up to 9.35 P3/9.41 P1 Apache Commons Collections Library Command privilege escalation
8670| [81405] HPE Operations Orchestration up to 10.50 Apache Commons Collections Library Command privilege escalation
8671| [81427] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
8672| [81426] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
8673| [81372] Apache Struts up to 2.3.24.1 I18NInterceptor cross site scripting
8674| [81371] Apache Struts up to 2.3.24.1 Double OGNL Evaluation privilege escalation
8675| [81370] Apache Struts up to 2.3.24.1 Java URLDecoder cross site scripting
8676| [81084] Apache Tomcat 6.0/7.0/8.0/9.0 ServletContext directory traversal
8677| [81083] Apache Tomcat 7.0/8.0/9.0 Index Page cross site request forgery
8678| [81082] Apache Tomcat 7.0/8.0/9.0 ResourceLinkFactory.setGlobalContext privilege escalation
8679| [81081] Apache Tomcat 6.0/7.0/8.0/9.0 Error information disclosure
8680| [81080] Apache Tomcat 6.0/7.0/8.0/9.0 Session Persistence privilege escalation
8681| [81079] Apache Tomcat 6.0/7.0/8.0/9.0 StatusManagerServlet information disclosure
8682| [81078] Apache Tomcat 7.0/8.0/9.0 Session privilege escalation
8683| [80970] Apache Solr up to 5.3.0 Admin UI plugins.js cross site scripting
8684| [80969] Apache Solr up to 5.2 Schema schema-browser.js cross site scripting
8685| [80968] Apache Solr up to 5.0 analysis.js cross site scripting
8686| [80940] HP Continuous Delivery Automation 1.30 Apache Commons Collections Library privilege escalation
8687| [80823] Apache CloudStack up to 4.5.1 KVM Virtual Machine Migration privilege escalation
8688| [80822] Apache CloudStack up to 4.5.1 API Call information disclosure
8689| [80778] Apache Camel up to 2.15.4/2.16.0 camel-xstream privilege escalation
8690| [80750] HPE Operations Manager 8.x/9.0 on Windows Apache Commons Collections Library privilege escalation
8691| [80724] Apache Hive up to 1.2.1 Authorization Framework privilege escalation
8692| [80577] Oracle Secure Global Desktop 4.63/4.71/5.2 Apache HTTP Server denial of service
8693| [80165] Intel McAfee ePolicy Orchestrator up to 4.6.9/5.0.3/5.3.1 Apache Commons Collections Library privilege escalation
8694| [80116] Apache Subversion up to 1.9.2 svn Protocol libsvn_ra_svn/marshal.c read_string memory corruption
8695| [80115] Apache ActiveMQ up to 5.12.x Broker Service privilege escalation
8696| [80036] IBM Cognos Business Intelligence Apache Commons Collections Library InvokerTransformer privilege escalation
8697| [79873] VMware vCenter Operations/vRealize Orchestrator Apache Commons Collections Library Serialized Java Object privilege escalation
8698| [79840] Apache Cordova File Transfer Plugin up to 1.2.x on Android unknown vulnerability
8699| [79839] Apache TomEE Serialized Java Stream EjbObjectInputStream privilege escalation
8700| [79791] Cisco Products Apache Commons Collections Library privilege escalation
8701| [79539] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
8702| [79538] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
8703| [79294] Apache Cordova-Android up to 3.6 BridgeSecret Random Generator weak encryption
8704| [79291] Apache Cordova-Android up to 4.0 Javascript Whitelist privilege escalation
8705| [79244] Apache CXF up to 2.7.17/3.0.7/3.1.2 SAML Web SSO Module SAML Response weak authentication
8706| [79243] Oracle WebLogic Server 10.3.6.0/12.1.2.0/12.1.3.0/12.2.1.0 WLS Security com.bea.core.apache.commons.collections.jar privilege escalation
8707| [78989] Apache Ambari up to 2.1.1 Open Redirect
8708| [78988] Apache Ambari up to 2.0.1/2.1.0 Password privilege escalation
8709| [78987] Apache Ambari up to 2.0.x cross site scripting
8710| [78986] Apache Ambari up to 2.0.x Proxy Endpoint api/v1/proxy privilege escalation
8711| [78780] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
8712| [78779] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
8713| [78778] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
8714| [78777] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
8715| [78776] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
8716| [78775] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
8717| [78774] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
8718| [78297] Apache Commons Components HttpClient up to 4.3.5 HTTPS Timeout denial of service
8719| [77406] Apache Flex BlazeDS AMF Message XML External Entity
8720| [77429] Apache ActiveMQ up to 5.10.0 LDAPLoginModule privilege escalation
8721| [77399] Apache ActiveMQ up to 5.10.0 LDAPLoginModule weak authentication
8722| [77375] Apache Tapestry up to 5.3.5 Client-Side Object Storage privilege escalation
8723| [77331] Apache ActiveMQ up to 5.11.1 on Windows Fileserver Upload/Download directory traversal
8724| [77299] Apache Solr Real-Time Module up to 7.x-1.1 Index Content information disclosure
8725| [77247] Apache ActiveMQ up to 5.10 TransportConnection.java processControlCommand denial of service
8726| [77083] Apache Groovy up to 2.4.3 MethodClosure.java MethodClosure memory corruption
8727| [76953] Apache Subversion 1.7.0/1.8.0/1.8.10 svn_repos_trace_node_locations information disclosure
8728| [76952] Apache Subversion 1.7.0/1.8.0/1.8.10 mod_authz_svn anonymous/authenticated information disclosure
8729| [76567] Apache Struts 2.3.20 unknown vulnerability
8730| [76733] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 ap_some_auth_required unknown vulnerability
8731| [76732] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 Request apr_brigade_flatten privilege escalation
8732| [76731] Apache HTTP Server 2.4.12 ErrorDocument 400 Crash denial of service
8733| [75690] Apache Camel up to 2.13.3/2.14.1 XPathBuilder.java XML External Entity
8734| [75689] Apache Camel up to 2.13.3/2.14.1 XML Converter Setup XmlConverter.java SAXSource privilege escalation
8735| [75668] Apache Sling API/Sling Servlets Post up to 2.2.1 HtmlResponse cross site scripting
8736| [75601] Apache Jackrabbit up to 2.10.0 WebDAV Request XML External Entity
8737| [75420] Apache Tomcat up to 6.0.43/7.0.58/8.0.16 Security Manager privilege escalation
8738| [75145] Apache OpenOffice up to 4.1.1 HWP Filter Crash denial of service
8739| [75032] Apache Tomcat Connectors up to 1.2.40 mod_jk privilege escalation
8740| [75135] PHP 5.4/5.5 HTTP Request sapi_apache2.c apache2handler privilege escalation
8741| [74793] Apache Tomcat File Upload denial of service
8742| [74708] Apple MacOS X up to 10.10.2 Apache denial of service
8743| [74707] Apple MacOS X up to 10.10.2 Apache denial of service
8744| [74706] Apple MacOS X up to 10.10.2 Apache memory corruption
8745| [74705] Apple MacOS X up to 10.10.2 Apache denial of service
8746| [74704] Apple MacOS X up to 10.10.2 Apache denial of service
8747| [74703] Apple MacOS X up to 10.10.2 Apache denial of service
8748| [74702] Apple MacOS X up to 10.10.2 Apache denial of service
8749| [74701] Apple MacOS X up to 10.10.2 Apache cross site request forgery
8750| [74700] Apple MacOS X up to 10.10.2 Apache unknown vulnerability
8751| [74661] Apache Flex up to 4.14.0 asdoc index.html cross site scripting
8752| [74609] Apache Cassandra up to 1.2.19/2.0.13/2.1.3 JMX/RMI Interface privilege escalation
8753| [74469] Apache Xerces-C up to 7.0 internal/XMLReader.cpp denial of service
8754| [74468] Apache Batik up to 1.6 denial of service
8755| [74414] Apache Mod-gnutls up to 0.5.1 Authentication spoofing
8756| [74371] Apache Standard Taglibs up to 1.2.0 memory corruption
8757| [74367] Apache HTTP Server up to 2.4.12 mod_lua lua_request.c wsupgrade denial of service
8758| [74174] Apache WSS4J up to 2.0.0 privilege escalation
8759| [74172] Apache ActiveMQ up to 5.5.0 Administration Console cross site scripting
8760| [69092] Apache Tomcat up to 6.0.42/7.0.54/8.0.8 HTTP Request Smuggling privilege escalation
8761| [73831] Apache Qpid up to 0.30 Access Restriction unknown vulnerability
8762| [73731] Apache XML Security unknown vulnerability
8763| [68660] Oracle BI Publisher 10.1.3.4.2/11.1.1.7 Apache Tomcat cross site scripting
8764| [73659] Apache CloudStack up to 4.3.0 Stack-Based unknown vulnerability
8765| [73593] Apache Traffic Server up to 5.1.0 denial of service
8766| [73511] Apache POI up to 3.10 Deadlock denial of service
8767| [73510] Apache Solr up to 4.3.0 cross site scripting
8768| [68447] Apache Subversion up to 1.7.18/1.8.10 mod_dav_svn Crash denial of service
8769| [68446] Apache Subversion up to 1.7.18/1.8.10 REPORT Request Crash denial of service
8770| [73173] Apache CloudStack Stack-Based unknown vulnerability
8771| [68357] Apache Struts up to 2.3.16.3 Random Number Generator cross site request forgery
8772| [73106] Apache Hadoop up to 2.4.0 Symlink privilege escalation
8773| [68575] Apache HTTP Server up to 2.4.10 LuaAuthzProvider mod_lua.c privilege escalation
8774| [72890] Apache Qpid 0.30 unknown vulnerability
8775| [72887] Apache Hive 0.13.0 File Permission privilege escalation
8776| [72878] Apache Cordova 3.5.0 cross site request forgery
8777| [72877] Apache Cordova 3.5.0 cross site request forgery
8778| [72876] Apache Cordova 3.5.0 cross site request forgery
8779| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
8780| [68065] Apache CXF up to 3.0.1 JAX-RS SAML denial of service
8781| [68064] Apache CXF up to 3.0.0 SAML Token denial of service
8782| [67913] Oracle Retail Markdown Optimization 12.0/13.0/13.1/13.2/13.4 Apache commons-beanutils-1.8.0.jar memory corruption
8783| [67912] Oracle Retail Invoice Matching up to 14.0 Apache commons-beanutils-1.8.0.jar memory corruption
8784| [67911] Oracle Retail Clearance Optimization Engine 13.3/13.4/14.0 Apache commons-beanutils-1.8.0.jar memory corruption
8785| [67910] Oracle Retail Allocation up to 13.2 Apache commons-beanutils-1.8.0.jar memory corruption
8786| [71835] Apache Shiro 1.0.0/1.1.0/1.2.0/1.2.1/1.2.2 unknown vulnerability
8787| [71633] Apachefriends XAMPP 1.8.1 cross site scripting
8788| [71629] Apache Axis2/C spoofing
8789| [67633] Apple Mac OS X up to 10.9.4 apache_mod_php ext/standard/dns.c dns_get_record memory corruption
8790| [67631] Apple Mac OS X up to 10.9.4 apache_mod_php Symlink memory corruption
8791| [67630] Apple Mac OS X up to 10.9.4 apache_mod_php cdf_read_property_info denial of service
8792| [67629] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_count_chain denial of service
8793| [67628] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_check_stream_offset denial of service
8794| [67627] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c mconvert memory corruption
8795| [67626] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c denial of service
8796| [67625] Apple Mac OS X up to 10.9.4 apache_mod_php Crash denial of service
8797| [67624] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_property_info denial of service
8798| [67623] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_unpack_summary_info denial of service
8799| [67622] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_short_sector denial of service
8800| [67620] Apple Mac OS X up to 10.9.4 apache_mod_php magic/Magdir/commands denial of service
8801| [67790] Apache HTTP Server mod_cache NULL Pointer Dereference denial of service
8802| [67522] Apache Tomcat up to 7.0.39 JSP Upload privilege escalation
8803| [70809] Apache POI up to 3.11 Crash denial of service
8804| [70808] Apache POI up to 3.10 unknown vulnerability
8805| [70806] Apache Commons-httpclient 4.2/4.2.1/4.2.2 spoofing
8806| [70749] Apache Axis up to 1.4 getCN spoofing
8807| [70701] Apache Traffic Server up to 3.3.5 denial of service
8808| [70700] Apache OFBiz up to 12.04.03 cross site scripting
8809| [67402] Apache OpenOffice 4.0.0/4.0.1/4.1.0 Calc privilege escalation
8810| [67401] Apache OpenOffice up to 4.1.0 OLE Object information disclosure
8811| [70661] Apache Subversion up to 1.6.17 denial of service
8812| [70660] Apache Subversion up to 1.6.17 spoofing
8813| [70659] Apache Subversion up to 1.6.17 spoofing
8814| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
8815| [67180] Apache HTTP Server up to 2.4.9 WinNT MPM Memory Leak denial of service
8816| [67185] Apache HTTP Server up to 2.4.9 mod_status Heap-Based memory corruption
8817| [67184] Apache HTTP Server 2.4.5/2.4.6 mod_cache NULL Pointer Dereference denial of service
8818| [67182] Apache HTTP Server up to 2.4.9 mod_deflate Memory Consumption denial of service
8819| [67181] Apache HTTP Server up to 2.4.9 mod_cgid denial of service
8820| [70338] Apache Syncope up to 1.1.7 unknown vulnerability
8821| [70295] Apache CXF up to 2.7.9 Cleartext information disclosure
8822| [70106] Apache Open For Business Project up to 10.04.0 getServerError cross site scripting
8823| [70105] Apache MyFaces up to 2.1.5 JavaServer Faces directory traversal
8824| [69846] Apache HBase up to 0.94.8 information disclosure
8825| [69783] Apache CouchDB up to 1.2.0 memory corruption
8826| [13383] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 XML Parser privilege escalation
8827| [13300] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi setuid privilege escalation
8828| [13299] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi Content-Type Header information disclosure
8829| [13164] Apache CXF up to 2.6.13/2.7.10 SOAP OutgoingChainInterceptor.java Invalid Content denial of service
8830| [13163] Apache CXF up to 2.6.13/2.7.10 SOAP HTML Content denial of service
8831| [13158] Apache Struts up to 2.3.16.2 ParametersInterceptor getClass privilege escalation
8832| [69515] Apache Struts up to 2.3.15.0 CookieInterceptor memory corruption
8833| [13086] Apache Struts up to 1.3.10 Class Loader privilege escalation
8834| [13067] Apache Struts up to 2.3.16.1 Class Loader privilege escalation
8835| [69431] Apache Archiva up to 1.3.6 cross site scripting
8836| [69385] Apache Syncope up to 1.1.6 unknown vulnerability
8837| [69338] Apache Xalan-Java up to 2.7.1 system-property unknown vulnerability
8838| [12742] Trustwave ModSecurity up to 2.7.5 Chunk Extension apache2/modsecurity.c modsecurity_tx_init privilege escalation
8839| [12741] Trustwave ModSecurity up to 2.7.6 Chunked HTTP Transfer apache2/modsecurity.c modsecurity_tx_init Trailing Header privilege escalation
8840| [13387] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Content-Length Header privilege escalation
8841| [13386] Apache Tomcat Security Manager up to 6.0.39/7.0.53/8.0.5 XSLT privilege escalation
8842| [13385] Apache Tomcat 8.0.0/8.0.1/8.0.3 AJP Request Zero Length denial of service
8843| [13384] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Chunked HTTP Request denial of service
8844| [12748] Apache CouchDB 1.5.0 UUIDS /_uuids denial of service
8845| [66739] Apache Camel up to 2.12.2 unknown vulnerability
8846| [66738] Apache Camel up to 2.12.2 unknown vulnerability
8847| [12667] Apache HTTP Server 2.4.7 mod_log_config.c log_cookie denial of service
8848| [66695] Apache CouchDB up to 1.2.0 cross site scripting
8849| [66694] Apache CouchDB up to 1.2.0 Partition partition2 directory traversal
8850| [66689] Apache HTTP Server up to 2.0.33 mod_dav dav_xml_get_cdata denial of service
8851| [12518] Apache Tomcat up to 6.0.38/7.0.49/8.0.0-RC9 HTTP Header denial of service
8852| [66498] Apache expressions up to 3.3.0 Whitelist unknown vulnerability
8853| [12781] Apache Struts up to 2.3.8 ParametersInterceptor getClass denial of service
8854| [12439] Apache Tomcat 6.0.33 XML XXE information disclosure
8855| [12438] Apache Tomcat 6.0.33/6.0.34/6.0.35/6.0.36/6.0.37 coyoteadapter.java disableURLRewriting privilege escalation
8856| [66356] Apache Wicket up to 6.8.0 information disclosure
8857| [12209] Apache Tomcat 7.0.0/7.0.50/8.0.0-RC1/8.0.1 Content-Type Header for Multi-Part Request Infinite Loop denial of service
8858| [66322] Apache ActiveMQ up to 5.8.0 cross site scripting
8859| [12291] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
8860| [66255] Apache Open For Business Project up to 10.04.3 cross site scripting
8861| [66200] Apache Hadoop up to 2.0.5 Security Feature information disclosure
8862| [66072] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
8863| [66068] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
8864| [11928] Oracle Secure Global Desktop up to 4.71 Apache Tomcat unknown vulnerability
8865| [11924] Oracle Secure Global Desktop up to 4.63 Apache Tomcat denial of service
8866| [11922] Oracle Secure Global Desktop up to 4.63 Apache Tomcat unknown vulnerability
8867| [66049] Apache XML Security for Java up to 1.4.6 Memory Consumption denial of service
8868| [12199] Apache Subversion up to 1.8.5 mod_dav_svn/repos.c get_resource denial of service
8869| [65946] askapache Firefox Adsense up to 3.0 askapache-firefox-adsense.php cross site request forgery
8870| [65668] Apache Solr 4.0.0 Updater denial of service
8871| [65665] Apache Solr up to 4.3.0 denial of service
8872| [65664] Apache Solr 3.6.0/3.6.1/3.6.2/4.0.0 Updater denial of service
8873| [65663] Apache Solr up to 4.5.1 ResourceLoader directory traversal
8874| [65658] Apache roller 4.0/4.0.1/5.0/5.0.1 unknown vulnerability
8875| [65657] Apache Roller 4.0/4.0.1/5.0/5.0.1 cross site scripting
8876| [11325] Apache Subversion 1.7.13 mod_dontdothat Bypass denial of service
8877| [11324] Apache Subversion up to 1.8.4 mod_dav_svn denial of service
8878| [11098] Apache Tomcat 5.5.25 HTTP Request cross site request forgery
8879| [65410] Apache Struts 2.3.15.3 cross site scripting
8880| [65386] Apache Solr up to 2.2.1 on TYPO3 cross site scripting
8881| [65385] Apache Solr up to 2.2.1 on TYPO3 unknown vulnerability
8882| [11044] Apache Struts 2.3.15.3 showConfig.action cross site scripting
8883| [11043] Apache Struts 2.3.15.3 actionNames.action cross site scripting
8884| [11018] cPanel WHM up to 11.40.0.11 Apache mod_userdir Tweak Interface privilege escalation
8885| [65342] Apache Sling 1.0.2/1.0.4/1.0.6/1.1.0/1.1.2 Auth Core cross site scripting
8886| [65340] Apache Shindig 2.5.0 information disclosure
8887| [65316] Apache Mod Fcgid up to 2.3.7 mod_fcgid fcgid_bucket.c fcgid_header_bucket_read memory corruption
8888| [65313] Apache Sling 2.2.0/2.3.0 AbstractCreateOperation.java deepGetOrCreateNode denial of service
8889| [10826] Apache Struts 2 File privilege escalation
8890| [65204] Apache Camel up to 2.10.1 unknown vulnerability
8891| [10460] Apache Struts 2.0.0/2.3.15.1 Action Mapping Mechanism Bypass privilege escalation
8892| [10459] Apache Struts 2.0.0/2.3.15 Dynamic Method Invocation unknown vulnerability
8893| [10160] Apache Subversion 1.8.0/1.8.1/1.8.2 svnwcsub.py handle_options race condition
8894| [10159] Apache Subversion up to 1.8.2 svnserve write_pid_file race condition
8895| [10158] Apache Subversion 1.8.0/1.8.1/1.8.2 daemonize.py daemon::daemonize race condition
8896| [10157] Apache Subversion up to 1.8.1 FSFS Repository Symlink privilege escalation
8897| [64808] Fail2ban up to 0.8.9 apache-auth.conf denial of service
8898| [64760] Best Practical RT up to 4.0.12 Apache::Session::File information disclosure
8899| [64722] Apache XML Security for C++ Heap-based memory corruption
8900| [64719] Apache XML Security for C++ Heap-based memory corruption
8901| [64718] Apache XML Security for C++ verify denial of service
8902| [64717] Apache XML Security for C++ getURIBaseTXFM memory corruption
8903| [64716] Apache XML Security for C++ spoofing
8904| [64701] Apache CXF up to 2.7.3 XML Parser Memory Consumption denial of service
8905| [64700] Apache CloudStack up to 4.1.0 Stack-Based cross site scripting
8906| [64667] Apache Open For Business Project up to 10.04.04 unknown vulnerability
8907| [64666] Apache Open For Business Project up to 10.04.04 cross site scripting
8908| [9891] Apache HTTP Server 2.2.22 suEXEC Feature .htaccess information disclosure
8909| [64509] Apache ActiveMQ up to 5.8.0 scheduled.jsp cross site scripting
8910| [9826] Apache Subversion up to 1.8.0 mod_dav_svn denial of service
8911| [9683] Apache HTTP Server 2.4.5 mod_session_dbd denial of service
8912| [64485] Apache Struts up to 2.2.3.0 privilege escalation
8913| [9568] Apache Struts up to 2.3.15 DefaultActionMapper cross site request forgery
8914| [9567] Apache Struts up to 2.3.15 DefaultActionMapper memory corruption
8915| [64467] Apache Geronimo 3.0 memory corruption
8916| [64466] Apache OpenJPA up to 2.2.1 Serialization memory corruption
8917| [64457] Apache Struts up to 2.2.3.0 cross site scripting
8918| [64326] Alejandro Garza Apachesolr Autocomplete up to 7.x-1.1 cross site scripting
8919| [9184] Apache Qpid up to 0.20 SSL misconfiguration
8920| [8935] Apache Subversion up to 1.7.9 FSFS Format Repository denial of service
8921| [8934] Apache Subversion up to 1.7.9 Svnserve Server denial of service
8922| [8933] Apache Subversion up to 1.6.21 check-mime-type.pl svnlook memory corruption
8923| [8932] Apache Subversion up to 1.6.21 svn-keyword-check.pl svnlook changed memory corruption
8924| [9022] Apache Struts up to 2.3.14.2 OGNL Expression memory corruption
8925| [8873] Apache Struts 2.3.14 privilege escalation
8926| [8872] Apache Struts 2.3.14 privilege escalation
8927| [8746] Apache HTTP Server Log File Terminal Escape Sequence Filtering mod_rewrite.c do_rewritelog privilege escalation
8928| [8666] Apache Tomcat up to 7.0.32 AsyncListener information disclosure
8929| [8665] Apache Tomcat up to 7.0.29 Chunked Transfer Encoding Extension Size denial of service
8930| [8664] Apache Tomcat up to 7.0.32 FORM Authentication weak authentication
8931| [64075] Apache Subversion up to 1.7.7 mod_dav_svn Crash denial of service
8932| [64074] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
8933| [64073] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
8934| [64072] Apache Subversion up to 1.7.7 mod_dav_svn NULL Pointer Dereference denial of service
8935| [64071] Apache Subversion up to 1.7.8 mod_dav_svn Memory Consumption denial of service
8936| [8768] Apache Struts up to 2.3.14 on Mac EL and OGNL Interpreter memory corruption
8937| [64006] Apache ActiveMQ up to 5.7.0 denial of service
8938| [64005] Apache ActiveMQ up to 5.7.0 Default Configuration denial of service
8939| [64004] Apache ActiveMQ up to 5.7.0 PortfolioPublishServlet.java cross site scripting
8940| [8427] Apache Tomcat Session Transaction weak authentication
8941| [63960] Apache Maven 3.0.4 Default Configuration spoofing
8942| [63751] Apache qpid up to 0.20 qpid::framing::Buffer denial of service
8943| [63750] Apache qpid up to 0.20 checkAvailable denial of service
8944| [63749] Apache Qpid up to 0.20 Memory Consumption denial of service
8945| [63748] Apache Qpid up to 0.20 Default Configuration denial of service
8946| [63747] Apache Rave up to 0.20 User Account information disclosure
8947| [7889] Apache Subversion up to 1.6.17 mod_dav_svn/svn_fs_file_length() denial of service
8948| [63646] Apache HTTP Server up to 2.2.23/2.4.3 mod_proxy_balancer.c balancer_handler cross site scripting
8949| [7688] Apache CXF up to 2.7.1 WSS4JInterceptor Bypass weak authentication
8950| [7687] Apache CXF up to 2.7.2 Token weak authentication
8951| [63334] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
8952| [63299] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
8953| [7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting
8954| [7075] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector NioEndpoint.java denial of service
8955| [7074] Apache Tomcat up to 6.0.35/7.0.29 FORM Authentication RealmBase.java weak authentication
8956| [7073] Apache Tomcat up to 6.0.35/7.0.31 CSRF Prevention Filter cross site request forgery
8957| [63090] Apache Tomcat up to 4.1.24 denial of service
8958| [63089] Apache HTTP Server up to 2.2.13 mod_proxy_ajp denial of service
8959| [62933] Apache Tomcat up to 5.5.0 Access Restriction unknown vulnerability
8960| [62929] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector Memory Consumption denial of service
8961| [62833] Apache CXF -/2.6.0 spoofing
8962| [62832] Apache Axis2 up to 1.6.2 spoofing
8963| [62831] Apache Axis up to 1.4 Java Message Service spoofing
8964| [62830] Apache Commons-httpclient 3.0 Payments spoofing
8965| [62826] Apache Libcloud up to 0.11.0 spoofing
8966| [62757] Apache Open For Business Project up to 10.04.0 unknown vulnerability
8967| [8830] Red Hat JBoss Enterprise Application Platform 6.0.1 org.apache.catalina.connector.Response.encodeURL information disclosure
8968| [62661] Apache Axis2 unknown vulnerability
8969| [62658] Apache Axis2 unknown vulnerability
8970| [62467] Apache Qpid up to 0.17 denial of service
8971| [62417] Apache CXF 2.4.7/2.4.8/2.5.3/2.5.4/2.6.1 spoofing
8972| [6301] Apache HTTP Server mod_pagespeed cross site scripting
8973| [6300] Apache HTTP Server mod_pagespeed Hostname information disclosure
8974| [6123] Apache Wicket up to 1.5.7 Ajax Link cross site scripting
8975| [62035] Apache Struts up to 2.3.4 denial of service
8976| [61916] Apache QPID 0.5/0.6/0.14/0.16 unknown vulnerability
8977| [6998] Apache Tomcat 5.5.35/6.0.35/7.0.28 DIGEST Authentication Session State Caching privilege escalation
8978| [6997] Apache Tomcat 5.5.35/6.0.35/7.0.28 HTTP Digest Authentication Implementation privilege escalation
8979| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
8980| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
8981| [61507] Apache POI up to 3.8 UnhandledDataStructure denial of service
8982| [6070] Apache Struts up to 2.3.4 Token Name Configuration Parameter privilege escalation
8983| [6069] Apache Struts up to 2.3.4 Request Parameter OGNL Expression denial of service
8984| [5764] Oracle Solaris 10 Apache HTTP Server information disclosure
8985| [5700] Oracle Secure Backup 10.3.0.3/10.4.0.1 Apache denial of service
8986| [61255] Apache Hadoop 2.0.0 Kerberos unknown vulnerability
8987| [61229] Apache Sling up to 2.1.1 denial of service
8988| [61152] Apache Commons-compress 1.0/1.1/1.2/1.3/1.4 denial of service
8989| [61094] Apache Roller up to 5.0 cross site scripting
8990| [61093] Apache Roller up to 5.0 cross site request forgery
8991| [61005] Apache OpenOffice 3.3/3.4 unknown vulnerability
8992| [9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service
8993| [5436] Apache OpenOffice 3.3/3.4 WPXContentListener.cpp _closeTableRow File memory corruption
8994| [5435] Apache OpenOffice 3.3/3.4 vclmi.dll File memory corruption
8995| [60730] PHP 5.4.0/5.4.1/5.4.2 apache_request_headers memory corruption
8996| [60708] Apache Qpid 0.12 unknown vulnerability
8997| [5032] Apache Hadoop up to 0.20.205.0/1.0.1/0.23.1 Kerberos/MapReduce Security Feature privilege escalation
8998| [4949] Apache Struts File Upload XSLTResult.java XSLT File privilege escalation
8999| [4955] Apache Traffic Server 3.0.3/3.1.2 HTTP Header Parser memory corruption
9000| [4882] Apache Wicket up to 1.5.4 directory traversal
9001| [4881] Apache Wicket up to 1.4.19 cross site scripting
9002| [4884] Apache HTTP Server up to 2.3.6 mod_fcgid fcgid_spawn_ctl.c FcgidMaxProcessesPerClass HTTP Requests denial of service
9003| [60352] Apache Struts up to 2.2.3 memory corruption
9004| [60153] Apache Portable Runtime up to 1.4.3 denial of service
9005| [4598] Apache Struts 1.3.10 upload-submit.do cross site scripting
9006| [4597] Apache Struts 1.3.10 processSimple.do cross site scripting
9007| [4596] Apache Struts 2.0.14/2.2.3 struts2-rest-showcase/orders cross site scripting
9008| [4595] Apache Struts 2.0.14/2.2.3 struts2-showcase/person/editPerson.action cross site scripting
9009| [4583] Apache HTTP Server up to 2.2.21 Threaded MPM denial of service
9010| [4582] Apache HTTP Server up to 2.2.21 protocol.c information disclosure
9011| [4571] Apache Struts up to 2.3.1.2 privilege escalation
9012| [4557] Apache Tomcat up to 7.0.21 Caching/Recycling information disclosure
9013| [59934] Apache Tomcat up to 6.0.9 DigestAuthenticator.java unknown vulnerability
9014| [59933] Apache Tomcat up to 6.0.9 Access Restriction unknown vulnerability
9015| [59932] Apache Tomcat up to 6.0.9 unknown vulnerability
9016| [59931] Apache Tomcat up to 6.0.9 Access Restriction information disclosure
9017| [59902] Apache Struts up to 2.2.3 Interfaces unknown vulnerability
9018| [4528] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
9019| [4527] Apache Struts up to 2.2.3 ExceptionDelegator cross site scripting
9020| [59888] Apache Tomcat up to 6.0.6 denial of service
9021| [59886] Apache ActiveMQ up to 5.5.1 Crash denial of service
9022| [4513] Apache Struts up to 2.3.1 ParameterInterceptor directory traversal
9023| [4512] Apache Struts up to 2.2.3 CookieInterceptor privilege escalation
9024| [59850] Apache Geronimo up to 2.2.1 denial of service
9025| [59825] Apache HTTP Server up to 2.1.7 mod_reqtimeout denial of service
9026| [59556] Apache HTTP Server up to 2.0.53 mod_proxy information disclosure
9027| [58467] Apache libcloud 0.2.0/0.3.0/0.3.1/0.4.0 Access Restriction spoofing
9028| [58413] Apache Tomcat up to 6.0.10 spoofing
9029| [58381] Apache Wicket up to 1.4.17 cross site scripting
9030| [58296] Apache Tomcat up to 7.0.19 unknown vulnerability
9031| [57888] Apache HttpClient 4.0/4.0.1/4.1 Authorization information disclosure
9032| [57587] Apache Subversion up to 1.6.16 mod_dav_svn information disclosure
9033| [57585] Apache Subversion up to 1.6.16 mod_dav_svn Memory Consumption denial of service
9034| [57584] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
9035| [57577] Apache Rampart-C 1.3.0 Access Restriction rampart_timestamp_token_validate privilege escalation
9036| [57568] Apache Archiva up to 1.3.4 cross site scripting
9037| [57567] Apache Archiva up to 1.3.4 cross site request forgery
9038| [57481] Apache Tomcat 7.0.12/7.0.13 Access Restriction unknown vulnerability
9039| [4355] Apache HTTP Server APR apr_fnmatch denial of service
9040| [57435] Apache Struts up to 2.2.1.1 FileHandler.java cross site scripting
9041| [57425] Apache Struts up to 2.2.1.1 cross site scripting
9042| [4352] Apache HTTP Server 2.2.x APR apr_fnmatch denial of service
9043| [57025] Apache Tomcat up to 7.0.11 information disclosure
9044| [57024] Apache Tomcat 7.0.11 Access Restriction information disclosure
9045| [56774] IBM WebSphere Application Server up to 7.0.0.14 org.apache.jasper.runtime.JspWriterImpl.response denial of service
9046| [56824] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
9047| [56832] Apache Tomcat up to 7.0.10 Access Restriction information disclosure
9048| [56830] Apache Tomcat up to 7.0.9 Access Restriction privilege escalation
9049| [12440] Apache Tomcat 6.0.33 Malicious Request cross site scripting
9050| [56512] Apache Continuum up to 1.4.0 cross site scripting
9051| [4285] Apache Tomcat 5.x JVM getLocale denial of service
9052| [4284] Apache Tomcat 5.x HTML Manager Infinite Loop cross site scripting
9053| [4283] Apache Tomcat 5.x ServletContect privilege escalation
9054| [56441] Apache Tomcat up to 7.0.6 denial of service
9055| [56300] Apache CouchDB up to 1.0.1 Web Administration Interface cross site scripting
9056| [55967] Apache Subversion up to 1.6.4 rev_hunt.c denial of service
9057| [55966] Apache Subversion up to 1.6.4 mod_dav_svn repos.c walk denial of service
9058| [55095] Apache Axis2 up to 1.6 Default Password memory corruption
9059| [55631] Apache Archiva up to 1.3.1 User Account cross site request forgery
9060| [55556] Apache Tomcat up to 6.0.29 Default Configuration information disclosure
9061| [55553] Apache Tomcat up to 7.0.4 sessionsList.jsp cross site scripting
9062| [55162] Apache MyFaces up to 2.0.0 Authentication Code unknown vulnerability
9063| [54881] Apache Subversion up to 1.6.12 mod_dav_svn authz.c privilege escalation
9064| [54879] Apache APR-util up to 0.9.14 mod_reqtimeout apr_brigade_split_line denial of service
9065| [54693] Apache Traffic Server DNS Cache unknown vulnerability
9066| [54416] Apache CouchDB up to 0.11.0 cross site request forgery
9067| [54394] Apache CXF up to 2.2.8 Memory Consumption denial of service
9068| [54261] Apache Tomcat jsp/cal/cal2.jsp cross site scripting
9069| [54166] Apache HTTP Server up to 2.2.12 mod_cache Crash denial of service
9070| [54385] Apache Struts up to 2.1.8.1 ParameterInterceptor unknown vulnerability
9071| [54012] Apache Tomcat up to 6.0.10 denial of service
9072| [53763] Apache Axis2 1.3/1.4/1.4.1/1.5/1.5.1 Memory Consumption denial of service
9073| [53368] Apache MyFaces 1.1.7/1.2.8 cross site scripting
9074| [53397] Apache axis2 1.4.1/1.5.1 Administration Console cross site scripting
9075| [52894] Apache Tomcat up to 6.0.7 information disclosure
9076| [52960] Apache ActiveMQ up to 5.4-snapshot information disclosure
9077| [52843] Apache HTTP Server mod_auth_shadow unknown vulnerability
9078| [52786] Apache Open For Business Project up to 09.04 cross site scripting
9079| [52587] Apache ActiveMQ up to 5.3.0 cross site request forgery
9080| [52586] Apache ActiveMQ up to 5.3.0 cross site scripting
9081| [52584] Apache CouchDB up to 0.10.1 information disclosure
9082| [51757] Apache HTTP Server 2.0.44 cross site scripting
9083| [51756] Apache HTTP Server 2.0.44 spoofing
9084| [51717] Apache HTTP Server up to 1.3.3 mod_proxy ap_proxy_send_fb memory corruption
9085| [51690] Apache Tomcat up to 6.0 directory traversal
9086| [51689] Apache Tomcat up to 6.0 information disclosure
9087| [51688] Apache Tomcat up to 6.0 directory traversal
9088| [50886] HP Operations Manager 8.10 on Windows File Upload org.apache.catalina.manager.HTMLManagerServlet memory corruption
9089| [50802] Apache Tomcat up to 3.3 Default Password weak authentication
9090| [50626] Apache Solr 1.0.0 cross site scripting
9091| [49857] Apache HTTP Server mod_proxy_ftp cross site scripting
9092| [49856] Apache HTTP Server 2.2.13 mod_proxy_ftp ap_proxy_ftp_handler denial of service
9093| [49348] Apache Xerces-C++ 2.7.0 Stack-Based denial of service
9094| [86789] Apache Portable Runtime memory/unix/apr_pools.c unknown vulnerability
9095| [49283] Apache APR-util up to 1.3.8 apr-util misc/apr_rmm.c apr_rmm_realloc memory corruption
9096| [48952] Apache HTTP Server up to 1.3.6 mod_deflate denial of service
9097| [48626] Apache Tomcat up to 4.1.23 Access Restriction directory traversal
9098| [48431] Apache Tomcat up to 4.1.23 j_security_check cross site scripting
9099| [48430] Apache Tomcat up to 4.1.23 mod_jk denial of service
9100| [47801] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site request forgery
9101| [47800] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site scripting
9102| [47799] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console directory traversal
9103| [47648] Apache Tiles 2.1.0/2.1.1 cross site scripting
9104| [47640] Apache Struts 2.0.6/2.0.8/2.0.9/2.0.11/2.1 cross site scripting
9105| [47638] Apache Tomcat up to 4.1.23 mod_jk information disclosure
9106| [47636] Apache Struts 2.0.9 xip_client.html cross site scripting
9107| [47593] Apache Mod Perl 1 perl-status Apache::Status cross site scripting
9108| [47637] Apache Struts 1.0.2/1.1/1.2.4/1.2.7/1.2.8 cross site scripting
9109| [47239] Apache Struts up to 2.1.2 Beta struts directory traversal
9110| [47214] Apachefriends xampp 1.6.8 spoofing
9111| [47213] Apachefriends xampp 1.6.8 htaccess cross site request forgery
9112| [47162] Apachefriends XAMPP 1.4.4 weak authentication
9113| [47065] Apache Tomcat 4.1.23 cross site scripting
9114| [46834] Apache Tomcat up to 5.5.20 cross site scripting
9115| [46004] Apache Jackrabbit 1.4/1.5.0 search.jsp cross site scripting
9116| [49205] Apache Roller 2.3/3.0/3.1/4.0 Search cross site scripting
9117| [86625] Apache Struts directory traversal
9118| [44461] Apache Tomcat up to 5.5.0 information disclosure
9119| [44389] Apache Xerces-C++ XML Parser Memory Consumption denial of service
9120| [44352] Apache Friends XAMPP 1.6.8 adodb.php cross site scripting
9121| [43663] Apache Tomcat up to 6.0.16 directory traversal
9122| [43612] Apache Friends XAMPP 1.6.7 iart.php cross site scripting
9123| [43556] Apache HTTP Server up to 2.1.8 mod_proxy_ftp proxy_ftp.c cross site scripting
9124| [43516] Apache Tomcat up to 4.1.20 directory traversal
9125| [43509] Apache Tomcat up to 6.0.13 cross site scripting
9126| [42637] Apache Tomcat up to 6.0.16 cross site scripting
9127| [42325] Apache HTTP Server up to 2.1.8 Error Page cross site scripting
9128| [41838] Apache-SSL 1.3.34 1.57 expandcert privilege escalation
9129| [41091] Apache Software Foundation Mod Jk up to 2.0.1 mod_jk2 Stack-based memory corruption
9130| [40924] Apache Tomcat up to 6.0.15 information disclosure
9131| [40923] Apache Tomcat up to 6.0.15 unknown vulnerability
9132| [40922] Apache Tomcat up to 6.0 information disclosure
9133| [40710] Apache HTTP Server up to 2.0.61 mod_negotiation cross site scripting
9134| [40709] Apache HTTP Server up to 2.0.53 mod_negotiation cross site scripting
9135| [40656] Apache Tomcat 5.5.20 information disclosure
9136| [40503] Apache HTTP Server mod_proxy_ftp cross site scripting
9137| [40502] Apache HTTP Server up to 2.2.5 mod_proxy_balancer memory corruption
9138| [40501] Apache HTTP Server 2.2.6 mod_proxy_balancer cross site request forgery
9139| [40398] Apache HTTP Server up to 2.2 mod_proxy_balancer cross site scripting
9140| [40397] Apache HTTP Server up to 2.2 mod_proxy_balancer balancer_handler denial of service
9141| [40234] Apache Tomcat up to 6.0.15 directory traversal
9142| [40221] Apache HTTP Server 2.2.6 information disclosure
9143| [40027] David Castro Apache Authcas 0.4 sql injection
9144| [3495] Apache OpenOffice up to 2.3 Database Document Processor unknown vulnerability
9145| [3489] Apache HTTP Server 2.x HTTP Header cross site scripting
9146| [3414] Apache Tomcat WebDAV Stored privilege escalation
9147| [39489] Apache Jakarta Slide up to 2.1 directory traversal
9148| [39540] Apache Geronimo 2.0/2.0.1/2.0.2/2.1 unknown vulnerability
9149| [3310] Apache OpenOffice 1.1.3/2.0.4/2.2.1 TIFF Image Parser Heap-based memory corruption
9150| [38768] Apache HTTP Server up to 2.1.7 mod_autoindex.c cross site scripting
9151| [38952] Apache Geronimo 2.0.1/2.1 unknown vulnerability
9152| [38658] Apache Tomcat 4.1.31 cal2.jsp cross site request forgery
9153| [38524] Apache Geronimo 2.0 unknown vulnerability
9154| [3256] Apache Tomcat up to 6.0.13 cross site scripting
9155| [38331] Apache Tomcat 4.1.24 information disclosure
9156| [38330] Apache Tomcat 4.1.24 information disclosure
9157| [38185] Apache Tomcat 3.3/3.3.1/3.3.1a/3.3.2 Error Message CookieExample cross site scripting
9158| [37967] Apache Tomcat up to 4.1.36 Error Message sendmail.jsp cross site scripting
9159| [37647] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 Authorization unknown vulnerability
9160| [37646] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 unknown vulnerability
9161| [3141] Apache Tomcat up to 4.1.31 Accept-Language Header cross site scripting
9162| [3133] Apache Tomcat up to 6.0 HTTP cross site scripting
9163| [37292] Apache Tomcat up to 5.5.1 cross site scripting
9164| [3130] Apache OpenOffice 2.2.1 RTF Document Heap-based memory corruption
9165| [36981] Apache Tomcat JK Web Server Connector up to 1.2.22 mod_jk directory traversal
9166| [36892] Apache Tomcat up to 4.0.0 hello.jsp cross site scripting
9167| [37320] Apache MyFaces Tomahawk up to 1.1.4 cross site scripting
9168| [36697] Apache Tomcat up to 5.5.17 implicit-objects.jsp cross site scripting
9169| [36491] Apache Axis 1.0 Installation javaioFileNotFoundException information disclosure
9170| [36400] Apache Tomcat 5.5.15 mod_jk cross site scripting
9171| [36698] Apache Tomcat up to 4.0.0 cal2.jsp cross site scripting
9172| [36224] XAMPP Apache Distribution up to 1.6.0a adodb.php connect memory corruption
9173| [36225] XAMPP Apache Distribution 1.6.0a sql injection
9174| [2997] Apache httpd/Tomcat 5.5/6.0 directory traversal
9175| [35896] Apache Apache Test up to 1.29 mod_perl denial of service
9176| [35653] Avaya S8300 Cm 3.1.2 Apache Tomcat unknown vulnerability
9177| [35402] Apache Tomcat JK Web Server Connector 1.2.19 mod_jk.so map_uri_to_worker memory corruption
9178| [35067] Apache Stats up to 0.0.2 extract unknown vulnerability
9179| [35025] Apache Stats up to 0.0.3 extract unknown vulnerability
9180| [34252] Apache HTTP Server denial of service
9181| [2795] Apache OpenOffice 2.0.4 WMF/EMF File Heap-based memory corruption
9182| [33877] Apache Opentaps 0.9.3 cross site scripting
9183| [33876] Apache Open For Business Project unknown vulnerability
9184| [33875] Apache Open For Business Project cross site scripting
9185| [2703] Apache Jakarta Tomcat up to 5.x der_get_oid memory corruption
9186| [2611] Apache HTTP Server up to 1.0.1 set_var Format String
9187|
9188| MITRE CVE - https://cve.mitre.org:
9189| [CVE-2013-4156] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
9190| [CVE-2013-4131] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.
9191| [CVE-2013-3239] phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
9192| [CVE-2013-3060] The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
9193| [CVE-2013-2765] The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
9194| [CVE-2013-2251] Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
9195| [CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
9196| [CVE-2013-2248] Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
9197| [CVE-2013-2189] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
9198| [CVE-2013-2135] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice.
9199| [CVE-2013-2134] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
9200| [CVE-2013-2115] Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.
9201| [CVE-2013-2071] java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes.
9202| [CVE-2013-2067] java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.
9203| [CVE-2013-1966] Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
9204| [CVE-2013-1965] Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.1, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
9205| [CVE-2013-1896] mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
9206| [CVE-2013-1884] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
9207| [CVE-2013-1879] Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."
9208| [CVE-2013-1862] mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
9209| [CVE-2013-1849] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.
9210| [CVE-2013-1847] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
9211| [CVE-2013-1846] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.
9212| [CVE-2013-1845] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
9213| [CVE-2013-1814] The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.
9214| [CVE-2013-1777] The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not property implement the RMI classloader, which allows remote attackers to execute arbitrary code by using the JMX connector to send a crafted serialized object.
9215| [CVE-2013-1768] The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
9216| [CVE-2013-1088] Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
9217| [CVE-2013-1048] The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
9218| [CVE-2013-0966] The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.
9219| [CVE-2013-0942] Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
9220| [CVE-2013-0941] EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
9221| [CVE-2013-0253] The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.
9222| [CVE-2013-0248] The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
9223| [CVE-2013-0239] Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element.
9224| [CVE-2012-6573] Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving autocomplete results.
9225| [CVE-2012-6551] The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
9226| [CVE-2012-6092] Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.
9227| [CVE-2012-5887] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.
9228| [CVE-2012-5886] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.
9229| [CVE-2012-5885] The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.
9230| [CVE-2012-5786] The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
9231| [CVE-2012-5785] Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
9232| [CVE-2012-5784] Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
9233| [CVE-2012-5783] Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
9234| [CVE-2012-5633] The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request.
9235| [CVE-2012-5616] Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.
9236| [CVE-2012-5568] Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
9237| [CVE-2012-5351] Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
9238| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
9239| [CVE-2012-4557] The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
9240| [CVE-2012-4556] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.
9241| [CVE-2012-4555] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.
9242| [CVE-2012-4534] org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.
9243| [CVE-2012-4528] The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
9244| [CVE-2012-4501] Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs.
9245| [CVE-2012-4460] The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash.
9246| [CVE-2012-4459] Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
9247| [CVE-2012-4458] The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
9248| [CVE-2012-4446] The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
9249| [CVE-2012-4431] org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
9250| [CVE-2012-4418] Apache Axis2 allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
9251| [CVE-2012-4387] Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.
9252| [CVE-2012-4386] The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks by setting the token name configuration parameter to a session attribute.
9253| [CVE-2012-4360] Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
9254| [CVE-2012-4063] The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors.
9255| [CVE-2012-4001] The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
9256| [CVE-2012-3908] Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow remote attackers to hijack the authentication of administrators, aka Bug ID CSCty46684.
9257| [CVE-2012-3546] org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.
9258| [CVE-2012-3544] Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
9259| [CVE-2012-3526] The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
9260| [CVE-2012-3513] munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.
9261| [CVE-2012-3506] Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.
9262| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
9263| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
9264| [CVE-2012-3467] Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication.
9265| [CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
9266| [CVE-2012-3446] Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
9267| [CVE-2012-3376] DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.
9268| [CVE-2012-3373] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.21 and 1.5.x before 1.5.8 allows remote attackers to inject arbitrary web script or HTML via vectors involving a %00 sequence in an Ajax link URL associated with a Wicket app.
9269| [CVE-2012-3126] Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent.
9270| [CVE-2012-3123] Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Server.
9271| [CVE-2012-2760] mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.
9272| [CVE-2012-2733] java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
9273| [CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
9274| [CVE-2012-2381] Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the blogger role.
9275| [CVE-2012-2380] Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality.
9276| [CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
9277| [CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.
9278| [CVE-2012-2329] Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.
9279| [CVE-2012-2145] Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
9280| [CVE-2012-2138] The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP request.
9281| [CVE-2012-2098] Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
9282| [CVE-2012-1574] The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
9283| [CVE-2012-1181] fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.
9284| [CVE-2012-1089] Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.
9285| [CVE-2012-1007] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do.
9286| [CVE-2012-1006] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders.
9287| [CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
9288| [CVE-2012-0840] tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
9289| [CVE-2012-0838] Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
9290| [CVE-2012-0788] The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.
9291| [CVE-2012-0394] ** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself."
9292| [CVE-2012-0393] The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object.
9293| [CVE-2012-0392] The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
9294| [CVE-2012-0391] The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
9295| [CVE-2012-0256] Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.
9296| [CVE-2012-0216] The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.
9297| [CVE-2012-0213] The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.
9298| [CVE-2012-0053] protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
9299| [CVE-2012-0047] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter.
9300| [CVE-2012-0031] scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
9301| [CVE-2012-0022] Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
9302| [CVE-2012-0021] The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.
9303| [CVE-2011-5064] DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184.
9304| [CVE-2011-5063] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.
9305| [CVE-2011-5062] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.
9306| [CVE-2011-5057] Apache Struts 2.3.1.1 and earlier provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor."
9307| [CVE-2011-5034] Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.
9308| [CVE-2011-4905] Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
9309| [CVE-2011-4858] Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
9310| [CVE-2011-4668] IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
9311| [CVE-2011-4449] actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
9312| [CVE-2011-4415] The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
9313| [CVE-2011-4317] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
9314| [CVE-2011-3639] The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
9315| [CVE-2011-3620] Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username.
9316| [CVE-2011-3607] Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
9317| [CVE-2011-3376] org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.
9318| [CVE-2011-3375] Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
9319| [CVE-2011-3368] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
9320| [CVE-2011-3348] The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
9321| [CVE-2011-3192] The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
9322| [CVE-2011-3190] Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
9323| [CVE-2011-2729] native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
9324| [CVE-2011-2712] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
9325| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
9326| [CVE-2011-2526] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.
9327| [CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
9328| [CVE-2011-2481] Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. NOTE: this vulnerability exists because of a CVE-2009-0783 regression.
9329| [CVE-2011-2329] The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than CVE-2011-0730.
9330| [CVE-2011-2204] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
9331| [CVE-2011-2088] XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
9332| [CVE-2011-2087] Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
9333| [CVE-2011-1928] The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.
9334| [CVE-2011-1921] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
9335| [CVE-2011-1783] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.
9336| [CVE-2011-1772] Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
9337| [CVE-2011-1752] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
9338| [CVE-2011-1610] Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.
9339| [CVE-2011-1582] Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.
9340| [CVE-2011-1571] Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
9341| [CVE-2011-1570] Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
9342| [CVE-2011-1503] The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL.
9343| [CVE-2011-1502] Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
9344| [CVE-2011-1498] Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.
9345| [CVE-2011-1475] The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users."
9346| [CVE-2011-1419] Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088.
9347| [CVE-2011-1318] Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted.
9348| [CVE-2011-1184] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
9349| [CVE-2011-1183] Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1088 and CVE-2011-1419.
9350| [CVE-2011-1176] The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
9351| [CVE-2011-1088] Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application.
9352| [CVE-2011-1077] Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
9353| [CVE-2011-1026] Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to hijack the authentication of administrators.
9354| [CVE-2011-0715] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
9355| [CVE-2011-0534] Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
9356| [CVE-2011-0533] Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta
9357| [CVE-2011-0419] Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
9358| [CVE-2011-0013] Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
9359| [CVE-2010-4644] Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
9360| [CVE-2010-4539] The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
9361| [CVE-2010-4476] The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
9362| [CVE-2010-4455] Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 and 11.1.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Apache Plugin.
9363| [CVE-2010-4408] Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of the administrator's password at the time of modifying a user account, which makes it easier for context-dependent attackers to gain privileges by leveraging a (1) unattended workstation or (2) cross-site request forgery (CSRF) vulnerability, a related issue to CVE-2010-3449.
9364| [CVE-2010-4312] The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a session via script access to a cookie.
9365| [CVE-2010-4172] Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
9366| [CVE-2010-3872] The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite."
9367| [CVE-2010-3863] Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI.
9368| [CVE-2010-3854] Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
9369| [CVE-2010-3718] Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.
9370| [CVE-2010-3449] Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1
9371| [CVE-2010-3315] authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
9372| [CVE-2010-3083] sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and other products, when SSL is enabled, allows remote attackers to cause a denial of service (daemon outage) by connecting to the SSL port but not participating in an SSL handshake.
9373| [CVE-2010-2952] Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response.
9374| [CVE-2010-2791] mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
9375| [CVE-2010-2375] Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
9376| [CVE-2010-2234] Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL.
9377| [CVE-2010-2227] Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
9378| [CVE-2010-2103] Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.
9379| [CVE-2010-2086] Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
9380| [CVE-2010-2076] Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
9381| [CVE-2010-2068] mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
9382| [CVE-2010-2057] shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack.
9383| [CVE-2010-1632] Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
9384| [CVE-2010-1623] Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
9385| [CVE-2010-1587] The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
9386| [CVE-2010-1452] The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
9387| [CVE-2010-1325] Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect.
9388| [CVE-2010-1244] Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
9389| [CVE-2010-1157] Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
9390| [CVE-2010-1151] Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials.
9391| [CVE-2010-0684] Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
9392| [CVE-2010-0434] The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
9393| [CVE-2010-0432] Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the productStoreId parameter to control/exportProductListing, (2) the partyId parameter to partymgr/control/viewprofile (aka partymgr/control/login), (3) the start parameter to myportal/control/showPortalPage, (4) an invalid URI beginning with /facility/control/ReceiveReturn (aka /crmsfa/control/ReceiveReturn or /cms/control/ReceiveReturn), (5) the contentId parameter (aka the entityName variable) to ecommerce/control/ViewBlogArticle, (6) the entityName parameter to webtools/control/FindGeneric, or the (7) subject or (8) content parameter to an unspecified component under ecommerce/control/contactus.
9394| [CVE-2010-0425] modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
9395| [CVE-2010-0408] The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
9396| [CVE-2010-0390] Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information.
9397| [CVE-2010-0219] Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
9398| [CVE-2010-0010] Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
9399| [CVE-2010-0009] Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
9400| [CVE-2009-5120] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.
9401| [CVE-2009-5119] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
9402| [CVE-2009-5006] The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange.
9403| [CVE-2009-5005] The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service (daemon crash and cluster outage) via invalid AMQP data.
9404| [CVE-2009-4355] Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
9405| [CVE-2009-4269] The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
9406| [CVE-2009-3923] The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
9407| [CVE-2009-3890] Unrestricted file upload vulnerability in the wp_check_filetype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the mod_mime module in the Apache HTTP Server is enabled, allows remote authenticated users to execute arbitrary code by posting an attachment with a multiple-extension filename, and then accessing this attachment via a direct request to a wp-content/uploads/ pathname, as demonstrated by a .php.jpg filename.
9408| [CVE-2009-3843] HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
9409| [CVE-2009-3821] Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
9410| [CVE-2009-3555] The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
9411| [CVE-2009-3548] The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
9412| [CVE-2009-3250] The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. on Windows, or (3) .php/ on Linux, and then making a direct request to a certain pathname under storage/.
9413| [CVE-2009-3095] The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
9414| [CVE-2009-3094] The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
9415| [CVE-2009-2902] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
9416| [CVE-2009-2901] The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests.
9417| [CVE-2009-2823] The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
9418| [CVE-2009-2699] The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
9419| [CVE-2009-2696] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
9420| [CVE-2009-2693] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
9421| [CVE-2009-2625] XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
9422| [CVE-2009-2412] Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR
9423| [CVE-2009-2299] The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
9424| [CVE-2009-1956] Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
9425| [CVE-2009-1955] The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
9426| [CVE-2009-1903] The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
9427| [CVE-2009-1891] The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
9428| [CVE-2009-1890] The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
9429| [CVE-2009-1885] Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
9430| [CVE-2009-1462] The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.
9431| [CVE-2009-1275] Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.
9432| [CVE-2009-1195] The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
9433| [CVE-2009-1191] mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
9434| [CVE-2009-1012] Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.
9435| [CVE-2009-0918] Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
9436| [CVE-2009-0796] Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
9437| [CVE-2009-0783] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
9438| [CVE-2009-0781] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
9439| [CVE-2009-0754] PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.
9440| [CVE-2009-0580] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
9441| [CVE-2009-0486] Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery (CSRF) protection mechanisms and conduct unauthorized activities as other users.
9442| [CVE-2009-0039] Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
9443| [CVE-2009-0038] Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring
9444| [CVE-2009-0033] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
9445| [CVE-2009-0026] Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
9446| [CVE-2009-0023] The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
9447| [CVE-2008-6879] Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
9448| [CVE-2008-6755] ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
9449| [CVE-2008-6722] Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache.
9450| [CVE-2008-6682] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
9451| [CVE-2008-6505] Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x.
9452| [CVE-2008-6504] ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
9453| [CVE-2008-5696] Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
9454| [CVE-2008-5676] Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching."
9455| [CVE-2008-5519] The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.
9456| [CVE-2008-5518] Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet)
9457| [CVE-2008-5515] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
9458| [CVE-2008-5457] Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
9459| [CVE-2008-4308] The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
9460| [CVE-2008-4008] Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter.
9461| [CVE-2008-3666] Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured
9462| [CVE-2008-3271] Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.
9463| [CVE-2008-3257] Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
9464| [CVE-2008-2939] Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
9465| [CVE-2008-2938] Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
9466| [CVE-2008-2742] Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled.
9467| [CVE-2008-2717] TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.
9468| [CVE-2008-2579] Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
9469| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
9470| [CVE-2008-2370] Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.
9471| [CVE-2008-2364] The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
9472| [CVE-2008-2168] Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
9473| [CVE-2008-2025] Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."
9474| [CVE-2008-1947] Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
9475| [CVE-2008-1734] Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.
9476| [CVE-2008-1678] Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
9477| [CVE-2008-1232] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.
9478| [CVE-2008-0869] Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
9479| [CVE-2008-0732] The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
9480| [CVE-2008-0555] The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.
9481| [CVE-2008-0457] Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
9482| [CVE-2008-0456] CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
9483| [CVE-2008-0455] Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
9484| [CVE-2008-0128] The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
9485| [CVE-2008-0005] mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
9486| [CVE-2008-0002] Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.
9487| [CVE-2007-6750] The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
9488| [CVE-2007-6726] Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.
9489| [CVE-2007-6514] Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.
9490| [CVE-2007-6423] ** DISPUTED ** Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue.
9491| [CVE-2007-6422] The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
9492| [CVE-2007-6421] Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
9493| [CVE-2007-6420] Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.
9494| [CVE-2007-6388] Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
9495| [CVE-2007-6361] Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrated by a log file that records the titles of blog entries. NOTE: access to temp/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
9496| [CVE-2007-6342] SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the SESSION_COOKIE_NAME (session ID) in a cookie.
9497| [CVE-2007-6286] Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
9498| [CVE-2007-6258] Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.
9499| [CVE-2007-6231] Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the tm_includepath parameter to (1) Classes.inc.php, (2) statistic.inc.php, (3) status.inc.php, (4) status_top_x.inc.php, or (5) libchart-1.1/libchart.php in include/. NOTE: access to include/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
9500| [CVE-2007-6203] Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
9501| [CVE-2007-5797] SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database.
9502| [CVE-2007-5731] Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461.
9503| [CVE-2007-5461] Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
9504| [CVE-2007-5342] The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
9505| [CVE-2007-5333] Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
9506| [CVE-2007-5156] Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.
9507| [CVE-2007-5085] Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors.
9508| [CVE-2007-5000] Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
9509| [CVE-2007-4724] Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.
9510| [CVE-2007-4723] Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
9511| [CVE-2007-4641] Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting code into an Apache log file.
9512| [CVE-2007-4556] Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a "%{" sequence and ending with a "}" character.
9513| [CVE-2007-4548] The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginException for failed logins, which allows remote attackers to bypass authentication requirements, deploy arbitrary modules, and gain administrative access by sending a blank username and password with the command line deployer in the deployment module.
9514| [CVE-2007-4465] Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.
9515| [CVE-2007-3847] The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
9516| [CVE-2007-3571] The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
9517| [CVE-2007-3386] Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.
9518| [CVE-2007-3385] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.
9519| [CVE-2007-3384] Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages.
9520| [CVE-2007-3383] Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages.
9521| [CVE-2007-3382] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.
9522| [CVE-2007-3304] Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
9523| [CVE-2007-3303] Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.
9524| [CVE-2007-3101] Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client.
9525| [CVE-2007-2450] Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
9526| [CVE-2007-2449] Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the '
9527| [CVE-2007-2353] Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message.
9528| [CVE-2007-2025] Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
9529| [CVE-2007-1863] cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
9530| [CVE-2007-1862] The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
9531| [CVE-2007-1860] mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450.
9532| [CVE-2007-1858] The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
9533| [CVE-2007-1842] Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019.
9534| [CVE-2007-1801] Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf_lang_default parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by inc/lang.php.
9535| [CVE-2007-1743] suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.
9536| [CVE-2007-1742] suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
9537| [CVE-2007-1741] Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
9538| [CVE-2007-1720] Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file.
9539| [CVE-2007-1636] Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header.
9540| [CVE-2007-1633] Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by bbcode_ref.php.
9541| [CVE-2007-1577] Directory traversal vulnerability in index.php in GeBlog 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tplname] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
9542| [CVE-2007-1539] Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.
9543| [CVE-2007-1524] Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the settings[skin] parameter, as demonstrated by injecting PHP code into an Apache HTTP Server log file, which can then be included via themes/default/.
9544| [CVE-2007-1491] Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.
9545| [CVE-2007-1358] Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
9546| [CVE-2007-1349] PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
9547| [CVE-2007-0975] Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array.
9548| [CVE-2007-0930] Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function.
9549| [CVE-2007-0792] The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file.
9550| [CVE-2007-0774] Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine.
9551| [CVE-2007-0637] Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php.
9552| [CVE-2007-0451] Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage."
9553| [CVE-2007-0450] Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
9554| [CVE-2007-0419] The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service (server outage).
9555| [CVE-2007-0173] Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when register_globals is enabled and magic_quotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
9556| [CVE-2007-0098] Directory traversal vulnerability in language.php in VerliAdmin 0.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
9557| [CVE-2007-0086] ** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.
9558| [CVE-2006-7217] Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode.
9559| [CVE-2006-7216] Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
9560| [CVE-2006-7197] The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.
9561| [CVE-2006-7196] Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1.
9562| [CVE-2006-7195] Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values.
9563| [CVE-2006-7098] The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
9564| [CVE-2006-6869] Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
9565| [CVE-2006-6675] Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecifeid parameters in Welcome web-app.
9566| [CVE-2006-6613] Directory traversal vulnerability in language.php in phpAlbum 0.4.1 Beta 6 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files or obtain sensitive information via a .. (dot dot) in the pa_lang[include_file] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
9567| [CVE-2006-6589] Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project (OFBiz) and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCH_STRING parameter, a different issue than CVE-2006-6587. NOTE: some of these details are obtained from third party information.
9568| [CVE-2006-6588] The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact.
9569| [CVE-2006-6587] Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
9570| [CVE-2006-6445] Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
9571| [CVE-2006-6071] TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLogin with sessions and "ErrorDocument 401" redirects to a valid wiki topic, does not properly handle failed login attempts, which allows remote attackers to read arbitrary content by cancelling out of a failed authentication with a valid username and invalid password.
9572| [CVE-2006-6047] Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
9573| [CVE-2006-5894] Directory traversal vulnerability in lang.php in Rama CMS 0.68 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by lang.php.
9574| [CVE-2006-5752] Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
9575| [CVE-2006-5733] Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
9576| [CVE-2006-5263] Directory traversal vulnerability in templates/header.php3 in phpMyAgenda 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter, as demonstrated by a parameter value naming an Apache HTTP Server log file that apparently contains PHP code.
9577| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
9578| [CVE-2006-4636] Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code.
9579| [CVE-2006-4625] PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
9580| [CVE-2006-4558] DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.
9581| [CVE-2006-4191] Directory traversal vulnerability in memcp.php in XMB (Extreme Message Board) 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by header.php.
9582| [CVE-2006-4154] Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
9583| [CVE-2006-4110] Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
9584| [CVE-2006-4004] Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
9585| [CVE-2006-3918] http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
9586| [CVE-2006-3835] Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (
9587| [CVE-2006-3747] Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
9588| [CVE-2006-3362] Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.
9589| [CVE-2006-3102] Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.
9590| [CVE-2006-3070] write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php.
9591| [CVE-2006-2831] Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743.
9592| [CVE-2006-2806] The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
9593| [CVE-2006-2743] Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.
9594| [CVE-2006-2514] Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions.
9595| [CVE-2006-2330] PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata.
9596| [CVE-2006-1777] Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PHP sequences into an Apache error_log file, which is then included by doc/index.php.
9597| [CVE-2006-1564] Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory.
9598| [CVE-2006-1548] Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.
9599| [CVE-2006-1547] ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
9600| [CVE-2006-1546] Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.
9601| [CVE-2006-1393] Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors.
9602| [CVE-2006-1346] Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by index.php.
9603| [CVE-2006-1292] Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php.
9604| [CVE-2006-1243] Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included using install05.php.
9605| [CVE-2006-1095] Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
9606| [CVE-2006-1079] htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
9607| [CVE-2006-1078] Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
9608| [CVE-2006-0743] Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
9609| [CVE-2006-0254] Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.
9610| [CVE-2006-0150] Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username.
9611| [CVE-2006-0144] The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.
9612| [CVE-2006-0042] Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.
9613| [CVE-2005-4857] eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error".
9614| [CVE-2005-4849] Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information.
9615| [CVE-2005-4836] The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.
9616| [CVE-2005-4814] Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory.
9617| [CVE-2005-4703] Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto.
9618| [CVE-2005-3745] Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message.
9619| [CVE-2005-3630] Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.
9620| [CVE-2005-3510] Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
9621| [CVE-2005-3392] Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
9622| [CVE-2005-3357] mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
9623| [CVE-2005-3352] Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
9624| [CVE-2005-3319] The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
9625| [CVE-2005-3164] The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages.
9626| [CVE-2005-2970] Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
9627| [CVE-2005-2963] The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.
9628| [CVE-2005-2728] The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
9629| [CVE-2005-2660] apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug.
9630| [CVE-2005-2088] The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
9631| [CVE-2005-1754] ** DISPUTED ** JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
9632| [CVE-2005-1753] ** DISPUTED ** ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
9633| [CVE-2005-1344] Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
9634| [CVE-2005-1268] Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
9635| [CVE-2005-1266] Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
9636| [CVE-2005-0808] Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
9637| [CVE-2005-0182] The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack.
9638| [CVE-2005-0108] Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument.
9639| [CVE-2004-2734] webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
9640| [CVE-2004-2680] mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
9641| [CVE-2004-2650] Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.
9642| [CVE-2004-2343] ** DISPUTED ** Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument.
9643| [CVE-2004-2336] Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server.
9644| [CVE-2004-2115] Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request.
9645| [CVE-2004-1834] mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information.
9646| [CVE-2004-1765] Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.
9647| [CVE-2004-1545] UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.
9648| [CVE-2004-1438] The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.
9649| [CVE-2004-1405] MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
9650| [CVE-2004-1404] Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
9651| [CVE-2004-1387] The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
9652| [CVE-2004-1084] Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
9653| [CVE-2004-1083] Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization.
9654| [CVE-2004-1082] mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
9655| [CVE-2004-0942] Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
9656| [CVE-2004-0940] Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
9657| [CVE-2004-0885] The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
9658| [CVE-2004-0811] Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
9659| [CVE-2004-0809] The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
9660| [CVE-2004-0786] The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
9661| [CVE-2004-0751] The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).
9662| [CVE-2004-0748] mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.
9663| [CVE-2004-0747] Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
9664| [CVE-2004-0700] Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
9665| [CVE-2004-0646] Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields.
9666| [CVE-2004-0529] The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
9667| [CVE-2004-0493] The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
9668| [CVE-2004-0492] Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
9669| [CVE-2004-0490] cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
9670| [CVE-2004-0488] Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
9671| [CVE-2004-0263] PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
9672| [CVE-2004-0174] Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."
9673| [CVE-2004-0173] Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences.
9674| [CVE-2004-0113] Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
9675| [CVE-2004-0009] Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user.
9676| [CVE-2003-1581] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
9677| [CVE-2003-1580] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
9678| [CVE-2003-1573] The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages."
9679| [CVE-2003-1521] Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
9680| [CVE-2003-1516] The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
9681| [CVE-2003-1502] mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges.
9682| [CVE-2003-1418] Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child proccess IDs (PID).
9683| [CVE-2003-1307] ** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."
9684| [CVE-2003-1172] Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.
9685| [CVE-2003-1171] Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data.
9686| [CVE-2003-1138] The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
9687| [CVE-2003-1054] mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.
9688| [CVE-2003-0993] mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
9689| [CVE-2003-0987] mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
9690| [CVE-2003-0866] The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
9691| [CVE-2003-0844] mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
9692| [CVE-2003-0843] Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header.
9693| [CVE-2003-0789] mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
9694| [CVE-2003-0771] Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.
9695| [CVE-2003-0658] Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
9696| [CVE-2003-0542] Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
9697| [CVE-2003-0460] The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.
9698| [CVE-2003-0254] Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
9699| [CVE-2003-0253] The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
9700| [CVE-2003-0249] ** DISPUTED ** PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report."
9701| [CVE-2003-0245] Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
9702| [CVE-2003-0192] Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.
9703| [CVE-2003-0189] The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.
9704| [CVE-2003-0134] Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.
9705| [CVE-2003-0132] A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
9706| [CVE-2003-0083] Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.
9707| [CVE-2003-0020] Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
9708| [CVE-2003-0017] Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.
9709| [CVE-2003-0016] Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
9710| [CVE-2002-2310] ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.
9711| [CVE-2002-2309] php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
9712| [CVE-2002-2272] Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
9713| [CVE-2002-2103] Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
9714| [CVE-2002-2029] PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
9715| [CVE-2002-2012] Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.
9716| [CVE-2002-2009] Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
9717| [CVE-2002-2008] Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
9718| [CVE-2002-2007] The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.
9719| [CVE-2002-2006] The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
9720| [CVE-2002-1895] The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN.
9721| [CVE-2002-1850] mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.
9722| [CVE-2002-1793] HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.
9723| [CVE-2002-1658] Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
9724| [CVE-2002-1635] The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin.
9725| [CVE-2002-1593] mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
9726| [CVE-2002-1592] The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.
9727| [CVE-2002-1567] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.
9728| [CVE-2002-1394] Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
9729| [CVE-2002-1233] A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
9730| [CVE-2002-1157] Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.
9731| [CVE-2002-1156] Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled.
9732| [CVE-2002-1148] The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
9733| [CVE-2002-0935] Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
9734| [CVE-2002-0843] Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
9735| [CVE-2002-0840] Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.
9736| [CVE-2002-0839] The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
9737| [CVE-2002-0682] Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
9738| [CVE-2002-0661] Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
9739| [CVE-2002-0658] OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
9740| [CVE-2002-0654] Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs when a script (child process) cannot be invoked.
9741| [CVE-2002-0653] Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
9742| [CVE-2002-0513] The PHP administration script in popper_mod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator.
9743| [CVE-2002-0493] Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
9744| [CVE-2002-0392] Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
9745| [CVE-2002-0259] InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.
9746| [CVE-2002-0249] PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
9747| [CVE-2002-0240] PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
9748| [CVE-2002-0082] The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.
9749| [CVE-2002-0061] Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
9750| [CVE-2001-1556] The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.
9751| [CVE-2001-1534] mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.
9752| [CVE-2001-1510] Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
9753| [CVE-2001-1449] The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
9754| [CVE-2001-1385] The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
9755| [CVE-2001-1342] Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
9756| [CVE-2001-1217] Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
9757| [CVE-2001-1216] Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page.
9758| [CVE-2001-1072] Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.
9759| [CVE-2001-1013] Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
9760| [CVE-2001-0925] The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
9761| [CVE-2001-0829] A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
9762| [CVE-2001-0766] Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
9763| [CVE-2001-0731] Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
9764| [CVE-2001-0730] split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
9765| [CVE-2001-0729] Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
9766| [CVE-2001-0590] Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
9767| [CVE-2001-0131] htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
9768| [CVE-2001-0108] PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
9769| [CVE-2001-0042] PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.
9770| [CVE-2000-1247] The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI.
9771| [CVE-2000-1210] Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
9772| [CVE-2000-1206] Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files.
9773| [CVE-2000-1205] Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant.
9774| [CVE-2000-1204] Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.
9775| [CVE-2000-1168] IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
9776| [CVE-2000-1016] The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
9777| [CVE-2000-0913] mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
9778| [CVE-2000-0883] The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
9779| [CVE-2000-0869] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary diretories via the PROPFIND HTTP request method.
9780| [CVE-2000-0868] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
9781| [CVE-2000-0791] Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.
9782| [CVE-2000-0760] The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
9783| [CVE-2000-0759] Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
9784| [CVE-2000-0628] The source.asp example script in the Apache ASP module Apache::ASP 1.93 and earlier allows remote attackers to modify files.
9785| [CVE-2000-0505] The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
9786| [CVE-1999-1412] A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
9787| [CVE-1999-1293] mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
9788| [CVE-1999-1237] Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
9789| [CVE-1999-1199] Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
9790| [CVE-1999-1053] guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
9791| [CVE-1999-0926] Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
9792| [CVE-1999-0678] A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
9793| [CVE-1999-0448] IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
9794| [CVE-1999-0289] The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
9795| [CVE-1999-0236] ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
9796| [CVE-1999-0107] Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
9797| [CVE-1999-0071] Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
9798|
9799| SecurityFocus - https://www.securityfocus.com/bid/:
9800| [104554] Apache HBase CVE-2018-8025 Security Bypass Vulnerability
9801| [104465] Apache Geode CVE-2017-15695 Remote Code Execution Vulnerability
9802| [104418] Apache Storm CVE-2018-8008 Arbitrary File Write Vulnerability
9803| [104399] Apache Storm CVE-2018-1332 User Impersonation Vulnerability
9804| [104348] Apache UIMA CVE-2017-15691 XML External Entity Injection Vulnerability
9805| [104313] Apache NiFi XML External Entity Injection and Denial of Service Vulnerability
9806| [104259] Apache Geode CVE-2017-12622 Authorization Bypass Vulnerability
9807| [104257] Apache Sling XSS Protection API CVE-2017-15717 Cross Site Scripting Vulnerability
9808| [104253] Apache ZooKeeper CVE-2018-8012 Security Bypass Vulnerability
9809| [104252] Apache Batik CVE-2018-8013 Information Disclosure Vulnerability
9810| [104239] Apache Solr CVE-2018-8010 XML External Entity Multiple Information Disclosure Vulnerabilities
9811| [104215] Apache ORC CVE-2018-8015 Denial of Service Vulnerability
9812| [104203] Apache Tomcat CVE-2018-8014 Security Bypass Vulnerability
9813| [104161] Apache Ambari CVE-2018-8003 Directory Traversal Vulnerability
9814| [104140] Apache Derby CVE-2018-1313 Security Bypass Vulnerability
9815| [104135] Apache Tika CVE-2018-1338 Denial of Service Vulnerability
9816| [104008] Apache Fineract CVE-2018-1291 SQL Injection Vulnerability
9817| [104007] Apache Fineract CVE-2018-1292 SQL Injection Vulnerability
9818| [104005] Apache Fineract CVE-2018-1289 SQL Injection Vulnerability
9819| [104001] Apache Tika CVE-2018-1335 Remote Command Injection Vulnerability
9820| [103975] Apache Fineract CVE-2018-1290 SQL Injection Vulnerability
9821| [103974] Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
9822| [103772] Apache Traffic Server CVE-2017-7671 Denial of Service Vulnerability
9823| [103770] Apache Traffic Server CVE-2017-5660 Security Bypass Vulnerability
9824| [103751] Apache Hive CVE-2018-1282 SQL Injection Vulnerability
9825| [103750] Apache Hive CVE-2018-1284 Security Bypass Vulnerability
9826| [103692] Apache Ignite CVE-2018-1295 Arbitrary Code Execution Vulnerability
9827| [103528] Apache HTTP Server CVE-2018-1302 Denial of Service Vulnerability
9828| [103525] Apache HTTP Server CVE-2017-15715 Remote Security Bypass Vulnerability
9829| [103524] Apache HTTP Server CVE-2018-1312 Remote Security Bypass Vulnerability
9830| [103522] Apache HTTP Server CVE-2018-1303 Denial of Service Vulnerability
9831| [103520] Apache HTTP Server CVE-2018-1283 Remote Security Vulnerability
9832| [103516] Apache Struts CVE-2018-1327 Denial of Service Vulnerability
9833| [103515] Apache HTTP Server CVE-2018-1301 Denial of Service Vulnerability
9834| [103512] Apache HTTP Server CVE-2017-15710 Denial of Service Vulnerability
9835| [103508] Apache Syncope CVE-2018-1321 Multiple Remote Code Execution Vulnerabilities
9836| [103507] Apache Syncope CVE-2018-1322 Multiple Information Disclosure Vulnerabilities
9837| [103490] Apache Commons Compress CVE-2018-1324 Multiple Denial Of Service Vulnerabilities
9838| [103434] APACHE Allura CVE-2018-1319 HTTP Response Splitting Vulnerability
9839| [103389] Apache Tomcat JK Connector CVE-2018-1323 Directory Traversal Vulnerability
9840| [103222] Apache CloudStack CVE-2013-4317 Information Disclosure Vulnerability
9841| [103219] Apache Xerces-C CVE-2017-12627 Null Pointer Dereference Denial of Service Vulnerability
9842| [103206] Apache Geode CVE-2017-15693 Remote Code Execution Vulnerability
9843| [103205] Apache Geode CVE-2017-15692 Remote Code Execution Vulnerability
9844| [103170] Apache Tomcat CVE-2018-1304 Security Bypass Vulnerability
9845| [103144] Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
9846| [103102] Apache Oozie CVE-2017-15712 Information Disclosure Vulnerability
9847| [103098] Apache Karaf CVE-2016-8750 LDAP Injection Vulnerability
9848| [103069] Apache Tomcat CVE-2017-15706 Remote Security Weakness
9849| [103068] Apache JMeter CVE-2018-1287 Security Bypass Vulnerability
9850| [103067] Apache Qpid Dispatch Router 'router_core/connections.c' Denial of Service Vulnerability
9851| [103036] Apache CouchDB CVE-2017-12636 Remote Code Execution Vulnerability
9852| [103025] Apache Thrift CVE-2016-5397 Remote Command Injection Vulnerability
9853| [102879] Apache POI CVE-2017-12626 Multiple Denial of Service Vulnerabilities
9854| [102842] Apache NiFi CVE-2017-12632 Host Header Injection Vulnerability
9855| [102815] Apache NiFi CVE-2017-15697 Multiple Cross Site Scripting Vulnerabilities
9856| [102488] Apache Geode CVE-2017-9795 Remote Code Execution Vulnerability
9857| [102229] Apache Sling CVE-2017-15700 Information Disclosure Vulnerability
9858| [102226] Apache Drill CVE-2017-12630 Cross Site Scripting Vulnerability
9859| [102154] Multiple Apache Products CVE-2017-15708 Remote Code Execution Vulnerability
9860| [102127] Apache CXF Fediz CVE-2017-12631 Multiple Cross Site Request Forgery Vulnerabilities
9861| [102041] Apache Qpid Broker-J CVE-2017-15701 Denial of Service Vulnerability
9862| [102040] Apache Qpid Broker CVE-2017-15702 Security Weakness
9863| [102021] Apache Struts CVE-2017-15707 Denial of Service Vulnerability
9864| [101980] EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability
9865| [101876] Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
9866| [101874] Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
9867| [101872] Apache Karaf CVE-2014-0219 Local Denial of Service Vulnerability
9868| [101868] Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
9869| [101859] Apache CXF CVE-2017-12624 Denial of Service Vulnerability
9870| [101844] Apache Sling Servlets Post CVE-2017-11296 Cross Site Scripting Vulnerability
9871| [101686] Apache Hive CVE-2017-12625 Information Disclosure Vulnerability
9872| [101644] Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
9873| [101631] Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
9874| [101630] Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
9875| [101625] Apache jUDDI CVE-2009-1197 Security Bypass Vulnerability
9876| [101623] Apache jUDDI CVE-2009-1198 Cross Site Scripting Vulnerability
9877| [101620] Apache Subversion 'libsvn_fs_fs/fs_fs.c' Denial of Service Vulnerability
9878| [101585] Apache OpenOffice Multiple Remote Code Execution Vulnerabilities
9879| [101577] Apache Wicket CVE-2016-6806 Cross Site Request Forgery Vulnerability
9880| [101575] Apache Wicket CVE-2014-0043 Information Disclosure Vulnerability
9881| [101570] Apache Geode CVE-2017-9797 Information Disclosure Vulnerability
9882| [101562] Apache Derby CVE-2010-2232 Arbitrary File Overwrite Vulnerability
9883| [101560] Apache Portable Runtime Utility CVE-2017-12613 Multiple Information Disclosure Vulnerabilities
9884| [101558] Apache Portable Runtime Utility Local Out-of-Bounds Read Denial of Service Vulnerability
9885| [101532] Apache James CVE-2017-12628 Arbitrary Command Execution Vulnerability
9886| [101516] Apache HTTP Server CVE-2017-12171 Security Bypass Vulnerability
9887| [101261] Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities
9888| [101230] Apache Roller CVE-2014-0030 XML External Entity Injection Vulnerability
9889| [101173] Apache IMPALA CVE-2017-9792 Information Disclosure Vulnerability
9890| [101052] Apache Commons Jelly CVE-2017-12621 Security Bypass Vulnerability
9891| [101027] Apache Mesos CVE-2017-7687 Denial of Service Vulnerability
9892| [101023] Apache Mesos CVE-2017-9790 Denial of Service Vulnerability
9893| [100954] Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
9894| [100946] Apache Wicket CVE-2014-7808 Cross Site Request Forgery Vulnerability
9895| [100901] Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
9896| [100897] Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
9897| [100880] Apache Directory LDAP API CVE-2015-3250 Unspecified Information Disclosure Vulnerability
9898| [100872] Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
9899| [100870] Apache Solr CVE-2017-9803 Remote Privilege Escalation Vulnerability
9900| [100859] puppetlabs-apache CVE-2017-2299 Information Disclosure Vulnerability
9901| [100829] Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability
9902| [100823] Apache Spark CVE-2017-12612 Deserialization Remote Code Execution Vulnerability
9903| [100612] Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
9904| [100611] Apache Struts CVE-2017-9793 Denial of Service Vulnerability
9905| [100609] Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
9906| [100587] Apache Atlas CVE-2017-3155 Cross Frame Scripting Vulnerability
9907| [100581] Apache Atlas CVE-2017-3154 Information Disclosure Vulnerability
9908| [100578] Apache Atlas CVE-2017-3153 Cross Site Scripting Vulnerability
9909| [100577] Apache Atlas CVE-2017-3152 Cross Site Scripting Vulnerability
9910| [100547] Apache Atlas CVE-2017-3151 HTML Injection Vulnerability
9911| [100536] Apache Atlas CVE-2017-3150 Cross Site Scripting Vulnerability
9912| [100449] Apache Pony Mail CVE-2016-4460 Authentication Bypass Vulnerability
9913| [100447] Apache2Triad Multiple Security Vulnerabilities
9914| [100284] Apache Sling Servlets Post CVE-2017-9802 Cross Site Scripting Vulnerability
9915| [100280] Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
9916| [100259] Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
9917| [100256] Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
9918| [100235] Apache Storm CVE-2017-9799 Remote Code Execution Vulnerability
9919| [100082] Apache Commons Email CVE-2017-9801 SMTP Header Injection Vulnerability
9920| [99873] Apache Sling XSS Protection API CVE-2016-6798 XML External Entity Injection Vulnerability
9921| [99870] Apache Sling API CVE-2016-5394 Cross Site Scripting Vulnerability
9922| [99603] Apache Spark CVE-2017-7678 Cross Site Scripting Vulnerability
9923| [99592] Apache OpenMeetings CVE-2017-7685 Security Bypass Vulnerability
9924| [99587] Apache OpenMeetings CVE-2017-7673 Security Bypass Vulnerability
9925| [99586] Apache OpenMeetings CVE-2017-7688 Security Bypass Vulnerability
9926| [99584] Apache OpenMeetings CVE-2017-7684 Denial of Service Vulnerability
9927| [99577] Apache OpenMeetings CVE-2017-7663 Cross Site Scripting Vulnerability
9928| [99576] Apache OpenMeetings CVE-2017-7664 XML External Entity Injection Vulnerability
9929| [99569] Apache HTTP Server CVE-2017-9788 Memory Corruption Vulnerability
9930| [99568] Apache HTTP Server CVE-2017-9789 Denial of Service Vulnerability
9931| [99563] Apache Struts CVE-2017-7672 Denial of Service Vulnerability
9932| [99562] Apache Struts Spring AOP Functionality Denial of Service Vulnerability
9933| [99509] Apache Impala CVE-2017-5652 Information Disclosure Vulnerability
9934| [99508] Apache IMPALA CVE-2017-5640 Authentication Bypass Vulnerability
9935| [99486] Apache Traffic Control CVE-2017-7670 Denial of Service Vulnerability
9936| [99485] Apache Solr CVE-2017-7660 Security Bypass Vulnerability
9937| [99484] Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability
9938| [99292] Apache Ignite CVE-2017-7686 Information Disclosure Vulnerability
9939| [99170] Apache HTTP Server CVE-2017-7679 Buffer Overflow Vulnerability
9940| [99137] Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
9941| [99135] Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability
9942| [99134] Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability
9943| [99132] Apache HTTP Server CVE-2017-7659 Denial of Service Vulnerability
9944| [99112] Apache Thrift CVE-2015-3254 Denial of Service Vulnerability
9945| [99067] Apache Ranger CVE-2016-8751 HTML Injection Vulnerability
9946| [99018] Apache NiFi CVE-2017-7667 Cross Frame Scripting Vulnerability
9947| [99009] Apache NiFi CVE-2017-7665 Cross Site Scripting Vulnerability
9948| [98961] Apache Ranger CVE-2017-7677 Security Bypass Vulnerability
9949| [98958] Apache Ranger CVE-2017-7676 Security Bypass Vulnerability
9950| [98888] Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
9951| [98814] Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability
9952| [98795] Apache Hadoop CVE-2017-7669 Remote Privilege Escalation Vulnerability
9953| [98739] Apache Knox CVE-2017-5646 User Impersonation Vulnerability
9954| [98669] Apache Hive CVE-2016-3083 Security Bypass Vulnerability
9955| [98646] Apache Atlas CVE-2016-8752 Information Disclosure Vulnerability
9956| [98570] Apache Archiva CVE-2017-5657 Multiple Cross-Site Request Forgery Vulnerabilities
9957| [98489] Apache CXF Fediz CVE-2017-7661 Multiple Cross Site Request Forgery Vulnerabilities
9958| [98485] Apache CXF Fediz CVE-2017-7662 Cross Site Request Forgery Vulnerability
9959| [98466] Apache Ambari CVE-2017-5655 Insecure Temporary File Handling Vulnerability
9960| [98365] Apache Cordova For Android CVE-2016-6799 Information Disclosure Vulnerability
9961| [98025] Apache Hadoop CVE-2017-3161 Cross Site Scripting Vulnerability
9962| [98017] Apache Hadoop CVE-2017-3162 Input Validation Vulnerability
9963| [97971] Apache CXF CVE-2017-5656 Information Disclosure Vulnerability
9964| [97968] Apache CXF CVE-2017-5653 Spoofing Vulnerability
9965| [97967] Apache ActiveMQ CVE-2015-7559 Denial of Service Vulnerability
9966| [97949] Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
9967| [97948] Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
9968| [97947] Apache FOP CVE-2017-5661 XML External Entity Information Disclosure Vulnerability
9969| [97945] Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
9970| [97702] Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
9971| [97582] Apache CXF CVE-2016-6812 Cross Site Scripting Vulnerability
9972| [97579] Apache CXF JAX-RS CVE-2016-8739 XML External Entity Injection Vulnerability
9973| [97544] Apache Tomcat CVE-2017-5651 Information Disclosure Vulnerability
9974| [97531] Apache Tomcat CVE-2017-5650 Denial of Service Vulnerability
9975| [97530] Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
9976| [97509] Apache Ignite CVE-2016-6805 Information Disclosure and XML External Entity Injection Vulnerabilities
9977| [97383] Apache Flex BlazeDS CVE-2017-5641 Remote Code Execution Vulnerability
9978| [97378] Apache Geode CVE-2017-5649 Information Disclosure Vulnerability
9979| [97229] Apache Ambari CVE-2016-4976 Local Information Disclosure Vulnerability
9980| [97226] Apache Camel CVE-2017-5643 Server Side Request Forgery Security Bypass Vulnerability
9981| [97184] Apache Ambari CVE-2016-6807 Remote Command Execution Vulnerability
9982| [97179] Apache Camel CVE-2016-8749 Java Deserialization Multiple Remote Code Execution Vulnerabilities
9983| [96983] Apache POI CVE-2017-5644 Denial Of Service Vulnerability
9984| [96895] Apache Tomcat CVE-2016-8747 Information Disclosure Vulnerability
9985| [96731] Apache NiFi CVE-2017-5636 Remote Code Injection Vulnerability
9986| [96730] Apache NiFi CVE-2017-5635 Security Bypass Vulnerability
9987| [96729] Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
9988| [96540] IBM Development Package for Apache Spark CVE-2016-4970 Denial of Service Vulnerability
9989| [96398] Apache CXF CVE-2017-3156 Information Disclosure Vulnerability
9990| [96321] Apache Camel CVE-2017-3159 Remote Code Execution Vulnerability
9991| [96293] Apache Tomcat 'http11/AbstractInputBuffer.java' Denial of Service Vulnerability
9992| [96228] Apache Brooklyn Cross Site Request Forgery and Multiple Cross Site Scripting Vulnerabilities
9993| [95998] Apache Ranger CVE-2016-8746 Security Bypass Vulnerability
9994| [95929] Apache Groovy CVE-2016-6497 Information Disclosure Vulnerability
9995| [95838] Apache Cordova For Android CVE-2017-3160 Man in the Middle Security Bypass Vulnerability
9996| [95675] Apache Struts Remote Code Execution Vulnerability
9997| [95621] Apache NiFi CVE-2106-8748 Cross Site Scripting Vulnerability
9998| [95429] Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
9999| [95335] Apache Hadoop CVE-2016-3086 Information Disclosure Vulnerability
10000| [95168] Apache Wicket CVE-2016-6793 Denial of Service Vulnerability
10001| [95136] Apache Qpid Broker for Java CVE-2016-8741 Remote Information Disclosure Vulnerability
10002| [95078] Apache HTTP Server CVE-2016-0736 Remote Security Vulnerability
10003| [95077] Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability
10004| [95076] Apache HTTP Server CVE-2016-2161 Denial of Service Vulnerability
10005| [95020] Apache Tika CVE-2015-3271 Remote Information Disclosure Vulnerability
10006| [94950] Apache Hadoop CVE-2016-5001 Local Information Disclosure Vulnerability
10007| [94882] Apache ActiveMQ CVE-2016-6810 HTML Injection Vulnerability
10008| [94828] Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
10009| [94766] Apache CouchDB CVE-2016-8742 Local Privilege Escalation Vulnerability
10010| [94657] Apache Struts CVE-2016-8738 Denial of Service Vulnerability
10011| [94650] Apache HTTP Server CVE-2016-8740 Denial of Service Vulnerability
10012| [94588] Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
10013| [94513] Apache Karaf CVE-2016-8648 Remote Code Execution Vulnerability
10014| [94463] Apache Tomcat CVE-2016-8735 Remote Code Execution Vulnerability
10015| [94462] Apache Tomcat CVE-2016-6817 Denial of Service Vulnerability
10016| [94461] Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability
10017| [94418] Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability
10018| [94247] Apache Tika CVE-2016-6809 Remote Code Execution Vulnerability
10019| [94221] Apache Ranger CVE-2016-6815 Local Privilege Escalation Vulnerability
10020| [94145] Apache OpenMeetings CVE-2016-8736 Remote Code Execution Vulnerability
10021| [93945] Apache CloudStack CVE-2016-6813 Authorization Bypass Vulnerability
10022| [93944] Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
10023| [93943] Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
10024| [93942] Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
10025| [93940] Apache Tomcat CVE-2016-6797 Security Bypass Vulnerability
10026| [93939] Apache Tomcat CVE-2016-0762 Information Disclosure Vulnerability
10027| [93774] Apache OpenOffice CVE-2016-6804 DLL Loading Remote Code Execution Vulnerability
10028| [93773] Apache Struts CVE-2016-6795 Directory Traversal Vulnerability
10029| [93478] Apache Tomcat CVE-2016-6325 Local Privilege Escalation Vulnerability
10030| [93472] Apache Tomcat CVE-2016-5425 Insecure File Permissions Vulnerability
10031| [93429] Apache Tomcat JK Connector CVE-2016-6808 Remote Buffer Overflow Vulnerability
10032| [93263] Apache Tomcat CVE-2016-1240 Local Privilege Escalation Vulnerability
10033| [93236] Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
10034| [93142] Apache ActiveMQ Artemis CVE-2016-4978 Remote Code Execution Vulnerability
10035| [93132] Apache Derby CVE-2015-1832 XML External Entity Information Disclosure Vulnerability
10036| [93044] Apache Zookeeper CVE-2016-5017 Buffer Overflow Vulnerability
10037| [92966] Apache Jackrabbit CVE-2016-6801 Cross-Site Request Forgery Vulnerability
10038| [92947] Apache Shiro CVE-2016-6802 Remote Security Bypass Vulnerability
10039| [92905] Apache CXF Fediz CVE-2016-4464 Security Bypass Vulnerability
10040| [92577] Apache Ranger CVE-2016-5395 HTML Injection Vulnerability
10041| [92331] Apache HTTP Server CVE-2016-1546 Remote Denial of Service Vulnerability
10042| [92328] Apache Hive CVE-2016-0760 Multiple Remote Code Execution Vulnerabilities
10043| [92320] Apache APR-util and httpd CVE-2016-6312 Denial of Service Vulnerability
10044| [92100] Apache POI CVE-2016-5000 XML External Entity Injection Vulnerability
10045| [92079] Apache OpenOffice CVE-2016-1513 Remote Code Execution Vulnerability
10046| [91818] Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
10047| [91816] Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
10048| [91788] Apache Qpid Proton CVE-2016-4467 Certificate Verification Security Bypass Vulnerability
10049| [91738] Apache XML-RPC CVE-2016-5003 Remote Code Execution Vulnerability
10050| [91736] Apache XML-RPC Multiple Security Vulnerabilities
10051| [91707] Apache Archiva CVE-2016-5005 HTML Injection Vulnerability
10052| [91703] Apache Archiva CVE-2016-4469 Multiple Cross-Site Request Forgery Vulnerabilities
10053| [91566] Apache HTTP Server CVE-2016-4979 Authentication Bypass Vulnerability
10054| [91537] Apache QPID CVE-2016-4974 Deserialization Security Bypass Vulnerability
10055| [91501] Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
10056| [91453] Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
10057| [91284] Apache Struts CVE-2016-4431 Security Bypass Vulnerability
10058| [91282] Apache Struts CVE-2016-4433 Security Bypass Vulnerability
10059| [91281] Apache Struts CVE-2016-4430 Cross-Site Request Forgery Vulnerability
10060| [91280] Apache Struts CVE-2016-4436 Security Bypass Vulnerability
10061| [91278] Apache Struts CVE-2016-4465 Denial of Service Vulnerability
10062| [91277] Apache Struts Incomplete Fix Remote Code Execution Vulnerability
10063| [91275] Apache Struts CVE-2016-4438 Remote Code Execution Vulnerability
10064| [91217] Apache Continuum 'saveInstallation.action' Command Execution Vulnerability
10065| [91141] Apache CloudStack CVE-2016-3085 Authentication Bypass Vulnerability
10066| [91068] Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
10067| [91067] Apache Struts CVE-2016-1182 Security Bypass Vulnerability
10068| [91024] Apache Shiro CVE-2016-4437 Information Disclosure Vulnerability
10069| [90988] Apache Ranger CVE-2016-2174 SQL Injection Vulnerability
10070| [90961] Apache Struts CVE-2016-3093 Denial of Service Vulnerability
10071| [90960] Apache Struts CVE-2016-3087 Remote Code Execution Vulnerability
10072| [90921] Apache Qpid CVE-2016-4432 Authentication Bypass Vulnerability
10073| [90920] Apache Qpid CVE-2016-3094 Denial of Service Vulnerability
10074| [90902] Apache PDFBox CVE-2016-2175 XML External Entity Injection Vulnerability
10075| [90897] Apache Tika CVE-2016-4434 XML External Entity Injection Vulnerability
10076| [90827] Apache ActiveMQ CVE-2016-3088 Multiple Arbitrary File Upload Vulnerabilities
10077| [90755] Apache Ambari CVE-2016-0707 Multiple Local Information Disclosure Vulnerabilities
10078| [90482] Apache CVE-2004-1387 Local Security Vulnerability
10079| [89762] Apache CVE-2001-1556 Remote Security Vulnerability
10080| [89417] Apache Subversion CVE-2016-2167 Authentication Bypass Vulnerability
10081| [89326] RETIRED: Apache Subversion CVE-2016-2167 Security Bypass Vulnerability
10082| [89320] Apache Subversion CVE-2016-2168 Remote Denial of Service Vulnerability
10083| [88826] Apache Struts CVE-2016-3082 Remote Code Execution Vulnerability
10084| [88797] Apache Cordova For iOS CVE-2015-5208 Arbitrary Code Execution Vulnerability
10085| [88764] Apache Cordova iOS CVE-2015-5207 Multiple Security Bypass Vulnerabilities
10086| [88701] Apache CVE-2001-1449 Remote Security Vulnerability
10087| [88635] Apache CVE-2000-1204 Remote Security Vulnerability
10088| [88590] Apache WWW server CVE-1999-1199 Denial-Of-Service Vulnerability
10089| [88496] Apache CVE-2000-1206 Remote Security Vulnerability
10090| [87828] Apache CVE-1999-1237 Remote Security Vulnerability
10091| [87784] Apache CVE-1999-1293 Denial-Of-Service Vulnerability
10092| [87327] Apache Struts CVE-2016-3081 Remote Code Execution Vulnerability
10093| [86622] Apache Stats CVE-2007-0975 Remote Security Vulnerability
10094| [86399] Apache CVE-2007-1743 Local Security Vulnerability
10095| [86397] Apache CVE-2007-1742 Local Security Vulnerability
10096| [86311] Apache Struts CVE-2016-4003 Cross Site Scripting Vulnerability
10097| [86174] Apache Wicket CVE-2015-5347 Cross Site Scripting Vulnerability
10098| [85971] Apache OFBiz CVE-2016-2170 Java Deserialization Remote Code Execution Vulnerability
10099| [85967] Apache OFBiz CVE-2015-3268 HTML Injection Vulnerability
10100| [85759] Apache Jetspeed CVE-2016-2171 Unauthorized Access Vulnerability
10101| [85758] Apache Jetspeed CVE-2016-0712 Cross Site Scripting Vulnerability
10102| [85756] Apache Jetspeed CVE-2016-0710 Multiple SQL Injection Vulnerabilities
10103| [85755] Apache Jetspeed CVE-2016-0711 Mulitple HTML Injection Vulnerabilities
10104| [85754] Apache Jetspeed CVE-2016-0709 Directory Traversal Vulnerability
10105| [85730] Apache Subversion CVE-2015-5343 Integer Overflow Vulnerability
10106| [85691] Apache Ranger CVE-2016-0735 Security Bypass Vulnerability
10107| [85578] Apache ActiveMQ CVE-2010-1244 Cross-Site Request Forgery Vulnerability
10108| [85554] Apache OpenMeetings CVE-2016-2164 Multiple Information Disclosure Vulnerabilities
10109| [85553] Apache OpenMeetings CVE-2016-0783 Information Disclosure Vulnerability
10110| [85552] Apache OpenMeetings CVE-2016-2163 HTML Injection Vulnerability
10111| [85550] Apache OpenMeetings CVE-2016-0784 Directory Traversal Vulnerability
10112| [85386] Apache Hadoop CVE-2015-7430 Local Privilege Escalation Vulnerability
10113| [85377] Apache Qpid Proton Python API CVE-2016-2166 Man in the Middle Security Bypass Vulnerability
10114| [85205] Apache Solr CVE-2015-8796 Cross Site Scripting Vulnerability
10115| [85203] Apache Solr CVE-2015-8795 Mulitple HTML Injection Vulnerabilities
10116| [85163] Apache Geronimo CVE-2008-0732 Local Security Vulnerability
10117| [85131] Apache Struts 'TextParseUtil.translateVariables()' Method Remote Code Execution Vulnerability
10118| [85070] Apache Struts CVE-2016-2162 Cross Site Scripting Vulnerability
10119| [85066] Apache Struts CVE-2016-0785 Remote Code Execution Vulnerability
10120| [84422] Apache TomEE CVE-2016-0779 Unspecified Security Vulnerability
10121| [84321] Apache ActiveMQ CVE-2016-0734 Clickjacking Vulnerability
10122| [84316] Apache ActiveMQ CVE-2016-0782 Multiple Cross Site Scripting Vulnerabilities
10123| [83910] Apache Wicket CVE-2015-7520 Cross Site Scripting Vulnerability
10124| [83423] Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
10125| [83330] Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
10126| [83329] Apache Tomcat CVE-2015-5174 Directory Traversal Vulnerability
10127| [83328] Apache Tomcat CVE-2015-5345 Directory Traversal Vulnerability
10128| [83327] Apache Tomcat Security Manager CVE-2016-0714 Remote Code Execution Vulnerability
10129| [83326] Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
10130| [83324] Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability
10131| [83323] Apache Tomcat CVE-2015-5346 Session Fixation Vulnerability
10132| [83259] Apache Hadoop CVE-2015-1776 Information Disclosure Vulnerability
10133| [83243] Apache Solr CVE-2015-8797 Cross Site Scripting Vulnerability
10134| [83119] Apache Sling CVE-2016-0956 Information Disclosure Vulnerability
10135| [83002] Apache CVE-2000-1205 Cross-Site Scripting Vulnerability
10136| [82871] Apache Ranger Authentication Bypass and Security Bypass Vulnerabilities
10137| [82800] Apache CloudStack CVE-2015-3251 Information Disclosure Vulnerability
10138| [82798] Apache CloudStack CVE-2015-3252 Authentication Bypass Vulnerability
10139| [82732] Apache Gallery CVE-2003-0771 Local Security Vulnerability
10140| [82676] Apache CVE-2003-1581 Cross-Site Scripting Vulnerability
10141| [82550] Apache Struts CVE-2015-5209 Security Bypass Vulnerability
10142| [82300] Apache Subversion CVE-2015-5259 Integer Overflow Vulnerability
10143| [82260] Apache Camel CVE-2015-5344 Remote Code Execution Vulnerability
10144| [82234] Apache Hive CVE-2015-7521 Security Bypass Vulnerability
10145| [82082] Apache CVE-1999-0289 Remote Security Vulnerability
10146| [81821] Apache Distribution for Solaris CVE-2007-2080 SQL-Injection Vulnerability
10147| [80696] Apache Camel CVE-2015-5348 Information Disclosure Vulnerability
10148| [80525] Apache CVE-2003-1580 Remote Security Vulnerability
10149| [80354] Drupal Apache Solr Search Module Access Bypass Vulnerability
10150| [80193] Apache CVE-1999-0107 Denial-Of-Service Vulnerability
10151| [79812] Apache Directory Studio CVE-2015-5349 Command Injection Vulnerability
10152| [79744] Apache HBase CVE-2015-1836 Unauthorized Access Vulnerability
10153| [79204] Apache TomEE 'EjbObjectInputStream' Remote Code Execution Vulnerability
10154| [77679] Apache Cordova For Android CVE-2015-8320 Weak Randomization Security Bypass Vulnerability
10155| [77677] Apache Cordova For Android CVE-2015-5256 Security Bypass Vulnerability
10156| [77591] Apache CXF SAML SSO Processing CVE-2015-5253 Security Bypass Vulnerability
10157| [77521] Apache Commons Collections 'InvokerTransformer.java' Remote Code Execution Vulnerability
10158| [77110] Apache HttpComponents HttpClient CVE-2015-5262 Denial of Service Vulnerability
10159| [77086] Apache Ambari CVE-2015-1775 Server Side Request Forgery Security Bypass Vulnerability
10160| [77085] Apache Ambari CVE-2015-3270 Remote Privilege Escalation Vulnerability
10161| [77082] Apache Ambari 'targetURI' Parameter Open Redirection Vulnerability
10162| [77059] Apache Ambari CVE-2015-3186 Cross Site Scripting Vulnerability
10163| [76933] Apache James Server Unspecified Command Execution Vulnerability
10164| [76832] Apache cordova-plugin-file-transfer CVE-2015-5204 HTTP Header Injection Vulnerability
10165| [76625] Apache Struts CVE-2015-5169 Cross Site Scripting Vulnerability
10166| [76624] Apache Struts CVE-2015-2992 Cross Site Scripting Vulnerability
10167| [76522] Apache Tapestry CVE-2014-1972 Security Bypass Vulnerability
10168| [76486] Apache CXF Fediz CVE-2015-5175 Denial of Service Vulnerability
10169| [76452] Apache ActiveMQ CVE-2015-1830 Directory Traversal Vulnerability
10170| [76446] Apache Subversion 'libsvn_fs_fs/tree.c' Denial of Service Vulnerability
10171| [76274] Apache Subversion CVE-2015-3184 Information Disclosure Vulnerability
10172| [76273] Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
10173| [76272] Apache ActiveMQ CVE-2014-3576 Denial of Service Vulnerability
10174| [76221] Apache Ranger CVE-2015-0266 Access Bypass Vulnerability
10175| [76208] Apache Ranger CVE-2015-0265 JavaScript Code Injection Vulnerability
10176| [76025] Apache ActiveMQ Artemis CVE-2015-3208 XML External Entity Information Disclosure Vulnerability
10177| [75965] Apache HTTP Server CVE-2015-3185 Security Bypass Vulnerability
10178| [75964] Apache HTTP Server CVE-2015-0253 Remote Denial of Service Vulnerability
10179| [75963] Apache HTTP Server CVE-2015-3183 Security Vulnerability
10180| [75940] Apache Struts CVE-2015-1831 Security Bypass Vulnerability
10181| [75919] Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
10182| [75338] Apache Storm CVE-2015-3188 Remote Code Execution Vulnerability
10183| [75275] Drupal Apache Solr Real-Time Module Access Bypass Vulnerability
10184| [74866] Apache Cordova For Android CVE-2015-1835 Security Bypass Vulnerability
10185| [74839] Apache Sling API and Sling Servlets CVE-2015-2944 Cross Site Scripting Vulnerability
10186| [74761] Apache Jackrabbit CVE-2015-1833 XML External Entity Information Disclosure Vulnerability
10187| [74686] Apache Ambari '/var/lib/ambari-server/ambari-env.sh' Local Privilege Escalation Vulnerability
10188| [74665] Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
10189| [74475] Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
10190| [74423] Apache Struts CVE-2015-0899 Security Bypass Vulnerability
10191| [74338] Apache OpenOffice HWP Filter Memory Corruption Vulnerability
10192| [74265] Apache Tomcat 'mod_jk' CVE-2014-8111 Information Disclosure Vulnerability
10193| [74260] Apache Subversion CVE-2015-0248 Multiple Denial of Service Vulnerabilities
10194| [74259] Apache Subversion 'deadprops.c' Security Bypass Vulnerability
10195| [74204] PHP 'sapi/apache2handler/sapi_apache2.c' Remote Code Execution Vulnerability
10196| [74158] Apache HTTP Server 'protocol.c' Remote Denial of Service Vulnerability
10197| [73954] Apache Flex 'asdoc/templates/index.html' Cross Site Scripting Vulnerability
10198| [73851] Apache2 CVE-2012-0216 Cross-Site Scripting Vulnerability
10199| [73478] Apache Cassandra CVE-2015-0225 Remote Code Execution Vulnerability
10200| [73041] Apache HTTP Server 'mod_lua' Module Denial of Service Vulnerability
10201| [73040] Apache HTTP Server 'mod_lua.c' Local Access Bypass Vulnerability
10202| [72809] Apache Standard Taglibs CVE-2015-0254 XML External Entity Injection Vulnerability
10203| [72717] Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
10204| [72557] Apache WSS4J CVE-2015-0227 Security Bypass Vulnerability
10205| [72553] Apache WSS4J CVE-2015-0226 Information Disclosure Vulnerability
10206| [72513] Apache ActiveMQ CVE-2014-3612 LDAP Authentication Bypass Vulnerability
10207| [72511] Apache ActiveMQ CVE-2014-8110 Multiple Cross Site Scripting Vulnerabilities
10208| [72510] Apache ActiveMQ CVE-2014-3600 XML External Entity Injection Vulnerability
10209| [72508] Apache ActiveMQ Apollo CVE-2014-3579 XML External Entity Injection Vulnerability
10210| [72319] Apache Qpid CVE-2015-0223 Security Bypass Vulnerability
10211| [72317] Apache Qpid CVE-2015-0224 Incomplete Fix Multiple Denial of Service Vulnerabilities
10212| [72115] Apache Santuario 'XML Signature Verification' Security Bypass Vulnerability
10213| [72053] Apache HTTP Server 'mod_remoteip.c' IP Address Spoofing Vulnerability
10214| [72030] Apache Qpid CVE-2015-0203 Multiple Denial of Service Vulnerabilities
10215| [71879] Apache Traffic Server 'HttpTransact.cc' Denial of Service Vulnerability
10216| [71726] Apache Subversion CVE-2014-3580 Remote Denial of Service Vulnerability
10217| [71725] Apache Subversion CVE-2014-8108 Remote Denial of Service Vulnerability
10218| [71657] Apache HTTP Server 'mod_proxy_fcgi' Module Denial of Service Vulnerability
10219| [71656] Apache HTTP Server 'mod_cache' Module Denial of Service Vulnerability
10220| [71548] Apache Struts CVE-2014-7809 Security Bypass Vulnerability
10221| [71466] Apache Hadoop CVE-2014-3627 Information Disclosure Vulnerability
10222| [71353] Apache HTTP Server 'LuaAuthzProvider' Authorization Bypass Vulnerability
10223| [71004] Apache Qpid CVE-2014-3629 XML External Entity Injection Vulnerability
10224| [70970] Apache Traffic Server Cross Site Scripting Vulnerability
10225| [70738] Apache CXF CVE-2014-3584 Denial of Service Vulnerability
10226| [70736] Apache CXF SAML SubjectConfirmation Security Bypass Vulnerability
10227| [69728] Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
10228| [69648] Apache POI CVE-2014-3574 Denial Of Service Vulnerability
10229| [69647] Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
10230| [69351] Apache OpenOffice Calc CVE-2014-3524 Command Injection Vulnerability
10231| [69295] Apache Axis Incomplete Fix CVE-2014-3596 SSL Certificate Validation Security Bypass Vulnerability
10232| [69286] Apache OFBiz CVE-2014-0232 Multiple Cross Site Scripting Vulnerabilities
10233| [69258] Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
10234| [69257] Apache HttpComponents Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
10235| [69248] Apache HTTP Server CVE-2013-4352 Remote Denial of Service Vulnerability
10236| [69237] Apache Subversion CVE-2014-3522 SSL Certificate Validation Information Disclosure Vulnerability
10237| [69173] Apache Traffic Server CVE-2014-3525 Unspecified Security Vulnerability
10238| [69046] Apache Cordova For Android CVE-2014-3502 Information Disclosure Vulnerability
10239| [69041] Apache Cordova For Android CVE-2014-3501 Security Bypass Vulnerability
10240| [69038] Apache Cordova For Android CVE-2014-3500 Security Bypass Vulnerability
10241| [68995] Apache Subversion CVE-2014-3528 Insecure Authentication Weakness
10242| [68966] Apache Subversion 'irkerbridge.py' Local Privilege Escalation Vulnerability
10243| [68965] Apache Subversion 'svnwcsub.py' Local Privilege Escalation Vulnerability
10244| [68863] Apache HTTP Server 'mod_cache' Module Remote Denial of Service Vulnerability
10245| [68747] Apache HTTP Server CVE-2014-3523 Remote Denial of Service Vulnerability
10246| [68745] Apache HTTP Server CVE-2014-0118 Remote Denial of Service Vulnerability
10247| [68742] Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
10248| [68740] Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
10249| [68678] Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
10250| [68445] Apache CXF UsernameToken Information Disclosure Vulnerability
10251| [68441] Apache CXF SAML Tokens Validation Security Bypass Vulnerability
10252| [68431] Apache Syncope CVE-2014-3503 Insecure Password Generation Weakness
10253| [68229] Apache Harmony PRNG Entropy Weakness
10254| [68111] Apache 'mod_wsgi' Module Privilege Escalation Vulnerability
10255| [68072] Apache Tomcat CVE-2014-0186 Remote Denial of Service Vulnerability
10256| [68039] Apache Hive CVE-2014-0228 Security Bypass Vulnerability
10257| [67673] Apache Tomcat CVE-2014-0095 AJP Request Remote Denial Of Service Vulnerability
10258| [67671] Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
10259| [67669] Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
10260| [67668] Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
10261| [67667] Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
10262| [67534] Apache 'mod_wsgi' Module CVE-2014-0242 Information Disclosure Vulnerability
10263| [67532] Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
10264| [67530] Apache Solr Search Template Cross Site Scripting Vulnerability
10265| [67236] Apache CXF CVE-2014-0109 Remote Denial of Service Vulnerability
10266| [67232] Apache CXF CVE-2014-0110 Denial of Service Vulnerability
10267| [67121] Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
10268| [67081] Apache Struts 'getClass()' Method Security Bypass Vulnerability
10269| [67064] Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
10270| [67013] Apache Zookeeper CVE-2014-0085 Local Information Disclosure Vulnerability
10271| [66998] Apache Archiva CVE-2013-2187 Unspecified Cross Site Scripting Vulnerability
10272| [66991] Apache Archiva CVE-2013-2187 HTML Injection Vulnerability
10273| [66927] Apache Syncope CVE-2014-0111 Remote Code Execution Vulnerability
10274| [66474] Apache CouchDB Universally Unique IDentifier (UUID) Remote Denial of Service Vulnerability
10275| [66397] Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
10276| [66303] Apache HTTP Server Multiple Denial of Service Vulnerabilities
10277| [66041] RETIRED: Apache Struts CVE-2014-0094 Classloader Manipulation Security Bypass Vulnerability
10278| [65999] Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
10279| [65967] Apache Cordova File-Transfer Unspecified Security Vulnerability
10280| [65959] Apache Cordova InAppBrowser Remote Privilege Escalation Vulnerability
10281| [65935] Apache Shiro 'login.jsp' Authentication Bypass Vulnerability
10282| [65902] Apache Camel CVE-2014-0003 Remote Code Execution Vulnerability
10283| [65901] Apache Camel CVE-2014-0002 XML External Entity Information Disclosure Vulnerability
10284| [65773] Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
10285| [65769] Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
10286| [65768] Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
10287| [65767] Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
10288| [65615] Apache ActiveMQ 'refresh' Parameter Cross Site Scripting Vulnerability
10289| [65434] Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
10290| [65431] Apache Wicket CVE-2013-2055 Information Disclosure Vulnerability
10291| [65400] Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
10292| [64782] Apache CloudStack Virtual Router Component Security Bypass Vulnerability
10293| [64780] Apache CloudStack Unauthorized Access Vulnerability
10294| [64617] Apache Libcloud Digital Ocean API Local Information Disclosure Vulnerability
10295| [64437] Apache Santuario XML Security For JAVA XML Signature Denial of Service Vulnerability
10296| [64427] Apache Solr Multiple XML External Entity Injection Vulnerabilities
10297| [64009] Apache Solr CVE-2013-6408 XML External Entity Injection Vulnerability
10298| [64008] Apache Solr CVE-2013-6407 XML External Entity Injection Vulnerability
10299| [63981] Apache Subversion 'mod_dav_svn' Module Denial of Service Vulnerability
10300| [63966] Apache Subversion CVE-2013-4505 Security Bypass Vulnerability
10301| [63963] Apache Roller CVE-2013-4171 Cross Site Scripting Vulnerability
10302| [63935] Apache Solr 'SolrResourceLoader' Directory Traversal Vulnerability
10303| [63928] Apache Roller CVE-2013-4212 OGNL Expression Injection Remote Code Execution Vulnerability
10304| [63515] Apache Tomcat Manager Component CVE-2013-6357 Cross Site Request Forgery Vulnerability
10305| [63403] Apache Struts Multiple Cross Site Scripting Vulnerabilities
10306| [63400] Apache 'mod_pagespeed' Module Unspecified Cross Site Scripting Vulnerability
10307| [63260] Apache Shindig CVE-2013-4295 XML External Entity Information Disclosure Vulnerability
10308| [63241] Apache Sling 'AbstractAuthenticationFormServlet' Open Redirection Vulnerability
10309| [63174] Apache Commons FileUpload 'DiskFileItem' Class Null Byte Arbitrary File Write Vulnerability
10310| [62939] Apache 'mod_fcgid' Module CVE-2013-4365 Heap Buffer Overflow Vulnerability
10311| [62903] Apache Sling 'deepGetOrCreateNode()' Function Denial Of Service Vulnerability
10312| [62706] Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
10313| [62677] Apache 'mod_accounting' Module CVE-2013-5697 SQL Injection Vulnerability
10314| [62674] TYPO3 Apache Solr Unspecified Cross Site Scripting and PHP Code Execution Vulnerabilities
10315| [62587] Apache Struts CVE-2013-4316 Remote Code Execution Vulnerability
10316| [62584] Apache Struts CVE-2013-4310 Security Bypass Vulnerability
10317| [62266] Apache Subversion CVE-2013-4277 Insecure Temporary File Creation Vulnerability
10318| [61984] Apache Hadoop RPC Authentication CVE-2013-2192 Man in the Middle Security Bypass Vulnerability
10319| [61981] Apache HBase RPC Authentication Man In The Middle Security Bypass Vulnerability
10320| [61638] Apache CloudStack CVE-2013-2136 Multiple Cross Site Scripting Vulnerabilities
10321| [61454] Apache Subversion CVE-2013-4131 Denial Of Service Vulnerability
10322| [61379] Apache HTTP Server CVE-2013-2249 Unspecified Remote Security Vulnerability
10323| [61370] Apache OFBiz CVE-2013-2317 'View Log' Cross Site Scripting Vulnerability
10324| [61369] Apache OFBiz Nested Expression Remote Code Execution Vulnerability
10325| [61196] Apache Struts CVE-2013-2248 Multiple Open Redirection Vulnerabilities
10326| [61189] Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
10327| [61129] Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
10328| [61030] Apache CXF CVE-2013-2160 Multiple Remote Denial of Service Vulnerabilities
10329| [60875] Apache Geronimo RMI Classloader Security Bypass Vulnerability
10330| [60846] Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
10331| [60817] Apache Santuario XML Security for C++ CVE-2013-2210 Heap Buffer Overflow Vulnerability
10332| [60800] Apache Qpid Python Client SSL Certificate Verification Information Disclosure Vulnerability
10333| [60599] Apache Santuario XML Security for C++ CVE-2013-2156 Remote Heap Buffer Overflow Vulnerability
10334| [60595] Apache Santuario XML Security for C++ XML Signature CVE-2013-2155 Denial of Service Vulnerability
10335| [60594] Apache Santuario XML Security for C++ CVE-2013-2154 Stack Buffer Overflow Vulnerability
10336| [60592] Apache Santuario XML Security for C++ XML Signature CVE-2013-2153 Security Bypass Vulnerability
10337| [60534] Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
10338| [60346] Apache Struts CVE-2013-2134 OGNL Expression Injection Vulnerability
10339| [60345] Apache Struts CVE-2013-2135 OGNL Expression Injection Vulnerability
10340| [60267] Apache Subversion CVE-2013-1968 Remote Denial of Service Vulnerability
10341| [60265] Apache Subversion CVE-2013-2088 Command Injection Vulnerability
10342| [60264] Apache Subversion CVE-2013-2112 Remote Denial of Service Vulnerability
10343| [60187] Apache Tomcat DIGEST Authentication CVE-2013-2051 Incomplete Fix Security Weakness
10344| [60186] Apache Tomcat CVE-2013-1976 Insecure Temporary File Handling Vulnerability
10345| [60167] Apache Struts 'includeParams' CVE-2013-2115 Incomplete Fix Security Bypass Vulnerability
10346| [60166] Apache Struts 'includeParams' CVE-2013-1966 Security Bypass Vulnerability
10347| [60082] Apache Struts 'ParameterInterceptor' Class OGNL CVE-2013-1965 Security Bypass Vulnerability
10348| [59826] Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
10349| [59799] Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
10350| [59798] Apache Tomcat CVE-2013-2071 Information Disclosure Vulnerability
10351| [59797] Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
10352| [59670] Apache VCL Multiple Input Validation Vulnerabilities
10353| [59464] Apache CloudStack CVE-2013-2758 Hash Information Disclosure Vulnerability
10354| [59463] Apache CloudStack CVE-2013-2756 Authentication Bypass Vulnerability
10355| [59402] Apache ActiveMQ CVE-2013-3060 Information Disclosure and Denial of Service Vulnerability
10356| [59401] Apache ActiveMQ CVE-2012-6551 Denial of Service Vulnerability
10357| [59400] Apache ActiveMQ CVE-2012-6092 Multiple Cross Site Scripting Vulnerabilities
10358| [58898] Apache Subversion CVE-2013-1884 Remote Denial of Service Vulnerability
10359| [58897] Apache Subversion 'mod_dav_svn/lock.c' Remote Denial of Service Vulnerability
10360| [58895] Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability
10361| [58455] Apache Rave User RPC API CVE-2013-1814 Information Disclosure Vulnerability
10362| [58379] Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
10363| [58378] Apache Qpid CVE-2012-4460 Denial of Service Vulnerability
10364| [58376] Apache Qpid CVE-2012-4458 Denial of Service Vulnerability
10365| [58337] Apache Qpid CVE-2012-4459 Denial of Service Vulnerability
10366| [58326] Apache Commons FileUpload CVE-2013-0248 Insecure Temporary File Creation Vulnerability
10367| [58325] Debian Apache HTTP Server CVE-2013-1048 Symlink Attack Local Privilege Escalation Vulnerability
10368| [58323] Apache Subversion 'svn_fs_file_length()' Remote Denial of Service Vulnerability
10369| [58165] Apache HTTP Server Multiple Cross Site Scripting Vulnerabilities
10370| [58136] Apache Maven CVE-2013-0253 SSL Certificate Validation Security Bypass Vulnerability
10371| [58124] Apache Tomcat 'log/logdir' Directory Insecure File Permissions Vulnerability
10372| [58073] Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
10373| [57876] Apache CXF WS-SecurityPolicy Authentication Bypass Vulnerability
10374| [57874] Apache CXF CVE-2012-5633 Security Bypass Vulnerability
10375| [57463] Apache OFBiz CVE-2013-0177 Multiple Cross Site Scripting Vulnerabilities
10376| [57425] Apache CXF CVE-2012-5786 SSL Certificate Validation Security Bypass Vulnerability
10377| [57321] Apache CouchDB CVE-2012-5650 Cross Site Scripting Vulnerability
10378| [57314] Apache CouchDB CVE-2012-5649 Remote Code Execution Vulnerability
10379| [57267] Apache Axis2/C SSL Certificate Validation Security Bypass Vulnerability
10380| [57259] Apache CloudStack CVE-2012-5616 Local Information Disclosure Vulnerability
10381| [56814] Apache Tomcat CVE-2012-4431 Cross-Site Request Forgery Vulnerability
10382| [56813] Apache Tomcat CVE-2012-4534 Denial of Service Vulnerability
10383| [56812] Apache Tomcat CVE-2012-3546 Security Bypass Vulnerability
10384| [56753] Apache Apache HTTP Server 'mod_proxy_ajp Module Denial Of Service Vulnerability
10385| [56686] Apache Tomcat CVE-2012-5568 Denial of Service Vulnerability
10386| [56408] Apache Axis and Axis2/Java SSL Certificate Validation Security Bypass Vulnerability
10387| [56403] Apache Tomcat DIGEST Authentication Multiple Security Weaknesses
10388| [56402] Apache Tomcat CVE-2012-2733 Denial of Service Vulnerability
10389| [56171] Apache OFBiz CVE-2012-3506 Unspecified Security Vulnerability
10390| [55876] Apache CloudStack CVE-2012-4501 Security Bypass Vulnerability
10391| [55628] Apache CXF SOAP Action Spoofing Security Bypass Vulnerability
10392| [55608] Apache Qpid (qpidd) Denial of Service Vulnerability
10393| [55536] Apache 'mod_pagespeed' Module Cross Site Scripting and Security Bypass Vulnerabilities
10394| [55508] Apache Axis2 XML Signature Wrapping Security Vulnerability
10395| [55445] Apache Wicket CVE-2012-3373 Cross Site Scripting Vulnerability
10396| [55346] Apache Struts Cross Site Request Forgery and Denial of Service Vulnerabilities
10397| [55290] Drupal Apache Solr Autocomplete Module Cross Site Scripting Vulnerability
10398| [55165] Apache Struts2 Skill Name Remote Code Execution Vulnerability
10399| [55154] Apache 'mod-rpaf' Module Denial of Service Vulnerability
10400| [55131] Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
10401| [54954] Apache QPID NullAuthenticator Authentication Bypass Vulnerability
10402| [54798] Apache Libcloud Man In The Middle Vulnerability
10403| [54358] Apache Hadoop CVE-2012-3376 Information Disclosure Vulnerability
10404| [54341] Apache Sling CVE-2012-2138 Denial Of Service Vulnerability
10405| [54268] Apache Hadoop Symlink Attack Local Privilege Escalation Vulnerability
10406| [54189] Apache Roller Cross Site Request Forgery Vulnerability
10407| [54187] Apache Roller CVE-2012-2381 Cross Site Scripting Vulnerability
10408| [53880] Apache CXF Child Policies Security Bypass Vulnerability
10409| [53877] Apache CXF Elements Validation Security Bypass Vulnerability
10410| [53676] Apache Commons Compress and Apache Ant CVE-2012-2098 Denial Of Service Vulnerability
10411| [53487] Apache POI CVE-2012-0213 Denial Of Service Vulnerability
10412| [53455] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability
10413| [53305] Apache Qpid CVE-2011-3620 Unauthorized Access Security Bypass Vulnerability
10414| [53046] Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
10415| [53025] Apache OFBiz Unspecified Remote Code Execution Vulnerability
10416| [53023] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
10417| [52939] Apache Hadoop CVE-2012-1574 Unspecified User Impersonation Vulnerability
10418| [52702] Apache Struts2 'XSLTResult.java' Remote Arbitrary File Upload Vulnerability
10419| [52696] Apache Traffic Server HTTP Host Header Handling Heap Based Buffer Overflow Vulnerability
10420| [52680] Apache Wicket 'pageMapName' Parameter Cross Site Scripting Vulnerability
10421| [52679] Apache Wicket Hidden Files Information Disclosure Vulnerability
10422| [52565] Apache 'mod_fcgid' Module Denial Of Service Vulnerability
10423| [52146] TYPO3 Apache Solr Extension Unspecified Cross Site Scripting Vulnerability
10424| [51939] Apache MyFaces 'ln' Parameter Information Disclosure Vulnerability
10425| [51917] Apache APR Hash Collision Denial Of Service Vulnerability
10426| [51902] Apache Struts Multiple HTML Injection Vulnerabilities
10427| [51900] Apache Struts CVE-2012-1007 Multiple Cross Site Scripting Vulnerabilities
10428| [51886] Apache CXF UsernameToken Policy Validation Security Bypass Vulnerability
10429| [51869] Apache HTTP Server CVE-2011-3639 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
10430| [51706] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
10431| [51705] Apache HTTP Server CVE-2012-0021 mod_log_config Denial Of Service Vulnerability
10432| [51628] Apache Struts 'ParameterInterceptor' Class OGNL (CVE-2011-3923) Security Bypass Vulnerability
10433| [51447] Apache Tomcat Parameter Handling Denial of Service Vulnerability
10434| [51442] Apache Tomcat Request Object Security Bypass Vulnerability
10435| [51407] Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
10436| [51257] Apache Struts Remote Command Execution and Arbitrary File Overwrite Vulnerabilities
10437| [51238] Apache Geronimo Hash Collision Denial Of Service Vulnerability
10438| [51200] Apache Tomcat Hash Collision Denial Of Service Vulnerability
10439| [50940] Apache Struts Session Tampering Security Bypass Vulnerability
10440| [50912] RETIRED: Apache MyFaces CVE-2011-4343 Information Disclosure Vulnerability
10441| [50904] Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
10442| [50848] Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability
10443| [50802] Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
10444| [50639] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
10445| [50603] Apache Tomcat Manager Application Security Bypass Vulnerability
10446| [50494] Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
10447| [49957] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
10448| [49762] Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses
10449| [49728] Apache Struts Conversion Error OGNL Expression Evaluation Vulnerability
10450| [49616] Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability
10451| [49470] Apache Tomcat CVE-2007-6286 Duplicate Request Processing Security Vulnerability
10452| [49353] Apache Tomcat AJP Protocol Security Bypass Vulnerability
10453| [49303] Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
10454| [49290] Apache Wicket Cross Site Scripting Vulnerability
10455| [49147] Apache Tomcat CVE-2011-2481 Information Disclosure Vulnerability
10456| [49143] Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
10457| [48667] Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
10458| [48653] Apache 'mod_authnz_external' Module SQL Injection Vulnerability
10459| [48611] Apache XML Security for C++ Signature Key Parsing Denial of Service Vulnerability
10460| [48456] Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
10461| [48015] Apache Archiva Multiple Cross Site Request Forgery Vulnerabilities
10462| [48011] Apache Archiva Multiple Cross Site Scripting and HTML Injection Vulnerabilities
10463| [47929] Apache APR 'apr_fnmatch.c' Denial of Service Vulnerability
10464| [47890] Apache Struts 'javatemplates' Plugin Multiple Cross Site Scripting Vulnerabilities
10465| [47886] Apache Tomcat SecurityConstraints Security Bypass Vulnerability
10466| [47820] Apache APR 'apr_fnmatch()' Denial of Service Vulnerability
10467| [47784] Apache Struts XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability
10468| [47199] Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
10469| [47196] Apache Tomcat Login Constraints Security Bypass Vulnerability
10470| [46974] Apache HttpComponents 'HttpClient' Information Disclosure Vulnerability
10471| [46953] Apache MPM-ITK Module Security Weakness
10472| [46734] Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
10473| [46685] Apache Tomcat '@ServletSecurity' Annotations Security Bypass Vulnerability
10474| [46311] Apache Continuum and Archiva Cross Site Scripting Vulnerability
10475| [46177] Apache Tomcat SecurityManager Security Bypass Vulnerability
10476| [46174] Apache Tomcat HTML Manager Interface HTML Injection Vulnerability
10477| [46166] Apache Tomcat JVM Denial of Service Vulnerability
10478| [46164] Apache Tomcat NIO Connector Denial of Service Vulnerability
10479| [46066] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
10480| [45655] Apache Subversion Server Component Multiple Remote Denial Of Service Vulnerabilities
10481| [45123] Awstats Apache Tomcat Configuration File Remote Arbitrary Command Execution Vulnerability
10482| [45095] Apache Archiva Cross Site Request Forgery Vulnerability
10483| [45015] Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
10484| [44900] Apache 'mod_fcgid' Module Unspecified Stack Buffer Overflow Vulnerability
10485| [44616] Apache Shiro Directory Traversal Vulnerability
10486| [44355] Apache MyFaces Encrypted View State Oracle Padding Security Vulnerability
10487| [44068] Apache::AuthenHook Local Information Disclosure Vulnerability
10488| [43862] Apache QPID SSL Connection Denial of Service Vulnerability
10489| [43673] Apache APR-util 'apr_brigade_split_line()' Denial of Service Vulnerability
10490| [43637] Apache XML-RPC SAX Parser Information Disclosure Vulnerability
10491| [43111] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
10492| [42637] Apache Derby 'BUILTIN' Authentication Insecure Password Hashing Vulnerability
10493| [42501] Apache CouchDB Cross Site Request Forgery Vulnerability
10494| [42492] Apache CXF XML DTD Processing Security Vulnerability
10495| [42121] Apache SLMS Insufficient Quoting Cross Site Request Forgery Vulnerability
10496| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
10497| [41963] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
10498| [41544] Apache Tomcat 'Transfer-Encoding' Information Disclosure and Denial Of Service Vulnerabilities
10499| [41076] Apache Axis2 '/axis2/axis2-admin' Session Fixation Vulnerability
10500| [40976] Apache Axis2 Document Type Declaration Processing Security Vulnerability
10501| [40827] Apache 'mod_proxy_http' Timeout Handling Information Disclosure Vulnerability
10502| [40343] Apache Axis2 'xsd' Parameter Directory Traversal Vulnerability
10503| [40327] Apache Axis2 'engagingglobally' Cross-Site Scripting Vulnerability
10504| [39771] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
10505| [39636] Apache ActiveMQ Source Code Information Disclosure Vulnerability
10506| [39635] Apache Tomcat Authentication Header Realm Name Information Disclosure Vulnerability
10507| [39538] Apache mod_auth_shadow Race Condition Security Bypass Vulnerability
10508| [39489] Apache OFBiz Multiple Cross Site Scripting and HTML Injection Vulnerabilities
10509| [39119] Apache ActiveMQ 'createDestination.action' HTML Injection Vulnerability
10510| [38580] Apache Subrequest Handling Information Disclosure Vulnerability
10511| [38494] Apache 'mod_isapi' Memory Corruption Vulnerability
10512| [38491] Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
10513| [37966] Apache 1.3 mod_proxy HTTP Chunked Encoding Integer Overflow Vulnerability
10514| [37945] Apache Tomcat Host Working Directory WAR File Directory Traversal Vulnerability
10515| [37944] Apache Tomcat WAR File Directory Traversal Vulnerability
10516| [37942] Apache Tomcat Directory Host Appbase Authentication Bypass Vulnerability
10517| [37149] Apache Tomcat 404 Error Page Cross Site Scripting Vulnerability
10518| [37027] RETIRED: Apache APR 'apr_uri_parse_hostinfo' Off By One Remote Code Execution Vulnerability
10519| [36990] Apache HTTP TRACE Cross Site Scripting Vulnerability
10520| [36954] Apache Tomcat Windows Installer Insecure Password Vulnerability
10521| [36889] TYPO3 Apache Solr Search Extension Unspecified Cross Site Scripting Vulnerability
10522| [36596] Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability
10523| [36260] Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
10524| [36254] Apache mod_proxy_ftp Remote Command Injection Vulnerability
10525| [35949] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
10526| [35840] Apache HTTP Server HTTP-Basic Authentication Bypass Vulnerability
10527| [35623] Apache 'mod_deflate' Remote Denial Of Service Vulnerability
10528| [35565] Apache 'mod_proxy' Remote Denial Of Service Vulnerability
10529| [35416] Apache Tomcat XML Parser Information Disclosure Vulnerability
10530| [35263] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
10531| [35253] Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
10532| [35251] Apache APR-util 'apr_brigade_vprintf' Off By One Vulnerability
10533| [35221] Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
10534| [35196] Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
10535| [35193] Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
10536| [35115] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
10537| [34686] Apache Struts Multiple Cross Site Scripting Vulnerabilities
10538| [34663] Apache 'mod_proxy_ajp' Information Disclosure Vulnerability
10539| [34657] Apache Tiles Cross Site Scripting And Information Disclosure Vulnerabilities
10540| [34562] Apache Geronimo Application Server Multiple Remote Vulnerabilities
10541| [34552] Apache ActiveMQ Web Console Multiple Unspecified HTML Injection Vulnerabilities
10542| [34412] Apache Tomcat mod_jk Content Length Information Disclosure Vulnerability
10543| [34399] Apache Struts Unspecified Cross Site Scripting Vulnerability
10544| [34383] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
10545| [33913] Apache Tomcat POST Data Information Disclosure Vulnerability
10546| [33360] Apache Jackrabbit 'q' Parameter Multiple Cross Site Scripting Vulnerabilities
10547| [33110] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
10548| [32657] Novell NetWare ApacheAdmin Security Bypass Vulnerability
10549| [31805] Apache HTTP Server OS Fingerprinting Unspecified Security Vulnerability
10550| [31761] Oracle WebLogic Server Apache Connector Stack Based Buffer Overflow Vulnerability
10551| [31698] Apache Tomcat 'RemoteFilterValve' Security Bypass Vulnerability
10552| [31165] Kolab Groupware Server Apache Log File User Password Information Disclosure Vulnerability
10553| [30560] Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
10554| [30496] Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting Vulnerability
10555| [30494] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
10556| [29653] Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
10557| [29502] Apache Tomcat Host Manager Cross Site Scripting Vulnerability
10558| [28576] Apache-SSL Environment Variable Information Disclosure and Privilege Escalation Vulnerability
10559| [28484] Apache Tomcat Requests Containing MS-DOS Device Names Information Disclosure Vulnerability
10560| [28483] Apache Tomcat 'allowLinking' Accepts NULL Byte in URI Information Disclosure Vulnerability
10561| [28482] Apache Tomcat SSL Anonymous Cipher Configuration Information Disclosure Vulnerability
10562| [28481] Apache Tomcat Cross-Site Scripting Vulnerability
10563| [28477] Apache Tomcat AJP Connector Information Disclosure Vulnerability
10564| [27752] Apache mod_jk2 Host Header Multiple Stack Based Buffer Overflow Vulnerabilities
10565| [27706] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
10566| [27703] Apache Tomcat Parameter Processing Remote Information Disclosure Vulnerability
10567| [27409] Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
10568| [27365] Apache Tomcat SingleSignOn Remote Information Disclosure Vulnerability
10569| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
10570| [27236] Apache 'mod_proxy_balancer' Multiple Vulnerabilities
10571| [27234] Apache 'mod_proxy_ftp' Undefined Charset UTF-7 Cross-Site Scripting Vulnerability
10572| [27006] Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
10573| [26939] Apache HTTP Server Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
10574| [26838] Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
10575| [26762] Apache::AuthCAS Cookie SQL Injection Vulnerability
10576| [26663] Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
10577| [26287] Apache Geronimo SQLLoginModule Authentication Bypass Vulnerability
10578| [26070] Apache Tomcat WebDav Remote Information Disclosure Vulnerability
10579| [25804] Apache Geronimo Management EJB Security Bypass Vulnerability
10580| [25653] Apache Mod_AutoIndex.C Undefined Charset Cross-Site Scripting Vulnerability
10581| [25531] Apache Tomcat Cal2.JSP Cross-Site Scripting Vulnerability
10582| [25489] Apache HTTP Server Mod_Proxy Denial of Service Vulnerability
10583| [25316] Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities
10584| [25314] Apache Tomcat Host Manager Servlet Cross Site Scripting Vulnerability
10585| [25174] Apache Tomcat Error Message Reporting Cross Site Scripting Vulnerability
10586| [24999] Apache Tomcat SendMailServlet Cross-Site Scripting Vulnerability
10587| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
10588| [24649] Apache HTTP Server Mod_Cache Denial of Service Vulnerability
10589| [24645] Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
10590| [24553] Apache Mod_Mem_Cache Information Disclosure Vulnerability
10591| [24524] Apache Tomcat Accept-Language Cross Site Scripting Vulnerability
10592| [24480] Apache MyFaces Tomahawk JSF Framework Autoscroll Parameter Cross Site Scripting Vulnerability
10593| [24476] Apache Tomcat JSP Example Web Applications Cross Site Scripting Vulnerability
10594| [24475] Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability
10595| [24215] Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
10596| [24147] Apache Tomcat JK Connector Double Encoding Security Bypass Vulnerability
10597| [24058] Apache Tomcat Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
10598| [23687] Apache AXIS Non-Existent WSDL Path Information Disclosure Vulnerability
10599| [23438] Apache HTTPD suEXEC Local Multiple Privilege Escalation Weaknesses
10600| [22960] Apache HTTP Server Tomcat Directory Traversal Vulnerability
10601| [22849] Apache mod_python Output Filter Mode Information Disclosure Vulnerability
10602| [22791] Apache Tomcat Mod_JK.SO Arbitrary Code Execution Vulnerability
10603| [22732] Debian Apache Root Shell Local Privilege Escalation Vulnerabilities
10604| [22388] Apache Stats Extract Function Multiple Input Validation Vulnerabilities
10605| [21865] Apache And Microsoft IIS Range Denial of Service Vulnerability
10606| [21214] Apache Mod_Auth_Kerb Off-By-One Denial of Service Vulnerability
10607| [20527] Apache Mod_TCL Remote Format String Vulnerability
10608| [19661] Apache HTTP Server Arbitrary HTTP Request Headers Security Weakness
10609| [19447] Apache CGI Script Source Code Information Disclosure Vulnerability
10610| [19204] Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability
10611| [19106] Apache Tomcat Information Disclosure Vulnerability
10612| [18138] Apache James SMTP Denial Of Service Vulnerability
10613| [17342] Apache Struts Multiple Remote Vulnerabilities
10614| [17095] Apache Log4Net Denial Of Service Vulnerability
10615| [16916] Apache mod_python FileSession Code Execution Vulnerability
10616| [16710] Apache Libapreq2 Quadratic Behavior Denial of Service Vulnerability
10617| [16260] Apache Geronimo Multiple Input Validation Vulnerabilities
10618| [16153] Apache mod_auth_pgsql Multiple Format String Vulnerabilities
10619| [16152] Apache Mod_SSL Custom Error Document Remote Denial Of Service Vulnerability
10620| [15834] Apache 'mod_imap' Referer Cross-Site Scripting Vulnerability
10621| [15765] Apache James Spooler Memory Leak Denial Of Service Vulnerability
10622| [15762] Apache MPM Worker.C Denial Of Service Vulnerability
10623| [15512] Apache Struts Error Response Cross-Site Scripting Vulnerability
10624| [15413] PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
10625| [15325] Apache Tomcat Simultaneous Directory Listing Denial Of Service Vulnerability
10626| [15224] Apache Mod_Auth_Shadow Authentication Bypass Vulnerability
10627| [15177] PHP Apache 2 Local Denial of Service Vulnerability
10628| [14982] ApacheTop Insecure Temporary File Creation Vulnerability
10629| [14721] Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
10630| [14660] Apache CGI Byterange Request Denial of Service Vulnerability
10631| [14366] Apache mod_ssl CRL Handling Off-By-One Buffer Overflow Vulnerability
10632| [14106] Apache HTTP Request Smuggling Vulnerability
10633| [13778] Apache HTPasswd Password Command Line Argument Buffer Overflow Vulnerability
10634| [13777] Apache HTPasswd User Command Line Argument Buffer Overflow Vulnerability
10635| [13756] Apache Tomcat Java Security Manager Bypass Vulnerability
10636| [13537] Apache HTDigest Realm Command Line Argument Buffer Overflow Vulnerability
10637| [12877] Apache mod_ssl ssl_io_filter_cleanup Remote Denial Of Service Vulnerability
10638| [12795] Apache Tomcat Remote Malformed Request Denial Of Service Vulnerability
10639| [12619] Apache Software Foundation Batik Squiggle Browser Access Validation Vulnerability
10640| [12519] Apache mod_python Module Publisher Handler Information Disclosure Vulnerability
10641| [12308] Apache Utilities Insecure Temporary File Creation Vulnerability
10642| [12217] Apache mod_auth_radius Malformed RADIUS Server Reply Integer Overflow Vulnerability
10643| [12181] Mod_DOSEvasive Apache Module Local Insecure Temporary File Creation Vulnerability
10644| [11803] Apache Jakarta Results.JSP Remote Cross-Site Scripting Vulnerability
10645| [11471] Apache mod_include Local Buffer Overflow Vulnerability
10646| [11360] Apache mod_ssl SSLCipherSuite Restriction Bypass Vulnerability
10647| [11239] Apache Satisfy Directive Access Control Bypass Vulnerability
10648| [11187] Apache Web Server Remote IPv6 Buffer Overflow Vulnerability
10649| [11185] Apache Mod_DAV LOCK Denial Of Service Vulnerability
10650| [11182] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
10651| [11154] Apache mod_ssl Remote Denial of Service Vulnerability
10652| [11094] Apache mod_ssl Denial Of Service Vulnerability
10653| [10789] Apache mod_userdir Module Information Disclosure Vulnerability
10654| [10736] Apache 'mod_ssl' Log Function Format String Vulnerability
10655| [10619] Apache ap_escape_html Memory Allocation Denial Of Service Vulnerability
10656| [10508] Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability
10657| [10478] ClueCentral Apache Suexec Patch Security Weakness
10658| [10355] Apache 'mod_ssl' 'ssl_util_uuencode_binary()' Stack Buffer Overflow Vulnerability
10659| [10212] Apache mod_auth Malformed Password Potential Memory Corruption Vulnerability
10660| [9933] Apache mod_disk_cache Module Client Authentication Credential Storage Weakness
10661| [9930] Apache Error and Access Logs Escape Sequence Injection Vulnerability
10662| [9921] Apache Connection Blocking Denial Of Service Vulnerability
10663| [9885] Apache Mod_Security Module SecFilterScanPost Off-By-One Buffer Overflow Vulnerability
10664| [9874] Apache HTAccess LIMIT Directive Bypass Configuration Error Weakness
10665| [9829] Apache Mod_Access Access Control Rule Bypass Vulnerability
10666| [9826] Apache Mod_SSL HTTP Request Remote Denial Of Service Vulnerability
10667| [9733] Apache Cygwin Directory Traversal Vulnerability
10668| [9599] Apache mod_php Global Variables Information Disclosure Weakness
10669| [9590] Apache-SSL Client Certificate Forging Vulnerability
10670| [9571] Apache mod_digest Client-Supplied Nonce Verification Vulnerability
10671| [9471] Apache mod_perl Module File Descriptor Leakage Vulnerability
10672| [9404] Mod-Auth-Shadow Apache Module Expired User Credential Weakness
10673| [9302] Apache mod_php Module File Descriptor Leakage Vulnerability
10674| [9129] Apache mod_python Module Malformed Query Denial of Service Vulnerability
10675| [8926] Apache Web Server mod_cgid Module CGI Data Redirection Vulnerability
10676| [8919] Apache Mod_Security Module Heap Corruption Vulnerability
10677| [8911] Apache Web Server Multiple Module Local Buffer Overflow Vulnerability
10678| [8898] Red Hat Apache Directory Index Default Configuration Error
10679| [8883] Apache Cocoon Directory Traversal Vulnerability
10680| [8824] Apache Tomcat Non-HTTP Request Denial Of Service Vulnerability
10681| [8822] Apache Mod_Throttle Module Local Shared Memory Corruption Vulnerability
10682| [8725] Apache2 MOD_CGI STDERR Denial Of Service Vulnerability
10683| [8707] Apache htpasswd Password Entropy Weakness
10684| [8561] Apache::Gallery Insecure Local File Storage Privilege Escalation Vulnerability
10685| [8287] Mod_Mylo Apache Module REQSTR Buffer Overflow Vulnerability
10686| [8226] Apache HTTP Server Multiple Vulnerabilities
10687| [8138] Apache Web Server Type-Map Recursive Loop Denial Of Service Vulnerability
10688| [8137] Apache Web Server Prefork MPM Denial Of Service Vulnerability
10689| [8136] Macromedia Apache Web Server Encoded Space Source Disclosure Vulnerability
10690| [8135] Apache Web Server FTP Proxy IPV6 Denial Of Service Vulnerability
10691| [8134] Apache Web Server SSLCipherSuite Weak CipherSuite Renegotiation Weakness
10692| [7768] Apache Tomcat Insecure Directory Permissions Vulnerability
10693| [7725] Apache Basic Authentication Module Valid User Login Denial Of Service Vulnerability
10694| [7723] Apache APR_PSPrintf Memory Corruption Vulnerability
10695| [7448] Apache Mod_Auth_Any Remote Command Execution Vulnerability
10696| [7375] Apache Mod_Access_Referer NULL Pointer Dereference Denial of Service Vulnerability
10697| [7332] Apache Web Server OS2 Filestat Denial Of Service Vulnerability
10698| [7255] Apache Web Server File Descriptor Leakage Vulnerability
10699| [7254] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
10700| [6943] Apache Web Server MIME Boundary Information Disclosure Vulnerability
10701| [6939] Apache Web Server ETag Header Information Disclosure Weakness
10702| [6722] Apache Tomcat Web.XML File Contents Disclosure Vulnerability
10703| [6721] Apache Tomcat Null Byte Directory/File Disclosure Vulnerability
10704| [6720] Apache Tomcat Example Web Application Cross Site Scripting Vulnerability
10705| [6662] Apache Web Server MS-DOS Device Name Denial Of Service Vulnerability
10706| [6661] Apache Web Server Default Script Mapping Bypass Vulnerability
10707| [6660] Apache Web Server Illegal Character HTTP Request File Disclosure Vulnerability
10708| [6659] Apache Web Server MS-DOS Device Name Arbitrary Code Execution Vulnerability
10709| [6562] Apache Tomcat Invoker Servlet File Disclosure Vulnerability
10710| [6320] Apache/Tomcat Mod_JK Chunked Encoding Denial Of Service Vulnerability
10711| [6117] Apache mod_php File Descriptor Leakage Vulnerability
10712| [6065] Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability
10713| [5996] Apache AB.C Web Benchmarking Buffer Overflow Vulnerability
10714| [5995] Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability
10715| [5993] Multiple Apache HTDigest Buffer Overflow Vulnerabilities
10716| [5992] Apache HTDigest Insecure Temporary File Vulnerability
10717| [5991] Apache HTDigest Arbitrary Command Execution Vulnerability
10718| [5990] Apache HTPasswd Insecure Temporary File Vulnerability
10719| [5981] Multiple Apache HTDigest and HTPassWD Component Vulnerabilites
10720| [5884] Apache Web Server Scoreboard Memory Segment Overwriting SIGUSR1 Sending Vulnerability
10721| [5847] Apache Server Side Include Cross Site Scripting Vulnerability
10722| [5838] Apache Tomcat 3.2 Directory Disclosure Vulnerability
10723| [5816] Apache 2 mod_dav Denial Of Service Vulnerability
10724| [5791] HP VirtualVault Apache mod_ssl Denial Of Service Vulnerability
10725| [5787] Apache Oversized STDERR Buffer Denial Of Service Vulnerability
10726| [5786] Apache Tomcat DefaultServlet File Disclosure Vulnerability
10727| [5542] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
10728| [5486] Apache 2.0 CGI Path Disclosure Vulnerability
10729| [5485] Apache 2.0 Path Disclosure Vulnerability
10730| [5434] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
10731| [5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability
10732| [5194] Apache Tomcat DOS Device Name Cross Site Scripting Vulnerability
10733| [5193] Apache Tomcat Servlet Mapping Cross Site Scripting Vulnerability
10734| [5067] Apache Tomcat Null Character Malformed Request Denial Of Service Vulnerability
10735| [5054] Apache Tomcat Web Root Path Disclosure Vulnerability
10736| [5033] Apache Chunked-Encoding Memory Corruption Vulnerability
10737| [4995] Apache Tomcat JSP Engine Denial of Service Vulnerability
10738| [4878] Apache Tomcat RealPath.JSP Malformed Request Information Disclosure Vulnerability
10739| [4877] Apache Tomcat Example Files Web Root Path Disclosure Vulnerability
10740| [4876] Apache Tomcat Source.JSP Malformed Request Information Disclosure Vulnerability
10741| [4575] Apache Tomcat Servlet Path Disclosure Vulnerability
10742| [4557] Apache Tomcat System Path Information Disclosure Vulnerability
10743| [4437] Apache Error Message Cross-Site Scripting Vulnerability
10744| [4431] Apache PrintEnv/Test_CGI Script Injection Vulnerability
10745| [4358] Apache Double-Reverse Lookup Log Entry Spoofing Vulnerability
10746| [4335] Apache Win32 Batch File Remote Command Execution Vulnerability
10747| [4292] Oracle 9iAS Apache PL/SQL Module Web Administration Access Vulnerability
10748| [4189] Apache mod_ssl/Apache-SSL Buffer Overflow Vulnerability
10749| [4057] Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability
10750| [4056] Apache 2 for Windows php.exe Path Disclosure Vulnerability
10751| [4037] Oracle 9iAS Apache PL/SQL Module Denial of Service Vulnerability
10752| [4032] Oracle 9iAS Apache PL/SQL Module Multiple Buffer Overflows Vulnerability
10753| [3796] Apache HTTP Request Unexpected Behavior Vulnerability
10754| [3790] Apache Non-Existent Log Directory Denial Of Service Vulnerability
10755| [3786] Apache Win32 PHP.EXE Remote File Disclosure Vulnerability
10756| [3727] Oracle 9I Application Server PL/SQL Apache Module Directory Traversal Vulnerability
10757| [3726] Oracle 9I Application Server PL/SQL Apache Module Buffer Overflow Vulnerability
10758| [3596] Apache Split-Logfile File Append Vulnerability
10759| [3521] Apache mod_usertrack Predictable ID Generation Vulnerability
10760| [3335] Red Hat Linux Apache Remote Username Enumeration Vulnerability
10761| [3316] MacOS X Client Apache Directory Contents Disclosure Vulnerability
10762| [3256] Apache mod_auth_oracle Remote SQL Query Manipulation Vulnerability
10763| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
10764| [3254] Apache AuthPG Remote SQL Query Manipulation Vulnerability
10765| [3253] Apache mod_auth_pgsql_sys Remote SQL Query Manipulation Vulnerability
10766| [3251] Apache mod_auth_pgsql Remote SQL Query Manipulation Vulnerability
10767| [3176] Apache Mod ReWrite Rules Bypassing Image Linking Vulnerability
10768| [3169] Apache Server Address Disclosure Vulnerability
10769| [3009] Apache Possible Directory Index Disclosure Vulnerability
10770| [2982] Apache Tomcat Cross-Site Scripting Vulnerability
10771| [2852] MacOS X Client Apache File Protection Bypass Vulnerability
10772| [2740] Apache Web Server HTTP Request Denial of Service Vulnerability
10773| [2518] Apache Tomcat 3.0 Directory Traversal Vulnerability
10774| [2503] Apache Artificially Long Slash Path Directory Listing Vulnerability
10775| [2300] NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability
10776| [2216] Apache Web Server DoS Vulnerability
10777| [2182] Apache /tmp File Race Vulnerability
10778| [2171] Oracle Apache+WebDB Documented Backdoor Vulnerability
10779| [2060] Apache Web Server with Php 3 File Disclosure Vulnerability
10780| [1821] Apache mod_cookies Buffer Overflow Vulnerability
10781| [1728] Apache Rewrite Module Arbitrary File Disclosure Vulnerability
10782| [1658] SuSE Apache CGI Source Code Viewing Vulnerability
10783| [1656] SuSE Apache WebDAV Directory Listings Vulnerability
10784| [1575] Trustix Apache-SSL RPM Permissions Vulnerability
10785| [1548] Apache Jakarta-Tomcat /admin Context Vulnerability
10786| [1532] Apache Tomcat Snoop Servlet Information Disclosure Vulnerability
10787| [1531] Apache Tomcat 3.1 Path Revealing Vulnerability
10788| [1457] Apache::ASP source.asp Example Script Vulnerability
10789| [1284] Apache HTTP Server (win32) Root Directory Access Vulnerability
10790| [1083] Cobalt Raq Apache .htaccess Disclosure Vulnerability
10791|
10792| IBM X-Force - https://exchange.xforce.ibmcloud.com:
10793| [86258] Apache CloudStack text fields cross-site scripting
10794| [85983] Apache Subversion mod_dav_svn module denial of service
10795| [85875] Apache OFBiz UEL code execution
10796| [85874] Apache OFBiz Webtools View Log screen cross-site scripting
10797| [85871] Apache HTTP Server mod_session_dbd unspecified
10798| [85756] Apache Struts OGNL expression command execution
10799| [85755] Apache Struts DefaultActionMapper class open redirect
10800| [85586] Apache ActiveMQ CVE-2013-1879 cross-site scripting
10801| [85574] Apache HTTP Server mod_dav denial of service
10802| [85573] Apache Struts Showcase App OGNL code execution
10803| [85496] Apache CXF denial of service
10804| [85423] Apache Geronimo RMI classloader code execution
10805| [85326] Apache Santuario XML Security for C++ buffer overflow
10806| [85323] Apache Santuario XML Security for Java spoofing
10807| [85319] Apache Qpid Python client SSL spoofing
10808| [85019] Apache Santuario XML Security for C++ CVE-2013-2156 buffer overflow
10809| [85018] Apache Santuario XML Security for C++ CVE-2013-2155 denial of service
10810| [85017] Apache Santuario XML Security for C++ CVE-2013-2154 buffer overflow
10811| [85016] Apache Santuario XML Security for C++ CVE-2013-2153 spoofing
10812| [84952] Apache Tomcat CVE-2012-3544 denial of service
10813| [84763] Apache Struts CVE-2013-2135 security bypass
10814| [84762] Apache Struts CVE-2013-2134 security bypass
10815| [84719] Apache Subversion CVE-2013-2088 command execution
10816| [84718] Apache Subversion CVE-2013-2112 denial of service
10817| [84717] Apache Subversion CVE-2013-1968 denial of service
10818| [84577] Apache Tomcat security bypass
10819| [84576] Apache Tomcat symlink
10820| [84543] Apache Struts CVE-2013-2115 security bypass
10821| [84542] Apache Struts CVE-2013-1966 security bypass
10822| [84154] Apache Tomcat session hijacking
10823| [84144] Apache Tomcat denial of service
10824| [84143] Apache Tomcat information disclosure
10825| [84111] Apache HTTP Server command execution
10826| [84043] Apache Virtual Computing Lab cross-site scripting
10827| [84042] Apache Virtual Computing Lab cross-site scripting
10828| [83782] Apache CloudStack information disclosure
10829| [83781] Apache CloudStack security bypass
10830| [83720] Apache ActiveMQ cross-site scripting
10831| [83719] Apache ActiveMQ denial of service
10832| [83718] Apache ActiveMQ denial of service
10833| [83263] Apache Subversion denial of service
10834| [83262] Apache Subversion denial of service
10835| [83261] Apache Subversion denial of service
10836| [83259] Apache Subversion denial of service
10837| [83035] Apache mod_ruid2 security bypass
10838| [82852] Apache Qpid federation_tag security bypass
10839| [82851] Apache Qpid qpid::framing::Buffer denial of service
10840| [82758] Apache Rave User RPC API information disclosure
10841| [82663] Apache Subversion svn_fs_file_length() denial of service
10842| [82642] Apache Qpid qpid::framing::Buffer::checkAvailable() denial of service
10843| [82641] Apache Qpid AMQP denial of service
10844| [82626] Apache HTTP Server on Debian GNU/Linux Debian apache2ctl symlink
10845| [82618] Apache Commons FileUpload symlink
10846| [82360] Apache HTTP Server manager interface cross-site scripting
10847| [82359] Apache HTTP Server hostnames cross-site scripting
10848| [82338] Apache Tomcat log/logdir information disclosure
10849| [82328] Apache Maven and Apache Maven Wagon SSL spoofing
10850| [82268] Apache OpenJPA deserialization command execution
10851| [81981] Apache CXF UsernameTokens security bypass
10852| [81980] Apache CXF WS-Security security bypass
10853| [81398] Apache OFBiz cross-site scripting
10854| [81240] Apache CouchDB directory traversal
10855| [81226] Apache CouchDB JSONP code execution
10856| [81225] Apache CouchDB Futon user interface cross-site scripting
10857| [81211] Apache Axis2/C SSL spoofing
10858| [81167] Apache CloudStack DeployVM information disclosure
10859| [81166] Apache CloudStack AddHost API information disclosure
10860| [81165] Apache CloudStack createSSHKeyPair API information disclosure
10861| [80518] Apache Tomcat cross-site request forgery security bypass
10862| [80517] Apache Tomcat FormAuthenticator security bypass
10863| [80516] Apache Tomcat NIO denial of service
10864| [80408] Apache Tomcat replay-countermeasure security bypass
10865| [80407] Apache Tomcat HTTP Digest Access Authentication security bypass
10866| [80317] Apache Tomcat slowloris denial of service
10867| [79984] Apache Commons HttpClient SSL spoofing
10868| [79983] Apache CXF SSL spoofing
10869| [79830] Apache Axis2/Java SSL spoofing
10870| [79829] Apache Axis SSL spoofing
10871| [79809] Apache Tomcat DIGEST security bypass
10872| [79806] Apache Tomcat parseHeaders() denial of service
10873| [79540] Apache OFBiz unspecified
10874| [79487] Apache Axis2 SAML security bypass
10875| [79212] Apache Cloudstack code execution
10876| [78734] Apache CXF SOAP Action security bypass
10877| [78730] Apache Qpid broker denial of service
10878| [78617] Eucalyptus Apache Santuario (XML Security for Java) denial of service
10879| [78563] Apache mod_pagespeed module unspecified cross-site scripting
10880| [78562] Apache mod_pagespeed module security bypass
10881| [78454] Apache Axis2 security bypass
10882| [78452] Websense Web Security and Web Filter Apache Tomcat information disclosure
10883| [78451] Websense Web Security and Web Filter Apache Tomcat cross-site scripting
10884| [78321] Apache Wicket unspecified cross-site scripting
10885| [78183] Apache Struts parameters denial of service
10886| [78182] Apache Struts cross-site request forgery
10887| [78153] Apache Solr Autocomplete module for Drupal autocomplete results cross-site scripting
10888| [77987] mod_rpaf module for Apache denial of service
10889| [77958] Apache Struts skill name code execution
10890| [77914] Apache HTTP Server mod_negotiation module cross-site scripting
10891| [77913] Apache HTTP Server mod_proxy_ajp information disclosure
10892| [77568] Apache Qpid broker security bypass
10893| [77421] Apache Libcloud spoofing
10894| [77059] Oracle Solaris Cluster Apache Tomcat Agent unspecified
10895| [77046] Oracle Solaris Apache HTTP Server information disclosure
10896| [76837] Apache Hadoop information disclosure
10897| [76802] Apache Sling CopyFrom denial of service
10898| [76692] Apache Hadoop symlink
10899| [76535] Apache Roller console cross-site request forgery
10900| [76534] Apache Roller weblog cross-site scripting
10901| [76152] Apache CXF elements security bypass
10902| [76151] Apache CXF child policies security bypass
10903| [75983] MapServer for Windows Apache file include
10904| [75857] Apache Commons Compress and Apache Ant bzip2 denial of service
10905| [75558] Apache POI denial of service
10906| [75545] PHP apache_request_headers() buffer overflow
10907| [75302] Apache Qpid SASL security bypass
10908| [75211] Debian GNU/Linux apache 2 cross-site scripting
10909| [74901] Apache HTTP Server LD_LIBRARY_PATH privilege escalation
10910| [74871] Apache OFBiz FlexibleStringExpander code execution
10911| [74870] Apache OFBiz multiple cross-site scripting
10912| [74750] Apache Hadoop unspecified spoofing
10913| [74319] Apache Struts XSLTResult.java file upload
10914| [74313] Apache Traffic Server header buffer overflow
10915| [74276] Apache Wicket directory traversal
10916| [74273] Apache Wicket unspecified cross-site scripting
10917| [74181] Apache HTTP Server mod_fcgid module denial of service
10918| [73690] Apache Struts OGNL code execution
10919| [73432] Apache Solr extension for TYPO3 unspecified cross-site scripting
10920| [73100] Apache MyFaces in directory traversal
10921| [73096] Apache APR hash denial of service
10922| [73052] Apache Struts name cross-site scripting
10923| [73030] Apache CXF UsernameToken security bypass
10924| [72888] Apache Struts lastName cross-site scripting
10925| [72758] Apache HTTP Server httpOnly information disclosure
10926| [72757] Apache HTTP Server MPM denial of service
10927| [72585] Apache Struts ParameterInterceptor security bypass
10928| [72438] Apache Tomcat Digest security bypass
10929| [72437] Apache Tomcat Digest security bypass
10930| [72436] Apache Tomcat DIGEST security bypass
10931| [72425] Apache Tomcat parameter denial of service
10932| [72422] Apache Tomcat request object information disclosure
10933| [72377] Apache HTTP Server scoreboard security bypass
10934| [72345] Apache HTTP Server HTTP request denial of service
10935| [72229] Apache Struts ExceptionDelegator command execution
10936| [72089] Apache Struts ParameterInterceptor directory traversal
10937| [72088] Apache Struts CookieInterceptor command execution
10938| [72047] Apache Geronimo hash denial of service
10939| [72016] Apache Tomcat hash denial of service
10940| [71711] Apache Struts OGNL expression code execution
10941| [71654] Apache Struts interfaces security bypass
10942| [71620] Apache ActiveMQ failover denial of service
10943| [71617] Apache HTTP Server mod_proxy module information disclosure
10944| [71508] Apache MyFaces EL security bypass
10945| [71445] Apache HTTP Server mod_proxy security bypass
10946| [71203] Apache Tomcat servlets privilege escalation
10947| [71181] Apache HTTP Server ap_pregsub() denial of service
10948| [71093] Apache HTTP Server ap_pregsub() buffer overflow
10949| [70336] Apache HTTP Server mod_proxy information disclosure
10950| [69804] Apache HTTP Server mod_proxy_ajp denial of service
10951| [69472] Apache Tomcat AJP security bypass
10952| [69396] Apache HTTP Server ByteRange filter denial of service
10953| [69394] Apache Wicket multi window support cross-site scripting
10954| [69176] Apache Tomcat XML information disclosure
10955| [69161] Apache Tomcat jsvc information disclosure
10956| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
10957| [68541] Apache Tomcat sendfile information disclosure
10958| [68420] Apache XML Security denial of service
10959| [68238] Apache Tomcat JMX information disclosure
10960| [67860] Apache Rampart/C rampart_timestamp_token_validate security bypass
10961| [67804] Apache Subversion control rules information disclosure
10962| [67803] Apache Subversion control rules denial of service
10963| [67802] Apache Subversion baselined denial of service
10964| [67672] Apache Archiva multiple cross-site scripting
10965| [67671] Apache Archiva multiple cross-site request forgery
10966| [67564] Apache APR apr_fnmatch() denial of service
10967| [67532] IBM WebSphere Application Server org.apache.jasper.runtime.JspWriterImpl.response denial of service
10968| [67515] Apache Tomcat annotations security bypass
10969| [67480] Apache Struts s:submit information disclosure
10970| [67414] Apache APR apr_fnmatch() denial of service
10971| [67356] Apache Struts javatemplates cross-site scripting
10972| [67354] Apache Struts Xwork cross-site scripting
10973| [66676] Apache Tomcat HTTP BIO information disclosure
10974| [66675] Apache Tomcat web.xml security bypass
10975| [66640] Apache HttpComponents HttpClient Proxy-Authorization information disclosure
10976| [66241] Apache HttpComponents information disclosure
10977| [66154] Apache Tomcat ServletSecurity security bypass
10978| [65971] Apache Tomcat ServletSecurity security bypass
10979| [65876] Apache Subversion mod_dav_svn denial of service
10980| [65343] Apache Continuum unspecified cross-site scripting
10981| [65162] Apache Tomcat NIO connector denial of service
10982| [65161] Apache Tomcat javax.servlet.ServletRequest.getLocale() denial of service
10983| [65160] Apache Tomcat HTML Manager interface cross-site scripting
10984| [65159] Apache Tomcat ServletContect security bypass
10985| [65050] Apache CouchDB web-based administration UI cross-site scripting
10986| [64773] Oracle HTTP Server Apache Plugin unauthorized access
10987| [64473] Apache Subversion blame -g denial of service
10988| [64472] Apache Subversion walk() denial of service
10989| [64407] Apache Axis2 CVE-2010-0219 code execution
10990| [63926] Apache Archiva password privilege escalation
10991| [63785] Apache CouchDB LD_LIBRARY_PATH privilege escalation
10992| [63493] Apache Archiva credentials cross-site request forgery
10993| [63477] Apache Tomcat HttpOnly session hijacking
10994| [63422] Apache Tomcat sessionsList.jsp cross-site scripting
10995| [63303] Apache mod_fcgid module fcgid_header_bucket_read() buffer overflow
10996| [62959] Apache Shiro filters security bypass
10997| [62790] Apache Perl cgi module denial of service
10998| [62576] Apache Qpid exchange denial of service
10999| [62575] Apache Qpid AMQP denial of service
11000| [62354] Apache Qpid SSL denial of service
11001| [62235] Apache APR-util apr_brigade_split_line() denial of service
11002| [62181] Apache XML-RPC SAX Parser information disclosure
11003| [61721] Apache Traffic Server cache poisoning
11004| [61202] Apache Derby BUILTIN authentication functionality information disclosure
11005| [61186] Apache CouchDB Futon cross-site request forgery
11006| [61169] Apache CXF DTD denial of service
11007| [61070] Apache Jackrabbit search.jsp SQL injection
11008| [61006] Apache SLMS Quoting cross-site request forgery
11009| [60962] Apache Tomcat time cross-site scripting
11010| [60883] Apache mod_proxy_http information disclosure
11011| [60671] Apache HTTP Server mod_cache and mod_dav denial of service
11012| [60264] Apache Tomcat Transfer-Encoding denial of service
11013| [59746] Apache Axis2 axis2/axis2-admin page session hijacking
11014| [59588] Apache Axis2/Java XML DTD (Document Type Declaration) data denial of service
11015| [59413] Apache mod_proxy_http timeout information disclosure
11016| [59058] Apache MyFaces unencrypted view state cross-site scripting
11017| [58827] Apache Axis2 xsd file include
11018| [58790] Apache Axis2 modules cross-site scripting
11019| [58299] Apache ActiveMQ queueBrowse cross-site scripting
11020| [58169] Apache Tomcat Web Application Manager / Host Manager cross-site request forgery
11021| [58056] Apache ActiveMQ .jsp source code disclosure
11022| [58055] Apache Tomcat realm name information disclosure
11023| [58046] Apache HTTP Server mod_auth_shadow security bypass
11024| [57841] Apache Open For Business Project (OFBiz) subject cross-site scripting
11025| [57840] Apache Open For Business Project (OFBiz) multiple parameters cross-site scripting
11026| [57429] Apache CouchDB algorithms information disclosure
11027| [57398] Apache ActiveMQ Web console cross-site request forgery
11028| [57397] Apache ActiveMQ createDestination.action cross-site scripting
11029| [56653] Apache HTTP Server DNS spoofing
11030| [56652] Apache HTTP Server DNS cross-site scripting
11031| [56625] Apache HTTP Server request header information disclosure
11032| [56624] Apache HTTP Server mod_isapi orphaned callback pointer code execution
11033| [56623] Apache HTTP Server mod_proxy_ajp denial of service
11034| [55941] mod_proxy module for Apache ap_proxy_send_fb() buffer overflow
11035| [55857] Apache Tomcat WAR files directory traversal
11036| [55856] Apache Tomcat autoDeploy attribute security bypass
11037| [55855] Apache Tomcat WAR directory traversal
11038| [55210] Intuit component for Joomla! Apache information disclosure
11039| [54533] Apache Tomcat 404 error page cross-site scripting
11040| [54182] Apache Tomcat admin default password
11041| [53878] Apache Solr Search (solr) extension for TYPO3 unspecified cross-site scripting
11042| [53666] Apache HTTP Server Solaris pollset support denial of service
11043| [53650] Apache HTTP Server HTTP basic-auth module security bypass
11044| [53124] mod_proxy_ftp module for Apache HTTP header security bypass
11045| [53041] mod_proxy_ftp module for Apache denial of service
11046| [52540] Apache Portable Runtime and Apache Portable Utility library multiple buffer overflow
11047| [51953] Apache Tomcat Path Disclosure
11048| [51952] Apache Tomcat Path Traversal
11049| [51951] Apache stronghold-status Information Disclosure
11050| [51950] Apache stronghold-info Information Disclosure
11051| [51949] Apache PHP Source Code Disclosure
11052| [51948] Apache Multiviews Attack
11053| [51946] Apache JServ Environment Status Information Disclosure
11054| [51945] Apache error_log Information Disclosure
11055| [51944] Apache Default Installation Page Pattern Found
11056| [51943] Apache AXIS XML Parser echoheaders.jws Sample Web Service Denial of Service
11057| [51942] Apache AXIS XML External Entity File Retrieval
11058| [51941] Apache AXIS Sample Servlet Information Leak
11059| [51940] Apache access_log Information Disclosure
11060| [51626] Apache mod_deflate denial of service
11061| [51532] mod_proxy module for the Apache HTTP Server stream_reqbody_cl denial of service
11062| [51365] Apache Tomcat RequestDispatcher security bypass
11063| [51273] Apache HTTP Server Incomplete Request denial of service
11064| [51195] Apache Tomcat XML information disclosure
11065| [50994] Apache APR-util xml/apr_xml.c denial of service
11066| [50993] Apache APR-util apr_brigade_vprintf denial of service
11067| [50964] Apache APR-util apr_strmatch_precompile() denial of service
11068| [50930] Apache Tomcat j_security_check information disclosure
11069| [50928] Apache Tomcat AJP denial of service
11070| [50884] Apache HTTP Server XML ENTITY denial of service
11071| [50808] Apache HTTP Server AllowOverride privilege escalation
11072| [50108] Apache Struts s:a tag and s:url tag cross-site scripting
11073| [50059] Apache mod_proxy_ajp information disclosure
11074| [49951] Apache Tiles Expression Language (EL) expressions cross-site scripting
11075| [49925] Apache Geronimo Web Administrative Console cross-site request forgery
11076| [49924] Apache Geronimo console/portal/Server/Monitoring cross-site scripting
11077| [49921] Apache ActiveMQ Web interface cross-site scripting
11078| [49898] Apache Geronimo Services/Repository directory traversal
11079| [49725] Apache Tomcat mod_jk module information disclosure
11080| [49715] Apache mod_perl Apache::Status and Apache2::Status modules cross-site scripting
11081| [49712] Apache Struts unspecified cross-site scripting
11082| [49213] Apache Tomcat cal2.jsp cross-site scripting
11083| [48934] Apache Tomcat POST doRead method information disclosure
11084| [48211] Apache Tomcat header HTTP request smuggling
11085| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
11086| [48110] Apache Jackrabbit search.jsp and swr.jsp cross-site scripting
11087| [47709] Apache Roller "
11088| [47104] Novell Netware ApacheAdmin console security bypass
11089| [47086] Apache HTTP Server OS fingerprinting unspecified
11090| [46329] Apache Struts FilterDispatcher and DefaultStaticContentLoader class directory traversal
11091| [45791] Apache Tomcat RemoteFilterValve security bypass
11092| [44435] Oracle WebLogic Apache Connector buffer overflow
11093| [44411] Apache Tomcat allowLinking UTF-8 directory traversal
11094| [44223] Apache HTTP Server mod_proxy_ftp cross-site scripting
11095| [44156] Apache Tomcat RequestDispatcher directory traversal
11096| [44155] Apache Tomcat HttpServletResponse.sendError() cross-site scripting
11097| [43885] Oracle WebLogic Server Apache Connector buffer overflow
11098| [42987] Apache HTTP Server mod_proxy module denial of service
11099| [42915] Apache Tomcat JSP files path disclosure
11100| [42914] Apache Tomcat MS-DOS path disclosure
11101| [42892] Apache Tomcat unspecified unauthorized access
11102| [42816] Apache Tomcat Host Manager cross-site scripting
11103| [42303] Apache 403 error cross-site scripting
11104| [41618] Apache-SSL ExpandCert() authentication bypass
11105| [40761] Apache Derby RDBNAM parameter and DatabaseMetaData.getURL information disclosure
11106| [40736] Apache Tomcat HTTP/1.1 connector information disclosure
11107| [40614] Apache mod_jk2 HTTP Host header buffer overflow
11108| [40562] Apache Geronimo init information disclosure
11109| [40478] Novell Web Manager webadmin-apache.conf security bypass
11110| [40411] Apache Tomcat exception handling information disclosure
11111| [40409] Apache Tomcat native (APR based) connector weak security
11112| [40403] Apache Tomcat quotes and %5C cookie information disclosure
11113| [40388] Sun Java Plug-In org.apache.crimson.tree.XmlDocument security bypass
11114| [39893] Apache HTTP Server mod_negotiation HTTP response splitting
11115| [39867] Apache HTTP Server mod_negotiation cross-site scripting
11116| [39804] Apache Tomcat SingleSignOn information disclosure
11117| [39615] Apache HTTP Server mod_proxy_ftp.c UTF-7 cross-site scripting
11118| [39612] Apache HTTP Server mod_proxy_balancer buffer overflow
11119| [39608] Apache HTTP Server balancer manager cross-site request forgery
11120| [39476] Apache mod_proxy_balancer balancer_handler function denial of service
11121| [39474] Apache HTTP Server mod_proxy_balancer cross-site scripting
11122| [39472] Apache HTTP Server mod_status cross-site scripting
11123| [39201] Apache Tomcat JULI logging weak security
11124| [39158] Apache HTTP Server Windows SMB shares information disclosure
11125| [39001] Apache HTTP Server mod_imap and mod_imagemap module cross-site scripting
11126| [38951] Apache::AuthCAS Perl module cookie SQL injection
11127| [38800] Apache HTTP Server 413 error page cross-site scripting
11128| [38211] Apache Geronimo SQLLoginModule authentication bypass
11129| [37243] Apache Tomcat WebDAV directory traversal
11130| [37178] RHSA update for Apache HTTP Server mod_status module cross-site scripting not installed
11131| [37177] RHSA update for Apache HTTP Server Apache child process denial of service not installed
11132| [37119] RHSA update for Apache mod_auth_kerb off-by-one buffer overflow not installed
11133| [37100] RHSA update for Apache and IBM HTTP Server Expect header cross-site scripting not installed
11134| [36782] Apache Geronimo MEJB unauthorized access
11135| [36586] Apache HTTP Server UTF-7 cross-site scripting
11136| [36468] Apache Geronimo LoginModule security bypass
11137| [36467] Apache Tomcat functions.jsp cross-site scripting
11138| [36402] Apache Tomcat calendar cross-site request forgery
11139| [36354] Apache HTTP Server mod_proxy module denial of service
11140| [36352] Apache HTTP Server ap_proxy_date_canon() denial of service
11141| [36336] Apache Derby lock table privilege escalation
11142| [36335] Apache Derby schema privilege escalation
11143| [36006] Apache Tomcat "
11144| [36001] Apache Tomcat Host Manager Servlet alias cross-site scripting
11145| [35999] Apache Tomcat \"
11146| [35795] Apache Tomcat CookieExample cross-site scripting
11147| [35536] Apache Tomcat SendMailServlet example cross-site scripting
11148| [35384] Apache HTTP Server mod_cache module denial of service
11149| [35097] Apache HTTP Server mod_status module cross-site scripting
11150| [35095] Apache HTTP Server Prefork MPM module denial of service
11151| [34984] Apache HTTP Server recall_headers information disclosure
11152| [34966] Apache HTTP Server MPM content spoofing
11153| [34965] Apache HTTP Server MPM information disclosure
11154| [34963] Apache HTTP Server MPM multiple denial of service
11155| [34872] Apache MyFaces Tomahawk autoscroll parameter cross-site scripting
11156| [34869] Apache Tomcat JSP example Web application cross-site scripting
11157| [34868] Apache Tomcat Manager and Host Manager cross-site scripting
11158| [34496] Apache Tomcat JK Connector security bypass
11159| [34377] Apache Tomcat hello.jsp cross-site scripting
11160| [34212] Apache Tomcat SSL configuration security bypass
11161| [34210] Apache Tomcat Accept-Language cross-site scripting
11162| [34209] Apache Tomcat calendar application cross-site scripting
11163| [34207] Apache Tomcat implicit-objects.jsp cross-site scripting
11164| [34167] Apache Axis WSDL file path disclosure
11165| [34068] Apache Tomcat AJP connector information disclosure
11166| [33584] Apache HTTP Server suEXEC privilege escalation
11167| [32988] Apache Tomcat proxy module directory traversal
11168| [32794] Apache Tomcat JK Web Server Connector map_uri_to_worker() buffer overflow
11169| [32708] Debian Apache tty privilege escalation
11170| [32441] ApacheStats extract() PHP call unspecified
11171| [32128] Apache Tomcat default account
11172| [31680] Apache Tomcat RequestParamExample cross-site scripting
11173| [31649] Apache Tomcat Sample Servlet TroubleShooter detected
11174| [31557] BEA WebLogic Server and WebLogic Express Apache proxy plug-in denial of service
11175| [31236] Apache HTTP Server htpasswd.c strcpy buffer overflow
11176| [30456] Apache mod_auth_kerb off-by-one buffer overflow
11177| [29550] Apache mod_tcl set_var() format string
11178| [28620] Apache and IBM HTTP Server Expect header cross-site scripting
11179| [28357] Apache HTTP Server mod_alias script source information disclosure
11180| [28063] Apache mod_rewrite off-by-one buffer overflow
11181| [27902] Apache Tomcat URL information disclosure
11182| [26786] Apache James SMTP server denial of service
11183| [25680] libapache2 /tmp/svn file upload
11184| [25614] Apache Struts lookupMap cross-site scripting
11185| [25613] Apache Struts ActionForm denial of service
11186| [25612] Apache Struts isCancelled() security bypass
11187| [24965] Apache mod_python FileSession command execution
11188| [24716] Apache James spooler memory leak denial of service
11189| [24159] Apache Geronimo Web-Access-Log Viewer cross-site scripting
11190| [24158] Apache Geronimo jsp-examples cross-site scripting
11191| [24030] Apache auth_ldap module multiple format strings
11192| [24008] Apache mod_ssl custom error message denial of service
11193| [24003] Apache mod_auth_pgsql module multiple syslog format strings
11194| [23612] Apache mod_imap referer field cross-site scripting
11195| [23173] Apache Struts error message cross-site scripting
11196| [22942] Apache Tomcat directory listing denial of service
11197| [22858] Apache Multi-Processing Module code allows denial of service
11198| [22602] RHSA-2005:582 updates for Apache httpd not installed
11199| [22520] Apache mod-auth-shadow "
11200| [22466] ApacheTop symlink
11201| [22109] Apache HTTP Server ssl_engine_kernel client certificate validation
11202| [22006] Apache HTTP Server byte-range filter denial of service
11203| [21567] Apache mod_ssl off-by-one buffer overflow
11204| [21195] Apache HTTP Server header HTTP request smuggling
11205| [20383] Apache HTTP Server htdigest buffer overflow
11206| [19681] Apache Tomcat AJP12 request denial of service
11207| [18993] Apache HTTP server check_forensic symlink attack
11208| [18790] Apache Tomcat Manager cross-site scripting
11209| [18349] Apache HTTP server Apple HFS+ filesystem obtain information
11210| [18348] Apache HTTP server Apple HFS+ filesystem .DS_Store and .ht file disclosure
11211| [18347] Apache HTTP server Apple Mac OS X Server mod_digest_apple module could allow an attacker to replay responses
11212| [17961] Apache Web server ServerTokens has not been set
11213| [17930] Apache HTTP Server HTTP GET request denial of service
11214| [17785] Apache mod_include module buffer overflow
11215| [17671] Apache HTTP Server SSLCipherSuite bypass restrictions
11216| [17473] Apache HTTP Server Satisfy directive allows access to resources
11217| [17413] Apache htpasswd buffer overflow
11218| [17384] Apache HTTP Server environment variable configuration file buffer overflow
11219| [17382] Apache HTTP Server IPv6 apr_util denial of service
11220| [17366] Apache HTTP Server mod_dav module LOCK denial of service
11221| [17273] Apache HTTP Server speculative mode denial of service
11222| [17200] Apache HTTP Server mod_ssl denial of service
11223| [16890] Apache HTTP Server server-info request has been detected
11224| [16889] Apache HTTP Server server-status request has been detected
11225| [16705] Apache mod_ssl format string attack
11226| [16524] Apache HTTP Server ap_get_mime_headers_core denial of service
11227| [16387] Apache HTTP Server mod_proxy Content-Length buffer overflow
11228| [16230] Apache HTTP Server PHP denial of service
11229| [16214] Apache mod_ssl ssl_util_uuencode_binary buffer overflow
11230| [15958] Apache HTTP Server authentication modules memory corruption
11231| [15547] Apache HTTP Server mod_disk_cache local information disclosure
11232| [15540] Apache HTTP Server socket starvation denial of service
11233| [15467] Novell GroupWise WebAccess using Apache Web server allows viewing of files on the server
11234| [15422] Apache HTTP Server mod_access information disclosure
11235| [15419] Apache HTTP Server mod_ssl plain HTTP request denial of service
11236| [15293] Apache for Cygwin "
11237| [15065] Apache-SSL has a default password
11238| [15041] Apache HTTP Server mod_digest module could allow an attacker to replay responses
11239| [15015] Apache httpd server httpd.conf could allow a local user to bypass restrictions
11240| [14751] Apache Mod_python output filter information disclosure
11241| [14125] Apache HTTP Server mod_userdir module information disclosure
11242| [14075] Apache HTTP Server mod_php file descriptor leak
11243| [13703] Apache HTTP Server account
11244| [13689] Apache HTTP Server configuration allows symlinks
11245| [13688] Apache HTTP Server configuration allows SSI
11246| [13687] Apache HTTP Server Server: header value
11247| [13685] Apache HTTP Server ServerTokens value
11248| [13684] Apache HTTP Server ServerSignature value
11249| [13672] Apache HTTP Server config allows directory autoindexing
11250| [13671] Apache HTTP Server default content
11251| [13670] Apache HTTP Server config file directive references outside content root
11252| [13668] Apache HTTP Server httpd not running in chroot environment
11253| [13666] Apache HTTP Server CGI directory contains possible command interpreter or compiler
11254| [13664] Apache HTTP Server config file contains ScriptAlias entry
11255| [13663] Apache HTTP Server CGI support modules loaded
11256| [13661] Apache HTTP Server config file contains AddHandler entry
11257| [13660] Apache HTTP Server 500 error page not CGI script
11258| [13659] Apache HTTP Server 413 error page not CGI script
11259| [13658] Apache HTTP Server 403 error page not CGI script
11260| [13657] Apache HTTP Server 401 error page not CGI script
11261| [13552] Apache HTTP Server mod_cgid module information disclosure
11262| [13550] Apache GET request directory traversal
11263| [13516] Apache Cocoon XMLForm and JXForm could allow execution of code
11264| [13499] Apache Cocoon directory traversal allows downloading of boot.ini file
11265| [13429] Apache Tomcat non-HTTP request denial of service
11266| [13400] Apache HTTP server mod_alias and mod_rewrite buffer overflow
11267| [13295] Apache weak password encryption
11268| [13254] Apache Tomcat .jsp cross-site scripting
11269| [13125] Apache::Gallery Inline::C could allow arbitrary code execution
11270| [13086] Apache Jakarta Tomcat mod_jk format string allows remote access
11271| [12681] Apache HTTP Server mod_proxy could allow mail relaying
11272| [12662] Apache HTTP Server rotatelogs denial of service
11273| [12554] Apache Tomcat stores password in plain text
11274| [12553] Apache HTTP Server redirects and subrequests denial of service
11275| [12552] Apache HTTP Server FTP proxy server denial of service
11276| [12551] Apache HTTP Server prefork MPM denial of service
11277| [12550] Apache HTTP Server weaker than expected encryption
11278| [12549] Apache HTTP Server type-map file denial of service
11279| [12206] Apache Tomcat /opt/tomcat directory insecure permissions
11280| [12102] Apache Jakarta Tomcat MS-DOS device name request denial of service
11281| [12091] Apache HTTP Server apr_password_validate denial of service
11282| [12090] Apache HTTP Server apr_psprintf code execution
11283| [11804] Apache HTTP Server mod_access_referer denial of service
11284| [11750] Apache HTTP Server could leak sensitive file descriptors
11285| [11730] Apache HTTP Server error log and access log terminal escape sequence injection
11286| [11703] Apache long slash path allows directory listing
11287| [11695] Apache HTTP Server LF (Line Feed) denial of service
11288| [11694] Apache HTTP Server filestat.c denial of service
11289| [11438] Apache HTTP Server MIME message boundaries information disclosure
11290| [11412] Apache HTTP Server error log terminal escape sequence injection
11291| [11196] Apache Tomcat examples and ROOT Web applications cross-site scripting
11292| [11195] Apache Tomcat web.xml could be used to read files
11293| [11194] Apache Tomcat URL appended with a null character could list directories
11294| [11139] Apache HTTP Server mass virtual hosting with mod_rewrite or mod_vhost_alias could allow an attacker to obtain files
11295| [11126] Apache HTTP Server illegal character file disclosure
11296| [11125] Apache HTTP Server DOS device name HTTP POST code execution
11297| [11124] Apache HTTP Server DOS device name denial of service
11298| [11088] Apache HTTP Server mod_vhost_alias CGI source disclosure
11299| [10938] Apache HTTP Server printenv test CGI cross-site scripting
11300| [10771] Apache Tomcat mod_jk module multiple HTTP GET request buffer overflow
11301| [10575] Apache mod_php module could allow an attacker to take over the httpd process
11302| [10499] Apache HTTP Server WebDAV HTTP POST view source
11303| [10457] Apache HTTP Server mod_ssl "
11304| [10415] Apache HTTP Server htdigest insecure system() call could allow command execution
11305| [10414] Apache HTTP Server htdigest multiple buffer overflows
11306| [10413] Apache HTTP Server htdigest temporary file race condition
11307| [10412] Apache HTTP Server htpasswd temporary file race condition
11308| [10376] Apache Tomcat invoker servlet used in conjunction with the default servlet reveals source code
11309| [10348] Apache Tomcat HTTP GET request DOS device reference could cause a denial of service
11310| [10281] Apache HTTP Server ab.c ApacheBench long response buffer overflow
11311| [10280] Apache HTTP Server shared memory scorecard overwrite
11312| [10263] Apache Tomcat mod_jk or mod_jserv connector directory disclosure
11313| [10241] Apache HTTP Server Host: header cross-site scripting
11314| [10230] Slapper worm variants A, B, and C target OpenSSL/Apache systems
11315| [10208] Apache HTTP Server mod_dav denial of service
11316| [10206] HP VVOS Apache mod_ssl denial of service
11317| [10200] Apache HTTP Server stderr denial of service
11318| [10175] Apache Tomcat org.apache.catalina.servlets.DefaultServlet reveals source code
11319| [10169] Slapper worm variant (Slapper.C) targets OpenSSL/Apache systems
11320| [10154] Slapper worm variant (Slapper.B) targets OpenSSL/Apache systems
11321| [10098] Slapper worm targets OpenSSL/Apache systems
11322| [9876] Apache HTTP Server cgi/cgid request could disclose the path to a requested script
11323| [9875] Apache HTTP Server .var file request could disclose installation path
11324| [9863] Apache Tomcat web.xml file could allow a remote attacker to bypass restrictions
11325| [9808] Apache HTTP Server non-Unix version URL encoded directory traversal
11326| [9623] Apache HTTP Server ap_log_rerror() path disclosure
11327| [9520] Apache Tomcat /servlet/ mapping cross-site scripting
11328| [9415] Apache HTTP Server mod_ssl .htaccess off-by-one buffer overflow
11329| [9396] Apache Tomcat null character to threads denial of service
11330| [9394] Apache Tomcat HTTP request for LPT9 reveals Web root path
11331| [9249] Apache HTTP Server chunked encoding heap buffer overflow
11332| [9208] Apache Tomcat sample file requests could reveal directory listing and path to Web root directory
11333| [8932] Apache Tomcat example class information disclosure
11334| [8633] Apache HTTP Server with mod_rewrite could allow an attacker to bypass directives
11335| [8629] Apache HTTP Server double-reverse DNS lookup spoofing
11336| [8589] Apache HTTP Server for Windows DOS batch file remote command execution
11337| [8457] Oracle9i Application Server Apache PL/SQL HTTP Location header buffer overflow
11338| [8455] Oracle9i Application Server default installation could allow an attacker to access certain Apache Services
11339| [8400] Apache HTTP Server mod_frontpage buffer overflows
11340| [8326] Apache HTTP Server multiple MIME headers (sioux) denial of service
11341| [8308] Apache "
11342| [8275] Apache HTTP Server with Multiviews enabled could disclose directory contents
11343| [8119] Apache and PHP OPTIONS request reveals "
11344| [8054] Apache is running on the system
11345| [8029] Mandrake Linux default Apache configuration could allow an attacker to browse files and directories
11346| [8027] Mandrake Linux default Apache configuration has remote management interface enabled
11347| [8026] Mandrake Linux Apache sample programs could disclose sensitive information about the server
11348| [7836] Apache HTTP Server log directory denial of service
11349| [7815] Apache for Windows "
11350| [7810] Apache HTTP request could result in unexpected behavior
11351| [7599] Apache Tomcat reveals installation path
11352| [7494] Apache "
11353| [7419] Apache Web Server could allow remote attackers to overwrite .log files
11354| [7363] Apache Web Server hidden HTTP requests
11355| [7249] Apache mod_proxy denial of service
11356| [7129] Linux with Apache Web server could allow an attacker to determine if a specified username exists
11357| [7103] Apple Mac OS X used with Apache Web server could disclose directory contents
11358| [7059] Apache "
11359| [7057] Apache "
11360| [7056] Apache "
11361| [7055] Apache "
11362| [7054] Apache "
11363| [6997] Apache Jakarta Tomcat error message may reveal information
11364| [6971] Apache Jakarta Tomcat may reveal JSP source code with missing HTTP protocol specification
11365| [6970] Apache crafted HTTP request could reveal the internal IP address
11366| [6921] Apache long slash path allows directory listing
11367| [6687] Apple Mac OS X used with Apache Web server could allow arbitrary file disclosure
11368| [6527] Apache Web Server for Windows and OS2 denial of service
11369| [6316] Apache Jakarta Tomcat may reveal JSP source code
11370| [6305] Apache Jakarta Tomcat directory traversal
11371| [5926] Linux Apache symbolic link
11372| [5659] Apache Web server discloses files when used with php script
11373| [5310] Apache mod_rewrite allows attacker to view arbitrary files
11374| [5204] Apache WebDAV directory listings
11375| [5197] Apache Web server reveals CGI script source code
11376| [5160] Apache Jakarta Tomcat default installation
11377| [5099] Trustix Secure Linux installs Apache with world writable access
11378| [4968] Apache Jakarta Tomcat snoop servlet gives out information which could be used in attack
11379| [4967] Apache Jakarta Tomcat 404 error reveals the pathname of the requested file
11380| [4931] Apache source.asp example file allows users to write to files
11381| [4575] IBM HTTP Server running Apache allows users to directory listing and file retrieval
11382| [4205] Apache Jakarta Tomcat delivers file contents
11383| [2084] Apache on Debian by default serves the /usr/doc directory
11384| [1630] MessageMedia UnityMail and Apache Web server MIME header flood denial of service
11385| [697] Apache HTTP server beck exploit
11386| [331] Apache cookies buffer overflow
11387|
11388| Exploit-DB - https://www.exploit-db.com:
11389| [31130] Apache Tomcat <= 6.0.15 Cookie Quote Handling Remote Information Disclosure Vulnerability
11390| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
11391| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
11392| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
11393| [30563] Apache Tomcat <= 5.5.15 Cal2.JSP Cross-Site Scripting Vulnerability
11394| [30496] Apache Tomcat <= 6.0.13 Cookie Handling Quote Delimiter Session ID Disclosure
11395| [30495] Apache Tomcat <= 6.0.13 Host Manager Servlet Cross Site Scripting Vulnerability
11396| [30191] Apache MyFaces Tomahawk JSF Framework 1.1.5 Autoscroll Parameter Cross Site Scripting Vulnerability
11397| [30189] Apache Tomcat <= 6.0.13 JSP Example Web Applications Cross Site Scripting Vulnerability
11398| [30052] Apache Tomcat 6.0.10 Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
11399| [29930] Apache AXIS 1.0 Non-Existent WSDL Path Information Disclosure Vulnerability
11400| [29859] Apache Roller OGNL Injection
11401| [29739] Apache HTTP Server Tomcat 5.x/6.0.x Directory Traversal Vulnerability
11402| [29435] Apache Tomcat 5.5.25 - CSRF Vulnerabilities
11403| [29316] Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner) (2)
11404| [29290] Apache / PHP 5.x Remote Code Execution Exploit
11405| [28713] Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE
11406| [28424] Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
11407| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
11408| [28254] Apache Tomcat 5 Information Disclosure Vulnerability
11409| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
11410| [27397] Apache suEXEC Privilege Elevation / Information Disclosure
11411| [27135] Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
11412| [27096] Apache Geronimo 1.0 Error Page XSS
11413| [27095] Apache Tomcat / Geronimo 1.0 Sample Script cal2.jsp time Parameter XSS
11414| [26710] Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 - Denial of Service
11415| [26542] Apache Struts 1.2.7 Error Response Cross-Site Scripting Vulnerability
11416| [25986] Plesk Apache Zeroday Remote Exploit
11417| [25980] Apache Struts includeParams Remote Code Execution
11418| [25625] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (2)
11419| [25624] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (1)
11420| [24874] Apache Struts ParametersInterceptor Remote Code Execution
11421| [24744] Apache Rave 0.11 - 0.20 - User Information Disclosure
11422| [24694] Apache 1.3.x mod_include Local Buffer Overflow Vulnerability
11423| [24590] Apache 2.0.x mod_ssl Remote Denial of Service Vulnerability
11424| [23751] Apache Cygwin 1.3.x/2.0.x Directory Traversal Vulnerability
11425| [23581] Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability
11426| [23482] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)
11427| [23481] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (1)
11428| [23296] Red Hat Apache 2.0.40 Directory Index Default Configuration Error
11429| [23282] apache cocoon 2.14/2.2 - Directory Traversal vulnerability
11430| [23245] Apache Tomcat 4.0.x Non-HTTP Request Denial of Service Vulnerability
11431| [23119] Apache::Gallery 0.4/0.5/0.6 Insecure Local File Storage Privilege Escalation Vulnerability
11432| [22505] Apache Mod_Access_Referer 1.0.2 NULL Pointer Dereference Denial of Service Vulnerability
11433| [22205] Apache Tomcat 3.x Null Byte Directory/File Disclosure Vulnerability
11434| [22191] Apache Web Server 2.0.x MS-DOS Device Name Denial of Service Vulnerability
11435| [22068] Apache 1.3.x,Tomcat 4.0.x/4.1.x Mod_JK Chunked Encoding Denial of Service Vulnerability
11436| [21885] Apache 1.3/2.0.x Server Side Include Cross Site Scripting Vulnerability
11437| [21882] Apache Tomcat 3.2 Directory Disclosure Vulnerability
11438| [21854] Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service Vulnerability
11439| [21853] Apache Tomcat 3/4 DefaultServlet File Disclosure Vulnerability
11440| [21734] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
11441| [21719] Apache 2.0 Path Disclosure Vulnerability
11442| [21697] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
11443| [21605] Apache Tomcat 4.0.3 DoS Device Name Cross Site Scripting Vulnerability
11444| [21604] Apache Tomcat 4.0.3 Servlet Mapping Cross Site Scripting Vulnerability
11445| [21560] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (2)
11446| [21559] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (1)
11447| [21534] Apache Tomcat 3/4 JSP Engine Denial of Service Vulnerability
11448| [21492] Apache Tomcat 3.2.3/3.2.4 RealPath.JSP Malformed Request Information Disclosure
11449| [21491] Apache Tomcat 3.2.3/3.2.4 Example Files Web Root Path Disclosure
11450| [21490] Apache Tomcat 3.2.3/3.2.4 Source.JSP Malformed Request Information Disclosure
11451| [21412] Apache Tomcat 4.0/4.1 Servlet Path Disclosure Vulnerability
11452| [21350] Apache Win32 1.3.x/2.0.x Batch File Remote Command Execution Vulnerability
11453| [21204] Apache 1.3.20 Win32 PHP.EXE Remote File Disclosure Vulnerability
11454| [21112] Red Hat Linux 7.0 Apache Remote Username Enumeration Vulnerability
11455| [21067] Apache 1.0/1.2/1.3 Server Address Disclosure Vulnerability
11456| [21002] Apache 1.3 Possible Directory Index Disclosure Vulnerability
11457| [20911] Apache 1.3.14 Mac File Protection Bypass Vulnerability
11458| [20716] apache tomcat 3.0 - Directory Traversal vulnerability
11459| [20695] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (4)
11460| [20694] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (3)
11461| [20693] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (2)
11462| [20692] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (1)
11463| [20595] NCSA 1.3/1.4.x/1.5,Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability
11464| [20558] Apache 1.2 Web Server DoS Vulnerability
11465| [20466] Apache 1.3 Web Server with Php 3 File Disclosure Vulnerability
11466| [20435] Apache 0.8.x/1.0.x,NCSA httpd 1.x test-cgi Directory Listing Vulnerability
11467| [20272] Apache 1.2.5/1.3.1,UnityMail 2.0 MIME Header DoS Vulnerability
11468| [20210] Apache 1.3.12 WebDAV Directory Listings Vulnerability
11469| [20131] Apache Tomcat 3.1 Path Revealing Vulnerability
11470| [19975] Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 Root Directory Access Vulnerability
11471| [19828] Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure Vulnerability
11472| [19536] Apache <= 1.1,NCSA httpd <= 1.5.2,Netscape Server 1.12/1.1/2.0 a nph-test-cgi Vulnerability
11473| [19231] PHP apache_request_headers Function Buffer Overflow
11474| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
11475| [18897] Oracle Weblogic Apache Connector POST Request Buffer Overflow
11476| [18619] Apache Tomcat Remote Exploit (PUT Request) and Account Scanner
11477| [18452] Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities
11478| [18442] Apache httpOnly Cookie Disclosure
11479| [18329] Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities
11480| [18221] Apache HTTP Server Denial of Service
11481| [17969] Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
11482| [17696] Apache httpd Remote Denial of Service (memory exhaustion)
11483| [17691] Apache Struts < 2.2.0 - Remote Command Execution
11484| [16798] Apache mod_jk 1.2.20 Buffer Overflow
11485| [16782] Apache Win32 Chunked Encoding
11486| [16752] Apache module mod_rewrite LDAP protocol Buffer Overflow
11487| [16317] Apache Tomcat Manager Application Deployer Authenticated Code Execution
11488| [15710] Apache Archiva 1.0 - 1.3.1 CSRF Vulnerability
11489| [15319] Apache 2.2 (Windows) Local Denial of Service
11490| [14617] Apache JackRabbit 2.0.0 webapp XPath Injection
11491| [14489] Apache Tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
11492| [12721] Apache Axis2 1.4.1 - Local File Inclusion Vulnerability
11493| [12689] Authenticated Cross-Site Scripting Vulnerability (XSS) within Apache Axis2 administration console
11494| [12343] Apache Tomcat 5.5.0 to 5.5.29 & 6.0.0 to 6.0.26 - Information Disclosure Vulnerability
11495| [12330] Apache OFBiz - Multiple XSS
11496| [12264] Apache OFBiz - FULLADMIN Creator PoC Payload
11497| [12263] Apache OFBiz - SQL Remote Execution PoC Payload
11498| [11662] Apache Spamassassin Milter Plugin Remote Root Command Execution
11499| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
11500| [10811] Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability
11501| [10292] Apache Tomcat 3.2.1 - 404 Error Page Cross Site Scripting Vulnerability
11502| [9995] Apache Tomcat Form Authentication Username Enumeration Weakness
11503| [9994] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
11504| [9993] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
11505| [8842] Apache mod_dav / svn Remote Denial of Service Exploit
11506| [8458] Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities
11507| [7264] Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win)
11508| [6229] apache tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
11509| [6100] Apache mod_jk 1.2.19 Remote Buffer Overflow Exploit (win32)
11510| [6089] Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit
11511| [5386] Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
11512| [5330] Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)
11513| [4552] Apache Tomcat (webdav) Remote File Disclosure Exploit (ssl support)
11514| [4530] Apache Tomcat (webdav) Remote File Disclosure Exploit
11515| [4162] Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)
11516| [4093] Apache mod_jk 1.2.19/1.2.20 Remote Buffer Overflow Exploit
11517| [3996] Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)
11518| [3680] Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32)
11519| [3384] Ubuntu/Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit
11520| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
11521| [2061] Apache Tomcat < 5.5.17 Remote Directory Listing Vulnerability
11522| [1056] Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
11523| [855] Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
11524| [764] Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)
11525| [587] Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
11526| [466] htpasswd Apache 1.3.31 - Local Exploit
11527| [371] Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
11528| [360] Apache HTTPd Arbitrary Long HTTP Headers DoS
11529| [132] Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit
11530| [126] Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
11531| [67] Apache 1.3.x mod_mylo Remote Code Execution Exploit
11532| [38] Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
11533| [34] Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
11534| [11] Apache <= 2.0.44 Linux Remote Denial of Service Exploit
11535| [9] Apache HTTP Server 2.x Memory Leak Exploit
11536|
11537| OpenVAS (Nessus) - http://www.openvas.org:
11538| [902924] Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
11539| [902837] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability (Windows)
11540| [902830] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
11541| [902664] Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
11542| [901203] Apache httpd Web Server Range Header Denial of Service Vulnerability
11543| [901110] Apache ActiveMQ Source Code Information Disclosure Vulnerability
11544| [901105] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
11545| [900842] Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)
11546| [900841] Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)
11547| [900573] Apache APR-Utils XML Parser Denial of Service Vulnerability
11548| [900572] Apache APR-Utils Multiple Denial of Service Vulnerabilities
11549| [900571] Apache APR-Utils Version Detection
11550| [900499] Apache mod_proxy_ajp Information Disclosure Vulnerability
11551| [900496] Apache Tiles Multiple XSS Vulnerability
11552| [900493] Apache Tiles Version Detection
11553| [900107] Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
11554| [900021] Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
11555| [880086] CentOS Update for apache CESA-2008:0004-01 centos2 i386
11556| [870175] RedHat Update for apache RHSA-2008:0004-01
11557| [864591] Fedora Update for apache-poi FEDORA-2012-10835
11558| [864383] Fedora Update for apache-commons-compress FEDORA-2012-8428
11559| [864280] Fedora Update for apache-commons-compress FEDORA-2012-8465
11560| [864250] Fedora Update for apache-poi FEDORA-2012-7683
11561| [864249] Fedora Update for apache-poi FEDORA-2012-7686
11562| [863993] Fedora Update for apache-commons-daemon FEDORA-2011-10880
11563| [863466] Fedora Update for apache-commons-daemon FEDORA-2011-10936
11564| [855821] Solaris Update for Apache 1.3 122912-19
11565| [855812] Solaris Update for Apache 1.3 122911-19
11566| [855737] Solaris Update for Apache 1.3 122911-17
11567| [855731] Solaris Update for Apache 1.3 122912-17
11568| [855695] Solaris Update for Apache 1.3 122911-16
11569| [855645] Solaris Update for Apache 1.3 122912-16
11570| [855587] Solaris Update for kernel update and Apache 108529-29
11571| [855566] Solaris Update for Apache 116973-07
11572| [855531] Solaris Update for Apache 116974-07
11573| [855524] Solaris Update for Apache 2 120544-14
11574| [855494] Solaris Update for Apache 1.3 122911-15
11575| [855478] Solaris Update for Apache Security 114145-11
11576| [855472] Solaris Update for Apache Security 113146-12
11577| [855179] Solaris Update for Apache 1.3 122912-15
11578| [855147] Solaris Update for kernel update and Apache 108528-29
11579| [855077] Solaris Update for Apache 2 120543-14
11580| [850196] SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
11581| [850088] SuSE Update for apache2 SUSE-SA:2007:061
11582| [850009] SuSE Update for apache2,apache SUSE-SA:2008:021
11583| [841209] Ubuntu Update for apache2 USN-1627-1
11584| [840900] Ubuntu Update for apache2 USN-1368-1
11585| [840798] Ubuntu Update for apache2 USN-1259-1
11586| [840734] Ubuntu Update for apache2 USN-1199-1
11587| [840542] Ubuntu Update for apache2 vulnerabilities USN-1021-1
11588| [840504] Ubuntu Update for apache2 vulnerability USN-990-2
11589| [840399] Ubuntu Update for apache2 vulnerabilities USN-908-1
11590| [840304] Ubuntu Update for apache2 vulnerabilities USN-575-1
11591| [840118] Ubuntu Update for libapache2-mod-perl2 vulnerability USN-488-1
11592| [840092] Ubuntu Update for apache2 vulnerabilities USN-499-1
11593| [840039] Ubuntu Update for libapache2-mod-python vulnerability USN-430-1
11594| [835253] HP-UX Update for Apache Web Server HPSBUX02645
11595| [835247] HP-UX Update for Apache-based Web Server HPSBUX02612
11596| [835243] HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579
11597| [835236] HP-UX Update for Apache with PHP HPSBUX02543
11598| [835233] HP-UX Update for Apache-based Web Server HPSBUX02531
11599| [835224] HP-UX Update for Apache-based Web Server HPSBUX02465
11600| [835200] HP-UX Update for Apache Web Server Suite HPSBUX02431
11601| [835190] HP-UX Update for Apache Web Server Suite HPSBUX02401
11602| [835188] HP-UX Update for Apache HPSBUX02308
11603| [835181] HP-UX Update for Apache With PHP HPSBUX02332
11604| [835180] HP-UX Update for Apache with PHP HPSBUX02342
11605| [835172] HP-UX Update for Apache HPSBUX02365
11606| [835168] HP-UX Update for Apache HPSBUX02313
11607| [835148] HP-UX Update for Apache HPSBUX01064
11608| [835139] HP-UX Update for Apache with PHP HPSBUX01090
11609| [835131] HP-UX Update for Apache HPSBUX00256
11610| [835119] HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186
11611| [835104] HP-UX Update for Apache HPSBUX00224
11612| [835103] HP-UX Update for Apache mod_cgid HPSBUX00301
11613| [835101] HP-UX Update for Apache HPSBUX01232
11614| [835080] HP-UX Update for Apache HPSBUX02273
11615| [835078] HP-UX Update for ApacheStrong HPSBUX00255
11616| [835044] HP-UX Update for Apache HPSBUX01019
11617| [835040] HP-UX Update for Apache PHP HPSBUX00207
11618| [835025] HP-UX Update for Apache HPSBUX00197
11619| [835023] HP-UX Update for Apache HPSBUX01022
11620| [835022] HP-UX Update for Apache HPSBUX02292
11621| [835005] HP-UX Update for Apache HPSBUX02262
11622| [831759] Mandriva Update for apache-mod_security MDVSA-2012:182 (apache-mod_security)
11623| [831737] Mandriva Update for apache MDVSA-2012:154-1 (apache)
11624| [831534] Mandriva Update for apache MDVSA-2012:012 (apache)
11625| [831523] Mandriva Update for apache MDVSA-2012:003 (apache)
11626| [831491] Mandriva Update for apache MDVSA-2011:168 (apache)
11627| [831460] Mandriva Update for apache MDVSA-2011:144 (apache)
11628| [831449] Mandriva Update for apache MDVSA-2011:130 (apache)
11629| [831357] Mandriva Update for apache MDVSA-2011:057 (apache)
11630| [831132] Mandriva Update for apache MDVSA-2010:153 (apache)
11631| [831131] Mandriva Update for apache MDVSA-2010:152 (apache)
11632| [830989] Mandriva Update for apache-mod_auth_shadow MDVSA-2010:081 (apache-mod_auth_shadow)
11633| [830931] Mandriva Update for apache MDVSA-2010:057 (apache)
11634| [830926] Mandriva Update for apache MDVSA-2010:053 (apache)
11635| [830918] Mandriva Update for apache-mod_security MDVSA-2010:050 (apache-mod_security)
11636| [830799] Mandriva Update for apache-conf MDVSA-2009:300-2 (apache-conf)
11637| [830797] Mandriva Update for apache-conf MDVSA-2009:300-1 (apache-conf)
11638| [830791] Mandriva Update for apache-conf MDVA-2010:011 (apache-conf)
11639| [830652] Mandriva Update for apache MDVSA-2008:195 (apache)
11640| [830621] Mandriva Update for apache-conf MDVA-2008:129 (apache-conf)
11641| [830581] Mandriva Update for apache MDVSA-2008:016 (apache)
11642| [830294] Mandriva Update for apache MDKSA-2007:140 (apache)
11643| [830196] Mandriva Update for apache MDKSA-2007:235 (apache)
11644| [830112] Mandriva Update for apache MDKSA-2007:127 (apache)
11645| [830109] Mandriva Update for apache-mod_perl MDKSA-2007:083 (apache-mod_perl)
11646| [802425] Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
11647| [802423] Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
11648| [802422] Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
11649| [802415] Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
11650| [802385] Apache Tomcat Request Object Security Bypass Vulnerability (Win)
11651| [802384] Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)
11652| [802378] Apache Tomcat Hash Collision Denial Of Service Vulnerability
11653| [801942] Apache Archiva Multiple Vulnerabilities
11654| [801940] Apache Struts2 'XWork' Information Disclosure Vulnerability
11655| [801663] Apache Struts2/XWork Remote Command Execution Vulnerability
11656| [801521] Apache APR-util 'buckets/apr_brigade.c' Denial Of Service Vulnerability
11657| [801284] Apache Derby Information Disclosure Vulnerability
11658| [801203] Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
11659| [800837] Apache 'mod_deflate' Denial Of Service Vulnerability - July09
11660| [800827] Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
11661| [800680] Apache APR Version Detection
11662| [800679] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
11663| [800678] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
11664| [800677] Apache Roller Version Detection
11665| [800279] Apache mod_jk Module Version Detection
11666| [800278] Apache Struts Cross Site Scripting Vulnerability
11667| [800277] Apache Tomcat mod_jk Information Disclosure Vulnerability
11668| [800276] Apache Struts Version Detection
11669| [800271] Apache Struts Directory Traversal Vulnerability
11670| [800024] Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
11671| [103333] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
11672| [103293] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
11673| [103122] Apache Web Server ETag Header Information Disclosure Weakness
11674| [103074] Apache Continuum Cross Site Scripting Vulnerability
11675| [103073] Apache Continuum Detection
11676| [103053] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
11677| [101023] Apache Open For Business Weak Password security check
11678| [101020] Apache Open For Business HTML injection vulnerability
11679| [101019] Apache Open For Business service detection
11680| [100924] Apache Archiva Cross Site Request Forgery Vulnerability
11681| [100923] Apache Archiva Detection
11682| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
11683| [100814] Apache Axis2 Document Type Declaration Processing Security Vulnerability
11684| [100813] Apache Axis2 Detection
11685| [100797] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
11686| [100795] Apache Derby Detection
11687| [100762] Apache CouchDB Cross Site Request Forgery Vulnerability
11688| [100725] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
11689| [100613] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
11690| [100514] Apache Multiple Security Vulnerabilities
11691| [100211] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
11692| [100172] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
11693| [100171] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
11694| [100130] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
11695| [72626] Debian Security Advisory DSA 2579-1 (apache2)
11696| [72612] FreeBSD Ports: apache22
11697| [71551] Gentoo Security Advisory GLSA 201206-25 (apache)
11698| [71550] Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
11699| [71512] FreeBSD Ports: apache
11700| [71485] Debian Security Advisory DSA 2506-1 (libapache-mod-security)
11701| [71256] Debian Security Advisory DSA 2452-1 (apache2)
11702| [71238] Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
11703| [70737] FreeBSD Ports: apache
11704| [70724] Debian Security Advisory DSA 2405-1 (apache2)
11705| [70600] FreeBSD Ports: apache
11706| [70253] FreeBSD Ports: apache, apache-event, apache-itk, apache-peruser, apache-worker
11707| [70235] Debian Security Advisory DSA 2298-2 (apache2)
11708| [70233] Debian Security Advisory DSA 2298-1 (apache2)
11709| [69988] Debian Security Advisory DSA 2279-1 (libapache2-mod-authnz-external)
11710| [69338] Debian Security Advisory DSA 2202-1 (apache2)
11711| [67868] FreeBSD Ports: apache
11712| [66816] FreeBSD Ports: apache
11713| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
11714| [66414] Mandriva Security Advisory MDVSA-2009:323 (apache)
11715| [66106] SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)
11716| [66081] SLES11: Security update for Apache 2
11717| [66074] SLES10: Security update for Apache 2
11718| [66070] SLES9: Security update for Apache 2
11719| [65998] SLES10: Security update for apache2-mod_python
11720| [65893] SLES10: Security update for Apache 2
11721| [65888] SLES10: Security update for Apache 2
11722| [65575] SLES9: Security update for apache2,apache2-prefork,apache2-worker
11723| [65510] SLES9: Security update for Apache 2
11724| [65472] SLES9: Security update for Apache
11725| [65467] SLES9: Security update for Apache
11726| [65450] SLES9: Security update for apache2
11727| [65390] SLES9: Security update for Apache2
11728| [65363] SLES9: Security update for Apache2
11729| [65309] SLES9: Security update for Apache and mod_ssl
11730| [65296] SLES9: Security update for webdav apache module
11731| [65283] SLES9: Security update for Apache2
11732| [65249] SLES9: Security update for Apache 2
11733| [65230] SLES9: Security update for Apache 2
11734| [65228] SLES9: Security update for Apache 2
11735| [65212] SLES9: Security update for apache2-mod_python
11736| [65209] SLES9: Security update for apache2-worker
11737| [65207] SLES9: Security update for Apache 2
11738| [65168] SLES9: Security update for apache2-mod_python
11739| [65142] SLES9: Security update for Apache2
11740| [65136] SLES9: Security update for Apache 2
11741| [65132] SLES9: Security update for apache
11742| [65131] SLES9: Security update for Apache 2 oes/CORE
11743| [65113] SLES9: Security update for apache2
11744| [65072] SLES9: Security update for apache and mod_ssl
11745| [65017] SLES9: Security update for Apache 2
11746| [64950] Mandrake Security Advisory MDVSA-2009:240 (apache)
11747| [64783] FreeBSD Ports: apache
11748| [64774] Ubuntu USN-802-2 (apache2)
11749| [64653] Ubuntu USN-813-2 (apache2)
11750| [64559] Debian Security Advisory DSA 1834-2 (apache2)
11751| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
11752| [64527] Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)
11753| [64526] Mandrake Security Advisory MDVSA-2009:183 (apache-mod_security)
11754| [64500] Mandrake Security Advisory MDVSA-2009:168 (apache)
11755| [64443] Ubuntu USN-802-1 (apache2)
11756| [64426] Gentoo Security Advisory GLSA 200907-04 (apache)
11757| [64423] Debian Security Advisory DSA 1834-1 (apache2)
11758| [64391] Mandrake Security Advisory MDVSA-2009:149 (apache)
11759| [64377] Mandrake Security Advisory MDVSA-2009:124-1 (apache)
11760| [64251] Debian Security Advisory DSA 1816-1 (apache2)
11761| [64201] Ubuntu USN-787-1 (apache2)
11762| [64140] Mandrake Security Advisory MDVSA-2009:124 (apache)
11763| [64136] Mandrake Security Advisory MDVSA-2009:102 (apache)
11764| [63565] FreeBSD Ports: apache
11765| [63562] Ubuntu USN-731-1 (apache2)
11766| [61381] Gentoo Security Advisory GLSA 200807-06 (apache)
11767| [61185] FreeBSD Ports: apache
11768| [60582] Gentoo Security Advisory GLSA 200803-19 (apache)
11769| [60387] Slackware Advisory SSA:2008-045-02 apache
11770| [58826] FreeBSD Ports: apache-tomcat
11771| [58825] FreeBSD Ports: apache-tomcat
11772| [58804] FreeBSD Ports: apache
11773| [58745] Gentoo Security Advisory GLSA 200711-06 (apache)
11774| [58360] Debian Security Advisory DSA 1312-1 (libapache-mod-jk)
11775| [57851] Gentoo Security Advisory GLSA 200608-01 (apache)
11776| [57788] Debian Security Advisory DSA 1247-1 (libapache-mod-auth-kerb)
11777| [57335] Debian Security Advisory DSA 1167-1 (apache)
11778| [57201] Debian Security Advisory DSA 1131-1 (apache)
11779| [57200] Debian Security Advisory DSA 1132-1 (apache2)
11780| [57168] Slackware Advisory SSA:2006-209-01 Apache httpd
11781| [57145] FreeBSD Ports: apache
11782| [56731] Slackware Advisory SSA:2006-129-01 Apache httpd
11783| [56729] Slackware Advisory SSA:2006-130-01 Apache httpd redux
11784| [56246] Gentoo Security Advisory GLSA 200602-03 (Apache)
11785| [56212] Debian Security Advisory DSA 952-1 (libapache-auth-ldap)
11786| [56115] Debian Security Advisory DSA 935-1 (libapache2-mod-auth-pgsql)
11787| [56067] FreeBSD Ports: apache
11788| [55803] Slackware Advisory SSA:2005-310-04 apache
11789| [55519] Debian Security Advisory DSA 839-1 (apachetop)
11790| [55392] Gentoo Security Advisory GLSA 200509-12 (Apache)
11791| [55355] FreeBSD Ports: apache
11792| [55284] Debian Security Advisory DSA 807-1 (libapache-mod-ssl)
11793| [55261] Debian Security Advisory DSA 805-1 (apache2)
11794| [55259] Debian Security Advisory DSA 803-1 (apache)
11795| [55129] Gentoo Security Advisory GLSA 200508-15 (apache)
11796| [54739] Gentoo Security Advisory GLSA 200411-18 (apache)
11797| [54724] Gentoo Security Advisory GLSA 200411-03 (apache)
11798| [54712] Gentoo Security Advisory GLSA 200410-21 (apache)
11799| [54689] Gentoo Security Advisory GLSA 200409-33 (net=www/apache)
11800| [54677] Gentoo Security Advisory GLSA 200409-21 (apache)
11801| [54610] Gentoo Security Advisory GLSA 200407-03 (Apache)
11802| [54601] Gentoo Security Advisory GLSA 200406-16 (Apache)
11803| [54590] Gentoo Security Advisory GLSA 200406-05 (Apache)
11804| [54582] Gentoo Security Advisory GLSA 200405-22 (Apache)
11805| [54529] Gentoo Security Advisory GLSA 200403-04 (Apache)
11806| [54499] Gentoo Security Advisory GLSA 200310-04 (Apache)
11807| [54498] Gentoo Security Advisory GLSA 200310-03 (Apache)
11808| [54439] FreeBSD Ports: apache
11809| [53931] Slackware Advisory SSA:2004-133-01 apache
11810| [53903] Slackware Advisory SSA:2004-299-01 apache, mod_ssl, php
11811| [53902] Slackware Advisory SSA:2004-305-01 apache+mod_ssl
11812| [53878] Slackware Advisory SSA:2003-308-01 apache security update
11813| [53851] Debian Security Advisory DSA 135-1 (libapache-mod-ssl)
11814| [53849] Debian Security Advisory DSA 132-1 (apache-ssl)
11815| [53848] Debian Security Advisory DSA 131-1 (apache)
11816| [53784] Debian Security Advisory DSA 021-1 (apache)
11817| [53738] Debian Security Advisory DSA 195-1 (apache-perl)
11818| [53737] Debian Security Advisory DSA 188-1 (apache-ssl)
11819| [53735] Debian Security Advisory DSA 187-1 (apache)
11820| [53703] Debian Security Advisory DSA 532-1 (libapache-mod-ssl)
11821| [53577] Debian Security Advisory DSA 120-1 (libapache-mod-ssl, apache-ssl)
11822| [53568] Debian Security Advisory DSA 067-1 (apache,apache-ssl)
11823| [53519] Debian Security Advisory DSA 689-1 (libapache-mod-python)
11824| [53433] Debian Security Advisory DSA 181-1 (libapache-mod-ssl)
11825| [53282] Debian Security Advisory DSA 594-1 (apache)
11826| [53248] Debian Security Advisory DSA 558-1 (libapache-mod-dav)
11827| [53224] Debian Security Advisory DSA 532-2 (libapache-mod-ssl)
11828| [53215] Debian Security Advisory DSA 525-1 (apache)
11829| [53151] Debian Security Advisory DSA 452-1 (libapache-mod-python)
11830| [52529] FreeBSD Ports: apache+ssl
11831| [52501] FreeBSD Ports: apache
11832| [52461] FreeBSD Ports: apache
11833| [52390] FreeBSD Ports: apache
11834| [52389] FreeBSD Ports: apache
11835| [52388] FreeBSD Ports: apache
11836| [52383] FreeBSD Ports: apache
11837| [52339] FreeBSD Ports: apache+mod_ssl
11838| [52331] FreeBSD Ports: apache
11839| [52329] FreeBSD Ports: ru-apache+mod_ssl
11840| [52314] FreeBSD Ports: apache
11841| [52310] FreeBSD Ports: apache
11842| [15588] Detect Apache HTTPS
11843| [15555] Apache mod_proxy content-length buffer overflow
11844| [15554] Apache mod_include priviledge escalation
11845| [14771] Apache <= 1.3.33 htpasswd local overflow
11846| [14177] Apache mod_access rule bypass
11847| [13644] Apache mod_rootme Backdoor
11848| [12293] Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
11849| [12280] Apache Connection Blocking Denial of Service
11850| [12239] Apache Error Log Escape Sequence Injection
11851| [12123] Apache Tomcat source.jsp malformed request information disclosure
11852| [12085] Apache Tomcat servlet/JSP container default files
11853| [11438] Apache Tomcat Directory Listing and File disclosure
11854| [11204] Apache Tomcat Default Accounts
11855| [11092] Apache 2.0.39 Win32 directory traversal
11856| [11046] Apache Tomcat TroubleShooter Servlet Installed
11857| [11042] Apache Tomcat DOS Device Name XSS
11858| [11041] Apache Tomcat /servlet Cross Site Scripting
11859| [10938] Apache Remote Command Execution via .bat files
11860| [10839] PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability
11861| [10773] MacOS X Finder reveals contents of Apache Web files
11862| [10766] Apache UserDir Sensitive Information Disclosure
11863| [10756] MacOS X Finder reveals contents of Apache Web directories
11864| [10752] Apache Auth Module SQL Insertion Attack
11865| [10704] Apache Directory Listing
11866| [10678] Apache /server-info accessible
11867| [10677] Apache /server-status accessible
11868| [10440] Check for Apache Multiple / vulnerability
11869|
11870| SecurityTracker - https://www.securitytracker.com:
11871| [1028865] Apache Struts Bugs Permit Remote Code Execution and URL Redirection Attacks
11872| [1028864] Apache Struts Wildcard Matching and Expression Evaluation Bugs Let Remote Users Execute Arbitrary Code
11873| [1028824] Apache mod_dav_svn URI Processing Flaw Lets Remote Users Deny Service
11874| [1028823] Apache Unspecified Flaw in mod_session_dbd Has Unspecified Impact
11875| [1028724] (HP Issues Fix for HP-UX) Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
11876| [1028722] (Red Hat Issues Fix for JBoss) Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
11877| [1028693] (Red Hat Issues Fix) Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
11878| [1028622] Apache Struts 'includeParams' Bugs Permit Remote Command Execution and Cross-Site Scripting Attacks
11879| [1028621] Apache Subversion Bugs Let Remote Authenticated Users Execute Arbitrary Commands and Deny Service
11880| [1028540] Apache mod_rewrite Input Validation Flaw Lets Remote Users Execute Arbitrary Commands
11881| [1028534] Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
11882| [1028533] Apache Tomcat Lack of Chunked Transfer Encoding Extension Size Limit Lets Remote Users Deny Service
11883| [1028532] Apache Tomcat AsyncListeners Bug May Disclose Information from One Request to Another User
11884| [1028515] Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
11885| [1028457] Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information
11886| [1028287] Apache CXF WSS4JInInterceptor Grants Service Access to Remote Users
11887| [1028286] Apache CXF WS-Security UsernameToken Processing Flaw Lets Remote Users Bypass Authentication
11888| [1028252] Apache Commons FileUpload Unsafe Temporary File Lets Local Users Gain Elevated Privileges
11889| [1028207] Apache Input Validation Bugs Permit Cross-Site Scripting Attacks
11890| [1027836] Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
11891| [1027834] Apache Tomcat Bug Lets Remote Users Bypass Cross-Site Request Forgery Prevention Filter
11892| [1027833] Apache Tomcat Bug Lets Remote Users Bypass Security Constraints
11893| [1027729] Apache Tomcat Header Processing Bug Lets Remote Users Deny Service
11894| [1027728] Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
11895| [1027554] Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions
11896| [1027508] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
11897| [1027421] Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
11898| [1027096] Apache Commons Compress BZip2CompressorOutputStream() Sorting Algorithm Lets Remote or Local Users Deny Service
11899| [1026932] Apache LD_LIBRARY_PATH Processing Lets Local Users Gain Elevated Privileges
11900| [1026928] Apache OFBiz Unspecified Flaw Lets Remote Users Execute Arbitrary Code
11901| [1026927] Apache OFBiz Input Validation Flaws Permit Cross-Site Scripting Attacks
11902| [1026847] Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service
11903| [1026846] Apache Wicket Discloses Hidden Application Files to Remote Users
11904| [1026839] Apache Wicket Input Validation Flaw in 'wicket:pageMapName' Parameter Permits Cross-Site Scripting Attacks
11905| [1026616] Apache Bugs Let Remote Users Deny Service and Obtain Cookie Data
11906| [1026575] Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands
11907| [1026484] Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code
11908| [1026477] Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service
11909| [1026402] Apache Struts Conversion Error Lets Remote Users Inject Arbitrary Commands
11910| [1026353] Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access Internal Servers
11911| [1026295] Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges
11912| [1026267] Apache .htaccess File Integer Overflow Lets Local Users Execute Arbitrary Code
11913| [1026144] Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers
11914| [1026095] Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks
11915| [1026054] Apache mod_proxy_ajp HTTP Processing Error Lets Remote Users Deny Service
11916| [1025993] Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information
11917| [1025976] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
11918| [1025960] Apache httpd Byterange Filter Processing Error Lets Remote Users Deny Service
11919| [1025925] Apache Tomcat Commons Daemon jsvc Lets Local Users Gain Elevated Privileges
11920| [1025924] Apache Tomcat XML Validation Flaw Lets Applications Obtain Potentially Sensitive Information
11921| [1025788] Apache Tomcat Lets Malicious Applications Obtain Information and Deny Service
11922| [1025755] Apache Santuario Buffer Overflow Lets Remote Users Deny Service
11923| [1025712] Apache Tomcat Discloses Passwords to Local Users in Certain Cases
11924| [1025577] Apache Archiva Input Validation Hole Permits Cross-Site Scripting Attacks
11925| [1025576] Apache Archiva Request Validation Flaw Permits Cross-Site Request Forgery Attacks
11926| [1025527] Apache APR Library apr_fnmatch() Flaw Lets Remote Users Execute Arbitrary Code
11927| [1025303] Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users
11928| [1025215] Apache Tomcat May Ignore @ServletSecurity Annotation Protections
11929| [1025066] Apache Continuum Input Validation Flaw Permits Cross-Site Request Forgery Attacks
11930| [1025065] Apache Continuum Input Validation Hole Permits Cross-Site Scripting Attacks
11931| [1025027] Apache Tomcat maxHttpHeaderSize Parsing Error Lets Remote Users Deny Service
11932| [1025026] Apache Tomcat Manager Input Validation Hole Permits Cross-Site Scripting Attacks
11933| [1025025] Apache Tomcat Security Manager Lets Local Users Bypass File Permissions
11934| [1024764] Apache Tomcat Manager Input Validation Hole in 'sessionList.jsp' Permits Cross-Site Scripting Attacks
11935| [1024417] Apache Traffic Server Insufficient Randomization Lets Remote Users Poison the DNS Cache
11936| [1024332] Apache mod_cache and mod_dav Request Processing Flaw Lets Remote Users Deny Service
11937| [1024180] Apache Tomcat 'Transfer-Encoding' Header Processing Flaw Lets Remote Users Deny Service and Obtain Potentially Sensitive Information
11938| [1024096] Apache mod_proxy_http May Return Results for a Different Request
11939| [1023942] Apache mod_proxy_ajp Error Condition Lets Remote Users Deny Service
11940| [1023941] Apache ap_read_request() Memory Error May Let Remote Users Access Potentially Sensitive Information
11941| [1023778] Apache ActiveMQ Input Validation Flaw Permits Cross-Site Scripting Attacks
11942| [1023701] Apache mod_isapi Error Processing Flaw May Let Remote Users Deny Service
11943| [1023533] Apache mod_proxy Integer Overflow May Let Remote Users Execute Arbitrary Code
11944| [1022988] Apache Solaris Support Code Bug Lets Remote Users Deny Service
11945| [1022529] Apache mod_deflate Connection State Bug Lets Remote Users Deny Service
11946| [1022509] Apache mod_proxy stream_reqbody_cl() Infinite Loop Lets Remote Users Deny Service
11947| [1022296] Apache IncludesNoExec Options Restrictions Can Be Bypass By Local Users
11948| [1022264] Apache mod_proxy_ajp Bug May Disclose Another User's Response Data
11949| [1022001] Apache Tomcat mod_jk May Disclose Responses to the Wrong User
11950| [1021988] mod_perl Input Validation Flaw in Apache::Status and Apache2::Status Permits Cross-Site Scripting Attacks
11951| [1021350] NetWare Bug Lets Remote Users Access the ApacheAdmin Console
11952| [1020635] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
11953| [1020520] Oracle WebLogic Apache Connector Lets Remote Users Execute Arbitrary Code
11954| [1020267] Apache mod_proxy Interim Response Process Bug Lets Remote Users Deny Service
11955| [1019784] Apache-SSL Certificate Processing Bug May Let Remote Users View Portions of Kernel Memory
11956| [1019256] Apache mod_negotiation Input Validation Hole Permits Cross-Site Scripting Attacks
11957| [1019194] Apache Input Validation Hole in Mod_AutoIndex When the Character Set is Undefined May Permit Cross-Site Scripting Attacks
11958| [1019185] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
11959| [1019154] Apache Input Validation Hole in mod_status Permits Cross-Site Scripting Attacks
11960| [1019093] Apache Input Validation Hole in mod_imap Permits Cross-Site Scripting Attacks
11961| [1019030] Apache Input Validation Hole in Default HTTP 413 Error Page Permits Cross-Site Scripting Attacks
11962| [1018633] Apache mod_proxy Bug Lets Remote Users Deny Service
11963| [1018304] Apache HTTPD scoreboard Protection Flaw Lets Local Users Terminate Arbitrary Processes
11964| [1018303] Apache HTTPD mod_cache May Let Remote Users Deny Service
11965| [1018302] Apache mod_status Input Validation Hole Permits Cross-Site Scripting Attacks
11966| [1018269] Apache Tomcat Input Validation Hole in Processing Accept-Language Header Permits Cross-Site Scripting Attacks
11967| [1017904] Apache suEXEC Bugs May Let Local Users Gain Elevated Privileges
11968| [1017719] Apache Tomcat JK Web Server Connector Buffer Overflow in map_uri_to_worker() Lets Remote Users Execute Arbitrary Code
11969| [1017062] Apache mod_tcl Format String Bug in set_var() Function May Let Remote Users Execute Arbitrary Code
11970| [1016601] Apache mod_rewrite Off-by-one Error Lets Remote Users Execute Arbitrary Code
11971| [1016576] Apache Tomcat Discloses Directory Listings to Remote Users
11972| [1015447] Apache mod_ssl Null Pointer Dereference May Let Remote Users Deny Service
11973| [1015344] Apache mod_imap Input Validation Flaw in Referer Field Lets Remote Users Conduct Cross-Site Scripting Attacks
11974| [1015093] Apache Memory Leak in MPM 'worker.c' Code May Let Remote Users Deny Service
11975| [1014996] ApacheTop Unsafe Temporary File May Let Local Users Gain Elevated Privileges
11976| [1014833] Apache ssl_hook_Access() Function May Fail to Verify Client Certificates
11977| [1014826] Apache Memory Leak in 'byterange filter' Lets Remote Users Deny Service
11978| [1014575] Apache mod_ssl Off-by-one Buffer Overflow in Processing CRLs May Let Remote Users Deny Service
11979| [1014323] Apache Chunked Transfer-Encoding and Content-Length Processing Lets Remote Users Smuggle HTTP Requests
11980| [1013156] Apache mod_python Publisher Handler Discloses Information to Remote Users
11981| [1012829] Apache mod_auth_radius radcpy() Integer Overflow Lets Remote Users Deny Service in Certain Cases
11982| [1012416] Apache on Apple OS X Lets Remote Users Bypass Apache File Handlers and Directly Access Files
11983| [1012415] Apache on Apple HFS+ Filesystems May Disclose '.DS_Store' Files to Remote Users
11984| [1012414] Apache mod_digest_apple Lets Remote Users Replay Authentication Credentials
11985| [1012083] Apache Web Server Error in Processing Requests With Many Space Characters Lets Remote Users Deny Service
11986| [1011783] Apache mod_include Buffer Overflow Lets Local Users Execute Arbitrary Code
11987| [1011557] Apache mod_ssl SSLCipherSuite Directive Can By Bypassed in Certain Cases
11988| [1011385] Apache Satsify Directive Error May Let Remote Users Access Restricted Resources
11989| [1011340] Apache SSL Connection Abort State Error Lets Remote Users Deny Service
11990| [1011303] Apache ap_resolve_env() Buffer Overflow in Reading Configuration Files May Let Local Users Gain Elevated Privileges
11991| [1011299] Apache IPv6 Address Parsing Flaw May Let Remote Users Deny Service
11992| [1011248] Apache mod_dav LOCK Method Error May Let Remote Users Deny Service
11993| [1011213] Apache mod_ssl Can Be Crashed By Remote Users When Reverse Proxying SSL Connections
11994| [1010674] Apache Can Be Crashed By PHP Code Invoking Nested Remote Sockets
11995| [1010599] Apache httpd Header Line Memory Allocation Lets Remote Users Crash the Server
11996| [1010462] Apache mod_proxy Buffer Overflow May Let Remote Users Execute Arbitrary Code
11997| [1010322] Apache mod_ssl Stack Overflow in ssl_util_uuencode_binary() May Let Remote Users Execute Arbitrary Code
11998| [1010270] cPanel Apache mod_phpsuexec Options Let Local Users Gain Elevated Privileges
11999| [1009934] Apache Web Server Has Buffer Overflow in ebcdic2ascii() on Older Processor Architectures
12000| [1009516] Apache mod_survey HTML Report Format Lets Remote Users Conduct Cross-Site Scripting Attacks
12001| [1009509] Apache mod_disk_cache Stores Authentication Credentials on Disk
12002| [1009495] Apache Web Server Socket Starvation Flaw May Let Remote Users Deny Service
12003| [1009417] GroupWise WebAccess With Apache on NetWare Has Configuration Flaw That May Grant Web Access to Remote Users
12004| [1009338] Apache mod_access Parsing Flaw May Fail to Enforce Allow/Deny Rules
12005| [1009337] Apache mod_ssl Memory Leak Lets Remote Users Crash the Daemon
12006| [1009182] Apache for Cygwin '..%5C' Input Validation Flaw Discloses Files to Remote Users
12007| [1008973] PHP May Apply Incorrect php_admin_* Settings To Requests for Apache Virtual Hosts
12008| [1008967] Apache-SSL 'SSLFakeBasicAuth' Lets Remote Users Forge Client Certificates to Be Authenticated
12009| [1008920] Apache mod_digest May Validate Replayed Client Responses
12010| [1008828] Apache mod_python String Processing Bug Still Lets Remote Users Crash the Web Server
12011| [1008822] Apache mod_perl File Descriptor Leak May Let Local Users Hijack the http and https Services
12012| [1008675] mod_auth_shadow Apache Module Authenticates Expired Passwords
12013| [1008559] Apache mod_php File Descriptor Leak May Let Local Users Hijack the https Service
12014| [1008335] Apache mod_python String Processing Bug Lets Remote Users Crash the Web Server
12015| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
12016| [1008030] Apache mod_rewrite Contains a Buffer Overflow
12017| [1008029] Apache mod_alias Contains a Buffer Overflow
12018| [1008028] Apache mod_cgid May Disclose CGI Output to Another Client
12019| [1007995] Apache Cocoon Forms May Let Remote Users Execute Arbitrary Java Code on the System
12020| [1007993] Apache Cocoon 'view-source' Sample Script Discloses Files to Remote Users
12021| [1007823] Apache Web Server mod_cgi Error May Let Malicious CGI Scripts Crash the Web Service
12022| [1007664] Apache::Gallery Unsafe Temporary Files May Let Local Users Gain Apache Web Server Privileges
12023| [1007557] Apache Web Server Does Not Filter Terminal Escape Sequences From Log Files
12024| [1007230] Apache HTTP Server 'rotatelogs' Bug on Win32 and OS/2 May Cause the Logging to Stop
12025| [1007146] Apache HTTP Server FTP Proxy Bug May Cause Denial of Service Conditions
12026| [1007145] Apache 'accept()' Errors May Cause Denial of Service Conditions
12027| [1007144] Apache Web Server 'type-map' File Error Permits Local Denial of Service Attacks
12028| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
12029| [1006864] Apache Web Server Can Be Crashed By Remote Users Via mod_dav Flaws and Also Via Basic Authentication
12030| [1006709] Apache mod_survey Input Validation Flaw Lets Remote Users Fill Up Disk Space
12031| [1006614] Apache mod_ntlm Buffer Overflow and Format String Flaw Let Remote Users Execute Arbitary Code
12032| [1006591] Apache mod_access_referer Module Null Pointer Dereference May Faciliate Denial of Service Attacks
12033| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
12034| [1006021] Apache Tomcat Server URL Parsing Error May Disclose Otherwise Inaccessible Web Directory Listings and Files to Remote Users
12035| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
12036| [1005962] Apache Web Server Path Parsing Flaw May Allow Remote Users to Execute Code in Certain Configurations
12037| [1005848] Apache 'printenv' Script Input Validation Bugs in Older Versions May Let Remote Users Conduct Cross-Site Scripting Attacks
12038| [1005765] Apache mod_jk Module Processing Bug When Used With Tomcat May Disclose Information to Remote Users or Crash
12039| [1005548] Apache mod_php Module May Allow Local Users to Gain Control of the Web Port
12040| [1005499] Apache Web Server (2.0.42) May Disclose CGI Source Code to Remote Users When Used With WebDAV
12041| [1005410] Apache Tomcat Java Servlet Engine Can Be Crashed Via Multiple Requests for DOS Device Names
12042| [1005351] Apache Web Server (1.3.x) Shared Memory Scoreboard Bug Lets Certain Local Users Issue Signals With Root Privileges
12043| [1005331] Apache Web Server (2.x) SSI Server Signature Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
12044| [1005290] Apache Tomcat Java Server Default Servlet Returns JSP Source Code to Remote Users
12045| [1005285] Apache Web Server 'mod_dav' Has Null Pointer Bug That May Allow Remote Users to Cause Denial of Service Conditions
12046| [1005010] Apache Web Server (2.0) Has Unspecified Flaw That Allows Remote Users to Obtain Sensitive Data and Cause Denial of Service Conditions
12047| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
12048| [1004745] Apache Tomcat Java Server Allows Cross-Site Scripting Attacks
12049| [1004636] Apache mod_ssl 'Off-by-One' Bug May Let Local Users Crash the Web Server or Possibly Execute Arbitrary Code
12050| [1004602] Apache Tomcat Java Server for Windows Can Be Crashed By Remote Users Sending Malicious Requests to Hang All Available Working Threads
12051| [1004586] Apache Tomcat Java Server May Disclose the Installation Path to Remote Users
12052| [1004555] Apache Web Server Chunked Encoding Flaw May Let Remote Users Execute Arbitrary Code on the Server
12053| [1004209] Apache 'mod_python' Python Language Interpreter Bug in Publisher Handler May Allow Remote Users to Modify Files on the System
12054| [1003874] Apache Web Server for Windows Has Batch File Processing Hole That Lets Remote Users Execute Commands on the System
12055| [1003767] 'mod_frontpage' Module for Apache Web Server Has Buffer Overlow in 'fpexec.c' That Allows Remote Users to Execute Arbitrary Code on the System with Root Privileges
12056| [1003723] Apache-SSL for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
12057| [1003664] 'mod_ssl' Security Package for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
12058| [1003602] GNUJSP Java Server Pages Implementation Discloses Web Files and Source Code to Remote Users and Bypasses Apache Access Control Restrictions
12059| [1003465] PHP for Apache Web Server May Disclose Installation Path Information to Remote Users Making 'OPTIONS' Requests
12060| [1003451] Oracle Application Server PL/SQL Module for Apache Has Buffer Overflows That Allow Remote Users to Execute Arbitrary Code and Gain Access to the Server
12061| [1003131] Apache Web Server in Virtual Hosting Mode Can Be Crashed By a Local User Removing a Log Directory
12062| [1003104] PHP.EXE Windows CGI for Apache Web Server May Let Remote Users View Files on the Server Due to Configuration Error
12063| [1003008] Apache 'mod_bf' Module Lets Remote Users Execute Arbitrary Code
12064| [1002629] Apache suEXEC Wrapper Fails to Observe Minimum Group ID Security Settings in Certain Situations
12065| [1002542] Apache Web Server Virtual Hosting Split-Logfile Function Lets Remote Users Write Log Entries to Arbitrary Files on the System
12066| [1002400] Apache mod_gzip Module Has Buffer Overflow That Can Be Exploited By Local Users to Gain Elevated Privileges
12067| [1002303] Several 3rd Party Apache Authentication Modules Allow Remote Users to Execute Arbitrary Code to Gain Access to the System or Execute Stored Procedures to Obtain Arbitrary Database Information
12068| [1002188] Apache Web Server Discloses Internal IP Addresses to Remote Users in Certain Configurations
12069| [1001989] Apache Web Server May Disclose Directory Contents Even If an Index.html File is Present in the Directory
12070| [1001719] Apache Web Server on Mac OS X Client Fails to Enforce File and Directory Access Protections, Giving Remote Users Access to Restricted Pages
12071| [1001572] Apache Web Server on Microsoft Windows Platforms Allows Remote Users to Crash the Web Server
12072| [1001304] Apache Web Server for Windows Lets Remote Users Crash the Web Server Application
12073| [1001083] Apache Web Server May Display Directory Index Listings Even if Directory Listings Are Disabled
12074|
12075| OSVDB - http://www.osvdb.org:
12076| [96078] Apache CloudStack Infrastructure Menu Setup Network Multiple Field XSS
12077| [96077] Apache CloudStack Global Settings Multiple Field XSS
12078| [96076] Apache CloudStack Instances Menu Display Name Field XSS
12079| [96075] Apache CloudStack Instances Menu Add Instances Network Name Field XSS
12080| [96074] Apache CloudStack Instances Menu Add Instances Review Step Multiple Field XSS
12081| [96031] Apache HTTP Server suEXEC Symlink Arbitrary File Access
12082| [95888] Apache Archiva Single / Double Quote Character Handling XSS Weakness
12083| [95885] Apache Subversion mod_dav_svn Module Crafted HTTP Request Handling Remote DoS
12084| [95706] Apache OpenOffice.org (OOo) OOXML Document File XML Element Handling Memory Corruption
12085| [95704] Apache OpenOffice.org (OOo) DOC File PLCF Data Handling Memory Corruption
12086| [95603] Apache Continuum web/util/GenerateRecipentNotifier.java recipient Parameter XSS
12087| [95602] Apache Continuum web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml Multiple Parameter XSS
12088| [95601] Apache Continuum web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
12089| [95600] Apache Continuum web/action/ScheduleAction-saveSchedule-validation.xml Multiple Parameter XSS
12090| [95599] Apache Continuumweb/action/BuildDefinitionAction-saveBuildDefinition-validation.xml Multiple Parameter XSS
12091| [95598] Apache Continuum web/action/AddProjectAction-addProject-validation.xml Multiple Parameter XSS
12092| [95597] Apache Continuum web/action/ProjectEditAction-projectSave-validation.xml Multiple Parameter XSS
12093| [95596] Apache Continuum web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
12094| [95595] Apache Continuum web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml Multiple Parameter XSS
12095| [95594] Apache Continuum web/action/ProjectGroupAction.java Multiple Parameter XSS
12096| [95593] Apache Continuum web/action/AddProjectGroupAction.java Multiple Parameter XSS
12097| [95592] Apache Continuum web/action/AddProjectAction.java Multiple Parameter XSS
12098| [95523] Apache OFBiz Webtools Application View Log Screen Unspecified XSS
12099| [95522] Apache OFBiz Nested Expression Evaluation Arbitrary UEL Function Execution
12100| [95521] Apache HTTP Server mod_session_dbd Session Saving Unspecified Issue
12101| [95498] Apache HTTP Server mod_dav.c Crafted MERGE Request Remote DoS
12102| [95406] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Arbitrary Site Redirect
12103| [95405] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Remote Code Execution
12104| [95011] Apache CXF XML Parser SOAP Message Handling CPU Resource Exhaustion Remote DoS
12105| [94705] Apache Geronimo RMI Classloader Exposure Serialized Object Handling Remote Code Execution
12106| [94651] Apache Santuario (XML Security for C++) XML Signature CanonicalizationMethod Parameter Spoofing Weakness
12107| [94636] Apache Continuum workingCopy.action userDirectory Traversal Arbitrary File Access
12108| [94635] Apache Maven SCM SvnCommandlineUtils Process Listing Local Password Disclosure
12109| [94632] Apache Maven Wagon SSH (wagon-ssh) Host Verification Failure MitM Weakness
12110| [94625] Apache Santuario (XML Security for C++) XML Signature Reference Crafted XPointer Expression Handling Heap Buffer Overflow
12111| [94618] Apache Archiva /archiva/security/useredit.action username Parameter XSS
12112| [94617] Apache Archiva /archiva/security/roleedit.action name Parameter XSS
12113| [94616] Apache Archiva /archiva/security/userlist!show.action roleName Parameter XSS
12114| [94615] Apache Archiva /archiva/deleteArtifact!doDelete.action groupId Parameter XSS
12115| [94614] Apache Archiva /archiva/admin/addLegacyArtifactPath!commit.action legacyArtifactPath.path Parameter XSS
12116| [94613] Apache Archiva /archiva/admin/addRepository.action Multiple Parameter XSS
12117| [94612] Apache Archiva /archiva/admin/editAppearance.action Multiple Parameter XSS
12118| [94611] Apache Archiva /archiva/admin/addLegacyArtifactPath.action Multiple Parameter XSS
12119| [94610] Apache Archiva /archiva/admin/addNetworkProxy.action Multiple Parameter XSS
12120| [94403] Apache Santuario (XML Security for C++) InclusiveNamespace PrefixList Processing Heap Overflow
12121| [94402] Apache Santuario (XML Security for C++) HMAC-based XML Signature Processing DoS
12122| [94401] Apache Santuario (XML Security for C++) XPointer Evaluation Stack Overflow
12123| [94400] Apache Santuario (XML Security for C++) HMAC-Based XML Signature Reference Element Validation Spoofing Weakness
12124| [94279] Apache Qpid CA Certificate Validation Bypass
12125| [94275] Apache Solr JettySolrRunner.java Can Not Find Error Message XSS
12126| [94233] Apache OpenJPA Object Deserialization Arbitrary Executable Creation
12127| [94042] Apache Axis JAX-WS Java Unspecified Exposure
12128| [93969] Apache Struts OGNL Expression Handling Double Evaluation Error Remote Command Execution
12129| [93796] Apache Subversion Filename Handling FSFS Repository Corruption Remote DoS
12130| [93795] Apache Subversion svnserve Server Aborted Connection Message Handling Remote DoS
12131| [93794] Apache Subversion contrib/hook-scripts/check-mime-type.pl svnlook Hyphenated argv Argument Handling Remote DoS
12132| [93793] Apache Subversion contrib/hook-scripts/svn-keyword-check.pl Filename Handling Remote Command Execution
12133| [93646] Apache Struts Crafted Parameter Arbitrary OGNL Code Execution
12134| [93645] Apache Struts URL / Anchor Tag includeParams Attribute Remote Command Execution
12135| [93636] Apache Pig Multiple Physical Operator Memory Exhaustion Remote Remote DoS
12136| [93635] Apache Wink DTD (Document Type Definition) Expansion Data Parsing Information Disclosure
12137| [93605] RT Apache::Session::File Session Replay Reuse Information Disclosure
12138| [93599] Apache Derby SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY Boot Password Manipulation Re-encryption Failure Password Corruption
12139| [93555] Apache Commons Codec Invalid Base32 String Information Tunneling Weakness
12140| [93554] Apache HBase bulkLoadHFiles() Method ACL Bypass
12141| [93543] JBoss Enterprise Application Platform org.apache.catalina.connector.Response.encodeURL() Method MitM jsessionid Disclosure
12142| [93542] Apache ManifoldCF (Connectors Framework) org.apache.manifoldcf.crawler.ExportConfiguration Class Configuration Export Password Disclosure
12143| [93541] Apache Solr json.wrf Callback XSS
12144| [93524] Apache Hadoop GetSecurityDescriptorControl() Function Absolute Security Descriptor Handling NULL Descriptor Weakness
12145| [93521] Apache jUDDI Security API Token Session Persistence Weakness
12146| [93520] Apache CloudStack Default SSL Key Weakness
12147| [93519] Apache Shindig /ifr Cross-site Arbitrary Gadget Invocation
12148| [93518] Apache Solr /admin/analysis.jsp name Parameter XSS
12149| [93517] Apache CloudStack setup-cloud-management /etc/sudoers Modification Local Privilege Escalation
12150| [93516] Apache CXF UsernameTokenInterceptor Nonce Caching Replay Weakness
12151| [93515] Apache HBase table.jsp name Parameter XSS
12152| [93514] Apache CloudStack Management Server Unauthenticated Remote JMX Connection Default Setting Weakness
12153| [93463] Apache Struts EL / OGNL Interpretation Unspecified Remote Code Execution
12154| [93462] Apache CXF WS-SecurityPolicy AlgorithmSuite Arbitrary Ciphertext Decryption Weakness
12155| [93401] Apache Hadoop core-site.xml Permission Weakness Local Alfredo Secret Disclosure
12156| [93400] Apache Hadoop Map/Reduce Job Log Directory Symlink Arbitrary File Mode Manipulation
12157| [93397] Apache Wicket Referrer HTTP Header Session ID Disclosure
12158| [93366] Apache HTTP Server modules/mappers/mod_rewrite.c do_rewritelog() Function Log File Terminal Escape Sequence Filtering Remote Command Execution
12159| [93254] Apache Tomcat AsyncListener Method Cross-session Information Disclosure
12160| [93253] Apache Tomcat Chunked Transfer Encoding Data Saturation Remote DoS
12161| [93252] Apache Tomcat FORM Authenticator Session Fixation
12162| [93172] Apache Camel camel/endpoints/ Endpoint XSS
12163| [93171] Apache Sling HtmlResponse Error Message XSS
12164| [93170] Apache Directory DelegatingAuthenticator MitM Spoofing Weakness
12165| [93169] Apache Wave AuthenticationServlet.java Session Fixation Weakness
12166| [93168] Apache Click ErrorReport.java id Parameter XSS
12167| [93167] Apache ActiveMQ JMSXUserId Spoofing Weakness
12168| [93166] Apache CXF Crafted Message Element Count Handling System Resource Exhaustion Remote DoS
12169| [93165] Apache CXF Crafted Message Element Level Handling System Resource Exhaustion Remote DoS
12170| [93164] Apache Harmony DatagramSocket Class connect Method CheckAccept() IP Blacklist Bypass
12171| [93163] Apache Hadoop Map/Reduce Daemon Symlink Arbitrary File Overwrite
12172| [93162] Apache VelocityStruts struts/ErrorsTool.getMsgs Error Message XSS
12173| [93161] Apache CouchDB Rewriter VM Atom Table Memory Exhaustion Remote DoS
12174| [93158] Apache Wicket BookmarkablePageLink Feature XSS CSRF
12175| [93157] Apache Struts UrlHelper.java s:url includeParams Functionality XSS
12176| [93156] Apache Tapestry Calendar Component datefield.js datefield Parameter XSS
12177| [93155] Apache Struts fielderror.ftl fielderror Parameter Error Message XSS
12178| [93154] Apache JSPWiki Edit.jsp createPages WikiPermission Bypass
12179| [93153] Apache PDFBox PDFXrefStreamParser Missing Element Handling PDF Parsing DoS
12180| [93152] Apache Hadoop HttpServer.java Multiple Function XSS
12181| [93151] Apache Shiro Search Filter userName Parameter LDAP Code Injection Weakness
12182| [93150] Apache Harmony java.net.SocketPermission Class boolean equals Function checkConnect() Weakness Host Name Retrieval
12183| [93149] Apache Harmony java.security.Provider Class void load Function checkSecurityAccess() Weakness
12184| [93148] Apache Harmony java.security.ProtectionDomain Class java.lang.String.toString() Function checkPermission() Weakness
12185| [93147] Apache Harmony java.net.URLConnection openConnection Function checkConnect Weakness Proxy Connection Permission Bypass
12186| [93146] Apache Harmony java.net.ServerSocket Class void implAccept Function checkAccept() Weakness SerSocket Subclass Creation
12187| [93145] Apache Qpid JMS Client Detached Session Frame Handling NULL Pointer Dereference Remote DoS
12188| [93144] Apache Solr Admin Command Execution CSRF
12189| [93009] Apache VCL XMLRPC API Unspecified Function Remote Privilege Escalation
12190| [93008] Apache VCL Web GUI Unspecified Remote Privilege Escalation
12191| [92997] Apache Commons Codec org.apache.commons.codec.net.URLCodec Fields Missing 'final' Thread-safety Unspecified Issue
12192| [92976] Apache ActiveMQ scheduled.jsp crontab Command XSS
12193| [92947] Apache Commons Codec org.apache.commons.codec.language.Soundex.US_ENGLISH_MAPPING Missing MS_PKGPROTECT Field Manipulation Unspecified Issue
12194| [92749] Apache CloudStack Predictable Hash Virtual Machine Console Console Access URL Generation
12195| [92748] Apache CloudStack VM Console Access Restriction Bypass
12196| [92709] Apache ActiveMQ Web Console Unauthenticated Remote Access
12197| [92708] Apache ActiveMQ Sample Web Application Broker Resource Consumption Remote DoS
12198| [92707] Apache ActiveMQ webapp/websocket/chat.js Subscribe Message XSS
12199| [92706] Apache ActiveMQ Debug Log Rendering XSS
12200| [92705] Apache ActiveMQ PortfolioPublishServlet.java refresh Parameter XSS
12201| [92270] Apache Tomcat Unspecified CSRF
12202| [92094] Apache Subversion mod_dav_svn Module Nonexistent URL Lock Request Handling NULL Pointer Dereference Remote DoS
12203| [92093] Apache Subversion mod_dav_svn Module Activity URL PROPFIND Request Handling NULL Pointer Dereference Remote DoS
12204| [92092] Apache Subversion mod_dav_svn Module Log REPORT Request Handling NULL Pointer Dereference Remote DoS
12205| [92091] Apache Subversion mod_dav_svn Module Node Property Handling Resource Exhaustion Remote DoS
12206| [92090] Apache Subversion mod_dav_svn Module Activity URL Lock Request Handling NULL Pointer Dereference Remote DoS
12207| [91774] Apache Commons Codec Unspecified Non-private Field Manipulation Weakness
12208| [91628] mod_ruid2 for Apache HTTP Server fchdir() Inherited File Descriptor chroot Restriction Bypass
12209| [91328] Apache Wicket $up$ Traversal Arbitrary File Access
12210| [91295] Apple Mac OS X Apache Unicode Character URI Handling Authentication Bypass
12211| [91235] Apache Rave /app/api/rpc/users/get User Object Hashed Password Remote Disclosure
12212| [91185] Munin Default Apache Configuration Permission Weakness Remote Information Disclosure
12213| [91173] Apache Wicket WebApplicationPath Constructor Bypass /WEB-INF/ Directory File Access
12214| [91172] Apache Wicket PackageResourceGuard File Extension Filter Bypass
12215| [91025] Apache Qpid qpid::framing::Buffer Class Multiple Method Out-of-bounds Access Remote DoS
12216| [91024] Apache Qpid federation_tag Attribute Handling Federated Interbroker Link Access Restriction Bypass
12217| [91023] Apache Qpid AMQP Type Decoder Exposure Array Size Value Handling Memory Consumption Remote DoS
12218| [91022] Apache Qpid qpid/cpp/include/qpid/framing/Buffer.h qpid::framing::Buffer::checkAvailable() Function Integer Overflow
12219| [90986] Apache Jena ARQ INSERT DATA Request Handling Overflow
12220| [90907] Apache Subversion mod_dav_svn / libsvn_fs svn_fs_file_length() Function MKACTIVITY / PROPFIND Option Request Handling Remote DoS
12221| [90906] Apache Commons FileUpload /tmp Storage Symlink Arbitrary File Overwrite
12222| [90864] Apache Batik 1xx Redirect Script Origin Restriction Bypass
12223| [90858] Apache Ant Malformed TAR File Handling Infinite Loop DoS
12224| [90852] Apache HTTP Server for Debian apachectl /var/lock Permission Weakness Symlink Directory Permission Manipulation
12225| [90804] Apache Commons CLI Path Subversion Local Privilege Escalation
12226| [90802] Apache Avro Recursive Schema Handling Infinite Recursion DoS
12227| [90592] Apache Batik ApplicationSecurityEnforcer.java Multiple Method Security Restriction Bypass
12228| [90591] Apache Batik XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
12229| [90565] Apache Tomcat Log Directory Permission Weakness Local Information Disclosure
12230| [90564] Apache Maven / Maven Wagon SSL Certificate Validation MitM Spoofing Weakness
12231| [90557] Apache HTTP Server mod_proxy_balancer balancer-manager Interface Multiple Parameter XSS
12232| [90556] Apache HTTP Server Multiple Module Multiple Parameter XSS
12233| [90276] Apache Axis2 axis2.xml Plaintext Password Local Disclosure
12234| [90249] Apache Axiom ClassLoader XMLInputFactory / XMLOutputFactory Construction Unspecified Issue
12235| [90235] Apache Commons HttpClient Certificate Wildcard Matching Weakness
12236| [90079] Apache CXF WSS4JInInterceptor URIMappingInterceptor WS-Security SOAP Service Access Restriction Bypass
12237| [90078] Apache CXF WS-SecurityPolicy Enabled Plaintext UsernameTokens Handling Authentication Bypass
12238| [89453] Apache Open For Business Project (OFBiz) Screenlet.title Widget Attribute XSS
12239| [89452] Apache Open For Business Project (OFBiz) Image.alt Widget Attribute XSS
12240| [89294] Apache CouchDB Futon UI Browser-based Test Suite Query Parameter XSS
12241| [89293] Apache CouchDB Unspecified Traversal Arbitrary File Access
12242| [89275] Apache HTTP Server mod_proxy_ajp Module Expensive Request Parsing Remote DoS
12243| [89267] Apache CouchDB JSONP Callback Handling Unspecified XSS
12244| [89146] Apache CloudStack Master Server log4j.conf SSH Private Key / Plaintext Password Disclosure
12245| [88603] Apache OpenOffice.org (OOo) Unspecified Information Disclosure
12246| [88602] Apache OpenOffice.org (OOo) Unspecified Manifest-processing Issue
12247| [88601] Apache OpenOffice.org (OOo) Unspecified PowerPoint File Handling Issue
12248| [88285] Apache Tomcat Partial HTTP Request Saturation Remote DoS
12249| [88095] Apache Tomcat NIO Connector Terminated Connection Infinte Loop DoS
12250| [88094] Apache Tomcat FORM Authentication Crafted j_security_check Request Security Constraint Bypass
12251| [88093] Apache Tomcat Null Session Requst CSRF Prevention Filter Bypass
12252| [88043] IBM Tivoli Netcool/Reporter Apache CGI Unspecified Remote Command Execution
12253| [87580] Apache Tomcat DIGEST Authentication Session State Caching Authentication Bypass Weakness
12254| [87579] Apache Tomcat DIGEST Authentication Stale Nonce Verification Authentication Bypass Weakness
12255| [87477] Apache Tomcat Project Woodstock Service Error Page UTF-7 XSS Weakness
12256| [87227] Apache Tomcat InternalNioInputBuffer.java parseHeaders() Function Request Header Size Parsing Remote DoS
12257| [87223] Apache Tomcat DIGEST Authentication replay-countermeasure Functionality cnonce / cn Verification Authentication Bypass Weakness
12258| [87160] Apache Commons HttpClient X.509 Certificate Domain Name Matching MiTM Weakness
12259| [87159] Apache CXF X.509 Certificate Domain Name Matching MiTM Weakness
12260| [87150] Apache Axis / Axis2 X.509 Certificate Domain Name Matching MiTM Weakness
12261| [86902] Apache HTTP Server 3xx Redirect Internal IP Address Remote Disclosure
12262| [86901] Apache Tomcat Error Message Path Disclosure
12263| [86684] Apache CloudStack Unauthorized Arbitrary API Call Invocation
12264| [86556] Apache Open For Business Project (OFBiz) Unspecified Issue
12265| [86503] Visual Tools VS home/apache/DiskManager/cron/init_diskmgr Local Command Execution
12266| [86401] Apache ActiveMQ ResourceHandler Traversal Arbitrary File Access
12267| [86225] Apache Axis2 XML Signature Wrapping (XSW) Authentication Bypass
12268| [86206] Apache Axis2 Crafted SAML Assertion Signature Exclusion Attack Authentication Bypass
12269| [85722] Apache CXF SOAP Request Parsing Access Restriction Bypass
12270| [85704] Apache Qpid Incoming Client Connection Saturation Remote DoS
12271| [85474] Eucalyptus Apache Santuario (XML Security for Java) Library XML Signature Transform Handling DoS
12272| [85430] Apache mod_pagespeed Module Unspecified XSS
12273| [85429] Apache mod_pagespeed Module Hostname Verification Cross-host Resource Disclosure
12274| [85249] Apache Wicket Unspecified XSS
12275| [85236] Apache Hadoop conf/hadoop-env.sh Temporary File Symlink Arbitrary File Manipulation
12276| [85090] Apache HTTP Server mod_proxy_ajp.c mod_proxy_ajp Module Proxy Functionality Cross-client Information Disclosure
12277| [85089] Apache HTTP Server mod_proxy_http.c mod_proxy_http Module Cross-client Information Disclosure
12278| [85062] Apache Solr Autocomplete Module for Drupal Autocomplete Results XSS
12279| [85010] Apache Struts Token Handling Mechanism Token Name Configuration Parameter CSRF Weakness
12280| [85009] Apache Struts Request Parameter OGNL Expression Parsing Remote DoS
12281| [84911] libapache2-mod-rpaf X-Forward-For HTTP Header Parsing Remote DoS
12282| [84823] Apache HTTP Server Multiple Module Back End Server Error Handling HTTP Request Parsing Remote Information Disclosure
12283| [84818] Apache HTTP Server mod_negotiation Module mod_negotiation.c make_variant_list Function XSS
12284| [84562] Apache Qpid Broker Authentication Mechanism AMQP Client Shadow Connection NullAuthenticator Request Parsing Authentication Bypass
12285| [84458] Apache Libcloud SSL Certificate Validation MitM Spoofing Weakness
12286| [84279] PHP on Apache php_default_post_reader POST Request Handling Overflow DoS
12287| [84278] PHP w/ Apache PDO::ATTR_DEFAULT_FETCH_MODE / PDO::FETCH_CLASS DoS
12288| [84231] Apache Hadoop DataNodes Client BlockTokens Arbitrary Block Access
12289| [83943] Oracle Solaris Cluster Apache Tomcat Agent Subcomponent Unspecified Local Privilege Escalation
12290| [83939] Oracle Solaris Apache HTTP Server Subcomponent Unspecified Remote Information Disclosure
12291| [83685] svnauthcheck Apache HTTP Configuration File Permission Revocation Weakness
12292| [83682] Apache Sling POST Servlet @CopyFrom Operation HTTP Request Parsing Infinite Loop Remote DoS
12293| [83339] Apache Roller Blogger Roll Unspecified XSS
12294| [83270] Apache Roller Unspecified Admin Action CSRF
12295| [82782] Apache CXF WS-SecurityPolicy 1.1 SupportingToken Policy Bypass
12296| [82781] Apache CXF WS-SecurityPolicy Supporting Token Children Specification Token Signing Verification Weakness
12297| [82611] cPanel Apache Piped Log Configuration Log Message Formatting Traversal Arbitrary File Creation
12298| [82436] MapServer for Windows Bundled Apache / PHP Configuration Local File Inclusion
12299| [82215] PHP sapi/cgi/cgi_main.c apache_request_headers Function HTTP Header Handling Remote Overflow
12300| [82161] Apache Commons Compress bzip2 File Compression BZip2CompressorOutputStream Class File Handling Remote DoS
12301| [81965] Apache Batik Squiggle SVG Browser JAR File Arbitrary Code Execution
12302| [81790] Apache POI src/org/apache/poi/hwpf/model/UnhandledDataStructure.java UnhandledDataStructure() constructor Length Attribute CDF / CFBF File Handling Remote DoS
12303| [81660] Apache Qpid Credential Checking Cluster Authentication Bypass
12304| [81511] Apache for Debian /usr/share/doc HTTP Request Parsing Local Script Execution
12305| [81359] Apache HTTP Server LD_LIBRARY_PATH Variable Local Privilege Escalation
12306| [81349] Apache Open For Business Project (OFBiz) Webslinger Component Unspecified XSS
12307| [81348] Apache Open For Business Project (OFBiz) Content IDs / Map-Keys Unspecified XSS
12308| [81347] Apache Open For Business Project (OFBiz) Parameter Arrays Unspecified XSS
12309| [81346] Apache Open For Business Project (OFBiz) checkoutProcess.js getServerError() Function Unspecified XSS
12310| [81196] Apache Open For Business Project (OFBiz) FlexibleStringExpander Nested Script String Parsing Remote Code Execution
12311| [80981] Apache Hadoop Kerberos/MapReduce Security Feature User Impersonation Weakness
12312| [80571] Apache Traffic Server Host HTTP Header Parsing Remote Overflow
12313| [80547] Apache Struts XSLTResult.java File Upload Arbitrary Command Execution
12314| [80360] AskApache Password Protector Plugin for WordPress Error Page $_SERVER Superglobal XSS
12315| [80349] Apache HTTP Server mod_fcgid Module fcgid_spawn_ctl.c FcgidMaxProcessesPerClass Virtual Host Directive HTTP Request Parsing Remote DoS
12316| [80301] Apache Wicket /resources/ Absolute Path Arbitrary File Access
12317| [80300] Apache Wicket wicket:pageMapName Parameter XSS
12318| [79478] Apache Solr Extension for TYPO3 Unspecified XSS
12319| [79002] Apache MyFaces javax.faces.resource In Parameter Traversal Arbitrary File Access
12320| [78994] Apache Struts struts-examples/upload/upload-submit.do name Parameter XSS
12321| [78993] Apache Struts struts-cookbook/processDyna.do message Parameter XSS
12322| [78992] Apache Struts struts-cookbook/processSimple.do message Parameter XSS
12323| [78991] Apache Struts struts2-rest-showcase/orders clientName Parameter XSS
12324| [78990] Apache Struts struts2-showcase/person/editPerson.action Multiple Parameter XSS
12325| [78932] Apache APR Hash Collision Form Parameter Parsing Remote DoS
12326| [78903] Apache CXF SOAP Request Parsing WS-Security UsernameToken Policy Bypass
12327| [78600] Apache Tomcat HTTP DIGEST Authentication DigestAuthenticator.java Catalina Weakness Security Bypass
12328| [78599] Apache Tomcat HTTP DIGEST Authentication Realm Value Parsing Security Bypass
12329| [78598] Apache Tomcat HTTP DIGEST Authentication qop Value Parsing Security Bypass
12330| [78573] Apache Tomcat Parameter Saturation CPU Consumption Remote DoS
12331| [78556] Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Disclosure
12332| [78555] Apache HTTP Server Threaded MPM %{cookiename}C Log Format String Cookie Handling Remote DoS
12333| [78501] Apache Struts ParameterInterceptor Class OGNL Expression Parsing Remote Command Execution
12334| [78331] Apache Tomcat Request Object Recycling Information Disclosure
12335| [78293] Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass
12336| [78277] Apache Struts ExceptionDelegator Component Parameter Parsing Remote Code Execution
12337| [78276] Apache Struts DebuggingInterceptor Component Developer Mode Unspecified Remote Command Execution
12338| [78113] Apache Tomcat Hash Collision Form Parameter Parsing Remote DoS
12339| [78112] Apache Geronimo Hash Collision Form Parameter Parsing Remote DoS
12340| [78109] Apache Struts ParameterInterceptor Traversal Arbitrary File Overwrite
12341| [78108] Apache Struts CookieInterceptor Cookie Name Handling Remote Command Execution
12342| [77593] Apache Struts Conversion Error OGNL Expression Injection
12343| [77496] Apache ActiveMQ Failover Mechanism Openwire Request Parsing Remote DoS
12344| [77444] Apache HTTP Server mod_proxy Mdule Web Request HTTP/0.9 Protocol URL Parsing Proxy Remote Security Bypass
12345| [77374] Apache MyFaces Java Bean includeViewParameters Parsing EL Expression Security Weakness
12346| [77310] Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (2011-4317)
12347| [77234] Apache HTTP Server on cygwin Encoded Traversal Arbitrary File Access
12348| [77012] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Memory Consumption DoS
12349| [76944] Apache Tomcat Manager Application Servlets Access Restriction Bypass
12350| [76744] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Overflow
12351| [76189] Apache Tomcat HTTP DIGEST Authentication Weakness
12352| [76079] Apache HTTP Server mod_proxy Mdule Web Request URL Parsing Proxy Remote Security Bypass (2011-3368)
12353| [76072] Apache JServ jserv.conf jserv-status Handler jserv/ URI Request Parsing Local Information Disclosure
12354| [75807] Apache HTTP Server Incomplete Header Connection Saturation Remote DoS
12355| [75647] Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remote DoS
12356| [75376] Apache Libcloud SSL Certificate Validation MitM Server Spoofing Weakness
12357| [74853] Domain Technologie Control /etc/apache2/apache2.conf File Permissions Weakness dtcdaemons User Password Disclosure
12358| [74818] Apache Tomcat AJP Message Injection Authentication Bypass
12359| [74725] Apache Wicket Multi Window Support Unspecified XSS
12360| [74721] Apache HTTP Server ByteRange Filter Memory Exhaustion Remote DoS
12361| [74541] Apache Commons Daemon Jsvc Permissions Weakness Arbitrary File Access
12362| [74535] Apache Tomcat XML Parser Cross-application Multiple File Manipulation
12363| [74447] Apache Struts XWork Nonexistent Method s:submit Element Internal Java Class Remote Path Disclosure
12364| [74262] Apache HTTP Server Multi-Processing Module itk.c Configuration Merger mpm-itk root UID / GID Remote Privilege Escalation
12365| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
12366| [73920] Oracle Secure Backup /apache/htdocts/php/common.php username Parameter Remote Code Execution
12367| [73798] Apache Tomcat sendfile Request Start / Endpoint Parsing Local DoS
12368| [73797] Apache Tomcat sendfile Request Attribute Validation Weakness Local Access Restriction Bypass
12369| [73776] Apache Tomcat HTTP BIO Connector HTTP Pipelining Cross-user Remote Response Access
12370| [73644] Apache XML Security Signature Key Parsing Overflow DoS
12371| [73600] Apache Struts javatemplates Plugin Component Handlers .action URI Multiple Parameter XSS
12372| [73462] Apache Rampart/C util/rampart_timestamp_token.c rampart_timestamp_token_validate Function Expired Token Remote Access Restriction Bypass
12373| [73429] Apache Tomcat JMX MemoryUserDatabase Local Password Disclosure
12374| [73384] Apache HTTP Server mod_rewrite PCRE Resource Exhaustion DoS
12375| [73383] Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop Remote DoS
12376| [73378] IBM WebSphere Application Server (WAS) JavaServer Pages org.apache.jasper.runtime.JspWriterImpl.response JSP Page Application Restart Remote DoS
12377| [73247] Apache Subversion mod_dav_svn File Permission Weakness Information Disclosure
12378| [73246] Apache Subversion mod_dav_svn Path-based Access Control Rule Handling Remote DoS
12379| [73245] Apache Subversion mod_dav_svn Baselined Resource Request Handling Remote DoS
12380| [73154] Apache Archiva Multiple Unspecified CSRF
12381| [73153] Apache Archiva /archiva/admin/deleteNetworkProxy!confirm.action proxyid Parameter XSS
12382| [72407] Apache Tomcat @ServletSecurity Initial Load Annotation Security Constraint Bypass Information Disclosure
12383| [72238] Apache Struts Action / Method Names <
12384| [71647] Apache HttpComponents HttpClient Proxy-Authorization Credentials Remote Disclosure
12385| [71558] Apache Tomcat SecurityManager ServletContext Attribute Traversal Arbitrary File Manipulation
12386| [71557] Apache Tomcat HTML Manager Multiple XSS
12387| [71075] Apache Archiva User Management Page XSS
12388| [71027] Apache Tomcat @ServletSecurity Annotation Security Constraint Bypass Information Disclosure
12389| [70925] Apache Continuum Project Pages Unspecified XSS (2011-0533)
12390| [70924] Apache Continuum Multiple Admin Function CSRF
12391| [70809] Apache Tomcat NIO HTTP Connector Request Line Processing DoS
12392| [70734] Apache CouchDB Request / Cookie Handling Unspecified XSS
12393| [70585] Oracle Fusion Middleware Oracle HTTP Server Apache Plugin Unspecified Remote Issue
12394| [70333] Apache Subversion rev_hunt.c blame Command Multiple Memory Leak Remote DoS
12395| [70332] Apache Subversion Apache HTTP Server mod_dav_svn repos.c walk FunctionSVNParentPath Collection Remote DoS
12396| [69659] Apache Archiva Admin Authentication Weakness Privilege Escalation
12397| [69520] Apache Archiva Administrator Credential Manipulation CSRF
12398| [69512] Apache Tomcat Set-Cookie Header HTTPOnly Flag Session Hijacking Weakness
12399| [69456] Apache Tomcat Manager manager/html/sessions Multiple Parameter XSS
12400| [69275] Apache mod_fcgid Module fcgid_bucket.c fcgid_header_bucket_read() Function Remote Overflow
12401| [69067] Apache Shiro URI Path Security Traversal Information Disclosure
12402| [68815] Apache MyFaces shared/util/StateUtils.java View State MAC Weakness Cryptographic Padding Remote View State Modification
12403| [68670] Apache Qpid C++ Broker Component broker/SessionAdapter.cpp SessionAdapter::ExchangeHandlerImpl::checkAlternate Function Exchange Alternate Remote DoS
12404| [68669] Apache Qpid cluster/Cluster.cpp Cluster::deliveredEvent Function Invalid AMQP Data Remote DoS
12405| [68662] Apache Axis2 dswsbobje.war Module Admin Account Default Password
12406| [68531] Apache Qpid qpidd sys/ssl/SslSocket.cpp Incomplete SSL Handshake Remote DoS
12407| [68327] Apache APR-util buckets/apr_brigade.c apr_brigade_split_line() Function Memory Consumption DoS
12408| [68314] Apache XML-RPC SAX Parser External Entity Information Disclosure
12409| [67964] Apache Traffic Server Transaction ID / Source Port Randomization Weakness DNS Cache Poisoning
12410| [67846] SUSE Lifecycle Management Server on SUSE Linux Enterprise apache2-slms Parameter Quoting CSRF
12411| [67294] Apache CXF XML SOAP Message Crafted Document Type Declaration Remote DoS
12412| [67240] Apache CouchDB Installation Page Direct Request Arbitrary JavaScript Code Execution CSRF
12413| [67205] Apache Derby BUILTIN Authentication Password Hash Generation Algorithm SHA-1 Transformation Password Substitution
12414| [66745] Apache HTTP Server Multiple Modules Pathless Request Remote DoS
12415| [66319] Apache Tomcat Crafted Transfer-Encoding Header Handling Buffer Recycling Remote DoS
12416| [66280] Apache Struts XWork ParameterInterceptor Server-Side Object Remote Code Execution
12417| [66226] Apache Axis2 Admin Interface Cookie Session Fixation
12418| [65697] Apache Axis2 / Java SOAP Message DTD Rejection Weakness Arbitrary File Access
12419| [65654] Apache HTTP Server mod_proxy_http mod_proxy_http.c Timeout Detection Weakness HTTP Request Response Disclosure
12420| [65429] Apache MyFaces Unencrypted ViewState Serialized View Object Manipulation Arbitrary Expression Language (EL) Statement Execution
12421| [65054] Apache ActiveMQ Jetty Error Handler XSS
12422| [64844] Apache Axis2/Java axis2/axis2-admin/engagingglobally modules Parameter XSS
12423| [64522] Apache Open For Business Project (OFBiz) ecommerce/control/contactus Multiple Parameter XSS
12424| [64521] Apache Open For Business Project (OFBiz) Web Tools Section entityName Parameter XSS
12425| [64520] Apache Open For Business Project (OFBiz) ecommerce/control/ViewBlogArticle contentId Parameter XSS
12426| [64519] Apache Open For Business Project (OFBiz) Control Servlet URI XSS
12427| [64518] Apache Open For Business Project (OFBiz) Show Portal Page Section start Parameter XSS
12428| [64517] Apache Open For Business Project (OFBiz) View Profile Section partyId Parameter XSS
12429| [64516] Apache Open For Business Project (OFBiz) Export Product Listing Section productStoreId Parameter XSS
12430| [64307] Apache Tomcat Web Application Manager/Host Manager CSRF
12431| [64056] mod_auth_shadow for Apache HTTP Server wait() Function Authentication Bypass
12432| [64023] Apache Tomcat WWW-Authenticate Header Local Host Information Disclosure
12433| [64020] Apache ActiveMQ Jetty ResourceHandler Crafted Request JSP File Source Disclosure
12434| [63895] Apache HTTP Server mod_headers Unspecified Issue
12435| [63368] Apache ActiveMQ createDestination.action JMSDestination Parameter CSRF
12436| [63367] Apache ActiveMQ createDestination.action JMSDestination Parameter XSS
12437| [63350] Apache CouchDB Hash Verification Algorithm Predictable Execution Time Weakness
12438| [63140] Apache Thrift Service Malformed Data Remote DoS
12439| [62676] Apache HTTP Server mod_proxy_ajp Module Crafted Request Remote DoS
12440| [62675] Apache HTTP Server Multi-Processing Module (MPM) Subrequest Header Handling Cross-thread Information Disclosure
12441| [62674] Apache HTTP Server mod_isapi Module Unloading Crafted Request Remote DoS
12442| [62231] Apache HTTP Server Logging Format Weakness Crafted DNS Response IP Address Spoofing
12443| [62230] Apache HTTP Server Crafted DNS Response Inverse Lookup Log Corruption XSS
12444| [62054] Apache Tomcat WAR Filename Traversal Work-directory File Deletion
12445| [62053] Apache Tomcat Autodeployment Process appBase File HTTP Request Authentication Bypass
12446| [62052] Apache Tomcat WAR File Traversal Arbitrary File Overwrite
12447| [62009] Apache HTTP Server src/modules/proxy/proxy_util.c mod_proxy ap_proxy_send_fb() Function Overflow
12448| [61379] Apache River Outrigger Entry Storage Saturation Memory Exhaustion DoS
12449| [61378] Apache Hadoop Map/Reduce JobTracker Memory Consumption DoS
12450| [61377] Apache Commons Modeler Multiple Mutable Static Fields Weakness
12451| [61376] Apache Rampart wsse:security Tag Signature Value Checking Weakness
12452| [60687] Apache C++ Standard Library (STDCXX) strxfrm() Function Overflow
12453| [60680] Apache Hadoop JobHistory Job Name Manipulation Weakness
12454| [60679] Apache ODE DeploymentWebService OMElement zipPart CRLF Injection
12455| [60678] Apache Roller Comment Email Notification Manipulation DoS
12456| [60677] Apache CouchDB Unspecified Document Handling Remote DoS
12457| [60428] Sun Java Plug-in org.apache.crimson.tree.XmlDocument Class reateXmlDocument Method Floppy Drive Access Bypass
12458| [60413] mod_throttle for Apache Shared Memory File Manipulation Local Privilege Escalation
12459| [60412] Sun Java Plug-in org.apache.xalan.processor.XSLProcessorVersion Class Unsigned Applet Variable Sharing Privilege Escalation
12460| [60396] Apache HTTP Server on OpenBSD Multipart MIME Boundary Remote Information Disclosure
12461| [60395] Apache HTTP Server on OpenBSD ETag HTTP Header Remote Information Disclosure
12462| [60232] PHP on Apache php.exe Direct Request Remote DoS
12463| [60176] Apache Tomcat Windows Installer Admin Default Password
12464| [60016] Apache HTTP Server on HP Secure OS for Linux HTTP Request Handling Unspecified Issue
12465| [59979] Apache HTTP Server on Apple Mac OS X HTTP TRACE Method Unspecified Client XSS
12466| [59969] Apache HTTP Server mod_ssl SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
12467| [59944] Apache Hadoop jobhistory.jsp XSS
12468| [59374] Apache Solr Search Extension for TYPO3 Unspecified XSS
12469| [59022] Apache Shindig ConcatProxyServlet HTTP Header Response Splitting
12470| [59021] Apache Cocoon X-Cocoon-Version Header Remote Information Disclosure
12471| [59020] Apache Tapestry HTTPS Session Cookie Secure Flag Weakness
12472| [59019] Apache mod_python Cookie Salting Weakness
12473| [59018] Apache Harmony Error Message Handling Overflow
12474| [59013] Apache Derby SYSCS_EXPORT_TABLE Arbitrary File Overwrite
12475| [59012] Apache Derby Driver Auto-loading Non-deterministic Startup Weakness
12476| [59011] Apache JSPWiki Page Attachment Change Note Function XSS
12477| [59010] Apache Solr get-file.jsp XSS
12478| [59009] Apache Solr action.jsp XSS
12479| [59008] Apache Solr analysis.jsp XSS
12480| [59007] Apache Solr schema.jsp Multiple Parameter XSS
12481| [59006] Apache Beehive select / checkbox Tag XSS
12482| [59005] Apache Beehive jpfScopeID Global Parameter XSS
12483| [59004] Apache Beehive Error Message XSS
12484| [59003] Apache HttpClient POST Request Handling Memory Consumption DoS
12485| [59002] Apache Jetspeed default-page.psml URI XSS
12486| [59001] Apache Axis2 xsd Parameter Traversal Arbitrary File Disclosure
12487| [59000] Apache CXF Unsigned Message Policy Bypass
12488| [58999] Apache WSS4J CallbackHandler Plaintext Password Validation Weakness
12489| [58998] Apache OpenJPA persistence.xml Cleartext Password Local Disclosure
12490| [58997] Apache OpenEJB openejb.xml Cleartext Password Local Disclosure
12491| [58996] Apache Hadoop Map/Reduce LinuxTaskController File Group Ownership Weakness
12492| [58995] Apache Hadoop Map/Reduce Task Ownership Weakness
12493| [58994] Apache Hadoop Map/Reduce DistributedCache Localized File Permission Weakness
12494| [58993] Apache Hadoop browseBlock.jsp XSS
12495| [58991] Apache Hadoop browseDirectory.jsp XSS
12496| [58990] Apache Hadoop Map/Reduce HTTP TaskTrackers User Data Remote Disclosure
12497| [58989] Apache Hadoop Sqoop Process Listing Local Cleartext Password Disclosure
12498| [58988] Apache Hadoop Chukwa HICC Portal Unspecified XSS
12499| [58987] Apache Hadoop Map/Reduce TaskTracker User File Permission Weakness
12500| [58986] Apache Qpid Encrypted Message Handling Remote Overflow DoS
12501| [58985] Apache Qpid Process Listing Local Cleartext Password Disclosure
12502| [58984] Apache Jackrabbit Content Repository (JCR) Default Account Privilege Access Weakness
12503| [58983] Apache Jackrabbit Content Repository (JCR) NamespaceRegistry API Registration Method Race Condition
12504| [58982] Apache Synapse Proxy Service Security Policy Mismatch Weakness
12505| [58981] Apache Geronimo TomcatGeronimoRealm Security Context Persistence Weakness
12506| [58980] Apache Geronimo LDAP Realm Configuration Restart Reversion Weakness
12507| [58979] Apache MyFaces Tomahawk ExtensionsPhaseListener HTML Injection Information Disclosure
12508| [58978] Apache MyFaces Trinidad LocaleInfoScriptlet XSS
12509| [58977] Apache Open For Business Project (OFBiz) Multiple Default Accounts
12510| [58976] Apache Open For Business Project (OFBiz) URI passThru Parameter XSS
12511| [58975] Apache Open For Business Project (OFBiz) PARTYMGR_CREATE/UPDATE Permission Arbitrary User Password Modification
12512| [58974] Apache Sling /apps Script User Session Management Access Weakness
12513| [58973] Apache Tuscany Crafted SOAP Request Access Restriction Bypass
12514| [58931] Apache Geronimo Cookie Parameters Validation Weakness
12515| [58930] Apache Xalan-C++ XPath Handling Remote DoS
12516| [58879] Apache Portable Runtime (APR-util) poll/unix/port.c Event Port Backend Pollset Feature Remote DoS
12517| [58837] Apache Commons Net FTPSClient CipherSuites / Protocols Mutable Object Unspecified Data Security Issue
12518| [58813] Apache MyFaces Trinidad tr:table / HTML Comment Handling DoS
12519| [58812] Apache Open For Business Project (OFBiz) JSESSIONID Session Hijacking Weakness
12520| [58811] Apache Open For Business Project (OFBiz) /catalog/control/EditProductConfigItem configItemId Parameter XSS
12521| [58810] Apache Open For Business Project (OFBiz) /catalog/control/EditProdCatalo prodCatalogId Parameter XSS
12522| [58809] Apache Open For Business Project (OFBiz) /partymgr/control/viewprofile partyId Parameter XSS
12523| [58808] Apache Open For Business Project (OFBiz) /catalog/control/createProduct internalName Parameter XSS
12524| [58807] Apache Open For Business Project (OFBiz) Multiple Unspecified CSRF
12525| [58806] Apache FtpServer MINA Logging Filter Cleartext Credential Local Disclosure
12526| [58805] Apache Derby Unauthenticated Database / Admin Access
12527| [58804] Apache Wicket Header Contribution Unspecified Issue
12528| [58803] Apache Wicket Session Fixation
12529| [58802] Apache Directory Server (ApacheDS) userPassword Attribute Search Password Disclosure
12530| [58801] Apache ActiveMQ Stomp Client Credential Validation Bypass
12531| [58800] Apache Tapestry (context)/servicestatus Internal Service Information Disclosure
12532| [58799] Apache Tapestry Logging Cleartext Password Disclosure
12533| [58798] Apache Jetspeed pipeline Parameter pipeline-map Policy Bypass
12534| [58797] Apache Jetspeed Password Policy Multiple Weaknesses
12535| [58796] Apache Jetspeed Unsalted Password Storage Weakness
12536| [58795] Apache Rampart Crafted SOAP Header Authentication Bypass
12537| [58794] Apache Roller Admin Protocol (RAP) Malformed Header Authentication Bypass
12538| [58793] Apache Hadoop Map/Reduce mapred.system.dir Permission Weakness Job Manipulation
12539| [58792] Apache Shindig gadgets.rpc iframe RPC Call Validation Weakness
12540| [58791] Apache Synapse synapse.properties Cleartext Credential Local Disclosure
12541| [58790] Apache WSS4J SOAP Message UsernameToken Remote Password Disclosure
12542| [58789] Apache WSS4J SOAP Header Malformed UsernameToken Authentication Bypass
12543| [58776] Apache JSPWiki PreviewContent.jsp Edited Text XSS
12544| [58775] Apache JSPWiki preview.jsp action Parameter XSS
12545| [58774] Apache JSPWiki Edit.jsp Multiple Parameter XSS
12546| [58773] Apache JSPWiki Accept-Language Header Multiple Script language Parameter XSS
12547| [58772] Apache JSPWiki EditorManager.java editor Parameter XSS
12548| [58771] Apache JSPWiki GroupContent.jsp Multiple Parameter XSS
12549| [58770] Apache JSPWiki Group.jsp group Parameter XSS
12550| [58769] Apache JSPWiki Database Connection Termination DoS Weakness
12551| [58768] Apache JSPWiki Attachment Servlet nextpage Parameter Arbitrary Site Redirect
12552| [58766] Apache JSPWiki /admin/SecurityConfig.jsp Direct Request Information Disclosure
12553| [58765] Apache JSPWiki Spam Filter UniqueID RNG Weakness
12554| [58764] Apache JSPWiki Edit.jsp Multiple Parameter XSS
12555| [58763] Apache JSPWiki Include Tag Multiple Script XSS
12556| [58762] Apache JSPWiki Multiple .java Tags pageContext Parameter XSS
12557| [58761] Apache JSPWiki Wiki.jsp skin Parameter XSS
12558| [58760] Apache Commons VFS Exception Error Message Cleartext Credential Disclosure
12559| [58759] Apache Jackrabbit Content Repository (JCR) UUID System.currentTimeMillis() RNG Weakness
12560| [58758] Apache River GrantPermission Policy Manipulation Privilege Escalation
12561| [58757] Apache WS-Commons Java2 StaXUtils Multiple Unspecified Minor Issues
12562| [58756] Apache WSS4J WSHandler Client Certificate Signature Validation Weakness
12563| [58755] Apache Harmony DRLVM Non-public Class Member Access
12564| [58754] Apache Harmony File.createTempFile() Temporary File Creation Prediction Weakness
12565| [58751] Apache Geronimo GeronimoIdentityResolver Subject Handling Multiple Issues
12566| [58750] Apache MyFaces Trinidad Generated HTML Information Disclosure
12567| [58749] Apache MyFaces Trinidad Database Access Error Message Information Disclosure
12568| [58748] Apache MyFaces Trinidad Image Resource Loader Traversal Arbitrary Image Access
12569| [58747] Apache MyFaces Trinidad Error Message User Entered Data Disclosure Weakness
12570| [58746] Apache Axis2 JAX-WS Java2 WSDL4J Unspecified Issue
12571| [58744] Apache Wicket Crafted File Upload Disk Space Exhaustion DoS
12572| [58743] Apache Wicket wicket.util.crypt.SunJceCrypt Encryption Reversion Weakness
12573| [58742] Apache Rampart PolicyBasedValiadtor HttpsToken Endpoint Connection Weakness
12574| [58741] Apache Rampart WSSecSignature / WSSecEncryptedKey KeyIdentifierType Validation Weakness
12575| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
12576| [58739] Apache Open For Business Project (OFBiz) Unsalted Password Storage Weakness
12577| [58738] Apache Open For Business Project (OFBiz) orderId Parameter Arbitrary Order Access
12578| [58737] Apache mod_python w/ mod_python.publisher index.py Underscore Prefixed Variable Disclosure
12579| [58735] Apache Open For Business Project (OFBiz) /ecommerce/control/keywordsearch SEARCH_STRING Parameter XSS
12580| [58734] Apache Torque Log File Cleartext Credential Local Disclosure
12581| [58733] Apache Axis2 doGet Implementation Authentication Bypass Service State Manipulation
12582| [58732] Apache MyFaces UIInput.validate() Null Value Validation Bypass Weakness
12583| [58731] Apache MyFaces /faces/* Prefix Mapping Authentication Bypass
12584| [58725] Apache Tapestry Basic String ACL Bypass Weakness
12585| [58724] Apache Roller Logout Functionality Failure Session Persistence
12586| [58723] Apache Roller User Profile / Admin Page Cleartext Password Disclosure
12587| [58722] Apache Derby Connection URL Encryption Method Reversion Weakness
12588| [58721] Apache Geronimo on Tomcat Security-constraint Resource ACL Bypass
12589| [58720] Apache Geronimo Explicit Servlet Mapping Access Bypass Weakness
12590| [58719] Apache Geronimo Keystore Unprivileged Service Disable DoS
12591| [58718] Apache Geronimo Deployment Plans Remote Password Disclosure
12592| [58717] Apache Jetspeed Portlet Application Edit Access Restriction Bypass
12593| [58716] Apache Jetspeed PSML Management Cached Constraint Authentication Weakness
12594| [58707] Apache WSS4J Crafted PasswordDigest Request Authentication Bypass
12595| [58706] Apache HttpClient Pre-emptive Authorization Remote Credential Disclosure
12596| [58705] Apache Directory Server (ApacheDS) User Passwords Cleartext Disclosure
12597| [58704] Apache Directory Server (ApacheDS) Non-existent User LDAP Bind Remote DoS
12598| [58703] Apache Geronimo Debug Console Unauthenticated Remote Information Disclosure
12599| [58702] Apache Directory Server (ApacheDS) Persistent LDAP Anonymous Bind Weakness
12600| [58701] Apache Jetspeed User Admin Portlet Unpassworded Account Creation Weakness
12601| [58700] Apache MyFaces /faces/* Path Handling Remote Overflow DoS
12602| [58699] Apache MyFaces Disable Property Client Side Manipulation Privilege Escalation
12603| [58698] Apache Roller Remember Me Functionality Cleartext Password Disclosure
12604| [58697] Apache XalanJ2 org.apache.xalan.xsltc.runtime.CallFunction Class Unspecified Issue
12605| [58696] Apache Tapestry Encoded Traversal Arbitrary File Access
12606| [58695] Apache Jetspeed Unauthenticated PSML Tags / Admin Folder Access
12607| [58694] Apache Geronimo Deploy Tool Process List Local Credential Disclosure
12608| [58693] Apache Derby service.properties File Encryption Key Information Disclosure
12609| [58692] Apache Geronimo Default Security Realm Login Brute Force Weakness
12610| [58689] Apache Roller Retrieve Last 5 Post Feature Unauthorized Blog Post Manipulation
12611| [58688] Apache Xalan-Java (XalanJ2) Static Variables Multiple Unspecified Issues
12612| [58687] Apache Axis Invalid wsdl Request XSS
12613| [58686] Apache Cocoon Temporary File Creation Unspecified Race Condition
12614| [58685] Apache Velocity Template Designer Privileged Code Execution
12615| [58684] Apache Jetspeed controls.Customize Action Security Check Bypass
12616| [58675] Apache Open For Business Project (OFBiz) eCommerce/ordermgr Multiple Field XSS
12617| [58674] Apache Open For Business Project (OFBiz) ecommerce/control/login Multiple Field XSS
12618| [58673] Apache Open For Business Project (OFBiz) ecommerce/control/viewprofile Multiple Field XSS
12619| [58672] Apache Open For Business Project (OFBiz) POS Input Panel Cleartext Password Disclosure
12620| [58671] Apache Axis2 JMS Signed Message Crafted WS-Security Header Security Bypass
12621| [58670] Apache Jetspeed JetspeedTool.getPortletFromRegistry Portlet Security Validation Failure
12622| [58669] Apache Jetspeed LDAP Cleartext Passwords Disclosure
12623| [58668] Apache Axis External Entity (XXE) Data Parsing Privilege Escalation
12624| [58667] Apache Roller Database Cleartext Passwords Disclosure
12625| [58666] Apache Xerces-C++ UTF-8 Transcoder Overlong Code Handling Unspecified Issue
12626| [58665] Apache Jetspeed Turbine: Cross-user Privileged Action Execution
12627| [58664] Apache Jetspeed EditAccount.vm Password Modification Weakness
12628| [58663] Apache Jetspeed Role Parameter Arbitrary Portlet Disclosure
12629| [58662] Apache Axis JWS Page Generated .class File Direct Request Information Disclosure
12630| [58661] Apache Jetspeed user-form.vm Password Reset Cleartext Disclosure
12631| [58660] Apache WSS4J checkReceiverResults Function Crafted SOAP Request Authentication Bypass
12632| [58658] Apache Rampart Crafted SOAP Request Security Verification Bypass
12633| [57882] Apache HTTP Server mod_proxy_ftp Authorization HTTP Header Arbitrary FTP Command Injection
12634| [57851] Apache HTTP Server mod_proxy_ftp EPSV Command NULL Dereference Remote DoS
12635| [56984] Apache Xerces2 Java Malformed XML Input DoS
12636| [56903] Apache ODE (Orchestration Director Engine) Process Deployment Web Service Traversal Arbitrary File Manipulation
12637| [56859] Apache Xerces-C++ Multiple Sub-project XML Nested DTD Structures Parsing Recursion Error DoS
12638| [56766] Apache Portable Runtime (APR-util) memory/unix/apr_pools.c Relocatable Memory Block Aligning Overflow
12639| [56765] Apache Portable Runtime (APR-util) misc/apr_rmm.c Multiple Function Overflows
12640| [56517] Apache HTTP Server File Descriptor Leak Arbitrary Local File Append
12641| [56443] PTK Unspecified Apache Sub-process Arbitrary Command Execution
12642| [56414] Apache Tiles Duplicate Expression Language (EL) Expression Evaluation XSS
12643| [55814] mod_NTLM for Apache HTTP Server ap_log_rerror() Function Remote Format String
12644| [55813] mod_NTLM for Apache HTTP Server log() Function Remote Overflow
12645| [55782] Apache HTTP Server mod_deflate Module Aborted Connection DoS
12646| [55553] Apache HTTP Server mod_proxy Module mod_proxy_http.c stream_reqbody_cl Function CPU Consumption DoS
12647| [55059] Apache APR-util strmatch/apr_strmatch.c apr_strmatch_precompile Function Crafted Input Remote DoS
12648| [55058] Apache APR-util apr_brigade_vprintf Function Crafted Input Off-by-one Remote DoS
12649| [55057] Apache APR-util xml/apr_xml.c apr_xml_* Interface Expat XML Parser Crafted XML Document Remote DoS
12650| [55056] Apache Tomcat Cross-application TLD File Manipulation
12651| [55055] Apache Tomcat Illegal URL Encoded Password Request Username Enumeration
12652| [55054] Apache Tomcat Java AJP Connector mod_jk Load Balancing Worker Malformed Header Remote DoS
12653| [55053] Apache Tomcat Crafted Request Security Restraint Bypass Arbitrary Content Access
12654| [54733] Apache HTTP Server AllowOverride Directive .htaccess Options Bypass
12655| [54713] razorCMS Security Manager apache User Account Unspecified File Permission Weakness Issue
12656| [54589] Apache Jserv Nonexistent JSP Request XSS
12657| [54122] Apache Struts s:a / s:url Tag href Element XSS
12658| [54093] Apache ActiveMQ Web Console JMS Message XSS
12659| [53932] Apache Geronimo Multiple Admin Function CSRF
12660| [53931] Apache Geronimo /console/portal/Server/Monitoring Multiple Parameter XSS
12661| [53930] Apache Geronimo /console/portal/ URI XSS
12662| [53929] Apache Geronimo on Windows Security/Keystores Portlet Traversal Arbitrary File Upload
12663| [53928] Apache Geronimo on Windows Embedded DB/DB Manager Portlet Traversal Arbitrary File Upload
12664| [53927] Apache Geronimo on Windows Services/Repository Portlet Traversal Arbitrary File Upload
12665| [53921] Apache HTTP Server mod_proxy_ajp Cross Thread/Session Information Disclosure
12666| [53766] Oracle BEA WebLogic Server Plug-ins for Apache Certificate Handling Remote Overflow
12667| [53574] PHP on Apache .htaccess mbstring.func_overload Setting Cross Hosted Site Behavior Modification
12668| [53381] Apache Tomcat JK Connector Content-Length Header Cross-user Information Disclosure
12669| [53380] Apache Struts Unspecified XSS
12670| [53289] Apache mod_perl Apache::Status /perl-status Unspecified XSS
12671| [53186] Apache HTTP Server htpasswd Predictable Salt Weakness
12672| [52899] Apache Tomcat Examples Web Application Calendar Application jsp/cal/cal2.jsp time Parameter XSS
12673| [52407] Apache Tomcat doRead Method POST Content Information Disclosure
12674| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
12675| [51613] Apache HTTP Server Third-party Module Child Process File Descriptor Leak
12676| [51612] Apache HTTP Server Internal Redirect Handling Infinite Loop DoS
12677| [51468] Apache Jackrabbit Content Repository (JCR) swr.jsp q Parameter XSS
12678| [51467] Apache Jackrabbit Content Repository (JCR) search.jsp q Parameter XSS
12679| [51151] Apache Roller Search Function q Parameter XSS
12680| [50482] PHP with Apache php_value Order Unspecified Issue
12681| [50475] Novell NetWare ApacheAdmin Console Unauthenticated Access
12682| [49734] Apache Struts DefaultStaticContentLoader Class Traversal Arbitrary File Access
12683| [49733] Apache Struts FilterDispatcher Class Traversal Arbitrary File Access
12684| [49283] Oracle BEA WebLogic Server Plugins for Apache Remote Transfer-Encoding Overflow
12685| [49062] Apache Tomcat Cross-thread Concurrent Request Variable Overwrite Information Disclosure
12686| [48847] ModSecurity (mod_security) Transformation Caching Unspecified Apache DoS
12687| [48788] Apache Xerces-C++ XML Schema maxOccurs Value XML File Handling DoS
12688| [47474] Apache HTTP Server mod_proxy_ftp Directory Component Wildcard Character XSS
12689| [47464] Apache Tomcat allowLinking / UTF-8 Traversal Arbitrary File Access
12690| [47463] Apache Tomcat RequestDispatcher Traversal Arbitrary File Access
12691| [47462] Apache Tomcat HttpServletResponse.sendError Method Message Argument XSS
12692| [47096] Oracle Weblogic Apache Connector POST Request Overflow
12693| [46382] Frontend Filemanager (air_filemanager) Extension for TYPO3 on Apache Unspecified Arbitrary Code Execution
12694| [46285] TYPO3 on Apache Crafted Filename Upload Arbitrary Command Execution
12695| [46085] Apache HTTP Server mod_proxy ap_proxy_http_process_response() Function Interim Response Forwarding Remote DoS
12696| [45905] Apache Tomcat Host Manager host-manager/html/add name Parameter XSS
12697| [45879] Ragnarok Online Control Panel on Apache Crafted Traversal Authentication Bypass
12698| [45742] Apache HTTP Server on Novell Unspecified Request Directive Internal IP Disclosure
12699| [45740] Apache Derby DropSchemaNode Bind Phase Arbitrary Scheme Statement Dropping
12700| [45599] Apache Derby Lock Table Statement Privilege Requirement Bypass Arbitrary Table Lock
12701| [45585] Apache Derby ACCSEC Command RDBNAM Parameter Cleartext Credential Disclosure
12702| [45584] Apache Derby DatabaseMetaData.getURL Function Cleartext Credential Disclosure
12703| [45420] Apache HTTP Server 403 Error Page UTF-7 Encoded XSS
12704| [44728] PHP Toolkit on Gentoo Linux Interpretation Conflict Apache HTTP Server Local DoS
12705| [44618] Oracle JSP Apache/Jserv Path Translation Traversal Arbitrary JSP File Execution
12706| [44159] Apache HTTP Server Remote Virtual Host Name Disclosure
12707| [43997] Apache-SSL ExpandCert() Function Certificate Handling Arbitrary Environment Variables Manipulation
12708| [43994] suPHP for Apache (mod_suphp) Directory Symlink Local Privilege Escalation
12709| [43993] suPHP for Apache (mod_suphp) Owner Mode Race Condition Symlink Local Privilege Escalation
12710| [43663] Apache HTTP Server Mixed Platform AddType Directive Crafted Request PHP Source Disclosure
12711| [43658] AuthCAS Module (AuthCAS.pm) for Apache HTTP Server SESSION_COOKIE_NAME SQL Injection
12712| [43452] Apache Tomcat HTTP Request Smuggling
12713| [43309] Apache Geronimo LoginModule Login Method Bypass
12714| [43290] Apache JSPWiki Entry Page Attachment Unrestricted File Upload
12715| [43259] Apache HTTP Server on Windows mod_proxy_balancer URL Handling Remote Memory Corruption
12716| [43224] Apache Geronimo on SuSE Linux init Script Symlink Unspecified File/Directory Access
12717| [43189] Apache mod_jk2 Host Header Multiple Fields Remote Overflow
12718| [42937] Apache HTTP Server mod_proxy_balancer balancer-manager Unspecified CSRF
12719| [42341] MOD_PLSQL for Apache Unspecified URL SQL Injection
12720| [42340] MOD_PLSQL for Apache CGI Environment Handling Unspecified Overflow
12721| [42214] Apache HTTP Server mod_proxy_ftp UTF-7 Encoded XSS
12722| [42091] Apache Maven Site Plugin Installation Permission Weakness
12723| [42089] Apache Maven .m2/settings.xml Cleartext Password Disclosure
12724| [42088] Apache Maven Defined Repo Process Listing Password Disclosure
12725| [42087] Apache Maven Site Plugin SSH Deployment Permission Setting Weakness
12726| [42036] Apache HTTP Server MS-DOS Device Request Host OS Disclosure
12727| [41891] BEA WebLogic Apache Beehive NetUI Page Flow Unspecified XSS
12728| [41436] Apache Tomcat Native APR Connector Duplicate Request Issue
12729| [41435] Apache Tomcat %5C Cookie Handling Session ID Disclosure
12730| [41434] Apache Tomcat Exception Handling Subsequent Request Information Disclosure
12731| [41400] LimeSurvey save.php Apache Log File PHP Code Injection
12732| [41029] Apache Tomcat Calendar Examples Application cal2.jsp Multiple Parameter CSRF
12733| [41019] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload XSS
12734| [41018] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload CRLF
12735| [40853] Apache Tomcat SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) JSESSIONIDSSO Cookie Security Weakness
12736| [40264] Apache HTTP Server mod_proxy_balancer balancer_handler Function bb Variable Remote DoS
12737| [40263] Apache HTTP Server mod_proxy_balancer balancer-manager Multiple Parameter XSS
12738| [40262] Apache HTTP Server mod_status refresh XSS
12739| [39833] Apache Tomcat JULI Logging Component catalina.policy Security Bypass
12740| [39251] Coppermine Photo Gallery on Apache Multiple File Extension Upload Arbitrary Code Execution
12741| [39166] Apache Tomcat on Windows caseSensitive Attribute Mixed Case Request JSP Source Disclosure
12742| [39134] Apache mod_imagemap Module Imagemap Unspecified XSS
12743| [39133] Apache mod_imap Module Imagemap File Unspecified XSS
12744| [39035] Apache Tomcat examples/servlet/CookieExample Multiple Parameter XSS
12745| [39003] Apache HTTP Server HTTP Method Header Request Entity Too Large XSS
12746| [39000] Apache Tomcat SendMailServlet sendmail.jsp mailfrom Parameter XSS
12747| [38939] Apache HTTP Server Prefork MPM Module Array Modification Local DoS
12748| [38673] Apache Jakarta Slide WebDAV SYSTEM Request Traversal Arbitrary File Access
12749| [38662] Apache Geronimo SQLLoginModule Nonexistent User Authentication Bypass
12750| [38661] Apache Geronimo MEJB Unspecified Authentication Bypass
12751| [38641] Apache HTTP Server mod_mem_cache recall_headers Function Information Disclosure
12752| [38640] Apache HTTP Server suexec Document Root Unauthorized Operations
12753| [38639] Apache HTTP Server suexec Multiple Symlink Privilege Escalation
12754| [38636] Apache HTTP Server mod_autoindex.c P Variable UTF-7 Charset XSS
12755| [38513] BEA WebLogic Server Proxy Plug-in for Apache Protocol Error Handling Remote DoS
12756| [38187] Apache Geronimo / Tomcat WebDAV XML SYSTEM Tag Arbitrary File Access
12757| [37079] Apache HTTP Server mod_cache cache_util.c Malformed Cache-Control Header DoS
12758| [37071] Apache Tomcat Cookie Handling Session ID Disclosure
12759| [37070] Apache Tomcat Cookie Handling Quote Delimiter Session ID Disclosure
12760| [37052] Apache HTTP Server mod_status mod_status.c Unspecified XSS
12761| [37051] Apache HTTP Server mod_proxy modules/proxy/proxy_util.c Crafted Header Remote DoS
12762| [37050] Apache HTTP Server Prefork MPM Module Crafted Code Sequence Local DoS
12763| [36417] Apache Tomcat Host Manager Servlet html/add Action aliases Parameter XSS
12764| [36377] Apache MyFaces Tomahawk JSF Application autoscroll Multiple Script XSS
12765| [36080] Apache Tomcat JSP Examples Crafted URI XSS
12766| [36079] Apache Tomcat Manager Uploaded Filename XSS
12767| [34888] Apache Tomcat Example Calendar Application cal2.jsp time Parameter XSS
12768| [34887] Apache Tomcat implicit-objects.jsp Crafted Header XSS
12769| [34885] Apache Tomcat on IIS Servlet Engine MS-DOS Device Request DoS
12770| [34884] Apache Tomcat on Windows Nonexistent Resource Request Path Disclosure
12771| [34883] Apache Tomcat Crafted JSP File Request Path Disclosure
12772| [34882] Apache Tomcat Default SSL Ciphersuite Configuration Weakness
12773| [34881] Apache Tomcat Malformed Accept-Language Header XSS
12774| [34880] Apache Tomcat HTTP/1.1 Connector NULL Byte Request JSP Source Disclosure
12775| [34879] Apache Tomcat examples/jsp2/jspx/textRotate.jspx XSS
12776| [34878] Apache Tomcat examples/jsp2/el/implicit-objects.jsp XSS
12777| [34877] Apache Tomcat JK Web Server Connector (mod_jk) Double Encoded Traversal Arbitrary File Access
12778| [34876] Apache HTTP Server ScriptAlias CGI Source Disclosure
12779| [34875] Apache Tomcat appdev/sample/web/hello.jsp Multiple Parameter XSS
12780| [34874] Apache Tomcat AJP Connector mod_jk ajp_process_callback Remote Memory Disclosure
12781| [34873] Apache Stats Variable Extraction _REQUEST Ssuperglobal Array Overwrite
12782| [34872] Apache HTTP Server suexec User/Group Combination Weakness Local Privilege Escalation
12783| [34769] Apache Tomcat w/ Proxy Module Double Encoded Traversal Arbitrary File Access
12784| [34541] mod_perl for Apache HTTP Server RegistryCooker.pm PATH_INFO Crafted URI Remote DoS
12785| [34540] mod_perl for Apache HTTP Server PerlRun.pm PATH_INFO Crafted URI Remote DoS
12786| [34398] Apache Tomcat mod_jk Invalid Chunked Encoded Body Information Disclosure
12787| [34154] Apache Axis Nonexistent Java Web Service Path Disclosure
12788| [33855] Apache Tomcat JK Web Server Connector mod_jk.so Long URI Worker Map Remote Overflow
12789| [33816] Apache HTTP Server on Debian Linux TTY Local Privilege Escalation
12790| [33456] Apache HTTP Server Crafted TCP Connection Range Header DoS
12791| [33346] Avaya Multiple Products Apache Tomcat Port Weakness
12792| [32979] Apache Java Mail Enterprise Server (JAMES) Phoenix/MX4J Interface Arbitrary User Creation
12793| [32978] Apache Java Mail Enterprise Server (JAMES) POP3Server Log File Plaintext Password Disclosure
12794| [32724] Apache mod_python _filter_read Freed Memory Disclosure
12795| [32723] Apache Tomcat semicolon Crafted Filename Request Forced Directory Listing
12796| [32396] Apache Open For Business Project (OFBiz) Ecommerce Component Forum Implementation Message Body XSS
12797| [32395] Apache Open For Business Project (OFBiz) Ecommerce Component Form Field Manipulation Privilege Escalation
12798| [30354] Linux Subversion libapache2-svn Search Path Subversion Local Privilege Escalation
12799| [29603] PHP ini_restore() Apache httpd.conf Options Bypass
12800| [29536] Apache Tcl mod_tcl set_var Function Remote Format String
12801| [28919] Apache Roller Weblogger Blog Comment Multiple Field XSS
12802| [28130] PHP with Apache Mixed Case Method Limit Directive Bypass
12803| [27913] Apache HTTP Server on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure
12804| [27588] Apache HTTP Server mod_rewrite LDAP Protocol URL Handling Overflow
12805| [27487] Apache HTTP Server Crafted Expect Header Cross Domain HTML Injection
12806| [26935] FCKeditor on Apache connector.php Crafted File Extension Arbitrary File Upload
12807| [26572] Apache Java Mail Enterprise Server (JAMES) MAIL Command Overflow DoS
12808| [25909] Drupal on Apache files Directory File Upload Arbitrary Code Execution
12809| [24825] Oracle ModPL/SQL for Apache Unspecified Remote HTTP Issue
12810| [24365] Apache Struts Multiple Function Error Message XSS
12811| [24364] Apache Struts getMultipartRequestHandler() Function Crafted Request DoS
12812| [24363] Apache Struts org.apache.struts.taglib.html.Constants.CANCEL Validation Bypass
12813| [24103] Pubcookie Apache mod_pubcookie Unspecified XSS
12814| [23906] Apache mod_python for Apache HTTP Server FileSession Privileged Local Command Execution
12815| [23905] Apache Log4net LocalSyslogAppender Format String Memory Corruption DoS
12816| [23198] Apache WSS4J Library SOAP Signature Verification Bypass
12817| [23124] Generic Apache Request Library (libapreq) apreq_parse_* Functions Remote DoS
12818| [22652] mod_php for Apache HTTP Server Crafted import_request_variables Function DoS
12819| [22475] PHP w/ Apache PDO::FETCH_CLASS __set() Function DoS
12820| [22473] PHP w/ Apache2 Crafted PDOStatement DoS
12821| [22459] Apache Geronimo Error Page XSS
12822| [22458] Apache Tomcat / Geronimo Sample Script cal2.jsp time Parameter XSS
12823| [22301] auth_ldap for Apache HTTP Server auth_ldap_log_reason() Function Remote Format String
12824| [22261] Apache HTTP Server mod_ssl ssl_hook_Access Error Handling DoS
12825| [22259] mod_auth_pgsql for Apache HTTP Server Log Function Format String
12826| [21736] Apache Java Mail Enterprise Server (JAMES) Spooler retrieve Function DoS
12827| [21705] Apache HTTP Server mod_imap Image Map Referer XSS
12828| [21021] Apache Struts Error Message XSS
12829| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
12830| [20491] PHP mod_php apache2handler SAPI Crafted .htaccess DoS
12831| [20462] Apache HTTP Server worker.c MPM Memory Exhaustion DoS
12832| [20439] Apache Tomcat Directory Listing Saturation DoS
12833| [20373] Apache Tomcat on HP Secure OS for Linux Unspecified Servlet Access Issue
12834| [20285] Apache HTTP Server Log File Control Character Injection
12835| [20242] Apache HTTP Server mod_usertrack Predictable Session ID Generation
12836| [20209] Brainf*ck Module (mod_bf) for Apache HTTP Server Local Overflow
12837| [20033] Apache Tomcat MS-DOS Device Request Error Message Path Disclosure
12838| [19883] apachetop atop.debug Symlink Arbitrary File Overwrite
12839| [19863] mod_auth_shadow for Apache HTTP Server require group Authentication Bypass
12840| [19855] Apache HTTP Server ErrorDocument Directive .htaccess Bypass
12841| [19821] Apache Tomcat Malformed Post Request Information Disclosure
12842| [19769] Apache HTTP Server Double-reverse DNS Lookup Spoofing
12843| [19188] Apache HTTP Server mod_ssl SSLVerifyClient Per-location Context Restriction Bypass
12844| [19137] Apache HTTP Server on Red Hat Linux Double Slash GET Request Forced Directory Listing
12845| [19136] Apache on Mandrake Linux Arbitrary Directory Forced Listing
12846| [18977] Apache HTTP Server Crafted HTTP Range Header DoS
12847| [18389] Ragnarok Online Control Panel Apache Authentication Bypass
12848| [18286] Apache HTTP Server mod_ssl ssl_callback_SSLVerify_CRL( ) Function Overflow
12849| [18233] Apache HTTP Server htdigest user Variable Overfow
12850| [17738] Apache HTTP Server HTTP Request Smuggling
12851| [16586] Apache HTTP Server Win32 GET Overflow DoS
12852| [15889] Apache HTTP Server mod_cgid Threaded MPM CGI Output Misdirection
12853| [14896] mod_dav for Apache HTTP Server Remote Null Dereference Child Process Termination
12854| [14879] Apache HTTP Server ap_log_rerror Function Error Message Path Disclosure
12855| [14770] Apache Tomcat AJP12 Protocol Malformed Packet Remote DoS
12856| [14597] Apache Tomcat IntegerOverflow.jsp Test JSP Script Path Disclosure
12857| [14596] Apache Tomcat pageSession.jsp Test JSP Script Path Disclosure
12858| [14595] Apache Tomcat pageLanguage.jsp Test JSP Script Path Disclosure
12859| [14594] Apache Tomcat pageIsThreadSafe.jsp Test JSP Script Path Disclosure
12860| [14593] Apache Tomcat pageIsErrorPage.jsp Test JSP Script Path Disclosure
12861| [14592] Apache Tomcat pageInvalid.jsp Test JSP Script Path Disclosure
12862| [14591] Apache Tomcat pageExtends.jsp Test JSP Script Path Disclosure
12863| [14590] Apache Tomcat pageDouble.jsp Test JSP Script Path Disclosure
12864| [14589] Apache Tomcat pageAutoFlush.jsp Test JSP Script Path Disclosure
12865| [14588] Apache Tomcat extends2.jsp Test JSP Script Path Disclosure
12866| [14587] Apache Tomcat extends1.jsp Test JSP Script Path Disclosure
12867| [14586] Apache Tomcat comments.jsp Test JSP Script Path Disclosure
12868| [14585] Apache Tomcat buffer4.jsp Test JSP Script Path Disclosure
12869| [14584] Apache Tomcat buffer3.jsp Test JSP Script Path Disclosure
12870| [14583] Apache Tomcat buffer2.jsp Test JSP Script Path Disclosure
12871| [14582] Apache Tomcat buffer1.jsp Test JSP Script Path Disclosure
12872| [14581] Apache Tomcat pageImport2.jsp Test JSP Script Path Disclosure
12873| [14580] Apache Tomcat pageInfo.jsp Test JSP Script Path Disclosure
12874| [14410] mod_frontpage for Apache HTTP Server fpexec Remote Overflow
12875| [14044] Apache Batik Squiggle Browser with Rhino Scripting Engine Unspecified File System Access
12876| [13737] mod_access_referer for Apache HTTP Server Malformed Referer DoS
12877| [13711] Apache mod_python publisher.py Traversal Arbitrary Object Information Disclosure
12878| [13640] mod_auth_any for Apache HTTP Server on Red Hat Linux Metacharacter Command Execution
12879| [13304] Apache Tomcat realPath.jsp Path Disclosure
12880| [13303] Apache Tomcat source.jsp Arbitrary Directory Listing
12881| [13087] Apache HTTP Server mod_log_forensic check_forensic Symlink Arbitrary File Creation / Overwrite
12882| [12849] mod_auth_radius for Apache HTTP Server radcpy() Function Overflow DoS
12883| [12848] Apache HTTP Server htdigest realm Variable Overflow
12884| [12721] Apache Tomcat examples/jsp2/el/functions.jsp XSS
12885| [12720] mod_dosevasive for Apache HTTP Server Symlink Arbitrary File Create/Overwrite
12886| [12558] Apache HTTP Server IPv6 FTP Proxy Socket Failure DoS
12887| [12557] Apache HTTP Server prefork MPM accept Error DoS
12888| [12233] Apache Tomcat MS-DOS Device Name Request DoS
12889| [12232] Apache Tomcat with JDK Arbitrary Directory/Source Disclosure
12890| [12231] Apache Tomcat web.xml Arbitrary File Access
12891| [12193] Apache HTTP Server on Mac OS X File Handler Bypass
12892| [12192] Apache HTTP Server on Mac OS X Unauthorized .ht and .DS_Store File Access
12893| [12178] Apache Jakarta Lucene results.jsp XSS
12894| [12176] mod_digest_apple for Apache HTTP Server on Mac OS X Authentication Replay
12895| [11391] Apache HTTP Server Header Parsing Space Saturation DoS
12896| [11003] Apache HTTP Server mod_include get_tag() Function Local Overflow
12897| [10976] mod_mylo for Apache HTTP Server mylo_log Logging Function HTTP GET Overflow
12898| [10637] Apache HTTP Server mod_ssl SSLCipherSuite Access Restriction Bypass
12899| [10546] Macromedia JRun4 mod_jrun Apache Module Remote Overflow
12900| [10471] Apache Xerces-C++ XML Parser DoS
12901| [10218] Apache HTTP Server Satisfy Directive Access Control Bypass
12902| [10068] Apache HTTP Server htpasswd Local Overflow
12903| [10049] mod_cplusplus For Apache HTTP Server Unspecified Overflow
12904| [9994] Apache HTTP Server apr-util IPV6 Parsing DoS
12905| [9991] Apache HTTP Server ap_resolve_env Environment Variable Local Overflow
12906| [9948] mod_dav for Apache HTTP Server LOCK Request DoS
12907| [9742] Apache HTTP Server mod_ssl char_buffer_read Function Reverse Proxy DoS
12908| [9718] Apache HTTP Server Win32 Single Dot Append Arbitrary File Access
12909| [9717] Apache HTTP Server mod_cookies Cookie Overflow
12910| [9716] Apache::Gallery Gallery.pm Inline::C Predictable Filename Code Execution
12911| [9715] Apache HTTP Server rotatelogs Control Characters Over Pipe DoS
12912| [9714] Apache Authentication Module Threaded MPM DoS
12913| [9713] Apache HTTP Server on OS2 filestat.c Device Name Request DoS
12914| [9712] Apache HTTP Server Multiple Linefeed Request Memory Consumption DoS
12915| [9711] Apache HTTP Server Access Log Terminal Escape Sequence Injection
12916| [9710] Apache HTTP Server on Windows Illegal Character Default Script Mapping Bypass
12917| [9709] Apache HTTP Server on Windows MS-DOS Device Name HTTP Post Code Execution
12918| [9708] Apache HTTP Server on Windows MS-DOS Device Name DoS
12919| [9707] Apache HTTP Server Duplicate MIME Header Saturation DoS
12920| [9706] Apache Web Server Multiple MIME Header Saturation Remote DoS
12921| [9705] Apache Tomcat Invoker/Default Servlet Source Disclosure
12922| [9702] Apache HTTP Server CGI/WebDAV HTTP POST Request Source Disclosure
12923| [9701] Apache HTTP Server for Windows Multiple Slash Forced Directory Listing
12924| [9700] Apache HTTP Server mod_autoindex Multiple Slash Request Forced Directory Listing
12925| [9699] Apache HTTP Server mod_dir Multiple Slash Request Forced Directory Listing
12926| [9698] Apache HTTP Server mod_negotiation Multiple Slash Request Forced Directory Listing
12927| [9697] Apache HTTP Server htdigest Local Symlink Arbitrary File Overwrite
12928| [9696] Apache HTTP Server htpasswd Local Symlink Arbitrary File Overwrite
12929| [9695] Apache Tomcat SnoopServlet Servlet Information Disclosure
12930| [9694] PHP3 on Apache HTTP Server Encoded Traversal Arbitrary File Access
12931| [9693] mod_auth_pgsql_sys for Apache HTTP Server User Name SQL Injection
12932| [9692] Apache HTTP Server mod_vhost_alias Mass Virtual Hosting Arbitrary File Access
12933| [9691] Apache HTTP Server mod_rewrite Mass Virtual Hosting Arbitrary File Access
12934| [9690] Apache HTTP Server mod_vhost_alias CGI Program Source Disclosure
12935| [9689] Trustix httpsd for Apache-SSL Permission Weakness Privilege Escalation
12936| [9688] Apache HTTP Server mod_proxy Malformed FTP Command DoS
12937| [9687] Apache::AuthenSmb smbval SMB Authentication Library Multiple Overflows
12938| [9686] Apache::AuthenSmb smbvalid SMB Authentication Library Multiple Overflows
12939| [9523] Apache HTTP Server mod_ssl Aborted Connection DoS
12940| [9459] Oracle PL/SQL (mod_plsql) Apache Module Help Page Request Remote Overflow
12941| [9208] Apache Tomcat .jsp Encoded Newline XSS
12942| [9204] Apache Tomcat ROOT Application XSS
12943| [9203] Apache Tomcat examples Application XSS
12944| [9068] Apache HTTP Server mod_userdir User Account Information Disclosure
12945| [8773] Apache Tomcat Catalina org.apache.catalina.servlets.DefaultServlet Source Code Disclosure
12946| [8772] Apache Tomcat Catalina org.apache.catalina.connector.http DoS
12947| [7943] Apache HTTP Server mod_ssl sslkeys File Disclosure
12948| [7942] Apache HTTP Server mod_ssl Default Pass Phrase
12949| [7941] Apache HTTP Server mod_ssl Encrypted Private Key File Descriptor Leak
12950| [7935] Apache HTTP Server mod_ssl ssl_gcache Race Conditions
12951| [7934] Apache HTTP Server mod_ssl SSLSessionCache File Content Disclosure
12952| [7933] Apache HTTP Server mod_ssl SSLMutex File Content Disclosure
12953| [7932] Apache HTTP Server mod_ssl mkcert.sh File Creation Permission Weakness
12954| [7931] Apache HTTP Server mod_ssl X.509 Client Certificate Authentication Bypass
12955| [7930] Apache HTTP Server mod_ssl ssl_expr_eval_func_file() Overflow
12956| [7929] Apache HTTP Server mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String
12957| [7611] Apache HTTP Server mod_alias Local Overflow
12958| [7394] Apache Tomcat mod_jk Invalid Transfer-Encoding Chunked Field DoS
12959| [7203] Apache Tomcat source.jsp Traversal Arbitrary File Access
12960| [7039] Apache HTTP Server on Mac OS X HFS+ File System Access Bypass
12961| [6882] Apache mod_python Malformed Query String Variant DoS
12962| [6839] Apache HTTP Server mod_proxy Content-Length Overflow
12963| [6630] Apache Tomcat Java Server Pages (JSP) Engine WPrinterJob() DoS
12964| [6472] Apache HTTP Server mod_ssl ssl_util_uuencode_binary Remote Overflow
12965| [5821] Apache HTTP Server Multiple / GET Remote Overflow DoS
12966| [5580] Apache Tomcat Servlet Malformed URL JSP Source Disclosure
12967| [5552] Apache HTTP Server split-logfile Arbitrary .log File Overwrite
12968| [5526] Apache Tomcat Long .JSP URI Path Disclosure
12969| [5278] Apache Tomcat web.xml Restriction Bypass
12970| [5051] Apache Tomcat Null Character DoS
12971| [4973] Apache Tomcat servlet Mapping XSS
12972| [4650] mod_gzip for Apache HTTP Server Debug Mode Printf Stack Overflow
12973| [4649] mod_gzip for Apache HTTP Server Debug Mode Format String Overflow
12974| [4648] mod_gzip for Apache HTTP Server Debug Mode Race Condition
12975| [4568] mod_survey For Apache ENV Tags SQL Injection
12976| [4553] Apache HTTP Server ApacheBench Overflow DoS
12977| [4552] Apache HTTP Server Shared Memory Scoreboard DoS
12978| [4446] Apache HTTP Server mod_disk_cache Stores Credentials
12979| [4383] Apache HTTP Server Socket Race Condition DoS
12980| [4382] Apache HTTP Server Log Entry Terminal Escape Sequence Injection
12981| [4340] Apache Portable Runtime (APR) apr_psprintf DoS
12982| [4232] Apache Cocoon DatabaseAuthenticatorAction SQL Injection
12983| [4231] Apache Cocoon Error Page Server Path Disclosure
12984| [4182] Apache HTTP Server mod_ssl Plain HTTP Request DoS
12985| [4181] Apache HTTP Server mod_access IP Address Netmask Rule Bypass
12986| [4075] Apache HTTP Sever on Windows .var File Request Path Disclosure
12987| [4037] Apache HTTP Server on Cygwin Encoded GET Request Arbitrary File Access
12988| [3877] Apache-SSL SSLVerifyClient SSLFakeBasicAuth Client Certificate Forgery
12989| [3819] Apache HTTP Server mod_digest Cross Realm Credential Replay
12990| [3322] mod_php for Apache HTTP Server Process Hijack
12991| [3215] mod_php for Apache HTTP Server File Descriptor Leakage
12992| [2885] Apache mod_python Malformed Query String DoS
12993| [2749] Apache Cocoon view-source Sample File Traversal Arbitrary File Access
12994| [2733] Apache HTTP Server mod_rewrite Local Overflow
12995| [2672] Apache HTTP Server mod_ssl SSLCipherSuite Ciphersuite Downgrade Weakness
12996| [2613] Apache HTTP Server mod_cgi stderr Output Handling Local DoS
12997| [2149] Apache::Gallery Privilege Escalation
12998| [2107] Apache HTTP Server mod_ssl Host: Header XSS
12999| [1926] Apache HTTP Server mod_rewrite Crafted URI Rule Bypass
13000| [1833] Apache HTTP Server Multiple Slash GET Request DoS
13001| [1577] Apache HTTP Server mod_rewrite RewriteRule Expansion Arbitrary File Access
13002| [872] Apache Tomcat Multiple Default Accounts
13003| [862] Apache HTTP Server SSI Error Page XSS
13004| [859] Apache HTTP Server Win32 Crafted Traversal Arbitrary File Access
13005| [849] Apache Tomcat TroubleShooter Servlet Information Disclosure
13006| [845] Apache Tomcat MSDOS Device XSS
13007| [844] Apache Tomcat Java Servlet Error Page XSS
13008| [842] Apache HTTP Server mod_ssl ssl_compat_directive Function Overflow
13009| [838] Apache HTTP Server Chunked Encoding Remote Overflow
13010| [827] PHP4 for Apache on Windows php.exe Malformed Request Path Disclosure
13011| [775] Apache mod_python Module Importing Privilege Function Execution
13012| [769] Apache HTTP Server Win32 DOS Batch File Arbitrary Command Execution
13013| [756] Apache HTTP Server mod_ssl i2d_SSL_SESSION Function SSL Client Certificate Overflow
13014| [701] Apache HTTP Server Win32 ScriptAlias php.exe Arbitrary File Access
13015| [674] Apache Tomcat Nonexistent File Error Message Path Disclosure
13016| [637] Apache HTTP Server UserDir Directive Username Enumeration
13017| [623] mod_auth_pgsql for Apache HTTP Server User Name SQL Injection
13018| [582] Apache HTTP Server Multiviews Feature Arbitrary Directory Listing
13019| [562] Apache HTTP Server mod_info /server-info Information Disclosure
13020| [561] Apache Web Servers mod_status /server-status Information Disclosure
13021| [417] Apache HTTP Server on SuSE Linux /doc/packages Remote Information Disclosure
13022| [410] mod_perl for Apache HTTP Server /perl/ Directory Listing
13023| [404] Apache HTTP Server on SuSE Linux WebDAV PROPFIND Arbitrary Directory Listing
13024| [402] Apache HTTP Server on SuSE Linux cgi-bin-sdb Request Script Source Disclosure
13025| [379] Apache ASP module Apache::ASP source.asp Example File Arbitrary File Creation
13026| [377] Apache Tomcat Snoop Servlet Remote Information Disclosure
13027| [376] Apache Tomcat contextAdmin Arbitrary File Access
13028| [342] Apache HTTP Server for Windows Multiple Forward Slash Directory Listing
13029| [222] Apache HTTP Server test-cgi Arbitrary File Access
13030| [143] Apache HTTP Server printenv.pl Multiple Method CGI XSS
13031| [48] Apache HTTP Server on Debian /usr/doc Directory Information Disclosure
13032|_
13033Service Info: Host: t.alpha-space.com; OSs: Unix, FreeBSD; CPE: cpe:/o:freebsd:freebsd
13034####################################################################################################################################
13035Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:21 EST
13036Nmap scan report for f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13037Host is up (0.078s latency).
13038Not shown: 467 closed ports, 1 filtered port
13039Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
13040PORT STATE SERVICE VERSION
1304122/tcp open ssh?
13042|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1304353/tcp open domain ISC BIND 9.11.4-P2
13044| dns-nsid:
13045|_ bind.version: 9.11.4-P2
1304680/tcp open http nginx 1.14.0
13047|_http-server-header: nginx/1.14.0
13048|_http-title: !
13049222/tcp open rsh-spx?
13050587/tcp open smtp Sendmail 8.15.2/8.15.2
13051| smtp-commands: t.alpha-space.com Hello r43.static.amanah.com [104.245.144.137] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE, DSN, STARTTLS, DELIVERBY, HELP,
13052|_ 2.0.0 This is sendmail version 8.15.2 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP <topic>". 2.0.0 To report bugs in the implementation see 2.0.0 http://www.sendmail.org/email-addresses.html 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info
13053| ssl-cert: Subject: commonName=host927589.mpdedicated.com/organizationName=Some-org/stateOrProvinceName=Some-state/countryName=XX
13054| Not valid before: 2018-10-25T22:15:02
13055|_Not valid after: 2019-10-25T22:15:02
13056|_ssl-date: TLS randomness does not represent time
130573306/tcp open mysql MySQL (unauthorized)
130588888/tcp open ssh OpenSSH 7.5 (FreeBSD 20170903; protocol 2.0)
13059| ssh-hostkey:
13060| 2048 96:ca:58:70:84:07:7b:a2:b5:e6:91:e9:69:c9:cd:4a (RSA)
13061| 256 12:9c:a5:1c:cd:9c:53:5f:88:b5:d0:01:67:ba:ab:a8 (ECDSA)
13062|_ 256 7f:4e:48:e1:79:74:c5:91:e7:fe:2d:ba:dd:e3:d6:bd (ED25519)
13063| vulners:
13064| cpe:/a:openbsd:openssh:7.5:
13065| CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
13066|_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
130679999/tcp open http Apache httpd (PHP 5.6.38)
13068|_http-server-header: Apache
13069|_http-title: Site doesn't have a title (text/html; charset=UTF-8).
13070Aggressive OS guesses: FreeBSD 11.0-RELEASE (95%), FreeBSD 11.0-STABLE (93%), FreeBSD 8.2-STABLE (90%), FreeBSD 11.0-RELEASE - 12.0-CURRENT (90%), FreeBSD 6.3-RELEASE (88%), FreeBSD 7.0-RELEASE (88%), FreeBSD 7.0-STABLE (88%), Crestron XPanel control system (88%), HP P2000 G3 NAS device (88%), OpenBSD 4.0 (x86) (87%)
13071No exact OS matches for host (test conditions non-ideal).
13072Network Distance: 15 hops
13073Service Info: Host: t.alpha-space.com; OSs: Unix, FreeBSD; CPE: cpe:/o:freebsd:freebsd
13074
13075TRACEROUTE (using port 3306/tcp)
13076HOP RTT ADDRESS
130771 129.40 ms 10.247.204.1
130782 129.45 ms R43.static.amanah.com (104.245.144.129)
130793 129.50 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
130804 87.86 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
130815 88.23 ms te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161)
130826 109.22 ms softlayer-ic-309536-toro-b1.c.telia.net (62.115.51.98)
130837 109.17 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
130848 109.15 ms ae7.bbr02.cl01.mon02.networklayer.com (50.97.19.131)
130859 109.17 ms ae7.bbr02.cl01.mon02.networklayer.com (50.97.19.131)
1308610 109.24 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
1308711 109.22 ms ae7.bbr02.cl01.mon02.networklayer.com (50.97.19.131)
1308812 109.25 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129)
1308913 79.72 ms 89.76.3fa9.ip4.static.sl-reverse.com (169.63.118.137)
1309014 109.18 ms po1004.fcr03a.wdc04.networklayer.com (169.55.118.207)
1309115 49.40 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13092####################################################################################################################################
13093Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:25 EST
13094Nmap scan report for f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13095Host is up (0.095s latency).
13096Not shown: 22 closed ports, 2 filtered ports
13097Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
13098PORT STATE SERVICE VERSION
1309953/tcp open domain ISC BIND 9.11.4-P2
1310053/udp open domain ISC BIND 9.11.4-P2
13101| dns-nsid:
13102|_ bind.version: 9.11.4-P2
13103123/udp open|filtered ntp
13104161/udp open|filtered snmp
13105Aggressive OS guesses: FreeBSD 11.0-RELEASE (94%), FreeBSD 11.0-STABLE (91%), FreeBSD 11.0-RELEASE - 12.0-CURRENT (89%), FreeBSD 8.2-STABLE (88%), FreeBSD 7.0-RELEASE (87%), FreeBSD 7.0-STABLE (87%), FreeBSD 11.0-CURRENT (86%), Vodavi XTS-IP PBX (86%), FreeBSD 10.2-RELEASE (86%), OpenBSD 4.0 (x86) (86%)
13106No exact OS matches for host (test conditions non-ideal).
13107Network Distance: 15 hops
13108
13109TRACEROUTE (using port 53/tcp)
13110HOP RTT ADDRESS
131111 71.55 ms 10.247.204.1
131122 150.59 ms R43.static.amanah.com (104.245.144.129)
131133 150.64 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
131144 150.63 ms toro-b3-link.telia.net (62.115.187.238)
131155 150.58 ms toro-b1-link.telia.net (62.115.116.181)
131166 181.08 ms softlayer-ic-309536-toro-b1.c.telia.net (62.115.51.98)
131177 181.06 ms ae-1-9.bar1.Toronto1.Level3.net (4.69.151.109)
131188 181.15 ms 4.16.48.14
131199 106.03 ms ae7.bbr02.cl01.tor02.networklayer.com (50.97.19.13)
1312010 106.00 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
1312111 106.04 ms ae7.bbr02.cl01.mon02.networklayer.com (50.97.19.131)
1312212 106.00 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129)
1312313 106.04 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
1312414 106.01 ms 81.76.3fa9.ip4.static.sl-reverse.com (169.63.118.129)
1312515 105.99 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13126####################################################################################################################################
13127Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:27 EST
13128Nmap scan report for f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13129Host is up (0.082s latency).
13130
13131PORT STATE SERVICE VERSION
1313222/tcp open ssh?
13133|_ssh-auth-methods: ERROR: Script execution failed (use -d to debug)
13134|_ssh-brute: ERROR: Script execution failed (use -d to debug)
13135|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
13136|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
13137|_ssh-run: ERROR: Script execution failed (use -d to debug)
13138Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
13139Aggressive OS guesses: FreeBSD 11.0-RELEASE (95%), FreeBSD 11.0-STABLE (95%), FreeBSD 11.0-RELEASE - 12.0-CURRENT (93%), FreeBSD 8.2-STABLE (90%), FreeBSD 11.0-CURRENT (89%), Vodavi XTS-IP PBX (89%), FreeBSD 7.0-RELEASE (88%), FreeBSD 7.0-STABLE (88%), Crestron XPanel control system (87%), OpenBSD 4.0 (x86) (87%)
13140No exact OS matches for host (test conditions non-ideal).
13141Network Distance: 15 hops
13142
13143TRACEROUTE (using port 22/tcp)
13144HOP RTT ADDRESS
131451 80.57 ms 10.247.204.1
131462 80.60 ms R43.static.amanah.com (104.245.144.129)
131473 80.63 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
131484 80.66 ms toro-b3-link.telia.net (62.115.187.238)
131495 80.88 ms toro-b1-link.telia.net (62.115.116.181)
131506 61.25 ms ae-4.bar4.Toronto1.Level3.net (4.68.38.245)
131517 91.99 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
131528 121.72 ms 4.16.48.14
131539 92.01 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129)
1315410 92.03 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
1315511 92.04 ms ae7.bbr02.cl01.mon02.networklayer.com (50.97.19.131)
1315612 91.98 ms ae2.dar03.wdc04.networklayer.com (169.45.18.235)
1315713 92.03 ms ae2.dar04.wdc04.networklayer.com (169.45.18.237)
1315814 92.04 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
1315915 92.06 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13160###################################################################################################################################
13161USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
13162RHOSTS => 169.47.149.241
13163RHOST => 169.47.149.241
13164[*] 169.47.149.241:22 - SSH - Using malformed packet technique
13165[*] 169.47.149.241:22 - SSH - Starting scan
13166[-] 169.47.149.241:22 - SSH - User 'admin' not found
13167[-] 169.47.149.241:22 - SSH - User 'administrator' not found
13168[-] 169.47.149.241:22 - SSH - User 'anonymous' not found
13169[-] 169.47.149.241:22 - SSH - User 'backup' not found
13170[-] 169.47.149.241:22 - SSH - User 'bee' not found
13171[-] 169.47.149.241:22 - SSH - User 'ftp' not found
13172[-] 169.47.149.241:22 - SSH - User 'guest' not found
13173[-] 169.47.149.241:22 - SSH - User 'GUEST' not found
13174[-] 169.47.149.241:22 - SSH - User 'info' not found
13175[-] 169.47.149.241:22 - SSH - User 'mail' not found
13176[-] 169.47.149.241:22 - SSH - User 'mailadmin' not found
13177[-] 169.47.149.241:22 - SSH - User 'msfadmin' not found
13178[-] 169.47.149.241:22 - SSH - User 'mysql' not found
13179[-] 169.47.149.241:22 - SSH - User 'nobody' not found
13180[-] 169.47.149.241:22 - SSH - User 'oracle' not found
13181[-] 169.47.149.241:22 - SSH - User 'owaspbwa' not found
13182[-] 169.47.149.241:22 - SSH - User 'postfix' not found
13183[-] 169.47.149.241:22 - SSH - User 'postgres' not found
13184[-] 169.47.149.241:22 - SSH - User 'private' not found
13185[-] 169.47.149.241:22 - SSH - User 'proftpd' not found
13186[-] 169.47.149.241:22 - SSH - User 'public' not found
13187[-] 169.47.149.241:22 - SSH - User 'root' not found
13188[-] 169.47.149.241:22 - SSH - User 'superadmin' not found
13189[-] 169.47.149.241:22 - SSH - User 'support' not found
13190[-] 169.47.149.241:22 - SSH - User 'sys' not found
13191[-] 169.47.149.241:22 - SSH - User 'system' not found
13192[-] 169.47.149.241:22 - SSH - User 'systemadmin' not found
13193[-] 169.47.149.241:22 - SSH - User 'systemadministrator' not found
13194[-] 169.47.149.241:22 - SSH - User 'test' not found
13195[-] 169.47.149.241:22 - SSH - User 'tomcat' not found
13196[-] 169.47.149.241:22 - SSH - User 'user' not found
13197[-] 169.47.149.241:22 - SSH - User 'webmaster' not found
13198[-] 169.47.149.241:22 - SSH - User 'www-data' not found
13199[-] 169.47.149.241:22 - SSH - User 'Fortimanager_Access' not found
13200[*] Scanned 1 of 1 hosts (100% complete)
13201[*] Auxiliary module execution completed
13202####################################################################################################################################
13203Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:33 EST
13204Nmap scan report for f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13205Host is up (0.091s latency).
13206
13207PORT STATE SERVICE VERSION
1320853/tcp open domain ISC BIND 9.11.4-P2
13209|_dns-fuzz: Server didn't response to our probe, can't fuzz
13210| dns-nsec-enum:
13211|_ No NSEC records found
13212| dns-nsec3-enum:
13213|_ DNSSEC NSEC3 not supported
13214| dns-nsid:
13215|_ bind.version: 9.11.4-P2
13216Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
13217Aggressive OS guesses: FreeBSD 11.0-RELEASE (94%), FreeBSD 11.0-STABLE (94%), FreeBSD 11.0-RELEASE - 12.0-CURRENT (93%), FreeBSD 11.0-CURRENT (89%), Vodavi XTS-IP PBX (89%), FreeBSD 8.2-STABLE (89%), FreeBSD 7.0-RELEASE (88%), FreeBSD 7.0-STABLE (88%), FreeBSD 9.1-STABLE (87%), Crestron XPanel control system (87%)
13218No exact OS matches for host (test conditions non-ideal).
13219Network Distance: 18 hops
13220
13221Host script results:
13222| dns-brute:
13223| DNS Brute-force hostnames:
13224| f5.95.2fa9.ip4.static.sl-reverse.com - 169.47.149.245
13225|_ db.95.2fa9.ip4.static.sl-reverse.com - 169.47.149.219
13226
13227TRACEROUTE (using port 53/tcp)
13228HOP RTT ADDRESS
132291 125.29 ms 10.247.204.1
132302 125.33 ms R43.static.amanah.com (104.245.144.129)
132313 81.58 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
132324 81.61 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
132335 52.03 ms toro-b1-link.telia.net (62.115.116.181)
132346 81.64 ms ae-4.bar4.Toronto1.Level3.net (4.68.38.245)
132357 155.62 ms ae7.bbr02.cl01.tor02.networklayer.com (50.97.19.13)
132368 111.92 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
132379 112.23 ms ae7.bbr02.cl01.tor02.networklayer.com (50.97.19.13)
1323810 112.19 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
1323911 82.41 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
1324012 112.22 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129)
1324113 112.24 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
1324214 82.45 ms 8b.76.3fa9.ip4.static.sl-reverse.com (169.63.118.139)
1324315 82.48 ms ae2.dar04.wdc04.networklayer.com (169.45.18.237)
1324416 82.47 ms 8b.76.3fa9.ip4.static.sl-reverse.com (169.63.118.139)
1324517 82.49 ms po1002.fcr03a.wdc04.networklayer.com (169.55.118.203)
1324618 51.03 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13247####################################################################################################################################
13248HTTP/1.1 200 OK
13249Server: nginx/1.14.0
13250Date: Tue, 11 Feb 2020 06:34:04 GMT
13251Content-Type: text/html; charset=UTF-8
13252Connection: keep-alive
13253Keep-Alive: timeout=20
13254
13255HTTP/1.1 200 OK
13256Server: nginx/1.14.0
13257Date: Tue, 11 Feb 2020 06:34:04 GMT
13258Content-Type: text/html; charset=UTF-8
13259Connection: keep-alive
13260Keep-Alive: timeout=20
13261####################################################################################################################################
13262Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:34 EST
13263Nmap scan report for f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13264Host is up (0.080s latency).
13265
13266PORT STATE SERVICE VERSION
13267123/tcp closed ntp
13268123/udp open|filtered ntp
13269Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
13270Device type: general purpose
13271Running: FreeBSD 11.X|7.X
13272OS CPE: cpe:/o:freebsd:freebsd:11.0 cpe:/o:freebsd:freebsd:7.0
13273OS details: FreeBSD 11.0-RELEASE, FreeBSD 7.0-STABLE
13274Network Distance: 18 hops
13275
13276TRACEROUTE (using port 123/tcp)
13277HOP RTT ADDRESS
132781 88.43 ms 10.247.204.1
132792 88.46 ms R43.static.amanah.com (104.245.144.129)
132803 88.50 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
132814 88.72 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
132825 89.40 ms te0-9-0-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.141)
132836 100.39 ms ae-4.bar4.Toronto1.Level3.net (4.68.38.245)
132847 160.22 ms ae7.bbr02.cl01.tor02.networklayer.com (50.97.19.13)
132858 130.32 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
132869 68.98 ms ae7.bbr02.cl01.tor02.networklayer.com (50.97.19.13)
1328710 130.35 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
1328811 130.33 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
1328912 130.32 ms ae2.dar04.wdc04.networklayer.com (169.45.18.237)
1329013 160.26 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
1329114 130.29 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
1329215 68.47 ms ae2.dar04.wdc04.networklayer.com (169.45.18.237)
1329316 88.47 ms 8f.76.3fa9.ip4.static.sl-reverse.com (169.63.118.143)
1329417 88.48 ms po1004.fcr03a.wdc04.networklayer.com (169.55.118.207)
1329518 88.34 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13296###################################################################################################################################
13297Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:36 EST
13298NSE: [mysql-brute] usernames: Time limit 3m00s exceeded.
13299NSE: [mysql-brute] usernames: Time limit 3m00s exceeded.
13300NSE: [mysql-brute] passwords: Time limit 3m00s exceeded.
13301Nmap scan report for f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13302Host is up (0.072s latency).
13303
13304PORT STATE SERVICE VERSION
133053306/tcp open mysql MySQL (unauthorized)
13306| mysql-brute:
13307| Accounts: No valid accounts found
13308|_ Statistics: Performed 20113 guesses in 180 seconds, average tps: 111.4
13309|_mysql-empty-password: Host '104.245.144.137' is not allowed to connect to this MySQL server
13310| mysql-enum:
13311| Accounts: No valid accounts found
13312|_ Statistics: Performed 10 guesses in 1 seconds, average tps: 10.0
13313|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
13314Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
13315Aggressive OS guesses: FreeBSD 11.0-RELEASE (93%), FreeBSD 11.0-STABLE (93%), FreeBSD 11.0-RELEASE - 12.0-CURRENT (92%), Vodavi XTS-IP PBX (89%), FreeBSD 11.0-CURRENT (88%), FreeBSD 8.2-STABLE (87%), FreeBSD 7.0-RELEASE (87%), Crestron XPanel control system (87%), FreeBSD 9.1-STABLE (86%), FreeBSD 7.0-STABLE (86%)
13316No exact OS matches for host (test conditions non-ideal).
13317Network Distance: 17 hops
13318
13319TRACEROUTE (using port 3306/tcp)
13320HOP RTT ADDRESS
133211 132.92 ms 10.247.204.1
133222 132.97 ms R43.static.amanah.com (104.245.144.129)
133233 133.01 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
133244 133.03 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
133255 133.01 ms te0-9-0-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.141)
133266 133.10 ms softlayer-ic-310012-toro-b1.c.telia.net (213.248.89.182)
133277 91.27 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
133288 91.22 ms 4.16.48.14
133299 112.65 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129)
1333010 112.68 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129)
1333111 112.58 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
1333212 112.62 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
1333313 112.72 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
1333414 112.65 ms 8d.76.3fa9.ip4.static.sl-reverse.com (169.63.118.141)
1333515 112.67 ms ae2.dar03.wdc04.networklayer.com (169.45.18.235)
1333616 112.69 ms 89.76.3fa9.ip4.static.sl-reverse.com (169.63.118.137)
1333717 83.17 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13338####################################################################################################################################
13339+-----------------+--------------------------------------+------------------------------------------------+----------+----------+
13340| App Name | URL to Application | Potential Exploit | Username | Password |
13341+-----------------+--------------------------------------+------------------------------------------------+----------+----------+
13342| Linksys WRT54GL | http://169.47.149.241:9999/apply.cgi | ./auxiliary/admin/http/linksys_wrt54gl_exec.rb | | |
13343+-----------------+--------------------------------------+------------------------------------------------+----------+----------+
13344###################################################################################################################################
13345Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-11 01:42 EST
13346Warning: 169.47.149.241 giving up on port because retransmission cap hit (2).
13347Nmap scan report for f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13348Host is up (0.081s latency).
13349Not shown: 65155 closed ports, 371 filtered ports
13350PORT STATE SERVICE VERSION
1335122/tcp open ssh?
13352|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1335353/tcp open domain ISC BIND 9.11.4-P2
13354| dns-nsid:
13355|_ bind.version: 9.11.4-P2
1335680/tcp open http nginx 1.14.0
13357|_http-server-header: nginx/1.14.0
13358|_http-title: !
13359222/tcp open rsh-spx?
13360587/tcp open smtp Sendmail 8.15.2/8.15.2
13361| smtp-commands: t.alpha-space.com Hello r43.static.amanah.com [104.245.144.137] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE, DSN, STARTTLS, DELIVERBY, HELP,
13362|_ 2.0.0 This is sendmail version 8.15.2 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP <topic>". 2.0.0 To report bugs in the implementation see 2.0.0 http://www.sendmail.org/email-addresses.html 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info
13363| ssl-cert: Subject: commonName=host927589.mpdedicated.com/organizationName=Some-org/stateOrProvinceName=Some-state/countryName=XX
13364| Not valid before: 2018-10-25T22:15:02
13365|_Not valid after: 2019-10-25T22:15:02
13366|_ssl-date: TLS randomness does not represent time
133673306/tcp open mysql MySQL (unauthorized)
133688888/tcp open ssh OpenSSH 7.5 (FreeBSD 20170903; protocol 2.0)
13369| ssh-hostkey:
13370| 2048 96:ca:58:70:84:07:7b:a2:b5:e6:91:e9:69:c9:cd:4a (RSA)
13371| 256 12:9c:a5:1c:cd:9c:53:5f:88:b5:d0:01:67:ba:ab:a8 (ECDSA)
13372|_ 256 7f:4e:48:e1:79:74:c5:91:e7:fe:2d:ba:dd:e3:d6:bd (ED25519)
13373| vulners:
13374| cpe:/a:openbsd:openssh:7.5:
13375| CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
13376|_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
133779999/tcp open http Apache httpd (PHP 5.6.38)
13378|_http-server-header: Apache
13379|_http-title: Site doesn't have a title (text/html; charset=UTF-8).
1338019999/tcp open http nginx 1.14.0
13381| http-auth:
13382| HTTP/1.1 401 Unauthorized\x0D
13383|_ Basic realm=Leo Master
13384|_http-server-header: nginx/1.14.0
13385|_http-title: 401 Authorization Required
13386Aggressive OS guesses: FreeBSD 11.0-RELEASE (95%), FreeBSD 11.0-STABLE (93%), FreeBSD 8.2-STABLE (90%), FreeBSD 11.0-RELEASE - 12.0-CURRENT (90%), FreeBSD 7.0-RELEASE (88%), FreeBSD 7.0-STABLE (88%), OpenBSD 4.0 (x86) (87%), FreeBSD 11.0-CURRENT (87%), FreeBSD 10.2-RELEASE (87%), OpenBSD 4.5 (86%)
13387No exact OS matches for host (test conditions non-ideal).
13388Network Distance: 16 hops
13389Service Info: Host: t.alpha-space.com; OSs: Unix, FreeBSD; CPE: cpe:/o:freebsd:freebsd
13390
13391TRACEROUTE (using port 5900/tcp)
13392HOP RTT ADDRESS
133931 30.70 ms 10.247.204.1
133942 60.44 ms R43.static.amanah.com (104.245.144.129)
133953 60.50 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
133964 60.55 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
133975 60.58 ms te0-9-0-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.141)
133986 141.78 ms softlayer-ic-310012-toro-b1.c.telia.net (213.248.89.182)
133997 122.48 ms ae-0-11.bar1.Toronto1.Level3.net (4.69.151.241)
134008 122.66 ms 4.16.48.14
134019 122.65 ms ae7.bbr02.cl01.tor02.networklayer.com (50.97.19.13)
1340210 122.64 ms ae0.bbr01.cl01.mon02.networklayer.com (50.97.19.126)
1340311 122.58 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
1340412 122.62 ms ae3.bbr01.tl01.nyc01.networklayer.com (50.97.19.129)
1340513 122.65 ms ae5.cbs01.tl01.nyc01.networklayer.com (50.97.17.38)
1340614 122.62 ms ae2.cbs01.cs01.wdc05.networklayer.com (169.45.18.188)
1340715 122.60 ms po1001.fcr03b.wdc04.networklayer.com (169.55.118.209)
1340816 48.68 ms f1.95.2fa9.ip4.static.sl-reverse.com (169.47.149.241)
13409###################################################################################################################################
13410Hosts
13411=====
13412
13413address mac name os_name os_flavor os_sp purpose info comments
13414------- --- ---- ------- --------- ----- ------- ---- --------
134158.113.216.185 Unknown device
1341623.194.8.156 a23-194-8-156.deploy.static.akamaitechnologies.com Unknown device
1341723.201.103.9 a23-201-103-9.deploy.static.akamaitechnologies.com embedded 6.X device
1341834.66.191.217 217.191.66.34.bc.googleusercontent.com Linux 2.4.X server
1341934.210.57.231 ec2-34-210-57-231.us-west-2.compute.amazonaws.com Linux 3.X server
1342045.60.80.235 Linux 3.X server
1342152.11.234.150 ec2-52-11-234-150.us-west-2.compute.amazonaws.com Linux 3.X server
1342252.35.54.14 ec2-52-35-54-14.us-west-2.compute.amazonaws.com Unknown device
1342352.198.183.13 ec2-52-198-183-13.ap-northeast-1.compute.amazonaws.co embedded device
1342454.73.84.17 ec2-54-73-84-17.eu-west-1.compute.amazonaws.com Unknown device
1342564.69.94.32 van-ded-1142-11.ezp.net Linux 2.6.X server
1342672.47.224.85 agaacqmame.c03.gridserver.com embedded device
1342780.82.79.116 no-reverse-dns-configured.com Linux 7.0 server
1342880.209.242.81 muhajeer.com Linux 3.X server
1342982.221.136.4 hekla.orangewebsite.com Unknown device
1343082.221.139.217 Unknown device
1343184.235.91.252 84-235-91-252.saudi.net.sa Unknown device
1343285.25.208.92 mail.suh-ev.de Linux 9.0 server
1343387.247.240.207 crayford.servers.prgn.misp.co.uk Android 5.X device
1343489.221.213.22 hc1-wd12.wedos.net Linux 2.6.X server
1343589.248.172.200 89-248-172-200.constellationservers.net Linux 8.0 server
1343693.89.20.20 Unknown device
1343793.95.228.158 vps-93-95-228-158.1984.is Linux 18.04 server
1343893.113.37.250 adsla250.ch-clienti.ro Linux 2.6.X server
1343993.174.93.84 Linux 3.X server
1344093.191.156.197 Unknown device
1344194.102.51.33 full-dark.net Linux 2.6.X server
13442104.148.49.2 embedded device
13443104.154.60.12 12.60.154.104.bc.googleusercontent.com Linux 2.6.X server
13444104.218.232.66 Linux 3.X server
13445104.244.74.54 embedded device
13446107.154.130.27 107.154.130.27.ip.incapdns.net Linux 3.X server
13447107.154.248.27 107.154.248.27.ip.incapdns.net Linux 3.X server
13448141.105.65.111 Linux 2.6.X server
13449147.237.0.206 embedded device
13450150.95.250.133 embedded device
13451151.139.243.11 Linux 4.X server
13452154.73.84.17 Unknown device
13453157.7.107.254 157-7-107-254.virt.lolipop.jp embedded device
13454159.89.0.72 Linux 16.04 server
13455160.153.72.166 ip-160-153-72-166.ip.secureserver.net Linux 3.X server
13456163.247.52.17 www.mtt.cl Linux 2.6.X server
13457163.247.96.10 Linux 2.6.X server
13458169.47.149.241 f1.95.2fa9.ip4.static.sl-reverse.com FreeBSD 11.X device
13459170.246.172.178 host-170-246-172-178.anacondaweb.com Linux 2.6.X server
13460180.222.81.193 bvdeuy193.secure.ne.jp Linux 2.6.X server
13461184.72.111.210 ec2-184-72-111-210.compute-1.amazonaws.com Linux 2.6.X server
13462185.2.4.98 lhcp1098.webapps.net embedded device
13463185.68.93.22 verbatim1981.example.com Unknown device
13464185.119.173.237 Linux 2.6.X server
13465186.67.91.110 ipj10-110.poderjudicial.cl Linux 2.6.X server
13466192.0.78.12 Linux 2.4.X server
13467192.0.78.13 Linux 2.6.X server
13468194.18.73.2 www.sakerhetspolisen.se Linux 2.6.X server
13469194.39.164.140 194.39.164.140.srvlist.ukfast.net Linux 3.X server
13470195.181.169.2 new-york-1.cdn77.com Linux 3.X server
13471199.191.50.92 Linux 2.6.X server
13472200.14.67.43 senado.cl Linux 2.6.X server
13473200.14.67.65 Linux 2.6.X server
13474200.35.157.77 srv77.talcaguia.cl Unknown device
13475201.131.38.40 Linux 2.6.X server
13476201.238.246.43 Unknown device
13477202.214.194.138 Linux 2.6.X server
13478202.238.130.103 Linux 2.6.X server
13479203.137.110.66 Unknown device
13480203.180.216.224 embedded device
13481203.183.218.244 Unknown device
13482205.134.171.80 acs-cd-86-ab-50.acs.ai.net Linux 16.04 server
13483208.113.216.185 apache2-rank.thomas-mckean.dreamhost.com Unknown device
13484208.113.220.218 apache2-xenon.accomack.dreamhost.com Unknown device
13485209.59.165.178 rabbit.ceilingsky.com Linux 2.6.X server
13486210.149.141.34 Unknown device
13487210.152.243.182 Unknown device
13488210.160.220.105 h105.sk3.estore.co.jp embedded device
13489210.160.220.113 h113.sk3.estore.co.jp embedded device
13490210.226.36.2 210-226-36-2.df.nttcomcloud.com Linux 2.6.X server
13491217.160.131.142 s18161039.onlinehome-server.info Linux 2.6.X server
13492####################################################################################################################################
13493Services
13494========
13495
13496host port proto name state info
13497---- ---- ----- ---- ----- ----
134988.113.216.185 25 tcp smtp closed
134998.113.216.185 53 tcp domain filtered
135008.113.216.185 53 udp domain unknown
135018.113.216.185 67 tcp dhcps filtered
135028.113.216.185 67 udp dhcps unknown
135038.113.216.185 68 tcp dhcpc filtered
135048.113.216.185 68 udp dhcpc unknown
135058.113.216.185 69 tcp tftp filtered
135068.113.216.185 69 udp tftp unknown
135078.113.216.185 88 tcp kerberos-sec filtered
135088.113.216.185 88 udp kerberos-sec unknown
135098.113.216.185 123 tcp ntp filtered
135108.113.216.185 123 udp ntp unknown
135118.113.216.185 137 tcp netbios-ns filtered
135128.113.216.185 137 udp netbios-ns filtered
135138.113.216.185 138 tcp netbios-dgm filtered
135148.113.216.185 138 udp netbios-dgm filtered
135158.113.216.185 139 tcp netbios-ssn closed
135168.113.216.185 139 udp netbios-ssn unknown
135178.113.216.185 161 tcp snmp filtered
135188.113.216.185 161 udp snmp unknown
135198.113.216.185 162 tcp snmptrap filtered
135208.113.216.185 162 udp snmptrap unknown
135218.113.216.185 389 tcp ldap filtered
135228.113.216.185 389 udp ldap unknown
135238.113.216.185 445 tcp microsoft-ds closed
135248.113.216.185 520 tcp efs filtered
135258.113.216.185 520 udp route unknown
135268.113.216.185 2049 tcp nfs filtered
135278.113.216.185 2049 udp nfs unknown
1352823.194.8.156 53 tcp domain filtered
1352923.194.8.156 53 udp domain unknown
1353023.194.8.156 67 tcp dhcps filtered
1353123.194.8.156 67 udp dhcps unknown
1353223.194.8.156 68 tcp dhcpc filtered
1353323.194.8.156 68 udp dhcpc unknown
1353423.194.8.156 69 tcp tftp filtered
1353523.194.8.156 69 udp tftp unknown
1353623.194.8.156 88 tcp kerberos-sec filtered
1353723.194.8.156 88 udp kerberos-sec unknown
1353823.194.8.156 123 tcp ntp filtered
1353923.194.8.156 123 udp ntp unknown
1354023.194.8.156 137 tcp netbios-ns filtered
1354123.194.8.156 137 udp netbios-ns filtered
1354223.194.8.156 138 tcp netbios-dgm filtered
1354323.194.8.156 138 udp netbios-dgm filtered
1354423.194.8.156 139 tcp netbios-ssn closed
1354523.194.8.156 139 udp netbios-ssn unknown
1354623.194.8.156 161 tcp snmp filtered
1354723.194.8.156 161 udp snmp unknown
1354823.194.8.156 162 tcp snmptrap filtered
1354923.194.8.156 162 udp snmptrap unknown
1355023.194.8.156 389 tcp ldap filtered
1355123.194.8.156 389 udp ldap unknown
1355223.194.8.156 520 tcp efs filtered
1355323.194.8.156 520 udp route unknown
1355423.194.8.156 2049 tcp nfs filtered
1355523.194.8.156 2049 udp nfs unknown
1355623.201.103.9 25 tcp smtp closed
1355723.201.103.9 53 tcp domain filtered
1355823.201.103.9 53 udp domain unknown
1355923.201.103.9 67 tcp dhcps filtered
1356023.201.103.9 67 udp dhcps unknown
1356123.201.103.9 68 tcp dhcpc filtered
1356223.201.103.9 68 udp dhcpc unknown
1356323.201.103.9 69 tcp tftp filtered
1356423.201.103.9 69 udp tftp unknown
1356523.201.103.9 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
1356623.201.103.9 88 tcp kerberos-sec filtered
1356723.201.103.9 88 udp kerberos-sec unknown
1356823.201.103.9 123 tcp ntp filtered
1356923.201.103.9 123 udp ntp unknown
1357023.201.103.9 137 tcp netbios-ns filtered
1357123.201.103.9 137 udp netbios-ns filtered
1357223.201.103.9 138 tcp netbios-dgm filtered
1357323.201.103.9 138 udp netbios-dgm filtered
1357423.201.103.9 139 tcp netbios-ssn closed
1357523.201.103.9 139 udp netbios-ssn unknown
1357623.201.103.9 161 tcp snmp filtered
1357723.201.103.9 161 udp snmp unknown
1357823.201.103.9 162 tcp snmptrap filtered
1357923.201.103.9 162 udp snmptrap unknown
1358023.201.103.9 389 tcp ldap filtered
1358123.201.103.9 389 udp ldap unknown
1358223.201.103.9 443 tcp ssl/http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
1358323.201.103.9 445 tcp microsoft-ds closed
1358423.201.103.9 520 tcp efs filtered
1358523.201.103.9 520 udp route unknown
1358623.201.103.9 2049 tcp nfs filtered
1358723.201.103.9 2049 udp nfs unknown
1358823.201.103.9 8883 tcp secure-mqtt open
1358934.66.191.217 25 tcp smtp closed
1359034.66.191.217 53 tcp domain filtered
1359134.66.191.217 53 udp domain unknown
1359234.66.191.217 67 tcp dhcps filtered
1359334.66.191.217 67 udp dhcps unknown
1359434.66.191.217 68 tcp dhcpc filtered
1359534.66.191.217 68 udp dhcpc unknown
1359634.66.191.217 69 tcp tftp filtered
1359734.66.191.217 69 udp tftp unknown
1359834.66.191.217 80 tcp http open nginx
1359934.66.191.217 88 tcp kerberos-sec filtered
1360034.66.191.217 88 udp kerberos-sec unknown
1360134.66.191.217 123 tcp ntp filtered
1360234.66.191.217 123 udp ntp unknown
1360334.66.191.217 137 tcp netbios-ns filtered
1360434.66.191.217 137 udp netbios-ns filtered
1360534.66.191.217 138 tcp netbios-dgm filtered
1360634.66.191.217 138 udp netbios-dgm filtered
1360734.66.191.217 139 tcp netbios-ssn closed
1360834.66.191.217 139 udp netbios-ssn unknown
1360934.66.191.217 161 tcp snmp filtered
1361034.66.191.217 161 udp snmp unknown
1361134.66.191.217 162 tcp snmptrap filtered
1361234.66.191.217 162 udp snmptrap unknown
1361334.66.191.217 389 tcp ldap filtered
1361434.66.191.217 389 udp ldap unknown
1361534.66.191.217 443 tcp ssl/http open nginx
1361634.66.191.217 445 tcp microsoft-ds closed
1361734.66.191.217 520 tcp efs filtered
1361834.66.191.217 520 udp route unknown
1361934.66.191.217 2049 tcp nfs filtered
1362034.66.191.217 2049 udp nfs unknown
1362134.66.191.217 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
1362234.210.57.231 25 tcp smtp closed
1362334.210.57.231 53 tcp domain filtered
1362434.210.57.231 53 udp domain unknown
1362534.210.57.231 67 tcp dhcps filtered
1362634.210.57.231 67 udp dhcps unknown
1362734.210.57.231 68 tcp dhcpc filtered
1362834.210.57.231 68 udp dhcpc unknown
1362934.210.57.231 69 tcp tftp filtered
1363034.210.57.231 69 udp tftp unknown
1363134.210.57.231 80 tcp http open awselb/2.0
1363234.210.57.231 88 tcp kerberos-sec filtered
1363334.210.57.231 88 udp kerberos-sec unknown
1363434.210.57.231 123 tcp ntp filtered
1363534.210.57.231 123 udp ntp unknown
1363634.210.57.231 137 tcp netbios-ns filtered
1363734.210.57.231 137 udp netbios-ns filtered
1363834.210.57.231 138 tcp netbios-dgm filtered
1363934.210.57.231 138 udp netbios-dgm filtered
1364034.210.57.231 139 tcp netbios-ssn closed
1364134.210.57.231 139 udp netbios-ssn unknown
1364234.210.57.231 161 tcp snmp filtered
1364334.210.57.231 161 udp snmp unknown
1364434.210.57.231 162 tcp snmptrap filtered
1364534.210.57.231 162 udp snmptrap unknown
1364634.210.57.231 389 tcp ldap filtered
1364734.210.57.231 389 udp ldap unknown
1364834.210.57.231 443 tcp ssl/http open nginx 1.10.3
1364934.210.57.231 445 tcp microsoft-ds closed
1365034.210.57.231 520 tcp efs filtered
1365134.210.57.231 520 udp route unknown
1365234.210.57.231 2049 tcp nfs filtered
1365334.210.57.231 2049 udp nfs unknown
1365445.60.80.235 53 tcp domain open
1365545.60.80.235 53 udp domain open
1365645.60.80.235 67 udp dhcps unknown
1365745.60.80.235 68 udp dhcpc unknown
1365845.60.80.235 69 udp tftp unknown
1365945.60.80.235 80 tcp http open Incapsula CDN httpd
1366045.60.80.235 81 tcp http open Incapsula CDN httpd
1366145.60.80.235 85 tcp http open Incapsula CDN httpd
1366245.60.80.235 88 tcp http open Incapsula CDN httpd
1366345.60.80.235 88 udp kerberos-sec unknown
1366445.60.80.235 123 udp ntp unknown
1366545.60.80.235 139 udp netbios-ssn unknown
1366645.60.80.235 161 udp snmp unknown
1366745.60.80.235 162 udp snmptrap unknown
1366845.60.80.235 389 tcp ssl/http open Incapsula CDN httpd
1366945.60.80.235 389 udp ldap unknown
1367045.60.80.235 443 tcp ssl/http open Incapsula CDN httpd
1367145.60.80.235 444 tcp ssl/http open Incapsula CDN httpd
1367245.60.80.235 446 tcp http open Incapsula CDN httpd
1367345.60.80.235 520 udp route unknown
1367445.60.80.235 587 tcp http open Incapsula CDN httpd
1367545.60.80.235 631 tcp http open Incapsula CDN httpd
1367645.60.80.235 888 tcp http open Incapsula CDN httpd
1367745.60.80.235 995 tcp ssl/http open Incapsula CDN httpd
1367845.60.80.235 998 tcp ssl/http open Incapsula CDN httpd
1367945.60.80.235 999 tcp http open Incapsula CDN httpd
1368045.60.80.235 1000 tcp http open Incapsula CDN httpd
1368145.60.80.235 1024 tcp http open Incapsula CDN httpd
1368245.60.80.235 1103 tcp http open Incapsula CDN httpd
1368345.60.80.235 1234 tcp http open Incapsula CDN httpd
1368445.60.80.235 1433 tcp http open Incapsula CDN httpd
1368545.60.80.235 1494 tcp http open Incapsula CDN httpd
1368645.60.80.235 2000 tcp ssl/http open Incapsula CDN httpd
1368745.60.80.235 2001 tcp http open Incapsula CDN httpd
1368845.60.80.235 2049 tcp http open Incapsula CDN httpd
1368945.60.80.235 2049 udp nfs unknown
1369045.60.80.235 2067 tcp http open Incapsula CDN httpd
1369145.60.80.235 2100 tcp ssl/http open Incapsula CDN httpd
1369245.60.80.235 2222 tcp http open Incapsula CDN httpd
1369345.60.80.235 2598 tcp http open Incapsula CDN httpd
1369445.60.80.235 3000 tcp http open Incapsula CDN httpd
1369545.60.80.235 3050 tcp http open Incapsula CDN httpd
1369645.60.80.235 3057 tcp http open Incapsula CDN httpd
1369745.60.80.235 3299 tcp http open Incapsula CDN httpd
1369845.60.80.235 3306 tcp ssl/http open Incapsula CDN httpd
1369945.60.80.235 3333 tcp http open Incapsula CDN httpd
1370045.60.80.235 3389 tcp ssl/http open Incapsula CDN httpd
1370145.60.80.235 3500 tcp http open Incapsula CDN httpd
1370245.60.80.235 3790 tcp http open Incapsula CDN httpd
1370345.60.80.235 4000 tcp http open Incapsula CDN httpd
1370445.60.80.235 4444 tcp ssl/http open Incapsula CDN httpd
1370545.60.80.235 4445 tcp ssl/http open Incapsula CDN httpd
1370645.60.80.235 5000 tcp http open Incapsula CDN httpd
1370745.60.80.235 5009 tcp http open Incapsula CDN httpd
1370845.60.80.235 5060 tcp ssl/http open Incapsula CDN httpd
1370945.60.80.235 5061 tcp ssl/http open Incapsula CDN httpd
1371045.60.80.235 5227 tcp ssl/http open Incapsula CDN httpd
1371145.60.80.235 5247 tcp ssl/http open Incapsula CDN httpd
1371245.60.80.235 5250 tcp ssl/http open Incapsula CDN httpd
1371345.60.80.235 5555 tcp http open Incapsula CDN httpd
1371445.60.80.235 5900 tcp http open Incapsula CDN httpd
1371545.60.80.235 5901 tcp ssl/http open Incapsula CDN httpd
1371645.60.80.235 5902 tcp ssl/http open Incapsula CDN httpd
1371745.60.80.235 5903 tcp ssl/http open Incapsula CDN httpd
1371845.60.80.235 5904 tcp ssl/http open Incapsula CDN httpd
1371945.60.80.235 5905 tcp ssl/http open Incapsula CDN httpd
1372045.60.80.235 5906 tcp ssl/http open Incapsula CDN httpd
1372145.60.80.235 5907 tcp ssl/http open Incapsula CDN httpd
1372245.60.80.235 5908 tcp ssl/http open Incapsula CDN httpd
1372345.60.80.235 5909 tcp ssl/http open Incapsula CDN httpd
1372445.60.80.235 5910 tcp ssl/http open Incapsula CDN httpd
1372545.60.80.235 5920 tcp ssl/http open Incapsula CDN httpd
1372645.60.80.235 5984 tcp ssl/http open Incapsula CDN httpd
1372745.60.80.235 5985 tcp http open Incapsula CDN httpd
1372845.60.80.235 5986 tcp ssl/http open Incapsula CDN httpd
1372945.60.80.235 5999 tcp ssl/http open Incapsula CDN httpd
1373045.60.80.235 6000 tcp http open Incapsula CDN httpd
1373145.60.80.235 6060 tcp http open Incapsula CDN httpd
1373245.60.80.235 6161 tcp http open Incapsula CDN httpd
1373345.60.80.235 6379 tcp http open Incapsula CDN httpd
1373445.60.80.235 6661 tcp ssl/http open Incapsula CDN httpd
1373545.60.80.235 6789 tcp http open Incapsula CDN httpd
1373645.60.80.235 7001 tcp http open Incapsula CDN httpd
1373745.60.80.235 7021 tcp http open Incapsula CDN httpd
1373845.60.80.235 7071 tcp ssl/http open Incapsula CDN httpd
1373945.60.80.235 7080 tcp http open Incapsula CDN httpd
1374045.60.80.235 7272 tcp ssl/http open Incapsula CDN httpd
1374145.60.80.235 7443 tcp ssl/http open Incapsula CDN httpd
1374245.60.80.235 7700 tcp http open Incapsula CDN httpd
1374345.60.80.235 7777 tcp http open Incapsula CDN httpd
1374445.60.80.235 7778 tcp http open Incapsula CDN httpd
1374545.60.80.235 8000 tcp http open Incapsula CDN httpd
1374645.60.80.235 8001 tcp http open Incapsula CDN httpd
1374745.60.80.235 8008 tcp http open Incapsula CDN httpd
1374845.60.80.235 8014 tcp http open Incapsula CDN httpd
1374945.60.80.235 8020 tcp http open Incapsula CDN httpd
1375045.60.80.235 8023 tcp http open Incapsula CDN httpd
1375145.60.80.235 8028 tcp http open Incapsula CDN httpd
1375245.60.80.235 8030 tcp http open Incapsula CDN httpd
1375345.60.80.235 8050 tcp http open Incapsula CDN httpd
1375445.60.80.235 8051 tcp http open Incapsula CDN httpd
1375545.60.80.235 8080 tcp http open Incapsula CDN httpd
1375645.60.80.235 8081 tcp http open Incapsula CDN httpd
1375745.60.80.235 8082 tcp http open Incapsula CDN httpd
1375845.60.80.235 8085 tcp http open Incapsula CDN httpd
1375945.60.80.235 8086 tcp http open Incapsula CDN httpd
1376045.60.80.235 8087 tcp http open Incapsula CDN httpd
1376145.60.80.235 8088 tcp http open Incapsula CDN httpd
1376245.60.80.235 8090 tcp http open Incapsula CDN httpd
1376345.60.80.235 8091 tcp http open Incapsula CDN httpd
1376445.60.80.235 8095 tcp http open Incapsula CDN httpd
1376545.60.80.235 8101 tcp http open Incapsula CDN httpd
1376645.60.80.235 8161 tcp http open Incapsula CDN httpd
1376745.60.80.235 8180 tcp http open Incapsula CDN httpd
1376845.60.80.235 8222 tcp http open Incapsula CDN httpd
1376945.60.80.235 8333 tcp http open Incapsula CDN httpd
1377045.60.80.235 8443 tcp ssl/http open Incapsula CDN httpd
1377145.60.80.235 8444 tcp http open Incapsula CDN httpd
1377245.60.80.235 8445 tcp http open Incapsula CDN httpd
1377345.60.80.235 8503 tcp ssl/http open Incapsula CDN httpd
1377445.60.80.235 8686 tcp http open Incapsula CDN httpd
1377545.60.80.235 8787 tcp http open Incapsula CDN httpd
1377645.60.80.235 8800 tcp http open Incapsula CDN httpd
1377745.60.80.235 8812 tcp http open Incapsula CDN httpd
1377845.60.80.235 8834 tcp http open Incapsula CDN httpd
1377945.60.80.235 8880 tcp http open Incapsula CDN httpd
1378045.60.80.235 8888 tcp http open Incapsula CDN httpd
1378145.60.80.235 8890 tcp http open Incapsula CDN httpd
1378245.60.80.235 8899 tcp http open Incapsula CDN httpd
1378345.60.80.235 8901 tcp http open Incapsula CDN httpd
1378445.60.80.235 8902 tcp http open Incapsula CDN httpd
1378545.60.80.235 8999 tcp http open Incapsula CDN httpd
1378645.60.80.235 9000 tcp http open Incapsula CDN httpd
1378745.60.80.235 9001 tcp http open Incapsula CDN httpd
1378845.60.80.235 9002 tcp http open Incapsula CDN httpd
1378945.60.80.235 9003 tcp http open Incapsula CDN httpd
1379045.60.80.235 9004 tcp http open Incapsula CDN httpd
1379145.60.80.235 9005 tcp http open Incapsula CDN httpd
1379245.60.80.235 9010 tcp http open Incapsula CDN httpd
1379345.60.80.235 9050 tcp http open Incapsula CDN httpd
1379445.60.80.235 9080 tcp http open Incapsula CDN httpd
1379545.60.80.235 9081 tcp ssl/http open Incapsula CDN httpd
1379645.60.80.235 9084 tcp http open Incapsula CDN httpd
1379745.60.80.235 9090 tcp http open Incapsula CDN httpd
1379845.60.80.235 9099 tcp http open Incapsula CDN httpd
1379945.60.80.235 9100 tcp jetdirect open
1380045.60.80.235 9111 tcp http open Incapsula CDN httpd
1380145.60.80.235 9200 tcp http open Incapsula CDN httpd
1380245.60.80.235 9300 tcp http open Incapsula CDN httpd
1380345.60.80.235 9500 tcp http open Incapsula CDN httpd
1380445.60.80.235 9711 tcp ssl/http open Incapsula CDN httpd
1380545.60.80.235 9991 tcp http open Incapsula CDN httpd
1380645.60.80.235 9999 tcp http open Incapsula CDN httpd
1380745.60.80.235 10000 tcp http open Incapsula CDN httpd
1380852.11.234.150 25 tcp smtp closed
1380952.11.234.150 53 tcp domain filtered
1381052.11.234.150 53 udp domain unknown
1381152.11.234.150 67 tcp dhcps filtered
1381252.11.234.150 67 udp dhcps unknown
1381352.11.234.150 68 tcp dhcpc filtered
1381452.11.234.150 68 udp dhcpc unknown
1381552.11.234.150 69 tcp tftp filtered
1381652.11.234.150 69 udp tftp unknown
1381752.11.234.150 80 tcp http open awselb/2.0
1381852.11.234.150 88 tcp kerberos-sec filtered
1381952.11.234.150 88 udp kerberos-sec unknown
1382052.11.234.150 123 tcp ntp filtered
1382152.11.234.150 123 udp ntp unknown
1382252.11.234.150 137 tcp netbios-ns filtered
1382352.11.234.150 137 udp netbios-ns filtered
1382452.11.234.150 138 tcp netbios-dgm filtered
1382552.11.234.150 138 udp netbios-dgm filtered
1382652.11.234.150 139 tcp netbios-ssn closed
1382752.11.234.150 139 udp netbios-ssn unknown
1382852.11.234.150 161 tcp snmp filtered
1382952.11.234.150 161 udp snmp unknown
1383052.11.234.150 162 tcp snmptrap filtered
1383152.11.234.150 162 udp snmptrap unknown
1383252.11.234.150 389 tcp ldap filtered
1383352.11.234.150 389 udp ldap unknown
1383452.11.234.150 443 tcp ssl/http open nginx 1.10.3
1383552.11.234.150 445 tcp microsoft-ds closed
1383652.11.234.150 520 tcp efs filtered
1383752.11.234.150 520 udp route unknown
1383852.11.234.150 2049 tcp nfs filtered
1383952.11.234.150 2049 udp nfs unknown
1384052.35.54.14 53 tcp domain filtered
1384152.35.54.14 53 udp domain unknown
1384252.35.54.14 67 tcp dhcps filtered
1384352.35.54.14 67 udp dhcps unknown
1384452.35.54.14 68 tcp dhcpc filtered
1384552.35.54.14 68 udp dhcpc unknown
1384652.35.54.14 69 tcp tftp filtered
1384752.35.54.14 69 udp tftp unknown
1384852.35.54.14 88 tcp kerberos-sec filtered
1384952.35.54.14 88 udp kerberos-sec unknown
1385052.35.54.14 123 tcp ntp filtered
1385152.35.54.14 123 udp ntp unknown
1385252.35.54.14 137 tcp netbios-ns filtered
1385352.35.54.14 137 udp netbios-ns filtered
1385452.35.54.14 138 tcp netbios-dgm filtered
1385552.35.54.14 138 udp netbios-dgm filtered
1385652.35.54.14 139 tcp netbios-ssn closed
1385752.35.54.14 139 udp netbios-ssn unknown
1385852.35.54.14 161 tcp snmp filtered
1385952.35.54.14 161 udp snmp unknown
1386052.35.54.14 162 tcp snmptrap filtered
1386152.35.54.14 162 udp snmptrap unknown
1386252.35.54.14 389 tcp ldap filtered
1386352.35.54.14 389 udp ldap unknown
1386452.35.54.14 520 tcp efs filtered
1386552.35.54.14 520 udp route unknown
1386652.35.54.14 2049 tcp nfs filtered
1386752.35.54.14 2049 udp nfs unknown
1386852.198.183.13 25 tcp smtp closed
1386952.198.183.13 53 tcp domain filtered
1387052.198.183.13 53 udp domain unknown
1387152.198.183.13 67 tcp dhcps filtered
1387252.198.183.13 67 udp dhcps unknown
1387352.198.183.13 68 tcp dhcpc filtered
1387452.198.183.13 68 udp dhcpc unknown
1387552.198.183.13 69 tcp tftp filtered
1387652.198.183.13 69 udp tftp unknown
1387752.198.183.13 80 tcp http open nginx
1387852.198.183.13 88 tcp kerberos-sec filtered
1387952.198.183.13 88 udp kerberos-sec unknown
1388052.198.183.13 123 tcp ntp filtered
1388152.198.183.13 123 udp ntp unknown
1388252.198.183.13 137 tcp netbios-ns filtered
1388352.198.183.13 137 udp netbios-ns filtered
1388452.198.183.13 138 tcp netbios-dgm filtered
1388552.198.183.13 138 udp netbios-dgm filtered
1388652.198.183.13 139 tcp netbios-ssn closed
1388752.198.183.13 139 udp netbios-ssn unknown
1388852.198.183.13 161 tcp snmp filtered
1388952.198.183.13 161 udp snmp unknown
1389052.198.183.13 162 tcp snmptrap filtered
1389152.198.183.13 162 udp snmptrap unknown
1389252.198.183.13 389 tcp ldap filtered
1389352.198.183.13 389 udp ldap unknown
1389452.198.183.13 443 tcp ssl/http open nginx
1389552.198.183.13 445 tcp microsoft-ds closed
1389652.198.183.13 520 tcp efs filtered
1389752.198.183.13 520 udp route unknown
1389852.198.183.13 2049 tcp nfs filtered
1389952.198.183.13 2049 udp nfs unknown
1390054.73.84.17 25 tcp smtp closed
1390154.73.84.17 53 tcp domain filtered
1390254.73.84.17 53 udp domain unknown
1390354.73.84.17 67 tcp dhcps filtered
1390454.73.84.17 67 udp dhcps unknown
1390554.73.84.17 68 tcp dhcpc filtered
1390654.73.84.17 68 udp dhcpc unknown
1390754.73.84.17 69 tcp tftp filtered
1390854.73.84.17 69 udp tftp unknown
1390954.73.84.17 88 tcp kerberos-sec filtered
1391054.73.84.17 88 udp kerberos-sec unknown
1391154.73.84.17 123 tcp ntp filtered
1391254.73.84.17 123 udp ntp unknown
1391354.73.84.17 137 tcp netbios-ns filtered
1391454.73.84.17 137 udp netbios-ns filtered
1391554.73.84.17 138 tcp netbios-dgm filtered
1391654.73.84.17 138 udp netbios-dgm filtered
1391754.73.84.17 139 tcp netbios-ssn closed
1391854.73.84.17 139 udp netbios-ssn unknown
1391954.73.84.17 161 tcp snmp filtered
1392054.73.84.17 161 udp snmp unknown
1392154.73.84.17 162 tcp snmptrap filtered
1392254.73.84.17 162 udp snmptrap unknown
1392354.73.84.17 389 tcp ldap filtered
1392454.73.84.17 389 udp ldap unknown
1392554.73.84.17 445 tcp microsoft-ds closed
1392654.73.84.17 520 tcp efs filtered
1392754.73.84.17 520 udp route unknown
1392854.73.84.17 2049 tcp nfs filtered
1392954.73.84.17 2049 udp nfs unknown
1393064.69.94.32 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
1393164.69.94.32 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
1393264.69.94.32 67 tcp dhcps filtered
1393364.69.94.32 67 udp dhcps unknown
1393464.69.94.32 68 tcp dhcpc filtered
1393564.69.94.32 68 udp dhcpc unknown
1393664.69.94.32 69 tcp tftp filtered
1393764.69.94.32 69 udp tftp unknown
1393864.69.94.32 88 tcp kerberos-sec filtered
1393964.69.94.32 88 udp kerberos-sec unknown
1394064.69.94.32 123 tcp ntp filtered
1394164.69.94.32 123 udp ntp unknown
1394264.69.94.32 137 tcp netbios-ns filtered
1394364.69.94.32 137 udp netbios-ns filtered
1394464.69.94.32 138 tcp netbios-dgm filtered
1394564.69.94.32 138 udp netbios-dgm filtered
1394664.69.94.32 139 tcp netbios-ssn closed
1394764.69.94.32 139 udp netbios-ssn unknown
1394864.69.94.32 161 tcp snmp filtered
1394964.69.94.32 161 udp snmp unknown
1395064.69.94.32 162 tcp snmptrap filtered
1395164.69.94.32 162 udp snmptrap unknown
1395264.69.94.32 389 tcp ldap filtered
1395364.69.94.32 389 udp ldap unknown
1395464.69.94.32 520 tcp efs filtered
1395564.69.94.32 520 udp route unknown
1395664.69.94.32 2049 tcp nfs filtered
1395764.69.94.32 2049 udp nfs unknown
1395872.47.224.85 25 tcp smtp closed
1395972.47.224.85 53 tcp domain filtered
1396072.47.224.85 53 udp domain unknown
1396172.47.224.85 67 tcp dhcps filtered
1396272.47.224.85 67 udp dhcps unknown
1396372.47.224.85 68 tcp dhcpc filtered
1396472.47.224.85 68 udp dhcpc unknown
1396572.47.224.85 69 tcp tftp filtered
1396672.47.224.85 69 udp tftp unknown
1396772.47.224.85 80 tcp http open Apache httpd 2.4.39
1396872.47.224.85 88 tcp kerberos-sec filtered
1396972.47.224.85 88 udp kerberos-sec unknown
1397072.47.224.85 110 tcp pop3 open Dovecot pop3d
1397172.47.224.85 123 tcp ntp filtered
1397272.47.224.85 123 udp ntp unknown
1397372.47.224.85 137 tcp netbios-ns filtered
1397472.47.224.85 137 udp netbios-ns filtered
1397572.47.224.85 138 tcp netbios-dgm filtered
1397672.47.224.85 138 udp netbios-dgm filtered
1397772.47.224.85 139 tcp netbios-ssn closed
1397872.47.224.85 139 udp netbios-ssn unknown
1397972.47.224.85 143 tcp imap open Dovecot imapd
1398072.47.224.85 161 tcp snmp filtered
1398172.47.224.85 161 udp snmp unknown
1398272.47.224.85 162 tcp snmptrap filtered
1398372.47.224.85 162 udp snmptrap unknown
1398472.47.224.85 389 tcp ldap filtered
1398572.47.224.85 389 udp ldap unknown
1398672.47.224.85 443 tcp ssl/http open nginx 1.16.1
1398772.47.224.85 445 tcp microsoft-ds closed
1398872.47.224.85 465 tcp ssl/smtp open Exim smtpd 4.84_2
1398972.47.224.85 520 tcp efs filtered
1399072.47.224.85 520 udp route unknown
1399172.47.224.85 587 tcp smtp open Exim smtpd 4.84_2
1399272.47.224.85 993 tcp ssl/imaps open
1399372.47.224.85 995 tcp ssl/pop3s open
1399472.47.224.85 2049 tcp nfs filtered
1399572.47.224.85 2049 udp nfs unknown
1399680.82.79.116 21 tcp ftp open 220 (vsFTPd 3.0.2)\x0d\x0a
1399780.82.79.116 22 tcp ssh open SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u6
1399880.82.79.116 53 tcp domain open ISC BIND 9.8.4-rpz2+rl005.12-P1
1399980.82.79.116 53 udp domain open ISC BIND 9.8.4-rpz2+rl005.12-P1
1400080.82.79.116 67 tcp dhcps closed
1400180.82.79.116 67 udp dhcps closed
1400280.82.79.116 68 tcp dhcpc closed
1400380.82.79.116 68 udp dhcpc closed
1400480.82.79.116 69 tcp tftp closed
1400580.82.79.116 69 udp tftp unknown
1400680.82.79.116 88 tcp kerberos-sec closed
1400780.82.79.116 88 udp kerberos-sec unknown
1400880.82.79.116 123 tcp ntp closed
1400980.82.79.116 123 udp ntp unknown
1401080.82.79.116 137 tcp netbios-ns closed
1401180.82.79.116 137 udp netbios-ns filtered
1401280.82.79.116 138 tcp netbios-dgm closed
1401380.82.79.116 138 udp netbios-dgm filtered
1401480.82.79.116 139 tcp netbios-ssn closed
1401580.82.79.116 139 udp netbios-ssn unknown
1401680.82.79.116 161 tcp snmp closed
1401780.82.79.116 161 udp snmp closed
1401880.82.79.116 162 tcp snmptrap closed
1401980.82.79.116 162 udp snmptrap closed
1402080.82.79.116 389 tcp ldap closed
1402180.82.79.116 389 udp ldap closed
1402280.82.79.116 520 tcp efs closed
1402380.82.79.116 520 udp route closed
1402480.82.79.116 2049 tcp nfs closed
1402580.82.79.116 2049 udp nfs unknown
1402680.209.242.81 21 tcp ftp open 220 FTP Server ready.\x0d\x0a
1402780.209.242.81 22 tcp ssh open SSH-2.0-OpenSSH_7.4
1402880.209.242.81 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
1402980.209.242.81 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
1403080.209.242.81 67 tcp dhcps filtered
1403180.209.242.81 67 udp dhcps unknown
1403280.209.242.81 68 tcp dhcpc filtered
1403380.209.242.81 68 udp dhcpc unknown
1403480.209.242.81 69 tcp tftp filtered
1403580.209.242.81 69 udp tftp unknown
1403680.209.242.81 88 tcp kerberos-sec filtered
1403780.209.242.81 88 udp kerberos-sec unknown
1403880.209.242.81 123 tcp ntp filtered
1403980.209.242.81 123 udp ntp unknown
1404080.209.242.81 137 tcp netbios-ns filtered
1404180.209.242.81 137 udp netbios-ns filtered
1404280.209.242.81 138 tcp netbios-dgm filtered
1404380.209.242.81 138 udp netbios-dgm filtered
1404480.209.242.81 139 tcp netbios-ssn closed
1404580.209.242.81 139 udp netbios-ssn unknown
1404680.209.242.81 161 tcp snmp filtered
1404780.209.242.81 161 udp snmp unknown
1404880.209.242.81 162 tcp snmptrap filtered
1404980.209.242.81 162 udp snmptrap unknown
1405080.209.242.81 389 tcp ldap filtered
1405180.209.242.81 389 udp ldap filtered
1405280.209.242.81 520 tcp efs filtered
1405380.209.242.81 520 udp route unknown
1405480.209.242.81 2049 tcp nfs filtered
1405580.209.242.81 2049 udp nfs unknown
1405682.221.136.4 21 tcp ftp open Your connection to this server has been blocked in this server's firewall.\x0d\x0aYou need to contact the server owner for further information.\x0d\x0a
1405782.221.136.4 53 tcp domain filtered
1405882.221.136.4 53 udp domain unknown
1405982.221.136.4 67 tcp dhcps filtered
1406082.221.136.4 67 udp dhcps unknown
1406182.221.136.4 68 tcp dhcpc filtered
1406282.221.136.4 68 udp dhcpc unknown
1406382.221.136.4 69 tcp tftp filtered
1406482.221.136.4 69 udp tftp unknown
1406582.221.136.4 88 tcp kerberos-sec filtered
1406682.221.136.4 88 udp kerberos-sec unknown
1406782.221.136.4 123 tcp ntp filtered
1406882.221.136.4 123 udp ntp unknown
1406982.221.136.4 137 tcp netbios-ns filtered
1407082.221.136.4 137 udp netbios-ns filtered
1407182.221.136.4 138 tcp netbios-dgm filtered
1407282.221.136.4 138 udp netbios-dgm filtered
1407382.221.136.4 139 tcp netbios-ssn closed
1407482.221.136.4 139 udp netbios-ssn unknown
1407582.221.136.4 161 tcp snmp filtered
1407682.221.136.4 161 udp snmp unknown
1407782.221.136.4 162 tcp snmptrap filtered
1407882.221.136.4 162 udp snmptrap unknown
1407982.221.136.4 389 tcp ldap filtered
1408082.221.136.4 389 udp ldap unknown
1408182.221.136.4 520 tcp efs filtered
1408282.221.136.4 520 udp route unknown
1408382.221.136.4 2049 tcp nfs filtered
1408482.221.136.4 2049 udp nfs unknown
1408582.221.139.217 22 tcp ssh open SSH-2.0-OpenSSH_5.3
1408684.235.91.252 25 tcp smtp closed
1408784.235.91.252 53 tcp domain filtered
1408884.235.91.252 53 udp domain unknown
1408984.235.91.252 67 tcp dhcps filtered
1409084.235.91.252 67 udp dhcps unknown
1409184.235.91.252 68 tcp dhcpc filtered
1409284.235.91.252 68 udp dhcpc unknown
1409384.235.91.252 69 tcp tftp filtered
1409484.235.91.252 69 udp tftp unknown
1409584.235.91.252 88 tcp kerberos-sec filtered
1409684.235.91.252 88 udp kerberos-sec unknown
1409784.235.91.252 123 tcp ntp filtered
1409884.235.91.252 123 udp ntp unknown
1409984.235.91.252 137 tcp netbios-ns filtered
1410084.235.91.252 137 udp netbios-ns filtered
1410184.235.91.252 138 tcp netbios-dgm filtered
1410284.235.91.252 138 udp netbios-dgm filtered
1410384.235.91.252 139 tcp netbios-ssn closed
1410484.235.91.252 139 udp netbios-ssn unknown
1410584.235.91.252 161 tcp snmp filtered
1410684.235.91.252 161 udp snmp unknown
1410784.235.91.252 162 tcp snmptrap filtered
1410884.235.91.252 162 udp snmptrap unknown
1410984.235.91.252 389 tcp ldap filtered
1411084.235.91.252 389 udp ldap unknown
1411184.235.91.252 445 tcp microsoft-ds closed
1411284.235.91.252 520 tcp efs filtered
1411384.235.91.252 520 udp route unknown
1411484.235.91.252 2049 tcp nfs filtered
1411584.235.91.252 2049 udp nfs unknown
1411685.25.208.92 22 tcp ssh open SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
1411785.25.208.92 53 tcp domain closed
1411885.25.208.92 53 udp domain closed
1411985.25.208.92 67 tcp dhcps closed
1412085.25.208.92 67 udp dhcps closed
1412185.25.208.92 68 tcp dhcpc closed
1412285.25.208.92 68 udp dhcpc closed
1412385.25.208.92 69 tcp tftp closed
1412485.25.208.92 69 udp tftp unknown
1412585.25.208.92 88 tcp kerberos-sec closed
1412685.25.208.92 88 udp kerberos-sec unknown
1412785.25.208.92 123 tcp ntp closed
1412885.25.208.92 123 udp ntp open
1412985.25.208.92 137 tcp netbios-ns closed
1413085.25.208.92 137 udp netbios-ns filtered
1413185.25.208.92 138 tcp netbios-dgm closed
1413285.25.208.92 138 udp netbios-dgm filtered
1413385.25.208.92 139 tcp netbios-ssn closed
1413485.25.208.92 139 udp netbios-ssn closed
1413585.25.208.92 161 tcp snmp closed
1413685.25.208.92 161 udp snmp closed
1413785.25.208.92 162 tcp snmptrap closed
1413885.25.208.92 162 udp snmptrap closed
1413985.25.208.92 389 tcp ldap closed
1414085.25.208.92 389 udp ldap unknown
1414185.25.208.92 520 tcp efs closed
1414285.25.208.92 520 udp route closed
1414385.25.208.92 2049 tcp nfs closed
1414485.25.208.92 2049 udp nfs closed
1414587.247.240.207 21 tcp ftp open ProFTPD
1414687.247.240.207 22 tcp ssh open OpenSSH 7.4 protocol 2.0
1414787.247.240.207 67 udp dhcps unknown
1414887.247.240.207 68 udp dhcpc unknown
1414987.247.240.207 69 udp tftp unknown
1415087.247.240.207 80 tcp http open Apache httpd
1415187.247.240.207 88 udp kerberos-sec unknown
1415287.247.240.207 110 tcp pop3 open Dovecot pop3d
1415387.247.240.207 123 udp ntp unknown
1415487.247.240.207 139 udp netbios-ssn unknown
1415587.247.240.207 143 tcp imap open Dovecot imapd
1415687.247.240.207 161 udp snmp unknown
1415787.247.240.207 162 udp snmptrap unknown
1415887.247.240.207 389 udp ldap unknown
1415987.247.240.207 443 tcp ssl/http open Apache httpd
1416087.247.240.207 465 tcp ssl/smtp open Exim smtpd 4.92
1416187.247.240.207 520 udp route unknown
1416287.247.240.207 587 tcp smtp open Exim smtpd 4.92
1416387.247.240.207 993 tcp ssl/imaps open
1416487.247.240.207 995 tcp ssl/pop3s open
1416587.247.240.207 2049 udp nfs unknown
1416689.221.213.22 21 tcp ftp open vsftpd 3.0.2
1416789.221.213.22 53 tcp domain filtered
1416889.221.213.22 53 udp domain unknown
1416989.221.213.22 67 tcp dhcps filtered
1417089.221.213.22 67 udp dhcps unknown
1417189.221.213.22 68 tcp dhcpc filtered
1417289.221.213.22 68 udp dhcpc unknown
1417389.221.213.22 69 tcp tftp filtered
1417489.221.213.22 69 udp tftp unknown
1417589.221.213.22 88 tcp kerberos-sec filtered
1417689.221.213.22 88 udp kerberos-sec unknown
1417789.221.213.22 123 tcp ntp filtered
1417889.221.213.22 123 udp ntp unknown
1417989.221.213.22 137 tcp netbios-ns filtered
1418089.221.213.22 137 udp netbios-ns filtered
1418189.221.213.22 138 tcp netbios-dgm filtered
1418289.221.213.22 138 udp netbios-dgm filtered
1418389.221.213.22 139 tcp netbios-ssn closed
1418489.221.213.22 139 udp netbios-ssn unknown
1418589.221.213.22 161 tcp snmp filtered
1418689.221.213.22 161 udp snmp unknown
1418789.221.213.22 162 tcp snmptrap filtered
1418889.221.213.22 162 udp snmptrap unknown
1418989.221.213.22 389 tcp ldap filtered
1419089.221.213.22 389 udp ldap unknown
1419189.221.213.22 520 tcp efs filtered
1419289.221.213.22 520 udp route unknown
1419389.221.213.22 2049 tcp nfs filtered
1419489.221.213.22 2049 udp nfs unknown
1419589.248.172.200 22 tcp ssh open SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
1419689.248.172.200 53 tcp domain closed
1419789.248.172.200 53 udp domain closed
1419889.248.172.200 67 tcp dhcps closed
1419989.248.172.200 67 udp dhcps closed
1420089.248.172.200 68 tcp dhcpc closed
1420189.248.172.200 68 udp dhcpc closed
1420289.248.172.200 69 tcp tftp closed
1420389.248.172.200 69 udp tftp closed
1420489.248.172.200 88 tcp kerberos-sec closed
1420589.248.172.200 88 udp kerberos-sec unknown
1420689.248.172.200 123 tcp ntp closed
1420789.248.172.200 123 udp ntp unknown
1420889.248.172.200 137 tcp netbios-ns closed
1420989.248.172.200 137 udp netbios-ns filtered
1421089.248.172.200 138 tcp netbios-dgm closed
1421189.248.172.200 138 udp netbios-dgm filtered
1421289.248.172.200 139 tcp netbios-ssn closed
1421389.248.172.200 139 udp netbios-ssn closed
1421489.248.172.200 161 tcp snmp closed
1421589.248.172.200 161 udp snmp closed
1421689.248.172.200 162 tcp snmptrap closed
1421789.248.172.200 162 udp snmptrap unknown
1421889.248.172.200 389 tcp ldap closed
1421989.248.172.200 389 udp ldap closed
1422089.248.172.200 520 tcp efs closed
1422189.248.172.200 520 udp route closed
1422289.248.172.200 2049 tcp nfs closed
1422389.248.172.200 2049 udp nfs unknown
1422493.89.20.20 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 21:36. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
1422593.95.228.158 22 tcp ssh open SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
1422693.95.228.158 53 tcp domain closed
1422793.95.228.158 53 udp domain closed
1422893.95.228.158 67 tcp dhcps closed
1422993.95.228.158 67 udp dhcps closed
1423093.95.228.158 68 tcp dhcpc closed
1423193.95.228.158 68 udp dhcpc unknown
1423293.95.228.158 69 tcp tftp closed
1423393.95.228.158 69 udp tftp unknown
1423493.95.228.158 88 tcp kerberos-sec closed
1423593.95.228.158 88 udp kerberos-sec unknown
1423693.95.228.158 123 tcp ntp closed
1423793.95.228.158 123 udp ntp unknown
1423893.95.228.158 137 tcp netbios-ns closed
1423993.95.228.158 137 udp netbios-ns filtered
1424093.95.228.158 138 tcp netbios-dgm closed
1424193.95.228.158 138 udp netbios-dgm filtered
1424293.95.228.158 139 tcp netbios-ssn closed
1424393.95.228.158 139 udp netbios-ssn closed
1424493.95.228.158 161 tcp snmp closed
1424593.95.228.158 161 udp snmp unknown
1424693.95.228.158 162 tcp snmptrap closed
1424793.95.228.158 162 udp snmptrap unknown
1424893.95.228.158 389 tcp ldap closed
1424993.95.228.158 389 udp ldap closed
1425093.95.228.158 520 tcp efs closed
1425193.95.228.158 520 udp route unknown
1425293.95.228.158 2049 tcp nfs closed
1425393.95.228.158 2049 udp nfs unknown
1425493.113.37.250 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 13:36. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
1425593.113.37.250 53 tcp domain open PowerDNS Authoritative Server 4.1.10
1425693.113.37.250 53 udp domain open PowerDNS Authoritative Server 4.1.10
1425793.113.37.250 389 udp ldap unknown
1425893.113.37.250 520 udp route unknown
1425993.113.37.250 2049 udp nfs unknown
1426093.174.93.84 21 tcp ftp open vsftpd 3.0.2
1426193.174.93.84 25 tcp smtp closed
1426293.174.93.84 53 tcp domain filtered
1426393.174.93.84 53 udp domain filtered
1426493.174.93.84 67 tcp dhcps filtered
1426593.174.93.84 67 udp dhcps filtered
1426693.174.93.84 68 tcp dhcpc filtered
1426793.174.93.84 68 udp dhcpc unknown
1426893.174.93.84 69 tcp tftp filtered
1426993.174.93.84 69 udp tftp unknown
1427093.174.93.84 80 tcp http open Apache httpd 2.4.6 (CentOS) PHP/5.4.16
1427193.174.93.84 88 tcp kerberos-sec filtered
1427293.174.93.84 88 udp kerberos-sec unknown
1427393.174.93.84 123 tcp ntp filtered
1427493.174.93.84 123 udp ntp filtered
1427593.174.93.84 137 tcp netbios-ns filtered
1427693.174.93.84 137 udp netbios-ns filtered
1427793.174.93.84 138 tcp netbios-dgm filtered
1427893.174.93.84 138 udp netbios-dgm filtered
1427993.174.93.84 139 tcp netbios-ssn closed
1428093.174.93.84 139 udp netbios-ssn unknown
1428193.174.93.84 161 tcp snmp filtered
1428293.174.93.84 161 udp snmp unknown
1428393.174.93.84 162 tcp snmptrap filtered
1428493.174.93.84 162 udp snmptrap unknown
1428593.174.93.84 389 tcp ldap filtered
1428693.174.93.84 389 udp ldap filtered
1428793.174.93.84 445 tcp microsoft-ds closed
1428893.174.93.84 520 tcp efs filtered
1428993.174.93.84 520 udp route unknown
1429093.174.93.84 2049 tcp nfs filtered
1429193.174.93.84 2049 udp nfs unknown
1429293.191.156.197 22 tcp ssh open SSH-2.0-OpenSSH_5.3
1429394.102.51.33 22 tcp ssh open
1429494.102.51.33 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
1429594.102.51.33 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
1429694.102.51.33 67 tcp dhcps filtered
1429794.102.51.33 67 udp dhcps unknown
1429894.102.51.33 68 tcp dhcpc filtered
1429994.102.51.33 68 udp dhcpc unknown
1430094.102.51.33 69 tcp tftp filtered
1430194.102.51.33 69 udp tftp unknown
1430294.102.51.33 80 tcp http open nginx
1430394.102.51.33 88 tcp kerberos-sec filtered
1430494.102.51.33 88 udp kerberos-sec unknown
1430594.102.51.33 110 tcp pop3 open Dovecot pop3d
1430694.102.51.33 123 tcp ntp filtered
1430794.102.51.33 123 udp ntp unknown
1430894.102.51.33 137 tcp netbios-ns filtered
1430994.102.51.33 137 udp netbios-ns filtered
1431094.102.51.33 138 tcp netbios-dgm filtered
1431194.102.51.33 138 udp netbios-dgm filtered
1431294.102.51.33 139 tcp netbios-ssn closed
1431394.102.51.33 139 udp netbios-ssn unknown
1431494.102.51.33 143 tcp imap open Dovecot imapd
1431594.102.51.33 161 tcp snmp filtered
1431694.102.51.33 161 udp snmp unknown
1431794.102.51.33 162 tcp snmptrap filtered
1431894.102.51.33 162 udp snmptrap unknown
1431994.102.51.33 389 tcp ldap filtered
1432094.102.51.33 389 udp ldap unknown
1432194.102.51.33 465 tcp ssl/smtp open Exim smtpd 4.89
1432294.102.51.33 520 tcp efs filtered
1432394.102.51.33 520 udp route unknown
1432494.102.51.33 993 tcp ssl/imaps open
1432594.102.51.33 995 tcp ssl/pop3s open
1432694.102.51.33 2049 tcp nfs filtered
1432794.102.51.33 2049 udp nfs unknown
14328104.148.49.2 53 tcp domain closed
14329104.148.49.2 53 udp domain unknown
14330104.148.49.2 67 tcp dhcps closed
14331104.148.49.2 67 udp dhcps unknown
14332104.148.49.2 68 tcp dhcpc closed
14333104.148.49.2 68 udp dhcpc closed
14334104.148.49.2 69 tcp tftp closed
14335104.148.49.2 69 udp tftp unknown
14336104.148.49.2 88 tcp kerberos-sec closed
14337104.148.49.2 88 udp kerberos-sec unknown
14338104.148.49.2 123 tcp ntp closed
14339104.148.49.2 123 udp ntp unknown
14340104.148.49.2 137 tcp netbios-ns filtered
14341104.148.49.2 137 udp netbios-ns filtered
14342104.148.49.2 138 tcp netbios-dgm filtered
14343104.148.49.2 138 udp netbios-dgm filtered
14344104.148.49.2 139 tcp netbios-ssn closed
14345104.148.49.2 139 udp netbios-ssn closed
14346104.148.49.2 161 tcp snmp closed
14347104.148.49.2 161 udp snmp closed
14348104.148.49.2 162 tcp snmptrap closed
14349104.148.49.2 162 udp snmptrap unknown
14350104.148.49.2 389 tcp ldap closed
14351104.148.49.2 389 udp ldap closed
14352104.148.49.2 520 tcp efs closed
14353104.148.49.2 520 udp route unknown
14354104.148.49.2 2049 tcp nfs closed
14355104.148.49.2 2049 udp nfs closed
14356104.154.60.12 25 tcp smtp closed
14357104.154.60.12 53 tcp domain filtered
14358104.154.60.12 53 udp domain unknown
14359104.154.60.12 67 tcp dhcps filtered
14360104.154.60.12 67 udp dhcps unknown
14361104.154.60.12 68 tcp dhcpc filtered
14362104.154.60.12 68 udp dhcpc unknown
14363104.154.60.12 69 tcp tftp filtered
14364104.154.60.12 69 udp tftp unknown
14365104.154.60.12 80 tcp http open nginx
14366104.154.60.12 88 tcp kerberos-sec filtered
14367104.154.60.12 88 udp kerberos-sec unknown
14368104.154.60.12 123 tcp ntp filtered
14369104.154.60.12 123 udp ntp unknown
14370104.154.60.12 137 tcp netbios-ns filtered
14371104.154.60.12 137 udp netbios-ns filtered
14372104.154.60.12 138 tcp netbios-dgm filtered
14373104.154.60.12 138 udp netbios-dgm filtered
14374104.154.60.12 139 tcp netbios-ssn closed
14375104.154.60.12 139 udp netbios-ssn unknown
14376104.154.60.12 161 tcp snmp filtered
14377104.154.60.12 161 udp snmp unknown
14378104.154.60.12 162 tcp snmptrap filtered
14379104.154.60.12 162 udp snmptrap unknown
14380104.154.60.12 389 tcp ldap filtered
14381104.154.60.12 389 udp ldap unknown
14382104.154.60.12 443 tcp ssl/http open nginx
14383104.154.60.12 445 tcp microsoft-ds closed
14384104.154.60.12 520 tcp efs filtered
14385104.154.60.12 520 udp route unknown
14386104.154.60.12 2049 tcp nfs filtered
14387104.154.60.12 2049 udp nfs unknown
14388104.154.60.12 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
14389104.218.232.66 22 tcp ssh open OpenSSH 7.4p1 Debian 10+deb9u3 protocol 2.0
14390104.218.232.66 53 tcp domain closed
14391104.218.232.66 53 udp domain unknown
14392104.218.232.66 67 tcp dhcps closed
14393104.218.232.66 67 udp dhcps unknown
14394104.218.232.66 68 tcp dhcpc closed
14395104.218.232.66 68 udp dhcpc closed
14396104.218.232.66 69 tcp tftp closed
14397104.218.232.66 69 udp tftp closed
14398104.218.232.66 80 tcp http open ngjit
14399104.218.232.66 88 tcp kerberos-sec closed
14400104.218.232.66 88 udp kerberos-sec closed
14401104.218.232.66 123 tcp ntp closed
14402104.218.232.66 123 udp ntp closed
14403104.218.232.66 137 tcp netbios-ns closed
14404104.218.232.66 137 udp netbios-ns filtered
14405104.218.232.66 138 tcp netbios-dgm closed
14406104.218.232.66 138 udp netbios-dgm filtered
14407104.218.232.66 139 tcp netbios-ssn closed
14408104.218.232.66 139 udp netbios-ssn closed
14409104.218.232.66 161 tcp snmp closed
14410104.218.232.66 161 udp snmp unknown
14411104.218.232.66 162 tcp snmptrap closed
14412104.218.232.66 162 udp snmptrap closed
14413104.218.232.66 389 tcp ldap closed
14414104.218.232.66 389 udp ldap closed
14415104.218.232.66 443 tcp ssl/https open ngjit
14416104.218.232.66 520 tcp efs closed
14417104.218.232.66 520 udp route unknown
14418104.218.232.66 2049 tcp nfs closed
14419104.218.232.66 2049 udp nfs closed
14420104.244.74.54 25 tcp smtp closed
14421104.244.74.54 53 tcp domain filtered
14422104.244.74.54 53 udp domain unknown
14423104.244.74.54 67 tcp dhcps filtered
14424104.244.74.54 67 udp dhcps unknown
14425104.244.74.54 68 tcp dhcpc filtered
14426104.244.74.54 68 udp dhcpc unknown
14427104.244.74.54 69 tcp tftp filtered
14428104.244.74.54 69 udp tftp unknown
14429104.244.74.54 80 tcp http open nginx
14430104.244.74.54 88 tcp kerberos-sec filtered
14431104.244.74.54 88 udp kerberos-sec unknown
14432104.244.74.54 123 tcp ntp filtered
14433104.244.74.54 123 udp ntp unknown
14434104.244.74.54 137 tcp netbios-ns filtered
14435104.244.74.54 137 udp netbios-ns filtered
14436104.244.74.54 138 tcp netbios-dgm filtered
14437104.244.74.54 138 udp netbios-dgm filtered
14438104.244.74.54 139 tcp netbios-ssn closed
14439104.244.74.54 139 udp netbios-ssn unknown
14440104.244.74.54 161 tcp snmp filtered
14441104.244.74.54 161 udp snmp unknown
14442104.244.74.54 162 tcp snmptrap filtered
14443104.244.74.54 162 udp snmptrap unknown
14444104.244.74.54 389 tcp ldap filtered
14445104.244.74.54 389 udp ldap unknown
14446104.244.74.54 443 tcp ssl/http open nginx
14447104.244.74.54 445 tcp microsoft-ds closed
14448104.244.74.54 520 tcp efs filtered
14449104.244.74.54 520 udp route unknown
14450104.244.74.54 2049 tcp nfs filtered
14451104.244.74.54 2049 udp nfs unknown
14452104.244.74.54 5040 tcp unknown closed
14453104.244.74.54 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
14454104.244.74.54 16221 tcp closed
14455104.244.74.54 23022 tcp closed
14456104.244.74.54 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
14457107.154.130.27 53 tcp domain open
14458107.154.130.27 53 udp domain open
14459107.154.130.27 67 tcp dhcps filtered
14460107.154.130.27 67 udp dhcps unknown
14461107.154.130.27 68 tcp dhcpc filtered
14462107.154.130.27 68 udp dhcpc unknown
14463107.154.130.27 69 tcp tftp filtered
14464107.154.130.27 69 udp tftp unknown
14465107.154.130.27 88 tcp http open Incapsula CDN httpd
14466107.154.130.27 88 udp kerberos-sec unknown
14467107.154.130.27 123 tcp ntp filtered
14468107.154.130.27 123 udp ntp unknown
14469107.154.130.27 137 tcp netbios-ns filtered
14470107.154.130.27 137 udp netbios-ns filtered
14471107.154.130.27 138 tcp netbios-dgm filtered
14472107.154.130.27 138 udp netbios-dgm filtered
14473107.154.130.27 139 tcp netbios-ssn closed
14474107.154.130.27 139 udp netbios-ssn unknown
14475107.154.130.27 161 tcp snmp filtered
14476107.154.130.27 161 udp snmp unknown
14477107.154.130.27 162 tcp snmptrap filtered
14478107.154.130.27 162 udp snmptrap unknown
14479107.154.130.27 389 tcp ssl/http open Incapsula CDN httpd
14480107.154.130.27 389 udp ldap unknown
14481107.154.130.27 520 tcp efs filtered
14482107.154.130.27 520 udp route unknown
14483107.154.130.27 2049 tcp http open Incapsula CDN httpd
14484107.154.130.27 2049 udp nfs unknown
14485107.154.248.27 53 tcp domain open
14486107.154.248.27 80 tcp http open Incapsula CDN httpd
14487107.154.248.27 81 tcp http open Incapsula CDN httpd
14488107.154.248.27 85 tcp http open Incapsula CDN httpd
14489107.154.248.27 88 tcp http open Incapsula CDN httpd
14490107.154.248.27 389 tcp ssl/http open Incapsula CDN httpd
14491107.154.248.27 443 tcp ssl/http open Incapsula CDN httpd
14492107.154.248.27 444 tcp ssl/http open Incapsula CDN httpd
14493107.154.248.27 446 tcp http open Incapsula CDN httpd
14494107.154.248.27 587 tcp http open Incapsula CDN httpd
14495107.154.248.27 631 tcp http open Incapsula CDN httpd
14496107.154.248.27 888 tcp http open Incapsula CDN httpd
14497107.154.248.27 995 tcp ssl/http open Incapsula CDN httpd
14498107.154.248.27 998 tcp ssl/http open Incapsula CDN httpd
14499107.154.248.27 999 tcp http open Incapsula CDN httpd
14500107.154.248.27 1000 tcp http open Incapsula CDN httpd
14501107.154.248.27 1024 tcp http open Incapsula CDN httpd
14502107.154.248.27 1103 tcp http open Incapsula CDN httpd
14503107.154.248.27 1234 tcp http open Incapsula CDN httpd
14504107.154.248.27 1433 tcp http open Incapsula CDN httpd
14505107.154.248.27 1494 tcp http open Incapsula CDN httpd
14506107.154.248.27 2000 tcp ssl/http open Incapsula CDN httpd
14507107.154.248.27 2001 tcp http open Incapsula CDN httpd
14508107.154.248.27 2049 tcp http open Incapsula CDN httpd
14509107.154.248.27 2067 tcp http open Incapsula CDN httpd
14510107.154.248.27 2100 tcp ssl/http open Incapsula CDN httpd
14511107.154.248.27 2222 tcp http open Incapsula CDN httpd
14512107.154.248.27 2598 tcp http open Incapsula CDN httpd
14513107.154.248.27 3000 tcp http open Incapsula CDN httpd
14514107.154.248.27 3050 tcp http open Incapsula CDN httpd
14515107.154.248.27 3057 tcp http open Incapsula CDN httpd
14516107.154.248.27 3299 tcp http open Incapsula CDN httpd
14517107.154.248.27 3306 tcp ssl/http open Incapsula CDN httpd
14518107.154.248.27 3333 tcp http open Incapsula CDN httpd
14519107.154.248.27 3389 tcp ssl/http open Incapsula CDN httpd
14520107.154.248.27 3500 tcp http open Incapsula CDN httpd
14521107.154.248.27 3790 tcp http open Incapsula CDN httpd
14522107.154.248.27 4000 tcp http open Incapsula CDN httpd
14523107.154.248.27 4444 tcp ssl/http open Incapsula CDN httpd
14524107.154.248.27 4445 tcp ssl/http open Incapsula CDN httpd
14525107.154.248.27 5000 tcp http open Incapsula CDN httpd
14526107.154.248.27 5009 tcp http open Incapsula CDN httpd
14527107.154.248.27 5060 tcp ssl/http open Incapsula CDN httpd
14528107.154.248.27 5061 tcp ssl/http open Incapsula CDN httpd
14529107.154.248.27 5227 tcp ssl/http open Incapsula CDN httpd
14530107.154.248.27 5247 tcp ssl/http open Incapsula CDN httpd
14531107.154.248.27 5250 tcp ssl/http open Incapsula CDN httpd
14532107.154.248.27 5555 tcp http open Incapsula CDN httpd
14533107.154.248.27 5900 tcp http open Incapsula CDN httpd
14534107.154.248.27 5901 tcp ssl/http open Incapsula CDN httpd
14535107.154.248.27 5902 tcp ssl/http open Incapsula CDN httpd
14536107.154.248.27 5903 tcp ssl/http open Incapsula CDN httpd
14537107.154.248.27 5904 tcp ssl/http open Incapsula CDN httpd
14538107.154.248.27 5905 tcp ssl/http open Incapsula CDN httpd
14539107.154.248.27 5906 tcp ssl/http open Incapsula CDN httpd
14540107.154.248.27 5907 tcp ssl/http open Incapsula CDN httpd
14541107.154.248.27 5908 tcp ssl/http open Incapsula CDN httpd
14542107.154.248.27 5909 tcp ssl/http open Incapsula CDN httpd
14543107.154.248.27 5910 tcp ssl/http open Incapsula CDN httpd
14544107.154.248.27 5920 tcp ssl/http open Incapsula CDN httpd
14545107.154.248.27 5984 tcp ssl/http open Incapsula CDN httpd
14546107.154.248.27 5985 tcp http open Incapsula CDN httpd
14547107.154.248.27 5986 tcp ssl/http open Incapsula CDN httpd
14548107.154.248.27 5999 tcp ssl/http open Incapsula CDN httpd
14549107.154.248.27 6000 tcp http open Incapsula CDN httpd
14550107.154.248.27 6060 tcp http open Incapsula CDN httpd
14551107.154.248.27 6161 tcp http open Incapsula CDN httpd
14552107.154.248.27 6379 tcp http open Incapsula CDN httpd
14553107.154.248.27 6661 tcp ssl/http open Incapsula CDN httpd
14554107.154.248.27 6789 tcp http open Incapsula CDN httpd
14555107.154.248.27 7000 tcp ssl/http open Incapsula CDN httpd
14556107.154.248.27 7001 tcp http open Incapsula CDN httpd
14557107.154.248.27 7021 tcp http open Incapsula CDN httpd
14558107.154.248.27 7071 tcp ssl/http open Incapsula CDN httpd
14559107.154.248.27 7080 tcp http open Incapsula CDN httpd
14560107.154.248.27 7272 tcp ssl/http open Incapsula CDN httpd
14561107.154.248.27 7443 tcp ssl/http open Incapsula CDN httpd
14562107.154.248.27 7700 tcp http open Incapsula CDN httpd
14563107.154.248.27 7777 tcp http open Incapsula CDN httpd
14564107.154.248.27 7778 tcp http open Incapsula CDN httpd
14565107.154.248.27 8000 tcp http open Incapsula CDN httpd
14566107.154.248.27 8001 tcp http open Incapsula CDN httpd
14567107.154.248.27 8008 tcp http open Incapsula CDN httpd
14568107.154.248.27 8014 tcp http open Incapsula CDN httpd
14569107.154.248.27 8020 tcp http open Incapsula CDN httpd
14570107.154.248.27 8023 tcp http open Incapsula CDN httpd
14571107.154.248.27 8028 tcp http open Incapsula CDN httpd
14572107.154.248.27 8030 tcp http open Incapsula CDN httpd
14573107.154.248.27 8050 tcp http open Incapsula CDN httpd
14574107.154.248.27 8051 tcp http open Incapsula CDN httpd
14575107.154.248.27 8080 tcp http open Incapsula CDN httpd
14576107.154.248.27 8081 tcp http open Incapsula CDN httpd
14577107.154.248.27 8082 tcp http open Incapsula CDN httpd
14578107.154.248.27 8085 tcp http open Incapsula CDN httpd
14579107.154.248.27 8086 tcp http open Incapsula CDN httpd
14580107.154.248.27 8087 tcp http open Incapsula CDN httpd
14581107.154.248.27 8088 tcp http open Incapsula CDN httpd
14582107.154.248.27 8090 tcp http open Incapsula CDN httpd
14583107.154.248.27 8091 tcp http open Incapsula CDN httpd
14584107.154.248.27 8095 tcp http open Incapsula CDN httpd
14585107.154.248.27 8101 tcp http open Incapsula CDN httpd
14586107.154.248.27 8161 tcp http open Incapsula CDN httpd
14587107.154.248.27 8180 tcp http open Incapsula CDN httpd
14588107.154.248.27 8222 tcp http open Incapsula CDN httpd
14589107.154.248.27 8333 tcp http open Incapsula CDN httpd
14590107.154.248.27 8443 tcp ssl/http open Incapsula CDN httpd
14591107.154.248.27 8444 tcp http open Incapsula CDN httpd
14592107.154.248.27 8445 tcp http open Incapsula CDN httpd
14593107.154.248.27 8503 tcp ssl/http open Incapsula CDN httpd
14594107.154.248.27 8686 tcp http open Incapsula CDN httpd
14595107.154.248.27 8787 tcp http open Incapsula CDN httpd
14596107.154.248.27 8800 tcp http open Incapsula CDN httpd
14597107.154.248.27 8812 tcp http open Incapsula CDN httpd
14598107.154.248.27 8834 tcp http open Incapsula CDN httpd
14599107.154.248.27 8880 tcp http open Incapsula CDN httpd
14600107.154.248.27 8888 tcp http open Incapsula CDN httpd
14601107.154.248.27 8889 tcp http open Incapsula CDN httpd
14602107.154.248.27 8890 tcp http open Incapsula CDN httpd
14603107.154.248.27 8899 tcp http open Incapsula CDN httpd
14604107.154.248.27 9000 tcp http open Incapsula CDN httpd
14605107.154.248.27 9001 tcp http open Incapsula CDN httpd
14606107.154.248.27 9002 tcp http open Incapsula CDN httpd
14607107.154.248.27 9003 tcp http open Incapsula CDN httpd
14608107.154.248.27 9004 tcp http open Incapsula CDN httpd
14609107.154.248.27 9005 tcp http open Incapsula CDN httpd
14610107.154.248.27 9010 tcp http open Incapsula CDN httpd
14611107.154.248.27 9050 tcp http open Incapsula CDN httpd
14612107.154.248.27 9080 tcp http open Incapsula CDN httpd
14613107.154.248.27 9081 tcp ssl/http open Incapsula CDN httpd
14614107.154.248.27 9084 tcp http open Incapsula CDN httpd
14615107.154.248.27 9090 tcp http open Incapsula CDN httpd
14616107.154.248.27 9099 tcp http open Incapsula CDN httpd
14617107.154.248.27 9100 tcp jetdirect open
14618107.154.248.27 9111 tcp http open Incapsula CDN httpd
14619107.154.248.27 9200 tcp http open Incapsula CDN httpd
14620107.154.248.27 9300 tcp http open Incapsula CDN httpd
14621107.154.248.27 9500 tcp http open Incapsula CDN httpd
14622107.154.248.27 9711 tcp ssl/http open Incapsula CDN httpd
14623107.154.248.27 9991 tcp http open Incapsula CDN httpd
14624107.154.248.27 9999 tcp http open Incapsula CDN httpd
14625107.154.248.27 10000 tcp http open Incapsula CDN httpd
14626107.154.248.27 10001 tcp http open Incapsula CDN httpd
14627107.154.248.27 10008 tcp http open Incapsula CDN httpd
14628107.154.248.27 10443 tcp ssl/http open Incapsula CDN httpd
14629107.154.248.27 11001 tcp ssl/http open Incapsula CDN httpd
14630107.154.248.27 12174 tcp http open Incapsula CDN httpd
14631107.154.248.27 12203 tcp http open Incapsula CDN httpd
14632107.154.248.27 12221 tcp http open Incapsula CDN httpd
14633107.154.248.27 12345 tcp http open Incapsula CDN httpd
14634107.154.248.27 12397 tcp http open Incapsula CDN httpd
14635107.154.248.27 12401 tcp http open Incapsula CDN httpd
14636107.154.248.27 14330 tcp http open Incapsula CDN httpd
14637107.154.248.27 16000 tcp http open Incapsula CDN httpd
14638107.154.248.27 20000 tcp http open Incapsula CDN httpd
14639107.154.248.27 20010 tcp ssl/http open Incapsula CDN httpd
14640107.154.248.27 25000 tcp ssl/http open Incapsula CDN httpd
14641107.154.248.27 30000 tcp http open Incapsula CDN httpd
14642107.154.248.27 44334 tcp ssl/http open Incapsula CDN httpd
14643107.154.248.27 50000 tcp http open Incapsula CDN httpd
14644107.154.248.27 50001 tcp ssl/http open Incapsula CDN httpd
14645107.154.248.27 50050 tcp ssl/http open Incapsula CDN httpd
14646141.105.65.111 25 tcp smtp closed
14647141.105.65.111 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
14648141.105.65.111 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
14649141.105.65.111 67 tcp dhcps filtered
14650141.105.65.111 67 udp dhcps unknown
14651141.105.65.111 68 tcp dhcpc filtered
14652141.105.65.111 68 udp dhcpc unknown
14653141.105.65.111 69 tcp tftp filtered
14654141.105.65.111 69 udp tftp unknown
14655141.105.65.111 88 tcp kerberos-sec filtered
14656141.105.65.111 88 udp kerberos-sec unknown
14657141.105.65.111 123 tcp ntp filtered
14658141.105.65.111 123 udp ntp unknown
14659141.105.65.111 137 tcp netbios-ns filtered
14660141.105.65.111 137 udp netbios-ns filtered
14661141.105.65.111 138 tcp netbios-dgm filtered
14662141.105.65.111 138 udp netbios-dgm filtered
14663141.105.65.111 139 tcp netbios-ssn closed
14664141.105.65.111 139 udp netbios-ssn unknown
14665141.105.65.111 161 tcp snmp filtered
14666141.105.65.111 161 udp snmp unknown
14667141.105.65.111 162 tcp snmptrap filtered
14668141.105.65.111 162 udp snmptrap unknown
14669141.105.65.111 389 tcp ldap filtered
14670141.105.65.111 389 udp ldap unknown
14671141.105.65.111 445 tcp microsoft-ds closed
14672141.105.65.111 520 tcp efs filtered
14673141.105.65.111 520 udp route unknown
14674141.105.65.111 2049 tcp nfs filtered
14675141.105.65.111 2049 udp nfs unknown
14676147.237.0.206 53 udp domain unknown
14677147.237.0.206 67 udp dhcps unknown
14678147.237.0.206 68 udp dhcpc unknown
14679147.237.0.206 69 udp tftp unknown
14680147.237.0.206 80 tcp http open
14681147.237.0.206 88 udp kerberos-sec unknown
14682147.237.0.206 123 udp ntp unknown
14683147.237.0.206 139 udp netbios-ssn unknown
14684147.237.0.206 161 udp snmp unknown
14685147.237.0.206 162 udp snmptrap unknown
14686147.237.0.206 389 udp ldap unknown
14687147.237.0.206 443 tcp ssl/https open
14688147.237.0.206 520 udp route unknown
14689147.237.0.206 2049 udp nfs unknown
14690150.95.250.133 25 tcp smtp closed
14691150.95.250.133 53 tcp domain filtered
14692150.95.250.133 53 udp domain unknown
14693150.95.250.133 67 tcp dhcps filtered
14694150.95.250.133 67 udp dhcps unknown
14695150.95.250.133 68 tcp dhcpc filtered
14696150.95.250.133 68 udp dhcpc unknown
14697150.95.250.133 69 tcp tftp filtered
14698150.95.250.133 69 udp tftp unknown
14699150.95.250.133 80 tcp http open nginx
14700150.95.250.133 88 tcp kerberos-sec filtered
14701150.95.250.133 88 udp kerberos-sec unknown
14702150.95.250.133 123 tcp ntp filtered
14703150.95.250.133 123 udp ntp unknown
14704150.95.250.133 137 tcp netbios-ns filtered
14705150.95.250.133 137 udp netbios-ns filtered
14706150.95.250.133 138 tcp netbios-dgm filtered
14707150.95.250.133 138 udp netbios-dgm filtered
14708150.95.250.133 139 tcp netbios-ssn closed
14709150.95.250.133 139 udp netbios-ssn unknown
14710150.95.250.133 161 tcp snmp filtered
14711150.95.250.133 161 udp snmp unknown
14712150.95.250.133 162 tcp snmptrap filtered
14713150.95.250.133 162 udp snmptrap unknown
14714150.95.250.133 389 tcp ldap filtered
14715150.95.250.133 389 udp ldap unknown
14716150.95.250.133 443 tcp ssl/http open nginx
14717150.95.250.133 445 tcp microsoft-ds closed
14718150.95.250.133 520 tcp efs filtered
14719150.95.250.133 520 udp route unknown
14720150.95.250.133 2049 tcp nfs filtered
14721150.95.250.133 2049 udp nfs unknown
14722151.139.243.11 25 tcp smtp closed
14723151.139.243.11 53 tcp domain filtered
14724151.139.243.11 53 udp domain unknown
14725151.139.243.11 67 tcp dhcps filtered
14726151.139.243.11 67 udp dhcps unknown
14727151.139.243.11 68 tcp dhcpc filtered
14728151.139.243.11 68 udp dhcpc unknown
14729151.139.243.11 69 tcp tftp filtered
14730151.139.243.11 69 udp tftp unknown
14731151.139.243.11 80 tcp http open Varnish
14732151.139.243.11 88 tcp kerberos-sec filtered
14733151.139.243.11 88 udp kerberos-sec unknown
14734151.139.243.11 123 tcp ntp filtered
14735151.139.243.11 123 udp ntp unknown
14736151.139.243.11 137 tcp netbios-ns filtered
14737151.139.243.11 137 udp netbios-ns filtered
14738151.139.243.11 138 tcp netbios-dgm filtered
14739151.139.243.11 138 udp netbios-dgm filtered
14740151.139.243.11 139 tcp netbios-ssn closed
14741151.139.243.11 139 udp netbios-ssn unknown
14742151.139.243.11 161 tcp snmp filtered
14743151.139.243.11 161 udp snmp unknown
14744151.139.243.11 162 tcp snmptrap filtered
14745151.139.243.11 162 udp snmptrap unknown
14746151.139.243.11 389 tcp ldap filtered
14747151.139.243.11 389 udp ldap unknown
14748151.139.243.11 443 tcp ssl/http open nginx
14749151.139.243.11 445 tcp microsoft-ds closed
14750151.139.243.11 520 tcp efs filtered
14751151.139.243.11 520 udp route unknown
14752151.139.243.11 2049 tcp nfs filtered
14753151.139.243.11 2049 udp nfs unknown
14754154.73.84.17 21 tcp ftp open 220 (vsFTPd 3.0.3)\x0d\x0a
14755157.7.107.254 25 tcp smtp closed
14756157.7.107.254 53 tcp domain filtered
14757157.7.107.254 53 udp domain unknown
14758157.7.107.254 67 tcp dhcps filtered
14759157.7.107.254 67 udp dhcps unknown
14760157.7.107.254 68 tcp dhcpc filtered
14761157.7.107.254 68 udp dhcpc filtered
14762157.7.107.254 69 tcp tftp filtered
14763157.7.107.254 69 udp tftp unknown
14764157.7.107.254 80 tcp http open Apache httpd
14765157.7.107.254 88 tcp kerberos-sec filtered
14766157.7.107.254 88 udp kerberos-sec unknown
14767157.7.107.254 123 tcp ntp filtered
14768157.7.107.254 123 udp ntp unknown
14769157.7.107.254 137 tcp netbios-ns filtered
14770157.7.107.254 137 udp netbios-ns filtered
14771157.7.107.254 138 tcp netbios-dgm filtered
14772157.7.107.254 138 udp netbios-dgm filtered
14773157.7.107.254 139 tcp netbios-ssn closed
14774157.7.107.254 139 udp netbios-ssn unknown
14775157.7.107.254 161 tcp snmp filtered
14776157.7.107.254 161 udp snmp unknown
14777157.7.107.254 162 tcp snmptrap filtered
14778157.7.107.254 162 udp snmptrap unknown
14779157.7.107.254 389 tcp ldap filtered
14780157.7.107.254 389 udp ldap filtered
14781157.7.107.254 443 tcp ssl/https open Apache
14782157.7.107.254 445 tcp microsoft-ds closed
14783157.7.107.254 520 tcp efs filtered
14784157.7.107.254 520 udp route unknown
14785157.7.107.254 2049 tcp nfs filtered
14786157.7.107.254 2049 udp nfs unknown
14787159.89.0.72 22 tcp ssh open SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
14788160.153.72.166 21 tcp ftp open Pure-FTPd
14789160.153.72.166 22 tcp ssh open OpenSSH 5.3 protocol 2.0
14790160.153.72.166 53 udp domain unknown
14791160.153.72.166 67 udp dhcps unknown
14792160.153.72.166 68 udp dhcpc unknown
14793160.153.72.166 69 udp tftp unknown
14794160.153.72.166 80 tcp http open Apache httpd
14795160.153.72.166 88 udp kerberos-sec unknown
14796160.153.72.166 110 tcp pop3 open Dovecot pop3d
14797160.153.72.166 123 udp ntp unknown
14798160.153.72.166 139 udp netbios-ssn unknown
14799160.153.72.166 143 tcp imap open Dovecot imapd
14800160.153.72.166 161 udp snmp unknown
14801160.153.72.166 162 udp snmptrap unknown
14802160.153.72.166 389 udp ldap unknown
14803160.153.72.166 443 tcp ssl/http open Apache httpd
14804160.153.72.166 465 tcp ssl/smtp open Exim smtpd 4.92
14805160.153.72.166 520 udp route unknown
14806160.153.72.166 587 tcp smtp open Exim smtpd 4.92
14807160.153.72.166 993 tcp ssl/imaps open
14808160.153.72.166 995 tcp ssl/pop3s open
14809160.153.72.166 2049 udp nfs unknown
14810160.153.72.166 3306 tcp mysql open MySQL 5.6.44-cll-lve
14811163.247.52.17 25 tcp smtp closed
14812163.247.52.17 53 tcp domain filtered
14813163.247.52.17 53 udp domain unknown
14814163.247.52.17 67 tcp dhcps filtered
14815163.247.52.17 67 udp dhcps unknown
14816163.247.52.17 68 tcp dhcpc filtered
14817163.247.52.17 68 udp dhcpc unknown
14818163.247.52.17 69 tcp tftp filtered
14819163.247.52.17 69 udp tftp unknown
14820163.247.52.17 80 tcp http open Apache httpd
14821163.247.52.17 88 tcp kerberos-sec filtered
14822163.247.52.17 88 udp kerberos-sec unknown
14823163.247.52.17 113 tcp ident closed
14824163.247.52.17 123 tcp ntp filtered
14825163.247.52.17 123 udp ntp unknown
14826163.247.52.17 137 tcp netbios-ns filtered
14827163.247.52.17 137 udp netbios-ns filtered
14828163.247.52.17 138 tcp netbios-dgm filtered
14829163.247.52.17 138 udp netbios-dgm filtered
14830163.247.52.17 139 tcp netbios-ssn closed
14831163.247.52.17 139 udp netbios-ssn unknown
14832163.247.52.17 161 tcp snmp filtered
14833163.247.52.17 161 udp snmp unknown
14834163.247.52.17 162 tcp snmptrap filtered
14835163.247.52.17 162 udp snmptrap unknown
14836163.247.52.17 389 tcp ldap filtered
14837163.247.52.17 389 udp ldap unknown
14838163.247.52.17 443 tcp ssl/https open
14839163.247.52.17 445 tcp microsoft-ds closed
14840163.247.52.17 520 tcp efs filtered
14841163.247.52.17 520 udp route unknown
14842163.247.52.17 2049 tcp nfs filtered
14843163.247.52.17 2049 udp nfs unknown
14844163.247.96.10 25 tcp smtp closed
14845163.247.96.10 53 tcp domain filtered
14846163.247.96.10 53 udp domain unknown
14847163.247.96.10 67 tcp dhcps filtered
14848163.247.96.10 67 udp dhcps unknown
14849163.247.96.10 68 tcp dhcpc filtered
14850163.247.96.10 68 udp dhcpc unknown
14851163.247.96.10 69 tcp tftp filtered
14852163.247.96.10 69 udp tftp unknown
14853163.247.96.10 80 tcp http open Apache httpd 2.2.22
14854163.247.96.10 88 tcp kerberos-sec filtered
14855163.247.96.10 88 udp kerberos-sec unknown
14856163.247.96.10 113 tcp ident closed
14857163.247.96.10 123 tcp ntp filtered
14858163.247.96.10 123 udp ntp unknown
14859163.247.96.10 137 tcp netbios-ns filtered
14860163.247.96.10 137 udp netbios-ns filtered
14861163.247.96.10 138 tcp netbios-dgm filtered
14862163.247.96.10 138 udp netbios-dgm filtered
14863163.247.96.10 139 tcp netbios-ssn closed
14864163.247.96.10 139 udp netbios-ssn unknown
14865163.247.96.10 161 tcp snmp filtered
14866163.247.96.10 161 udp snmp unknown
14867163.247.96.10 162 tcp snmptrap filtered
14868163.247.96.10 162 udp snmptrap unknown
14869163.247.96.10 389 tcp ldap filtered
14870163.247.96.10 389 udp ldap unknown
14871163.247.96.10 445 tcp microsoft-ds closed
14872163.247.96.10 465 tcp ssl/smtp open Exim smtpd 4.X
14873163.247.96.10 520 tcp efs filtered
14874163.247.96.10 520 udp route unknown
14875163.247.96.10 587 tcp smtp open Exim smtpd
14876163.247.96.10 2000 tcp cisco-sccp open
14877163.247.96.10 2049 tcp nfs filtered
14878163.247.96.10 2049 udp nfs unknown
14879163.247.96.10 4443 tcp http open Apache httpd
14880163.247.96.10 5060 tcp sip open
14881169.47.149.241 22 tcp ssh open
14882169.47.149.241 53 tcp domain open ISC BIND 9.11.4-P2
14883169.47.149.241 53 udp domain open ISC BIND 9.11.4-P2
14884169.47.149.241 80 tcp http open nginx 1.14.0
14885169.47.149.241 123 udp ntp unknown
14886169.47.149.241 161 udp snmp unknown
14887169.47.149.241 222 tcp rsh-spx open
14888169.47.149.241 587 tcp smtp open Sendmail 8.15.2/8.15.2
14889169.47.149.241 3306 tcp mysql open MySQL unauthorized
14890169.47.149.241 8888 tcp ssh open OpenSSH 7.5 FreeBSD 20170903; protocol 2.0
14891169.47.149.241 9999 tcp http open Apache httpd PHP 5.6.38
14892169.47.149.241 19999 tcp http open nginx 1.14.0
14893170.246.172.178 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 23:38. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
14894170.246.172.178 25 tcp smtp closed
14895170.246.172.178 53 tcp domain open PowerDNS Authoritative Server 4.1.10
14896170.246.172.178 53 udp domain open PowerDNS Authoritative Server 4.1.10
14897170.246.172.178 67 tcp dhcps filtered
14898170.246.172.178 67 udp dhcps unknown
14899170.246.172.178 68 tcp dhcpc filtered
14900170.246.172.178 68 udp dhcpc unknown
14901170.246.172.178 69 tcp tftp filtered
14902170.246.172.178 69 udp tftp unknown
14903170.246.172.178 88 tcp kerberos-sec filtered
14904170.246.172.178 88 udp kerberos-sec unknown
14905170.246.172.178 123 tcp ntp filtered
14906170.246.172.178 123 udp ntp unknown
14907170.246.172.178 137 tcp netbios-ns filtered
14908170.246.172.178 137 udp netbios-ns filtered
14909170.246.172.178 138 tcp netbios-dgm filtered
14910170.246.172.178 138 udp netbios-dgm filtered
14911170.246.172.178 139 tcp netbios-ssn closed
14912170.246.172.178 139 udp netbios-ssn unknown
14913170.246.172.178 161 tcp snmp filtered
14914170.246.172.178 161 udp snmp unknown
14915170.246.172.178 162 tcp snmptrap filtered
14916170.246.172.178 162 udp snmptrap unknown
14917170.246.172.178 389 tcp ldap filtered
14918170.246.172.178 389 udp ldap unknown
14919170.246.172.178 445 tcp microsoft-ds closed
14920170.246.172.178 520 tcp efs filtered
14921170.246.172.178 520 udp route unknown
14922170.246.172.178 2049 tcp nfs filtered
14923170.246.172.178 2049 udp nfs unknown
14924180.222.81.193 21 tcp ftp open ProFTPD or KnFTPD
14925180.222.81.193 25 tcp smtp closed
14926180.222.81.193 53 tcp domain filtered
14927180.222.81.193 53 udp domain unknown
14928180.222.81.193 67 tcp dhcps filtered
14929180.222.81.193 67 udp dhcps unknown
14930180.222.81.193 68 tcp dhcpc filtered
14931180.222.81.193 68 udp dhcpc unknown
14932180.222.81.193 69 tcp tftp filtered
14933180.222.81.193 69 udp tftp unknown
14934180.222.81.193 80 tcp http open Apache httpd PHP 5.2.8
14935180.222.81.193 88 tcp kerberos-sec filtered
14936180.222.81.193 88 udp kerberos-sec unknown
14937180.222.81.193 110 tcp pop3 open qmail pop3d
14938180.222.81.193 113 tcp ident closed
14939180.222.81.193 123 tcp ntp filtered
14940180.222.81.193 123 udp ntp unknown
14941180.222.81.193 137 tcp netbios-ns filtered
14942180.222.81.193 137 udp netbios-ns filtered
14943180.222.81.193 138 tcp netbios-dgm filtered
14944180.222.81.193 138 udp netbios-dgm filtered
14945180.222.81.193 139 tcp netbios-ssn closed
14946180.222.81.193 139 udp netbios-ssn unknown
14947180.222.81.193 143 tcp imap open Courier Imapd released 2005
14948180.222.81.193 161 tcp snmp filtered
14949180.222.81.193 161 udp snmp unknown
14950180.222.81.193 162 tcp snmptrap filtered
14951180.222.81.193 162 udp snmptrap unknown
14952180.222.81.193 389 tcp ldap filtered
14953180.222.81.193 389 udp ldap unknown
14954180.222.81.193 443 tcp ssl/http open Apache httpd PHP 5.2.8
14955180.222.81.193 445 tcp microsoft-ds closed
14956180.222.81.193 465 tcp ssl/smtps open
14957180.222.81.193 520 tcp efs filtered
14958180.222.81.193 520 udp route unknown
14959180.222.81.193 587 tcp smtp open Access Remote PC smtpd
14960180.222.81.193 993 tcp ssl/imaps open
14961180.222.81.193 995 tcp ssl/pop3s open
14962180.222.81.193 2049 tcp nfs filtered
14963180.222.81.193 2049 udp nfs unknown
14964180.222.81.193 8080 tcp ssl/http open Apache httpd
14965184.72.111.210 25 tcp smtp closed
14966184.72.111.210 53 tcp domain filtered
14967184.72.111.210 53 udp domain unknown
14968184.72.111.210 67 tcp dhcps filtered
14969184.72.111.210 67 udp dhcps unknown
14970184.72.111.210 68 tcp dhcpc filtered
14971184.72.111.210 68 udp dhcpc unknown
14972184.72.111.210 69 tcp tftp filtered
14973184.72.111.210 69 udp tftp unknown
14974184.72.111.210 80 tcp http open Microsoft HTTPAPI httpd 2.0 SSDP/UPnP
14975184.72.111.210 88 tcp kerberos-sec filtered
14976184.72.111.210 88 udp kerberos-sec unknown
14977184.72.111.210 123 tcp ntp filtered
14978184.72.111.210 123 udp ntp unknown
14979184.72.111.210 137 tcp netbios-ns filtered
14980184.72.111.210 137 udp netbios-ns filtered
14981184.72.111.210 138 tcp netbios-dgm filtered
14982184.72.111.210 138 udp netbios-dgm filtered
14983184.72.111.210 139 tcp netbios-ssn closed
14984184.72.111.210 139 udp netbios-ssn unknown
14985184.72.111.210 161 tcp snmp filtered
14986184.72.111.210 161 udp snmp unknown
14987184.72.111.210 162 tcp snmptrap filtered
14988184.72.111.210 162 udp snmptrap unknown
14989184.72.111.210 389 tcp ldap filtered
14990184.72.111.210 389 udp ldap unknown
14991184.72.111.210 443 tcp ssl/http open Microsoft HTTPAPI httpd 2.0 SSDP/UPnP
14992184.72.111.210 445 tcp microsoft-ds closed
14993184.72.111.210 520 tcp efs filtered
14994184.72.111.210 520 udp route unknown
14995184.72.111.210 2049 tcp nfs filtered
14996184.72.111.210 2049 udp nfs unknown
14997185.2.4.98 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 300 allowed.\x0d\x0a220-Local time is now 17:27. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 60 seconds of inactivity.\x0d\x0a
14998185.2.4.98 25 tcp smtp closed
14999185.2.4.98 53 tcp domain filtered
15000185.2.4.98 53 udp domain unknown
15001185.2.4.98 67 tcp dhcps filtered
15002185.2.4.98 67 udp dhcps unknown
15003185.2.4.98 68 tcp dhcpc filtered
15004185.2.4.98 68 udp dhcpc unknown
15005185.2.4.98 69 tcp tftp filtered
15006185.2.4.98 69 udp tftp unknown
15007185.2.4.98 88 tcp kerberos-sec filtered
15008185.2.4.98 88 udp kerberos-sec unknown
15009185.2.4.98 123 tcp ntp filtered
15010185.2.4.98 123 udp ntp unknown
15011185.2.4.98 137 tcp netbios-ns filtered
15012185.2.4.98 137 udp netbios-ns filtered
15013185.2.4.98 138 tcp netbios-dgm filtered
15014185.2.4.98 138 udp netbios-dgm filtered
15015185.2.4.98 139 tcp netbios-ssn closed
15016185.2.4.98 139 udp netbios-ssn unknown
15017185.2.4.98 161 tcp snmp filtered
15018185.2.4.98 161 udp snmp unknown
15019185.2.4.98 162 tcp snmptrap filtered
15020185.2.4.98 162 udp snmptrap unknown
15021185.2.4.98 389 tcp ldap filtered
15022185.2.4.98 389 udp ldap unknown
15023185.2.4.98 445 tcp microsoft-ds closed
15024185.2.4.98 520 tcp efs filtered
15025185.2.4.98 520 udp route unknown
15026185.2.4.98 2049 tcp nfs filtered
15027185.2.4.98 2049 udp nfs unknown
15028185.68.93.22 22 tcp ssh open SSH-2.0-OpenSSH_5.3
15029185.68.93.22 53 tcp domain closed
15030185.68.93.22 53 udp domain unknown
15031185.68.93.22 67 tcp dhcps closed
15032185.68.93.22 67 udp dhcps closed
15033185.68.93.22 68 tcp dhcpc closed
15034185.68.93.22 68 udp dhcpc closed
15035185.68.93.22 69 tcp tftp closed
15036185.68.93.22 69 udp tftp unknown
15037185.68.93.22 88 tcp kerberos-sec closed
15038185.68.93.22 88 udp kerberos-sec unknown
15039185.68.93.22 123 tcp ntp closed
15040185.68.93.22 123 udp ntp closed
15041185.68.93.22 137 tcp netbios-ns closed
15042185.68.93.22 137 udp netbios-ns filtered
15043185.68.93.22 138 tcp netbios-dgm closed
15044185.68.93.22 138 udp netbios-dgm filtered
15045185.68.93.22 139 tcp netbios-ssn closed
15046185.68.93.22 139 udp netbios-ssn closed
15047185.68.93.22 161 tcp snmp closed
15048185.68.93.22 161 udp snmp unknown
15049185.68.93.22 162 tcp snmptrap closed
15050185.68.93.22 162 udp snmptrap closed
15051185.68.93.22 389 tcp ldap closed
15052185.68.93.22 389 udp ldap unknown
15053185.68.93.22 520 tcp efs closed
15054185.68.93.22 520 udp route unknown
15055185.68.93.22 2049 tcp nfs closed
15056185.68.93.22 2049 udp nfs closed
15057185.119.173.237 25 tcp smtp closed
15058185.119.173.237 53 tcp domain filtered
15059185.119.173.237 53 udp domain unknown
15060185.119.173.237 67 tcp dhcps filtered
15061185.119.173.237 67 udp dhcps unknown
15062185.119.173.237 68 tcp dhcpc filtered
15063185.119.173.237 68 udp dhcpc unknown
15064185.119.173.237 69 tcp tftp filtered
15065185.119.173.237 69 udp tftp unknown
15066185.119.173.237 80 tcp http open Apache httpd
15067185.119.173.237 88 tcp kerberos-sec filtered
15068185.119.173.237 88 udp kerberos-sec unknown
15069185.119.173.237 123 tcp ntp filtered
15070185.119.173.237 123 udp ntp unknown
15071185.119.173.237 137 tcp netbios-ns filtered
15072185.119.173.237 137 udp netbios-ns filtered
15073185.119.173.237 138 tcp netbios-dgm filtered
15074185.119.173.237 138 udp netbios-dgm filtered
15075185.119.173.237 139 tcp netbios-ssn closed
15076185.119.173.237 139 udp netbios-ssn unknown
15077185.119.173.237 161 tcp snmp filtered
15078185.119.173.237 161 udp snmp unknown
15079185.119.173.237 162 tcp snmptrap filtered
15080185.119.173.237 162 udp snmptrap unknown
15081185.119.173.237 389 tcp ldap filtered
15082185.119.173.237 389 udp ldap unknown
15083185.119.173.237 443 tcp ssl/http open Apache httpd
15084185.119.173.237 445 tcp microsoft-ds closed
15085185.119.173.237 520 tcp efs filtered
15086185.119.173.237 520 udp route unknown
15087185.119.173.237 2049 tcp nfs filtered
15088185.119.173.237 2049 udp nfs unknown
15089186.67.91.110 25 tcp smtp closed
15090186.67.91.110 53 tcp domain filtered
15091186.67.91.110 53 udp domain unknown
15092186.67.91.110 67 tcp dhcps filtered
15093186.67.91.110 67 udp dhcps unknown
15094186.67.91.110 68 tcp dhcpc filtered
15095186.67.91.110 68 udp dhcpc unknown
15096186.67.91.110 69 tcp tftp filtered
15097186.67.91.110 69 udp tftp unknown
15098186.67.91.110 80 tcp http-proxy open F5 BIG-IP load balancer http proxy
15099186.67.91.110 88 tcp kerberos-sec filtered
15100186.67.91.110 88 udp kerberos-sec unknown
15101186.67.91.110 123 tcp ntp filtered
15102186.67.91.110 123 udp ntp unknown
15103186.67.91.110 137 tcp netbios-ns filtered
15104186.67.91.110 137 udp netbios-ns filtered
15105186.67.91.110 138 tcp netbios-dgm filtered
15106186.67.91.110 138 udp netbios-dgm filtered
15107186.67.91.110 139 tcp netbios-ssn closed
15108186.67.91.110 139 udp netbios-ssn unknown
15109186.67.91.110 161 tcp snmp filtered
15110186.67.91.110 161 udp snmp unknown
15111186.67.91.110 162 tcp snmptrap filtered
15112186.67.91.110 162 udp snmptrap unknown
15113186.67.91.110 389 tcp ldap filtered
15114186.67.91.110 389 udp ldap unknown
15115186.67.91.110 443 tcp ssl/https open
15116186.67.91.110 445 tcp microsoft-ds closed
15117186.67.91.110 520 tcp efs filtered
15118186.67.91.110 520 udp route unknown
15119186.67.91.110 2049 tcp nfs filtered
15120186.67.91.110 2049 udp nfs unknown
15121192.0.78.12 25 tcp smtp closed
15122192.0.78.12 53 tcp domain filtered
15123192.0.78.12 53 udp domain unknown
15124192.0.78.12 67 tcp dhcps filtered
15125192.0.78.12 67 udp dhcps unknown
15126192.0.78.12 68 tcp dhcpc filtered
15127192.0.78.12 68 udp dhcpc unknown
15128192.0.78.12 69 tcp tftp filtered
15129192.0.78.12 69 udp tftp unknown
15130192.0.78.12 80 tcp http open nginx
15131192.0.78.12 88 tcp kerberos-sec filtered
15132192.0.78.12 88 udp kerberos-sec unknown
15133192.0.78.12 123 tcp ntp filtered
15134192.0.78.12 123 udp ntp unknown
15135192.0.78.12 137 tcp netbios-ns filtered
15136192.0.78.12 137 udp netbios-ns filtered
15137192.0.78.12 138 tcp netbios-dgm filtered
15138192.0.78.12 138 udp netbios-dgm filtered
15139192.0.78.12 139 tcp netbios-ssn closed
15140192.0.78.12 139 udp netbios-ssn unknown
15141192.0.78.12 161 tcp snmp filtered
15142192.0.78.12 161 udp snmp unknown
15143192.0.78.12 162 tcp snmptrap filtered
15144192.0.78.12 162 udp snmptrap unknown
15145192.0.78.12 389 tcp ldap filtered
15146192.0.78.12 389 udp ldap unknown
15147192.0.78.12 443 tcp ssl/http open nginx
15148192.0.78.12 445 tcp microsoft-ds closed
15149192.0.78.12 520 tcp efs filtered
15150192.0.78.12 520 udp route unknown
15151192.0.78.12 2049 tcp nfs filtered
15152192.0.78.12 2049 udp nfs unknown
15153192.0.78.13 25 tcp smtp closed
15154192.0.78.13 53 tcp domain filtered
15155192.0.78.13 53 udp domain unknown
15156192.0.78.13 67 tcp dhcps filtered
15157192.0.78.13 67 udp dhcps unknown
15158192.0.78.13 68 tcp dhcpc filtered
15159192.0.78.13 68 udp dhcpc unknown
15160192.0.78.13 69 tcp tftp filtered
15161192.0.78.13 69 udp tftp unknown
15162192.0.78.13 80 tcp http open nginx
15163192.0.78.13 88 tcp kerberos-sec filtered
15164192.0.78.13 88 udp kerberos-sec unknown
15165192.0.78.13 123 tcp ntp filtered
15166192.0.78.13 123 udp ntp unknown
15167192.0.78.13 137 tcp netbios-ns filtered
15168192.0.78.13 137 udp netbios-ns filtered
15169192.0.78.13 138 tcp netbios-dgm filtered
15170192.0.78.13 138 udp netbios-dgm filtered
15171192.0.78.13 139 tcp netbios-ssn closed
15172192.0.78.13 139 udp netbios-ssn unknown
15173192.0.78.13 161 tcp snmp filtered
15174192.0.78.13 161 udp snmp unknown
15175192.0.78.13 162 tcp snmptrap filtered
15176192.0.78.13 162 udp snmptrap unknown
15177192.0.78.13 389 tcp ldap filtered
15178192.0.78.13 389 udp ldap unknown
15179192.0.78.13 443 tcp ssl/http open nginx
15180192.0.78.13 445 tcp microsoft-ds closed
15181192.0.78.13 520 tcp efs filtered
15182192.0.78.13 520 udp route unknown
15183192.0.78.13 2049 tcp nfs filtered
15184192.0.78.13 2049 udp nfs unknown
15185194.18.73.2 25 tcp smtp closed
15186194.18.73.2 53 tcp domain filtered
15187194.18.73.2 53 udp domain unknown
15188194.18.73.2 67 tcp dhcps filtered
15189194.18.73.2 67 udp dhcps unknown
15190194.18.73.2 68 tcp dhcpc filtered
15191194.18.73.2 68 udp dhcpc unknown
15192194.18.73.2 69 tcp tftp filtered
15193194.18.73.2 69 udp tftp unknown
15194194.18.73.2 80 tcp http-proxy open HAProxy http proxy 1.3.1 or later
15195194.18.73.2 88 tcp kerberos-sec filtered
15196194.18.73.2 88 udp kerberos-sec unknown
15197194.18.73.2 113 tcp ident closed
15198194.18.73.2 123 tcp ntp filtered
15199194.18.73.2 123 udp ntp unknown
15200194.18.73.2 137 tcp netbios-ns filtered
15201194.18.73.2 137 udp netbios-ns filtered
15202194.18.73.2 138 tcp netbios-dgm filtered
15203194.18.73.2 138 udp netbios-dgm filtered
15204194.18.73.2 139 tcp netbios-ssn closed
15205194.18.73.2 139 udp netbios-ssn unknown
15206194.18.73.2 161 tcp snmp filtered
15207194.18.73.2 161 udp snmp unknown
15208194.18.73.2 162 tcp snmptrap filtered
15209194.18.73.2 162 udp snmptrap unknown
15210194.18.73.2 389 tcp ldap filtered
15211194.18.73.2 389 udp ldap unknown
15212194.18.73.2 443 tcp ssl/http-proxy open HAProxy http proxy 1.3.1 or later
15213194.18.73.2 445 tcp microsoft-ds closed
15214194.18.73.2 520 tcp efs filtered
15215194.18.73.2 520 udp route closed
15216194.18.73.2 2049 tcp nfs filtered
15217194.18.73.2 2049 udp nfs unknown
15218194.39.164.140 21 tcp ftp open ProFTPD
15219194.39.164.140 53 tcp domain filtered
15220194.39.164.140 53 udp domain unknown
15221194.39.164.140 67 tcp dhcps filtered
15222194.39.164.140 67 udp dhcps unknown
15223194.39.164.140 68 tcp dhcpc filtered
15224194.39.164.140 68 udp dhcpc unknown
15225194.39.164.140 69 tcp tftp filtered
15226194.39.164.140 69 udp tftp unknown
15227194.39.164.140 80 tcp http open nginx
15228194.39.164.140 88 tcp kerberos-sec filtered
15229194.39.164.140 88 udp kerberos-sec unknown
15230194.39.164.140 110 tcp pop3 open Courier pop3d
15231194.39.164.140 123 tcp ntp filtered
15232194.39.164.140 123 udp ntp unknown
15233194.39.164.140 137 tcp netbios-ns filtered
15234194.39.164.140 137 udp netbios-ns filtered
15235194.39.164.140 138 tcp netbios-dgm filtered
15236194.39.164.140 138 udp netbios-dgm filtered
15237194.39.164.140 139 tcp netbios-ssn closed
15238194.39.164.140 139 udp netbios-ssn unknown
15239194.39.164.140 161 tcp snmp filtered
15240194.39.164.140 161 udp snmp unknown
15241194.39.164.140 162 tcp snmptrap filtered
15242194.39.164.140 162 udp snmptrap unknown
15243194.39.164.140 389 tcp ldap filtered
15244194.39.164.140 389 udp ldap unknown
15245194.39.164.140 443 tcp ssl/http open nginx
15246194.39.164.140 465 tcp ssl/smtps open
15247194.39.164.140 520 tcp efs filtered
15248194.39.164.140 520 udp route unknown
15249194.39.164.140 587 tcp smtp open Postfix smtpd
15250194.39.164.140 993 tcp ssl/imaps open
15251194.39.164.140 2020 tcp ssh open OpenSSH 7.4 protocol 2.0
15252194.39.164.140 2049 tcp nfs filtered
15253194.39.164.140 2049 udp nfs unknown
15254194.39.164.140 8443 tcp ssl/https-alt open sw-cp-server
15255194.39.164.140 8880 tcp http open sw-cp-server httpd Plesk Onyx 17.8.11
15256195.181.169.2 25 tcp smtp closed
15257195.181.169.2 53 tcp domain filtered
15258195.181.169.2 53 udp domain unknown
15259195.181.169.2 67 tcp dhcps filtered
15260195.181.169.2 67 udp dhcps unknown
15261195.181.169.2 68 tcp dhcpc filtered
15262195.181.169.2 68 udp dhcpc unknown
15263195.181.169.2 69 tcp tftp filtered
15264195.181.169.2 69 udp tftp unknown
15265195.181.169.2 80 tcp http open nginx reverse proxy
15266195.181.169.2 88 tcp kerberos-sec filtered
15267195.181.169.2 88 udp kerberos-sec unknown
15268195.181.169.2 123 tcp ntp filtered
15269195.181.169.2 123 udp ntp unknown
15270195.181.169.2 137 tcp netbios-ns filtered
15271195.181.169.2 137 udp netbios-ns filtered
15272195.181.169.2 138 tcp netbios-dgm filtered
15273195.181.169.2 138 udp netbios-dgm filtered
15274195.181.169.2 139 tcp netbios-ssn closed
15275195.181.169.2 139 udp netbios-ssn unknown
15276195.181.169.2 161 tcp snmp filtered
15277195.181.169.2 161 udp snmp unknown
15278195.181.169.2 162 tcp snmptrap filtered
15279195.181.169.2 162 udp snmptrap unknown
15280195.181.169.2 389 tcp ldap filtered
15281195.181.169.2 389 udp ldap unknown
15282195.181.169.2 443 tcp ssl/http open nginx reverse proxy
15283195.181.169.2 445 tcp microsoft-ds closed
15284195.181.169.2 520 tcp efs filtered
15285195.181.169.2 520 udp route unknown
15286195.181.169.2 2049 tcp nfs filtered
15287195.181.169.2 2049 udp nfs unknown
15288199.191.50.92 53 tcp tcpwrapped open
15289199.191.50.92 53 udp mdns open DNS-based service discovery
15290199.191.50.92 67 tcp dhcps filtered
15291199.191.50.92 67 udp dhcps unknown
15292199.191.50.92 68 tcp dhcpc filtered
15293199.191.50.92 68 udp dhcpc unknown
15294199.191.50.92 69 tcp tftp filtered
15295199.191.50.92 69 udp tftp unknown
15296199.191.50.92 88 tcp kerberos-sec filtered
15297199.191.50.92 88 udp kerberos-sec unknown
15298199.191.50.92 123 tcp ntp filtered
15299199.191.50.92 123 udp ntp unknown
15300199.191.50.92 137 tcp netbios-ns filtered
15301199.191.50.92 137 udp netbios-ns filtered
15302199.191.50.92 138 tcp netbios-dgm filtered
15303199.191.50.92 138 udp netbios-dgm filtered
15304199.191.50.92 139 tcp netbios-ssn closed
15305199.191.50.92 139 udp netbios-ssn unknown
15306199.191.50.92 161 tcp snmp filtered
15307199.191.50.92 161 udp snmp unknown
15308199.191.50.92 162 tcp snmptrap filtered
15309199.191.50.92 162 udp snmptrap unknown
15310199.191.50.92 389 tcp ldap filtered
15311199.191.50.92 389 udp ldap unknown
15312199.191.50.92 520 tcp efs filtered
15313199.191.50.92 520 udp route unknown
15314199.191.50.92 2049 tcp nfs filtered
15315199.191.50.92 2049 udp nfs unknown
15316200.14.67.43 25 tcp smtp closed
15317200.14.67.43 53 tcp domain filtered
15318200.14.67.43 53 udp domain unknown
15319200.14.67.43 67 tcp dhcps filtered
15320200.14.67.43 67 udp dhcps unknown
15321200.14.67.43 68 tcp dhcpc filtered
15322200.14.67.43 68 udp dhcpc unknown
15323200.14.67.43 69 tcp tftp filtered
15324200.14.67.43 69 udp tftp unknown
15325200.14.67.43 80 tcp http open nginx 1.16.1 Ubuntu
15326200.14.67.43 88 tcp kerberos-sec filtered
15327200.14.67.43 88 udp kerberos-sec unknown
15328200.14.67.43 123 tcp ntp filtered
15329200.14.67.43 123 udp ntp unknown
15330200.14.67.43 137 tcp netbios-ns filtered
15331200.14.67.43 137 udp netbios-ns filtered
15332200.14.67.43 138 tcp netbios-dgm filtered
15333200.14.67.43 138 udp netbios-dgm filtered
15334200.14.67.43 139 tcp netbios-ssn closed
15335200.14.67.43 139 udp netbios-ssn unknown
15336200.14.67.43 161 tcp snmp filtered
15337200.14.67.43 161 udp snmp unknown
15338200.14.67.43 162 tcp snmptrap filtered
15339200.14.67.43 162 udp snmptrap unknown
15340200.14.67.43 389 tcp ldap filtered
15341200.14.67.43 389 udp ldap unknown
15342200.14.67.43 443 tcp ssl/http open nginx 1.16.1 Ubuntu
15343200.14.67.43 445 tcp microsoft-ds closed
15344200.14.67.43 520 tcp efs filtered
15345200.14.67.43 520 udp route unknown
15346200.14.67.43 2049 tcp nfs filtered
15347200.14.67.43 2049 udp nfs unknown
15348200.14.67.65 25 tcp smtp closed
15349200.14.67.65 53 tcp domain filtered
15350200.14.67.65 53 udp domain unknown
15351200.14.67.65 67 tcp dhcps filtered
15352200.14.67.65 67 udp dhcps unknown
15353200.14.67.65 68 tcp dhcpc filtered
15354200.14.67.65 68 udp dhcpc unknown
15355200.14.67.65 69 tcp tftp filtered
15356200.14.67.65 69 udp tftp unknown
15357200.14.67.65 80 tcp http open nginx 1.16.1 Ubuntu
15358200.14.67.65 88 tcp kerberos-sec filtered
15359200.14.67.65 88 udp kerberos-sec unknown
15360200.14.67.65 123 tcp ntp filtered
15361200.14.67.65 123 udp ntp unknown
15362200.14.67.65 137 tcp netbios-ns filtered
15363200.14.67.65 137 udp netbios-ns filtered
15364200.14.67.65 138 tcp netbios-dgm filtered
15365200.14.67.65 138 udp netbios-dgm filtered
15366200.14.67.65 139 tcp netbios-ssn closed
15367200.14.67.65 139 udp netbios-ssn unknown
15368200.14.67.65 161 tcp snmp filtered
15369200.14.67.65 161 udp snmp unknown
15370200.14.67.65 162 tcp snmptrap filtered
15371200.14.67.65 162 udp snmptrap unknown
15372200.14.67.65 389 tcp ldap filtered
15373200.14.67.65 389 udp ldap unknown
15374200.14.67.65 443 tcp ssl/http open nginx 1.16.1 Ubuntu
15375200.14.67.65 445 tcp microsoft-ds closed
15376200.14.67.65 520 tcp efs filtered
15377200.14.67.65 520 udp route unknown
15378200.14.67.65 2049 tcp nfs filtered
15379200.14.67.65 2049 udp nfs unknown
15380200.35.157.77 53 tcp domain filtered
15381200.35.157.77 53 udp domain unknown
15382200.35.157.77 67 tcp dhcps filtered
15383200.35.157.77 67 udp dhcps unknown
15384200.35.157.77 68 tcp dhcpc filtered
15385200.35.157.77 68 udp dhcpc unknown
15386200.35.157.77 69 tcp tftp filtered
15387200.35.157.77 69 udp tftp unknown
15388200.35.157.77 88 tcp kerberos-sec filtered
15389200.35.157.77 88 udp kerberos-sec unknown
15390200.35.157.77 123 tcp ntp filtered
15391200.35.157.77 123 udp ntp unknown
15392200.35.157.77 137 tcp netbios-ns filtered
15393200.35.157.77 137 udp netbios-ns filtered
15394200.35.157.77 138 tcp netbios-dgm filtered
15395200.35.157.77 138 udp netbios-dgm filtered
15396200.35.157.77 139 tcp netbios-ssn closed
15397200.35.157.77 139 udp netbios-ssn unknown
15398200.35.157.77 161 tcp snmp filtered
15399200.35.157.77 161 udp snmp unknown
15400200.35.157.77 162 tcp snmptrap filtered
15401200.35.157.77 162 udp snmptrap unknown
15402200.35.157.77 389 tcp ldap filtered
15403200.35.157.77 389 udp ldap unknown
15404200.35.157.77 520 tcp efs filtered
15405200.35.157.77 520 udp route unknown
15406200.35.157.77 2049 tcp nfs filtered
15407200.35.157.77 2049 udp nfs unknown
15408201.131.38.40 25 tcp smtp closed
15409201.131.38.40 53 tcp domain filtered
15410201.131.38.40 53 udp domain unknown
15411201.131.38.40 67 tcp dhcps filtered
15412201.131.38.40 67 udp dhcps unknown
15413201.131.38.40 68 tcp dhcpc filtered
15414201.131.38.40 68 udp dhcpc unknown
15415201.131.38.40 69 tcp tftp filtered
15416201.131.38.40 69 udp tftp unknown
15417201.131.38.40 80 tcp http open Apache httpd
15418201.131.38.40 88 tcp kerberos-sec filtered
15419201.131.38.40 88 udp kerberos-sec unknown
15420201.131.38.40 123 tcp ntp filtered
15421201.131.38.40 123 udp ntp unknown
15422201.131.38.40 137 tcp netbios-ns filtered
15423201.131.38.40 137 udp netbios-ns filtered
15424201.131.38.40 138 tcp netbios-dgm filtered
15425201.131.38.40 138 udp netbios-dgm filtered
15426201.131.38.40 139 tcp netbios-ssn closed
15427201.131.38.40 139 udp netbios-ssn unknown
15428201.131.38.40 161 tcp snmp filtered
15429201.131.38.40 161 udp snmp unknown
15430201.131.38.40 162 tcp snmptrap filtered
15431201.131.38.40 162 udp snmptrap unknown
15432201.131.38.40 389 tcp ldap filtered
15433201.131.38.40 389 udp ldap unknown
15434201.131.38.40 443 tcp ssl/http open Apache httpd
15435201.131.38.40 445 tcp microsoft-ds closed
15436201.131.38.40 520 tcp efs filtered
15437201.131.38.40 520 udp route unknown
15438201.131.38.40 2049 tcp nfs filtered
15439201.131.38.40 2049 udp nfs unknown
15440201.238.246.43 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 05:39. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
15441201.238.246.43 25 tcp smtp closed
15442201.238.246.43 53 tcp domain filtered
15443201.238.246.43 53 udp domain unknown
15444201.238.246.43 67 tcp dhcps filtered
15445201.238.246.43 67 udp dhcps unknown
15446201.238.246.43 68 tcp dhcpc filtered
15447201.238.246.43 68 udp dhcpc unknown
15448201.238.246.43 69 tcp tftp filtered
15449201.238.246.43 69 udp tftp unknown
15450201.238.246.43 88 tcp kerberos-sec filtered
15451201.238.246.43 88 udp kerberos-sec unknown
15452201.238.246.43 113 tcp ident closed
15453201.238.246.43 123 tcp ntp filtered
15454201.238.246.43 123 udp ntp unknown
15455201.238.246.43 137 tcp netbios-ns filtered
15456201.238.246.43 137 udp netbios-ns filtered
15457201.238.246.43 138 tcp netbios-dgm filtered
15458201.238.246.43 138 udp netbios-dgm filtered
15459201.238.246.43 139 tcp netbios-ssn closed
15460201.238.246.43 139 udp netbios-ssn unknown
15461201.238.246.43 161 tcp snmp filtered
15462201.238.246.43 161 udp snmp unknown
15463201.238.246.43 162 tcp snmptrap filtered
15464201.238.246.43 162 udp snmptrap unknown
15465201.238.246.43 389 tcp ldap filtered
15466201.238.246.43 389 udp ldap unknown
15467201.238.246.43 445 tcp microsoft-ds closed
15468201.238.246.43 520 tcp efs filtered
15469201.238.246.43 520 udp route unknown
15470201.238.246.43 2049 tcp nfs filtered
15471201.238.246.43 2049 udp nfs unknown
15472202.214.194.138 25 tcp smtp closed
15473202.214.194.138 53 tcp domain filtered
15474202.214.194.138 53 udp domain unknown
15475202.214.194.138 67 tcp dhcps filtered
15476202.214.194.138 67 udp dhcps unknown
15477202.214.194.138 68 tcp dhcpc filtered
15478202.214.194.138 68 udp dhcpc unknown
15479202.214.194.138 69 tcp tftp filtered
15480202.214.194.138 69 udp tftp unknown
15481202.214.194.138 80 tcp http open
15482202.214.194.138 88 tcp kerberos-sec filtered
15483202.214.194.138 88 udp kerberos-sec unknown
15484202.214.194.138 123 tcp ntp filtered
15485202.214.194.138 123 udp ntp unknown
15486202.214.194.138 137 tcp netbios-ns filtered
15487202.214.194.138 137 udp netbios-ns filtered
15488202.214.194.138 138 tcp netbios-dgm filtered
15489202.214.194.138 138 udp netbios-dgm filtered
15490202.214.194.138 139 tcp netbios-ssn closed
15491202.214.194.138 139 udp netbios-ssn unknown
15492202.214.194.138 161 tcp snmp filtered
15493202.214.194.138 161 udp snmp unknown
15494202.214.194.138 162 tcp snmptrap filtered
15495202.214.194.138 162 udp snmptrap unknown
15496202.214.194.138 389 tcp ldap filtered
15497202.214.194.138 389 udp ldap unknown
15498202.214.194.138 443 tcp ssl/https open
15499202.214.194.138 445 tcp microsoft-ds closed
15500202.214.194.138 520 tcp efs filtered
15501202.214.194.138 520 udp route unknown
15502202.214.194.138 2049 tcp nfs filtered
15503202.214.194.138 2049 udp nfs unknown
15504202.238.130.103 25 tcp smtp closed
15505202.238.130.103 53 tcp domain filtered
15506202.238.130.103 53 udp domain unknown
15507202.238.130.103 67 tcp dhcps filtered
15508202.238.130.103 67 udp dhcps unknown
15509202.238.130.103 68 tcp dhcpc filtered
15510202.238.130.103 68 udp dhcpc unknown
15511202.238.130.103 69 tcp tftp filtered
15512202.238.130.103 69 udp tftp unknown
15513202.238.130.103 80 tcp http-proxy open F5 BIG-IP load balancer http proxy
15514202.238.130.103 88 tcp kerberos-sec filtered
15515202.238.130.103 88 udp kerberos-sec unknown
15516202.238.130.103 113 tcp ident closed
15517202.238.130.103 123 tcp ntp filtered
15518202.238.130.103 123 udp ntp unknown
15519202.238.130.103 137 tcp netbios-ns filtered
15520202.238.130.103 137 udp netbios-ns filtered
15521202.238.130.103 138 tcp netbios-dgm filtered
15522202.238.130.103 138 udp netbios-dgm filtered
15523202.238.130.103 139 tcp netbios-ssn closed
15524202.238.130.103 139 udp netbios-ssn unknown
15525202.238.130.103 161 tcp snmp filtered
15526202.238.130.103 161 udp snmp unknown
15527202.238.130.103 162 tcp snmptrap filtered
15528202.238.130.103 162 udp snmptrap unknown
15529202.238.130.103 389 tcp ldap filtered
15530202.238.130.103 389 udp ldap unknown
15531202.238.130.103 443 tcp ssl/http open Apache httpd
15532202.238.130.103 445 tcp microsoft-ds closed
15533202.238.130.103 520 tcp efs filtered
15534202.238.130.103 520 udp route unknown
15535202.238.130.103 2049 tcp nfs filtered
15536202.238.130.103 2049 udp nfs unknown
15537202.238.130.103 8008 tcp http open
15538203.137.110.66 21 tcp ftp open 220 203.137.110.66 FTP server ready\x0d\x0a
15539203.180.216.224 25 tcp smtp closed
15540203.180.216.224 53 tcp domain filtered
15541203.180.216.224 53 udp domain unknown
15542203.180.216.224 67 tcp dhcps filtered
15543203.180.216.224 67 udp dhcps unknown
15544203.180.216.224 68 tcp dhcpc filtered
15545203.180.216.224 68 udp dhcpc unknown
15546203.180.216.224 69 tcp tftp filtered
15547203.180.216.224 69 udp tftp unknown
15548203.180.216.224 80 tcp http open nginx
15549203.180.216.224 88 tcp kerberos-sec filtered
15550203.180.216.224 88 udp kerberos-sec unknown
15551203.180.216.224 123 tcp ntp filtered
15552203.180.216.224 123 udp ntp unknown
15553203.180.216.224 137 tcp netbios-ns filtered
15554203.180.216.224 137 udp netbios-ns filtered
15555203.180.216.224 138 tcp netbios-dgm filtered
15556203.180.216.224 138 udp netbios-dgm filtered
15557203.180.216.224 139 tcp netbios-ssn closed
15558203.180.216.224 139 udp netbios-ssn unknown
15559203.180.216.224 161 tcp snmp filtered
15560203.180.216.224 161 udp snmp unknown
15561203.180.216.224 162 tcp snmptrap filtered
15562203.180.216.224 162 udp snmptrap unknown
15563203.180.216.224 389 tcp ldap filtered
15564203.180.216.224 389 udp ldap unknown
15565203.180.216.224 443 tcp ssl/http open nginx
15566203.180.216.224 445 tcp microsoft-ds closed
15567203.180.216.224 520 tcp efs filtered
15568203.180.216.224 520 udp route unknown
15569203.180.216.224 2049 tcp nfs filtered
15570203.180.216.224 2049 udp nfs unknown
15571203.183.218.244 21 tcp ftp open 220 203.183.218.130 FTP server ready\x0d\x0a
15572205.134.171.80 22 tcp ssh open SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
15573205.134.171.80 53 tcp domain filtered
15574205.134.171.80 53 udp domain unknown
15575205.134.171.80 67 tcp dhcps filtered
15576205.134.171.80 67 udp dhcps unknown
15577205.134.171.80 68 tcp dhcpc filtered
15578205.134.171.80 68 udp dhcpc unknown
15579205.134.171.80 69 tcp tftp filtered
15580205.134.171.80 69 udp tftp unknown
15581205.134.171.80 88 tcp kerberos-sec filtered
15582205.134.171.80 88 udp kerberos-sec unknown
15583205.134.171.80 123 tcp ntp filtered
15584205.134.171.80 123 udp ntp unknown
15585205.134.171.80 137 tcp netbios-ns filtered
15586205.134.171.80 137 udp netbios-ns filtered
15587205.134.171.80 138 tcp netbios-dgm filtered
15588205.134.171.80 138 udp netbios-dgm filtered
15589205.134.171.80 139 tcp netbios-ssn closed
15590205.134.171.80 139 udp netbios-ssn unknown
15591205.134.171.80 161 tcp snmp filtered
15592205.134.171.80 161 udp snmp unknown
15593205.134.171.80 162 tcp snmptrap filtered
15594205.134.171.80 162 udp snmptrap unknown
15595205.134.171.80 389 tcp ldap filtered
15596205.134.171.80 389 udp ldap unknown
15597205.134.171.80 520 tcp efs filtered
15598205.134.171.80 520 udp route unknown
15599205.134.171.80 2049 tcp nfs filtered
15600205.134.171.80 2049 udp nfs unknown
15601208.113.216.185 25 tcp smtp closed
15602208.113.216.185 53 tcp domain filtered
15603208.113.216.185 53 udp domain unknown
15604208.113.216.185 67 tcp dhcps filtered
15605208.113.216.185 67 udp dhcps unknown
15606208.113.216.185 68 tcp dhcpc filtered
15607208.113.216.185 68 udp dhcpc unknown
15608208.113.216.185 69 tcp tftp filtered
15609208.113.216.185 69 udp tftp unknown
15610208.113.216.185 88 tcp kerberos-sec filtered
15611208.113.216.185 88 udp kerberos-sec unknown
15612208.113.216.185 123 tcp ntp filtered
15613208.113.216.185 123 udp ntp unknown
15614208.113.216.185 137 tcp netbios-ns filtered
15615208.113.216.185 137 udp netbios-ns filtered
15616208.113.216.185 138 tcp netbios-dgm filtered
15617208.113.216.185 138 udp netbios-dgm filtered
15618208.113.216.185 139 tcp netbios-ssn closed
15619208.113.216.185 139 udp netbios-ssn unknown
15620208.113.216.185 161 tcp snmp filtered
15621208.113.216.185 161 udp snmp unknown
15622208.113.216.185 162 tcp snmptrap filtered
15623208.113.216.185 162 udp snmptrap unknown
15624208.113.216.185 389 tcp ldap filtered
15625208.113.216.185 389 udp ldap unknown
15626208.113.216.185 445 tcp microsoft-ds closed
15627208.113.216.185 520 tcp efs filtered
15628208.113.216.185 520 udp route unknown
15629208.113.216.185 2049 tcp nfs filtered
15630208.113.216.185 2049 udp nfs unknown
15631208.113.220.218 25 tcp smtp closed
15632208.113.220.218 53 tcp domain filtered
15633208.113.220.218 53 udp domain unknown
15634208.113.220.218 67 tcp dhcps filtered
15635208.113.220.218 67 udp dhcps unknown
15636208.113.220.218 68 tcp dhcpc filtered
15637208.113.220.218 68 udp dhcpc unknown
15638208.113.220.218 69 tcp tftp filtered
15639208.113.220.218 69 udp tftp unknown
15640208.113.220.218 88 tcp kerberos-sec filtered
15641208.113.220.218 88 udp kerberos-sec unknown
15642208.113.220.218 123 tcp ntp filtered
15643208.113.220.218 123 udp ntp unknown
15644208.113.220.218 137 tcp netbios-ns filtered
15645208.113.220.218 137 udp netbios-ns filtered
15646208.113.220.218 138 tcp netbios-dgm filtered
15647208.113.220.218 138 udp netbios-dgm filtered
15648208.113.220.218 139 tcp netbios-ssn closed
15649208.113.220.218 139 udp netbios-ssn unknown
15650208.113.220.218 161 tcp snmp filtered
15651208.113.220.218 161 udp snmp unknown
15652208.113.220.218 162 tcp snmptrap filtered
15653208.113.220.218 162 udp snmptrap unknown
15654208.113.220.218 389 tcp ldap filtered
15655208.113.220.218 389 udp ldap unknown
15656208.113.220.218 445 tcp microsoft-ds closed
15657208.113.220.218 520 tcp efs filtered
15658208.113.220.218 520 udp route unknown
15659208.113.220.218 2049 tcp nfs filtered
15660208.113.220.218 2049 udp nfs unknown
15661209.59.165.178 25 tcp smtp closed
15662209.59.165.178 53 tcp domain filtered PowerDNS Authoritative Server 4.1.10
15663209.59.165.178 53 udp domain unknown PowerDNS Authoritative Server 4.1.10
15664209.59.165.178 67 tcp dhcps filtered
15665209.59.165.178 67 udp dhcps unknown
15666209.59.165.178 68 tcp dhcpc filtered
15667209.59.165.178 68 udp dhcpc unknown
15668209.59.165.178 69 tcp tftp filtered
15669209.59.165.178 69 udp tftp unknown
15670209.59.165.178 88 tcp kerberos-sec filtered
15671209.59.165.178 88 udp kerberos-sec unknown
15672209.59.165.178 123 tcp ntp filtered
15673209.59.165.178 123 udp ntp unknown
15674209.59.165.178 137 tcp netbios-ns filtered
15675209.59.165.178 137 udp netbios-ns filtered
15676209.59.165.178 138 tcp netbios-dgm filtered
15677209.59.165.178 138 udp netbios-dgm filtered
15678209.59.165.178 139 tcp netbios-ssn closed
15679209.59.165.178 139 udp netbios-ssn unknown
15680209.59.165.178 161 tcp snmp filtered
15681209.59.165.178 161 udp snmp unknown
15682209.59.165.178 162 tcp snmptrap filtered
15683209.59.165.178 162 udp snmptrap unknown
15684209.59.165.178 389 tcp ldap filtered
15685209.59.165.178 389 udp ldap unknown
15686209.59.165.178 445 tcp microsoft-ds closed
15687209.59.165.178 520 tcp efs filtered
15688209.59.165.178 520 udp route unknown
15689209.59.165.178 2049 tcp nfs filtered
15690209.59.165.178 2049 udp nfs unknown
15691210.149.141.34 53 tcp domain filtered
15692210.149.141.34 53 udp domain unknown
15693210.149.141.34 67 tcp dhcps filtered
15694210.149.141.34 67 udp dhcps unknown
15695210.149.141.34 68 tcp dhcpc filtered
15696210.149.141.34 68 udp dhcpc unknown
15697210.149.141.34 69 tcp tftp filtered
15698210.149.141.34 69 udp tftp unknown
15699210.149.141.34 88 tcp kerberos-sec filtered
15700210.149.141.34 88 udp kerberos-sec unknown
15701210.149.141.34 123 tcp ntp filtered
15702210.149.141.34 123 udp ntp unknown
15703210.149.141.34 137 tcp netbios-ns filtered
15704210.149.141.34 137 udp netbios-ns filtered
15705210.149.141.34 138 tcp netbios-dgm filtered
15706210.149.141.34 138 udp netbios-dgm filtered
15707210.149.141.34 139 tcp netbios-ssn closed
15708210.149.141.34 139 udp netbios-ssn unknown
15709210.149.141.34 161 tcp snmp filtered
15710210.149.141.34 161 udp snmp unknown
15711210.149.141.34 162 tcp snmptrap filtered
15712210.149.141.34 162 udp snmptrap unknown
15713210.149.141.34 389 tcp ldap filtered
15714210.149.141.34 389 udp ldap unknown
15715210.149.141.34 520 tcp efs filtered
15716210.149.141.34 520 udp route unknown
15717210.149.141.34 2049 tcp nfs filtered
15718210.149.141.34 2049 udp nfs unknown
15719210.152.243.182 21 tcp ftp open 220 (vsFTPd 2.2.2)\x0d\x0a
15720210.160.220.105 53 tcp domain closed
15721210.160.220.105 53 udp domain unknown
15722210.160.220.105 67 tcp dhcps closed
15723210.160.220.105 67 udp dhcps unknown
15724210.160.220.105 68 tcp dhcpc closed
15725210.160.220.105 68 udp dhcpc unknown
15726210.160.220.105 69 tcp tftp filtered
15727210.160.220.105 69 udp tftp unknown
15728210.160.220.105 88 tcp kerberos-sec closed
15729210.160.220.105 88 udp kerberos-sec unknown
15730210.160.220.105 123 tcp ntp filtered
15731210.160.220.105 123 udp ntp unknown
15732210.160.220.105 137 tcp netbios-ns closed
15733210.160.220.105 137 udp netbios-ns filtered
15734210.160.220.105 138 tcp netbios-dgm closed
15735210.160.220.105 138 udp netbios-dgm filtered
15736210.160.220.105 139 tcp netbios-ssn closed
15737210.160.220.105 139 udp netbios-ssn unknown
15738210.160.220.105 161 tcp snmp closed
15739210.160.220.105 161 udp snmp unknown
15740210.160.220.105 162 tcp snmptrap filtered
15741210.160.220.105 162 udp snmptrap unknown
15742210.160.220.105 389 tcp ldap closed
15743210.160.220.105 389 udp ldap unknown
15744210.160.220.105 520 tcp efs closed
15745210.160.220.105 520 udp route unknown
15746210.160.220.105 2049 tcp nfs closed
15747210.160.220.105 2049 udp nfs unknown
15748210.160.220.113 53 tcp domain closed
15749210.160.220.113 53 udp domain unknown
15750210.160.220.113 67 tcp dhcps closed
15751210.160.220.113 67 udp dhcps unknown
15752210.160.220.113 68 tcp dhcpc closed
15753210.160.220.113 68 udp dhcpc unknown
15754210.160.220.113 69 tcp tftp closed
15755210.160.220.113 69 udp tftp unknown
15756210.160.220.113 88 tcp kerberos-sec filtered
15757210.160.220.113 88 udp kerberos-sec unknown
15758210.160.220.113 123 tcp ntp filtered
15759210.160.220.113 123 udp ntp unknown
15760210.160.220.113 137 tcp netbios-ns closed
15761210.160.220.113 137 udp netbios-ns filtered
15762210.160.220.113 138 tcp netbios-dgm closed
15763210.160.220.113 138 udp netbios-dgm filtered
15764210.160.220.113 139 tcp netbios-ssn closed
15765210.160.220.113 139 udp netbios-ssn unknown
15766210.160.220.113 161 tcp snmp closed
15767210.160.220.113 161 udp snmp unknown
15768210.160.220.113 162 tcp snmptrap closed
15769210.160.220.113 162 udp snmptrap unknown
15770210.160.220.113 389 tcp ldap filtered
15771210.160.220.113 389 udp ldap unknown
15772210.160.220.113 520 tcp efs closed
15773210.160.220.113 520 udp route unknown
15774210.160.220.113 2049 tcp nfs closed
15775210.160.220.113 2049 udp nfs unknown
15776210.226.36.2 25 tcp smtp closed
15777210.226.36.2 53 tcp domain filtered
15778210.226.36.2 53 udp domain unknown
15779210.226.36.2 67 tcp dhcps filtered
15780210.226.36.2 67 udp dhcps unknown
15781210.226.36.2 68 tcp dhcpc filtered
15782210.226.36.2 68 udp dhcpc unknown
15783210.226.36.2 69 tcp tftp filtered
15784210.226.36.2 69 udp tftp unknown
15785210.226.36.2 80 tcp http open Apache httpd 1.3.41 (Unix) PHP/3.0.18-i18n-ja-3
15786210.226.36.2 88 tcp kerberos-sec filtered
15787210.226.36.2 88 udp kerberos-sec unknown
15788210.226.36.2 123 tcp ntp filtered
15789210.226.36.2 123 udp ntp unknown
15790210.226.36.2 137 tcp netbios-ns filtered
15791210.226.36.2 137 udp netbios-ns filtered
15792210.226.36.2 138 tcp netbios-dgm filtered
15793210.226.36.2 138 udp netbios-dgm filtered
15794210.226.36.2 139 tcp netbios-ssn closed
15795210.226.36.2 139 udp netbios-ssn unknown
15796210.226.36.2 161 tcp snmp filtered
15797210.226.36.2 161 udp snmp unknown
15798210.226.36.2 162 tcp snmptrap filtered
15799210.226.36.2 162 udp snmptrap unknown
15800210.226.36.2 389 tcp ldap filtered
15801210.226.36.2 389 udp ldap unknown
15802210.226.36.2 445 tcp microsoft-ds closed
15803210.226.36.2 520 tcp efs filtered
15804210.226.36.2 520 udp route unknown
15805210.226.36.2 2049 tcp nfs filtered
15806210.226.36.2 2049 udp nfs unknown
15807217.160.131.142 21 tcp ftp open ProFTPD
15808217.160.131.142 22 tcp ssh open OpenSSH 5.3 protocol 2.0
15809217.160.131.142 53 tcp domain closed
15810217.160.131.142 53 udp domain unknown
15811217.160.131.142 67 tcp dhcps closed
15812217.160.131.142 67 udp dhcps unknown
15813217.160.131.142 68 tcp dhcpc closed
15814217.160.131.142 68 udp dhcpc closed
15815217.160.131.142 69 tcp tftp closed
15816217.160.131.142 69 udp tftp unknown
15817217.160.131.142 80 tcp http open Apache httpd PleskLin
15818217.160.131.142 88 tcp kerberos-sec closed
15819217.160.131.142 88 udp kerberos-sec unknown
15820217.160.131.142 123 tcp ntp closed
15821217.160.131.142 123 udp ntp unknown
15822217.160.131.142 137 tcp netbios-ns closed
15823217.160.131.142 137 udp netbios-ns filtered
15824217.160.131.142 138 tcp netbios-dgm closed
15825217.160.131.142 138 udp netbios-dgm filtered
15826217.160.131.142 139 tcp netbios-ssn closed
15827217.160.131.142 139 udp netbios-ssn closed
15828217.160.131.142 161 tcp snmp closed
15829217.160.131.142 161 udp snmp unknown
15830217.160.131.142 162 tcp snmptrap closed
15831217.160.131.142 162 udp snmptrap closed
15832217.160.131.142 389 tcp ldap closed
15833217.160.131.142 389 udp ldap closed
15834217.160.131.142 443 tcp ssl/http open Apache httpd PleskLin
15835217.160.131.142 520 tcp efs closed
15836217.160.131.142 520 udp route unknown
15837217.160.131.142 2049 tcp nfs closed
15838217.160.131.142 2049 udp nfs closed
15839217.160.131.142 3306 tcp mysql open MySQL 5.1.73
15840217.160.131.142 4643 tcp ssl/http open Apache httpd
15841217.160.131.142 8443 tcp ssl/http open sw-cp-server httpd Plesk Onyx 17.8.11
15842217.160.131.142 8880 tcp http open sw-cp-server httpd Plesk Onyx 17.8.11
15843#####################################################################################################################################
15844 Anonymous JTSEC #OpDeathEathers Full Recon #13