· 6 years ago · Nov 25, 2019, 09:14 AM
1######################################################################################################################################
2=======================================================================================================================================
3Hostname scottishrite-bg.org ISP SuperHosting.BG Ltd.
4Continent Europe Flag
5BG
6Country Bulgaria Country Code BG
7Region Unknown Local time 25 Nov 2019 09:56 EET
8City Unknown Postal Code Unknown
9IP Address 87.120.40.42 Latitude 42.7
10 Longitude 23.333
11=======================================================================================================================================
12######################################################################################################################################
13> scottishrite-bg.org
14Server: 38.132.106.139
15Address: 38.132.106.139#53
16
17Non-authoritative answer:
18Name: scottishrite-bg.org
19Address: 87.120.40.42
20>
21######################################################################################################################################
22Domain Name: SCOTTISHRITE-BG.ORG
23Registry Domain ID: D106341636-LROR
24Registrar WHOIS Server: whois.publicdomainregistry.com
25Registrar URL: http://www.publicdomainregistry.com
26Updated Date: 2019-03-25T09:37:04Z
27Creation Date: 2005-05-17T14:02:10Z
28Registry Expiry Date: 2021-05-17T14:02:10Z
29Registrar Registration Expiration Date:
30Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
31Registrar IANA ID: 303
32Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
33Registrar Abuse Contact Phone: +1.2013775952
34Reseller:
35Domain Status: ok https://icann.org/epp#ok
36Registrant Organization: GDPR Masked
37Registrant State/Province: GDPR Masked
38Registrant Country: US
39Name Server: NS25.BGDNS.NET
40Name Server: NS26.BGDNS.NET
41DNSSEC: unsigned
42######################################################################################################################################
43[+] Target : scottishrite-bg.org
44
45[+] IP Address : 87.120.40.42
46
47[+] Headers :
48
49[+] Date : Mon, 25 Nov 2019 08:01:09 GMT
50[+] Server : Apache
51[+] Upgrade : h2,h2c
52[+] Connection : Upgrade, Keep-Alive
53[+] Last-Modified : Thu, 06 Dec 2007 13:46:26 GMT
54[+] ETag : "b0217ed-3df-4409e5b343080"
55[+] Accept-Ranges : bytes
56[+] Content-Length : 991
57[+] Keep-Alive : timeout=5, max=100
58[+] Content-Type : text/html
59
60[+] SSL Certificate Information :
61
62[+] commonName : scottishrite-bg.org
63[+] countryName : US
64[+] stateOrProvinceName : TX
65[+] localityName : Houston
66[+] organizationName : cPanel, Inc.
67[+] commonName : cPanel, Inc. Certification Authority
68[+] Version : 3
69[+] Serial Number : 19BD64718A64814BAA2FE8123E2B207C
70[+] Not Before : Oct 3 00:00:00 2019 GMT
71[+] Not After : Jan 1 23:59:59 2020 GMT
72[+] OCSP : ('http://ocsp.comodoca.com',)
73[+] subject Alt Name : (('DNS', 'scottishrite-bg.org'), ('DNS', 'autodiscover.scottishrite-bg.org'), ('DNS', 'cpanel.scottishrite-bg.org'), ('DNS', 'mail.scottishrite-bg.org'), ('DNS', 'webdisk.scottishrite-bg.org'), ('DNS', 'webmail.scottishrite-bg.org'), ('DNS', 'www.scottishrite-bg.org'))
74[+] CA Issuers : ('http://crt.comodoca.com/cPanelIncCertificationAuthority.crt',)
75[+] CRL Distribution Points : ('http://crl.comodoca.com/cPanelIncCertificationAuthority.crl',)
76
77[+] Whois Lookup :
78
79[-] Error : WHOIS lookup failed for 87.120.40.42.
80
81[+] Crawling Target...
82
83[+] Looking for robots.txt........[ Found ]
84[+] Extracting robots Links.......[ 13 ]
85[+] Looking for sitemap.xml.......[ Not Found ]
86[+] Extracting CSS Links..........[ 0 ]
87[+] Extracting Javascript Links...[ 0 ]
88[+] Extracting Internal Links.....[ 0 ]
89[+] Extracting External Links.....[ 0 ]
90[+] Extracting Images.............[ 4 ]
91
92[+] Total Links Extracted : 17
93
94[+] Dumping Links in /opt/FinalRecon/dumps/scottishrite-bg.org.dump
95[+] Completed!
96#####################################################################################################################################
97[i] Scanning Site: http://scottishrite-bg.org
98
99
100
101B A S I C I N F O
102====================
103
104
105[+] Site Title: Шотландски Ритуал в България
106[+] IP address: 87.120.40.42
107[+] Web Server: Apache
108[+] CMS: Could Not Detect
109[+] Cloudflare: Not Detected
110[+] Robots File: Found
111
112-------------[ contents ]----------------
113User-agent: *
114Disallow: /administrator/
115Disallow: /cache/
116Disallow: /components/
117Disallow: /editor/
118Disallow: /help/
119Disallow: /images/
120Disallow: /includes/
121Disallow: /language/
122Disallow: /mambots/
123Disallow: /media/
124Disallow: /modules/
125Disallow: /templates/
126Disallow: /installation/
127
128-----------[end of contents]-------------
129
130
131
132W H O I S L O O K U P
133========================
134
135 Domain Name: SCOTTISHRITE-BG.ORG
136Registry Domain ID: D106341636-LROR
137Registrar WHOIS Server: whois.publicdomainregistry.com
138Registrar URL: http://www.publicdomainregistry.com
139Updated Date: 2019-03-25T09:37:04Z
140Creation Date: 2005-05-17T14:02:10Z
141Registry Expiry Date: 2021-05-17T14:02:10Z
142Registrar Registration Expiration Date:
143Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
144Registrar IANA ID: 303
145Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
146Registrar Abuse Contact Phone: +1.2013775952
147Reseller:
148Domain Status: ok https://icann.org/epp#ok
149Registrant Organization: GDPR Masked
150Registrant State/Province: GDPR Masked
151Registrant Country: US
152Name Server: NS25.BGDNS.NET
153Name Server: NS26.BGDNS.NET
154DNSSEC: unsigned
155URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
156>>> Last update of WHOIS database: 2019-11-25T08:00:37Z <<<
157
158For more information on Whois status codes, please visit https://icann.org/epp
159
160
161
162
163
164G E O I P L O O K U P
165=========================
166
167[i] IP Address: 87.120.40.42
168[i] Country: Bulgaria
169[i] State:
170[i] City:
171[i] Latitude: 42.7
172[i] Longitude: 23.3333
173
174
175
176
177H T T P H E A D E R S
178=======================
179
180
181[i] HTTP/1.1 200 OK
182[i] Date: Mon, 25 Nov 2019 08:01:39 GMT
183[i] Server: Apache
184[i] Upgrade: h2,h2c
185[i] Connection: Upgrade, close
186[i] Last-Modified: Thu, 06 Dec 2007 13:46:26 GMT
187[i] ETag: "b0217ed-3df-4409e5b343080"
188[i] Accept-Ranges: bytes
189[i] Content-Length: 991
190[i] Content-Type: text/html
191
192
193
194
195D N S L O O K U P
196===================
197
198scottishrite-bg.org. 299 IN SOA ns25.bgdns.net. support.host.b. 2018092801 3600 1800 1209600 21600
199scottishrite-bg.org. 299 IN NS ns26.bgdns.net.
200scottishrite-bg.org. 299 IN NS ns25.bgdns.net.
201scottishrite-bg.org. 299 IN A 87.120.40.42
202scottishrite-bg.org. 299 IN TXT "v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg a a:mail7.host.bg a:m7.host.bg -all"
203scottishrite-bg.org. 299 IN TXT "v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg include:_spf.google.com ~all"
204scottishrite-bg.org. 3599 IN MX 10 alt4.aspmx.l.google.com.
205scottishrite-bg.org. 3599 IN MX 5 alt2.aspmx.l.google.com.
206scottishrite-bg.org. 3599 IN MX 1 aspmx.l.google.com.
207scottishrite-bg.org. 3599 IN MX 5 alt1.aspmx.l.google.com.
208scottishrite-bg.org. 3599 IN MX 10 alt3.aspmx.l.google.com.
209
210
211
212
213S U B N E T C A L C U L A T I O N
214====================================
215
216Address = 87.120.40.42
217Network = 87.120.40.42 / 32
218Netmask = 255.255.255.255
219Broadcast = not needed on Point-to-Point links
220Wildcard Mask = 0.0.0.0
221Hosts Bits = 0
222Max. Hosts = 1 (2^0 - 0)
223Host Range = { 87.120.40.42 - 87.120.40.42 }
224
225
226
227N M A P P O R T S C A N
228============================
229
230Starting Nmap 7.70 ( https://nmap.org ) at 2019-11-25 08:01 UTC
231Nmap scan report for scottishrite-bg.org (87.120.40.42)
232Host is up (0.11s latency).
233rDNS record for 87.120.40.42: server13.host.bg
234
235PORT STATE SERVICE
23621/tcp open ftp
23722/tcp closed ssh
23823/tcp filtered telnet
23980/tcp open http
240110/tcp open pop3
241143/tcp open imap
242443/tcp open https
2433389/tcp filtered ms-wbt-server
244
245Nmap done: 1 IP address (1 host up) scanned in 2.39 seconds
246
247
248
249S U B - D O M A I N F I N D E R
250==================================
251
252
253[i] Total Subdomains Found : 5
254
255[+] Subdomain: cpanel.scottishrite-bg.org
256[-] IP: 87.120.40.42
257
258[+] Subdomain: mail.scottishrite-bg.org
259[-] IP: 87.120.40.42
260
261[+] Subdomain: webmail.scottishrite-bg.org
262[-] IP: 87.120.40.42
263
264[+] Subdomain: autodiscover.scottishrite-bg.org
265[-] IP: 87.120.40.42
266
267[+] Subdomain: www.scottishrite-bg.org
268[-] IP: 87.120.40.42
269######################################################################################################################################
270[+] Starting At 2019-11-25 03:01:43.884680
271[+] Collecting Information On: http://scottishrite-bg.org/
272[#] Status: 200
273--------------------------------------------------
274[#] Web Server Detected: Apache
275[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
276- Date: Mon, 25 Nov 2019 08:01:45 GMT
277- Server: Apache
278- Upgrade: h2,h2c
279- Connection: Upgrade, Keep-Alive
280- Last-Modified: Thu, 06 Dec 2007 13:46:26 GMT
281- ETag: "b0217ed-3df-4409e5b343080"
282- Accept-Ranges: bytes
283- Content-Length: 991
284- Keep-Alive: timeout=5, max=100
285- Content-Type: text/html
286--------------------------------------------------
287[#] Finding Location..!
288[#] status: success
289[#] country: Bulgaria
290[#] countryCode: BG
291[#] region: 22
292[#] regionName: Sofia-Capital
293[#] city: Sofia
294[#] zip: 1000
295[#] lat: 42.6731
296[#] lon: 23.3528
297[#] timezone: Europe/Sofia
298[#] isp: Netinfo BG
299[#] org:
300[#] as: AS201200 SuperHosting.BG Ltd.
301[#] query: 87.120.40.42
302--------------------------------------------------
303[x] Didn't Detect WAF Presence on: http://scottishrite-bg.org/
304--------------------------------------------------
305[#] Starting Reverse DNS
306[-] Failed ! Fail
307--------------------------------------------------
308[!] Scanning Open Port
309[#] 21/tcp open ftp
310[#] 26/tcp open rsftp
311[#] 53/tcp open domain
312[#] 80/tcp open http
313[#] 110/tcp open pop3
314[#] 143/tcp open imap
315[#] 443/tcp open https
316[#] 465/tcp open smtps
317[#] 587/tcp open submission
318[#] 993/tcp open imaps
319[#] 995/tcp open pop3s
320[#] 1022/tcp open exp2
321--------------------------------------------------
322[+] Collecting Information Disclosure!
323[#] Detecting sitemap.xml file
324[-] sitemap.xml file not Found!?
325[#] Detecting robots.txt file
326[!] robots.txt File Found: http://scottishrite-bg.org//robots.txt
327[#] Detecting GNU Mailman
328[!] GNU Mailman App Detected: http://scottishrite-bg.org//mailman/admin
329[!] version: 2.1.27
330--------------------------------------------------
331[+] Crawling Url Parameter On: http://scottishrite-bg.org/
332--------------------------------------------------
333[#] Searching Html Form !
334[-] No Html Form Found!?
335--------------------------------------------------
336[-] No DOM Paramter Found!?
337--------------------------------------------------
338[!] 2 Internal Dynamic Parameter Discovered
339[+] http://scottishrite-bg.org//index.php?lang=bg
340[+] http://scottishrite-bg.org//index.php?lang=en
341--------------------------------------------------
342[-] No external Dynamic Paramter Found!?
343--------------------------------------------------
344[-] No Internal Link Found!?
345--------------------------------------------------
346[-] No External Link Found!?
347--------------------------------------------------
348[#] Mapping Subdomain..
349[!] Found 6 Subdomain
350- webdisk.scottishrite-bg.org
351- cpanel.scottishrite-bg.org
352- mail.scottishrite-bg.org
353- webmail.scottishrite-bg.org
354- autodiscover.scottishrite-bg.org
355- www.scottishrite-bg.org
356--------------------------------------------------
357[!] Done At 2019-11-25 03:02:06.071223
358#####################################################################################################################################
359[INFO] ------TARGET info------
360[*] TARGET: http://scottishrite-bg.org/
361[*] TARGET IP: 87.120.40.42
362[INFO] NO load balancer detected for scottishrite-bg.org...
363[*] DNS servers: ns25.bgdns.net.
364[*] TARGET server: Apache
365[*] CC: BG
366[*] Country: Bulgaria
367[*] RegionCode: 22
368[*] RegionName: Sofia-Capital
369[*] City: Sofia
370[*] ASN: AS201200
371[*] BGP_PREFIX: 87.120.40.0/24
372[*] ISP: SUPERHOSTING_AS SuperHosting.BG Ltd., BG
373[INFO] DNS enumeration:
374[*] ad.scottishrite-bg.org 87.120.40.42
375[*] admin.scottishrite-bg.org 87.120.40.42
376[*] ads.scottishrite-bg.org 87.120.40.42
377[*] alpha.scottishrite-bg.org 87.120.40.42
378[*] api.scottishrite-bg.org 87.120.40.42
379[*] api-online.scottishrite-bg.org 87.120.40.42
380[*] apolo.scottishrite-bg.org 87.120.40.42
381[*] app.scottishrite-bg.org 87.120.40.42
382[*] beta.scottishrite-bg.org 87.120.40.42
383[*] bi.scottishrite-bg.org 87.120.40.42
384[*] blog.scottishrite-bg.org 87.120.40.42
385[*] cdn.scottishrite-bg.org 87.120.40.42
386[*] events.scottishrite-bg.org 87.120.40.42
387[*] ex.scottishrite-bg.org 87.120.40.42
388[*] files.scottishrite-bg.org 87.120.40.42
389[*] ftp.scottishrite-bg.org 87.120.40.42
390[*] gateway.scottishrite-bg.org 87.120.40.42
391[*] go.scottishrite-bg.org 87.120.40.42
392[*] help.scottishrite-bg.org 87.120.40.42
393[*] ib.scottishrite-bg.org 87.120.40.42
394[*] images.scottishrite-bg.org 87.120.40.42
395[*] internetbanking.scottishrite-bg.org 87.120.40.42
396[*] intranet.scottishrite-bg.org 87.120.40.42
397[*] jobs.scottishrite-bg.org 87.120.40.42
398[*] join.scottishrite-bg.org 87.120.40.42
399[*] live.scottishrite-bg.org 87.120.40.42
400[*] login.scottishrite-bg.org 87.120.40.42
401[*] m.scottishrite-bg.org 87.120.40.42
402[*] mail.scottishrite-bg.org 87.120.40.42
403[*] mail2.scottishrite-bg.org 87.120.40.42
404[*] mobile.scottishrite-bg.org 87.120.40.42
405[*] moodle.scottishrite-bg.org 87.120.40.42
406[*] mx.scottishrite-bg.org 87.120.40.42
407[*] mx2.scottishrite-bg.org 87.120.40.42
408[*] mx3.scottishrite-bg.org 87.120.40.42
409[*] my.scottishrite-bg.org 87.120.40.42
410[*] new.scottishrite-bg.org 87.120.40.42
411[*] news.scottishrite-bg.org 87.120.40.42
412[*] ns1.scottishrite-bg.org 87.120.40.42
413[*] ns2.scottishrite-bg.org 87.120.40.42
414[*] ns3.scottishrite-bg.org 87.120.40.42
415[*] oauth.scottishrite-bg.org 87.120.40.42
416[*] old.scottishrite-bg.org 87.120.40.42
417[*] one.scottishrite-bg.org 87.120.40.42
418[*] open.scottishrite-bg.org 87.120.40.42
419[*] out.scottishrite-bg.org 87.120.40.42
420[*] outlook.scottishrite-bg.org 87.120.40.42
421[*] portfolio.scottishrite-bg.org 87.120.40.42
422[*] raw.scottishrite-bg.org 87.120.40.42
423[*] repo.scottishrite-bg.org 87.120.40.42
424[*] router.scottishrite-bg.org 87.120.40.42
425[*] search.scottishrite-bg.org 87.120.40.42
426[*] siem.scottishrite-bg.org 87.120.40.42
427[*] slack.scottishrite-bg.org 87.120.40.42
428[*] slackbot.scottishrite-bg.org 87.120.40.42
429[*] snmp.scottishrite-bg.org 87.120.40.42
430[*] stream.scottishrite-bg.org 87.120.40.42
431[*] support.scottishrite-bg.org 87.120.40.42
432[*] syslog.scottishrite-bg.org 87.120.40.42
433[*] tags.scottishrite-bg.org 87.120.40.42
434[*] test.scottishrite-bg.org 87.120.40.42
435[*] upload.scottishrite-bg.org 87.120.40.42
436[*] video.scottishrite-bg.org 87.120.40.42
437[*] vpn.scottishrite-bg.org 87.120.40.42
438[*] webconf.scottishrite-bg.org 87.120.40.42
439[*] webmail.scottishrite-bg.org 87.120.40.42
440[*] webportal.scottishrite-bg.org 87.120.40.42
441[*] wiki.scottishrite-bg.org 87.120.40.42
442[*] www2.scottishrite-bg.org 87.120.40.42
443[*] www3.scottishrite-bg.org 87.120.40.42
444[*] zendesk.scottishrite-bg.org 87.120.40.42
445[INFO] Possible abuse mails are:
446[*] abuse@neterra.net
447[*] abuse@scottishrite-bg.org
448[INFO] NO PAC (Proxy Auto Configuration) file FOUND
449[ALERT] robots.txt file FOUND in http://scottishrite-bg.org/robots.txt
450[INFO] Checking for HTTP status codes recursively from http://scottishrite-bg.org/robots.txt
451[INFO] Status code Folders
452[*] 200 http://scottishrite-bg.org/cache/
453[*] 200 http://scottishrite-bg.org/components/
454[*] 200 http://scottishrite-bg.org/editor/
455[*] 200 http://scottishrite-bg.org/help/
456[*] 200 http://scottishrite-bg.org/images/
457[*] 200 http://scottishrite-bg.org/includes/
458[*] 200 http://scottishrite-bg.org/language/
459[*] 200 http://scottishrite-bg.org/mambots/
460[*] 200 http://scottishrite-bg.org/media/
461[*] 200 http://scottishrite-bg.org/modules/
462[*] 200 http://scottishrite-bg.org/templates/
463[INFO] Starting FUZZing in http://scottishrite-bg.org/FUzZzZzZzZz...
464[INFO] Status code Folders
465[*] 200 http://scottishrite-bg.org/images
466[ALERT] Look in the source code. It may contain passwords
467[INFO] Links found from http://scottishrite-bg.org/ http://87.120.40.42/:
468[*] http://87.120.40.42/cgi-sys/defaultwebpage.cgi
469[*] http://scottishrite-bg.org/index.php?lang=bg
470[*] http://scottishrite-bg.org/index.php?lang=en
471cut: intervalle de champ incorrecte
472Saisissez « cut --help » pour plus d'informations.
473[INFO] Shodan detected the following opened ports on 87.120.40.42:
474[*] 1
475[*] 110
476[*] 143
477[*] 25
478[*] 26
479[*] 4
480[*] 465
481[*] 53
482[*] 587
483[*] 993
484[*] 995
485[INFO] ------VirusTotal SECTION------
486[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
487[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
488[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
489[INFO] ------Alexa Rank SECTION------
490[INFO] Percent of Visitors Rank in Country:
491[INFO] Percent of Search Traffic:
492[INFO] Percent of Unique Visits:
493[INFO] Total Sites Linking In:
494[*] Total Sites
495[INFO] Useful links related to scottishrite-bg.org - 87.120.40.42:
496[*] https://www.virustotal.com/pt/ip-address/87.120.40.42/information/
497[*] https://www.hybrid-analysis.com/search?host=87.120.40.42
498[*] https://www.shodan.io/host/87.120.40.42
499[*] https://www.senderbase.org/lookup/?search_string=87.120.40.42
500[*] https://www.alienvault.com/open-threat-exchange/ip/87.120.40.42
501[*] http://pastebin.com/search?q=87.120.40.42
502[*] http://urlquery.net/search.php?q=87.120.40.42
503[*] http://www.alexa.com/siteinfo/scottishrite-bg.org
504[*] http://www.google.com/safebrowsing/diagnostic?site=scottishrite-bg.org
505[*] https://censys.io/ipv4/87.120.40.42
506[*] https://www.abuseipdb.com/check/87.120.40.42
507[*] https://urlscan.io/search/#87.120.40.42
508[*] https://github.com/search?q=87.120.40.42&type=Code
509[INFO] Useful links related to AS201200 - 87.120.40.0/24:
510[*] http://www.google.com/safebrowsing/diagnostic?site=AS:201200
511[*] https://www.senderbase.org/lookup/?search_string=87.120.40.0/24
512[*] http://bgp.he.net/AS201200
513[*] https://stat.ripe.net/AS201200
514[INFO] Date: 25/11/19 | Time: 03:02:47
515[INFO] Total time: 0 minute(s) and 59 second(s)
516######################################################################################################################################
517Trying "scottishrite-bg.org"
518Trying "scottishrite-bg.org"
519;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59878
520;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 2, ADDITIONAL: 0
521
522;; QUESTION SECTION:
523;scottishrite-bg.org. IN ANY
524
525;; ANSWER SECTION:
526scottishrite-bg.org. 5 IN MX 5 alt1.aspmx.l.google.com.
527scottishrite-bg.org. 5 IN MX 10 alt3.aspmx.l.google.com.
528scottishrite-bg.org. 5 IN MX 5 alt2.aspmx.l.google.com.
529scottishrite-bg.org. 5 IN MX 1 aspmx.l.google.com.
530scottishrite-bg.org. 5 IN MX 10 alt4.aspmx.l.google.com.
531scottishrite-bg.org. 5 IN TXT "v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg include:_spf.google.com ~all"
532scottishrite-bg.org. 5 IN TXT "v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg a a:mail7.host.bg a:m7.host.bg -all"
533scottishrite-bg.org. 5 IN A 87.120.40.42
534scottishrite-bg.org. 5 IN SOA ns25.bgdns.net. support.host.b. 2018092801 3600 1800 1209600 21600
535scottishrite-bg.org. 5 IN NS ns26.bgdns.net.
536scottishrite-bg.org. 5 IN NS ns25.bgdns.net.
537
538;; AUTHORITY SECTION:
539scottishrite-bg.org. 300 IN NS ns26.bgdns.net.
540scottishrite-bg.org. 300 IN NS ns25.bgdns.net.
541
542Received 547 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 49 ms
543#####################################################################################################################################
544
545; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace scottishrite-bg.org any
546;; global options: +cmd
547. 82793 IN NS i.root-servers.net.
548. 82793 IN NS g.root-servers.net.
549. 82793 IN NS h.root-servers.net.
550. 82793 IN NS m.root-servers.net.
551. 82793 IN NS d.root-servers.net.
552. 82793 IN NS l.root-servers.net.
553. 82793 IN NS c.root-servers.net.
554. 82793 IN NS b.root-servers.net.
555. 82793 IN NS k.root-servers.net.
556. 82793 IN NS e.root-servers.net.
557. 82793 IN NS f.root-servers.net.
558. 82793 IN NS j.root-servers.net.
559. 82793 IN NS a.root-servers.net.
560. 82793 IN RRSIG NS 8 0 518400 20191208050000 20191125040000 22545 . DES5nuyj3DGIteRe7CA3Qb+VnUrNG4ii2jkh6JbXQheBjpUcCVsDZcLx qpZP8Yuzx5DSQeNGy+pCZkJ9NWS1VUq1vRw7a4j/3/eQceItEbbuz0ub OU/LATveyZiCNif6zSpNk1J/+PjVjTXpmQtNSrUC1hzRPuqwaM1mq+jO TBHUCQ+d9lVbDvxiBY0BpqenDAvr+g6eocUpE+zkVd6Hi63uFa8EtqN4 GDZiHUKWfa4sNJfJ+K93smt0jmL2koK+fbGfe5LrFSEqRAqD622cYIwC lYrVAXCQk6GMoB2M6XhsEq8Rs7JF67wF34JgJIGpil1RiZBPHarEOHyD 1donaQ==
561;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 70 ms
562
563org. 172800 IN NS c0.org.afilias-nst.info.
564org. 172800 IN NS a2.org.afilias-nst.info.
565org. 172800 IN NS b0.org.afilias-nst.org.
566org. 172800 IN NS b2.org.afilias-nst.org.
567org. 172800 IN NS d0.org.afilias-nst.org.
568org. 172800 IN NS a0.org.afilias-nst.info.
569org. 86400 IN DS 9795 7 2 3922B31B6F3A4EA92B19EB7B52120F031FD8E05FF0B03BAFCF9F891B FE7FF8E5
570org. 86400 IN DS 9795 7 1 364DFAB3DAF254CAB477B5675B10766DDAA24982
571org. 86400 IN RRSIG DS 8 1 86400 20191208050000 20191125040000 22545 . Z0yYUCBQBkybjLHdNRZEhZsJDifDl6vygC36jAIIddl3TBtmzcFXdrsZ 1QxRTWmIASGApPNdiChu9caXYXIj+cdx5lrJDO6s7qMxCRkHop3qEFGH Ek+gGfQrUE6iu2TaLb4uFtHMrzKhDEdsA14BxWWS1+/qDTvSkldaiMBP 306T8tkddCUVkwvZwfA/qa1JR3C4LAImRM9cvsL5g9CDSJMgV+70qMXZ ydSyg8IsIkKwY/i6lyXu4ngEAKuHrikkVkqM1Ph/499KkPv/CgxQn4Qp 4pMX9/1LucdTwEXH2UXstajX1Q0WSSKWqKc9HQ+7x6X7fc0Dim4Yq9rz MeMSqQ==
572;; Received 821 bytes from 192.36.148.17#53(i.root-servers.net) in 168 ms
573
574scottishrite-bg.org. 86400 IN NS ns25.bgdns.net.
575scottishrite-bg.org. 86400 IN NS ns26.bgdns.net.
576h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN NSEC3 1 1 1 D399EAAB H9PARR669T6U8O1GSG9E1LMITK4DEM0T NS SOA RRSIG DNSKEY NSEC3PARAM
577h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN RRSIG NSEC3 7 2 86400 20191216080352 20191125070352 11324 org. LtN9l1VtWFUkFN19Gx76FvjO5AztNyXtHjrDYHTBot6EnKtSZjMMEyd5 eC5GgFLFQY5PqyZrLMzXqXCPZ5wUNoQ52WHAHgmshyW/hjrb8l4L64vD MOh+EhhOEjjNTrU12kn8lDphzt5A36aQR1W/h/PXtbhPfGMnh1bNKb9w QeQ=
578m15imponv7o2l8rfrbhalrmim3h496a4.org. 86400 IN NSEC3 1 1 1 D399EAAB M16A86CMBCEQ3K3DARSJNHH5ID2FQER6 NS DS RRSIG
579m15imponv7o2l8rfrbhalrmim3h496a4.org. 86400 IN RRSIG NSEC3 7 2 86400 20191210152956 20191119142956 11324 org. gqy3r/KtUfhosg0jmSKwYOibMqJt8RO9h7TfBkioGcoYFjhNYHJwBKMe BnjWSDqOLRBOhGBSKIVv7Kab9eqYmpOayis8BG6NwusW13T9jhGP2/+j 9v8bHRO5Vt6+t4rvwsj6PwqWDwjdkD+J2uqcBlx07RKM8+IxoXGRYHRE egQ=
580;; Received 588 bytes from 199.19.53.1#53(c0.org.afilias-nst.info) in 131 ms
581
582scottishrite-bg.org. 300 IN SOA ns25.bgdns.net. support.host.b. 2018092801 3600 1800 1209600 21600
583scottishrite-bg.org. 300 IN NS ns25.bgdns.net.
584scottishrite-bg.org. 300 IN NS ns26.bgdns.net.
585scottishrite-bg.org. 300 IN A 87.120.40.42
586scottishrite-bg.org. 300 IN TXT "v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg a a:mail7.host.bg a:m7.host.bg -all"
587scottishrite-bg.org. 300 IN TXT "v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg include:_spf.google.com ~all"
588scottishrite-bg.org. 3600 IN MX 5 alt2.aspmx.l.google.com.
589scottishrite-bg.org. 3600 IN MX 1 aspmx.l.google.com.
590scottishrite-bg.org. 3600 IN MX 5 alt1.aspmx.l.google.com.
591scottishrite-bg.org. 3600 IN MX 10 alt4.aspmx.l.google.com.
592scottishrite-bg.org. 3600 IN MX 10 alt3.aspmx.l.google.com.
593;; Received 638 bytes from 87.120.40.162#53(ns26.bgdns.net) in 175 ms
594
595#####################################################################################################################################
596[*] Performing General Enumeration of Domain: scottishrite-bg.org
597[!] Wildcard resolution is enabled on this domain
598[!] It is resolving to 87.120.40.42
599[!] All queries will resolve to this address!!
600[-] DNSSEC is not configured for scottishrite-bg.org
601[*] SOA ns25.bgdns.net 87.120.40.161
602[*] NS ns25.bgdns.net 87.120.40.161
603[*] Bind Version for 87.120.40.161 9.11.4-P2-RedHat-9.11.4-9.P2.el7
604[*] NS ns26.bgdns.net 87.120.40.162
605[*] Bind Version for 87.120.40.162 9.11.4-P2-RedHat-9.11.4-9.P2.el7
606[*] MX alt4.aspmx.l.google.com 172.217.218.26
607[*] MX aspmx.l.google.com 173.194.208.26
608[*] MX alt2.aspmx.l.google.com 209.85.202.26
609[*] MX alt1.aspmx.l.google.com 64.233.186.26
610[*] MX alt3.aspmx.l.google.com 64.233.184.26
611[*] MX alt4.aspmx.l.google.com 2a00:1450:4013:c08::1b
612[*] MX aspmx.l.google.com 2607:f8b0:400d:c0f::1b
613[*] MX alt2.aspmx.l.google.com 2a00:1450:400b:c00::1a
614[*] MX alt1.aspmx.l.google.com 2800:3f0:4003:c00::1b
615[*] MX alt3.aspmx.l.google.com 2a00:1450:400c:c0b::1a
616[*] A scottishrite-bg.org 87.120.40.42
617[*] TXT scottishrite-bg.org v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg a a:mail7.host.bg a:m7.host.bg -all
618[*] TXT scottishrite-bg.org v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg include:_spf.google.com ~all
619[*] TXT _domainkey.scottishrite-bg.org v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg a a:mail7.host.bg a:m7.host.bg -all
620[*] Enumerating SRV Records
621[-] No SRV Records Found for scottishrite-bg.org
622[+] 0 Records Found
623#####################################################################################################################################
624[*] Processing domain scottishrite-bg.org
625[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
626[+] Getting nameservers
62787.120.40.161 - ns25.bgdns.net
62887.120.40.162 - ns26.bgdns.net
629[-] Zone transfer failed
630
631[+] TXT records found
632"v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg a a:mail7.host.bg a:m7.host.bg -all"
633"v=spf1 include:server13.spf.superhosting.bg include:smtp-out.spf.superhosting.bg include:_spf.google.com ~all"
634
635[+] MX records found, added to target list
63610 alt4.aspmx.l.google.com.
6371 aspmx.l.google.com.
6385 alt2.aspmx.l.google.com.
6395 alt1.aspmx.l.google.com.
64010 alt3.aspmx.l.google.com.
641
642[+] Wildcard domain found - 87.120.40.42
643[*] Scanning scottishrite-bg.org for A records
644193.107.36.24 - autoconfig.scottishrite-bg.org
645######################################################################################################################################
646
647 AVAILABLE PLUGINS
648 -----------------
649
650 OpenSslCipherSuitesPlugin
651 EarlyDataPlugin
652 CertificateInfoPlugin
653 HeartbleedPlugin
654 RobotPlugin
655 OpenSslCcsInjectionPlugin
656 SessionRenegotiationPlugin
657 CompressionPlugin
658 HttpHeadersPlugin
659 SessionResumptionPlugin
660 FallbackScsvPlugin
661
662
663
664 CHECKING HOST(S) AVAILABILITY
665 -----------------------------
666
667 87.120.40.42:443 => 87.120.40.42
668
669
670
671
672 SCAN RESULTS FOR 87.120.40.42:443 - 87.120.40.42
673 ------------------------------------------------
674
675 * Downgrade Attacks:
676 TLS_FALLBACK_SCSV: OK - Supported
677
678 * Certificate Information:
679 Content
680 SHA1 Fingerprint: faaff46fee173575dbc6b930501ba669aa6af0a4
681 Common Name: you.are.not.supposed.to.be.here
682 Issuer: you.are.not.supposed.to.be.here
683 Serial Number: 15037907189539659406
684 Not Before: 2013-08-14 12:52:13
685 Not After: 2113-07-21 12:52:13
686 Signature Algorithm: sha1
687 Public Key Algorithm: RSA
688 Key Size: 2048
689 Exponent: 65537 (0x10001)
690 DNS Subject Alternative Names: []
691
692 Trust
693 Hostname Validation: FAILED - Certificate does NOT match 87.120.40.42
694 Android CA Store (9.0.0_r9): FAILED - Certificate is NOT Trusted: self signed certificate
695 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: self signed certificate
696 Java CA Store (jdk-12.0.1): FAILED - Certificate is NOT Trusted: self signed certificate
697 Mozilla CA Store (2019-03-14): FAILED - Certificate is NOT Trusted: self signed certificate
698 Windows CA Store (2019-05-27): FAILED - Certificate is NOT Trusted: self signed certificate
699 Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
700 Received Chain: you.are.not.supposed.to.be.here
701 Verified Chain: ERROR - Could not build verified chain (certificate untrusted?)
702 Received Chain Contains Anchor: ERROR - Could not build verified chain (certificate untrusted?)
703 Received Chain Order: OK - Order is valid
704 Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?)
705
706 Extensions
707 OCSP Must-Staple: NOT SUPPORTED - Extension not found
708 Certificate Transparency: NOT SUPPORTED - Extension not found
709
710 OCSP Stapling
711 NOT SUPPORTED - Server did not send back an OCSP response
712
713 * TLSV1_1 Cipher Suites:
714 Forward Secrecy OK - Supported
715 RC4 OK - Not Supported
716
717 Preferred:
718 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
719 Accepted:
720 TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
721 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
722 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
723 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
724 TLS_DHE_RSA_WITH_SEED_CBC_SHA 128 bits HTTP 200 OK
725 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
726 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
727 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
728 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
729 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
730
731 * OpenSSL Heartbleed:
732 OK - Not vulnerable to Heartbleed
733
734 * TLSV1_2 Cipher Suites:
735 Forward Secrecy OK - Supported
736 RC4 OK - Not Supported
737
738 Preferred:
739 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
740 Accepted:
741 TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
742 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
743 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
744 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
745 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
746 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
747 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
748 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
749 TLS_DHE_RSA_WITH_SEED_CBC_SHA 128 bits HTTP 200 OK
750 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
751 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
752 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
753 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
754 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
755 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
756 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
757 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
758 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
759 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
760
761 * SSLV3 Cipher Suites:
762 Server rejected all cipher suites.
763
764 * TLS 1.2 Session Resumption Support:
765 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
766 With TLS Tickets: OK - Supported
767
768 * OpenSSL CCS Injection:
769 OK - Not vulnerable to OpenSSL CCS injection
770
771 * SSLV2 Cipher Suites:
772 Server rejected all cipher suites.
773
774 * TLSV1 Cipher Suites:
775 Forward Secrecy OK - Supported
776 RC4 OK - Not Supported
777
778 Preferred:
779 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
780 Accepted:
781 TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
782 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
783 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
784 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
785 TLS_DHE_RSA_WITH_SEED_CBC_SHA 128 bits HTTP 200 OK
786 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
787 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
788 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
789 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
790 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
791
792 * Session Renegotiation:
793 Client-initiated Renegotiation: OK - Rejected
794 Secure Renegotiation: OK - Supported
795
796 * Deflate Compression:
797 OK - Compression disabled
798
799 * TLSV1_3 Cipher Suites:
800 Server rejected all cipher suites.
801
802 * ROBOT Attack:
803 OK - Not vulnerable
804
805
806 SCAN COMPLETED IN 35.41 S
807 -------------------------
808######################################################################################################################################
809Parsero scan report for scottishrite-bg.org
810http://scottishrite-bg.org/administrator/ 401 Unauthorized
811http://scottishrite-bg.org/templates/ 200 OK
812http://scottishrite-bg.org/mambots/ 200 OK
813http://scottishrite-bg.org/media/ 200 OK
814http://scottishrite-bg.org/images/ 200 OK
815http://scottishrite-bg.org/modules/ 200 OK
816http://scottishrite-bg.org/editor/ 200 OK
817http://scottishrite-bg.org/installation/ 404 Not Found
818http://scottishrite-bg.org/includes/ 200 OK
819http://scottishrite-bg.org/help/ 200 OK
820http://scottishrite-bg.org/components/ 200 OK
821http://scottishrite-bg.org/cache/ 200 OK
822http://scottishrite-bg.org/language/ 200 OK
823
824[+] 13 links have been analyzed and 11 of them are available!!!
825#####################################################################################################################################
826Domains still to check: 1
827 Checking if the hostname scottishrite-bg.org. given is in fact a domain...
828
829Analyzing domain: scottishrite-bg.org.
830 Checking NameServers using system default resolver...
831 IP: 87.120.40.161 (Bulgaria)
832 HostName: ns25.bgdns.net Type: NS
833 IP: 87.120.40.162 (Bulgaria)
834 HostName: ns26.bgdns.net Type: NS
835 HostName: server13.superhosting.bg Type: PTR
836
837 Checking MailServers using system default resolver...
838 IP: 172.217.218.26 (United States)
839 HostName: alt4.aspmx.l.google.com Type: MX
840 IP: 173.194.208.26 (United States)
841 HostName: aspmx.l.google.com Type: MX
842 HostName: ql-in-f26.1e100.net Type: PTR
843 IP: 209.85.202.26 (United States)
844 HostName: alt2.aspmx.l.google.com Type: MX
845 HostName: dg-in-f26.1e100.net Type: PTR
846 IP: 64.233.186.26 (United States)
847 HostName: alt1.aspmx.l.google.com Type: MX
848 HostName: cb-in-f26.1e100.net Type: PTR
849 IP: 64.233.184.26 (United States)
850 HostName: alt3.aspmx.l.google.com Type: MX
851 HostName: wa-in-f26.1e100.net Type: PTR
852 WARNING!! This domain has wildcards activated for hostnames resolution. We are checking "www" anyway, but perhaps it doesn't exists!
853
854 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
855 No zone transfer found on nameserver 87.120.40.161
856 No zone transfer found on nameserver 87.120.40.162
857
858 Checking SPF record...
859
860 Checking SPF record...
861
862 Checking SPF record...
863 New IP found: 91.196.127.1
864 New IP found: 91.196.127.200
865 New IP found: 91.196.127.170
866 New IP found: 91.196.126.120
867 New IP found: 91.196.126.199
868 New hostname found: mail7
869 New hostname found: m7
870
871 Checking SPF record...
872
873 Checking SPF record...
874
875 Checking SPF record...
876
877 Checking SPF record...
878 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 35.190.247.0/24, but only the network IP
879 New IP found: 35.190.247.0
880 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 64.233.160.0/19, but only the network IP
881 New IP found: 64.233.160.0
882 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 66.102.0.0/20, but only the network IP
883 New IP found: 66.102.0.0
884 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 66.249.80.0/20, but only the network IP
885 New IP found: 66.249.80.0
886 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 72.14.192.0/18, but only the network IP
887 New IP found: 72.14.192.0
888 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 74.125.0.0/16, but only the network IP
889 New IP found: 74.125.0.0
890 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 108.177.8.0/21, but only the network IP
891 New IP found: 108.177.8.0
892 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 173.194.0.0/16, but only the network IP
893 New IP found: 173.194.0.0
894 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 209.85.128.0/17, but only the network IP
895 New IP found: 209.85.128.0
896 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 216.58.192.0/19, but only the network IP
897 New IP found: 216.58.192.0
898 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 216.239.32.0/19, but only the network IP
899 New IP found: 216.239.32.0
900
901 Checking SPF record...
902 There are no IPv4 addresses in the SPF. Maybe IPv6.
903 There are no IPv4 addresses in the SPF. Maybe IPv6.
904 There are no IPv4 addresses in the SPF. Maybe IPv6.
905 There are no IPv4 addresses in the SPF. Maybe IPv6.
906 There are no IPv4 addresses in the SPF. Maybe IPv6.
907 There are no IPv4 addresses in the SPF. Maybe IPv6.
908
909 Checking SPF record...
910 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 172.217.0.0/19, but only the network IP
911 New IP found: 172.217.0.0
912 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 172.217.32.0/20, but only the network IP
913 New IP found: 172.217.32.0
914 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 172.217.128.0/19, but only the network IP
915 New IP found: 172.217.128.0
916 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 172.217.160.0/20, but only the network IP
917 New IP found: 172.217.160.0
918 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 172.217.192.0/19, but only the network IP
919 New IP found: 172.217.192.0
920 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 172.253.56.0/21, but only the network IP
921 New IP found: 172.253.56.0
922 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 172.253.112.0/20, but only the network IP
923 New IP found: 172.253.112.0
924 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 108.177.96.0/19, but only the network IP
925 New IP found: 108.177.96.0
926 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 35.191.0.0/16, but only the network IP
927 New IP found: 35.191.0.0
928 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 130.211.0.0/22, but only the network IP
929 New IP found: 130.211.0.0
930
931 Checking 3 most common hostnames using system default resolver...
932 IP: 87.120.40.42 (Bulgaria)
933 HostName: www.scottishrite-bg.org. Type: A
934 IP: 87.120.40.42 (Bulgaria)
935 HostName: www.scottishrite-bg.org. Type: A
936 HostName: mail7.scottishrite-bg.org. Type: A
937 HostName: server13.host.bg Type: PTR
938 IP: 87.120.40.42 (Bulgaria)
939 HostName: www.scottishrite-bg.org. Type: A
940 HostName: mail7.scottishrite-bg.org. Type: A
941 HostName: server13.host.bg Type: PTR
942 HostName: m7.scottishrite-bg.org. Type: A
943
944 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
945 Checking netblock 216.58.192.0
946 Checking netblock 172.253.112.0
947 Checking netblock 173.194.208.0
948 Checking netblock 172.217.32.0
949 Checking netblock 172.253.56.0
950 Checking netblock 91.196.127.0
951 Checking netblock 64.233.186.0
952 Checking netblock 87.120.40.0
953 Checking netblock 209.85.202.0
954 Checking netblock 172.217.192.0
955 Checking netblock 173.194.0.0
956 Checking netblock 74.125.0.0
957 Checking netblock 130.211.0.0
958 Checking netblock 172.217.128.0
959 Checking netblock 91.196.126.0
960 Checking netblock 216.239.32.0
961 Checking netblock 172.217.160.0
962 Checking netblock 66.102.0.0
963 Checking netblock 108.177.8.0
964 Checking netblock 209.85.128.0
965 Checking netblock 172.217.218.0
966 Checking netblock 172.217.0.0
967 Checking netblock 64.233.184.0
968 Checking netblock 35.190.247.0
969 Checking netblock 72.14.192.0
970 Checking netblock 66.249.80.0
971 Checking netblock 35.191.0.0
972 Checking netblock 108.177.96.0
973 Checking netblock 64.233.160.0
974
975 Searching for scottishrite-bg.org. emails in Google
976
977 Checking 34 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
978 Host 216.58.192.0 is up (reset ttl 64)
979 Host 172.253.112.0 is up (reset ttl 64)
980 Host 173.194.208.26 is up (reset ttl 64)
981 Host 172.217.32.0 is up (reset ttl 64)
982 Host 172.253.56.0 is up (reset ttl 64)
983 Host 91.196.127.1 is up (reset ttl 64)
984 Host 64.233.186.26 is up (reset ttl 64)
985 Host 87.120.40.161 is up (reset ttl 64)
986 Host 87.120.40.162 is up (reset ttl 64)
987 Host 209.85.202.26 is up (reset ttl 64)
988 Host 172.217.192.0 is up (reset ttl 64)
989 Host 173.194.0.0 is up (reset ttl 64)
990 Host 74.125.0.0 is up (reset ttl 64)
991 Host 130.211.0.0 is up (reset ttl 64)
992 Host 172.217.128.0 is up (reset ttl 64)
993 Host 91.196.126.120 is up (reset ttl 64)
994 Host 216.239.32.0 is up (reset ttl 64)
995 Host 172.217.160.0 is up (reset ttl 64)
996 Host 66.102.0.0 is up (reset ttl 64)
997 Host 108.177.8.0 is up (reset ttl 64)
998 Host 87.120.40.42 is up (reset ttl 64)
999 Host 209.85.128.0 is up (reset ttl 64)
1000 Host 172.217.218.26 is up (reset ttl 64)
1001 Host 172.217.0.0 is up (reset ttl 64)
1002 Host 91.196.127.170 is up (reset ttl 64)
1003 Host 91.196.127.200 is up (reset ttl 64)
1004 Host 64.233.184.26 is up (reset ttl 64)
1005 Host 91.196.126.199 is up (reset ttl 64)
1006 Host 35.190.247.0 is up (reset ttl 64)
1007 Host 72.14.192.0 is up (reset ttl 64)
1008 Host 66.249.80.0 is up (reset ttl 64)
1009 Host 35.191.0.0 is up (reset ttl 64)
1010 Host 108.177.96.0 is up (reset ttl 64)
1011 Host 64.233.160.0 is up (reset ttl 64)
1012
1013 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
1014 Scanning ip 216.58.192.0 ():
1015 80/tcp open http syn-ack ttl 104 gws
1016 | fingerprint-strings:
1017 | GetRequest:
1018 | HTTP/1.0 200 OK
1019 | Date: Mon, 25 Nov 2019 08:13:21 GMT
1020 | Expires: -1
1021 | Cache-Control: private, max-age=0
1022 | Content-Type: text/html; charset=ISO-8859-1
1023 | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1024 | Server: gws
1025 | X-XSS-Protection: 0
1026 | X-Frame-Options: SAMEORIGIN
1027 | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:13:21 GMT; path=/; domain=.google.com
1028 | Set-Cookie: NID=192=M5-J7gPAPmdo3YF_wu9guooRg3UyWnJW4ZfX8ys2pc7qv1I-euDtpCnuPibK5LHS1udYNvas_8_zaF4SOAe06af3lh8pZenTULy_jV8DDVVRUJGyR1waBepupzKHjqZZiJhjUf14yDmOP6_CVw-Fk4dxallUKRCHihp6l4hrf6c; expires=Tue, 26-May-2020 08:13:21 GMT; path=/; domain=.google.com; HttpOnly
1029 | Accept-Ranges: none
1030 | Vary: Accept-Encoding
1031 | <!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en-CA"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/goog
1032 | HTTPOptions:
1033 | HTTP/1.0 405 Method Not Allowed
1034 | Allow: GET, HEAD
1035 | Date: Mon, 25 Nov 2019 08:13:21 GMT
1036 | Content-Type: text/html; charset=UTF-8
1037 | Server: gws
1038 | Content-Length: 1592
1039 | X-XSS-Protection: 0
1040 | X-Frame-Options: SAMEORIGIN
1041 | <!DOCTYPE html>
1042 | <html lang=en>
1043 | <meta charset=utf-8>
1044 | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1045 | <title>Error 405 (Method Not Allowed)!!1</title>
1046 | <style>
1047 |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#l
1048 |_http-favicon: Google
1049 | http-methods:
1050 |_ Supported Methods: GET HEAD
1051 | http-robots.txt: 217 disallowed entries (15 shown)
1052 | /search /sdch /groups /index.html? /? /?hl=*&
1053 |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1054 |_http-server-header: gws
1055 |_http-title: Did not follow redirect to http://www.google.com/
1056 443/tcp open ssl/https syn-ack ttl 104 gws
1057 | fingerprint-strings:
1058 | GetRequest:
1059 | HTTP/1.0 200 OK
1060 | Date: Mon, 25 Nov 2019 08:13:27 GMT
1061 | Expires: -1
1062 | Cache-Control: private, max-age=0
1063 | Content-Type: text/html; charset=ISO-8859-1
1064 | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1065 | Server: gws
1066 | X-XSS-Protection: 0
1067 | X-Frame-Options: SAMEORIGIN
1068 | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:13:27 GMT; path=/; domain=.google.com
1069 | Set-Cookie: NID=192=gcB1qaBirXRDeFLApRJI2B9xaZhwa8t2rqDySeMaJX4eElAhsZ84YfY0kxWWf6tDaQtU4_fC19_Bvec4zdy89YE_rU2w6wq2AbALTffV_MC4Vsp4_yXTeX0up5qCikuxkpybb-gj1fo51S6TywZvyEDJom5BtPMOrTXnUfkpcTk; expires=Tue, 26-May-2020 08:13:27 GMT; path=/; domain=.google.com; HttpOnly
1070 | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1071 | Accept-Ranges: none
1072 | Vary: Accept-Encoding
1073 | <!doctype html><html ite
1074 | HTTPOptions:
1075 | HTTP/1.0 405 Method Not Allowed
1076 | Allow: GET, HEAD
1077 | Date: Mon, 25 Nov 2019 08:13:28 GMT
1078 | Content-Type: text/html; charset=UTF-8
1079 | Server: gws
1080 | Content-Length: 1592
1081 | X-XSS-Protection: 0
1082 | X-Frame-Options: SAMEORIGIN
1083 | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1084 | <!DOCTYPE html>
1085 | <html lang=en>
1086 | <meta charset=utf-8>
1087 | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1088 | <title>Error 405 (Method Not Allowed)!!1</title>
1089 | <style>
1090 |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11p
1091 |_http-favicon: Google
1092 | http-methods:
1093 |_ Supported Methods: GET HEAD
1094 | http-robots.txt: 217 disallowed entries (15 shown)
1095 | /search /sdch /groups /index.html? /? /?hl=*&
1096 |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1097 |_http-server-header: gws
1098 |_http-title: Did not follow redirect to http://www.google.com/
1099 | ssl-cert: Subject: commonName=invalid2.invalid
1100 | Issuer: commonName=invalid2.invalid
1101 | Public Key type: rsa
1102 | Public Key bits: 2048
1103 | Signature Algorithm: sha256WithRSAEncryption
1104 | Not valid before: 2015-01-01T00:00:00
1105 | Not valid after: 2030-01-01T00:00:00
1106 | MD5: 904a c8d5 445a d06a 8a10 ffcd 8b11 be16
1107 |_SHA-1: 4259 517c d4e4 8a28 9d33 2ab3 f0ab 52a3 6632 2824
1108 |_ssl-date: 2019-11-25T08:14:38+00:00; 0s from scanner time.
1109 | tls-alpn:
1110 | grpc-exp
1111 | h2
1112 |_ http/1.1
1113 | tls-nextprotoneg:
1114 | grpc-exp
1115 | h2
1116 |_ http/1.1
1117 Scanning ip 172.253.112.0 ():
1118 Scanning ip 173.194.208.26 (ql-in-f26.1e100.net (PTR)):
1119 Scanning ip 172.217.32.0 ():
1120 Scanning ip 172.253.56.0 ():
1121 Scanning ip 91.196.127.1 ():
1122 Scanning ip 64.233.186.26 (cb-in-f26.1e100.net (PTR)):
1123 Scanning ip 87.120.40.161 (ns25.bgdns.net):
1124 26/tcp open smtp syn-ack ttl 49 Exim smtpd 4.92
1125 | smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1126 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1127 | ssl-cert: Subject: commonName=*.superhosting.bg
1128 | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1129 | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1130 | Public Key type: rsa
1131 | Public Key bits: 4096
1132 | Signature Algorithm: sha256WithRSAEncryption
1133 | Not valid before: 2018-02-20T00:00:00
1134 | Not valid after: 2021-03-13T23:59:59
1135 | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1136 |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1137 |_ssl-date: TLS randomness does not represent time
1138 | vulners:
1139 | cpe:/a:exim:exim:4.92:
1140 | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1141 | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1142 |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1143 53/tcp open domain syn-ack ttl 49 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
1144 | dns-nsid:
1145 |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
1146 110/tcp open pop3 syn-ack ttl 49 Dovecot pop3d
1147 |_pop3-capabilities: RESP-CODES TOP AUTH-RESP-CODE CAPA UIDL SASL(PLAIN LOGIN) USER STLS PIPELINING
1148 |_ssl-date: TLS randomness does not represent time
1149 143/tcp open imap syn-ack ttl 49 Dovecot imapd
1150 |_imap-capabilities: post-login SORT UIDPLUS STARTTLS SPECIAL-USE SEARCHRES LOGIN-REFERRALS NAMESPACE CATENATE SORT=DISPLAY AUTH=LOGINA0001 IMAP4rev1 I18NLEVEL=1 MOVE Pre-login SASL-IR LIST-EXTENDED QUOTA capabilities COMPRESS=DEFLATE THREAD=ORDEREDSUBJECT ESORT OK have NOTIFY WITHIN ENABLE AUTH=PLAIN CONDSTORE CHILDREN listed LIST-STATUS UNSELECT CONTEXT=SEARCH ESEARCH THREAD=REFERENCES THREAD=REFS ID URL-PARTIAL IDLE MULTIAPPEND SNIPPET=FUZZY QRESYNC LITERAL+ more
1151 |_ssl-date: TLS randomness does not represent time
1152 465/tcp open ssl/smtp syn-ack ttl 49 Exim smtpd 4.92
1153 |_smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
1154 | ssl-cert: Subject: commonName=*.superhosting.bg
1155 | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1156 | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1157 | Public Key type: rsa
1158 | Public Key bits: 4096
1159 | Signature Algorithm: sha256WithRSAEncryption
1160 | Not valid before: 2018-02-20T00:00:00
1161 | Not valid after: 2021-03-13T23:59:59
1162 | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1163 |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1164 |_ssl-date: TLS randomness does not represent time
1165 | vulners:
1166 | cpe:/a:exim:exim:4.92:
1167 | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1168 | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1169 |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1170 587/tcp open smtp syn-ack ttl 49 Exim smtpd 4.92
1171 | smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1172 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1173 | ssl-cert: Subject: commonName=*.superhosting.bg
1174 | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1175 | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1176 | Public Key type: rsa
1177 | Public Key bits: 4096
1178 | Signature Algorithm: sha256WithRSAEncryption
1179 | Not valid before: 2018-02-20T00:00:00
1180 | Not valid after: 2021-03-13T23:59:59
1181 | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1182 |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1183 |_ssl-date: TLS randomness does not represent time
1184 | vulners:
1185 | cpe:/a:exim:exim:4.92:
1186 | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1187 | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1188 |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1189 993/tcp open ssl/imaps? syn-ack ttl 49
1190 |_ssl-date: TLS randomness does not represent time
1191 995/tcp open ssl/pop3s? syn-ack ttl 49
1192 |_ssl-date: TLS randomness does not represent time
1193 OS Info: Service Info: Host: server13.superhosting.bg; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1194 Scanning ip 87.120.40.162 (server13.superhosting.bg (PTR)):
1195 Scanning ip 209.85.202.26 (dg-in-f26.1e100.net (PTR)):
1196 Scanning ip 172.217.192.0 ():
1197 Scanning ip 173.194.0.0 ():
1198 Scanning ip 74.125.0.0 ():
1199 Scanning ip 130.211.0.0 ():
1200 Scanning ip 172.217.128.0 ():
1201 Scanning ip 91.196.126.120 ():
1202 Scanning ip 216.239.32.0 ():
1203 Scanning ip 172.217.160.0 ():
1204 80/tcp open http syn-ack ttl 118 gws
1205 | fingerprint-strings:
1206 | GetRequest:
1207 | HTTP/1.0 200 OK
1208 | Date: Mon, 25 Nov 2019 08:19:39 GMT
1209 | Expires: -1
1210 | Cache-Control: private, max-age=0
1211 | Content-Type: text/html; charset=ISO-8859-1
1212 | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1213 | Server: gws
1214 | X-XSS-Protection: 0
1215 | X-Frame-Options: SAMEORIGIN
1216 | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:19:39 GMT; path=/; domain=.google.com
1217 | Set-Cookie: NID=192=gikYRzOujXXfSvVRchea3FCySdGtzgnCrExOGSMC4Ll3QBbxZh7WZSsdi9b9uXnsHWOk-J79rXO2JFolb8bP_TzYLLeSWoiG4U0CnjcJdRwMgPG6QIZuvLIOymp8CqDsDUApBOoMyOjjgqjcUoysNAY13WI7TkW-8-e8LMgm8RY; expires=Tue, 26-May-2020 08:19:38 GMT; path=/; domain=.google.com; HttpOnly
1218 | Accept-Ranges: none
1219 | Vary: Accept-Encoding
1220 | <!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en-CA"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/goog
1221 | HTTPOptions:
1222 | HTTP/1.0 405 Method Not Allowed
1223 | Allow: GET, HEAD
1224 | Date: Mon, 25 Nov 2019 08:19:39 GMT
1225 | Content-Type: text/html; charset=UTF-8
1226 | Server: gws
1227 | Content-Length: 1592
1228 | X-XSS-Protection: 0
1229 | X-Frame-Options: SAMEORIGIN
1230 | <!DOCTYPE html>
1231 | <html lang=en>
1232 | <meta charset=utf-8>
1233 | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1234 | <title>Error 405 (Method Not Allowed)!!1</title>
1235 | <style>
1236 |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#l
1237 |_http-favicon: Google
1238 | http-methods:
1239 |_ Supported Methods: GET HEAD
1240 | http-robots.txt: 217 disallowed entries (15 shown)
1241 | /search /sdch /groups /index.html? /? /?hl=*&
1242 |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1243 |_http-server-header: gws
1244 |_http-title: Did not follow redirect to http://www.google.com/
1245 443/tcp open ssl/https syn-ack ttl 118 gws
1246 | fingerprint-strings:
1247 | GetRequest:
1248 | HTTP/1.0 200 OK
1249 | Date: Mon, 25 Nov 2019 08:19:45 GMT
1250 | Expires: -1
1251 | Cache-Control: private, max-age=0
1252 | Content-Type: text/html; charset=ISO-8859-1
1253 | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1254 | Server: gws
1255 | X-XSS-Protection: 0
1256 | X-Frame-Options: SAMEORIGIN
1257 | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:19:45 GMT; path=/; domain=.google.com
1258 | Set-Cookie: NID=192=ewGzsErmINhcDtGp6xnf3ZBp9I0mjAW_ihWtRHwoBMXJWfWgq4coriljnZyibxqUBzGUAhPv5q0XF0Z9LbKxF4e4YgS6bOqJ2pZfnDOust-wpKFfXP4rkLN2PESh1Gyt8z_AzKpKk1oP5lgwF3ZOjWQM_OE4YlzraMC6zkA80hY; expires=Tue, 26-May-2020 08:19:45 GMT; path=/; domain=.google.com; HttpOnly
1259 | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1260 | Accept-Ranges: none
1261 | Vary: Accept-Encoding
1262 | <!doctype html><html ite
1263 | HTTPOptions:
1264 | HTTP/1.0 405 Method Not Allowed
1265 | Allow: GET, HEAD
1266 | Date: Mon, 25 Nov 2019 08:19:47 GMT
1267 | Content-Type: text/html; charset=UTF-8
1268 | Server: gws
1269 | Content-Length: 1592
1270 | X-XSS-Protection: 0
1271 | X-Frame-Options: SAMEORIGIN
1272 | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1273 | <!DOCTYPE html>
1274 | <html lang=en>
1275 | <meta charset=utf-8>
1276 | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1277 | <title>Error 405 (Method Not Allowed)!!1</title>
1278 | <style>
1279 |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11p
1280 |_http-favicon: Google
1281 | http-methods:
1282 |_ Supported Methods: GET HEAD
1283 | http-robots.txt: 217 disallowed entries (15 shown)
1284 | /search /sdch /groups /index.html? /? /?hl=*&
1285 |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1286 |_http-server-header: gws
1287 |_http-title: Did not follow redirect to http://www.google.com/
1288 | ssl-cert: Subject: commonName=invalid2.invalid
1289 | Issuer: commonName=invalid2.invalid
1290 | Public Key type: rsa
1291 | Public Key bits: 2048
1292 | Signature Algorithm: sha256WithRSAEncryption
1293 | Not valid before: 2015-01-01T00:00:00
1294 | Not valid after: 2030-01-01T00:00:00
1295 | MD5: 904a c8d5 445a d06a 8a10 ffcd 8b11 be16
1296 |_SHA-1: 4259 517c d4e4 8a28 9d33 2ab3 f0ab 52a3 6632 2824
1297 |_ssl-date: 2019-11-25T08:21:25+00:00; 0s from scanner time.
1298 | tls-alpn:
1299 | grpc-exp
1300 | h2
1301 |_ http/1.1
1302 | tls-nextprotoneg:
1303 | grpc-exp
1304 | h2
1305 |_ http/1.1
1306 Scanning ip 66.102.0.0 ():
1307 Scanning ip 108.177.8.0 ():
1308 Scanning ip 87.120.40.42 (m7.scottishrite-bg.org.):
1309 26/tcp open smtp syn-ack ttl 49 Exim smtpd 4.92
1310 | smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1311 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1312 | ssl-cert: Subject: commonName=*.superhosting.bg
1313 | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1314 | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1315 | Public Key type: rsa
1316 | Public Key bits: 4096
1317 | Signature Algorithm: sha256WithRSAEncryption
1318 | Not valid before: 2018-02-20T00:00:00
1319 | Not valid after: 2021-03-13T23:59:59
1320 | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1321 |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1322 |_ssl-date: TLS randomness does not represent time
1323 | vulners:
1324 | cpe:/a:exim:exim:4.92:
1325 | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1326 | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1327 |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1328 53/tcp open domain syn-ack ttl 49 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
1329 | dns-nsid:
1330 |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
1331 110/tcp open pop3 syn-ack ttl 49 Dovecot pop3d
1332 |_pop3-capabilities: RESP-CODES CAPA USER STLS AUTH-RESP-CODE PIPELINING UIDL SASL(PLAIN LOGIN) TOP
1333 |_ssl-date: TLS randomness does not represent time
1334 143/tcp open imap syn-ack ttl 49 Dovecot imapd
1335 |_imap-capabilities: CONDSTORE SNIPPET=FUZZY CHILDREN listed Pre-login IDLE CATENATE ID THREAD=REFERENCES QUOTA URL-PARTIAL LIST-EXTENDED post-login have LOGIN-REFERRALS THREAD=ORDEREDSUBJECT more SEARCHRES QRESYNC capabilities WITHIN OK ENABLE ESORT AUTH=LOGINA0001 AUTH=PLAIN STARTTLS UIDPLUS SPECIAL-USE SORT NOTIFY LITERAL+ COMPRESS=DEFLATE UNSELECT I18NLEVEL=1 SORT=DISPLAY THREAD=REFS MOVE LIST-STATUS NAMESPACE CONTEXT=SEARCH MULTIAPPEND ESEARCH SASL-IR IMAP4rev1
1336 |_ssl-date: TLS randomness does not represent time
1337 465/tcp open ssl/smtp syn-ack ttl 49 Exim smtpd 4.92
1338 |_smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
1339 | ssl-cert: Subject: commonName=*.superhosting.bg
1340 | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1341 | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1342 | Public Key type: rsa
1343 | Public Key bits: 4096
1344 | Signature Algorithm: sha256WithRSAEncryption
1345 | Not valid before: 2018-02-20T00:00:00
1346 | Not valid after: 2021-03-13T23:59:59
1347 | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1348 |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1349 |_ssl-date: TLS randomness does not represent time
1350 | vulners:
1351 | cpe:/a:exim:exim:4.92:
1352 | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1353 | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1354 |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1355 587/tcp open smtp syn-ack ttl 49 Exim smtpd 4.92
1356 | smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1357 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1358 | ssl-cert: Subject: commonName=*.superhosting.bg
1359 | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1360 | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1361 | Public Key type: rsa
1362 | Public Key bits: 4096
1363 | Signature Algorithm: sha256WithRSAEncryption
1364 | Not valid before: 2018-02-20T00:00:00
1365 | Not valid after: 2021-03-13T23:59:59
1366 | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1367 |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1368 |_ssl-date: TLS randomness does not represent time
1369 | vulners:
1370 | cpe:/a:exim:exim:4.92:
1371 | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1372 | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1373 |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1374 993/tcp open ssl/imaps? syn-ack ttl 49
1375 |_ssl-date: TLS randomness does not represent time
1376 995/tcp open ssl/pop3s? syn-ack ttl 49
1377 |_ssl-date: TLS randomness does not represent time
1378 OS Info: Service Info: Host: server13.superhosting.bg; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1379 Scanning ip 209.85.128.0 ():
1380 Scanning ip 172.217.218.26 (alt4.aspmx.l.google.com):
1381 Scanning ip 172.217.0.0 ():
1382 80/tcp open http syn-ack ttl 120 gws
1383 | fingerprint-strings:
1384 | GetRequest:
1385 | HTTP/1.0 200 OK
1386 | Date: Mon, 25 Nov 2019 08:24:59 GMT
1387 | Expires: -1
1388 | Cache-Control: private, max-age=0
1389 | Content-Type: text/html; charset=ISO-8859-1
1390 | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1391 | Server: gws
1392 | X-XSS-Protection: 0
1393 | X-Frame-Options: SAMEORIGIN
1394 | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:24:59 GMT; path=/; domain=.google.com
1395 | Set-Cookie: NID=192=vRqPMkuZYeFaS8E2pVgF8oXoF8pN9X1O7j0IDvvQ-DlFjPnXQwfUlJWGEdqYAQkXtMmUH0k0M-xg_2xPPw2fsmRAhMoa6XKcK9LHqXO5_Jmx4Pp_1mM0INsGkXBubz4Sz-pjMFFQAus2gM1CS7QxAZm7dRbc1R4ETeUputu45q4; expires=Tue, 26-May-2020 08:24:59 GMT; path=/; domain=.google.com; HttpOnly
1396 | Accept-Ranges: none
1397 | Vary: Accept-Encoding
1398 | <!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en-CA"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/goog
1399 | HTTPOptions:
1400 | HTTP/1.0 405 Method Not Allowed
1401 | Allow: GET, HEAD
1402 | Date: Mon, 25 Nov 2019 08:24:59 GMT
1403 | Content-Type: text/html; charset=UTF-8
1404 | Server: gws
1405 | Content-Length: 1592
1406 | X-XSS-Protection: 0
1407 | X-Frame-Options: SAMEORIGIN
1408 | <!DOCTYPE html>
1409 | <html lang=en>
1410 | <meta charset=utf-8>
1411 | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1412 | <title>Error 405 (Method Not Allowed)!!1</title>
1413 | <style>
1414 |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#l
1415 |_http-favicon: Google
1416 | http-methods:
1417 |_ Supported Methods: GET HEAD
1418 | http-robots.txt: 217 disallowed entries (15 shown)
1419 | /search /sdch /groups /index.html? /? /?hl=*&
1420 |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1421 |_http-server-header: gws
1422 |_http-title: Did not follow redirect to http://www.google.com/
1423 443/tcp open ssl/https syn-ack ttl 120 gws
1424 | fingerprint-strings:
1425 | GetRequest:
1426 | HTTP/1.0 200 OK
1427 | Date: Mon, 25 Nov 2019 08:25:05 GMT
1428 | Expires: -1
1429 | Cache-Control: private, max-age=0
1430 | Content-Type: text/html; charset=ISO-8859-1
1431 | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1432 | Server: gws
1433 | X-XSS-Protection: 0
1434 | X-Frame-Options: SAMEORIGIN
1435 | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:25:05 GMT; path=/; domain=.google.com
1436 | Set-Cookie: NID=192=EeEYydek9KhGXQ_VskJYlBJy4cvir2EwJRfm2a4JncOoXEwkUG9yJE3FrlmJaBDklbshGWjYjt2avUq0w1xlo_h-7yjvgoiITaBThOPzwNIgKPTrbsBNYV4g0viYBOhiW7M_wxbUccdRdVG40u3CfpsGJJG_cdfzD-dCvTtOvN4; expires=Tue, 26-May-2020 08:25:05 GMT; path=/; domain=.google.com; HttpOnly
1437 | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1438 | Accept-Ranges: none
1439 | Vary: Accept-Encoding
1440 | <!doctype html><html ite
1441 | HTTPOptions:
1442 | HTTP/1.0 405 Method Not Allowed
1443 | Allow: GET, HEAD
1444 | Date: Mon, 25 Nov 2019 08:25:06 GMT
1445 | Content-Type: text/html; charset=UTF-8
1446 | Server: gws
1447 | Content-Length: 1592
1448 | X-XSS-Protection: 0
1449 | X-Frame-Options: SAMEORIGIN
1450 | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1451 | <!DOCTYPE html>
1452 | <html lang=en>
1453 | <meta charset=utf-8>
1454 | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1455 | <title>Error 405 (Method Not Allowed)!!1</title>
1456 | <style>
1457 |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11p
1458 |_http-favicon: Google
1459 | http-methods:
1460 |_ Supported Methods: GET HEAD
1461 | http-robots.txt: 217 disallowed entries (15 shown)
1462 | /search /sdch /groups /index.html? /? /?hl=*&
1463 |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1464 |_http-server-header: gws
1465 |_http-title: Did not follow redirect to http://www.google.com/
1466 | ssl-cert: Subject: commonName=invalid2.invalid
1467 | Issuer: commonName=invalid2.invalid
1468 | Public Key type: rsa
1469 | Public Key bits: 2048
1470 | Signature Algorithm: sha256WithRSAEncryption
1471 | Not valid before: 2015-01-01T00:00:00
1472 | Not valid after: 2030-01-01T00:00:00
1473 | MD5: 904a c8d5 445a d06a 8a10 ffcd 8b11 be16
1474 |_SHA-1: 4259 517c d4e4 8a28 9d33 2ab3 f0ab 52a3 6632 2824
1475 |_ssl-date: 2019-11-25T08:26:19+00:00; 0s from scanner time.
1476 | tls-alpn:
1477 | grpc-exp
1478 | h2
1479 |_ http/1.1
1480 | tls-nextprotoneg:
1481 | grpc-exp
1482 | h2
1483 |_ http/1.1
1484 Scanning ip 91.196.127.170 ():
1485 Scanning ip 91.196.127.200 ():
1486 Scanning ip 64.233.184.26 (wa-in-f26.1e100.net (PTR)):
1487 Scanning ip 91.196.126.199 ():
1488 Scanning ip 35.190.247.0 ():
1489 Scanning ip 72.14.192.0 ():
1490 80/tcp open http syn-ack ttl 105 Google httpd
1491 | http-methods:
1492 |_ Supported Methods: GET HEAD POST OPTIONS
1493 |_http-server-header: ghs
1494 |_http-title: Error 404 (Not Found)!!1
1495 443/tcp open ssl/https? syn-ack ttl 104
1496 465/tcp open ssl/smtp syn-ack ttl 99 Google gsmtp
1497 |_smtp-commands: mx.google.com at your service, [176.113.74.67], SIZE 35882577, 8BITMIME, AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH, ENHANCEDSTATUSCODES, PIPELINING, CHUNKING, SMTPUTF8,
1498 | ssl-cert: Subject: commonName=smtp.gmail.com/organizationName=Google LLC/stateOrProvinceName=California/countryName=US
1499 | Subject Alternative Name: DNS:smtp.gmail.com
1500 | Issuer: commonName=GTS CA 1O1/organizationName=Google Trust Services/countryName=US
1501 | Public Key type: rsa
1502 | Public Key bits: 2048
1503 | Signature Algorithm: sha256WithRSAEncryption
1504 | Not valid before: 2019-02-26T17:03:31
1505 | Not valid after: 2020-02-21T17:03:31
1506 | MD5: a3ed 0cab 9ab5 109e 5421 aa2f 3cdf 3483
1507 |_SHA-1: 5f7e f238 fa22 d061 3bda 1b5c c014 681e 8037 ca2f
1508 |_ssl-date: 2019-11-25T08:28:48+00:00; 0s from scanner time.
1509 587/tcp open smtp syn-ack ttl 104 Google gsmtp
1510 | smtp-commands: mx.google.com at your service, [176.113.74.67], SIZE 35882577, 8BITMIME, STARTTLS, ENHANCEDSTATUSCODES, PIPELINING, CHUNKING, SMTPUTF8,
1511 |_ 2.0.0 https://www.google.com/search?btnI&q=RFC+5321 b54sm3548811qta.38 - gsmtp
1512 | ssl-cert: Subject: commonName=smtp.gmail.com/organizationName=Google LLC/stateOrProvinceName=California/countryName=US
1513 | Subject Alternative Name: DNS:smtp.gmail.com
1514 | Issuer: commonName=GTS CA 1O1/organizationName=Google Trust Services/countryName=US
1515 | Public Key type: rsa
1516 | Public Key bits: 2048
1517 | Signature Algorithm: sha256WithRSAEncryption
1518 | Not valid before: 2019-02-26T17:03:31
1519 | Not valid after: 2020-02-21T17:03:31
1520 | MD5: a3ed 0cab 9ab5 109e 5421 aa2f 3cdf 3483
1521 |_SHA-1: 5f7e f238 fa22 d061 3bda 1b5c c014 681e 8037 ca2f
1522 |_ssl-date: 2019-11-25T08:28:48+00:00; 0s from scanner time.
1523 993/tcp open ssl/imap syn-ack ttl 103 Google Gmail imapd (f132mb39660820qke)
1524 |_imap-capabilities: CAPABILITY
1525 | ssl-cert: Subject: commonName=ghs-ssl.googlehosted.com/organizationName=Google Inc/stateOrProvinceName=California/countryName=US
1526 | Subject Alternative Name: DNS:ghs-ssl.googlehosted.com
1527 | Issuer: commonName=Google Internet Authority G2/organizationName=Google Inc/countryName=US
1528 | Public Key type: rsa
1529 | Public Key bits: 2048
1530 | Signature Algorithm: sha256WithRSAEncryption
1531 | Not valid before: 2015-11-27T08:49:40
1532 | Not valid after: 2016-11-26T00:00:00
1533 | MD5: fe82 6dc4 7414 1ec6 186e 2a96 928b e8f9
1534 |_SHA-1: 12ca fdcc 0f42 c1cf e45f 4d5e bd10 503a c109 650e
1535 |_ssl-date: 2019-11-25T08:28:48+00:00; 0s from scanner time.
1536 995/tcp open ssl/pop3 syn-ack ttl 104 Google Gmail pop3d (f132mb39660827qke)
1537 | ssl-cert: Subject: commonName=ghs-ssl.googlehosted.com/organizationName=Google Inc/stateOrProvinceName=California/countryName=US
1538 | Subject Alternative Name: DNS:ghs-ssl.googlehosted.com
1539 | Issuer: commonName=Google Internet Authority G2/organizationName=Google Inc/countryName=US
1540 | Public Key type: rsa
1541 | Public Key bits: 2048
1542 | Signature Algorithm: sha256WithRSAEncryption
1543 | Not valid before: 2015-11-27T08:49:40
1544 | Not valid after: 2016-11-26T00:00:00
1545 | MD5: fe82 6dc4 7414 1ec6 186e 2a96 928b e8f9
1546 |_SHA-1: 12ca fdcc 0f42 c1cf e45f 4d5e bd10 503a c109 650e
1547 |_ssl-date: 2019-11-25T08:28:48+00:00; 0s from scanner time.
1548 Device type: broadband router|WAP|general purpose|printer
1549 OS Info: Service Info: Host: mx.google.com
1550 Scanning ip 66.249.80.0 ():
1551 Scanning ip 35.191.0.0 ():
1552 Scanning ip 108.177.96.0 ():
1553 Scanning ip 64.233.160.0 ():
1554 WebCrawling domain's web servers... up to 50 max links.
1555--Finished--
1556Summary information for domain scottishrite-bg.org.
1557-----------------------------------------
1558
1559 Domain Ips Information:
1560 IP: 216.58.192.0
1561 Type: SPF
1562 Is Active: True (reset ttl 64)
1563 Port: 80/tcp open http syn-ack ttl 104 gws
1564 Script Info: | fingerprint-strings:
1565 Script Info: | GetRequest:
1566 Script Info: | HTTP/1.0 200 OK
1567 Script Info: | Date: Mon, 25 Nov 2019 08:13:21 GMT
1568 Script Info: | Expires: -1
1569 Script Info: | Cache-Control: private, max-age=0
1570 Script Info: | Content-Type: text/html; charset=ISO-8859-1
1571 Script Info: | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1572 Script Info: | Server: gws
1573 Script Info: | X-XSS-Protection: 0
1574 Script Info: | X-Frame-Options: SAMEORIGIN
1575 Script Info: | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:13:21 GMT; path=/; domain=.google.com
1576 Script Info: | Set-Cookie: NID=192=M5-J7gPAPmdo3YF_wu9guooRg3UyWnJW4ZfX8ys2pc7qv1I-euDtpCnuPibK5LHS1udYNvas_8_zaF4SOAe06af3lh8pZenTULy_jV8DDVVRUJGyR1waBepupzKHjqZZiJhjUf14yDmOP6_CVw-Fk4dxallUKRCHihp6l4hrf6c; expires=Tue, 26-May-2020 08:13:21 GMT; path=/; domain=.google.com; HttpOnly
1577 Script Info: | Accept-Ranges: none
1578 Script Info: | Vary: Accept-Encoding
1579 Script Info: | <!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en-CA"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/goog
1580 Script Info: | HTTPOptions:
1581 Script Info: | HTTP/1.0 405 Method Not Allowed
1582 Script Info: | Allow: GET, HEAD
1583 Script Info: | Date: Mon, 25 Nov 2019 08:13:21 GMT
1584 Script Info: | Content-Type: text/html; charset=UTF-8
1585 Script Info: | Server: gws
1586 Script Info: | Content-Length: 1592
1587 Script Info: | X-XSS-Protection: 0
1588 Script Info: | X-Frame-Options: SAMEORIGIN
1589 Script Info: | <!DOCTYPE html>
1590 Script Info: | <html lang=en>
1591 Script Info: | <meta charset=utf-8>
1592 Script Info: | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1593 Script Info: | <title>Error 405 (Method Not Allowed)!!1</title>
1594 Script Info: | <style>
1595 Script Info: |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#l
1596 Script Info: |_http-favicon: Google
1597 Script Info: | http-methods:
1598 Script Info: |_ Supported Methods: GET HEAD
1599 Script Info: | http-robots.txt: 217 disallowed entries (15 shown)
1600 Script Info: | /search /sdch /groups /index.html? /? /?hl=*&
1601 Script Info: |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1602 Script Info: |_http-server-header: gws
1603 Script Info: |_http-title: Did not follow redirect to http://www.google.com/
1604 Port: 443/tcp open ssl/https syn-ack ttl 104 gws
1605 Script Info: | fingerprint-strings:
1606 Script Info: | GetRequest:
1607 Script Info: | HTTP/1.0 200 OK
1608 Script Info: | Date: Mon, 25 Nov 2019 08:13:27 GMT
1609 Script Info: | Expires: -1
1610 Script Info: | Cache-Control: private, max-age=0
1611 Script Info: | Content-Type: text/html; charset=ISO-8859-1
1612 Script Info: | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1613 Script Info: | Server: gws
1614 Script Info: | X-XSS-Protection: 0
1615 Script Info: | X-Frame-Options: SAMEORIGIN
1616 Script Info: | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:13:27 GMT; path=/; domain=.google.com
1617 Script Info: | Set-Cookie: NID=192=gcB1qaBirXRDeFLApRJI2B9xaZhwa8t2rqDySeMaJX4eElAhsZ84YfY0kxWWf6tDaQtU4_fC19_Bvec4zdy89YE_rU2w6wq2AbALTffV_MC4Vsp4_yXTeX0up5qCikuxkpybb-gj1fo51S6TywZvyEDJom5BtPMOrTXnUfkpcTk; expires=Tue, 26-May-2020 08:13:27 GMT; path=/; domain=.google.com; HttpOnly
1618 Script Info: | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1619 Script Info: | Accept-Ranges: none
1620 Script Info: | Vary: Accept-Encoding
1621 Script Info: | <!doctype html><html ite
1622 Script Info: | HTTPOptions:
1623 Script Info: | HTTP/1.0 405 Method Not Allowed
1624 Script Info: | Allow: GET, HEAD
1625 Script Info: | Date: Mon, 25 Nov 2019 08:13:28 GMT
1626 Script Info: | Content-Type: text/html; charset=UTF-8
1627 Script Info: | Server: gws
1628 Script Info: | Content-Length: 1592
1629 Script Info: | X-XSS-Protection: 0
1630 Script Info: | X-Frame-Options: SAMEORIGIN
1631 Script Info: | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1632 Script Info: | <!DOCTYPE html>
1633 Script Info: | <html lang=en>
1634 Script Info: | <meta charset=utf-8>
1635 Script Info: | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1636 Script Info: | <title>Error 405 (Method Not Allowed)!!1</title>
1637 Script Info: | <style>
1638 Script Info: |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11p
1639 Script Info: |_http-favicon: Google
1640 Script Info: | http-methods:
1641 Script Info: |_ Supported Methods: GET HEAD
1642 Script Info: | http-robots.txt: 217 disallowed entries (15 shown)
1643 Script Info: | /search /sdch /groups /index.html? /? /?hl=*&
1644 Script Info: |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1645 Script Info: |_http-server-header: gws
1646 Script Info: |_http-title: Did not follow redirect to http://www.google.com/
1647 Script Info: | ssl-cert: Subject: commonName=invalid2.invalid
1648 Script Info: | Issuer: commonName=invalid2.invalid
1649 Script Info: | Public Key type: rsa
1650 Script Info: | Public Key bits: 2048
1651 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1652 Script Info: | Not valid before: 2015-01-01T00:00:00
1653 Script Info: | Not valid after: 2030-01-01T00:00:00
1654 Script Info: | MD5: 904a c8d5 445a d06a 8a10 ffcd 8b11 be16
1655 Script Info: |_SHA-1: 4259 517c d4e4 8a28 9d33 2ab3 f0ab 52a3 6632 2824
1656 Script Info: |_ssl-date: 2019-11-25T08:14:38+00:00; 0s from scanner time.
1657 Script Info: | tls-alpn:
1658 Script Info: | grpc-exp
1659 Script Info: | h2
1660 Script Info: |_ http/1.1
1661 Script Info: | tls-nextprotoneg:
1662 Script Info: | grpc-exp
1663 Script Info: | h2
1664 Script Info: |_ http/1.1
1665 IP: 172.253.112.0
1666 Type: SPF
1667 Is Active: True (reset ttl 64)
1668 IP: 173.194.208.26
1669 HostName: aspmx.l.google.com Type: MX
1670 HostName: ql-in-f26.1e100.net Type: PTR
1671 Country: United States
1672 Is Active: True (reset ttl 64)
1673 IP: 172.217.32.0
1674 Type: SPF
1675 Is Active: True (reset ttl 64)
1676 IP: 172.253.56.0
1677 Type: SPF
1678 Is Active: True (reset ttl 64)
1679 IP: 91.196.127.1
1680 Type: SPF
1681 Type: SPF
1682 Is Active: True (reset ttl 64)
1683 IP: 64.233.186.26
1684 HostName: alt1.aspmx.l.google.com Type: MX
1685 HostName: cb-in-f26.1e100.net Type: PTR
1686 Country: United States
1687 Is Active: True (reset ttl 64)
1688 IP: 87.120.40.161
1689 HostName: ns25.bgdns.net Type: NS
1690 Country: Bulgaria
1691 Is Active: True (reset ttl 64)
1692 Port: 26/tcp open smtp syn-ack ttl 49 Exim smtpd 4.92
1693 Script Info: | smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1694 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1695 Script Info: | ssl-cert: Subject: commonName=*.superhosting.bg
1696 Script Info: | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1697 Script Info: | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1698 Script Info: | Public Key type: rsa
1699 Script Info: | Public Key bits: 4096
1700 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1701 Script Info: | Not valid before: 2018-02-20T00:00:00
1702 Script Info: | Not valid after: 2021-03-13T23:59:59
1703 Script Info: | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1704 Script Info: |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1705 Script Info: |_ssl-date: TLS randomness does not represent time
1706 Script Info: | vulners:
1707 Script Info: | cpe:/a:exim:exim:4.92:
1708 Script Info: | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1709 Script Info: | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1710 Script Info: |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1711 Port: 53/tcp open domain syn-ack ttl 49 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
1712 Script Info: | dns-nsid:
1713 Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
1714 Port: 110/tcp open pop3 syn-ack ttl 49 Dovecot pop3d
1715 Script Info: |_pop3-capabilities: RESP-CODES TOP AUTH-RESP-CODE CAPA UIDL SASL(PLAIN LOGIN) USER STLS PIPELINING
1716 Script Info: |_ssl-date: TLS randomness does not represent time
1717 Port: 143/tcp open imap syn-ack ttl 49 Dovecot imapd
1718 Script Info: |_imap-capabilities: post-login SORT UIDPLUS STARTTLS SPECIAL-USE SEARCHRES LOGIN-REFERRALS NAMESPACE CATENATE SORT=DISPLAY AUTH=LOGINA0001 IMAP4rev1 I18NLEVEL=1 MOVE Pre-login SASL-IR LIST-EXTENDED QUOTA capabilities COMPRESS=DEFLATE THREAD=ORDEREDSUBJECT ESORT OK have NOTIFY WITHIN ENABLE AUTH=PLAIN CONDSTORE CHILDREN listed LIST-STATUS UNSELECT CONTEXT=SEARCH ESEARCH THREAD=REFERENCES THREAD=REFS ID URL-PARTIAL IDLE MULTIAPPEND SNIPPET=FUZZY QRESYNC LITERAL+ more
1719 Script Info: |_ssl-date: TLS randomness does not represent time
1720 Port: 465/tcp open ssl/smtp syn-ack ttl 49 Exim smtpd 4.92
1721 Script Info: |_smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
1722 Script Info: | ssl-cert: Subject: commonName=*.superhosting.bg
1723 Script Info: | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1724 Script Info: | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1725 Script Info: | Public Key type: rsa
1726 Script Info: | Public Key bits: 4096
1727 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1728 Script Info: | Not valid before: 2018-02-20T00:00:00
1729 Script Info: | Not valid after: 2021-03-13T23:59:59
1730 Script Info: | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1731 Script Info: |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1732 Script Info: |_ssl-date: TLS randomness does not represent time
1733 Script Info: | vulners:
1734 Script Info: | cpe:/a:exim:exim:4.92:
1735 Script Info: | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1736 Script Info: | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1737 Script Info: |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1738 Port: 587/tcp open smtp syn-ack ttl 49 Exim smtpd 4.92
1739 Script Info: | smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1740 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1741 Script Info: | ssl-cert: Subject: commonName=*.superhosting.bg
1742 Script Info: | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1743 Script Info: | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1744 Script Info: | Public Key type: rsa
1745 Script Info: | Public Key bits: 4096
1746 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1747 Script Info: | Not valid before: 2018-02-20T00:00:00
1748 Script Info: | Not valid after: 2021-03-13T23:59:59
1749 Script Info: | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1750 Script Info: |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1751 Script Info: |_ssl-date: TLS randomness does not represent time
1752 Script Info: | vulners:
1753 Script Info: | cpe:/a:exim:exim:4.92:
1754 Script Info: | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1755 Script Info: | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1756 Script Info: |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1757 Port: 993/tcp open ssl/imaps? syn-ack ttl 49
1758 Script Info: |_ssl-date: TLS randomness does not represent time
1759 Port: 995/tcp open ssl/pop3s? syn-ack ttl 49
1760 Script Info: |_ssl-date: TLS randomness does not represent time
1761 Os Info: Host: server13.superhosting.bg; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1762 IP: 87.120.40.162
1763 HostName: ns26.bgdns.net Type: NS
1764 HostName: server13.superhosting.bg Type: PTR
1765 Type: SPF
1766 Type: SPF
1767 Country: Bulgaria
1768 Is Active: True (reset ttl 64)
1769 IP: 209.85.202.26
1770 HostName: alt2.aspmx.l.google.com Type: MX
1771 HostName: dg-in-f26.1e100.net Type: PTR
1772 Country: United States
1773 Is Active: True (reset ttl 64)
1774 IP: 172.217.192.0
1775 Type: SPF
1776 Is Active: True (reset ttl 64)
1777 IP: 173.194.0.0
1778 Type: SPF
1779 Is Active: True (reset ttl 64)
1780 IP: 74.125.0.0
1781 Type: SPF
1782 Is Active: True (reset ttl 64)
1783 IP: 130.211.0.0
1784 Type: SPF
1785 Is Active: True (reset ttl 64)
1786 IP: 172.217.128.0
1787 Type: SPF
1788 Is Active: True (reset ttl 64)
1789 IP: 91.196.126.120
1790 Type: SPF
1791 Type: SPF
1792 Is Active: True (reset ttl 64)
1793 IP: 216.239.32.0
1794 Type: SPF
1795 Is Active: True (reset ttl 64)
1796 IP: 172.217.160.0
1797 Type: SPF
1798 Is Active: True (reset ttl 64)
1799 Port: 80/tcp open http syn-ack ttl 118 gws
1800 Script Info: | fingerprint-strings:
1801 Script Info: | GetRequest:
1802 Script Info: | HTTP/1.0 200 OK
1803 Script Info: | Date: Mon, 25 Nov 2019 08:19:39 GMT
1804 Script Info: | Expires: -1
1805 Script Info: | Cache-Control: private, max-age=0
1806 Script Info: | Content-Type: text/html; charset=ISO-8859-1
1807 Script Info: | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1808 Script Info: | Server: gws
1809 Script Info: | X-XSS-Protection: 0
1810 Script Info: | X-Frame-Options: SAMEORIGIN
1811 Script Info: | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:19:39 GMT; path=/; domain=.google.com
1812 Script Info: | Set-Cookie: NID=192=gikYRzOujXXfSvVRchea3FCySdGtzgnCrExOGSMC4Ll3QBbxZh7WZSsdi9b9uXnsHWOk-J79rXO2JFolb8bP_TzYLLeSWoiG4U0CnjcJdRwMgPG6QIZuvLIOymp8CqDsDUApBOoMyOjjgqjcUoysNAY13WI7TkW-8-e8LMgm8RY; expires=Tue, 26-May-2020 08:19:38 GMT; path=/; domain=.google.com; HttpOnly
1813 Script Info: | Accept-Ranges: none
1814 Script Info: | Vary: Accept-Encoding
1815 Script Info: | <!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en-CA"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/goog
1816 Script Info: | HTTPOptions:
1817 Script Info: | HTTP/1.0 405 Method Not Allowed
1818 Script Info: | Allow: GET, HEAD
1819 Script Info: | Date: Mon, 25 Nov 2019 08:19:39 GMT
1820 Script Info: | Content-Type: text/html; charset=UTF-8
1821 Script Info: | Server: gws
1822 Script Info: | Content-Length: 1592
1823 Script Info: | X-XSS-Protection: 0
1824 Script Info: | X-Frame-Options: SAMEORIGIN
1825 Script Info: | <!DOCTYPE html>
1826 Script Info: | <html lang=en>
1827 Script Info: | <meta charset=utf-8>
1828 Script Info: | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1829 Script Info: | <title>Error 405 (Method Not Allowed)!!1</title>
1830 Script Info: | <style>
1831 Script Info: |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#l
1832 Script Info: |_http-favicon: Google
1833 Script Info: | http-methods:
1834 Script Info: |_ Supported Methods: GET HEAD
1835 Script Info: | http-robots.txt: 217 disallowed entries (15 shown)
1836 Script Info: | /search /sdch /groups /index.html? /? /?hl=*&
1837 Script Info: |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1838 Script Info: |_http-server-header: gws
1839 Script Info: |_http-title: Did not follow redirect to http://www.google.com/
1840 Port: 443/tcp open ssl/https syn-ack ttl 118 gws
1841 Script Info: | fingerprint-strings:
1842 Script Info: | GetRequest:
1843 Script Info: | HTTP/1.0 200 OK
1844 Script Info: | Date: Mon, 25 Nov 2019 08:19:45 GMT
1845 Script Info: | Expires: -1
1846 Script Info: | Cache-Control: private, max-age=0
1847 Script Info: | Content-Type: text/html; charset=ISO-8859-1
1848 Script Info: | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
1849 Script Info: | Server: gws
1850 Script Info: | X-XSS-Protection: 0
1851 Script Info: | X-Frame-Options: SAMEORIGIN
1852 Script Info: | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:19:45 GMT; path=/; domain=.google.com
1853 Script Info: | Set-Cookie: NID=192=ewGzsErmINhcDtGp6xnf3ZBp9I0mjAW_ihWtRHwoBMXJWfWgq4coriljnZyibxqUBzGUAhPv5q0XF0Z9LbKxF4e4YgS6bOqJ2pZfnDOust-wpKFfXP4rkLN2PESh1Gyt8z_AzKpKk1oP5lgwF3ZOjWQM_OE4YlzraMC6zkA80hY; expires=Tue, 26-May-2020 08:19:45 GMT; path=/; domain=.google.com; HttpOnly
1854 Script Info: | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1855 Script Info: | Accept-Ranges: none
1856 Script Info: | Vary: Accept-Encoding
1857 Script Info: | <!doctype html><html ite
1858 Script Info: | HTTPOptions:
1859 Script Info: | HTTP/1.0 405 Method Not Allowed
1860 Script Info: | Allow: GET, HEAD
1861 Script Info: | Date: Mon, 25 Nov 2019 08:19:47 GMT
1862 Script Info: | Content-Type: text/html; charset=UTF-8
1863 Script Info: | Server: gws
1864 Script Info: | Content-Length: 1592
1865 Script Info: | X-XSS-Protection: 0
1866 Script Info: | X-Frame-Options: SAMEORIGIN
1867 Script Info: | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1868 Script Info: | <!DOCTYPE html>
1869 Script Info: | <html lang=en>
1870 Script Info: | <meta charset=utf-8>
1871 Script Info: | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
1872 Script Info: | <title>Error 405 (Method Not Allowed)!!1</title>
1873 Script Info: | <style>
1874 Script Info: |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11p
1875 Script Info: |_http-favicon: Google
1876 Script Info: | http-methods:
1877 Script Info: |_ Supported Methods: GET HEAD
1878 Script Info: | http-robots.txt: 217 disallowed entries (15 shown)
1879 Script Info: | /search /sdch /groups /index.html? /? /?hl=*&
1880 Script Info: |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
1881 Script Info: |_http-server-header: gws
1882 Script Info: |_http-title: Did not follow redirect to http://www.google.com/
1883 Script Info: | ssl-cert: Subject: commonName=invalid2.invalid
1884 Script Info: | Issuer: commonName=invalid2.invalid
1885 Script Info: | Public Key type: rsa
1886 Script Info: | Public Key bits: 2048
1887 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1888 Script Info: | Not valid before: 2015-01-01T00:00:00
1889 Script Info: | Not valid after: 2030-01-01T00:00:00
1890 Script Info: | MD5: 904a c8d5 445a d06a 8a10 ffcd 8b11 be16
1891 Script Info: |_SHA-1: 4259 517c d4e4 8a28 9d33 2ab3 f0ab 52a3 6632 2824
1892 Script Info: |_ssl-date: 2019-11-25T08:21:25+00:00; 0s from scanner time.
1893 Script Info: | tls-alpn:
1894 Script Info: | grpc-exp
1895 Script Info: | h2
1896 Script Info: |_ http/1.1
1897 Script Info: | tls-nextprotoneg:
1898 Script Info: | grpc-exp
1899 Script Info: | h2
1900 Script Info: |_ http/1.1
1901 IP: 66.102.0.0
1902 Type: SPF
1903 Is Active: True (reset ttl 64)
1904 IP: 108.177.8.0
1905 Type: SPF
1906 Is Active: True (reset ttl 64)
1907 IP: 87.120.40.42
1908 HostName: www.scottishrite-bg.org. Type: A
1909 HostName: mail7.scottishrite-bg.org. Type: A
1910 HostName: server13.host.bg Type: PTR
1911 HostName: m7.scottishrite-bg.org. Type: A
1912 Country: Bulgaria
1913 Is Active: True (reset ttl 64)
1914 Port: 26/tcp open smtp syn-ack ttl 49 Exim smtpd 4.92
1915 Script Info: | smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1916 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1917 Script Info: | ssl-cert: Subject: commonName=*.superhosting.bg
1918 Script Info: | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1919 Script Info: | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1920 Script Info: | Public Key type: rsa
1921 Script Info: | Public Key bits: 4096
1922 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1923 Script Info: | Not valid before: 2018-02-20T00:00:00
1924 Script Info: | Not valid after: 2021-03-13T23:59:59
1925 Script Info: | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1926 Script Info: |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1927 Script Info: |_ssl-date: TLS randomness does not represent time
1928 Script Info: | vulners:
1929 Script Info: | cpe:/a:exim:exim:4.92:
1930 Script Info: | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1931 Script Info: | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1932 Script Info: |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1933 Port: 53/tcp open domain syn-ack ttl 49 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
1934 Script Info: | dns-nsid:
1935 Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
1936 Port: 110/tcp open pop3 syn-ack ttl 49 Dovecot pop3d
1937 Script Info: |_pop3-capabilities: RESP-CODES CAPA USER STLS AUTH-RESP-CODE PIPELINING UIDL SASL(PLAIN LOGIN) TOP
1938 Script Info: |_ssl-date: TLS randomness does not represent time
1939 Port: 143/tcp open imap syn-ack ttl 49 Dovecot imapd
1940 Script Info: |_imap-capabilities: CONDSTORE SNIPPET=FUZZY CHILDREN listed Pre-login IDLE CATENATE ID THREAD=REFERENCES QUOTA URL-PARTIAL LIST-EXTENDED post-login have LOGIN-REFERRALS THREAD=ORDEREDSUBJECT more SEARCHRES QRESYNC capabilities WITHIN OK ENABLE ESORT AUTH=LOGINA0001 AUTH=PLAIN STARTTLS UIDPLUS SPECIAL-USE SORT NOTIFY LITERAL+ COMPRESS=DEFLATE UNSELECT I18NLEVEL=1 SORT=DISPLAY THREAD=REFS MOVE LIST-STATUS NAMESPACE CONTEXT=SEARCH MULTIAPPEND ESEARCH SASL-IR IMAP4rev1
1941 Script Info: |_ssl-date: TLS randomness does not represent time
1942 Port: 465/tcp open ssl/smtp syn-ack ttl 49 Exim smtpd 4.92
1943 Script Info: |_smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
1944 Script Info: | ssl-cert: Subject: commonName=*.superhosting.bg
1945 Script Info: | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1946 Script Info: | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1947 Script Info: | Public Key type: rsa
1948 Script Info: | Public Key bits: 4096
1949 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1950 Script Info: | Not valid before: 2018-02-20T00:00:00
1951 Script Info: | Not valid after: 2021-03-13T23:59:59
1952 Script Info: | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1953 Script Info: |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1954 Script Info: |_ssl-date: TLS randomness does not represent time
1955 Script Info: | vulners:
1956 Script Info: | cpe:/a:exim:exim:4.92:
1957 Script Info: | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1958 Script Info: | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1959 Script Info: |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1960 Port: 587/tcp open smtp syn-ack ttl 49 Exim smtpd 4.92
1961 Script Info: | smtp-commands: server13.superhosting.bg Hello nmap.scanme.org [176.113.74.67], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1962 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1963 Script Info: | ssl-cert: Subject: commonName=*.superhosting.bg
1964 Script Info: | Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
1965 Script Info: | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1966 Script Info: | Public Key type: rsa
1967 Script Info: | Public Key bits: 4096
1968 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1969 Script Info: | Not valid before: 2018-02-20T00:00:00
1970 Script Info: | Not valid after: 2021-03-13T23:59:59
1971 Script Info: | MD5: 845f 18f4 0741 3373 b3fc 3346 519a f82e
1972 Script Info: |_SHA-1: 78b5 baa8 4c59 55b5 f58e 77ef e329 d25a 22d1 a623
1973 Script Info: |_ssl-date: TLS randomness does not represent time
1974 Script Info: | vulners:
1975 Script Info: | cpe:/a:exim:exim:4.92:
1976 Script Info: | CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1977 Script Info: | CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1978 Script Info: |_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
1979 Port: 993/tcp open ssl/imaps? syn-ack ttl 49
1980 Script Info: |_ssl-date: TLS randomness does not represent time
1981 Port: 995/tcp open ssl/pop3s? syn-ack ttl 49
1982 Script Info: |_ssl-date: TLS randomness does not represent time
1983 Os Info: Host: server13.superhosting.bg; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1984 IP: 209.85.128.0
1985 Type: SPF
1986 Is Active: True (reset ttl 64)
1987 IP: 172.217.218.26
1988 HostName: alt4.aspmx.l.google.com Type: MX
1989 Country: United States
1990 Is Active: True (reset ttl 64)
1991 IP: 172.217.0.0
1992 Type: SPF
1993 Is Active: True (reset ttl 64)
1994 Port: 80/tcp open http syn-ack ttl 120 gws
1995 Script Info: | fingerprint-strings:
1996 Script Info: | GetRequest:
1997 Script Info: | HTTP/1.0 200 OK
1998 Script Info: | Date: Mon, 25 Nov 2019 08:24:59 GMT
1999 Script Info: | Expires: -1
2000 Script Info: | Cache-Control: private, max-age=0
2001 Script Info: | Content-Type: text/html; charset=ISO-8859-1
2002 Script Info: | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
2003 Script Info: | Server: gws
2004 Script Info: | X-XSS-Protection: 0
2005 Script Info: | X-Frame-Options: SAMEORIGIN
2006 Script Info: | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:24:59 GMT; path=/; domain=.google.com
2007 Script Info: | Set-Cookie: NID=192=vRqPMkuZYeFaS8E2pVgF8oXoF8pN9X1O7j0IDvvQ-DlFjPnXQwfUlJWGEdqYAQkXtMmUH0k0M-xg_2xPPw2fsmRAhMoa6XKcK9LHqXO5_Jmx4Pp_1mM0INsGkXBubz4Sz-pjMFFQAus2gM1CS7QxAZm7dRbc1R4ETeUputu45q4; expires=Tue, 26-May-2020 08:24:59 GMT; path=/; domain=.google.com; HttpOnly
2008 Script Info: | Accept-Ranges: none
2009 Script Info: | Vary: Accept-Encoding
2010 Script Info: | <!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en-CA"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/goog
2011 Script Info: | HTTPOptions:
2012 Script Info: | HTTP/1.0 405 Method Not Allowed
2013 Script Info: | Allow: GET, HEAD
2014 Script Info: | Date: Mon, 25 Nov 2019 08:24:59 GMT
2015 Script Info: | Content-Type: text/html; charset=UTF-8
2016 Script Info: | Server: gws
2017 Script Info: | Content-Length: 1592
2018 Script Info: | X-XSS-Protection: 0
2019 Script Info: | X-Frame-Options: SAMEORIGIN
2020 Script Info: | <!DOCTYPE html>
2021 Script Info: | <html lang=en>
2022 Script Info: | <meta charset=utf-8>
2023 Script Info: | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
2024 Script Info: | <title>Error 405 (Method Not Allowed)!!1</title>
2025 Script Info: | <style>
2026 Script Info: |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#l
2027 Script Info: |_http-favicon: Google
2028 Script Info: | http-methods:
2029 Script Info: |_ Supported Methods: GET HEAD
2030 Script Info: | http-robots.txt: 217 disallowed entries (15 shown)
2031 Script Info: | /search /sdch /groups /index.html? /? /?hl=*&
2032 Script Info: |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
2033 Script Info: |_http-server-header: gws
2034 Script Info: |_http-title: Did not follow redirect to http://www.google.com/
2035 Port: 443/tcp open ssl/https syn-ack ttl 120 gws
2036 Script Info: | fingerprint-strings:
2037 Script Info: | GetRequest:
2038 Script Info: | HTTP/1.0 200 OK
2039 Script Info: | Date: Mon, 25 Nov 2019 08:25:05 GMT
2040 Script Info: | Expires: -1
2041 Script Info: | Cache-Control: private, max-age=0
2042 Script Info: | Content-Type: text/html; charset=ISO-8859-1
2043 Script Info: | P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
2044 Script Info: | Server: gws
2045 Script Info: | X-XSS-Protection: 0
2046 Script Info: | X-Frame-Options: SAMEORIGIN
2047 Script Info: | Set-Cookie: 1P_JAR=2019-11-25-08; expires=Wed, 25-Dec-2019 08:25:05 GMT; path=/; domain=.google.com
2048 Script Info: | Set-Cookie: NID=192=EeEYydek9KhGXQ_VskJYlBJy4cvir2EwJRfm2a4JncOoXEwkUG9yJE3FrlmJaBDklbshGWjYjt2avUq0w1xlo_h-7yjvgoiITaBThOPzwNIgKPTrbsBNYV4g0viYBOhiW7M_wxbUccdRdVG40u3CfpsGJJG_cdfzD-dCvTtOvN4; expires=Tue, 26-May-2020 08:25:05 GMT; path=/; domain=.google.com; HttpOnly
2049 Script Info: | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
2050 Script Info: | Accept-Ranges: none
2051 Script Info: | Vary: Accept-Encoding
2052 Script Info: | <!doctype html><html ite
2053 Script Info: | HTTPOptions:
2054 Script Info: | HTTP/1.0 405 Method Not Allowed
2055 Script Info: | Allow: GET, HEAD
2056 Script Info: | Date: Mon, 25 Nov 2019 08:25:06 GMT
2057 Script Info: | Content-Type: text/html; charset=UTF-8
2058 Script Info: | Server: gws
2059 Script Info: | Content-Length: 1592
2060 Script Info: | X-XSS-Protection: 0
2061 Script Info: | X-Frame-Options: SAMEORIGIN
2062 Script Info: | Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
2063 Script Info: | <!DOCTYPE html>
2064 Script Info: | <html lang=en>
2065 Script Info: | <meta charset=utf-8>
2066 Script Info: | <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
2067 Script Info: | <title>Error 405 (Method Not Allowed)!!1</title>
2068 Script Info: | <style>
2069 Script Info: |_ *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11p
2070 Script Info: |_http-favicon: Google
2071 Script Info: | http-methods:
2072 Script Info: |_ Supported Methods: GET HEAD
2073 Script Info: | http-robots.txt: 217 disallowed entries (15 shown)
2074 Script Info: | /search /sdch /groups /index.html? /? /?hl=*&
2075 Script Info: |_/?hl=*&*&gws_rd=ssl /imgres /u/ /preferences /setprefs /default /m? /m/ /wml?
2076 Script Info: |_http-server-header: gws
2077 Script Info: |_http-title: Did not follow redirect to http://www.google.com/
2078 Script Info: | ssl-cert: Subject: commonName=invalid2.invalid
2079 Script Info: | Issuer: commonName=invalid2.invalid
2080 Script Info: | Public Key type: rsa
2081 Script Info: | Public Key bits: 2048
2082 Script Info: | Signature Algorithm: sha256WithRSAEncryption
2083 Script Info: | Not valid before: 2015-01-01T00:00:00
2084 Script Info: | Not valid after: 2030-01-01T00:00:00
2085 Script Info: | MD5: 904a c8d5 445a d06a 8a10 ffcd 8b11 be16
2086 Script Info: |_SHA-1: 4259 517c d4e4 8a28 9d33 2ab3 f0ab 52a3 6632 2824
2087 Script Info: |_ssl-date: 2019-11-25T08:26:19+00:00; 0s from scanner time.
2088 Script Info: | tls-alpn:
2089 Script Info: | grpc-exp
2090 Script Info: | h2
2091 Script Info: |_ http/1.1
2092 Script Info: | tls-nextprotoneg:
2093 Script Info: | grpc-exp
2094 Script Info: | h2
2095 Script Info: |_ http/1.1
2096 IP: 91.196.127.170
2097 Type: SPF
2098 Type: SPF
2099 Is Active: True (reset ttl 64)
2100 IP: 91.196.127.200
2101 Type: SPF
2102 Type: SPF
2103 Is Active: True (reset ttl 64)
2104 IP: 64.233.184.26
2105 HostName: alt3.aspmx.l.google.com Type: MX
2106 HostName: wa-in-f26.1e100.net Type: PTR
2107 Country: United States
2108 Is Active: True (reset ttl 64)
2109 IP: 91.196.126.199
2110 Type: SPF
2111 Type: SPF
2112 Is Active: True (reset ttl 64)
2113 IP: 35.190.247.0
2114 Type: SPF
2115 Is Active: True (reset ttl 64)
2116 IP: 72.14.192.0
2117 Type: SPF
2118 Is Active: True (reset ttl 64)
2119 Port: 80/tcp open http syn-ack ttl 105 Google httpd
2120 Script Info: | http-methods:
2121 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
2122 Script Info: |_http-server-header: ghs
2123 Script Info: |_http-title: Error 404 (Not Found)!!1
2124 Port: 443/tcp open ssl/https? syn-ack ttl 104
2125 Port: 465/tcp open ssl/smtp syn-ack ttl 99 Google gsmtp
2126 Script Info: |_smtp-commands: mx.google.com at your service, [176.113.74.67], SIZE 35882577, 8BITMIME, AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH, ENHANCEDSTATUSCODES, PIPELINING, CHUNKING, SMTPUTF8,
2127 Script Info: | ssl-cert: Subject: commonName=smtp.gmail.com/organizationName=Google LLC/stateOrProvinceName=California/countryName=US
2128 Script Info: | Subject Alternative Name: DNS:smtp.gmail.com
2129 Script Info: | Issuer: commonName=GTS CA 1O1/organizationName=Google Trust Services/countryName=US
2130 Script Info: | Public Key type: rsa
2131 Script Info: | Public Key bits: 2048
2132 Script Info: | Signature Algorithm: sha256WithRSAEncryption
2133 Script Info: | Not valid before: 2019-02-26T17:03:31
2134 Script Info: | Not valid after: 2020-02-21T17:03:31
2135 Script Info: | MD5: a3ed 0cab 9ab5 109e 5421 aa2f 3cdf 3483
2136 Script Info: |_SHA-1: 5f7e f238 fa22 d061 3bda 1b5c c014 681e 8037 ca2f
2137 Script Info: |_ssl-date: 2019-11-25T08:28:48+00:00; 0s from scanner time.
2138 Port: 587/tcp open smtp syn-ack ttl 104 Google gsmtp
2139 Script Info: | smtp-commands: mx.google.com at your service, [176.113.74.67], SIZE 35882577, 8BITMIME, STARTTLS, ENHANCEDSTATUSCODES, PIPELINING, CHUNKING, SMTPUTF8,
2140 Script Info: |_ 2.0.0 https://www.google.com/search?btnI&q=RFC+5321 b54sm3548811qta.38 - gsmtp
2141 Script Info: | ssl-cert: Subject: commonName=smtp.gmail.com/organizationName=Google LLC/stateOrProvinceName=California/countryName=US
2142 Script Info: | Subject Alternative Name: DNS:smtp.gmail.com
2143 Script Info: | Issuer: commonName=GTS CA 1O1/organizationName=Google Trust Services/countryName=US
2144 Script Info: | Public Key type: rsa
2145 Script Info: | Public Key bits: 2048
2146 Script Info: | Signature Algorithm: sha256WithRSAEncryption
2147 Script Info: | Not valid before: 2019-02-26T17:03:31
2148 Script Info: | Not valid after: 2020-02-21T17:03:31
2149 Script Info: | MD5: a3ed 0cab 9ab5 109e 5421 aa2f 3cdf 3483
2150 Script Info: |_SHA-1: 5f7e f238 fa22 d061 3bda 1b5c c014 681e 8037 ca2f
2151 Script Info: |_ssl-date: 2019-11-25T08:28:48+00:00; 0s from scanner time.
2152 Port: 993/tcp open ssl/imap syn-ack ttl 103 Google Gmail imapd (f132mb39660820qke)
2153 Script Info: |_imap-capabilities: CAPABILITY
2154 Script Info: | ssl-cert: Subject: commonName=ghs-ssl.googlehosted.com/organizationName=Google Inc/stateOrProvinceName=California/countryName=US
2155 Script Info: | Subject Alternative Name: DNS:ghs-ssl.googlehosted.com
2156 Script Info: | Issuer: commonName=Google Internet Authority G2/organizationName=Google Inc/countryName=US
2157 Script Info: | Public Key type: rsa
2158 Script Info: | Public Key bits: 2048
2159 Script Info: | Signature Algorithm: sha256WithRSAEncryption
2160 Script Info: | Not valid before: 2015-11-27T08:49:40
2161 Script Info: | Not valid after: 2016-11-26T00:00:00
2162 Script Info: | MD5: fe82 6dc4 7414 1ec6 186e 2a96 928b e8f9
2163 Script Info: |_SHA-1: 12ca fdcc 0f42 c1cf e45f 4d5e bd10 503a c109 650e
2164 Script Info: |_ssl-date: 2019-11-25T08:28:48+00:00; 0s from scanner time.
2165 Port: 995/tcp open ssl/pop3 syn-ack ttl 104 Google Gmail pop3d (f132mb39660827qke)
2166 Script Info: | ssl-cert: Subject: commonName=ghs-ssl.googlehosted.com/organizationName=Google Inc/stateOrProvinceName=California/countryName=US
2167 Script Info: | Subject Alternative Name: DNS:ghs-ssl.googlehosted.com
2168 Script Info: | Issuer: commonName=Google Internet Authority G2/organizationName=Google Inc/countryName=US
2169 Script Info: | Public Key type: rsa
2170 Script Info: | Public Key bits: 2048
2171 Script Info: | Signature Algorithm: sha256WithRSAEncryption
2172 Script Info: | Not valid before: 2015-11-27T08:49:40
2173 Script Info: | Not valid after: 2016-11-26T00:00:00
2174 Script Info: | MD5: fe82 6dc4 7414 1ec6 186e 2a96 928b e8f9
2175 Script Info: |_SHA-1: 12ca fdcc 0f42 c1cf e45f 4d5e bd10 503a c109 650e
2176 Script Info: |_ssl-date: 2019-11-25T08:28:48+00:00; 0s from scanner time.
2177 Script Info: Device type: broadband router|WAP|general purpose|printer
2178 Os Info: Host: mx.google.com
2179 IP: 66.249.80.0
2180 Type: SPF
2181 Is Active: True (reset ttl 64)
2182 IP: 35.191.0.0
2183 Type: SPF
2184 Is Active: True (reset ttl 64)
2185 IP: 108.177.96.0
2186 Type: SPF
2187 Is Active: True (reset ttl 64)
2188 IP: 64.233.160.0
2189 Type: SPF
2190 Is Active: True (reset ttl 64)
2191#####################################################################################################################################
2192traceroute to scottishrite-bg.org (87.120.40.42), 30 hops max, 60 byte packets
2193 1 10.241.200.1 (10.241.200.1) 136.060 ms 136.028 ms 136.007 ms
2194 2 * * *
2195 3 te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49) 136.346 ms 136.579 ms 136.572 ms
2196 4 be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249) 136.198 ms 136.208 ms 136.185 ms
2197 5 be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190) 142.107 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194) 142.307 ms 142.068 ms
2198 6 be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105) 156.429 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1) 306.522 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105) 305.474 ms
2199 7 be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205) 314.597 ms 320.250 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209) 316.410 ms
2200 8 be2434.agr21.ams03.atlas.cogentco.com (130.117.2.241) 316.767 ms be2440.agr21.ams03.atlas.cogentco.com (130.117.50.6) 316.712 ms 316.722 ms
2201 9 ntt.ams03.atlas.cogentco.com (130.117.15.130) 320.437 ms 320.617 ms 324.030 ms
220210 ae-10.r24.amstnl02.nl.bb.gin.ntt.net (129.250.3.44) 320.370 ms 324.006 ms ae-5.r25.amstnl02.nl.bb.gin.ntt.net (129.250.3.104) 167.061 ms
220311 ae-0.a00.amstnl02.nl.bb.gin.ntt.net (129.250.3.226) 168.246 ms ae-1.a00.amstnl02.nl.bb.gin.ntt.net (129.250.3.230) 175.885 ms ae-0.a00.amstnl02.nl.bb.gin.ntt.net (129.250.3.226) 170.690 ms
220412 213.198.92.34 (213.198.92.34) 170.322 ms 172.660 ms 170.287 ms
220513 ams-eq6-01gw.voxility.net (5.254.70.149) 169.420 ms 169.795 ms 169.766 ms
220614 fra-eq5-02gw.voxility.net (5.254.73.90) 173.044 ms fra-eq5-01gw.voxility.net (5.254.73.66) 169.568 ms 169.524 ms
220715 fra-eq5-01c.voxility.net (109.163.237.26) 176.226 ms 173.388 ms fra-eq5-01c.voxility.net (109.163.237.18) 168.091 ms
220816 5.254.105.2 (5.254.105.2) 215.283 ms 215.636 ms 211.946 ms
220917 * * *
221018 * * *
221119 host-185-45-64-218.superhosting.bg (185.45.64.218) 203.772 ms 208.240 ms 207.721 ms
2212######################################################################################################################################
2213----- scottishrite-bg.org -----
2214
2215
2216Host's addresses:
2217__________________
2218
2219scottishrite-bg.org. 200 IN A 87.120.40.42
2220
2221
2222Wildcard detection using: ufkwvudwoyeq
2223_______________________________________
2224
2225ufkwvudwoyeq.scottishrite-bg.org. 300 IN A 87.120.40.42
2226
2227
2228!!!!!!!!!!!!!!!!!!!!!!!!!!!!
2229
2230 Wildcards detected, all subdomains will point to the same IP address
2231 Omitting results containing 87.120.40.42.
2232 Maybe you are using OpenDNS servers.
2233
2234!!!!!!!!!!!!!!!!!!!!!!!!!!!!
2235
2236
2237Name Servers:
2238______________
2239
2240ns26.bgdns.net. 199 IN A 87.120.40.162
2241ns25.bgdns.net. 300 IN A 87.120.40.161
2242
2243
2244Mail (MX) Servers:
2245___________________
2246
2247alt1.aspmx.l.google.com. 293 IN A 209.85.233.27
2248aspmx.l.google.com. 293 IN A 64.233.184.27
2249alt3.aspmx.l.google.com. 293 IN A 108.177.97.27
2250alt4.aspmx.l.google.com. 293 IN A 173.194.202.27
2251alt2.aspmx.l.google.com. 293 IN A 172.217.194.26
2252
2253
2254
2255Launching Whois Queries:
2256_________________________
2257
2258 whois ip result: 87.120.40.0 -> 87.120.40.0/23
2259
2260
2261scottishrite-bg.org___________________
2262
2263 87.120.40.0/23
2264#####################################################################################################################################
2265http://scottishrite-bg.org/ [200 OK] Apache, Country[BULGARIA][BG], HTTPServer[Apache], IP[87.120.40.42], Title[Шотландски Ритуал в България], UncommonHeaders[upgrade]
2266#####################################################################################################################################
2267Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-25 03:57 EST
2268Nmap scan report for scottishrite-bg.org (87.120.40.42)
2269Host is up (0.29s latency).
2270rDNS record for 87.120.40.42: server13.host.bg
2271Not shown: 983 filtered ports
2272PORT STATE SERVICE
227320/tcp closed ftp-data
227421/tcp open ftp
227522/tcp closed ssh
227625/tcp closed smtp
227726/tcp open rsftp
227853/tcp open domain
227980/tcp open http
2280110/tcp open pop3
2281139/tcp closed netbios-ssn
2282143/tcp open imap
2283443/tcp open https
2284445/tcp closed microsoft-ds
2285465/tcp open smtps
2286587/tcp open submission
2287993/tcp open imaps
2288995/tcp open pop3s
22891022/tcp open exp2
2290#####################################################################################################################################
2291Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-25 03:55 EST
2292Nmap scan report for scottishrite-bg.org (87.120.40.42)
2293Host is up (0.19s latency).
2294rDNS record for 87.120.40.42: server13.host.bg
2295Not shown: 986 filtered ports
2296PORT STATE SERVICE
229720/tcp closed ftp-data
229821/tcp open ftp
229922/tcp closed ssh
230026/tcp open rsftp
230153/tcp open domain
230280/tcp open http
2303110/tcp open pop3
2304143/tcp open imap
2305443/tcp open https
2306465/tcp open smtps
2307587/tcp open submission
2308993/tcp open imaps
2309995/tcp open pop3s
23101022/tcp open exp2
2311
2312Nmap done: 1 IP address (1 host up) scanned in 13.53 seconds
2313####################################################################################################################################
2314WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
2315Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-25 03:04 EST
2316Nmap scan report for server13.host.bg (87.120.40.42)
2317Host is up (0.16s latency).
2318Not shown: 482 filtered ports, 4 closed ports
2319Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2320PORT STATE SERVICE
232121/tcp open ftp
232253/tcp open domain
232380/tcp open http
2324110/tcp open pop3
2325143/tcp open imap
2326443/tcp open https
2327465/tcp open smtps
2328587/tcp open submission
2329993/tcp open imaps
2330995/tcp open pop3s
2331
2332Nmap done: 1 IP address (1 host up) scanned in 7.93 seconds
2333#####################################################################################################################################
2334Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-25 03:04 EST
2335Nmap scan report for server13.host.bg (87.120.40.42)
2336Host is up (0.21s latency).
2337Not shown: 2 filtered ports
2338PORT STATE SERVICE
233953/udp open domain
234067/udp open|filtered dhcps
234168/udp open|filtered dhcpc
234269/udp open|filtered tftp
234388/udp open|filtered kerberos-sec
2344123/udp open|filtered ntp
2345139/udp open|filtered netbios-ssn
2346161/udp open|filtered snmp
2347162/udp open|filtered snmptrap
2348389/udp open|filtered ldap
2349500/udp open|filtered isakmp
2350520/udp open|filtered route
23512049/udp open|filtered nfs
2352
2353Nmap done: 1 IP address (1 host up) scanned in 3.62 seconds
2354#####################################################################################################################################
2355Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-25 03:44 EST
2356Nmap scan report for server13.host.bg (87.120.40.42)
2357Host is up (0.21s latency).
2358Not shown: 983 filtered ports
2359PORT STATE SERVICE VERSION
236020/tcp closed ftp-data
236121/tcp open ftp Pure-FTPd
2362| ssl-cert: Subject: commonName=*.superhosting.bg
2363| Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
2364| Not valid before: 2018-02-20T00:00:00
2365|_Not valid after: 2021-03-13T23:59:59
2366|_ssl-date: TLS randomness does not represent time
236722/tcp closed ssh
236825/tcp closed smtp
236926/tcp open smtp Exim smtpd 4.92
2370| smtp-commands: server13.superhosting.bg Hello server13.host.bg [45.132.192.14], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2371|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2372| ssl-cert: Subject: commonName=*.superhosting.bg
2373| Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
2374| Not valid before: 2018-02-20T00:00:00
2375|_Not valid after: 2021-03-13T23:59:59
2376|_ssl-date: TLS randomness does not represent time
2377| vulners:
2378| cpe:/a:exim:exim:4.92:
2379| CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
2380| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
2381|_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
238253/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
2383| dns-nsid:
2384|_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
238580/tcp open http Apache httpd
2386|_http-server-header: Apache
2387|_http-title: 403 Forbidden
2388110/tcp open pop3 Dovecot pop3d
2389|_pop3-capabilities: AUTH-RESP-CODE USER RESP-CODES TOP UIDL PIPELINING CAPA SASL(PLAIN LOGIN) STLS
2390|_ssl-date: TLS randomness does not represent time
2391139/tcp closed netbios-ssn
2392143/tcp open imap Dovecot imapd
2393|_imap-capabilities: QUOTA ID CONDSTORE AUTH=LOGINA0001 WITHIN LOGIN-REFERRALS ESORT THREAD=REFERENCES I18NLEVEL=1 UIDPLUS SORT SASL-IR NAMESPACE more post-login THREAD=REFS CHILDREN URL-PARTIAL UNSELECT SEARCHRES ESEARCH QRESYNC STARTTLS listed LITERAL+ capabilities CONTEXT=SEARCH Pre-login OK SNIPPET=FUZZY THREAD=ORDEREDSUBJECT AUTH=PLAIN IDLE ENABLE have COMPRESS=DEFLATE CATENATE SPECIAL-USE NOTIFY SORT=DISPLAY LIST-STATUS MOVE LIST-EXTENDED IMAP4rev1 MULTIAPPEND
2394|_ssl-date: TLS randomness does not represent time
2395443/tcp open ssl/http Apache httpd
2396|_http-server-header: Apache
2397|_http-title: 403 Forbidden
2398| ssl-cert: Subject: commonName=you.are.not.supposed.to.be.here/organizationName=SH/stateOrProvinceName=Sofia/countryName=BG
2399| Not valid before: 2013-08-14T12:52:13
2400|_Not valid after: 2113-07-21T12:52:13
2401|_ssl-date: TLS randomness does not represent time
2402| tls-alpn:
2403| h2
2404|_ http/1.1
2405445/tcp closed microsoft-ds
2406465/tcp open ssl/smtp Exim smtpd 4.92
2407| smtp-commands: server13.superhosting.bg Hello server13.host.bg [45.132.192.14], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
2408|_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2409| ssl-cert: Subject: commonName=*.superhosting.bg
2410| Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
2411| Not valid before: 2018-02-20T00:00:00
2412|_Not valid after: 2021-03-13T23:59:59
2413|_ssl-date: TLS randomness does not represent time
2414| vulners:
2415| cpe:/a:exim:exim:4.92:
2416| CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
2417| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
2418|_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
2419587/tcp open smtp Exim smtpd 4.92
2420| smtp-commands: server13.superhosting.bg Hello server13.host.bg [45.132.192.14], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2421|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2422| ssl-cert: Subject: commonName=*.superhosting.bg
2423| Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
2424| Not valid before: 2018-02-20T00:00:00
2425|_Not valid after: 2021-03-13T23:59:59
2426|_ssl-date: TLS randomness does not represent time
2427| vulners:
2428| cpe:/a:exim:exim:4.92:
2429| CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
2430| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
2431|_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
2432993/tcp open ssl/imaps?
2433|_ssl-date: TLS randomness does not represent time
2434995/tcp open ssl/pop3s?
2435|_ssl-date: TLS randomness does not represent time
24361022/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2437| ssh-hostkey:
2438| 2048 f2:22:2b:cd:45:b8:a3:d1:69:0f:f6:a0:15:74:56:4b (RSA)
2439| 256 9f:ca:8f:04:ac:a6:a7:a1:f1:ac:b7:42:0e:4c:59:8d (ECDSA)
2440|_ 256 da:f5:38:a3:bc:4b:9d:31:da:41:42:3c:2c:21:ec:09 (ED25519)
2441| vulners:
2442| cpe:/a:openbsd:openssh:7.4:
2443| CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
2444|_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
2445Aggressive OS guesses: Linux 3.10 - 4.11 (94%), Linux 3.2 - 4.9 (91%), Linux 4.4 (90%), Linux 3.11 - 3.12 (90%), Linux 3.18 (90%), Crestron XPanel control system (89%), Linux 3.13 (89%), Linux 3.13 or 4.2 (89%), Linux 3.16 (89%), Linux 4.10 (89%)
2446######################################################################################################################################
2447Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-25 03:48 EST
2448Nmap scan report for server13.host.bg (87.120.40.42)
2449Host is up (0.20s latency).
2450Not shown: 983 filtered ports
2451PORT STATE SERVICE VERSION
245220/tcp closed ftp-data
245321/tcp open ftp Pure-FTPd
2454| ssl-cert: Subject: commonName=*.superhosting.bg
2455| Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
2456| Not valid before: 2018-02-20T00:00:00
2457|_Not valid after: 2021-03-13T23:59:59
2458|_ssl-date: TLS randomness does not represent time
245922/tcp closed ssh
246025/tcp closed smtp
246126/tcp open smtp Exim smtpd 4.92
2462| smtp-commands: server13.superhosting.bg Hello server13.host.bg [45.132.192.14], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2463|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2464| ssl-cert: Subject: commonName=*.superhosting.bg
2465| Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
2466| Not valid before: 2018-02-20T00:00:00
2467|_Not valid after: 2021-03-13T23:59:59
2468|_ssl-date: TLS randomness does not represent time
2469| vulners:
2470| cpe:/a:exim:exim:4.92:
2471| CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
2472| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
2473|_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
247453/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
2475| dns-nsid:
2476|_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
247780/tcp open http Apache httpd
2478|_http-server-header: Apache
2479|_http-title: 403 Forbidden
2480110/tcp open pop3 Dovecot pop3d
2481|_pop3-capabilities: RESP-CODES CAPA STLS SASL(PLAIN LOGIN) AUTH-RESP-CODE USER PIPELINING TOP UIDL
2482|_ssl-date: TLS randomness does not represent time
2483139/tcp closed netbios-ssn
2484143/tcp open imap Dovecot imapd
2485|_imap-capabilities: listed NAMESPACE UNSELECT LIST-EXTENDED SEARCHRES CHILDREN NOTIFY QRESYNC LIST-STATUS THREAD=REFS ESORT IDLE CONTEXT=SEARCH more I18NLEVEL=1 ESEARCH MOVE have AUTH=PLAIN capabilities THREAD=ORDEREDSUBJECT CATENATE SPECIAL-USE Pre-login ENABLE OK AUTH=LOGINA0001 URL-PARTIAL post-login THREAD=REFERENCES STARTTLS ID QUOTA UIDPLUS COMPRESS=DEFLATE LITERAL+ LOGIN-REFERRALS MULTIAPPEND SASL-IR WITHIN IMAP4rev1 CONDSTORE SNIPPET=FUZZY SORT SORT=DISPLAY
2486|_ssl-date: TLS randomness does not represent time
2487443/tcp open ssl/http Apache httpd
2488|_http-server-header: Apache
2489|_http-title: 403 Forbidden
2490| ssl-cert: Subject: commonName=you.are.not.supposed.to.be.here/organizationName=SH/stateOrProvinceName=Sofia/countryName=BG
2491| Not valid before: 2013-08-14T12:52:13
2492|_Not valid after: 2113-07-21T12:52:13
2493|_ssl-date: TLS randomness does not represent time
2494| tls-alpn:
2495| h2
2496|_ http/1.1
2497445/tcp closed microsoft-ds
2498465/tcp open ssl/smtp Exim smtpd 4.92
2499| smtp-commands: server13.superhosting.bg Hello server13.host.bg [45.132.192.14], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
2500|_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2501| ssl-cert: Subject: commonName=*.superhosting.bg
2502| Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
2503| Not valid before: 2018-02-20T00:00:00
2504|_Not valid after: 2021-03-13T23:59:59
2505|_ssl-date: TLS randomness does not represent time
2506| vulners:
2507| cpe:/a:exim:exim:4.92:
2508| CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
2509| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
2510|_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
2511587/tcp open smtp Exim smtpd 4.92
2512| smtp-commands: server13.superhosting.bg Hello server13.host.bg [45.132.192.14], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2513|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2514| ssl-cert: Subject: commonName=*.superhosting.bg
2515| Subject Alternative Name: DNS:*.superhosting.bg, DNS:superhosting.bg
2516| Not valid before: 2018-02-20T00:00:00
2517|_Not valid after: 2021-03-13T23:59:59
2518|_ssl-date: TLS randomness does not represent time
2519| vulners:
2520| cpe:/a:exim:exim:4.92:
2521| CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
2522| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
2523|_ CVE-2019-16928 7.5 https://vulners.com/cve/CVE-2019-16928
2524993/tcp open ssl/imaps?
2525|_ssl-date: TLS randomness does not represent time
2526995/tcp open ssl/pop3s?
2527|_ssl-date: TLS randomness does not represent time
25281022/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2529| ssh-hostkey:
2530| 2048 f2:22:2b:cd:45:b8:a3:d1:69:0f:f6:a0:15:74:56:4b (RSA)
2531| 256 9f:ca:8f:04:ac:a6:a7:a1:f1:ac:b7:42:0e:4c:59:8d (ECDSA)
2532|_ 256 da:f5:38:a3:bc:4b:9d:31:da:41:42:3c:2c:21:ec:09 (ED25519)
2533| vulners:
2534| cpe:/a:openbsd:openssh:7.4:
2535| CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
2536|_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
2537Aggressive OS guesses: Linux 3.10 - 4.11 (94%), HP P2000 G3 NAS device (91%), Linux 3.18 (91%), Linux 3.2 - 4.9 (91%), Linux 3.13 (90%), Linux 3.13 or 4.2 (90%), Linux 3.16 - 4.6 (90%), Linux 4.10 (90%), Linux 4.2 (90%), Asus RT-AC66U WAP (90%)
2538No exact OS matches for host (test conditions non-ideal).
2539Network Distance: 20 hops
2540Service Info: Host: server13.superhosting.bg; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2541
2542TRACEROUTE (using port 22/tcp)
2543HOP RTT ADDRESS
25441 138.41 ms 10.241.200.1
25452 ...
25463 139.28 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
25474 139.23 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
25485 144.82 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
25496 159.69 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
25507 175.51 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
25518 171.73 ms be2434.agr21.ams03.atlas.cogentco.com (130.117.2.241)
25529 175.59 ms ntt.ams03.atlas.cogentco.com (130.117.15.130)
255310 171.84 ms ae-5.r25.amstnl02.nl.bb.gin.ntt.net (129.250.3.104)
255411 202.96 ms ae-0.a00.amstnl02.nl.bb.gin.ntt.net (129.250.3.226)
255512 167.48 ms 213.198.92.34
255613 175.06 ms ams-eq6-01gw.voxility.net (5.254.70.149)
255714 172.54 ms fra-eq5-01gw.voxility.net (5.254.73.66)
255815 187.59 ms fra-eq5-01c.voxility.net (109.163.237.26)
255916 215.85 ms 5.254.105.2
256017 ... 18
256119 204.21 ms host-185-45-64-218.superhosting.bg (185.45.64.218)
256220 198.23 ms server13.host.bg (87.120.40.42)
2563######################################################################################################################################
2564Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-25 03:54 EST
2565Nmap scan report for scottishrite-bg.org (87.120.40.42)
2566Host is up (0.24s latency).
2567rDNS record for 87.120.40.42: server13.host.bg
2568Not shown: 983 filtered ports
2569PORT STATE SERVICE VERSION
257020/tcp closed ftp-data
257121/tcp open ftp Pure-FTPd
257222/tcp closed ssh
257325/tcp closed smtp
257426/tcp open smtp Exim smtpd 4.92
257553/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
257680/tcp open http Apache httpd
2577|_http-server-header: Apache
2578|_http-title: \xD0\xA8\xD0\xBE\xD1\x82\xD0\xBB\xD0\xB0\xD0\xBD\xD0\xB4\xD1\x81\xD0\xBA\xD0\xB8 \xD0\xA0\xD0\xB8\xD1\x82\xD1\x83\xD0\xB0\xD0\xBB \xD0\xB2 \xD0\x91\xD1\x8A\xD0\xBB\xD0\xB3\xD0\xB0\xD1\x80\xD0\xB8\xD1\x8F
2579110/tcp open pop3 Dovecot pop3d
2580139/tcp closed netbios-ssn
2581143/tcp open imap Dovecot imapd
2582443/tcp open ssl/ssl Apache httpd (SSL-only mode)
2583|_http-server-header: Apache
2584|_http-title: \xD0\xA8\xD0\xBE\xD1\x82\xD0\xBB\xD0\xB0\xD0\xBD\xD0\xB4\xD1\x81\xD0\xBA\xD0\xB8 \xD0\xA0\xD0\xB8\xD1\x82\xD1\x83\xD0\xB0\xD0\xBB \xD0\xB2 \xD0\x91\xD1\x8A\xD0\xBB\xD0\xB3\xD0\xB0\xD1\x80\xD0\xB8\xD1\x8F
2585445/tcp closed microsoft-ds
2586465/tcp open ssl/smtp Exim smtpd 4.92
2587587/tcp open smtp Exim smtpd 4.92
2588993/tcp open ssl/imaps?
2589995/tcp open ssl/pop3s?
25901022/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2591Service Info: Host: server13.superhosting.bg; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2592######################################################################################################################################
2593Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-25 04:00 EST
2594SENT (0.2234s) ICMP [10.241.201.150 > 87.120.40.42 Echo request (type=8/code=0) id=52445 seq=0] IP [ttl=38 id=38990 iplen=28 ]
2595SENT (0.2235s) igmp (2) 10.241.201.150 > 87.120.40.42: ttl=59 id=37452 iplen=28
2596SENT (0.2235s) ipv4 (4) 10.241.201.150 > 87.120.40.42: ttl=55 id=60364 iplen=20
2597RCVD (0.4261s) ICMP [87.120.40.42 > 10.241.201.150 Echo reply (type=0/code=0) id=52445 seq=0] IP [ttl=49 id=32959 iplen=28 ]
2598NSOCK INFO [0.4740s] nsock_iod_new2(): nsock_iod_new (IOD #1)
2599NSOCK INFO [0.4740s] nsock_connect_udp(): UDP connection requested to 2001:18c0:121:6900:724f:b8ff:fefd:5b6a:53 (IOD #1) EID 8
2600NSOCK INFO [0.4740s] nsock_read(): Read request from IOD #1 [2001:18c0:121:6900:724f:b8ff:fefd:5b6a:53] (timeout: -1ms) EID 18
2601NSOCK INFO [0.4740s] nsock_iod_new2(): nsock_iod_new (IOD #2)
2602NSOCK INFO [0.4740s] nsock_connect_udp(): UDP connection requested to 192.168.0.1:53 (IOD #2) EID 24
2603NSOCK INFO [0.4740s] nsock_read(): Read request from IOD #2 [192.168.0.1:53] (timeout: -1ms) EID 34
2604NSOCK INFO [0.4740s] nsock_iod_new2(): nsock_iod_new (IOD #3)
2605NSOCK INFO [0.4740s] nsock_connect_udp(): UDP connection requested to 38.132.106.139:53 (IOD #3) EID 40
2606NSOCK INFO [0.4740s] nsock_read(): Read request from IOD #3 [38.132.106.139:53] (timeout: -1ms) EID 50
2607NSOCK INFO [0.4740s] nsock_iod_new2(): nsock_iod_new (IOD #4)
2608NSOCK INFO [0.4740s] nsock_connect_udp(): UDP connection requested to 194.187.251.67:53 (IOD #4) EID 56
2609NSOCK INFO [0.4740s] nsock_read(): Read request from IOD #4 [194.187.251.67:53] (timeout: -1ms) EID 66
2610NSOCK INFO [0.4740s] nsock_iod_new2(): nsock_iod_new (IOD #5)
2611NSOCK INFO [0.4740s] nsock_connect_udp(): UDP connection requested to 185.93.180.131:53 (IOD #5) EID 72
2612NSOCK INFO [0.4740s] nsock_read(): Read request from IOD #5 [185.93.180.131:53] (timeout: -1ms) EID 82
2613NSOCK INFO [0.4740s] nsock_write(): Write request for 43 bytes to IOD #1 EID 91 [2001:18c0:121:6900:724f:b8ff:fefd:5b6a:53]
2614NSOCK INFO [0.4740s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 8 [2001:18c0:121:6900:724f:b8ff:fefd:5b6a:53]
2615NSOCK INFO [0.4740s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 91 [2001:18c0:121:6900:724f:b8ff:fefd:5b6a:53]
2616NSOCK INFO [0.4740s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 24 [192.168.0.1:53]
2617NSOCK INFO [0.4740s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 40 [38.132.106.139:53]
2618NSOCK INFO [0.4740s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 56 [194.187.251.67:53]
2619NSOCK INFO [0.4740s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 72 [185.93.180.131:53]
2620NSOCK INFO [0.5790s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 18 [2001:18c0:121:6900:724f:b8ff:fefd:5b6a:53] (259 bytes)
2621NSOCK INFO [0.5790s] nsock_read(): Read request from IOD #1 [2001:18c0:121:6900:724f:b8ff:fefd:5b6a:53] (timeout: -1ms) EID 98
2622NSOCK INFO [0.5790s] nsock_iod_delete(): nsock_iod_delete (IOD #1)
2623NSOCK INFO [0.5790s] nevent_delete(): nevent_delete on event #98 (type READ)
2624NSOCK INFO [0.5790s] nsock_iod_delete(): nsock_iod_delete (IOD #2)
2625NSOCK INFO [0.5790s] nevent_delete(): nevent_delete on event #34 (type READ)
2626NSOCK INFO [0.5790s] nsock_iod_delete(): nsock_iod_delete (IOD #3)
2627NSOCK INFO [0.5790s] nevent_delete(): nevent_delete on event #50 (type READ)
2628NSOCK INFO [0.5790s] nsock_iod_delete(): nsock_iod_delete (IOD #4)
2629NSOCK INFO [0.5790s] nevent_delete(): nevent_delete on event #66 (type READ)
2630NSOCK INFO [0.5790s] nsock_iod_delete(): nsock_iod_delete (IOD #5)
2631NSOCK INFO [0.5790s] nevent_delete(): nevent_delete on event #82 (type READ)
2632Nmap scan report for scottishrite-bg.org (87.120.40.42)
2633Host is up (0.20s latency).
2634rDNS record for 87.120.40.42: server13.host.bg
2635Nmap done: 1 IP address (1 host up) scanned in 0.58 seconds
2636#######################################################################################################################################
2637Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-25 03:58 EST
2638Nmap scan report for server13.host.bg (87.120.40.42)
2639Host is up (0.22s latency).
2640Not shown: 983 filtered ports
2641PORT STATE SERVICE VERSION
264220/tcp closed ftp-data
264321/tcp open ftp Pure-FTPd
2644| vulscan: VulDB - https://vuldb.com:
2645| [102925] Foscam C1 Indoor HD Camera 2.52.2.37 Web Management Interface pureftpd.passwd HTTP Request privilege escalation
2646| [57510] Pureftpd Pure-FTPd up to 0.x Memory Consumption denial of service
2647| [57504] Pureftpd Pure-FTPd up to 0.x ftp_parser.c Cleartext unknown vulnerability
2648|
2649| MITRE CVE - https://cve.mitre.org:
2650| [CVE-2004-0656] The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
2651|
2652| SecurityFocus - https://www.securityfocus.com/bid/:
2653| [10664] PureFTPd Accept_Client Remote Denial of Service Vulnerability
2654|
2655| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2656| No findings
2657|
2658| Exploit-DB - https://www.exploit-db.com:
2659| No findings
2660|
2661| OpenVAS (Nessus) - http://www.openvas.org:
2662| No findings
2663|
2664| SecurityTracker - https://www.securitytracker.com:
2665| [1010701] PureFTPd Logic Bug in accept_client() Lets Remote Users Crash the FTP Daemon
2666| [1008135] (Claim is Retracted) PureFTPd Buffer Overflow in displayrate() Lets Remote Users Crash the Service
2667| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
2668| [1001126] PureFTPd May Allow Remote Users to Deny Service on the Server
2669|
2670| OSVDB - http://www.osvdb.org:
2671| No findings
2672|_
267322/tcp closed ssh
267425/tcp closed smtp
267526/tcp open smtp Exim smtpd 4.92
2676| vulscan: VulDB - https://vuldb.com:
2677| [141327] Exim up to 4.92.1 Backslash privilege escalation
2678| [138827] Exim up to 4.92 Expansion Code Execution
2679| [135932] Exim up to 4.92 privilege escalation
2680| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
2681|
2682| MITRE CVE - https://cve.mitre.org:
2683| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
2684| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
2685| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
2686| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
2687| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
2688| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
2689| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
2690| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
2691| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
2692| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
2693| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
2694| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
2695| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
2696| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
2697| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
2698| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
2699|
2700| SecurityFocus - https://www.securityfocus.com/bid/:
2701| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
2702| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
2703| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
2704| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
2705| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
2706| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
2707| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
2708| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
2709| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
2710| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
2711| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
2712| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
2713| [45308] Exim Crafted Header Remote Code Execution Vulnerability
2714| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
2715| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
2716| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
2717| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
2718| [17110] sa-exim Unauthorized File Access Vulnerability
2719| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
2720| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
2721| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
2722| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
2723| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
2724| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
2725| [6314] Exim Internet Mailer Format String Vulnerability
2726| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
2727| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
2728| [2828] Exim Format String Vulnerability
2729| [1859] Exim Buffer Overflow Vulnerability
2730|
2731| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2732| [84758] Exim sender_address parameter command execution
2733| [84015] Exim command execution
2734| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
2735| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
2736| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
2737| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
2738| [67455] Exim DKIM processing code execution
2739| [67299] Exim dkim_exim_verify_finish() format string
2740| [65028] Exim open_log privilege escalation
2741| [63967] Exim config file privilege escalation
2742| [63960] Exim header buffer overflow
2743| [59043] Exim mail directory privilege escalation
2744| [59042] Exim MBX symlink
2745| [52922] ikiwiki teximg plugin information disclosure
2746| [34265] Exim spamd buffer overflow
2747| [25286] Sa-exim greylistclean.cron file deletion
2748| [22687] RHSA-2005:025 updates for exim not installed
2749| [18901] Exim dns_build_reverse buffer overflow
2750| [18764] Exim spa_base64_to_bits function buffer overflow
2751| [18763] Exim host_aton buffer overflow
2752| [16079] Exim require_verify buffer overflow
2753| [16077] Exim header_check_syntax buffer overflow
2754| [16075] Exim sender_verify buffer overflow
2755| [13067] Exim HELO or EHLO command heap overflow
2756| [10761] Exim daemon.c format string
2757| [8194] Exim configuration file -c command-line argument buffer overflow
2758| [7738] Exim allows attacker to hide commands in localhost names using pipes
2759| [6671] Exim "
2760| [1893] Exim MTA allows local users to gain root privileges
2761|
2762| Exploit-DB - https://www.exploit-db.com:
2763| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
2764| [15725] Exim 4.63 Remote Root Exploit
2765| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
2766| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
2767| [796] Exim <= 4.42 Local Root Exploit
2768| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
2769|
2770| OpenVAS (Nessus) - http://www.openvas.org:
2771| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
2772|
2773| SecurityTracker - https://www.securitytracker.com:
2774| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
2775| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
2776| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
2777| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
2778| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
2779| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
2780| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
2781| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
2782| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
2783| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
2784| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
2785| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
2786|
2787| OSVDB - http://www.osvdb.org:
2788| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
2789| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
2790| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
2791| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
2792| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
2793| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
2794| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
2795| [70696] Exim log.c open_log() Function Local Privilege Escalation
2796| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
2797| [69685] Exim string_format Function Remote Overflow
2798| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
2799| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
2800| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
2801| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
2802| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
2803| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
2804| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
2805| [12726] Exim -be Command Line Option host_aton Function Local Overflow
2806| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
2807| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
2808| [10032] libXpm CreateXImage Function Integer Overflow
2809| [7160] Exim .forward :include: Option Privilege Escalation
2810| [6479] Vexim COOKIE Authentication Credential Disclosure
2811| [6478] Vexim Multiple Parameter SQL Injection
2812| [5930] Exim Parenthesis File Name Filter Bypass
2813| [5897] Exim header_syntax Function Remote Overflow
2814| [5896] Exim sender_verify Function Remote Overflow
2815| [5530] Exim Localhost Name Arbitrary Command Execution
2816| [5330] Exim Configuration File Variable Overflow
2817| [1855] Exim Batched SMTP Mail Header Format String
2818|_
281953/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
2820| vulscan: VulDB - https://vuldb.com:
2821| [129818] ISC BIND up to 9.11.4/9.12.2 DDNS privilege escalation
2822| [129803] ISC BIND up to 9.11.1 Response Policy Zone Query Loop denial of service
2823| [129802] ISC BIND up to 9.11.0-P1 nxdomain-redirect Query Assertion denial of service
2824| [102965] ISC BIND up to 9.11.1-P1 TSIG weak authentication
2825| [102964] ISC BIND up to 9.11.1-P1 TSIG weak authentication
2826| [99868] ISC BIND up to 9.11.1rc2 Control Channel Crash denial of service
2827| [99867] ISC BIND up to 9.11.1rc1 DNS64 State Crash denial of service
2828| [99866] ISC BIND up to 9.11.1rc1 CNAME/DNAME Crash denial of service
2829| [96827] ISC BIND up to 9.11.1b1 RPZ/DNS64 State Error NULL Pointer Dereference denial of service
2830|
2831| MITRE CVE - https://cve.mitre.org:
2832| [CVE-2007-0494] ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
2833| [CVE-2013-4869] Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service in Cisco Unified Presence Server through 9.1(2) use the same CTI and database-encryption key across different customers' installations, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key, aka Bug IDs CSCsc69187 and CSCui01756. NOTE: the vendor has provided a statement that the "hard-coded static encryption key is considered a hardening issue rather than a vulnerability, and as such, has a CVSS score of 0/0."
2834| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
2835| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
2836| [CVE-2013-3434] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242.
2837| [CVE-2013-3433] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.
2838| [CVE-2013-3412] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.
2839| [CVE-2013-3404] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.
2840| [CVE-2013-3403] Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454.
2841| [CVE-2013-3402] An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440.
2842| [CVE-2013-3382] The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.
2843| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
2844| [CVE-2013-1150] The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590.
2845| [CVE-2013-1139] The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.
2846| [CVE-2013-1137] Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
2847| [CVE-2013-1134] The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.
2848| [CVE-2013-0149] The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795.
2849| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
2850| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
2851| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
2852| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
2853| [CVE-2012-3868] Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
2854| [CVE-2012-3817] ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2
2855| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
2856| [CVE-2012-1328] Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237.
2857| [CVE-2012-1033] The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
2858| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
2859| [CVE-2011-5184] Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover
2860| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
2861| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
2862| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
2863| [CVE-2011-1910] Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
2864| [CVE-2011-1907] ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
2865| [CVE-2011-0414] ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
2866| [CVE-2010-3762] ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.
2867| [CVE-2010-3615] named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
2868| [CVE-2010-3614] named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
2869| [CVE-2010-3613] named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.
2870| [CVE-2010-0382] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022.
2871| [CVE-2010-0290] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.
2872| [CVE-2010-0218] ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.
2873| [CVE-2010-0097] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
2874| [CVE-2009-4022] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
2875| [CVE-2009-2028] Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."
2876| [CVE-2009-1905] The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.
2877| [CVE-2009-0696] The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
2878| [CVE-2009-0265] Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
2879| [CVE-2008-4163] Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.
2880| [CVE-2008-0122] Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
2881| [CVE-2007-2926] ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
2882| [CVE-2007-2925] The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
2883| [CVE-2007-2241] Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.
2884| [CVE-2007-0493] Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."
2885| [CVE-2002-2037] The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
2886| [CVE-2002-0400] ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.
2887| [CVE-2001-0497] dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
2888| [CVE-2000-0855] SunFTP build 9(1) allows remote attackers to cause a denial of service by connecting to the server and disconnecting before sending a newline.
2889| [CVE-2000-0368] Classic Cisco IOS 9.1 and later allows attackers with access to the loging prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
2890| [CVE-1999-1466] Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
2891| [CVE-1999-1306] Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
2892| [CVE-1999-1216] Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
2893|
2894| SecurityFocus - https://www.securityfocus.com/bid/:
2895| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
2896| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
2897| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
2898| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2899| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
2900| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
2901| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
2902| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
2903| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
2904| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
2905| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
2906| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
2907| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
2908| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
2909| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
2910| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
2911| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
2912| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
2913| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
2914| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
2915| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
2916| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
2917| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
2918| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
2919| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
2920| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
2921| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
2922| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
2923| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
2924| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
2925| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
2926| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
2927| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
2928| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
2929| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
2930| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
2931| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
2932| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
2933| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
2934| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
2935| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
2936| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
2937| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
2938| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
2939| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
2940| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
2941| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
2942| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
2943| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
2944| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
2945| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
2946| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
2947| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
2948| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
2949| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
2950| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
2951| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
2952| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
2953| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
2954| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
2955| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
2956| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
2957| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
2958| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
2959| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
2960| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
2961| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
2962| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
2963| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
2964| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
2965| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
2966| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
2967| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
2968| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
2969|
2970| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2971| [85799] Cisco Unified IP Phones 9900 Series directory traversal
2972| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
2973| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
2974| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
2975| [9250] BIND 9 dns_message_findtype() denial of service
2976| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
2977| [539] Microsoft Windows 95 and Internet Explorer password disclosure
2978| [86004] ISC BIND RDATA denial of service
2979| [84767] ISC BIND denial of service
2980| [83066] ISC BIND denial of service
2981| [81504] ISC BIND AAAA denial of service
2982| [80510] ISC BIND DNS64 denial of service
2983| [79121] ISC BIND queries denial of service
2984| [78479] ISC BIND RDATA denial of service
2985| [77185] ISC BIND TCP queries denial of service
2986| [77184] ISC BIND bad cache denial of service
2987| [76034] ISC BIND rdata denial of service
2988| [73053] ISC BIND cache update policy security bypass
2989| [71332] ISC BIND recursive queries denial of service
2990| [68375] ISC BIND UPDATE denial of service
2991| [68374] ISC BIND Response Policy Zones denial of service
2992| [67665] ISC BIND RRSIG Rrsets denial of service
2993| [67297] ISC BIND RRSIG denial of service
2994| [65554] ISC BIND IXFR transfer denial of service
2995| [63602] ISC BIND allow-query security bypass
2996| [63596] ISC BIND zone data security bypass
2997| [63595] ISC BIND RRSIG denial of service
2998| [62072] ISC BIND DNSSEC query denial of service
2999| [62071] ISC BIND ACL security bypass
3000| [61871] ISC BIND anchors denial of service
3001| [60421] ISC BIND RRSIG denial of service
3002| [56049] ISC BIND out-of-bailiwick weak security
3003| [55937] ISC Bind unspecified cache poisoning
3004| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
3005| [54416] ISC BIND DNSSEC cache poisoning
3006| [52073] ISC BIND dns_db_findrdataset() denial of service
3007| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
3008| [45234] ISC BIND UDP denial of service
3009| [39670] ISC BIND inet_network buffer overflow
3010| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
3011| [37128] RHSA update for ISC BIND RRset denial of service not installed
3012| [37127] RHSA update for ISC BIND named service denial of service not installed
3013| [36275] ISC BIND DNS query spoofing
3014| [35575] ISC BIND query ID cache poisoning
3015| [35571] ISC BIND ACL security bypass
3016| [31838] ISC BIND RRset denial of service
3017| [31799] ISC BIND named service denial of service
3018| [29876] HP Tru64 ypbind core dump information disclosure
3019| [28745] ISC BIND DNSSEC RRset denial of service
3020| [28744] ISC BIND recursive INSIST denial of service
3021| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
3022| [18836] BIND hostname disclosure
3023| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
3024| [10333] ISC BIND SIG null pointer dereference denial of service
3025| [10332] ISC BIND OPT resource record (RR) denial of service
3026| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
3027| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
3028| [5814] ISC BIND "
3029| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
3030| [5462] ISC BIND AXFR host command remote buffer overflow
3031|
3032| Exploit-DB - https://www.exploit-db.com:
3033| [25305] ColdFusion 9-10 - Credential Disclosure Exploit
3034| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
3035| [24689] cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure
3036| [23059] Netbula Anyboard 9.9.5 6 Information Disclosure Vulnerability
3037| [21812] MS Word 95/97/98/2000/2002 INCLUDEPICTURE Document Sharing File Disclosure
3038| [21764] MS Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure
3039| [19877] FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure
3040| [17376] Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability
3041| [13448] linux/x86 portbind port 5074 92 bytes
3042| [13388] linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes
3043| [13360] linux/x86 setuid/portbind shellcode 96 bytes
3044| [13245] bsd/x86 setuid/portbind shellcode 94 bytes
3045| [10638] Web Wiz Forums 9.64 - Database Disclosure Vulnerability
3046| [6775] Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
3047| [6236] BIND 9.5.0-P2 (randomized ports) Remote DNS Cache Poisoning Exploit
3048| [6130] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
3049| [6123] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
3050| [6122] BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)
3051| [4292] Diskeeper 9 Remote Memory Disclosure Exploit
3052| [4266] BIND 9 0.3beta - DNS Cache Poisoning Exploit
3053|
3054| OpenVAS (Nessus) - http://www.openvas.org:
3055| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
3056| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
3057| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
3058| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
3059| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
3060| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
3061| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
3062| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
3063| [11226] Oracle 9iAS default error information disclosure
3064|
3065| SecurityTracker - https://www.securitytracker.com:
3066| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
3067| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
3068| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
3069| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
3070| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
3071| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3072| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3073| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3074| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3075| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3076| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3077| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3078| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3079| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3080| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
3081| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
3082| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
3083| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
3084| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
3085| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
3086| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
3087| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
3088| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
3089| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
3090| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
3091| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
3092|
3093| OSVDB - http://www.osvdb.org:
3094| [95373] Cisco Unified IP Phones 9900 Series Serviceability Servlet Path Value Handling Arbitrary File Access
3095| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
3096| [76009] Cisco IOS DLSw FST IP Protocol 91 Packet Memory Leak Remote DoS
3097| [73985] Cisco ASR 9000 Series Line Card IPv4 Packet Parsing Remote DoS
3098| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
3099| [34520] Cisco Linksys Multiple Router UDP 916 Remote Information Disclosure
3100| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
3101| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
3102| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
3103| [18220] Oracle 9iAS httpd.confg /perl Location Alias Arbitrary CGI File Script Disclosure
3104| [18218] Oracle 9iAS echo2 Sample Application Information Disclosure
3105| [18217] Oracle 9iAS echo Sample Application Information Disclosure
3106| [18216] Oracle 9iAS printenv Sample Application Information Disclosure
3107| [18215] Oracle 9iAS info.jsp Sample Application Information Disclosure
3108| [6674] Microsoft Office 98 for Macintosh Disk Space Information Disclosure
3109| [3108] Microsoft Office 98 Macintosh Information Disclosure
3110| [1146] Microsoft Windows 9x Credential Cache Cleartext Password Disclosure
3111| [665] Microsoft Windows 95 Online Registration Information Disclosure
3112| [95707] ISC BIND rdata.c RFC 5011 Implementation Malformed RDATA Section Handling Remote DoS
3113| [93913] ISC BIND Recursive Resolver resolver.c Malformed Zone Query Handling Remote DoS
3114| [91712] ISC BIND Crafted Regular Expression Handling Memory Exhaustion Remote DoS
3115| [89584] ISC BIND DNS64 Nameserver Response Policy Zone (RPZ) AAAA Record Query Remapping Remote DoS
3116| [89401] Foswiki LocalSite.cfg LDAP BindPassword Plaintext Local Disclosure
3117| [88126] ISC BIND DNS64 IPv6 Transition Mechanism DNS Query Parsing Remote DoS
3118| [86118] ISC BIND Nameserver RDATA Record Query Parsing Remote DoS
3119| [85417] ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS
3120| [84229] ISC BIND Memory Leak TCP Query Parsing ns_client Object Out-of-memory Remote DoS
3121| [84228] ISC BIND Query Handling Bad Cache Data Structure Assertion Remote DoS
3122| [82609] ISC BIND named DNS Resource Record Zero Length Rdata Handling Remote Information Disclosure
3123| [78916] ISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness
3124| [77159] ISC BIND Recursive Query Parsing Remote DoS
3125| [73605] ISC BIND UPDATE Request Parsing Remote DoS
3126| [73604] ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS
3127| [72540] ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS
3128| [72539] ISC BIND Authoritative Server Crafted IXFR / DDNS Query Update Deadlock DoS
3129| [72172] ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS
3130| [69568] ISC BIND named allow-query ACL Restriction Bypass
3131| [69559] ISC BIND named Key Algorithm Rollover Weakness
3132| [69558] ISC BIND named RRSIG Negative Caching DoS
3133| [68271] ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS
3134| [68270] ISC BIND ACL Application Weakness Cache Recursion Access Restriction Bypass
3135| [66395] ISC BIND RRSIG Requests Infinite Loop DoS
3136| [63373] Apple Mac OS X Server Admin Authenticated Directory Binding Handling Unspecified Open Directory Information Disclosure
3137| [62008] ISC BIND Secure Response Refetch Weakness Unspecified Issue
3138| [62007] ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning
3139| [61853] ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning
3140| [60493] ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning
3141| [59272] ISC BIND named Multiple Symlink Arbitrary File Overwrite
3142| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
3143| [57060] ISC BIND DNS Message Malformed TSIG Remote DoS
3144| [56584] ISC BIND Dynamic Update Message Handling Remote DoS
3145| [56411] GNU wget DNS Rebinding Information Disclosure Weakness
3146| [53115] ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Weakness
3147| [48243] ISC BIND for Windows UDP Client Handler Remote DoS
3148| [46776] ISC BIND DNS Query ID Field Prediction Cache Poisoning
3149| [42655] ISC BIND on Red Hat Linux /etc/rndc.key Insecure File Permission Local named Manipulation
3150| [41211] ISC BIND libbind inet_network() Function Off-By-One Memory Corruption
3151| [40935] ISC BIND on SUSE Linux Enterprise Server libgssapi named GSS-TSIG Request Remote DoS
3152| [37301] ISC BIND Signed Zone Signature Verification Remote DoS
3153| [36796] ISC BIND Outgoing Query Predictable DNS Query ID
3154| [36236] ISC BIND allow-query-cache/allow-recursion ACL Bypass
3155| [36235] ISC BIND Predictable DNS Query IDs Cache Poisoning
3156| [34753] ISC BIND stub Resolver libbind Crafted Query Remote DoS
3157| [34752] ISC BIND so_linger Remote DoS
3158| [34751] ISC BIND Malformed SIG Record Remote DoS
3159| [34750] ISC BIND Malformed NAPTR Record Local DoS
3160| [34749] ISC BIND named maxdname DoS
3161| [34748] ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
3162| [31923] ISC BIND Crafted ANY Request Response Multiple RRsets DoS
3163| [31922] ISC BIND Unspecified Freed Fetch Context Dereference DoS
3164| [28558] ISC BIND Recursive Query Saturation DoS
3165| [28557] ISC BIND SIG Query Multiple RRsets Response DoS
3166| [25895] ISC BIND Cached Recursive Query DoS
3167| [24263] Samba winbindd Debug Log Server Credentials Local Disclosure
3168| [21353] BindView NetInventory HOSTCFG._NI Deletion Cleartext Password Disclosure
3169| [14878] ISC BIND rdataset Parameter Malformed DNS Packet DoS
3170| [14877] ISC BIND stub Resolver Libraries Malformed DNS Response DoS
3171| [14795] ISC BIND TSIG Handling Code Remote Overflow
3172| [14432] ISC BIND Multiple DNS Resolver Functions Remote Overflow
3173| [13752] ISC BIND host Command AXFR Response Remote Overflow
3174| [13176] ISC BIND q_usedns Array Remote Overflow DoS
3175| [13175] ISC BIND dnssec authvalidated Crafted Packet Remote DoS
3176| [9736] ISC BIND fdmax File Descriptor Consumption DoS
3177| [9735] ISC BIND -DALLOW_UPDATES Option Remote Record Modification
3178| [9734] ISC BIND CNAME Record Zone Transfer DoS
3179| [9733] ISC BIND Malformed DNS Message DoS
3180| [9725] ISC BIND SIG RR Elements Invalid Expirty Times DoS
3181| [9724] ISC BIND OPT Resource Record Large UDP Payload DoS
3182| [9723] Multiple Vendor LDAP Server NULL Bind Connection Information Disclosure
3183| [8330] ISC BIND DNS stub resolver (libresolv.a) DNS Response Overflow
3184| [7990] ISC BIND gethostbyname() DNS Handling Remote Overflow
3185| [5828] ISC BIND named SRV Remote DoS
3186| [5609] ISC BIND dnskeygen HMAC-MD5 Shared Secret Key File Disclosure
3187| [2866] ISC BIND Negative Record Cache Poisoning
3188| [1751] ISC BIND Environment Variable Information Disclosure
3189| [1747] ISC BIND 4 nslookupComplain() Remote Format String
3190| [1746] ISC BIND 4 nslookupComplain() Remote Overflow
3191| [913] ISC BIND Inverse-Query Remote Overflow
3192| [869] ISC BIND named SIG Resource Server Response RR Overflow
3193| [448] ISC BIND Compressed ZXFR Name Service Query Remote DoS
3194| [438] ISC BIND Predictable Query ID DNS Cache Poisoning
3195| [24] ISC BIND NXT Record Overflow
3196|_
319780/tcp open http Apache httpd
3198|_http-server-header: Apache
3199| vulscan: VulDB - https://vuldb.com:
3200| [141649] Apache OFBiz up to 16.11.05 Form Widget Freemarker Markup Code Execution
3201| [141648] Apache OFBiz up to 16.11.05 Application Stored cross site scripting
3202| [140386] Apache Commons Beanutils 1.9.2 BeanIntrospector unknown vulnerability
3203| [139708] Apache Ranger up to 1.2.0 Policy Import cross site scripting
3204| [139540] cPanel up to 60.0.24 Apache HTTP Server Key information disclosure
3205| [139386] Apache Tike up to 1.21 RecursiveParserWrapper Stack-based memory corruption
3206| [139385] Apache Tika 1.19/1.20/1.21 SAXParsers Hang denial of service
3207| [139384] Apache Tika up to 1.21 RecursiveParserWrapper ZIP File denial of service
3208| [139261] Apache Solr 8.2.0 DataImportHandler Parameter unknown vulnerability
3209| [139259] cPanel up to 68.0.26 WHM Apache Includes Editor information disclosure
3210| [139256] cPanel up to 68.0.26 WHM Apache Configuration Include Editor cross site scripting
3211| [139239] cPanel up to 70.0.22 Apache HTTP Server Log information disclosure
3212| [139141] Apache ActiveMQ Client up to 5.15.4 ActiveMQConnection.java ActiveMQConnection denial of service
3213| [139130] cPanel up to 73.x Apache HTTP Server Injection privilege escalation
3214| [138914] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 VM sql injection
3215| [138913] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Block Argument privilege escalation
3216| [138912] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Cookie sql injection
3217| [138816] Apache Storm up to 1.2.2 Logviewer Daemon Log information disclosure
3218| [138815] Apache Storm up to 1.2.2 UI Daemon Deserialization privilege escalation
3219| [138164] Oracle 2.7.0.1 Apache Log4j unknown vulnerability
3220| [138155] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Tomcat unknown vulnerability
3221| [138151] Oracle Transportation Management 6.3.7 Apache Tomcat unknown vulnerability
3222| [138149] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Commons FileUpload unknown vulnerability
3223| [138131] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Tomcat unknown vulnerability
3224| [138129] Oracle Retail Xstore Point of Service 7.0/7.1 Apache HTTP Server denial of service
3225| [138123] Oracle Retail Order Management System 5.0 Apache Struts 1 unknown vulnerability
3226| [138122] Oracle Retail Order Broker 5.2/15.0 Apache Tomcat unknown vulnerability
3227| [138121] Oracle Retail Order Broker 5.2/15.0 Apache CXF unknown vulnerability
3228| [138112] Oracle Retail Integration Bus 15.0/16.0 Apache Commons FileUpload unknown vulnerability
3229| [138111] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Commons FileUpload unknown vulnerability
3230| [138103] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56/8.57 Apache WSS4J information disclosure
3231| [138053] Oracle JD Edwards EnterpriseOne Tools 9.2 Apache Log4j unknown vulnerability
3232| [138036] Oracle Insurance Rules Palette 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
3233| [138035] Oracle Insurance Policy Administration J2EE 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
3234| [138034] Oracle Insurance Calculation Engine 9.7/10.0/10.1/10.2 Apache Commons FileUpload unknown vulnerability
3235| [138028] Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
3236| [138020] Oracle BI Publisher 11.1.1.9.0 Apache Tomcat unknown vulnerability
3237| [138019] Oracle BI Publisher (formerly XML Publisher) 11.1.1.9.0 Apache Tomcat unknown vulnerability
3238| [138017] Oracle Outside In Technology 8.5.4 Apache Commons FileUpload unknown vulnerability
3239| [138013] Oracle Outside In Technology 8.5.4 Apache Tomcat unknown vulnerability
3240| [138012] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
3241| [138009] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
3242| [138008] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Struts 1 denial of service
3243| [138007] Oracle WebCenter Sites 12.2.1.3.0 Apache Tomcat denial of service
3244| [138006] Oracle Enterprise Repository 12.1.3.0.0 Apache CXF denial of service
3245| [138000] Oracle WebCenter Sites 12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
3246| [137999] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
3247| [137995] Oracle Hospitality Simphony 18.2.1 Apache WSS4J information disclosure
3248| [137987] Oracle FLEXCUBE Universal Banking up to 12.0.3/12.4.0/14.2.0 Apache Log4j unknown vulnerability
3249| [137981] Oracle Insurance IFRS 17 Analyzer 8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
3250| [137980] Oracle Insurance Data Foundation 8.0.4/8.0.5/8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
3251| [137979] Oracle 8.0.8 Apache Commons FileUpload unknown vulnerability
3252| [137973] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Batik unknown vulnerability
3253| [137970] Oracle Financial Services Profitability Management 8.0.4/8.0.5/8.0.6/8.0.7 Apache ActiveMQ unknown vulnerability
3254| [137967] Oracle up to 8.0.7 Apache httpd unknown vulnerability
3255| [137966] Oracle 8.0.7/8.0.8 Apache Groovy unknown vulnerability
3256| [137965] Oracle Financial Services Liquidity Risk Management 8.0.1/8.0.2/8.0.4/8.0.5/8.0.6 Apache Commons FileUpload unknown vulnerability
3257| [137964] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Log4j unknown vulnerability
3258| [137933] Oracle Banking Platform up to 2.7.1 Apache Tika unknown vulnerability
3259| [137926] Oracle Enterprise Manager for Fusion Middleware 13.2/13.3 Apache Commons FileUpload information disclosure
3260| [137924] Oracle Enterprise Manager Base Platform 12.1.0.5.0/13.2.0.0.0/13.3.0.0.0 Apache Commons FileUpload unknown vulnerability
3261| [137914] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
3262| [137913] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
3263| [137911] Oracle E-Business Suite up to 12.2.8 Apache HTTP Server unknown vulnerability
3264| [137910] Oracle E-Business Suite up to 12.2.8 Apache CXF information disclosure
3265| [137909] Oracle E-Business Suite up to 12.2.8 Apache Commons FileUpload unknown vulnerability
3266| [137905] Oracle Primavera Gateway 15.2/16.2/17.12/18.8 Apache Tika denial of service
3267| [137901] Oracle Primavera Unifier up to 18.8 Apache HTTP Server unknown vulnerability
3268| [137895] Oracle Instant Messaging Server 10.0.1.2.0 Apache Tika information disclosure
3269| [137894] Oracle EAGLE (Software) 46.5/46.6/46.7 Apache Tomcat information disclosure
3270| [137892] Oracle Online Mediation Controller 6.1 Apache Batik denial of service
3271| [137891] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Tomcat unknown vulnerability
3272| [137885] Oracle Diameter Signaling Router (DSR) 8.0/8.1/8.2 Apache cxf unknown vulnerability
3273| [137882] Oracle Unified 8.0.0.2.0 Apache Commons FileUpload unknown vulnerability
3274| [137881] Oracle Online Mediation Controller 6.1 Apache Commons FileUpload unknown vulnerability
3275| [137880] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Log4j unknown vulnerability
3276| [137879] Oracle Convergence 3.0.2 Apache Commons FileUpload unknown vulnerability
3277| [137876] Oracle Application Session Controller 3.7.1/3.8.0 Apache Commons FileUpload unknown vulnerability
3278| [137829] Apache Roller 5.2.3 Math Comment Authenticator Reflected cross site scripting
3279| [137736] Apache Kafka 0.11.0.0/2.1.0 ACL Validation Request privilege escalation
3280| [136858] MakerBot Replicator 5G Printer Apache HTTP Server information disclosure
3281| [136849] Analogic Poste.io 2.1.6 on Apache RoundCube logs/ information disclosure
3282| [136822] Apache Tomcat up to 8.5.40/9.0.19 Incomplete Fix CVE-2019-0199 Resource Exhaustion denial of service
3283| [136808] Apache Geode up to 1.8.0 Secure Mode privilege escalation
3284| [136646] Apache Allura up to 1.10.x Dropdown Selector Stored cross site scripting
3285| [136374] Apache HTTP Server up to 2.4.38 Slash Regular Expression unknown vulnerability
3286| [136373] Apache HTTP Server 2.4.34/2.4.35/2.4.36/2.4.37/2.4.38 HTTP2 Request Crash denial of service
3287| [136372] Apache HTTP Server up to 2.4.38 HTTP2 Request unknown vulnerability
3288| [136370] Apache Fineract up to 1.2.x sql injection
3289| [136369] Apache Fineract up to 1.2.x sql injection
3290| [135731] Apache Hadoop up to 2.8.4/2.9.1/3.1.0 yarn privilege escalation
3291| [135664] Apache Tomcat up to 7.0.93/8.5.39/9.0.0.17 SSI printenv Command cross site scripting
3292| [135663] Apache Camel up to 2.23.x JSON-lib Library XML Data XML External Entity
3293| [135661] Apache Roller up to 5.2.1/5.2.0 XML-RPC Interface XML File Server-Side Request Forgery
3294| [135402] Apache Zookeeper up to 3.4.13/3.5.0-alpha to 3.5.4-beta getACL() information disclosure
3295| [135270] Apache JSPWiki up to 2.11.0.M3 Plugin Link cross site scripting
3296| [135269] Apache JSPWiki up to 2.11.0.M3 InterWiki Link cross site scripting
3297| [135268] Apache JSPWiki up to 2.11.0.M3 Attachment cross site scripting
3298| [134527] Apache Karaf up to 4.2.4 Config Service directory traversal
3299| [134416] Apache Sanselan 0.97-incubator Loop denial of service
3300| [134415] Apache Sanselan 0.97-incubator Hang denial of service
3301| [134291] Apache Axis up to 1.7.8 Server-Side Request Forgery
3302| [134290] Apache UIMA DUCC up to 2.2.2 cross site scripting
3303| [134248] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
3304| [134247] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
3305| [134246] Apache Camel up to 2.19/2.21.3/2.22.2/2.23.0 directory traversal
3306| [134138] Apache Pluto 3.0.0/3.0.1 Chat Room Demo Portlet cross site scripting
3307| [133992] Apache Qpid Proton up to 0.27.0 Certificate Validation Man-in-the-Middle weak authentication
3308| [133977] Apache Zeppelin up to 0.7.x Stored cross site scripting
3309| [133976] Apache Zeppelin up to 0.7.x Cron Scheduler privilege escalation
3310| [133975] Apache Zeppelin up to 0.7.2 Session Fixation weak authentication
3311| [133444] Apache PDFbox 2.0.14 XML Parser XML External Entity
3312| [133573] Oracle FLEXCUBE Private Banking 2.0.0.0/2.2.0.1/12.0.1.0/12.0.3.0/12.1.0.0 Apache ActiveMQ unknown vulnerability
3313| [133407] Apache Tomcat up to 7.0.93/8.5.39/9.0.17 on Windows JRE Command Line Argument Code Execution
3314| [133315] Apache Airflow up to 1.10.2 HTTP Endpoint cross site request forgery
3315| [133314] Apache Airflow up to 1.10.2 Metadata Database cross site scripting
3316| [133290] Apache Tomcat up to 8.5.37/9.0.14 HTTP2 Stream Execution denial of service
3317| [133112] Apache HTTP Server up to 2.4.38 mod_auth_digest race condition privilege escalation
3318| [133111] Apache HTTP Server 2.4.37/2.4.38 mod_ssl Bypass privilege escalation
3319| [133092] Airsonic 10.2.1 org.apache.commons.lang.RandomStringUtils RecoverController.java java.util.Random weak authentication
3320| [132568] Apache JSPWiki up to 2.11.0.M2 URL User information disclosure
3321| [132567] Apache JSPWiki up to 2.11.0.M2 URL cross site scripting
3322| [132566] Apache ActiveMQ up to 5.15.8 MQTT Frame Memory denial of service
3323| [132565] Apache HBase up to 2.1.3 REST Server Request privilege escalation
3324| [132183] Apache Mesos up to pre-1.4.x Docker Image Code Execution
3325| [131988] Apache Karaf up to 4.2.2 kar Deployer directory traversal
3326| [131859] Apache Hadoop up to 2.9.1 privilege escalation
3327| [131479] Apache Solr up to 7.6 HTTP GET Request Server-Side Request Forgery
3328| [131446] Apache Solr up to 5.0.5/6.6.5 Config API HTTP POST Request Code Execution
3329| [131385] Apache Qpid Broker-J up to 6.x/7.0.6/7.1.0 AMQP Command Crash denial of service
3330| [131315] Apache Mesos up to pre-1.4.x Mesos Masters Rendering JSON Payload Recursion denial of service
3331| [131236] Apache Airflow up to 1.10.1 Metadata Database cross site scripting
3332| [130755] Apache JSPWiki up to 2.10.5 URL cross site scripting
3333| [130629] Apache Guacamole Cookie Flag weak encryption
3334| [130628] Apache Hadoop up to 3.0.0 HDFS information disclosure
3335| [130529] Apache Subversion 1.10.0/1.10.1/1.10.2/1.10.3/1.11.0 mod_dav_svn Directory Crash denial of service
3336| [130353] Apache Open Office up to 4.1.5 Document Loader String memory corruption
3337| [130341] Apache HTTP Server 2.4.37 mod_ssl Loop denial of service
3338| [130330] Apache HTTP Server up to 2.4.37 mod_session Expired privilege escalation
3339| [130329] Apache HTTP Server 2.4.37 mod_http2 Slowloris denial of service
3340| [130212] Apache Airflow up to 1.10.0 LDAP Auth Backend Certificate weak authentication
3341| [130123] Apache Airflow up to 1.8.2 information disclosure
3342| [130122] Apache Airflow up to 1.8.2 command injection cross site request forgery
3343| [130121] Apache Airflow up to 1.8.2 Webserver Object Code Execution
3344| [129717] Oracle Secure Global Desktop 5.4 Apache HTTP Server denial of service
3345| [129688] Oracle Tape Library ACSLS 8.4 Apache Log4j unknown vulnerability
3346| [129673] Oracle Retail Returns Management 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
3347| [129672] Oracle Retail Central Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
3348| [129671] Oracle Retail Back Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
3349| [129574] Oracle Outside In Technology 8.5.3/8.5.4 Apache Tomcat denial of service
3350| [129573] Oracle WebLogic Server 10.3.6.0 Apache HTTP Server denial of service
3351| [129563] Oracle Enterprise Repository 12.1.3.0.0 Apache Log4j unknown vulnerability
3352| [129555] Oracle Outside In Technology 8.5.3 Apache Batik denial of service
3353| [129551] Oracle Outside In Technology 8.5.3/8.5.4 Apache Commons FileUpload denial of service
3354| [129542] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
3355| [129538] Oracle SOA Suite 12.1.3.0.0/12.2.1.3.0 Apache Batik unknown vulnerability
3356| [129519] Oracle Enterprise Manager Ops Center 12.2.2/12.3.3 Apache ActiveMQ unknown vulnerability
3357| [129508] Oracle Applications Manager up to 12.2.8 Apache Derby unknown vulnerability
3358| [129507] Oracle Mobile Field Service up to 12.2.8 Apache Log4j unknown vulnerability
3359| [129505] Oracle Email Center up to 12.2.8 Apache Log4j unknown vulnerability
3360| [129504] Oracle CRM Technical Foundation up to 12.2.8 Apache Commons FileUpload unknown vulnerability
3361| [129499] Oracle Partner Management up to 12.2.8 Apache Log4j unknown vulnerability
3362| [129498] Oracle Marketing up to 12.2.8 Apache Commons FileUpload unknown vulnerability
3363| [129480] Oracle Communications WebRTC Session Controller up to 7.1 Apache Batik unknown vulnerability
3364| [129479] Oracle Communications Diameter Signaling Router up to 8.2 Apache Batik unknown vulnerability
3365| [129474] Oracle Communications Diameter Signaling Router up to 8.2 Apache HTTP Server information disclosure
3366| [129472] Oracle Communications WebRTC Session Controller up to 7.1 Apache Struts 1 unknown vulnerability
3367| [129470] Oracle Communications Converged Application Server up to 7.0.0.0 Apache Struts 1 unknown vulnerability
3368| [129463] Oracle Communications WebRTC Session Controller up to 7.1 Apache Log4j unknown vulnerability
3369| [129461] Oracle Communications Services Gatekeeper up to 6.1.0.3.x Apache Commons Collections Fileupload unknown vulnerability
3370| [129460] Oracle Communications Service Broker 6.0 Apache Log4j unknown vulnerability
3371| [129459] Oracle Communications Policy Management up to 12.4 Apache Struts 2 unknown vulnerability
3372| [129458] Oracle Communications Online Mediation Controller 6.1 Apache Log4j unknown vulnerability
3373| [129457] Oracle Communications Diameter Signaling Router up to 8.2 Apache Commons Fileupload unknown vulnerability
3374| [129456] Oracle Communications Converged Application Server 6.1 Apache Log4j unknown vulnerability
3375| [128714] Apache Thrift Java Client Library up to 0.11.0 SASL Negotiation org.apache.thrift.transport.TSaslTransport unknown vulnerability
3376| [128713] Apache Thrift Node.js Static Web Server up to 0.11.0 directory traversal
3377| [128709] Apache Karaf up to 4.1.6/4.2.1 Features Deployer XMLInputFactory XML External Entity
3378| [128575] Apache NetBeans 9.0 Proxy Auto-Config Code Execution
3379| [128369] Apache Tika 1.8-1.19.1 SQLite3Parser Loop sql injection
3380| [128111] Apache NiFi 1.8.0 Template Upload Man-in-the-Middle cross site request forgery
3381| [128110] Apache NiFi 1.8.0 Cluster Request privilege escalation
3382| [128109] Apache NiFi 1.8.0 Error Page message-page.jsp Request Header cross site scripting
3383| [128108] Apache NiFi up to 1.7.x X-Frame-Options Header privilege escalation
3384| [128102] Apache Oozie up to 5.0.0 Workflow XML Impersonation spoofing
3385| [127994] WordPress up to 5.0.0 on Apache httpd MIME Restriction cross site scripting
3386| [127981] Apache OFBiz 16.11.01/16.11.02/16.11.03/16.11.04 HTTP Engine httpService GET Request privilege escalation
3387| [127161] Apache Hadoop 2.7.4/2.7.5/2.7.6 Incomplete Fix CVE-2016-6811 privilege escalation
3388| [127040] Loadbalancer.org Enterprise VA MAX up to 8.3.2 Apache HTTP Server Log cross site scripting
3389| [127007] Apache Spark Request Code Execution
3390| [126791] Apache Hadoop up to 0.23.11/2.7.6/2.8.4/2.9.1/3.0.2 ZIP File unknown vulnerability
3391| [126767] Apache Qpid Proton-J Transport 0.3 Certificate Verification Man-in-the-Middle weak authentication
3392| [126896] Apache Commons FileUpload 1.3.3 on LDAP Manager DiskFileItem File privilege escalation
3393| [126574] Apache Hive up to 2.3.3/3.1.0 Query privilege escalation
3394| [126573] Apache Hive up to 2.3.3/3.1.0 HiveServer2 privilege escalation
3395| [126564] Apache Superset up to 0.22 Pickle Library load Code Execution
3396| [126488] Apache Syncope up to 2.0.10/2.1.1 BPMN Definition xxe privilege escalation
3397| [126487] Apache Syncope up to 2.0.10/2.1.1 cross site scripting
3398| [126346] Apache Tomcat Path privilege escalation
3399| [125922] Apache Impala up to 3.0.0 ALTER privilege escalation
3400| [125921] Apache Impala up to 3.0.0 Queue Injection privilege escalation
3401| [125647] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Install (Apache Tomcat) information disclosure
3402| [125617] Oracle Retail Returns Management 14.1 Apache Batik unknown vulnerability
3403| [125616] Oracle Retail Point-of-Service 13.4/14.0/14.1 Apache Batik unknown vulnerability
3404| [125614] Oracle Retail Central Office 14.1 Apache Batik unknown vulnerability
3405| [125613] Oracle Retail Back Office 13.3/13.4/14/14.1 Apache Batik unknown vulnerability
3406| [125599] Oracle Retail Open Commerce Platform 5.3.0/6.0.0/6.0.1 Apache Log4j unknown vulnerability
3407| [125569] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56 Apache HTTP Server information disclosure
3408| [125494] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat information disclosure
3409| [125447] Oracle Business Intelligence Enterprise Edition 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Batik unknown vulnerability
3410| [125428] Oracle Identity Management Suite 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
3411| [125427] Oracle Identity Analytics 11.1.1.5.8 Apache Log4j unknown vulnerability
3412| [125424] Oracle API Gateway 11.1.2.4.0 Apache Log4j unknown vulnerability
3413| [125423] Oracle BI Publisher 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Log4j unknown vulnerability
3414| [125383] Oracle up to 10.2.0 Apache Trinidad unknown vulnerability
3415| [125379] Oracle up to 10.1.x Apache Struts 1 cross site scripting
3416| [125377] Oracle up to 10.2.0 Apache Commons Collections unknown vulnerability
3417| [125376] Oracle Communications Application Session Controller up to 3.7.0 Apache Commons Collections unknown vulnerability
3418| [125375] Oracle Communications User Data Repository up to 12.1.x Apache Xerces memory corruption
3419| [125248] Apache ActiveMQ up to 5.15.5 Web-based Administration Console queue.jsp Parameter cross site scripting
3420| [125133] Apache Tika up to 1.19 XML Parser reset() denial of service
3421| [124877] Apache PDFbox up to 2.0.11 PDF File denial of service
3422| [124876] Apache Ranger up to 1.1.x UnixAuthenticationService Stack-based memory corruption
3423| [124791] Apache Tomcat up to 7.0.90/8.5.33/9.0.11 URL Open Redirect
3424| [124787] Apache Pony Mail 0.7/0.8/0.9 Statistics Generator Timestamp Data information disclosure
3425| [124447] Apache HTTP Server up to 2.4.34 SETTINGS Frame denial of service
3426| [124346] Apache Mesos pre-1.4.2/1.5.0/1.5.1/1.6.0 on Executor HTTP API String Comparison validation JSON Web Token information disclosure
3427| [124286] Apache Tika up to 1.18 IptcAnpaParser Loop denial of service
3428| [124242] Apache Tika up to 0.18 C:/evil.bat" Directory unknown vulnerability
3429| [124241] Apache Tika up to 0.18 XML Parser Entity Expansion denial of service
3430| [124191] Apache Karaf up to 3.0.8/4.0.8/4.1.0 WebConsole .../gogo/ weak authentication
3431| [124190] Apache Karaf up to 4.1.x sshd privilege escalation
3432| [124152] Apache Camel Mail up to 2.22.0 Path directory traversal
3433| [124143] Apache SpamAssassin up to 3.4.1 PDFInfo Plugin Code Execution
3434| [124134] Apache SpamAssassin up to 3.4.1 Scan Engine HTML::Parser Email denial of service
3435| [124095] PHP up to 5.6.37/7.0.31/7.1.21/7.2.9 Apache2 sapi_apache2.c php_handler cross site scripting
3436| [124024] Apache Mesos 1.4.x/1.5.0 libprocess JSON Payload denial of service
3437| [123814] Apache ActiveMQ Client up to 5.15.5 TLS Hostname Verification Man-in-the-Middle weak authentication
3438| [123393] Apache Traffic Server up to 6.2.2/7.1.3 ESI Plugin Config privilege escalation
3439| [123392] Apache Traffic Server 6.2.2 TLS Handshake Segmentation Fault denial of service
3440| [123391] Apache Traffic Server up to 6.2.2/7.1.3 Range Request Performance denial of service
3441| [123390] Apache Traffic Server up to 6.2.2/7.1.3 Request HTTP Smuggling privilege escalation
3442| [123369] Apache Traffic Server up to 6.2.2/7.1.3 ACL remap.config Request denial of service
3443| [123197] Apache Sentry up to 2.0.0 privilege escalation
3444| [123145] Apache Struts up to 2.3.34/2.5.16 Namespace Code Execution
3445| [123144] Apache Cayenne up to 4.1.M1 CayenneModeler XML File File Transfer privilege escalation
3446| [122981] Apache Commons Compress 1.7 ZipArchiveInputStream ZIP Archive denial of service
3447| [122889] Apache HTTP Server up to 2.2.31/2.4.23 mod_userdir HTTP Response Splitting privilege escalation
3448| [122800] Apache Spark 1.3.0 REST API weak authentication
3449| [122642] Apache Airflow up to 1.8.x 404 Page Reflected cross site scripting
3450| [122568] Apache Tomcat up to 8.5.31/9.0.9 Connection Reuse weak authentication
3451| [122567] Apache Axis 1.0./1.1/1.2/1.3/1.4 cross site scripting
3452| [122556] Apache Tomcat up to 7.0.86/8.0.51/8.5.30/9.0.7 UTF-8 Decoder Loop denial of service
3453| [122531] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.9 WebSocket Client unknown vulnerability
3454| [122456] Apache Camel up to 2.20.3/2.21.0 XSD Validator XML External Entity
3455| [122455] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Revoked Certificate weak authentication
3456| [122454] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Responder Revoked Certificate weak authentication
3457| [122214] Apache Kafka up to 0.9.0.1/0.10.2.1/0.11.0.2/1.0.0 Broker Request Data Loss denial of service
3458| [122202] Apache Kafka up to 0.10.2.1/0.11.0.1 SASL Impersonation spoofing
3459| [122101] Docker Skeleton Runtime for Apache OpenWhisk Docker Action dockerskeleton:1.3.0 privilege escalation
3460| [122100] PHP Runtime for Apache OpenWhisk Docker Action action-php-v7.2:1.0.0 privilege escalation
3461| [122012] Apache Ignite up to 2.5 Serialization privilege escalation
3462| [121911] Apache Ambari up to 2.5.x/2.6.2 Log Message Credentials information disclosure
3463| [121910] Apache HTTP Server 2.4.33 mod_md HTTP Requests denial of service
3464| [121854] Oracle Tape Library ACSLS up to ACSLS 8.4.0-2 Apache Commons Collections unknown vulnerability
3465| [121752] Oracle Insurance Policy Administration 10.0/10.1/10.2/11.0 Apache Log4j unknown vulnerability
3466| [121370] Apache Spark up to 2.1.2/2.2.1/2.3.0 URL cross site scripting
3467| [121354] Apache CouchDB HTTP API Code Execution
3468| [121144] Apache LDAP API up to 1.0.1 SSL Filter information disclosure
3469| [121143] Apache Storm up to 0.10.2/1.0.6/1.1.2/1.2.1 Cluster privilege escalation
3470| [120436] Apache CXF Fediz up to 1.4.3 Application Plugin unknown vulnerability
3471| [120310] Apache PDFbox up to 1.8.14/2.0.10 AFMParser Loop denial of service
3472| [120168] Apache CXF weak authentication
3473| [120080] Apache Cassandra up to 3.11.1 JMX/RMI Interface RMI Request privilege escalation
3474| [120043] Apache HBase up to 1.2.6.0/1.3.2.0/1.4.4/2.0.0 Thrift 1 API Server weak authentication
3475| [119723] Apache Qpid Broker-J 7.0.0/7.0.1/7.0.2/7.0.3/7.0.4 AMQP Messages Crash denial of service
3476| [122569] Apache HTTP Server up to 2.4.33 HTTP2 Request denial of service
3477| [119486] Apache Geode up to 1.4.0 Security Manager Code Execution
3478| [119306] Apache MXNet Network Interface privilege escalation
3479| [118999] Apache Storm up to 1.0.6/1.1.2/1.2.1 Archive directory traversal
3480| [118996] Apache Storm up to 1.0.6/1.1.2/1.2.1 Daemon spoofing
3481| [118644] Apple macOS up to 10.13.5 apache_mod_php unknown vulnerability
3482| [118200] Apache Batik up to 1.9 Deserialization unknown vulnerability
3483| [118143] Apache NiFi activemq-client Library Deserialization denial of service
3484| [118142] Apache NiFi 1.6.0 SplitXML xxe privilege escalation
3485| [118051] Apache Zookeeper up to 3.4.9/3.5.3-beta weak authentication
3486| [117997] Apache ORC up to 1.4.3 ORC File Recursion denial of service
3487| [117825] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.8 CORS Filter privilege escalation
3488| [117405] Apache Derby up to 10.14.1.0 Network Server Network Packet privilege escalation
3489| [117347] Apache Ambari up to 2.6.1 HTTP Request directory traversal
3490| [117265] LibreOffice/Apache Office Writer SMB Connection XML Document information disclosure
3491| [117143] Apache uimaj/uima-as/uimaFIT/uimaDUCC XML XXE information disclosure
3492| [117117] Apache Tika up to 1.17 ChmParser Loop denial of service
3493| [117116] Apache Tika up to 1.17 BPGParser Loop denial of service
3494| [117115] Apache Tika up to 1.17 tika-server command injection
3495| [116929] Apache Fineract getReportType Parameter privilege escalation
3496| [116928] Apache Fineract REST Endpoint Parameter privilege escalation
3497| [116927] Apache Fineract MakercheckersApiResource Parameter sql injection
3498| [116926] Apache Fineract REST Parameter privilege escalation
3499| [116574] Apache wicket-jquery-ui up to 6.29.0/7.10.1/8.0.0-M9.1 WYSIWYG Editor privilege escalation
3500| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
3501| [115931] Apache Solr up to 6.6.2/7.2.1 XML Data Parameter XML External Entity
3502| [115883] Apache Hive up to 2.3.2 privilege escalation
3503| [115882] Apache Hive up to 2.3.2 xpath_short information disclosure
3504| [115881] Apache DriverHive JDBC Driver up to 2.3.2 Escape Argument Bypass privilege escalation
3505| [115518] Apache Ignite 2.3 Deserialization privilege escalation
3506| [115260] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache cross site scripting
3507| [115259] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache Cookie Stack-based memory corruption
3508| [115500] CA Workload Control Center up to r11.4 SP5 Apache MyFaces Component Code Execution
3509| [115121] Apache Struts REST Plugin up to 2.5.15 Xstream XML Data denial of service
3510| [115061] Apache HTTP Server up to 2.4.29 HTTP Digest Authentication Challenge HTTP Requests Replay privilege escalation
3511| [115060] Apache HTTP Server up to 2.4.29 mod_cache_socache Request Header Crash denial of service
3512| [115059] Apache HTTP Server up to 2.4.29 HTTP2 NULL Pointer Dereference denial of service
3513| [115058] Apache HTTP Server up to 2.4.29 HTTP Header Crash denial of service
3514| [115057] Apache HTTP Server up to 2.4.29 mod_session Variable Name Cache privilege escalation
3515| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
3516| [115038] Apache HTTP Server up to 2.0.65/2.2.34/2.4.29 mod_authnz_ldap Crash denial of service
3517| [114817] Apache Syncope up to 1.2.10/2.0.7 Search Parameter information disclosure
3518| [114816] Apache Syncope up to 1.2.10/2.0.7 XSLT Code Execution
3519| [114717] Apache Commons 1.11/1.12/1.13/1.14/1.15 ZIP Archive ZipFile/ZipArchiveInputStream denial of service
3520| [114661] Apache Allura up to 1.8.0 HTTP Response Splitting privilege escalation
3521| [114400] Apache Tomcat JK ISAPI Connector up to 1.2.42 IIS/ISAPI privilege escalation
3522| [114258] Apache HTTP Server up to 2.4.22 mod_cluster Segmentation Fault denial of service
3523| [114086] Apache ODE 1.3.3 ODE Process Deployment Web Service directory traversal
3524| [113955] Apache Xerces-C up to 3.2.0 XML Parser NULL Pointer Dereference denial of service
3525| [113945] Apache Tomcat up to 7.0.84/8.0.49/8.5.27/9.0.4 URL Pattern Empty String privilege escalation
3526| [113944] Apache OpenMeetings up to 3.x/4.0.1 CRUD Operation denial of service
3527| [113905] Apache Traffic Server up to 5.2.x/5.3.2/6.2.0/7.0.0 TLS Handshake Core Dump denial of service
3528| [113904] Apache Traffic Server up to 6.2.0 Host Header privilege escalation
3529| [113895] Apache Geode up to 1.3.x Code Execution
3530| [113894] Apache Geode up to 1.3.x TcpServer Code Execution
3531| [113888] Apache James Hupa WebMail 0.0.2 cross site scripting
3532| [113813] Apache Geode Cluster up to 1.3.x Secure Mode privilege escalation
3533| [113747] Apache Tomcat Servlets privilege escalation
3534| [113647] Apache Qpid up to 0.30 qpidd Broker AMQP Message Crash denial of service
3535| [113645] Apache VCL up to 2.1/2.2.1/2.3.1 Web GUI/XMLRPC API privilege escalation
3536| [113560] Apache jUDDI Console 3.0.0 Log Entries spoofing
3537| [113571] Apache Oozie up to 4.3.0/5.0.0-beta1 XML Data XML File privilege escalation
3538| [113569] Apache Karaf up to 4.0.7 LDAPLoginModule LDAP injection denial of service
3539| [113273] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
3540| [113198] Apache Qpid Dispatch Router 0.7.0/0.8.0 AMQP denial of service
3541| [113186] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
3542| [113145] Apache Thrift up to 0.9.3 Go Client Library privilege escalation
3543| [113106] Apache jUDDI up to 3.3.3 XML Data WADL2Java/WSDL2Java XML Document privilege escalation
3544| [113105] Apache Qpid Broker-J 7.0.0 AMQP Crash denial of service
3545| [112885] Apache Allura up to 1.8.0 File information disclosure
3546| [112856] Apache CloudStack up to 4.8.1.0/4.9.0.0 API weak authentication
3547| [112855] Apache CloudStack 4.1.0/4.1.1 API information disclosure
3548| [112678] Apache Tomcat up to 7.0.82/8.0.47/8.5.23/9.0.1 Bug Fix 61201 privilege escalation
3549| [112677] Apache Tomcat Native Connector up to 1.1.34/1.2.14 OCSP Checker Client weak authentication
3550| [112625] Apache POI up to 3.16 Loop denial of service
3551| [112448] Apache NiFi up to 1.3.x Deserialization privilege escalation
3552| [112396] Apache Hadoop 2.7.3/2.7.4 YARN NodeManager Credentials information disclosure
3553| [112339] Apache NiFi 1.5.0 Header privilege escalation
3554| [112330] Apache NiFi 1.5.0 Header HTTP Request privilege escalation
3555| [112314] NetGain Enterprise Manager 7.2.730 Build 1034 org.apache.jsp.u.jsp.tools.exec_jsp Servlet Parameter privilege escalation
3556| [112253] Apache Hadoop up to 0.23.x/2.7.4/2.8.2 MapReduce Job History Server Configuration File privilege escalation
3557| [112171] Oracle Secure Global Desktop 5.3 Apache Log4j privilege escalation
3558| [112164] Oracle Agile PLM 9.3.5/9.3.6 Apache Tomcat unknown vulnerability
3559| [112161] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Tomcat privilege escalation
3560| [112158] Oracle Autovue for Agile Product Lifecycle Management 21.0.0/21.0.1 Apache Log4j privilege escalation
3561| [112156] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Log4j privilege escalation
3562| [112155] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Apache Log4j privilege escalation
3563| [112137] Oracle MICROS Relate CRM Software 10.8.x/11.4.x/15.0.x, Apache Tomcat unknown vulnerability
3564| [112136] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat privilege escalation
3565| [112133] Oracle Retail Workforce Management 1.60.7/1.64.0 Apache Log4j privilege escalation
3566| [112129] Oracle Retail Assortment Planning 14.1.3/15.0.3/16.0.1 Apache Log4j privilege escalation
3567| [112114] Oracle 9.1 Apache Log4j privilege escalation
3568| [112113] Oracle 9.1 Apache Log4j privilege escalation
3569| [112045] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat privilege escalation
3570| [112038] Oracle Health Sciences Empirica Inspections 1.0.1.1 Apache Tomcat information disclosure
3571| [112019] Oracle Endeca Information Discovery Integrator 3.1.0/3.2.0 Apache Tomcat privilege escalation
3572| [112017] Oracle WebCenter Portal 11.1.1.9.0/12.2.1.2.0/12.2.1.3.0 Apache Struts 1 cross site scripting
3573| [112011] Oracle Identity Manager 11.1.2.3.0 Apache Commons Collections privilege escalation
3574| [111950] Oracle Database 12.2.0.1 Apache Tomcat information disclosure
3575| [111703] Apache Sling XSS Protection API 1.0.4 URL Encoding cross site scripting
3576| [111556] Apache Geode up to 1.2.x Secure Mode Parameter OQL privilege escalation
3577| [111555] Apache Geode up to 1.2.x Secure Mode OQL privilege escalation
3578| [111540] Apache Geode up to 1.2.x Secure Mode information disclosure
3579| [111519] Apache Sling JCR ContentLoader 2.1.4 xmlreader directory traversal
3580| [111338] Apache DeltaSpike-JSF 1.8.0 cross site scripting
3581| [111330] Apache OFBiz 16.11.01/16.11.02/16.11.03 BIRT Plugin cross site scripting
3582| [110789] Apache Sling up to 1.4.0 Authentication Service Credentials information disclosure
3583| [110785] Apache Drill up to 1.11.0 Query Page unknown vulnerability
3584| [110701] Apache Fineract Query Parameter sql injection
3585| [110484] Apache Synapse up to 3.0.0 Apache Commons Collections Serialized Object Code Injection privilege escalation
3586| [110426] Adobe Experience Manager 6.0/6.1/6.2/6.3 Apache Sling Servlets Post cross site scripting
3587| [110141] Apache Struts up to 2.5.14 REST Plugin denial of service
3588| [110140] Apache Qpid Broker-J up to 0.32 privilege escalation
3589| [110139] Apache Qpid Broker-J up to 6.1.4 AMQP Frame denial of service
3590| [110106] Apache CXF Fediz Spring cross site request forgery
3591| [109766] Apache OpenOffice up to 4.1.3 DOC File Parser WW8Fonts memory corruption
3592| [109750] Apache OpenOffice up to 4.1.3 DOC File Parser ImportOldFormatStyles memory corruption
3593| [109749] Apache OpenOffice up to 4.1.3 PPT File Parser PPTStyleSheet memory corruption
3594| [109606] October CMS Build 412 Apache Configuration File Upload privilege escalation
3595| [109419] Apache Camel up to 2.19.3/2.20.0 camel-castor Java Object Deserialization privilege escalation
3596| [109418] Apache Camel up to 2.19.3/2.20.0 camel-hessian Java Object Deserialization privilege escalation
3597| [109400] Apache CouchDB up to 1.6.x/2.1.0 Database Server Shell privilege escalation
3598| [109399] Apache CouchDB up to 1.6.x/2.1.0 JSON Parser Shell privilege escalation
3599| [109398] Apache CXF 3.1.14/3.2.1 JAX-WS/JAX-RS Attachment denial of service
3600| [108872] Apache Hive up to 2.1.1/2.2.0/2.3.0 Policy Enforcement privilege escalation
3601| [108939] Apple macOS up to 10.13.1 apache unknown vulnerability
3602| [108938] Apple macOS up to 10.13.1 apache denial of service
3603| [108937] Apple macOS up to 10.13.1 apache unknown vulnerability
3604| [108936] Apple macOS up to 10.13.1 apache unknown vulnerability
3605| [108935] Apple macOS up to 10.13.1 apache denial of service
3606| [108934] Apple macOS up to 10.13.1 apache unknown vulnerability
3607| [108933] Apple macOS up to 10.13.1 apache unknown vulnerability
3608| [108932] Apple macOS up to 10.13.1 apache unknown vulnerability
3609| [108931] Apple macOS up to 10.13.1 apache denial of service
3610| [108930] Apple macOS up to 10.13.1 apache unknown vulnerability
3611| [108929] Apple macOS up to 10.13.1 apache denial of service
3612| [108928] Apple macOS up to 10.13.1 apache unknown vulnerability
3613| [108797] Apache Struts up to 2.3.19 TextParseUtiltranslateVariables OGNL Expression privilege escalation
3614| [108795] Apache Traffic Server up to 5.3.0 HTTP2 set_dynamic_table_size memory corruption
3615| [108794] Apache WSS4J up to 1.6.16/2.0.1 Incomplete Fix Leak information disclosure
3616| [108793] Apache Qpid up to 0.30 qpidd Crash denial of service
3617| [108792] Apache Traffic Server up to 5.1.0 Access Restriction privilege escalation
3618| [108791] Apache Wicket up to 1.5.11/6.16.x/7.0.0-M2 Session information disclosure
3619| [108790] Apache Storm 0.9.0.1 Log Viewer directory traversal
3620| [108789] Apache Cordova In-App-Browser Standalone Plugin up to 0.3.1 on iOS CDVInAppBrowser privilege escalation
3621| [108788] Apache Cordova File-Transfer Standalone Plugin up to 0.4.1 on iOS ios/CDVFileTransfer.m spoofing
3622| [108787] Apache HttpClient up to 4.3.0 HttpClientBuilder.java unknown vulnerability
3623| [108786] Apache Wicket up to 1.4.21/1.5.9/6.3.x script Tag cross site scripting
3624| [108783] Apache Hadoop up to 0.23.3/1.0.3/2.0.1 Kerberos Security Feature Key weak encryption
3625| [108782] Apache Xerces2 XML Service denial of service
3626| [108781] Apache jUDDI up to 1.x happyjuddi.jsp Parameter cross site scripting
3627| [108780] Apache jUDDI up to 1.x Log File uddiget.jsp spoofing
3628| [108709] Apache Cordova Android up to 3.7.1/4.0.1 intent URL privilege escalation
3629| [108708] Apache ActiveMQ up to 5.10.0 XML Data XML External Entity
3630| [108707] Apache ActiveMQ up to 1.7.0 XML Data XML External Entity
3631| [108629] Apache OFBiz up to 10.04.01 privilege escalation
3632| [108543] Apache Derby 10.1.2.1/10.2.2.0/10.3.1.4/10.4.1.3 Export File privilege escalation
3633| [108312] Apache HTTP Server on RHEL IP Address Filter privilege escalation
3634| [108297] Apache NiFi up to 0.7.1/1.1.1 Proxy Chain Username Deserialization privilege escalation
3635| [108296] Apache NiFi up to 0.7.1/1.1.1 Cluster Request privilege escalation
3636| [108250] Oracle Secure Global Desktop 5.3 Apache HTTP Server memory corruption
3637| [108245] Oracle Transportation Management up to 6.3.7 Apache Tomcat unknown vulnerability
3638| [108244] Oracle Transportation Management 6.4.1/6.4.2 Apache Commons FileUpload denial of service
3639| [108243] Oracle Agile Engineering Data Management 6.1.3/6.2.0 Apache Commons Collections memory corruption
3640| [108222] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Batik denial of service
3641| [108219] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat unknown vulnerability
3642| [108217] Oracle Retail Store Inventory Management 13.2.9/14.0.4/14.1.3/15.0.1/16.0.1 Apache Groovy unknown vulnerability
3643| [108216] Oracle Retail Convenience and Fuel POS Software 2.1.132 Apache Groovy unknown vulnerability
3644| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
3645| [108113] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Batik denial of service
3646| [108107] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat unknown vulnerability
3647| [108102] Oracle Healthcare Master Person Index 4.x Apache Groovy unknown vulnerability
3648| [108085] Oracle Identity Manager 11.1.2.3.0 Apache Struts 1 memory corruption
3649| [108083] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
3650| [108080] Oracle GlassFish Server 3.1.2 Apache Commons FileUpload denial of service
3651| [108066] Oracle Management Pack for GoldenGate 11.2.1.0.12 Apache Tomcat memory corruption
3652| [108062] Oracle BI Publisher 11.1.1.7.0/12.2.1.1.0/12.2.1.2.0 Apache ActiveMQ memory corruption
3653| [108060] Oracle Enterprise Manager Ops Center 12.2.2/12.3.2 Apache Groovy unknown vulnerability
3654| [108033] Oracle Primavera Unifier 9.13/9.14/10.x/15.x/16.x, Apache Groovy unknown vulnerability
3655| [108013] Oracle Communications WebRTC Session Controller 7.0/7.1/7.2 Apache Groovy unknown vulnerability
3656| [108011] Oracle Communications Services Gatekeeper 5.1/6.0 Apache Trinidad unknown vulnerability
3657| [107904] Apache Struts up to 2.3.28 Double OGNL Evaluation privilege escalation
3658| [107860] Apache Solr up to 7.0 Apache Lucene RunExecutableListener XML External Entity
3659| [107834] Apache Ranger up to 0.6.1 Change Password privilege escalation
3660| [107639] Apache NiFi 1.4.0 XML External Entity
3661| [107606] Apache ZooKeper up to 3.4.9/3.5.2 Command CPU Exhaustion denial of service
3662| [107597] Apache Roller up to 5.0.2 XML-RPC Protocol Support XML External Entity
3663| [107429] Apache Impala up to 2.9.x Kudu Table privilege escalation
3664| [107411] Apache Tomcat up to 7.0.81/8.0.46/8.5.22/9.0.0 JSP File File Upload privilege escalation
3665| [107385] Apache Geode up to 1.2.0 Secure Mode privilege escalation
3666| [107339] Apache OpenNLP up to 1.5.3/1.6.0/1.7.2/1.8.1 XML Data XML External Entity
3667| [107333] Apache Wicket up to 8.0.0-M1 CSRF Prevention HTTP Header privilege escalation
3668| [107323] Apache Wicket 1.5.10/6.13.0 Class Request information disclosure
3669| [107310] Apache Geode up to 1.2.0 Command Line Utility Query privilege escalation
3670| [107276] ArcSight ESM/ArcSight ESM Express up to 6.9.1c Patch 3/6.11.0 Apache Tomcat Version information disclosure
3671| [107266] Apache Tika up to 1.12 XML Parser XML External Entity
3672| [107262] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
3673| [107258] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
3674| [107197] Apache Xerces Jelly Parser XML File XML External Entity
3675| [107193] ZTE NR8950 Apache Commons Collections RMI Request Deserialization privilege escalation
3676| [107084] Apache Struts up to 2.3.19 cross site scripting
3677| [106877] Apache Struts up to 2.0.33/2.5.10 Freemarker Tag privilege escalation
3678| [106875] Apache Struts up to 2.5.5 URL Validator denial of service
3679| [106874] Apache Struts up to 2.3.30 Convention Plugin directory traversal
3680| [106847] Apache Tomcat up to 7.0.80 VirtualDirContext Source information disclosure
3681| [106846] Apache Tomcat up to 7.0.79 on Windows HTTP PUT Method Parameter File Upload privilege escalation
3682| [106777] Apache HTTP Server up to 2.2.34/2.4.27 Limit Directive ap_limit_section HTTP Request information disclosure
3683| [106739] puppetlabs-apache up to 1.11.0/2.0.x weak authentication
3684| [106720] Apache Wicket up to 1.5.12/6.18.x/7.0.0-M4 CryptoMapper privilege escalation
3685| [106586] Apache Brooklyn up to 0.9.x REST Server cross site scripting
3686| [106562] Apache Spark up to 2.1.1 Launcher API Deserialization privilege escalation
3687| [106559] Apache Brooklyn up to 0.9.x SnakeYAML YAML Data Java privilege escalation
3688| [106558] Apache Brooklyn up to 0.9.x REST Server cross site request forgery
3689| [106556] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
3690| [106555] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
3691| [106171] Apache Directory LDAP API up to 1.0.0-M30 Timing unknown vulnerability
3692| [106167] Apache Struts up to 2.5.12 REST Plugin XML Data privilege escalation
3693| [106166] Apache Struts up to 2.3.33/2.5.12 REST Plugin denial of service
3694| [106165] Apache Struts up to 2.3.33/2.5.12 URLValidator Regex CPU Exhaustion denial of service
3695| [106115] Apache Hadoop up to 2.6.4/2.7.2 YARN NodeManager Password information disclosure
3696| [106012] Apache Solr up to 5.5.3/6.4.0 Replication directory traversal
3697| [105980] Apache Engine 16.11.01 Parameter Reflected unknown vulnerability
3698| [105962] Apache Atlas 0.6.0/0.7.0 Frame cross site scripting
3699| [105961] Apache Atlas 0.6.0/0.7.0 Stack Trace information disclosure
3700| [105960] Apache Atlas 0.6.0/0.7.0 Search Reflected cross site scripting
3701| [105959] Apache Atlas 0.6.0/0.7.0 edit Tag DOM cross site scripting
3702| [105958] Apache Atlas 0.6.0/0.7.0 edit Tag Stored cross site scripting
3703| [105957] Apache Atlas 0.6.0/0.7.0 Cookie privilege escalation
3704| [105905] Apache Atlas 0.6.0/0.7.0/0.7.1 /js privilege escalation
3705| [105878] Apache Struts up to 2.3.24.0 privilege escalation
3706| [105682] Apache2Triad 1.5.4 phpsftpd/users.php Parameter cross site scripting
3707| [105681] Apache2Triad 1.5.4 phpsftpd/users.php Request cross site request forgery
3708| [105680] Apache2Triad 1.5.4 Parameter Session Fixation weak authentication
3709| [105643] Apache Pony Mail up to 0.8b weak authentication
3710| [105288] Apache Sling up to 2.3.21 Sling.evalString() String cross site scripting
3711| [105219] Apache Tomcat up to 8.5.15/9.0.0.M21 HTTP2 Bypass directory traversal
3712| [105218] Apache Tomcat up to 7.0.78/8.0.44/8.5.15/9.0.0.M21 CORS Filter Cache Poisoning privilege escalation
3713| [105215] Apache CXF up to 3.0.12/3.1.9 OAuth2 Hawk/JOSE MAC Validation Timing unknown vulnerability
3714| [105206] Apache CXF up to 3.0.11/3.1.8 JAX-RS Module XML External Entity
3715| [105205] Apache CXF up to 3.0.11/3.1.8 HTTP Transport Module Parameter cross site scripting
3716| [105202] Apache Storm 1.0.0/1.0.1/1.0.2/1.0.3/1.1.0 Worker privilege escalation
3717| [104987] Apache Xerces-C++ XML Service CPU Exhaustion denial of service
3718| [104986] Apache CXF 2.4.5/2.5.1 WS-SP UsernameToken Policy SOAP Request weak authentication
3719| [104985] Apache MyFaces Core up to 2.1.4 EL Expression Parameter Injection information disclosure
3720| [104983] Apache Wink up to 1.1.1 XML Document xxe privilege escalation
3721| [104981] Apache Commons Email 1.0/1.1/1.2/1.3/1.4 Subject Linebreak SMTP privilege escalation
3722| [104591] MEDHOST Document Management System Apache Solr Default Credentials weak authentication
3723| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
3724| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
3725| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
3726| [103995] Oracle 8.3/8.4/15.1/15.2 Apache Trinidad unknown vulnerability
3727| [103993] Oracle Policy Automation up to 12.2.3 Apache Commons FileUplaod denial of service
3728| [103916] Oracle Banking Platform 2.3/2.4/2.4.1/2.5 Apache Commons FileUpload denial of service
3729| [103906] Oracle Communications BRM 11.2.0.0.0 Apache Commons Collections privilege escalation
3730| [103904] Oracle Communications BRM 11.2.0.0.0/11.3.0.0.0 Apache Groovy memory corruption
3731| [103866] Oracle Transportation Management 6.1/6.2 Apache Webserver unknown vulnerability
3732| [103816] Oracle BI Publisher 11.1.1.9.0/12.2.1.1.0/12.2.1.2.0 Apache Commons Fileupload denial of service
3733| [103797] Oracle Tuxedo System and Applications Monitor Apache Commons Collections privilege escalation
3734| [103792] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Commons Fileupload privilege escalation
3735| [103791] Oracle Endeca Server 7.6.0.0/7.6.1.0 Apache Commons Collections privilege escalation
3736| [103788] Oracle Enterprise Repository 11.1.1.7.0/12.1.3.0.0 Apache ActiveMQ memory corruption
3737| [103787] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Groovy memory corruption
3738| [103763] Apache Sling up to 1.0.11 XSS Protection API XSS.getValidXML() Application XML External Entity
3739| [103762] Apache Sling up to 1.0.12 XSS Protection API XSSAPI.encodeForJSString() Script Tag cross site scripting
3740| [103693] Apache OpenMeetings 1.0.0 HTTP Method privilege escalation
3741| [103692] Apache OpenMeetings 1.0.0 Tomcat Error information disclosure
3742| [103691] Apache OpenMeetings 3.2.0 Parameter privilege escalation
3743| [103690] Apache OpenMeetings 1.0.0 sql injection
3744| [103689] Apache OpenMeetings 1.0.0 crossdomain.xml privilege escalation
3745| [103688] Apache OpenMeetings 1.0.0 weak encryption
3746| [103687] Apache OpenMeetings 1.0.0 cross site request forgery
3747| [103556] Apache Roller 5.1.0/5.1.1 Weblog Page Template VTL privilege escalation
3748| [103554] Apache OpenMeetings 1.0.0 Password Update unknown vulnerability
3749| [103553] Apache OpenMeetings 1.0.0 File Upload privilege escalation
3750| [103552] Apache OpenMeetings 3.2.0 Chat cross site scripting
3751| [103551] Apache OpenMeetings 3.1.0 XML unknown vulnerability
3752| [103521] Apache HTTP Server 2.4.26 HTTP2 Free memory corruption
3753| [103520] Apache HTTP Server up to 2.2.33/2.4.26 mod_auth_digest Authorization Header memory corruption
3754| [103519] Apache Struts up to 2.5.11/2.3.32 Spring AOP denial of service
3755| [103518] Apache Struts up to 2.5.11 URLValidator directory traversal
3756| [103492] Apache Spark up to 2.1.x Web UI Reflected cross site scripting
3757| [103401] Apache Struts 2.3.x Struts 1 Plugin ActionMessage privilege escalation
3758| [103399] Apache Traffic Control Traffic Router TCP Connection Slowloris denial of service
3759| [103387] Apache Impala up to 2.8.0 StatestoreSubscriber weak encryption
3760| [103386] Apache Impala up to 2.7.x/2.8.0 Kerberos weak authentication
3761| [103352] Apache Solr Node weak authentication
3762| [102897] Apache Ignite up to 2.0 Update Notifier information disclosure
3763| [102878] Code42 CrashPlan 5.4.x RMI Server org.apache.commons.ssl.rmi.DateRMI privilege escalation
3764| [102698] Apache HTTP Server up to 2.2.32/2.4.25 mod_mime Content-Type memory corruption
3765| [102697] Apache HTTP Server 2.2.24/2.2.32 HTTP Strict Parsing ap_find_token Request Header memory corruption
3766| [102690] Apache HTTP Server up to 2.2.32/2.4.25 mod_ssl ap_hook_process_connection() denial of service
3767| [102689] Apache HTTP Server up to 2.2.32/2.4.25 ap_get_basic_auth_pw weak authentication
3768| [102622] Apache Thrift up to 0.9.2 Client Libraries skip denial of service
3769| [102538] Apache Ranger up to 0.7.0 Authorizer unknown vulnerability
3770| [102537] Apache Ranger up to 0.7.0 Wildcard Character unknown vulnerability
3771| [102536] Apache Ranger up to 0.6 Stored cross site scripting
3772| [102535] Apache Ranger up to 0.6.2 Policy Engine unknown vulnerability
3773| [102255] Apache NiFi up to 0.7.3/1.2.x Response Header privilege escalation
3774| [102254] Apache NiFi up to 0.7.3/1.2.x UI cross site scripting
3775| [102070] Apache CXF Fediz up to 1.1.2/1.2.0 Application Plugin denial of service
3776| [102020] Apache Tomcat up to 9.0.0.M1 Java Servlet HTTP Method unknown vulnerability
3777| [101858] Apache Hive up to 1.2.1/2.0.0 Client weak authentication
3778| [101802] Apache KNOX up to 0.11.0 WebHDFS privilege escalation
3779| [101928] HPE Aruba ClearPass Apache Tomcat information disclosure
3780| [101524] Apache Archiva up to 1.x/2.2.1 REST Endpoint cross site request forgery
3781| [101513] Apache jUDDI 3.1./3.1.2/3.1.3/3.1.4 Logout Open Redirect
3782| [101430] Apache CXF Fediz up to 1.3.1 OIDC Service cross site request forgery
3783| [101429] Apache CXF Fediz up to 1.2.3/1.3.1 Plugins cross site request forgery
3784| [100619] Apache Hadoop up to 2.6.x HDFS Servlet unknown vulnerability
3785| [100618] Apache Hadoop up to 2.7.0 HDFS Web UI cross site scripting
3786| [100621] Adobe ColdFusion 10/11/2016 Apache BlazeDS Library Deserialization privilege escalation
3787| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
3788| [100191] Oracle Secure Global Desktop 4.71/5.2/5.3 Web Server (Apache HTTP Server) information disclosure
3789| [100162] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Commons Collections privilege escalation
3790| [100160] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Trinidad unknown vulnerability
3791| [99969] Oracle WebCenter Sites 11.1.1.8.0 Apache Tomcat memory corruption
3792| [99937] Apache Batik up to 1.8 privilege escalation
3793| [99936] Apache FOP up to 2.1 privilege escalation
3794| [99935] Apache CXF up to 3.0.12/3.1.10 STSClient Cache information disclosure
3795| [99934] Apache CXF up to 3.0.12/3.1.10 JAX-RS XML Security Streaming Client spoofing
3796| [99930] Apache Traffic Server up to 6.2.0 denial of service
3797| [99929] Apache Log4j up to 2.8.1 Socket Server Deserialization privilege escalation
3798| [99925] Apache Traffic Server 6.0.0/6.1.0/6.2.0 HPACK Bomb denial of service
3799| [99738] Ping Identity OpenID Connect Authentication Module up to 2.13 on Apache Mod_auth_openidc.c spoofing
3800| [117569] Apache Hadoop up to 2.7.3 privilege escalation
3801| [99591] Apache TomEE up to 1.7.3/7.0.0-M2 EjbObjectInputStream Serialized Object privilege escalation
3802| [99370] Apache Ignite up to 1.8 update-notifier Document XML External Entity
3803| [99299] Apache Geode up to 1.1.0 Pulse OQL Query privilege escalation
3804| [99572] Apache Tomcat up to 7.0.75/8.0.41/8.5.11/9.0.0.M17 Application Listener privilege escalation
3805| [99570] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP Connector Cache information disclosure
3806| [99569] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP/2 GOAWAY Frame Resource Exhaustion denial of service
3807| [99568] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 Pipelined Request information disclosure
3808| [99048] Apache Ambari up to 2.3.x REST API Shell Metacharacter privilege escalation
3809| [99014] Apache Camel Jackson/JacksonXML privilege escalation
3810| [98610] Apple macOS up to 10.12.3 apache_mod_php memory corruption
3811| [98609] Apple macOS up to 10.12.3 apache_mod_php denial of service
3812| [98608] Apple macOS up to 10.12.3 apache_mod_php memory corruption
3813| [98607] Apple macOS up to 10.12.3 apache_mod_php denial of service
3814| [98606] Apple macOS up to 10.12.3 apache_mod_php denial of service
3815| [98605] Apple macOS up to 10.12.3 Apache denial of service
3816| [98604] Apple macOS up to 10.12.3 Apache denial of service
3817| [98603] Apple macOS up to 10.12.3 Apache denial of service
3818| [98602] Apple macOS up to 10.12.3 Apache denial of service
3819| [98601] Apple macOS up to 10.12.3 Apache denial of service
3820| [98517] Apache POI up to 3.14 OOXML File XXE denial of service
3821| [98405] Apache Hadoop up to 0.23.10 privilege escalation
3822| [98199] Apache Camel Validation XML External Entity
3823| [97892] Apache Tomcat up to 9.0.0.M15 Reverse-Proxy Http11InputBuffer.java information disclosure
3824| [97617] Apache Camel camel-snakeyaml Deserialization privilege escalation
3825| [97602] Apache Camel camel-jackson/camel-jacksonxml CamelJacksonUnmarshalType privilege escalation
3826| [97732] Apache Struts up to 2.3.31/2.5.10 Jakarta Multipart Parser Content-Type privilege escalation
3827| [97466] mod_auth_openidc up to 2.1.5 on Apache weak authentication
3828| [97455] mod_auth_openidc up to 2.1.4 on Apache weak authentication
3829| [97081] Apache Tomcat HTTPS Request denial of service
3830| [97162] EMC OpenText Documentum D2 BeanShell/Apache Commons privilege escalation
3831| [96949] Hanwha Techwin Smart Security Manager up to 1.5 Redis/Apache Felix Gogo privilege escalation
3832| [96314] Apache Cordova up to 6.1.1 on Android weak authentication
3833| [95945] Apple macOS up to 10.12.2 apache_mod_php denial of service
3834| [95944] Apple macOS up to 10.12.2 apache_mod_php denial of service
3835| [95943] Apple macOS up to 10.12.2 apache_mod_php memory corruption
3836| [95666] Oracle FLEXCUBE Direct Banking 12.0.0/12.0.1/12.0.2/12.0.3 Apache Commons Collections privilege escalation
3837| [95455] Apache NiFi up to 1.0.0/1.1.0 Connection Details Dialogue cross site scripting
3838| [95311] Apache Storm UI Daemon privilege escalation
3839| [95291] ZoneMinder 1.30.0 Apache httpd privilege escalation
3840| [94800] Apache Wicket up to 1.5.16/6.24.x Deserialize DiskFileItem denial of service
3841| [94705] Apache Qpid Broker for Java up to 6.1.0 SCRAM-SHA-1/SCRAM-SHA-256 User information disclosure
3842| [94627] Apache HTTP Server up to 2.4.24 mod_auth_digest Crash denial of service
3843| [94626] Apache HTTP Server up to 2.4.24 mod_session_crypto Padding weak encryption
3844| [94625] Apache HTTP Server up to 2.4.24 Response Split privilege escalation
3845| [94540] Apache Tika 1.9 tika-server File information disclosure
3846| [94600] Apache ActiveMQ up to 5.14.1 Administration Console cross site scripting
3847| [94348] Apple macOS up to 10.12.1 apache_mod_php denial of service
3848| [94347] Apple macOS up to 10.12.1 apache_mod_php denial of service
3849| [94346] Apple macOS up to 10.12.1 apache_mod_php denial of service
3850| [94345] Apple macOS up to 10.12.1 apache_mod_php denial of service
3851| [94344] Apple macOS up to 10.12.1 apache_mod_php denial of service
3852| [94343] Apple macOS up to 10.12.1 apache_mod_php memory corruption
3853| [94342] Apple macOS up to 10.12.1 apache_mod_php memory corruption
3854| [94128] Apache Tomcat up to 9.0.0.M13 Error information disclosure
3855| [93958] Apache HTTP Server up to 2.4.23 mod_http2 h2_stream.c denial of service
3856| [93874] Apache Subversion up to 1.8.16/1.9.4 mod_dontdothat XXE denial of service
3857| [93855] Apache Hadoop up to 2.6.4/2.7.2 HDFS Service privilege escalation
3858| [93609] Apache OpenMeetings 3.1.0 RMI Registry privilege escalation
3859| [93555] Apache Tika 1.6-1.13 jmatio MATLAB File privilege escalation
3860| [93799] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
3861| [93798] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
3862| [93797] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 HTTP Split privilege escalation
3863| [93796] Apache Tomcat up to 8.5.6/9.0.0.M11 HTTP/2 Header Parser denial of service
3864| [93532] Apache Commons Collections Library Java privilege escalation
3865| [93210] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 ResourceLinkFactory privilege escalation
3866| [93209] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Realm Authentication User information disclosure
3867| [93208] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 System Property Replacement information disclosure
3868| [93207] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Utility Method privilege escalation
3869| [93206] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Configuration privilege escalation
3870| [93098] Apache Commons FileUpload privilege escalation
3871| [92987] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Commons Collection memory corruption
3872| [92986] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Tomcat memory corruption
3873| [92982] Oracle Insurance IStream 4.3.2 Apache Commons Collections memory corruption
3874| [92981] Oracle Financial Services Lending and Leasing 14.1.0/14.2.0 Apache Commons Collections memory corruption
3875| [92979] Oracle up to 8.0.3 Apache Commons Collections memory corruption
3876| [92977] Oracle FLEXCUBE Universal Banking up to 12.2.0 Apache Commons Collections memory corruption
3877| [92976] Oracle FLEXCUBE Universal Banking 12.87.1/12.87.2 Apache Commons Collections memory corruption
3878| [92975] Oracle FLEXCUBE Private Banking up to 12.1.0 Apache Commons Collections memory corruption
3879| [92974] Oracle FLEXCUBE Investor Servicing 12.0.1 Apache Commons Collections memory corruption
3880| [92973] Oracle 12.0.0/12.1.0 Apache Commons Collections memory corruption
3881| [92972] Oracle FLEXCUBE Core Banking 11.5.0.0.0/11.6.0.0.0 Apache Commons Collections memory corruption
3882| [92962] Oracle Agile PLM 9.3.4/9.3.5 Apache Commons Collections memory corruption
3883| [92909] Oracle Agile PLM 9.3.4/9.3.5 Apache Tomcat unknown vulnerability
3884| [92786] Oracle Banking Digital Experience 15.1 Apache Commons Collections information disclosure
3885| [92549] Apache Tomcat on Red Hat privilege escalation
3886| [92509] Apache Tomcat JK ISAPI Connector up to 1.2.41 jk_uri_worker_map.c memory corruption
3887| [92314] Apache MyFaces Trinidad up to 1.0.13/1.2.15/2.0.1/2.1.1 CoreResponseStateManager memory corruption
3888| [92313] Apache Struts2 up to 2.3.28/2.5.0 Action Name Cleanup cross site request forgery
3889| [92299] Apache Derby up to 10.12.1.0 SqlXmlUtil XML External Entity
3890| [92217] Apache ActiveMQ Artemis up to 1.3.x Broker/REST GetObject privilege escalation
3891| [92174] Apache Ranger up to 0.6.0 Policy cross site scripting
3892| [91831] Apache Jackrabbit up to 2.13.2 HTTP Header cross site request forgery
3893| [91825] Apache Zookeeper up to 3.4.8/3.5.2 C CLI Shell memory corruption
3894| [91818] Apache CXF Fediz up to 1.2.2/1.3.0 Application Plugin privilege escalation
3895| [92056] Apple macOS up to 10.11 apache_mod_php memory corruption
3896| [92055] Apple macOS up to 10.11 apache_mod_php memory corruption
3897| [92054] Apple macOS up to 10.11 apache_mod_php denial of service
3898| [92053] Apple macOS up to 10.11 apache_mod_php denial of service
3899| [92052] Apple macOS up to 10.11 apache_mod_php denial of service
3900| [92051] Apple macOS up to 10.11 apache_mod_php memory corruption
3901| [92050] Apple macOS up to 10.11 apache_mod_php denial of service
3902| [92049] Apple macOS up to 10.11 apache_mod_php memory corruption
3903| [92048] Apple macOS up to 10.11 apache_mod_php denial of service
3904| [92047] Apple macOS up to 10.11 apache_mod_php memory corruption
3905| [92046] Apple macOS up to 10.11 apache_mod_php memory corruption
3906| [92045] Apple macOS up to 10.11 apache_mod_php memory corruption
3907| [92044] Apple macOS up to 10.11 apache_mod_php memory corruption
3908| [92043] Apple macOS up to 10.11 apache_mod_php denial of service
3909| [92042] Apple macOS up to 10.11 apache_mod_php memory corruption
3910| [92041] Apple macOS up to 10.11 apache_mod_php memory corruption
3911| [92040] Apple macOS up to 10.11 Apache Proxy privilege escalation
3912| [91785] Apache Shiro up to 1.3.1 Servlet Filter privilege escalation
3913| [90879] Apache OpenMeetings up to 3.1.1 SWF Panel cross site scripting
3914| [90878] Apache Sentry up to 1.6.x Blacklist Filter reflect/reflect2/java_method privilege escalation
3915| [90610] Apache POI up to 3.13 XLSX2CSV Example OpenXML Document XML External Entity
3916| [90584] Apache ActiveMQ up to 5.11.3/5.12.2/5.13/1 Administration Web Console privilege escalation
3917| [90385] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site scripting
3918| [90384] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site request forgery
3919| [90383] Apache OpenOffice up to 4.1.2 Impress File memory corruption
3920| [89670] Apache Tomcat up to 8.5.4 CGI Servlet Environment Variable Open Redirect
3921| [89669] Apache HTTP Server up to 2.4.23 RFC 3875 Namespace Conflict Environment Variable Open Redirect
3922| [89726] Apple Mac OS X up to 10.11.5 apache_mod_php memory corruption
3923| [89484] Apache Qpid up to 0.13.0 on Windows Proton Library Certificate weak authentication
3924| [89473] HPE iMC PLAT/EAD/APM/iMC NTA/iMC BIMS/iMC UAM_TAM up to 7.2 Apache Commons Collections Library Command privilege escalation
3925| [90263] Apache Archiva Header denial of service
3926| [90262] Apache Archiva Deserialize privilege escalation
3927| [90261] Apache Archiva XML DTD Connection privilege escalation
3928| [88827] Apache Xerces-C++ up to 3.1.3 DTD Stack-Based memory corruption
3929| [88747] Apache HTTP Server 2.4.17/2.4.18 mod_http2 denial of service
3930| [88608] Apache Struts up to 2.3.28.1/2.5.0 URLValidator Null Value denial of service
3931| [88607] Apache Struts up to 2.3.28.1 REST Plugin Expression privilege escalation
3932| [88606] Apache Struts up to 2.3.28.1 Restriction privilege escalation
3933| [88605] Apache Struts up to 2.3.28.1 Restriction privilege escalation
3934| [88604] Apache Struts up to 2.3.28.1 Token Validator cross site request forgery
3935| [88603] Apache Commons FileUpload up to 1.3.1 MultipartStream denial of service
3936| [88602] Apache Struts up to 1.3.10 ActionServlet.java cross site scripting
3937| [88601] Apache Struts up to 1.3.10 Multithreading ActionServlet.java memory corruption
3938| [88600] Apache Struts up to 1.3.10 MultiPageValidator privilege escalation
3939| [89005] Apache Qpid AMQP JMS Client getObject privilege escalation
3940| [87888] Apache Ranger up to 0.5.2 Policy Admin Tool eventTime sql injection
3941| [87835] Apache CloudStack up to 4.5.2.0/4.6.2.0/4.7.1.0/4.8.0.0 SAML-based Authentication privilege escalation
3942| [87806] HPE Discovery and Dependency Mapping Inventory up to 9.32 update 3 Apache Commons Collections Library privilege escalation
3943| [87805] HPE Universal CMDB up to 10.21 Apache Commons Collections Library privilege escalation
3944| [87768] Apache Shiro up to 1.2.4 Cipher Key privilege escalation
3945| [87765] Apache James Server 2.3.2 Command privilege escalation
3946| [88667] Apache HTTP Server up to 2.4.20 mod_http2 Certificate weak authentication
3947| [87718] Apache Struts up to 2.3.24.1 OGNL Caching denial of service
3948| [87717] Apache Struts up to 2.3.28 REST Plugin privilege escalation
3949| [87706] Apache Qpid Java up to 6.0.2 AMQP privilege escalation
3950| [87703] Apache Qbid Java up to 6.0.2 PlainSaslServer.java denial of service
3951| [87702] Apache ActiveMQ up to 5.13.x Fileserver Web Application Upload privilege escalation
3952| [87700] Apache PDFbox up to 1.8.11/2.0.0 XML Parser PDF Document XML External Entity
3953| [87679] HP Release Control 9.13/9.20/9.21 Apache Commons Collections Library Java Object privilege escalation
3954| [87540] Apache Ambari up to 2.2.0 File Browser View information disclosure
3955| [87433] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
3956| [87432] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
3957| [87431] Apple Mac OS X up to 10.11.4 apache_mod_php Format String
3958| [87430] Apple Mac OS X up to 10.11.4 apache_mod_php denial of service
3959| [87429] Apple Mac OS X up to 10.11.4 apache_mod_php information disclosure
3960| [87428] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
3961| [87427] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
3962| [87389] Apache Xerces C++ up to 3.1.3 XML Document DTDScanner.cpp memory corruption
3963| [87172] Adobe ColdFusion 11 Update 7/2016/up to 10 Update 18 Apache Commons Collections Library privilege escalation
3964| [87121] Apache Cordova iOS up to 3.x Plugin privilege escalation
3965| [87120] Apache Cordova iOS up to 3.x URL Whitelist privilege escalation
3966| [83806] HPE Network Node Manager i up to 10.01 Apache Commons Collections Library privilege escalation
3967| [83077] Apache Subversion up to 1.8.15/1.9.3 mod_authz_svn mod_authz_svn.c denial of service
3968| [83076] Apache Subversion up to 1.8.15/1.9.3 svnserve svnserve/cyrus_auth.c privilege escalation
3969| [82790] Apache Struts 2.0.0/2.3.24/2.3.28 Dynamic Method privilege escalation
3970| [82789] Apache Struts 2.0.0/2.3.24/2.3.28 XSLTResult privilege escalation
3971| [82725] HPE P9000 Command View up to 7.x/8.4.0 Apache Commons Collections Library privilege escalation
3972| [82444] Apache Camel up to 2.14.x/2.15.4/2.16.0 HTTP Request privilege escalation
3973| [82389] Apache Subversion up to 1.7.x/1.8.14/1.9.2 mod_dav_svn util.c memory corruption
3974| [82280] Apache Struts up to 1.7 JRE URLDecoder cross site scripting
3975| [82260] Apache OFBiz up to 12.04.05/13.07.02 Java Object privilege escalation
3976| [82259] Apache Qpid Proton up to 0.12.0 proton.reactor.Connector weak encryption
3977| [82250] Apache Ranger up to 0.5.0 Admin UI weak authentication
3978| [82214] Apache Wicket up to 1.5.14/6.21.x/7.1.x Input Element cross site scripting
3979| [82213] Apache Wicket up to 1.5.14/6.21.x/7.1.x ModalWindow Title getWindowOpenJavaScript cross site scripting
3980| [82212] Apache Ranger up to 0.5.0 Policy Admin Tool privilege escalation
3981| [82211] Apache OFBiz up to 12.04.06/13.07.02 ModelFormField.java DisplayEntityField.getDescription cross site scripting
3982| [82082] Apache JetSpeed up to 2.3.0 User Manager Service privilege escalation
3983| [82081] Apache OpenMeetings up to 3.1.0 SOAP API information disclosure
3984| [82080] Apache OpenMeetings up to 3.1.0 Event cross site scripting
3985| [82078] Apache OpenMeetings up to 3.1.0 Import/Export System Backup ZIP Archive directory traversal
3986| [82077] Apache OpenMeetings up to 3.1.0 Password Reset sendHashByUser privilege escalation
3987| [82076] Apache Ranger up to 0.5.1 privilege escalation
3988| [82075] Apache JetSpeed up to 2.3.0 Portal cross site scripting
3989| [82074] Apache JetSpeed up to 2.3.0 cross site scripting
3990| [82073] Apache JetSpeed up to 2.3.0 User Manager Service sql injection
3991| [82072] Apache JetSpeed up to 2.3.0 Portal Site Manager ZIP Archive directory traversal
3992| [82058] Apache LDAP Studio/Directory Studio up to 2.0.0-M9 CSV Export privilege escalation
3993| [82053] Apache Ranger up to 0.4.x Policy Admin Tool privilege escalation
3994| [82052] Apache Ranger up to 0.4.x Policy Admin Tool HTTP Request cross site scripting
3995| [81696] Apache ActiveMQ up to 5.13.1 HTTP Header privilege escalation
3996| [81695] Apache Xerces-C up to 3.1.2 internal/XMLReader.cpp memory corruption
3997| [81622] HPE Asset Manager 9.40/9.41/9.50 Apache Commons Collections Library Java Object privilege escalation
3998| [81406] HPE Service Manager up to 9.35 P3/9.41 P1 Apache Commons Collections Library Command privilege escalation
3999| [81405] HPE Operations Orchestration up to 10.50 Apache Commons Collections Library Command privilege escalation
4000| [81427] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
4001| [81426] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
4002| [81372] Apache Struts up to 2.3.24.1 I18NInterceptor cross site scripting
4003| [81371] Apache Struts up to 2.3.24.1 Double OGNL Evaluation privilege escalation
4004| [81370] Apache Struts up to 2.3.24.1 Java URLDecoder cross site scripting
4005| [81084] Apache Tomcat 6.0/7.0/8.0/9.0 ServletContext directory traversal
4006| [81083] Apache Tomcat 7.0/8.0/9.0 Index Page cross site request forgery
4007| [81082] Apache Tomcat 7.0/8.0/9.0 ResourceLinkFactory.setGlobalContext privilege escalation
4008| [81081] Apache Tomcat 6.0/7.0/8.0/9.0 Error information disclosure
4009| [81080] Apache Tomcat 6.0/7.0/8.0/9.0 Session Persistence privilege escalation
4010| [81079] Apache Tomcat 6.0/7.0/8.0/9.0 StatusManagerServlet information disclosure
4011| [81078] Apache Tomcat 7.0/8.0/9.0 Session privilege escalation
4012| [80970] Apache Solr up to 5.3.0 Admin UI plugins.js cross site scripting
4013| [80969] Apache Solr up to 5.2 Schema schema-browser.js cross site scripting
4014| [80968] Apache Solr up to 5.0 analysis.js cross site scripting
4015| [80940] HP Continuous Delivery Automation 1.30 Apache Commons Collections Library privilege escalation
4016| [80823] Apache CloudStack up to 4.5.1 KVM Virtual Machine Migration privilege escalation
4017| [80822] Apache CloudStack up to 4.5.1 API Call information disclosure
4018| [80778] Apache Camel up to 2.15.4/2.16.0 camel-xstream privilege escalation
4019| [80750] HPE Operations Manager 8.x/9.0 on Windows Apache Commons Collections Library privilege escalation
4020| [80724] Apache Hive up to 1.2.1 Authorization Framework privilege escalation
4021| [80577] Oracle Secure Global Desktop 4.63/4.71/5.2 Apache HTTP Server denial of service
4022| [80165] Intel McAfee ePolicy Orchestrator up to 4.6.9/5.0.3/5.3.1 Apache Commons Collections Library privilege escalation
4023| [80116] Apache Subversion up to 1.9.2 svn Protocol libsvn_ra_svn/marshal.c read_string memory corruption
4024| [80115] Apache ActiveMQ up to 5.12.x Broker Service privilege escalation
4025| [80036] IBM Cognos Business Intelligence Apache Commons Collections Library InvokerTransformer privilege escalation
4026| [79873] VMware vCenter Operations/vRealize Orchestrator Apache Commons Collections Library Serialized Java Object privilege escalation
4027| [79840] Apache Cordova File Transfer Plugin up to 1.2.x on Android unknown vulnerability
4028| [79839] Apache TomEE Serialized Java Stream EjbObjectInputStream privilege escalation
4029| [79791] Cisco Products Apache Commons Collections Library privilege escalation
4030| [79539] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
4031| [79538] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
4032| [79294] Apache Cordova-Android up to 3.6 BridgeSecret Random Generator weak encryption
4033| [79291] Apache Cordova-Android up to 4.0 Javascript Whitelist privilege escalation
4034| [79244] Apache CXF up to 2.7.17/3.0.7/3.1.2 SAML Web SSO Module SAML Response weak authentication
4035| [79243] Oracle WebLogic Server 10.3.6.0/12.1.2.0/12.1.3.0/12.2.1.0 WLS Security com.bea.core.apache.commons.collections.jar privilege escalation
4036| [78989] Apache Ambari up to 2.1.1 Open Redirect
4037| [78988] Apache Ambari up to 2.0.1/2.1.0 Password privilege escalation
4038| [78987] Apache Ambari up to 2.0.x cross site scripting
4039| [78986] Apache Ambari up to 2.0.x Proxy Endpoint api/v1/proxy privilege escalation
4040| [78780] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
4041| [78779] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
4042| [78778] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
4043| [78777] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
4044| [78776] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
4045| [78775] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
4046| [78774] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
4047| [78297] Apache Commons Components HttpClient up to 4.3.5 HTTPS Timeout denial of service
4048| [77406] Apache Flex BlazeDS AMF Message XML External Entity
4049| [77429] Apache ActiveMQ up to 5.10.0 LDAPLoginModule privilege escalation
4050| [77399] Apache ActiveMQ up to 5.10.0 LDAPLoginModule weak authentication
4051| [77375] Apache Tapestry up to 5.3.5 Client-Side Object Storage privilege escalation
4052| [77331] Apache ActiveMQ up to 5.11.1 on Windows Fileserver Upload/Download directory traversal
4053| [77299] Apache Solr Real-Time Module up to 7.x-1.1 Index Content information disclosure
4054| [77247] Apache ActiveMQ up to 5.10 TransportConnection.java processControlCommand denial of service
4055| [77083] Apache Groovy up to 2.4.3 MethodClosure.java MethodClosure memory corruption
4056| [76953] Apache Subversion 1.7.0/1.8.0/1.8.10 svn_repos_trace_node_locations information disclosure
4057| [76952] Apache Subversion 1.7.0/1.8.0/1.8.10 mod_authz_svn anonymous/authenticated information disclosure
4058| [76567] Apache Struts 2.3.20 unknown vulnerability
4059| [76733] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 ap_some_auth_required unknown vulnerability
4060| [76732] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 Request apr_brigade_flatten privilege escalation
4061| [76731] Apache HTTP Server 2.4.12 ErrorDocument 400 Crash denial of service
4062| [75690] Apache Camel up to 2.13.3/2.14.1 XPathBuilder.java XML External Entity
4063| [75689] Apache Camel up to 2.13.3/2.14.1 XML Converter Setup XmlConverter.java SAXSource privilege escalation
4064| [75668] Apache Sling API/Sling Servlets Post up to 2.2.1 HtmlResponse cross site scripting
4065| [75601] Apache Jackrabbit up to 2.10.0 WebDAV Request XML External Entity
4066| [75420] Apache Tomcat up to 6.0.43/7.0.58/8.0.16 Security Manager privilege escalation
4067| [75145] Apache OpenOffice up to 4.1.1 HWP Filter Crash denial of service
4068| [75032] Apache Tomcat Connectors up to 1.2.40 mod_jk privilege escalation
4069| [75135] PHP 5.4/5.5 HTTP Request sapi_apache2.c apache2handler privilege escalation
4070| [74793] Apache Tomcat File Upload denial of service
4071| [74708] Apple MacOS X up to 10.10.2 Apache denial of service
4072| [74707] Apple MacOS X up to 10.10.2 Apache denial of service
4073| [74706] Apple MacOS X up to 10.10.2 Apache memory corruption
4074| [74705] Apple MacOS X up to 10.10.2 Apache denial of service
4075| [74704] Apple MacOS X up to 10.10.2 Apache denial of service
4076| [74703] Apple MacOS X up to 10.10.2 Apache denial of service
4077| [74702] Apple MacOS X up to 10.10.2 Apache denial of service
4078| [74701] Apple MacOS X up to 10.10.2 Apache cross site request forgery
4079| [74700] Apple MacOS X up to 10.10.2 Apache unknown vulnerability
4080| [74661] Apache Flex up to 4.14.0 asdoc index.html cross site scripting
4081| [74609] Apache Cassandra up to 1.2.19/2.0.13/2.1.3 JMX/RMI Interface privilege escalation
4082| [74469] Apache Xerces-C up to 7.0 internal/XMLReader.cpp denial of service
4083| [74468] Apache Batik up to 1.6 denial of service
4084| [74414] Apache Mod-gnutls up to 0.5.1 Authentication spoofing
4085| [74371] Apache Standard Taglibs up to 1.2.0 memory corruption
4086| [74367] Apache HTTP Server up to 2.4.12 mod_lua lua_request.c wsupgrade denial of service
4087| [74174] Apache WSS4J up to 2.0.0 privilege escalation
4088| [74172] Apache ActiveMQ up to 5.5.0 Administration Console cross site scripting
4089| [69092] Apache Tomcat up to 6.0.42/7.0.54/8.0.8 HTTP Request Smuggling privilege escalation
4090| [73831] Apache Qpid up to 0.30 Access Restriction unknown vulnerability
4091| [73731] Apache XML Security unknown vulnerability
4092| [68660] Oracle BI Publisher 10.1.3.4.2/11.1.1.7 Apache Tomcat cross site scripting
4093| [73659] Apache CloudStack up to 4.3.0 Stack-Based unknown vulnerability
4094| [73593] Apache Traffic Server up to 5.1.0 denial of service
4095| [73511] Apache POI up to 3.10 Deadlock denial of service
4096| [73510] Apache Solr up to 4.3.0 cross site scripting
4097| [68447] Apache Subversion up to 1.7.18/1.8.10 mod_dav_svn Crash denial of service
4098| [68446] Apache Subversion up to 1.7.18/1.8.10 REPORT Request Crash denial of service
4099| [73173] Apache CloudStack Stack-Based unknown vulnerability
4100| [68357] Apache Struts up to 2.3.16.3 Random Number Generator cross site request forgery
4101| [73106] Apache Hadoop up to 2.4.0 Symlink privilege escalation
4102| [68575] Apache HTTP Server up to 2.4.10 LuaAuthzProvider mod_lua.c privilege escalation
4103| [72890] Apache Qpid 0.30 unknown vulnerability
4104| [72887] Apache Hive 0.13.0 File Permission privilege escalation
4105| [72878] Apache Cordova 3.5.0 cross site request forgery
4106| [72877] Apache Cordova 3.5.0 cross site request forgery
4107| [72876] Apache Cordova 3.5.0 cross site request forgery
4108| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
4109| [68065] Apache CXF up to 3.0.1 JAX-RS SAML denial of service
4110| [68064] Apache CXF up to 3.0.0 SAML Token denial of service
4111| [67913] Oracle Retail Markdown Optimization 12.0/13.0/13.1/13.2/13.4 Apache commons-beanutils-1.8.0.jar memory corruption
4112| [67912] Oracle Retail Invoice Matching up to 14.0 Apache commons-beanutils-1.8.0.jar memory corruption
4113| [67911] Oracle Retail Clearance Optimization Engine 13.3/13.4/14.0 Apache commons-beanutils-1.8.0.jar memory corruption
4114| [67910] Oracle Retail Allocation up to 13.2 Apache commons-beanutils-1.8.0.jar memory corruption
4115| [71835] Apache Shiro 1.0.0/1.1.0/1.2.0/1.2.1/1.2.2 unknown vulnerability
4116| [71633] Apachefriends XAMPP 1.8.1 cross site scripting
4117| [71629] Apache Axis2/C spoofing
4118| [67633] Apple Mac OS X up to 10.9.4 apache_mod_php ext/standard/dns.c dns_get_record memory corruption
4119| [67631] Apple Mac OS X up to 10.9.4 apache_mod_php Symlink memory corruption
4120| [67630] Apple Mac OS X up to 10.9.4 apache_mod_php cdf_read_property_info denial of service
4121| [67629] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_count_chain denial of service
4122| [67628] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_check_stream_offset denial of service
4123| [67627] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c mconvert memory corruption
4124| [67626] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c denial of service
4125| [67625] Apple Mac OS X up to 10.9.4 apache_mod_php Crash denial of service
4126| [67624] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_property_info denial of service
4127| [67623] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_unpack_summary_info denial of service
4128| [67622] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_short_sector denial of service
4129| [67620] Apple Mac OS X up to 10.9.4 apache_mod_php magic/Magdir/commands denial of service
4130| [67790] Apache HTTP Server mod_cache NULL Pointer Dereference denial of service
4131| [67522] Apache Tomcat up to 7.0.39 JSP Upload privilege escalation
4132| [70809] Apache POI up to 3.11 Crash denial of service
4133| [70808] Apache POI up to 3.10 unknown vulnerability
4134| [70806] Apache Commons-httpclient 4.2/4.2.1/4.2.2 spoofing
4135| [70749] Apache Axis up to 1.4 getCN spoofing
4136| [70701] Apache Traffic Server up to 3.3.5 denial of service
4137| [70700] Apache OFBiz up to 12.04.03 cross site scripting
4138| [67402] Apache OpenOffice 4.0.0/4.0.1/4.1.0 Calc privilege escalation
4139| [67401] Apache OpenOffice up to 4.1.0 OLE Object information disclosure
4140| [70661] Apache Subversion up to 1.6.17 denial of service
4141| [70660] Apache Subversion up to 1.6.17 spoofing
4142| [70659] Apache Subversion up to 1.6.17 spoofing
4143| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
4144| [67180] Apache HTTP Server up to 2.4.9 WinNT MPM Memory Leak denial of service
4145| [67185] Apache HTTP Server up to 2.4.9 mod_status Heap-Based memory corruption
4146| [67184] Apache HTTP Server 2.4.5/2.4.6 mod_cache NULL Pointer Dereference denial of service
4147| [67182] Apache HTTP Server up to 2.4.9 mod_deflate Memory Consumption denial of service
4148| [67181] Apache HTTP Server up to 2.4.9 mod_cgid denial of service
4149| [70338] Apache Syncope up to 1.1.7 unknown vulnerability
4150| [70295] Apache CXF up to 2.7.9 Cleartext information disclosure
4151| [70106] Apache Open For Business Project up to 10.04.0 getServerError cross site scripting
4152| [70105] Apache MyFaces up to 2.1.5 JavaServer Faces directory traversal
4153| [69846] Apache HBase up to 0.94.8 information disclosure
4154| [69783] Apache CouchDB up to 1.2.0 memory corruption
4155| [13383] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 XML Parser privilege escalation
4156| [13300] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi setuid privilege escalation
4157| [13299] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi Content-Type Header information disclosure
4158| [13164] Apache CXF up to 2.6.13/2.7.10 SOAP OutgoingChainInterceptor.java Invalid Content denial of service
4159| [13163] Apache CXF up to 2.6.13/2.7.10 SOAP HTML Content denial of service
4160| [13158] Apache Struts up to 2.3.16.2 ParametersInterceptor getClass privilege escalation
4161| [69515] Apache Struts up to 2.3.15.0 CookieInterceptor memory corruption
4162| [13086] Apache Struts up to 1.3.10 Class Loader privilege escalation
4163| [13067] Apache Struts up to 2.3.16.1 Class Loader privilege escalation
4164| [69431] Apache Archiva up to 1.3.6 cross site scripting
4165| [69385] Apache Syncope up to 1.1.6 unknown vulnerability
4166| [69338] Apache Xalan-Java up to 2.7.1 system-property unknown vulnerability
4167| [12742] Trustwave ModSecurity up to 2.7.5 Chunk Extension apache2/modsecurity.c modsecurity_tx_init privilege escalation
4168| [12741] Trustwave ModSecurity up to 2.7.6 Chunked HTTP Transfer apache2/modsecurity.c modsecurity_tx_init Trailing Header privilege escalation
4169| [13387] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Content-Length Header privilege escalation
4170| [13386] Apache Tomcat Security Manager up to 6.0.39/7.0.53/8.0.5 XSLT privilege escalation
4171| [13385] Apache Tomcat 8.0.0/8.0.1/8.0.3 AJP Request Zero Length denial of service
4172| [13384] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Chunked HTTP Request denial of service
4173| [12748] Apache CouchDB 1.5.0 UUIDS /_uuids denial of service
4174| [66739] Apache Camel up to 2.12.2 unknown vulnerability
4175| [66738] Apache Camel up to 2.12.2 unknown vulnerability
4176| [12667] Apache HTTP Server 2.4.7 mod_log_config.c log_cookie denial of service
4177| [66695] Apache CouchDB up to 1.2.0 cross site scripting
4178| [66694] Apache CouchDB up to 1.2.0 Partition partition2 directory traversal
4179| [66689] Apache HTTP Server up to 2.0.33 mod_dav dav_xml_get_cdata denial of service
4180| [12518] Apache Tomcat up to 6.0.38/7.0.49/8.0.0-RC9 HTTP Header denial of service
4181| [66498] Apache expressions up to 3.3.0 Whitelist unknown vulnerability
4182| [12781] Apache Struts up to 2.3.8 ParametersInterceptor getClass denial of service
4183| [12439] Apache Tomcat 6.0.33 XML XXE information disclosure
4184| [12438] Apache Tomcat 6.0.33/6.0.34/6.0.35/6.0.36/6.0.37 coyoteadapter.java disableURLRewriting privilege escalation
4185| [66356] Apache Wicket up to 6.8.0 information disclosure
4186| [12209] Apache Tomcat 7.0.0/7.0.50/8.0.0-RC1/8.0.1 Content-Type Header for Multi-Part Request Infinite Loop denial of service
4187| [66322] Apache ActiveMQ up to 5.8.0 cross site scripting
4188| [12291] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
4189| [66255] Apache Open For Business Project up to 10.04.3 cross site scripting
4190| [66200] Apache Hadoop up to 2.0.5 Security Feature information disclosure
4191| [66072] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
4192| [66068] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
4193| [11928] Oracle Secure Global Desktop up to 4.71 Apache Tomcat unknown vulnerability
4194| [11924] Oracle Secure Global Desktop up to 4.63 Apache Tomcat denial of service
4195| [11922] Oracle Secure Global Desktop up to 4.63 Apache Tomcat unknown vulnerability
4196| [66049] Apache XML Security for Java up to 1.4.6 Memory Consumption denial of service
4197| [12199] Apache Subversion up to 1.8.5 mod_dav_svn/repos.c get_resource denial of service
4198| [65946] askapache Firefox Adsense up to 3.0 askapache-firefox-adsense.php cross site request forgery
4199| [65668] Apache Solr 4.0.0 Updater denial of service
4200| [65665] Apache Solr up to 4.3.0 denial of service
4201| [65664] Apache Solr 3.6.0/3.6.1/3.6.2/4.0.0 Updater denial of service
4202| [65663] Apache Solr up to 4.5.1 ResourceLoader directory traversal
4203| [65658] Apache roller 4.0/4.0.1/5.0/5.0.1 unknown vulnerability
4204| [65657] Apache Roller 4.0/4.0.1/5.0/5.0.1 cross site scripting
4205| [11325] Apache Subversion 1.7.13 mod_dontdothat Bypass denial of service
4206| [11324] Apache Subversion up to 1.8.4 mod_dav_svn denial of service
4207| [11098] Apache Tomcat 5.5.25 HTTP Request cross site request forgery
4208| [65410] Apache Struts 2.3.15.3 cross site scripting
4209| [65386] Apache Solr up to 2.2.1 on TYPO3 cross site scripting
4210| [65385] Apache Solr up to 2.2.1 on TYPO3 unknown vulnerability
4211| [11044] Apache Struts 2.3.15.3 showConfig.action cross site scripting
4212| [11043] Apache Struts 2.3.15.3 actionNames.action cross site scripting
4213| [11018] cPanel WHM up to 11.40.0.11 Apache mod_userdir Tweak Interface privilege escalation
4214| [65342] Apache Sling 1.0.2/1.0.4/1.0.6/1.1.0/1.1.2 Auth Core cross site scripting
4215| [65340] Apache Shindig 2.5.0 information disclosure
4216| [65316] Apache Mod Fcgid up to 2.3.7 mod_fcgid fcgid_bucket.c fcgid_header_bucket_read memory corruption
4217| [65313] Apache Sling 2.2.0/2.3.0 AbstractCreateOperation.java deepGetOrCreateNode denial of service
4218| [10826] Apache Struts 2 File privilege escalation
4219| [65204] Apache Camel up to 2.10.1 unknown vulnerability
4220| [10460] Apache Struts 2.0.0/2.3.15.1 Action Mapping Mechanism Bypass privilege escalation
4221| [10459] Apache Struts 2.0.0/2.3.15 Dynamic Method Invocation unknown vulnerability
4222| [10160] Apache Subversion 1.8.0/1.8.1/1.8.2 svnwcsub.py handle_options race condition
4223| [10159] Apache Subversion up to 1.8.2 svnserve write_pid_file race condition
4224| [10158] Apache Subversion 1.8.0/1.8.1/1.8.2 daemonize.py daemon::daemonize race condition
4225| [10157] Apache Subversion up to 1.8.1 FSFS Repository Symlink privilege escalation
4226| [64808] Fail2ban up to 0.8.9 apache-auth.conf denial of service
4227| [64760] Best Practical RT up to 4.0.12 Apache::Session::File information disclosure
4228| [64722] Apache XML Security for C++ Heap-based memory corruption
4229| [64719] Apache XML Security for C++ Heap-based memory corruption
4230| [64718] Apache XML Security for C++ verify denial of service
4231| [64717] Apache XML Security for C++ getURIBaseTXFM memory corruption
4232| [64716] Apache XML Security for C++ spoofing
4233| [64701] Apache CXF up to 2.7.3 XML Parser Memory Consumption denial of service
4234| [64700] Apache CloudStack up to 4.1.0 Stack-Based cross site scripting
4235| [64667] Apache Open For Business Project up to 10.04.04 unknown vulnerability
4236| [64666] Apache Open For Business Project up to 10.04.04 cross site scripting
4237| [9891] Apache HTTP Server 2.2.22 suEXEC Feature .htaccess information disclosure
4238| [64509] Apache ActiveMQ up to 5.8.0 scheduled.jsp cross site scripting
4239| [9826] Apache Subversion up to 1.8.0 mod_dav_svn denial of service
4240| [9683] Apache HTTP Server 2.4.5 mod_session_dbd denial of service
4241| [64485] Apache Struts up to 2.2.3.0 privilege escalation
4242| [9568] Apache Struts up to 2.3.15 DefaultActionMapper cross site request forgery
4243| [9567] Apache Struts up to 2.3.15 DefaultActionMapper memory corruption
4244| [64467] Apache Geronimo 3.0 memory corruption
4245| [64466] Apache OpenJPA up to 2.2.1 Serialization memory corruption
4246| [64457] Apache Struts up to 2.2.3.0 cross site scripting
4247| [64326] Alejandro Garza Apachesolr Autocomplete up to 7.x-1.1 cross site scripting
4248| [9184] Apache Qpid up to 0.20 SSL misconfiguration
4249| [8935] Apache Subversion up to 1.7.9 FSFS Format Repository denial of service
4250| [8934] Apache Subversion up to 1.7.9 Svnserve Server denial of service
4251| [8933] Apache Subversion up to 1.6.21 check-mime-type.pl svnlook memory corruption
4252| [8932] Apache Subversion up to 1.6.21 svn-keyword-check.pl svnlook changed memory corruption
4253| [9022] Apache Struts up to 2.3.14.2 OGNL Expression memory corruption
4254| [8873] Apache Struts 2.3.14 privilege escalation
4255| [8872] Apache Struts 2.3.14 privilege escalation
4256| [8746] Apache HTTP Server Log File Terminal Escape Sequence Filtering mod_rewrite.c do_rewritelog privilege escalation
4257| [8666] Apache Tomcat up to 7.0.32 AsyncListener information disclosure
4258| [8665] Apache Tomcat up to 7.0.29 Chunked Transfer Encoding Extension Size denial of service
4259| [8664] Apache Tomcat up to 7.0.32 FORM Authentication weak authentication
4260| [64075] Apache Subversion up to 1.7.7 mod_dav_svn Crash denial of service
4261| [64074] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
4262| [64073] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
4263| [64072] Apache Subversion up to 1.7.7 mod_dav_svn NULL Pointer Dereference denial of service
4264| [64071] Apache Subversion up to 1.7.8 mod_dav_svn Memory Consumption denial of service
4265| [8768] Apache Struts up to 2.3.14 on Mac EL and OGNL Interpreter memory corruption
4266| [64006] Apache ActiveMQ up to 5.7.0 denial of service
4267| [64005] Apache ActiveMQ up to 5.7.0 Default Configuration denial of service
4268| [64004] Apache ActiveMQ up to 5.7.0 PortfolioPublishServlet.java cross site scripting
4269| [8427] Apache Tomcat Session Transaction weak authentication
4270| [63960] Apache Maven 3.0.4 Default Configuration spoofing
4271| [63751] Apache qpid up to 0.20 qpid::framing::Buffer denial of service
4272| [63750] Apache qpid up to 0.20 checkAvailable denial of service
4273| [63749] Apache Qpid up to 0.20 Memory Consumption denial of service
4274| [63748] Apache Qpid up to 0.20 Default Configuration denial of service
4275| [63747] Apache Rave up to 0.20 User Account information disclosure
4276| [7889] Apache Subversion up to 1.6.17 mod_dav_svn/svn_fs_file_length() denial of service
4277| [63646] Apache HTTP Server up to 2.2.23/2.4.3 mod_proxy_balancer.c balancer_handler cross site scripting
4278| [7688] Apache CXF up to 2.7.1 WSS4JInterceptor Bypass weak authentication
4279| [7687] Apache CXF up to 2.7.2 Token weak authentication
4280| [63334] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
4281| [63299] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
4282| [7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting
4283| [7075] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector NioEndpoint.java denial of service
4284| [7074] Apache Tomcat up to 6.0.35/7.0.29 FORM Authentication RealmBase.java weak authentication
4285| [7073] Apache Tomcat up to 6.0.35/7.0.31 CSRF Prevention Filter cross site request forgery
4286| [63090] Apache Tomcat up to 4.1.24 denial of service
4287| [63089] Apache HTTP Server up to 2.2.13 mod_proxy_ajp denial of service
4288| [62933] Apache Tomcat up to 5.5.0 Access Restriction unknown vulnerability
4289| [62929] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector Memory Consumption denial of service
4290| [62833] Apache CXF -/2.6.0 spoofing
4291| [62832] Apache Axis2 up to 1.6.2 spoofing
4292| [62831] Apache Axis up to 1.4 Java Message Service spoofing
4293| [62830] Apache Commons-httpclient 3.0 Payments spoofing
4294| [62826] Apache Libcloud up to 0.11.0 spoofing
4295| [62757] Apache Open For Business Project up to 10.04.0 unknown vulnerability
4296| [8830] Red Hat JBoss Enterprise Application Platform 6.0.1 org.apache.catalina.connector.Response.encodeURL information disclosure
4297| [62661] Apache Axis2 unknown vulnerability
4298| [62658] Apache Axis2 unknown vulnerability
4299| [62467] Apache Qpid up to 0.17 denial of service
4300| [62417] Apache CXF 2.4.7/2.4.8/2.5.3/2.5.4/2.6.1 spoofing
4301| [6301] Apache HTTP Server mod_pagespeed cross site scripting
4302| [6300] Apache HTTP Server mod_pagespeed Hostname information disclosure
4303| [6123] Apache Wicket up to 1.5.7 Ajax Link cross site scripting
4304| [62035] Apache Struts up to 2.3.4 denial of service
4305| [61916] Apache QPID 0.5/0.6/0.14/0.16 unknown vulnerability
4306| [6998] Apache Tomcat 5.5.35/6.0.35/7.0.28 DIGEST Authentication Session State Caching privilege escalation
4307| [6997] Apache Tomcat 5.5.35/6.0.35/7.0.28 HTTP Digest Authentication Implementation privilege escalation
4308| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
4309| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
4310| [61507] Apache POI up to 3.8 UnhandledDataStructure denial of service
4311| [6070] Apache Struts up to 2.3.4 Token Name Configuration Parameter privilege escalation
4312| [6069] Apache Struts up to 2.3.4 Request Parameter OGNL Expression denial of service
4313| [5764] Oracle Solaris 10 Apache HTTP Server information disclosure
4314| [5700] Oracle Secure Backup 10.3.0.3/10.4.0.1 Apache denial of service
4315| [61255] Apache Hadoop 2.0.0 Kerberos unknown vulnerability
4316| [61229] Apache Sling up to 2.1.1 denial of service
4317| [61152] Apache Commons-compress 1.0/1.1/1.2/1.3/1.4 denial of service
4318| [61094] Apache Roller up to 5.0 cross site scripting
4319| [61093] Apache Roller up to 5.0 cross site request forgery
4320| [61005] Apache OpenOffice 3.3/3.4 unknown vulnerability
4321| [9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service
4322| [5436] Apache OpenOffice 3.3/3.4 WPXContentListener.cpp _closeTableRow File memory corruption
4323| [5435] Apache OpenOffice 3.3/3.4 vclmi.dll File memory corruption
4324| [60730] PHP 5.4.0/5.4.1/5.4.2 apache_request_headers memory corruption
4325| [60708] Apache Qpid 0.12 unknown vulnerability
4326| [5032] Apache Hadoop up to 0.20.205.0/1.0.1/0.23.1 Kerberos/MapReduce Security Feature privilege escalation
4327| [4949] Apache Struts File Upload XSLTResult.java XSLT File privilege escalation
4328| [4955] Apache Traffic Server 3.0.3/3.1.2 HTTP Header Parser memory corruption
4329| [4882] Apache Wicket up to 1.5.4 directory traversal
4330| [4881] Apache Wicket up to 1.4.19 cross site scripting
4331| [4884] Apache HTTP Server up to 2.3.6 mod_fcgid fcgid_spawn_ctl.c FcgidMaxProcessesPerClass HTTP Requests denial of service
4332| [60352] Apache Struts up to 2.2.3 memory corruption
4333| [60153] Apache Portable Runtime up to 1.4.3 denial of service
4334| [4598] Apache Struts 1.3.10 upload-submit.do cross site scripting
4335| [4597] Apache Struts 1.3.10 processSimple.do cross site scripting
4336| [4596] Apache Struts 2.0.14/2.2.3 struts2-rest-showcase/orders cross site scripting
4337| [4595] Apache Struts 2.0.14/2.2.3 struts2-showcase/person/editPerson.action cross site scripting
4338| [4583] Apache HTTP Server up to 2.2.21 Threaded MPM denial of service
4339| [4582] Apache HTTP Server up to 2.2.21 protocol.c information disclosure
4340| [4571] Apache Struts up to 2.3.1.2 privilege escalation
4341| [4557] Apache Tomcat up to 7.0.21 Caching/Recycling information disclosure
4342| [59934] Apache Tomcat up to 6.0.9 DigestAuthenticator.java unknown vulnerability
4343| [59933] Apache Tomcat up to 6.0.9 Access Restriction unknown vulnerability
4344| [59932] Apache Tomcat up to 6.0.9 unknown vulnerability
4345| [59931] Apache Tomcat up to 6.0.9 Access Restriction information disclosure
4346| [59902] Apache Struts up to 2.2.3 Interfaces unknown vulnerability
4347| [4528] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
4348| [4527] Apache Struts up to 2.2.3 ExceptionDelegator cross site scripting
4349| [59888] Apache Tomcat up to 6.0.6 denial of service
4350| [59886] Apache ActiveMQ up to 5.5.1 Crash denial of service
4351| [4513] Apache Struts up to 2.3.1 ParameterInterceptor directory traversal
4352| [4512] Apache Struts up to 2.2.3 CookieInterceptor privilege escalation
4353| [59850] Apache Geronimo up to 2.2.1 denial of service
4354| [59825] Apache HTTP Server up to 2.1.7 mod_reqtimeout denial of service
4355| [59556] Apache HTTP Server up to 2.0.53 mod_proxy information disclosure
4356| [58467] Apache libcloud 0.2.0/0.3.0/0.3.1/0.4.0 Access Restriction spoofing
4357| [58413] Apache Tomcat up to 6.0.10 spoofing
4358| [58381] Apache Wicket up to 1.4.17 cross site scripting
4359| [58296] Apache Tomcat up to 7.0.19 unknown vulnerability
4360| [57888] Apache HttpClient 4.0/4.0.1/4.1 Authorization information disclosure
4361| [57587] Apache Subversion up to 1.6.16 mod_dav_svn information disclosure
4362| [57585] Apache Subversion up to 1.6.16 mod_dav_svn Memory Consumption denial of service
4363| [57584] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
4364| [57577] Apache Rampart-C 1.3.0 Access Restriction rampart_timestamp_token_validate privilege escalation
4365| [57568] Apache Archiva up to 1.3.4 cross site scripting
4366| [57567] Apache Archiva up to 1.3.4 cross site request forgery
4367| [57481] Apache Tomcat 7.0.12/7.0.13 Access Restriction unknown vulnerability
4368| [4355] Apache HTTP Server APR apr_fnmatch denial of service
4369| [57435] Apache Struts up to 2.2.1.1 FileHandler.java cross site scripting
4370| [57425] Apache Struts up to 2.2.1.1 cross site scripting
4371| [4352] Apache HTTP Server 2.2.x APR apr_fnmatch denial of service
4372| [57025] Apache Tomcat up to 7.0.11 information disclosure
4373| [57024] Apache Tomcat 7.0.11 Access Restriction information disclosure
4374| [56774] IBM WebSphere Application Server up to 7.0.0.14 org.apache.jasper.runtime.JspWriterImpl.response denial of service
4375| [56824] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
4376| [56832] Apache Tomcat up to 7.0.10 Access Restriction information disclosure
4377| [56830] Apache Tomcat up to 7.0.9 Access Restriction privilege escalation
4378| [12440] Apache Tomcat 6.0.33 Malicious Request cross site scripting
4379| [56512] Apache Continuum up to 1.4.0 cross site scripting
4380| [4285] Apache Tomcat 5.x JVM getLocale denial of service
4381| [4284] Apache Tomcat 5.x HTML Manager Infinite Loop cross site scripting
4382| [4283] Apache Tomcat 5.x ServletContect privilege escalation
4383| [56441] Apache Tomcat up to 7.0.6 denial of service
4384| [56300] Apache CouchDB up to 1.0.1 Web Administration Interface cross site scripting
4385| [55967] Apache Subversion up to 1.6.4 rev_hunt.c denial of service
4386| [55966] Apache Subversion up to 1.6.4 mod_dav_svn repos.c walk denial of service
4387| [55095] Apache Axis2 up to 1.6 Default Password memory corruption
4388| [55631] Apache Archiva up to 1.3.1 User Account cross site request forgery
4389| [55556] Apache Tomcat up to 6.0.29 Default Configuration information disclosure
4390| [55553] Apache Tomcat up to 7.0.4 sessionsList.jsp cross site scripting
4391| [55162] Apache MyFaces up to 2.0.0 Authentication Code unknown vulnerability
4392| [54881] Apache Subversion up to 1.6.12 mod_dav_svn authz.c privilege escalation
4393| [54879] Apache APR-util up to 0.9.14 mod_reqtimeout apr_brigade_split_line denial of service
4394| [54693] Apache Traffic Server DNS Cache unknown vulnerability
4395| [54416] Apache CouchDB up to 0.11.0 cross site request forgery
4396| [54394] Apache CXF up to 2.2.8 Memory Consumption denial of service
4397| [54261] Apache Tomcat jsp/cal/cal2.jsp cross site scripting
4398| [54166] Apache HTTP Server up to 2.2.12 mod_cache Crash denial of service
4399| [54385] Apache Struts up to 2.1.8.1 ParameterInterceptor unknown vulnerability
4400| [54012] Apache Tomcat up to 6.0.10 denial of service
4401| [53763] Apache Axis2 1.3/1.4/1.4.1/1.5/1.5.1 Memory Consumption denial of service
4402| [53368] Apache MyFaces 1.1.7/1.2.8 cross site scripting
4403| [53397] Apache axis2 1.4.1/1.5.1 Administration Console cross site scripting
4404| [52894] Apache Tomcat up to 6.0.7 information disclosure
4405| [52960] Apache ActiveMQ up to 5.4-snapshot information disclosure
4406| [52843] Apache HTTP Server mod_auth_shadow unknown vulnerability
4407| [52786] Apache Open For Business Project up to 09.04 cross site scripting
4408| [52587] Apache ActiveMQ up to 5.3.0 cross site request forgery
4409| [52586] Apache ActiveMQ up to 5.3.0 cross site scripting
4410| [52584] Apache CouchDB up to 0.10.1 information disclosure
4411| [51757] Apache HTTP Server 2.0.44 cross site scripting
4412| [51756] Apache HTTP Server 2.0.44 spoofing
4413| [51717] Apache HTTP Server up to 1.3.3 mod_proxy ap_proxy_send_fb memory corruption
4414| [51690] Apache Tomcat up to 6.0 directory traversal
4415| [51689] Apache Tomcat up to 6.0 information disclosure
4416| [51688] Apache Tomcat up to 6.0 directory traversal
4417| [50886] HP Operations Manager 8.10 on Windows File Upload org.apache.catalina.manager.HTMLManagerServlet memory corruption
4418| [50802] Apache Tomcat up to 3.3 Default Password weak authentication
4419| [50626] Apache Solr 1.0.0 cross site scripting
4420| [49857] Apache HTTP Server mod_proxy_ftp cross site scripting
4421| [49856] Apache HTTP Server 2.2.13 mod_proxy_ftp ap_proxy_ftp_handler denial of service
4422| [49348] Apache Xerces-C++ 2.7.0 Stack-Based denial of service
4423| [86789] Apache Portable Runtime memory/unix/apr_pools.c unknown vulnerability
4424| [49283] Apache APR-util up to 1.3.8 apr-util misc/apr_rmm.c apr_rmm_realloc memory corruption
4425| [48952] Apache HTTP Server up to 1.3.6 mod_deflate denial of service
4426| [48626] Apache Tomcat up to 4.1.23 Access Restriction directory traversal
4427| [48431] Apache Tomcat up to 4.1.23 j_security_check cross site scripting
4428| [48430] Apache Tomcat up to 4.1.23 mod_jk denial of service
4429| [47801] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site request forgery
4430| [47800] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site scripting
4431| [47799] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console directory traversal
4432| [47648] Apache Tiles 2.1.0/2.1.1 cross site scripting
4433| [47640] Apache Struts 2.0.6/2.0.8/2.0.9/2.0.11/2.1 cross site scripting
4434| [47638] Apache Tomcat up to 4.1.23 mod_jk information disclosure
4435| [47636] Apache Struts 2.0.9 xip_client.html cross site scripting
4436| [47593] Apache Mod Perl 1 perl-status Apache::Status cross site scripting
4437| [47637] Apache Struts 1.0.2/1.1/1.2.4/1.2.7/1.2.8 cross site scripting
4438| [47239] Apache Struts up to 2.1.2 Beta struts directory traversal
4439| [47214] Apachefriends xampp 1.6.8 spoofing
4440| [47213] Apachefriends xampp 1.6.8 htaccess cross site request forgery
4441| [47162] Apachefriends XAMPP 1.4.4 weak authentication
4442| [47065] Apache Tomcat 4.1.23 cross site scripting
4443| [46834] Apache Tomcat up to 5.5.20 cross site scripting
4444| [46004] Apache Jackrabbit 1.4/1.5.0 search.jsp cross site scripting
4445| [49205] Apache Roller 2.3/3.0/3.1/4.0 Search cross site scripting
4446| [86625] Apache Struts directory traversal
4447| [44461] Apache Tomcat up to 5.5.0 information disclosure
4448| [44389] Apache Xerces-C++ XML Parser Memory Consumption denial of service
4449| [44352] Apache Friends XAMPP 1.6.8 adodb.php cross site scripting
4450| [43663] Apache Tomcat up to 6.0.16 directory traversal
4451| [43612] Apache Friends XAMPP 1.6.7 iart.php cross site scripting
4452| [43556] Apache HTTP Server up to 2.1.8 mod_proxy_ftp proxy_ftp.c cross site scripting
4453| [43516] Apache Tomcat up to 4.1.20 directory traversal
4454| [43509] Apache Tomcat up to 6.0.13 cross site scripting
4455| [42637] Apache Tomcat up to 6.0.16 cross site scripting
4456| [42325] Apache HTTP Server up to 2.1.8 Error Page cross site scripting
4457| [41838] Apache-SSL 1.3.34 1.57 expandcert privilege escalation
4458| [41091] Apache Software Foundation Mod Jk up to 2.0.1 mod_jk2 Stack-based memory corruption
4459| [40924] Apache Tomcat up to 6.0.15 information disclosure
4460| [40923] Apache Tomcat up to 6.0.15 unknown vulnerability
4461| [40922] Apache Tomcat up to 6.0 information disclosure
4462| [40710] Apache HTTP Server up to 2.0.61 mod_negotiation cross site scripting
4463| [40709] Apache HTTP Server up to 2.0.53 mod_negotiation cross site scripting
4464| [40656] Apache Tomcat 5.5.20 information disclosure
4465| [40503] Apache HTTP Server mod_proxy_ftp cross site scripting
4466| [40502] Apache HTTP Server up to 2.2.5 mod_proxy_balancer memory corruption
4467| [40501] Apache HTTP Server 2.2.6 mod_proxy_balancer cross site request forgery
4468| [40398] Apache HTTP Server up to 2.2 mod_proxy_balancer cross site scripting
4469| [40397] Apache HTTP Server up to 2.2 mod_proxy_balancer balancer_handler denial of service
4470| [40234] Apache Tomcat up to 6.0.15 directory traversal
4471| [40221] Apache HTTP Server 2.2.6 information disclosure
4472| [40027] David Castro Apache Authcas 0.4 sql injection
4473| [3495] Apache OpenOffice up to 2.3 Database Document Processor unknown vulnerability
4474| [3489] Apache HTTP Server 2.x HTTP Header cross site scripting
4475| [3414] Apache Tomcat WebDAV Stored privilege escalation
4476| [39489] Apache Jakarta Slide up to 2.1 directory traversal
4477| [39540] Apache Geronimo 2.0/2.0.1/2.0.2/2.1 unknown vulnerability
4478| [3310] Apache OpenOffice 1.1.3/2.0.4/2.2.1 TIFF Image Parser Heap-based memory corruption
4479| [38768] Apache HTTP Server up to 2.1.7 mod_autoindex.c cross site scripting
4480| [38952] Apache Geronimo 2.0.1/2.1 unknown vulnerability
4481| [38658] Apache Tomcat 4.1.31 cal2.jsp cross site request forgery
4482| [38524] Apache Geronimo 2.0 unknown vulnerability
4483| [3256] Apache Tomcat up to 6.0.13 cross site scripting
4484| [38331] Apache Tomcat 4.1.24 information disclosure
4485| [38330] Apache Tomcat 4.1.24 information disclosure
4486| [38185] Apache Tomcat 3.3/3.3.1/3.3.1a/3.3.2 Error Message CookieExample cross site scripting
4487| [37967] Apache Tomcat up to 4.1.36 Error Message sendmail.jsp cross site scripting
4488| [37647] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 Authorization unknown vulnerability
4489| [37646] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 unknown vulnerability
4490| [3141] Apache Tomcat up to 4.1.31 Accept-Language Header cross site scripting
4491| [3133] Apache Tomcat up to 6.0 HTTP cross site scripting
4492| [37292] Apache Tomcat up to 5.5.1 cross site scripting
4493| [3130] Apache OpenOffice 2.2.1 RTF Document Heap-based memory corruption
4494| [36981] Apache Tomcat JK Web Server Connector up to 1.2.22 mod_jk directory traversal
4495| [36892] Apache Tomcat up to 4.0.0 hello.jsp cross site scripting
4496| [37320] Apache MyFaces Tomahawk up to 1.1.4 cross site scripting
4497| [36697] Apache Tomcat up to 5.5.17 implicit-objects.jsp cross site scripting
4498| [36491] Apache Axis 1.0 Installation javaioFileNotFoundException information disclosure
4499| [36400] Apache Tomcat 5.5.15 mod_jk cross site scripting
4500| [36698] Apache Tomcat up to 4.0.0 cal2.jsp cross site scripting
4501| [36224] XAMPP Apache Distribution up to 1.6.0a adodb.php connect memory corruption
4502| [36225] XAMPP Apache Distribution 1.6.0a sql injection
4503| [2997] Apache httpd/Tomcat 5.5/6.0 directory traversal
4504| [35896] Apache Apache Test up to 1.29 mod_perl denial of service
4505| [35653] Avaya S8300 Cm 3.1.2 Apache Tomcat unknown vulnerability
4506| [35402] Apache Tomcat JK Web Server Connector 1.2.19 mod_jk.so map_uri_to_worker memory corruption
4507| [35067] Apache Stats up to 0.0.2 extract unknown vulnerability
4508| [35025] Apache Stats up to 0.0.3 extract unknown vulnerability
4509| [34252] Apache HTTP Server denial of service
4510| [2795] Apache OpenOffice 2.0.4 WMF/EMF File Heap-based memory corruption
4511| [33877] Apache Opentaps 0.9.3 cross site scripting
4512| [33876] Apache Open For Business Project unknown vulnerability
4513| [33875] Apache Open For Business Project cross site scripting
4514| [2703] Apache Jakarta Tomcat up to 5.x der_get_oid memory corruption
4515| [2611] Apache HTTP Server up to 1.0.1 set_var Format String
4516|
4517| MITRE CVE - https://cve.mitre.org:
4518| [CVE-2013-4156] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
4519| [CVE-2013-4131] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.
4520| [CVE-2013-3239] phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
4521| [CVE-2013-3060] The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
4522| [CVE-2013-2765] The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
4523| [CVE-2013-2251] Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
4524| [CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
4525| [CVE-2013-2248] Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
4526| [CVE-2013-2189] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
4527| [CVE-2013-2135] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice.
4528| [CVE-2013-2134] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
4529| [CVE-2013-2115] Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.
4530| [CVE-2013-2071] java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes.
4531| [CVE-2013-2067] java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.
4532| [CVE-2013-1966] Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
4533| [CVE-2013-1965] Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.1, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
4534| [CVE-2013-1896] mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
4535| [CVE-2013-1884] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
4536| [CVE-2013-1879] Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."
4537| [CVE-2013-1862] mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
4538| [CVE-2013-1849] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.
4539| [CVE-2013-1847] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
4540| [CVE-2013-1846] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.
4541| [CVE-2013-1845] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
4542| [CVE-2013-1814] The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.
4543| [CVE-2013-1777] The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not property implement the RMI classloader, which allows remote attackers to execute arbitrary code by using the JMX connector to send a crafted serialized object.
4544| [CVE-2013-1768] The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
4545| [CVE-2013-1088] Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
4546| [CVE-2013-1048] The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
4547| [CVE-2013-0966] The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.
4548| [CVE-2013-0942] Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4549| [CVE-2013-0941] EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
4550| [CVE-2013-0253] The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.
4551| [CVE-2013-0248] The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
4552| [CVE-2013-0239] Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element.
4553| [CVE-2012-6573] Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving autocomplete results.
4554| [CVE-2012-6551] The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
4555| [CVE-2012-6092] Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.
4556| [CVE-2012-5887] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.
4557| [CVE-2012-5886] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.
4558| [CVE-2012-5885] The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.
4559| [CVE-2012-5786] The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
4560| [CVE-2012-5785] Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
4561| [CVE-2012-5784] Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
4562| [CVE-2012-5783] Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
4563| [CVE-2012-5633] The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request.
4564| [CVE-2012-5616] Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.
4565| [CVE-2012-5568] Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
4566| [CVE-2012-5351] Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
4567| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
4568| [CVE-2012-4557] The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
4569| [CVE-2012-4556] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.
4570| [CVE-2012-4555] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.
4571| [CVE-2012-4534] org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.
4572| [CVE-2012-4528] The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
4573| [CVE-2012-4501] Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs.
4574| [CVE-2012-4460] The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash.
4575| [CVE-2012-4459] Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
4576| [CVE-2012-4458] The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
4577| [CVE-2012-4446] The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
4578| [CVE-2012-4431] org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
4579| [CVE-2012-4418] Apache Axis2 allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
4580| [CVE-2012-4387] Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.
4581| [CVE-2012-4386] The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks by setting the token name configuration parameter to a session attribute.
4582| [CVE-2012-4360] Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4583| [CVE-2012-4063] The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors.
4584| [CVE-2012-4001] The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
4585| [CVE-2012-3908] Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow remote attackers to hijack the authentication of administrators, aka Bug ID CSCty46684.
4586| [CVE-2012-3546] org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.
4587| [CVE-2012-3544] Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
4588| [CVE-2012-3526] The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
4589| [CVE-2012-3513] munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.
4590| [CVE-2012-3506] Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.
4591| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
4592| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
4593| [CVE-2012-3467] Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication.
4594| [CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
4595| [CVE-2012-3446] Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
4596| [CVE-2012-3376] DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.
4597| [CVE-2012-3373] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.21 and 1.5.x before 1.5.8 allows remote attackers to inject arbitrary web script or HTML via vectors involving a %00 sequence in an Ajax link URL associated with a Wicket app.
4598| [CVE-2012-3126] Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent.
4599| [CVE-2012-3123] Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Server.
4600| [CVE-2012-2760] mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.
4601| [CVE-2012-2733] java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
4602| [CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
4603| [CVE-2012-2381] Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the blogger role.
4604| [CVE-2012-2380] Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality.
4605| [CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
4606| [CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.
4607| [CVE-2012-2329] Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.
4608| [CVE-2012-2145] Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
4609| [CVE-2012-2138] The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP request.
4610| [CVE-2012-2098] Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
4611| [CVE-2012-1574] The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
4612| [CVE-2012-1181] fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.
4613| [CVE-2012-1089] Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.
4614| [CVE-2012-1007] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do.
4615| [CVE-2012-1006] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders.
4616| [CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
4617| [CVE-2012-0840] tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
4618| [CVE-2012-0838] Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
4619| [CVE-2012-0788] The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.
4620| [CVE-2012-0394] ** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself."
4621| [CVE-2012-0393] The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object.
4622| [CVE-2012-0392] The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
4623| [CVE-2012-0391] The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
4624| [CVE-2012-0256] Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.
4625| [CVE-2012-0216] The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.
4626| [CVE-2012-0213] The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.
4627| [CVE-2012-0053] protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
4628| [CVE-2012-0047] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter.
4629| [CVE-2012-0031] scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
4630| [CVE-2012-0022] Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
4631| [CVE-2012-0021] The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.
4632| [CVE-2011-5064] DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184.
4633| [CVE-2011-5063] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.
4634| [CVE-2011-5062] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.
4635| [CVE-2011-5057] Apache Struts 2.3.1.1 and earlier provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor."
4636| [CVE-2011-5034] Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.
4637| [CVE-2011-4905] Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
4638| [CVE-2011-4858] Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
4639| [CVE-2011-4668] IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
4640| [CVE-2011-4449] actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
4641| [CVE-2011-4415] The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
4642| [CVE-2011-4317] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
4643| [CVE-2011-3639] The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
4644| [CVE-2011-3620] Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username.
4645| [CVE-2011-3607] Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
4646| [CVE-2011-3376] org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.
4647| [CVE-2011-3375] Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
4648| [CVE-2011-3368] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
4649| [CVE-2011-3348] The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
4650| [CVE-2011-3192] The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
4651| [CVE-2011-3190] Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
4652| [CVE-2011-2729] native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
4653| [CVE-2011-2712] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
4654| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
4655| [CVE-2011-2526] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.
4656| [CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
4657| [CVE-2011-2481] Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. NOTE: this vulnerability exists because of a CVE-2009-0783 regression.
4658| [CVE-2011-2329] The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than CVE-2011-0730.
4659| [CVE-2011-2204] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
4660| [CVE-2011-2088] XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
4661| [CVE-2011-2087] Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
4662| [CVE-2011-1928] The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.
4663| [CVE-2011-1921] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
4664| [CVE-2011-1783] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.
4665| [CVE-2011-1772] Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
4666| [CVE-2011-1752] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
4667| [CVE-2011-1610] Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.
4668| [CVE-2011-1582] Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.
4669| [CVE-2011-1571] Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
4670| [CVE-2011-1570] Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
4671| [CVE-2011-1503] The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL.
4672| [CVE-2011-1502] Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
4673| [CVE-2011-1498] Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.
4674| [CVE-2011-1475] The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users."
4675| [CVE-2011-1419] Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088.
4676| [CVE-2011-1318] Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted.
4677| [CVE-2011-1184] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
4678| [CVE-2011-1183] Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1088 and CVE-2011-1419.
4679| [CVE-2011-1176] The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
4680| [CVE-2011-1088] Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application.
4681| [CVE-2011-1077] Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4682| [CVE-2011-1026] Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to hijack the authentication of administrators.
4683| [CVE-2011-0715] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
4684| [CVE-2011-0534] Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
4685| [CVE-2011-0533] Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta
4686| [CVE-2011-0419] Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
4687| [CVE-2011-0013] Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
4688| [CVE-2010-4644] Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
4689| [CVE-2010-4539] The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
4690| [CVE-2010-4476] The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
4691| [CVE-2010-4455] Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 and 11.1.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Apache Plugin.
4692| [CVE-2010-4408] Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of the administrator's password at the time of modifying a user account, which makes it easier for context-dependent attackers to gain privileges by leveraging a (1) unattended workstation or (2) cross-site request forgery (CSRF) vulnerability, a related issue to CVE-2010-3449.
4693| [CVE-2010-4312] The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a session via script access to a cookie.
4694| [CVE-2010-4172] Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
4695| [CVE-2010-3872] The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite."
4696| [CVE-2010-3863] Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI.
4697| [CVE-2010-3854] Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4698| [CVE-2010-3718] Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.
4699| [CVE-2010-3449] Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1
4700| [CVE-2010-3315] authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
4701| [CVE-2010-3083] sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and other products, when SSL is enabled, allows remote attackers to cause a denial of service (daemon outage) by connecting to the SSL port but not participating in an SSL handshake.
4702| [CVE-2010-2952] Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response.
4703| [CVE-2010-2791] mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
4704| [CVE-2010-2375] Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
4705| [CVE-2010-2234] Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL.
4706| [CVE-2010-2227] Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
4707| [CVE-2010-2103] Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.
4708| [CVE-2010-2086] Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
4709| [CVE-2010-2076] Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
4710| [CVE-2010-2068] mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
4711| [CVE-2010-2057] shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack.
4712| [CVE-2010-1632] Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
4713| [CVE-2010-1623] Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
4714| [CVE-2010-1587] The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
4715| [CVE-2010-1452] The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
4716| [CVE-2010-1325] Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect.
4717| [CVE-2010-1244] Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
4718| [CVE-2010-1157] Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
4719| [CVE-2010-1151] Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials.
4720| [CVE-2010-0684] Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
4721| [CVE-2010-0434] The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
4722| [CVE-2010-0432] Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the productStoreId parameter to control/exportProductListing, (2) the partyId parameter to partymgr/control/viewprofile (aka partymgr/control/login), (3) the start parameter to myportal/control/showPortalPage, (4) an invalid URI beginning with /facility/control/ReceiveReturn (aka /crmsfa/control/ReceiveReturn or /cms/control/ReceiveReturn), (5) the contentId parameter (aka the entityName variable) to ecommerce/control/ViewBlogArticle, (6) the entityName parameter to webtools/control/FindGeneric, or the (7) subject or (8) content parameter to an unspecified component under ecommerce/control/contactus.
4723| [CVE-2010-0425] modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
4724| [CVE-2010-0408] The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
4725| [CVE-2010-0390] Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information.
4726| [CVE-2010-0219] Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
4727| [CVE-2010-0010] Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
4728| [CVE-2010-0009] Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
4729| [CVE-2009-5120] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.
4730| [CVE-2009-5119] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
4731| [CVE-2009-5006] The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange.
4732| [CVE-2009-5005] The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service (daemon crash and cluster outage) via invalid AMQP data.
4733| [CVE-2009-4355] Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
4734| [CVE-2009-4269] The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
4735| [CVE-2009-3923] The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
4736| [CVE-2009-3890] Unrestricted file upload vulnerability in the wp_check_filetype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the mod_mime module in the Apache HTTP Server is enabled, allows remote authenticated users to execute arbitrary code by posting an attachment with a multiple-extension filename, and then accessing this attachment via a direct request to a wp-content/uploads/ pathname, as demonstrated by a .php.jpg filename.
4737| [CVE-2009-3843] HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
4738| [CVE-2009-3821] Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4739| [CVE-2009-3555] The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4740| [CVE-2009-3548] The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
4741| [CVE-2009-3250] The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. on Windows, or (3) .php/ on Linux, and then making a direct request to a certain pathname under storage/.
4742| [CVE-2009-3095] The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
4743| [CVE-2009-3094] The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
4744| [CVE-2009-2902] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
4745| [CVE-2009-2901] The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests.
4746| [CVE-2009-2823] The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
4747| [CVE-2009-2699] The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
4748| [CVE-2009-2696] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
4749| [CVE-2009-2693] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
4750| [CVE-2009-2625] XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
4751| [CVE-2009-2412] Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR
4752| [CVE-2009-2299] The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
4753| [CVE-2009-1956] Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
4754| [CVE-2009-1955] The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
4755| [CVE-2009-1903] The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
4756| [CVE-2009-1891] The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
4757| [CVE-2009-1890] The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
4758| [CVE-2009-1885] Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
4759| [CVE-2009-1462] The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.
4760| [CVE-2009-1275] Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.
4761| [CVE-2009-1195] The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
4762| [CVE-2009-1191] mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
4763| [CVE-2009-1012] Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.
4764| [CVE-2009-0918] Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
4765| [CVE-2009-0796] Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
4766| [CVE-2009-0783] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
4767| [CVE-2009-0781] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
4768| [CVE-2009-0754] PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.
4769| [CVE-2009-0580] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
4770| [CVE-2009-0486] Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery (CSRF) protection mechanisms and conduct unauthorized activities as other users.
4771| [CVE-2009-0039] Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
4772| [CVE-2009-0038] Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring
4773| [CVE-2009-0033] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
4774| [CVE-2009-0026] Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
4775| [CVE-2009-0023] The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
4776| [CVE-2008-6879] Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
4777| [CVE-2008-6755] ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
4778| [CVE-2008-6722] Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache.
4779| [CVE-2008-6682] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
4780| [CVE-2008-6505] Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x.
4781| [CVE-2008-6504] ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
4782| [CVE-2008-5696] Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
4783| [CVE-2008-5676] Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching."
4784| [CVE-2008-5519] The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.
4785| [CVE-2008-5518] Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet)
4786| [CVE-2008-5515] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
4787| [CVE-2008-5457] Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
4788| [CVE-2008-4308] The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
4789| [CVE-2008-4008] Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter.
4790| [CVE-2008-3666] Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured
4791| [CVE-2008-3271] Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.
4792| [CVE-2008-3257] Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
4793| [CVE-2008-2939] Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
4794| [CVE-2008-2938] Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
4795| [CVE-2008-2742] Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled.
4796| [CVE-2008-2717] TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.
4797| [CVE-2008-2579] Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
4798| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
4799| [CVE-2008-2370] Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.
4800| [CVE-2008-2364] The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
4801| [CVE-2008-2168] Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
4802| [CVE-2008-2025] Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."
4803| [CVE-2008-1947] Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
4804| [CVE-2008-1734] Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.
4805| [CVE-2008-1678] Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
4806| [CVE-2008-1232] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.
4807| [CVE-2008-0869] Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
4808| [CVE-2008-0732] The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
4809| [CVE-2008-0555] The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.
4810| [CVE-2008-0457] Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
4811| [CVE-2008-0456] CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
4812| [CVE-2008-0455] Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
4813| [CVE-2008-0128] The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
4814| [CVE-2008-0005] mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
4815| [CVE-2008-0002] Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.
4816| [CVE-2007-6750] The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
4817| [CVE-2007-6726] Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.
4818| [CVE-2007-6514] Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.
4819| [CVE-2007-6423] ** DISPUTED ** Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue.
4820| [CVE-2007-6422] The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
4821| [CVE-2007-6421] Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
4822| [CVE-2007-6420] Cross-site request forgery (CSRF) vulnerability in the
4823#######################################################################################################################################
4824 Anonymous #OpKilluminati JTSEC Full Recon #20