· 5 years ago · Mar 19, 2020, 12:41 PM
1###################################################################################################################################
2===================================================================================================================================
3Hostname www.uach.cl ISP Red Universitaria Nacional
4Continent South America Flag
5CL
6Country Chile Country Code CL
7Region Santiago Metropolitan Local time 19 Mar 2020 07:36 -03
8City Santiago Postal Code Unknown
9IP Address 146.83.222.104 Latitude -33.451
10 Longitude -70.665
11==================================================================================================================================
12##################################################################################################################################
13> www.uach.cl
14Server: 10.101.0.243
15Address: 10.101.0.243#53
16
17Non-authoritative answer:
18www.uach.cl canonical name = callecalle5.uach.cl.
19Name: callecalle5.uach.cl
20Address: 146.83.222.104
21>
22###################################################################################################################################
23Domain name: uach.cl
24Registrant name: Universidad Austral de Chile
25Registrant organisation:
26Registrar name: NIC Chile
27Registrar URL: https://www.nic.cl
28Creation date: 1994-05-10 17:51:04 CLST
29Expiration date: 2027-02-14 12:48:12 CLST
30Name server: ns1.uach.cl (200.2.119.126)
31Name server: secundario.nic.cl
32###################################################################################################################################
33[+] Target : www.uach.cl
34
35[+] IP Address : 146.83.222.104
36
37[+] Headers :
38
39[+] Date : Thu, 19 Mar 2020 10:41:45 GMT
40[+] Server : Apache
41[+] Keep-Alive : timeout=15, max=100
42[+] Connection : Keep-Alive
43[+] Transfer-Encoding : chunked
44[+] Content-Type : text/html
45
46[+] SSL Certificate Information :
47
48[+] countryName : CL
49[+] stateOrProvinceName : Valdivia
50[+] localityName : Valdivia
51[+] organizationalUnitName : Direccion de Tecnologias de Informacion
52[+] organizationName : Universidad Austral de Chile
53[+] commonName : *.uach.cl
54[+] countryName : BE
55[+] organizationName : GlobalSign nv-sa
56[+] commonName : GlobalSign Organization Validation CA - SHA256 - G2
57[+] Version : 3
58[+] Serial Number : 388431511EA3421ECD0BEC40
59[+] Not Before : Sep 12 17:56:11 2018 GMT
60[+] Not After : Sep 13 16:06:02 2020 GMT
61[+] OCSP : ('http://ocsp2.globalsign.com/gsorganizationvalsha2g2',)
62[+] subject Alt Name : (('DNS', '*.uach.cl'), ('DNS', 'uach.cl'))
63[+] CA Issuers : ('http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt',)
64[+] CRL Distribution Points : ('http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl',)
65
66[+] Whois Lookup :
67
68[+] NIR : None
69[+] ASN Registry : lacnic
70[+] ASN : 11340
71[+] ASN CIDR : 146.83.222.0/24
72[+] ASN Country Code : CL
73[+] ASN Date : 1991-01-28
74[+] ASN Description : Red Universitaria Nacional, CL
75[+] cidr : 146.83.0.0/16
76[+] name : None
77[+] handle : CIM2
78[+] range : 146.83/16
79[+] description : Red Universitaria Nacional
80[+] country : CL
81[+] state : None
82[+] city : None
83[+] address : None
84[+] postal_code : None
85[+] emails : ['security@REUNA.CL']
86[+] created : 19910128
87[+] updated : 20200106
88
89[+] Crawling Target...
90
91[+] Looking for robots.txt........[ Found ]
92[+] Extracting robots Links.......[ 1 ]
93[+] Looking for sitemap.xml.......[ Not Found ]
94[+] Extracting CSS Links..........[ 6 ]
95[+] Extracting Javascript Links...[ 6 ]
96[+] Extracting Internal Links.....[ 39 ]
97[+] Extracting External Links.....[ 32 ]
98[+] Extracting Images.............[ 34 ]
99
100[+] Total Links Extracted : 118
101
102[+] Dumping Links in /opt/FinalRecon/dumps/www.uach.cl.dump
103[+] Completed!
104##################################################################################################################################
105[i] Scanning Site: https://www.uach.cl
106
107
108
109B A S I C I N F O
110====================
111
112
113[+] Site Title: Universidad Austral de Chile
114[+] IP address: 146.83.222.104
115[+] Web Server: Apache
116[+] CMS: WordPress
117[+] Cloudflare: Not Detected
118[+] Robots File: Found
119
120-------------[ contents ]----------------
121User-agent: *
122Disallow: /facultades/
123
124-----------[end of contents]-------------
125
126
127
128W H O I S L O O K U P
129========================
130
131 %%
132%% This is the NIC Chile Whois server (whois.nic.cl).
133%%
134%% Rights restricted by copyright.
135%% See https://www.nic.cl/normativa/politica-publicacion-de-datos-cl.pdf
136%%
137
138Domain name: uach.cl
139Registrant name: Universidad Austral de Chile
140Registrant organisation:
141Registrar name: NIC Chile
142Registrar URL: https://www.nic.cl
143Creation date: 1994-05-10 17:51:04 CLST
144Expiration date: 2027-02-14 12:48:12 CLST
145Name server: ns1.uach.cl (200.2.119.126)
146Name server: secundario.nic.cl
147
148%%
149%% For communication with domain contacts please use website.
150%% See https://www.nic.cl/registry/Whois.do?d=uach.cl
151%%
152
153
154
155
156G E O I P L O O K U P
157=========================
158
159[i] IP Address: 146.83.222.104
160[i] Country: Chile
161[i] State: Santiago Metropolitan
162[i] City: Santiago
163[i] Latitude: -33.4513
164[i] Longitude: -70.6653
165
166
167
168
169H T T P H E A D E R S
170=======================
171
172
173[i] HTTP/1.1 200 OK
174[i] Date: Thu, 19 Mar 2020 10:42:05 GMT
175[i] Server: Apache
176[i] Connection: close
177[i] Content-Type: text/html
178
179
180
181
182D N S L O O K U P
183===================
184
185uach.cl. 21599 IN SOA ns1.uach.cl. operaciones.uach.cl. 2019070936 10800 3600 604800 86400
186uach.cl. 21599 IN NS ns1.uach.cl.
187uach.cl. 21599 IN NS secundario.nic.cl.
188uach.cl. 21599 IN MX 10 uach-cl.mail.protection.outlook.com.
189uach.cl. 21599 IN TXT "v=spf1 include:spf.protection.outlook.com ip4:146.83.222.104 ip4:146.83.222.226 ip4:146.83.222.71 ip4:146.83.222.155 ip4:146.83.222.235 ~all"
190uach.cl. 21599 IN A 146.83.222.104
191
192
193
194
195S U B N E T C A L C U L A T I O N
196====================================
197
198Address = 146.83.222.104
199Network = 146.83.222.104 / 32
200Netmask = 255.255.255.255
201Broadcast = not needed on Point-to-Point links
202Wildcard Mask = 0.0.0.0
203Hosts Bits = 0
204Max. Hosts = 1 (2^0 - 0)
205Host Range = { 146.83.222.104 - 146.83.222.104 }
206
207
208
209N M A P P O R T S C A N
210============================
211
212Starting Nmap 7.70 ( https://nmap.org ) at 2020-03-19 10:42 UTC
213Nmap scan report for uach.cl (146.83.222.104)
214Host is up (0.16s latency).
215rDNS record for 146.83.222.104: callecalle5.uach.cl
216
217PORT STATE SERVICE
21821/tcp filtered ftp
21922/tcp filtered ssh
22080/tcp open http
221443/tcp open https
222
223Nmap done: 1 IP address (1 host up) scanned in 3.11 seconds
224
225
226
227S U B - D O M A I N F I N D E R
228==================================
229
230
231[i] Total Subdomains Found : 206
232
233[+] Subdomain: ise1.uach.cl
234[-] IP: 172.17.132.200
235
236[+] Subdomain: ns1.uach.cl
237[-] IP: 200.2.119.126
238
239[+] Subdomain: post1.uach.cl
240[-] IP: 200.2.112.1
241
242[+] Subdomain: secure02.uach.cl
243[-] IP: 146.83.222.179
244
245[+] Subdomain: secure12.uach.cl
246[-] IP: 146.83.222.197
247
248[+] Subdomain: lcc2.uach.cl
249[-] IP: 146.83.217.121
250
251[+] Subdomain: oficinagi2.uach.cl
252[-] IP: 200.111.142.68
253
254[+] Subdomain: oncol2.uach.cl
255[-] IP: 200.2.113.40
256
257[+] Subdomain: apolo2.uach.cl
258[-] IP: 146.83.222.71
259
260[+] Subdomain: axp2.uach.cl
261[-] IP: 200.2.116.225
262
263[+] Subdomain: post2.uach.cl
264[-] IP: 200.2.118.1
265
266[+] Subdomain: aus1203.uach.cl
267[-] IP: 199.34.228.79
268
269[+] Subdomain: congresoscha2013.uach.cl
270[-] IP: 200.2.116.252
271
272[+] Subdomain: secure13.uach.cl
273[-] IP: 146.83.222.198
274
275[+] Subdomain: post3.uach.cl
276[-] IP: 200.2.119.1
277
278[+] Subdomain: secure05.uach.cl
279[-] IP: 146.83.222.107
280
281[+] Subdomain: callecalle5.uach.cl
282[-] IP: 146.83.222.104
283
284[+] Subdomain: maba.uach.cl
285[-] IP: 200.2.116.252
286
287[+] Subdomain: videoteca.uach.cl
288[-] IP: 146.83.222.249
289
290[+] Subdomain: www.biblioteca.uach.cl
291[-] IP: 146.83.217.167
292
293[+] Subdomain: catalogobiblioteca.uach.cl
294[-] IP: 146.83.217.150
295
296[+] Subdomain: clinicaodontologica.uach.cl
297[-] IP: 138.186.8.100
298
299[+] Subdomain: saludpublica.uach.cl
300[-] IP: 160.153.160.120
301
302[+] Subdomain: civilmecanica.uach.cl
303[-] IP: 200.73.115.31
304
305[+] Subdomain: fisica.uach.cl
306[-] IP: 146.83.221.20
307
308[+] Subdomain: www.fisica.uach.cl
309[-] IP: 146.83.218.67
310
311[+] Subdomain: conservatoriomusica.uach.cl
312[-] IP: 186.64.116.200
313
314[+] Subdomain: informatica.uach.cl
315[-] IP: 146.83.216.217
316
317[+] Subdomain: www.trapananda.uach.cl
318[-] IP: 200.2.119.34
319
320[+] Subdomain: tienda.uach.cl
321[-] IP: 192.185.173.65
322
323[+] Subdomain: facea.uach.cl
324[-] IP: 200.2.115.234
325
326[+] Subdomain: rea.uach.cl
327[-] IP: 146.83.222.131
328
329[+] Subdomain: www.enefa.uach.cl
330[-] IP: 146.83.222.75
331
332[+] Subdomain: rvega.uach.cl
333[-] IP: 146.83.216.192
334
335[+] Subdomain: ifarmacia.uach.cl
336[-] IP: 198.46.90.38
337
338[+] Subdomain: psicologia.uach.cl
339[-] IP: 200.2.116.252
340
341[+] Subdomain: fonoaudiologia.uach.cl
342[-] IP: 200.2.116.252
343
344[+] Subdomain: fitotecnia.uach.cl
345[-] IP: 192.185.173.5
346
347[+] Subdomain: patagonia.uach.cl
348[-] IP: 192.185.173.64
349
350[+] Subdomain: diplomadoarteterapia.uach.cl
351[-] IP: 201.148.104.52
352
353[+] Subdomain: veterinaria.uach.cl
354[-] IP: 178.33.113.166
355
356[+] Subdomain: ingenieria.uach.cl
357[-] IP: 198.136.62.113
358
359[+] Subdomain: rema.uach.cl
360[-] IP: 200.2.119.88
361
362[+] Subdomain: aulamagna.uach.cl
363[-] IP: 201.148.104.42
364
365[+] Subdomain: medicina.uach.cl
366[-] IP: 138.186.8.100
367
368[+] Subdomain: tonina.uach.cl
369[-] IP: 200.2.116.86
370
371[+] Subdomain: www.biologiamarina.uach.cl
372[-] IP: 192.185.173.51
373
374[+] Subdomain: mna.uach.cl
375[-] IP: 200.2.116.250
376
377[+] Subdomain: secure20qa.uach.cl
378[-] IP: 172.18.14.111
379
380[+] Subdomain: siveducqa.uach.cl
381[-] IP: 146.83.222.202
382
383[+] Subdomain: tera.uach.cl
384[-] IP: 146.83.216.236
385
386[+] Subdomain: arquitectura.uach.cl
387[-] IP: 146.83.222.75
388
389[+] Subdomain: doctoradoacuicultura.uach.cl
390[-] IP: 200.2.116.252
391
392[+] Subdomain: centova.uach.cl
393[-] IP: 146.83.222.84
394
395[+] Subdomain: jornadastic.uach.cl
396[-] IP: 146.83.222.75
397
398[+] Subdomain: siveduc.uach.cl
399[-] IP: 146.83.222.235
400
401[+] Subdomain: actualidad.uach.cl
402[-] IP: 146.83.222.90
403
404[+] Subdomain: guionactualidad.uach.cl
405[-] IP: 200.2.115.237
406
407[+] Subdomain: comunidad.uach.cl
408[-] IP: 146.83.222.90
409
410[+] Subdomain: iced.uach.cl
411[-] IP: 186.64.118.80
412
413[+] Subdomain: www.med.uach.cl
414[-] IP: 200.2.115.63
415
416[+] Subdomain: infomed.uach.cl
417[-] IP: 200.2.117.35
418
419[+] Subdomain: ped.uach.cl
420[-] IP: 200.2.116.250
421
422[+] Subdomain: fid.uach.cl
423[-] IP: 174.138.191.230
424
425[+] Subdomain: siveducmd.uach.cl
426[-] IP: 146.83.222.155
427
428[+] Subdomain: dae.uach.cl
429[-] IP: 186.64.116.220
430
431[+] Subdomain: pace.uach.cl
432[-] IP: 186.64.119.195
433
434[+] Subdomain: www.ice.uach.cl
435[-] IP: 200.2.114.225
436
437[+] Subdomain: made.uach.cl
438[-] IP: 162.241.24.149
439
440[+] Subdomain: rlcollege.uach.cl
441[-] IP: 138.186.9.71
442
443[+] Subdomain: ie.uach.cl
444[-] IP: 160.153.162.51
445
446[+] Subdomain: campussustentable.uach.cl
447[-] IP: 186.64.116.175
448
449[+] Subdomain: callecalle.uach.cl
450[-] IP: 146.83.222.67
451
452[+] Subdomain: mingaonline.uach.cl
453[-] IP: 146.83.217.165
454
455[+] Subdomain: cisne.uach.cl
456[-] IP: 200.24.13.60
457
458[+] Subdomain: secure.uach.cl
459[-] IP: 146.83.222.76
460
461[+] Subdomain: inf.uach.cl
462[-] IP: 146.83.216.253
463
464[+] Subdomain: antillanca.inf.uach.cl
465[-] IP: 146.83.216.201
466
467[+] Subdomain: video.clima.inf.uach.cl
468[-] IP: 146.83.221.2
469
470[+] Subdomain: opentera.inf.uach.cl
471[-] IP: 146.83.216.224
472
473[+] Subdomain: ranco.inf.uach.cl
474[-] IP: 146.83.216.209
475
476[+] Subdomain: e-ncendio.inf.uach.cl
477[-] IP: 146.83.216.184
478
479[+] Subdomain: activismo.inf.uach.cl
480[-] IP: 146.83.216.238
481
482[+] Subdomain: magister.inf.uach.cl
483[-] IP: 146.83.216.163
484
485[+] Subdomain: router.inf.uach.cl
486[-] IP: 146.83.216.129
487
488[+] Subdomain: devops.inf.uach.cl
489[-] IP: 146.83.216.163
490
491[+] Subdomain: www.inf.uach.cl
492[-] IP: 146.83.216.253
493
494[+] Subdomain: iicg.uach.cl
495[-] IP: 200.2.116.250
496
497[+] Subdomain: www.iicg.uach.cl
498[-] IP: 200.2.116.250
499
500[+] Subdomain: spring.uach.cl
501[-] IP: 190.110.123.76
502
503[+] Subdomain: cipuach.uach.cl
504[-] IP: 201.148.104.36
505
506[+] Subdomain: gradmedi.uach.cl
507[-] IP: 200.2.117.45
508
509[+] Subdomain: cei.uach.cl
510[-] IP: 200.2.116.252
511
512[+] Subdomain: elei.uach.cl
513[-] IP: 200.2.114.215
514
515[+] Subdomain: iacui.uach.cl
516[-] IP: 200.2.116.252
517
518[+] Subdomain: intranetideal.uach.cl
519[-] IP: 178.33.113.166
520
521[+] Subdomain: international.uach.cl
522[-] IP: 186.64.118.85
523
524[+] Subdomain: secretariageneral.uach.cl
525[-] IP: 146.83.222.110
526
527[+] Subdomain: paisajeaustral.uach.cl
528[-] IP: 200.24.13.65
529
530[+] Subdomain: tvaustral.uach.cl
531[-] IP: 146.83.222.75
532
533[+] Subdomain: archivo.tvaustral.uach.cl
534[-] IP: 146.83.222.186
535
536[+] Subdomain: magisterural.uach.cl
537[-] IP: 200.2.115.140
538
539[+] Subdomain: www.forestal.uach.cl
540[-] IP: 192.140.57.10
541
542[+] Subdomain: www.email.uach.cl
543[-] IP: 146.83.222.93
544
545[+] Subdomain: oncol.uach.cl
546[-] IP: 200.2.113.39
547
548[+] Subdomain: otl.uach.cl
549[-] IP: 50.116.4.114
550
551[+] Subdomain: icfm.uach.cl
552[-] IP: 192.185.173.52
553
554[+] Subdomain: mimm.uach.cl
555[-] IP: 200.73.115.31
556
557[+] Subdomain: tmedicapm.uach.cl
558[-] IP: 200.2.116.252
559
560[+] Subdomain: edubasicapm.uach.cl
561[-] IP: 200.2.116.250
562
563[+] Subdomain: enfermeriapm.uach.cl
564[-] IP: 200.2.116.252
565
566[+] Subdomain: icipm.uach.cl
567[-] IP: 200.2.116.250
568
569[+] Subdomain: derechopm.uach.cl
570[-] IP: 200.2.116.250
571
572[+] Subdomain: ra.spm.uach.cl
573[-] IP: 200.2.116.250
574
575[+] Subdomain: mapsi.spm.uach.cl
576[-] IP: 200.2.116.252
577
578[+] Subdomain: senas.spm.uach.cl
579[-] IP: 200.2.116.245
580
581[+] Subdomain: bienestarspm.uach.cl
582[-] IP: 200.2.116.250
583
584[+] Subdomain: helen.uach.cl
585[-] IP: 146.83.222.96
586
587[+] Subdomain: empleosadmin.uach.cl
588[-] IP: 200.29.145.52
589
590[+] Subdomain: vinculacion.uach.cl
591[-] IP: 64.90.52.84
592
593[+] Subdomain: registrovinculacion.uach.cl
594[-] IP: 186.64.118.145
595
596[+] Subdomain: ingenieriaeninformacion.uach.cl
597[-] IP: 200.2.116.250
598
599[+] Subdomain: computacion.uach.cl
600[-] IP: 200.2.116.90
601
602[+] Subdomain: sandra.computacion.uach.cl
603[-] IP: 200.2.116.70
604
605[+] Subdomain: richard.computacion.uach.cl
606[-] IP: 200.2.116.82
607
608[+] Subdomain: xime.computacion.uach.cl
609[-] IP: 200.2.116.69
610
611[+] Subdomain: moni.computacion.uach.cl
612[-] IP: 200.2.116.71
613
614[+] Subdomain: metri.computacion.uach.cl
615[-] IP: 200.2.116.101
616
617[+] Subdomain: vivi.computacion.uach.cl
618[-] IP: 200.2.116.73
619
620[+] Subdomain: mm.computacion.uach.cl
621[-] IP: 200.2.116.85
622
623[+] Subdomain: alumnos.computacion.uach.cl
624[-] IP: 200.2.116.67
625
626[+] Subdomain: www.computacion.uach.cl
627[-] IP: 200.2.116.116
628
629[+] Subdomain: autoevaluacion.uach.cl
630[-] IP: 201.148.104.42
631
632[+] Subdomain: www.autoevaluacion.uach.cl
633[-] IP: 201.148.104.42
634
635[+] Subdomain: construccion.uach.cl
636[-] IP: 201.148.105.84
637
638[+] Subdomain: admision.uach.cl
639[-] IP: 146.83.222.75
640
641[+] Subdomain: extension.uach.cl
642[-] IP: 64.90.52.84
643
644[+] Subdomain: vpn.uach.cl
645[-] IP: 200.2.119.114
646
647[+] Subdomain: bacalao.uach.cl
648[-] IP: 190.110.123.219
649
650[+] Subdomain: cafecientifico.uach.cl
651[-] IP: 200.2.116.252
652
653[+] Subdomain: buceocientifico.uach.cl
654[-] IP: 200.2.119.88
655
656[+] Subdomain: pelluco.uach.cl
657[-] IP: 200.2.116.80
658
659[+] Subdomain: nodopelluco.uach.cl
660[-] IP: 200.2.116.81
661
662[+] Subdomain: www.postgrado.uach.cl
663[-] IP: 146.83.222.75
664
665[+] Subdomain: derecho.uach.cl
666[-] IP: 54.207.104.105
667
668[+] Subdomain: podcastradio.uach.cl
669[-] IP: 200.2.119.184
670
671[+] Subdomain: diario.uach.cl
672[-] IP: 146.83.222.121
673
674[+] Subdomain: aniversario.uach.cl
675[-] IP: 192.185.173.65
676
677[+] Subdomain: preuniversitario.uach.cl
678[-] IP: 190.110.123.219
679
680[+] Subdomain: www.preuniversitario.uach.cl
681[-] IP: 190.110.123.219
682
683[+] Subdomain: encuentrosilvoagropecuario.uach.cl
684[-] IP: 104.37.190.203
685
686[+] Subdomain: apolo.uach.cl
687[-] IP: 146.83.222.71
688
689[+] Subdomain: siveducdemo.uach.cl
690[-] IP: 146.83.222.154
691
692[+] Subdomain: puerto.uach.cl
693[-] IP: 200.2.116.75
694
695[+] Subdomain: ap.uach.cl
696[-] IP: 146.83.222.103
697
698[+] Subdomain: uaap.uach.cl
699[-] IP: 138.117.149.70
700
701[+] Subdomain: dep.uach.cl
702[-] IP: 146.83.222.161
703
704[+] Subdomain: www.icq.uach.cl
705[-] IP: 192.185.173.50
706
707[+] Subdomain: www.doctoradobiomar.uach.cl
708[-] IP: 190.110.123.222
709
710[+] Subdomain: router.uach.cl
711[-] IP: 146.83.216.1
712
713[+] Subdomain: economicas.uach.cl
714[-] IP: 190.110.123.76
715
716[+] Subdomain: www.economicas.uach.cl
717[-] IP: 190.110.123.76
718
719[+] Subdomain: www.csbasicas.uach.cl
720[-] IP: 200.2.116.100
721
722[+] Subdomain: pedagogiamatematicas.uach.cl
723[-] IP: 200.2.116.250
724
725[+] Subdomain: noticias.uach.cl
726[-] IP: 146.83.222.90
727
728[+] Subdomain: ciencias.uach.cl
729[-] IP: 190.110.123.219
730
731[+] Subdomain: www.ciencias.uach.cl
732[-] IP: 190.110.123.219
733
734[+] Subdomain: licenciaturaenciencias.uach.cl
735[-] IP: 192.254.236.68
736
737[+] Subdomain: postgradociencias.uach.cl
738[-] IP: 190.110.123.222
739
740[+] Subdomain: www.postgradociencias.uach.cl
741[-] IP: 190.110.123.222
742
743[+] Subdomain: sitiosciencias.uach.cl
744[-] IP: 190.110.123.219
745
746[+] Subdomain: agrarias.uach.cl
747[-] IP: 104.37.190.203
748
749[+] Subdomain: www.agrarias.uach.cl
750[-] IP: 104.37.190.203
751
752[+] Subdomain: postgradoagrarias.uach.cl
753[-] IP: 104.37.190.203
754
755[+] Subdomain: revistas.uach.cl
756[-] IP: 146.83.217.169
757
758[+] Subdomain: uas.uach.cl
759[-] IP: 200.24.13.65
760
761[+] Subdomain: pc100.enlaces.uach.cl
762[-] IP: 200.2.116.13
763
764[+] Subdomain: pc5.enlaces.uach.cl
765[-] IP: 200.2.116.84
766
767[+] Subdomain: mac.enlaces.uach.cl
768[-] IP: 200.2.116.10
769
770[+] Subdomain: richard.enlaces.uach.cl
771[-] IP: 200.2.116.11
772
773[+] Subdomain: ale.enlaces.uach.cl
774[-] IP: 200.2.116.14
775
776[+] Subdomain: temporal.enlaces.uach.cl
777[-] IP: 200.2.116.18
778
779[+] Subdomain: www.humanidades.uach.cl
780[-] IP: 162.144.12.191
781
782[+] Subdomain: www.doctoradosinternacionales.uach.cl
783[-] IP: 190.196.69.222
784
785[+] Subdomain: artesvisuales.uach.cl
786[-] IP: 146.83.222.75
787
788[+] Subdomain: aplicaciones.uach.cl
789[-] IP: 146.83.222.123
790
791[+] Subdomain: operaciones.uach.cl
792[-] IP: 172.16.90.159
793
794[+] Subdomain: desastres.uach.cl
795[-] IP: 146.83.222.90
796
797[+] Subdomain: arquitectura-artes.uach.cl
798[-] IP: 146.83.222.75
799
800[+] Subdomain: deportes.uach.cl
801[-] IP: 192.185.46.39
802
803[+] Subdomain: cybertesis.uach.cl
804[-] IP: 146.83.217.166
805
806[+] Subdomain: uchaos.uach.cl
807[-] IP: 146.83.216.4
808
809[+] Subdomain: nucleos.uach.cl
810[-] IP: 192.185.173.64
811
812[+] Subdomain: empleos.uach.cl
813[-] IP: 200.29.145.55
814
815[+] Subdomain: dservicios.uach.cl
816[-] IP: 186.64.116.175
817
818[+] Subdomain: mmedios.uach.cl
819[-] IP: 146.83.222.62
820
821[+] Subdomain: www.hortprocess.uach.cl
822[-] IP: 146.83.222.75
823
824[+] Subdomain: ict.uach.cl
825[-] IP: 146.83.216.167
826
827[+] Subdomain: intranet.uach.cl
828[-] IP: 146.83.222.226
829
830[+] Subdomain: impt.uach.cl
831[-] IP: 200.73.115.31
832
833[+] Subdomain: pmontt.uach.cl
834[-] IP: 200.2.116.250
835
836[+] Subdomain: cayumapu.uach.cl
837[-] IP: 146.83.216.121
838
839[+] Subdomain: www.indiceuv.uach.cl
840[-] IP: 146.83.221.154
841
842[+] Subdomain: webproxy.uach.cl
843[-] IP: 146.83.222.119
844
845[+] Subdomain: apps.webofknowledge.com.webproxy.uach.cl
846[-] IP: 146.83.222.119
847
848[+] Subdomain: login.webproxy.uach.cl
849[-] IP: 146.83.222.119
850#################################################################################################################################
851[+] Starting At 2020-03-19 06:42:39.906823
852[+] Collecting Information On: https://www.uach.cl/
853[#] Status: 200
854--------------------------------------------------
855[#] Web Server Detected: Apache
856[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
857- Date: Thu, 19 Mar 2020 10:42:25 GMT
858- Server: Apache
859- Keep-Alive: timeout=15, max=100
860- Connection: Keep-Alive
861- Transfer-Encoding: chunked
862- Content-Type: text/html
863--------------------------------------------------
864[#] Finding Location..!
865[#] status: success
866[#] country: Chile
867[#] countryCode: CL
868[#] region: LL
869[#] regionName: Los Lagos Region
870[#] city: Port Montt
871[#] zip:
872[#] lat: -41.4709
873[#] lon: -72.9436
874[#] timezone: America/Santiago
875[#] isp: Red Universitaria Nacional
876[#] org: Red Universitaria Nacional
877[#] as: AS11340 Red Universitaria Nacional
878[#] query: 146.83.222.104
879--------------------------------------------------
880[x] Didn't Detect WAF Presence on: https://www.uach.cl/
881--------------------------------------------------
882[#] Starting Reverse DNS
883[-] Failed ! Fail
884--------------------------------------------------
885[!] Scanning Open Port
886[#] 80/tcp open http
887[#] 443/tcp open https
888[#] 8008/tcp open http
889--------------------------------------------------
890[+] Getting SSL Info
891{'OCSP': ('http://ocsp2.globalsign.com/gsorganizationvalsha2g2',),
892 'caIssuers': ('http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt',),
893 'crlDistributionPoints': ('http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl',),
894 'issuer': ((('countryName', 'BE'),),
895 (('organizationName', 'GlobalSign nv-sa'),),
896 (('commonName',
897 'GlobalSign Organization Validation CA - SHA256 - G2'),)),
898 'notAfter': 'Sep 13 16:06:02 2020 GMT',
899 'notBefore': 'Sep 12 17:56:11 2018 GMT',
900 'serialNumber': '388431511EA3421ECD0BEC40',
901 'subject': ((('countryName', 'CL'),),
902 (('stateOrProvinceName', 'Valdivia'),),
903 (('localityName', 'Valdivia'),),
904 (('organizationalUnitName',
905 'Direccion de Tecnologias de Informacion'),),
906 (('organizationName', 'Universidad Austral de Chile'),),
907 (('commonName', '*.uach.cl'),)),
908 'subjectAltName': (('DNS', '*.uach.cl'), ('DNS', 'uach.cl')),
909 'version': 3}
910-----BEGIN CERTIFICATE-----
911MIIG8jCCBdqgAwIBAgIMOIQxUR6jQh7NC+xAMA0GCSqGSIb3DQEBCwUAMGYxCzAJ
912BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH
913bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g
914RzIwHhcNMTgwOTEyMTc1NjExWhcNMjAwOTEzMTYwNjAyWjCBoDELMAkGA1UEBhMC
915Q0wxETAPBgNVBAgTCFZhbGRpdmlhMREwDwYDVQQHEwhWYWxkaXZpYTEwMC4GA1UE
916CxMnRGlyZWNjaW9uIGRlIFRlY25vbG9naWFzIGRlIEluZm9ybWFjaW9uMSUwIwYD
917VQQKExxVbml2ZXJzaWRhZCBBdXN0cmFsIGRlIENoaWxlMRIwEAYDVQQDDAkqLnVh
918Y2guY2wwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLy1kwSXqngFsc
919k6EZEG9MCf3/eBEOCFyea4PeDZ0DpwmJLpWcY8Hej9r11x+Ev6QEPP160K0K8aUf
92022fcHXGgH9JOogdl+YUkYvs97E072keGgNW0BAeGusCB9C2QGSNJSF/jASTTIlT+
921FhuI+TSIjIcAjo4+pQmAQmX1zyvJ9AsOwUHUcYHFsK4TtrcA2CtkrTTCxKVYwnZ/
922rduGzCIcVHriDNVomHHSXJSTNzrqUyJ08+u8Z2Hc7wvJgVoJQchMj7cljxRYowFc
923zieO7eFJMrX7bdXipfBSgrtrnvJYsZgjRS2aJHaJYcm4WzoUPukVWqPWclnY8sD1
924/7l6WIovAgMBAAGjggNjMIIDXzAOBgNVHQ8BAf8EBAMCBaAwgaAGCCsGAQUFBwEB
925BIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29t
926L2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcw
927AYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFs
928c2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0
929dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJ
930BgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2ln
931bi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMB0GA1UdEQQWMBSC
932CSoudWFjaC5jbIIHdWFjaC5jbDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
933AwIwHQYDVR0OBBYEFMAP5jDKTJgokiqAP+vFNSPCW/65MB8GA1UdIwQYMBaAFJbe
934YfG9HBYpUxzAzH07gwBA5hp8MIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdQCH
935db/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWXO7SX3AAAEAwBGMEQC
936IDQfr0D/F5mFBhyKjp79Wb1wbeGA1rIzXPAuXXpyRjypAiAQqTga6aQpxrbFfUAG
937R4dALQC2EhftFU/0n50ZwpjpLQB1AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+j
938qh0HE9MMAAABZc7tJhcAAAQDAEYwRAIgGnZOH4mCN0v3zxcZpMHgeXWuxkCBtvu4
93980aJvw3Gik4CICutZYDwPk0v4HDmbz3Sh3vlTBpBC1U6yFPscEjlv0oEAHYApLkJ
940kLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFlzu0p5QAABAMARzBFAiEA
941uhOzPQ7izy2qA8DjxkZr0BnF12tAuqRspWmBihabXd0CICYq/Udo6mJE2WNRrVfO
94260FxeDcQAPvjcuhgkdN0Of3ZMA0GCSqGSIb3DQEBCwUAA4IBAQBYAXQnAmU/UhNX
943VoMNKsovgVEZWjfbXtcR9N/tBVyefP+Zi7YXge4/MFCq9E4Mf1+nlEXc+Ci2iaLR
944+xTeQatmClHGw9QJ+fUhCwJ5eX1zgzRmjA+WoMOjoCs1Sl8+5hoq47o9q/6126m2
945gWYhvRtZC4o3hz/z+CNjLC9PM/RC7wkFAERRsOJyPj2DhFBBYcYB6qz1V+rDt5En
946CvfZS8WZ6pnFAGL54kUGn7SJLS2FEudk0H5lorpAVJ/vowLcpq4kA5NVqort4kRn
947Qk67dsJjWWP25yUN65bNDFROGF6spU4SP0Hp6zWQWoY7sYBrVpFhrrVKiz8iDnGN
948ut5ypTpF
949-----END CERTIFICATE-----
950
951--------------------------------------------------
952[+] Collecting Information Disclosure!
953[#] Detecting sitemap.xml file
954[-] sitemap.xml file not Found!?
955[#] Detecting robots.txt file
956[!] robots.txt File Found: https://www.uach.cl//robots.txt
957[#] Detecting GNU Mailman
958[-] GNU Mailman App Not Detected!?
959--------------------------------------------------
960[+] Crawling Url Parameter On: https://www.uach.cl/
961--------------------------------------------------
962[#] Searching Html Form !
963[+] Html Form Discovered
964[#] action: https://www.uach.cl/uach/inicio-uach/resultados
965[#] class: None
966[#] id: filterForm
967[#] method: get
968--------------------------------------------------
969[!] Found 2 dom parameter
970[#] https://www.uach.cl//#
971[#] https://www.uach.cl//#
972--------------------------------------------------
973[!] 3 Internal Dynamic Parameter Discovered
974[+] http://www.uach.cl/organizacion/vicerrectoria/academica/oficina/autoevaluacion/?go=institucional
975[+] https://derecho.uach.cl/index.php?option=com_content&view=article&id=671&catid=2
976[+] http://noticias.uach.cl/principal.php?pag=noticia-externo&cod=115441
977--------------------------------------------------
978[-] No external Dynamic Paramter Found!?
979--------------------------------------------------
980[!] 64 Internal links Discovered
981[+] https://www.uach.cl/uach/_includes/fade/default.css
982[+] https://www.uach.cl/uach/_includes/fade/nivo-slider.css
983[+] https://www.uach.cl/uach/_includes/fade/style.css
984[+] https://www.uach.cl/uach/css/sitio.css
985[+] https://www.uach.cl/uach/css/sitio.css
986[+] https://www.uach.cl/uach/_includes/baron/baron.css
987[+] https://www.uach.cl/uach/_includes/baron/style.css
988[+] https://www.uach.cl///inicio-uach/contacto
989[+] https://www.uach.cl///inicio-uach/mapa
990[+] http://intranet.uach.cl
991[+] http://international.uach.cl/
992[+] https://www.uach.cl/facultades/arquitectura-y-artes
993[+] https://www.uach.cl/facultades/ciencias
994[+] https://www.uach.cl/facultades/ciencias-agrarias
995[+] https://www.uach.cl/facultades/cs-economicas-y-administrativas
996[+] https://www.uach.cl/facultades/cs-forestales-y-recursos-naturales
997[+] https://www.uach.cl/facultades/ciencias-juridicas-y-sociales
998[+] https://www.uach.cl/facultades/ciencias-veterinarias
999[+] https://www.uach.cl/facultades/ciencias-de-la-ingenieria
1000[+] https://www.uach.cl/facultades/filosofia-y-humanidades
1001[+] https://www.uach.cl/facultades/medicina
1002[+] https://www.uach.cl/sedes-y-campus/informacion-general
1003[+] https://www.uach.cl/sedes-y-campus/sede-puerto-montt
1004[+] https://www.uach.cl/sedes-y-campus/campus-patagonia
1005[+] https://www.uach.cl/organizacion/rectoria
1006[+] https://www.uach.cl/organizacion/prorrectoria
1007[+] https://www.uach.cl/organizacion/cuerpos-colegiados
1008[+] https://www.uach.cl/organizacion/vicerrectoria-academica
1009[+] https://www.uach.cl/organizacion/vicerrectoria-sede-puerto-montt
1010[+] https://www.uach.cl/organizacion/vicerrectoria-gestion-economica
1011[+] https://www.uach.cl/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica
1012[+] https://www.uach.cl/organizacion/secretaria-general
1013[+] https://www.uach.cl/organizacion/contraloria
1014[+] https://www.uach.cl/organizacion/asociaciones-gremiales
1015[+] https://www.uach.cl//inicio-uach
1016[+] https://www.uach.cl/futuros-alumnos
1017[+] https://www.uach.cl/alumnos
1018[+] https://www.uach.cl/academicos
1019[+] https://www.uach.cl/funcionarios
1020[+] https://www.uach.cl/exalumnos
1021[+] https://diario.uach.cl/wp-content/uploads/2020/03/Protocolo-para-la-Preveci%C3%B3n-del-Contagio-de-COVID-19-UACh-16.03.2020.pdf
1022[+] https://diario.uach.cl/uach-realizara-matricula-on-line-para-sus-estudiantes/
1023[+] https://www.uach.cl////www.uach.cl/transparencia
1024[+] https://www.uach.cl///sedes-y-campus/informacion-general/mapas
1025[+] https://siveduc.uach.cl/
1026[+] http://tvaustral.uach.cl
1027[+] https://www.uach.cl/dw/guia/
1028[+] https://diario.uach.cl/wp-content/uploads/2020/03/Protocolo-para-la-Preveci%C3%B3n-del-Contagio-de-COVID-19-UACh-16.03.2020.pdf
1029[+] http://diario.uach.cl/
1030[+] https://www.mbauach.cl/
1031[+] https://diario.uach.cl/postulaciones-abiertas-para-diplomado-en-arte-terapia/
1032[+] https://diario.uach.cl/nuevo-llamado-a-concurso-academico-para-integrarse-a-las-facultades-de-ciencias-ciencias-de-la-ingenieria-y-medicina/
1033[+] https://radiouach.cl/
1034[+] http://diario.uach.cl
1035[+] https://diario.uach.cl/dan-a-conocer-resultados-de-segunda-encuesta-de-proceso-constituyente-en-chile/
1036[+] https://diario.uach.cl/covid-19-uach-anuncia-nuevas-medidas-ante-emergencia-sanitaria/
1037[+] https://diario.uach.cl/por-contingencia-de-covid-19-sede-puerto-montt-cede-espacio-para-urgencia-de-maternidad/
1038[+] https://diario.uach.cl/artistas-y-creadores-exponen-sus-obras-en-la-appalachian-state-university/
1039[+] https://diario.uach.cl/uach-realizara-matricula-on-line-para-sus-estudiantes/
1040[+] https://diario.uach.cl/covid-19-uach-coordina-acciones-con-autoridades-de-salud-y-educacion/
1041[+] http://www.uach.cl/
1042[+] https://secure12.uach.cl/servicios/certificados/
1043[+] http://empleos.uach.cl
1044[+] http://vinculacion.uach.cl/index.php/unidades-adscritas/radio-uach
1045--------------------------------------------------
1046[!] 10 External links Discovered
1047[#] https://www.facebook.com/UAustraldeChile/
1048[#] https://twitter.com/UAustraldeChile
1049[#] https://www.instagram.com/universidadaustraldechile/
1050[#] https://online.flippingbook.com/view/919282/
1051[#] http://innovat.education/innovat-education-es/
1052[#] http://www.consejoderectores.cl
1053[#] http://redg9.cl
1054[#] http://www.explora.cl/rios
1055[#] http://www.universia.cl
1056[#] http://www.reuna.cl
1057--------------------------------------------------
1058[#] Mapping Subdomain..
1059[-] No Any Subdomain Found
1060[!] Found 0 Subdomain
1061--------------------------------------------------
1062[!] Done At 2020-03-19 06:43:19.379504
1063#################################################################################################################################
1064[INFO] ------TARGET info------
1065[*] TARGET: https://www.uach.cl/
1066[*] TARGET IP: 146.83.222.104
1067[INFO] NO load balancer detected for www.uach.cl...
1068[*] DNS servers: callecalle5.uach.cl. ns1.uach.cl.
1069[*] TARGET server: Apache
1070[*] CC: CL
1071[*] Country: Chile
1072[*] RegionCode: LL
1073[*] RegionName: Los Lagos Region
1074[*] City: Port Montt
1075[*] ASN: AS11340
1076[*] BGP_PREFIX: 146.83.222.0/24
1077[*] ISP: Red Universitaria Nacional, CL
1078[INFO] SSL/HTTPS certificate detected
1079[*] Issuer: issuer=C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization Validation CA - SHA256 - G2
1080[*] Subject: subject=C = CL, ST = Valdivia, L = Valdivia, OU = Direccion de Tecnologias de Informacion, O = Universidad Austral de Chile, CN = *.uach.cl
1081[INFO] DNS enumeration:
1082[*] apolo.uach.cl 146.83.222.71
1083[*] ftp.uach.cl picarte.uca.uach.cl.
1084[*] intranet.uach.cl 146.83.222.226
1085[*] ns1.uach.cl 200.2.119.126
1086[*] ns2.uach.cl terminus.reuna.cl. 146.83.183.94
1087[*] router.uach.cl 146.83.216.1
1088[*] siem.uach.cl 200.2.117.40
1089[*] stream.uach.cl 146.83.222.206
1090[*] vpn.uach.cl 200.2.119.114
1091[INFO] Possible abuse mails are:
1092[*] abuse@uach.cl
1093[*] abuse@www.uach.cl
1094[*] sjaque@reuna.cl
1095[*] t.lynch@impsat.com
1096[*] vgadda@impsat.com
1097[INFO] NO PAC (Proxy Auto Configuration) file FOUND
1098[ALERT] robots.txt file FOUND in http://www.uach.cl/robots.txt
1099[INFO] Checking for HTTP status codes recursively from http://www.uach.cl/robots.txt
1100[INFO] Status code Folders
1101[INFO] Starting FUZZing in http://www.uach.cl/FUzZzZzZzZz...
1102[INFO] Status code Folders
1103[ALERT] Look in the source code. It may contain passwords
1104
1105Recherche 146.83.222.104
1106Connexion HTTP à 146.83.222.104
1107Envoi de la requête HTTP.
1108Requête HTTP envoyée. Attente de réponse.
1109HTTP/1.1 302 Found
1110Transfert de données terminé
1111HTTP/1.1 302 Found
1112Utilisation de https://146.83.222.104/
1113Recherche 146.83.222.104
1114Connexion HTTPS à 146.83.222.104
1115
1116lynx : accès impossible au fichier de départ http://146.83.222.104/
1117[INFO] Links found from https://www.uach.cl/ http://146.83.222.104/:
1118[*] http://diario.uach.cl/
1119[*] http://empleos.uach.cl/
1120[*] http://innovat.education/innovat-education-es/
1121[*] http://international.uach.cl/
1122[*] http://intranet.uach.cl/
1123[*] http://noticias.uach.cl/principal.php?pag=noticia-externo&cod=115441
1124[*] http://redg9.cl/
1125[*] https://derecho.uach.cl/index.php?option=com_content&view=article&id=671&catid=2
1126[*] https://diario.uach.cl/artistas-y-creadores-exponen-sus-obras-en-la-appalachian-state-university/
1127[*] https://diario.uach.cl/covid-19-uach-anuncia-nuevas-medidas-ante-emergencia-sanitaria/
1128[*] https://diario.uach.cl/covid-19-uach-coordina-acciones-con-autoridades-de-salud-y-educacion/
1129[*] https://diario.uach.cl/dan-a-conocer-resultados-de-segunda-encuesta-de-proceso-constituyente-en-chile/
1130[*] https://diario.uach.cl/nuevo-llamado-a-concurso-academico-para-integrarse-a-las-facultades-de-ciencias-ciencias-de-la-ingenieria-y-medicina/
1131[*] https://diario.uach.cl/por-contingencia-de-covid-19-sede-puerto-montt-cede-espacio-para-urgencia-de-maternidad/
1132[*] https://diario.uach.cl/postulaciones-abiertas-para-diplomado-en-arte-terapia/
1133[*] https://diario.uach.cl/uach-realizara-matricula-on-line-para-sus-estudiantes/
1134[*] https://diario.uach.cl/wp-content/uploads/2020/03/Protocolo-para-la-Preveci%C3%B3n-del-Contagio-de-COVID-19-UACh-16.03.2020.pdf
1135[*] https://online.flippingbook.com/view/919282/
1136[*] https://radiouach.cl/
1137[*] https://secure12.uach.cl/servicios/certificados/
1138[*] https://siveduc.uach.cl/
1139[*] https://twitter.com/UAustraldeChile
1140[*] https://www.facebook.com/UAustraldeChile/
1141[*] https://www.instagram.com/universidadaustraldechile/
1142[*] https://www.mbauach.cl/
1143[*] https://www.uach.cl/
1144[*] https://www.uach.cl/academicos
1145[*] https://www.uach.cl/alumnos
1146[*] https://www.uach.cl/dw/guia/
1147[*] https://www.uach.cl/exalumnos
1148[*] https://www.uach.cl/facultades/arquitectura-y-artes
1149[*] https://www.uach.cl/facultades/ciencias
1150[*] https://www.uach.cl/facultades/ciencias-agrarias
1151[*] https://www.uach.cl/facultades/ciencias-de-la-ingenieria
1152[*] https://www.uach.cl/facultades/ciencias-juridicas-y-sociales
1153[*] https://www.uach.cl/facultades/ciencias-veterinarias
1154[*] https://www.uach.cl/facultades/cs-economicas-y-administrativas
1155[*] https://www.uach.cl/facultades/cs-forestales-y-recursos-naturales
1156[*] https://www.uach.cl/facultades/filosofia-y-humanidades
1157[*] https://www.uach.cl/facultades/medicina
1158[*] https://www.uach.cl/funcionarios
1159[*] https://www.uach.cl/futuros-alumnos
1160[*] https://www.uach.cl/inicio-uach/contacto
1161[*] https://www.uach.cl/inicio-uach/mapa
1162[*] https://www.uach.cl/internacional/principal
1163[*] https://www.uach.cl/investigacion/principal
1164[*] https://www.uach.cl/#Map3
1165[*] https://www.uach.cl/organizacion/asociaciones-gremiales
1166[*] https://www.uach.cl/organizacion/contraloria
1167[*] https://www.uach.cl/organizacion/cuerpos-colegiados
1168[*] https://www.uach.cl/organizacion/prorrectoria
1169[*] https://www.uach.cl/organizacion/rectoria
1170[*] https://www.uach.cl/organizacion/secretaria-general
1171[*] https://www.uach.cl/organizacion/vicerrectoria-academica
1172[*] https://www.uach.cl/organizacion/vicerrectoria-gestion-economica
1173[*] https://www.uach.cl/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica
1174[*] https://www.uach.cl/organizacion/vicerrectoria-sede-puerto-montt
1175[*] https://www.uach.cl/postgrado/principal
1176[*] https://www.uach.cl/pregrado/principal
1177[*] https://www.uach.cl/sedes-y-campus/campus-patagonia
1178[*] https://www.uach.cl/sedes-y-campus/informacion-general
1179[*] https://www.uach.cl/sedes-y-campus/informacion-general/mapas
1180[*] https://www.uach.cl/sedes-y-campus/sede-puerto-montt
1181[*] https://www.uach.cl/servicios/principal
1182[*] https://www.uach.cl/transparencia
1183[*] https://www.uach.cl/vinculacion/principal
1184[*] http://tvaustral.uach.cl/
1185[*] http://vinculacion.uach.cl/index.php/unidades-adscritas/radio-uach
1186[*] http://www.consejoderectores.cl/
1187[*] http://www.explora.cl/rios
1188[*] http://www.reuna.cl/
1189[*] http://www.uach.cl/
1190[*] http://www.uach.cl/organizacion/vicerrectoria/academica/oficina/autoevaluacion/?go=institucional
1191[*] http://www.universia.cl/
1192cut: intervalle de champ incorrecte
1193Saisissez « cut --help » pour plus d'informations.
1194[INFO] Shodan detected the following opened ports on 146.83.222.104:
1195[*] 0
1196[*] 443
1197[*] 7
1198[*] 80
1199[*] 8008
1200[INFO] ------VirusTotal SECTION------
1201[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
1202[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
1203[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
1204[INFO] ------Alexa Rank SECTION------
1205[INFO] Percent of Visitors Rank in Country:
1206[INFO] Percent of Search Traffic:
1207[INFO] Percent of Unique Visits:
1208[INFO] Total Sites Linking In:
1209[*] Total Sites
1210[INFO] Useful links related to www.uach.cl - 146.83.222.104:
1211[*] https://www.virustotal.com/pt/ip-address/146.83.222.104/information/
1212[*] https://www.hybrid-analysis.com/search?host=146.83.222.104
1213[*] https://www.shodan.io/host/146.83.222.104
1214[*] https://www.senderbase.org/lookup/?search_string=146.83.222.104
1215[*] https://www.alienvault.com/open-threat-exchange/ip/146.83.222.104
1216[*] http://pastebin.com/search?q=146.83.222.104
1217[*] http://urlquery.net/search.php?q=146.83.222.104
1218[*] http://www.alexa.com/siteinfo/www.uach.cl
1219[*] http://www.google.com/safebrowsing/diagnostic?site=www.uach.cl
1220[*] https://censys.io/ipv4/146.83.222.104
1221[*] https://www.abuseipdb.com/check/146.83.222.104
1222[*] https://urlscan.io/search/#146.83.222.104
1223[*] https://github.com/search?q=146.83.222.104&type=Code
1224[INFO] Useful links related to AS11340 - 146.83.222.0/24:
1225[*] http://www.google.com/safebrowsing/diagnostic?site=AS:11340
1226[*] https://www.senderbase.org/lookup/?search_string=146.83.222.0/24
1227[*] http://bgp.he.net/AS11340
1228[*] https://stat.ripe.net/AS11340
1229[INFO] Date: 19/03/20 | Time: 06:44:55
1230[INFO] Total time: 2 minute(s) and 18 second(s)
1231#################################################################################################################################
1232Trying "uach.cl"
1233;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42414
1234;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
1235
1236;; QUESTION SECTION:
1237;uach.cl. IN ANY
1238
1239;; ANSWER SECTION:
1240uach.cl. 43200 IN A 146.83.222.104
1241uach.cl. 43200 IN TXT "v=spf1 include:spf.protection.outlook.com ip4:146.83.222.104 ip4:146.83.222.226 ip4:146.83.222.71 ip4:146.83.222.155 ip4:146.83.222.235 ~all"
1242uach.cl. 43200 IN MX 10 uach-cl.mail.protection.outlook.com.
1243uach.cl. 43200 IN SOA ns1.uach.cl. operaciones.uach.cl. 2019070936 10800 3600 604800 86400
1244uach.cl. 3319 IN NS secundario.nic.cl.
1245uach.cl. 3319 IN NS ns1.uach.cl.
1246
1247;; ADDITIONAL SECTION:
1248ns1.uach.cl. 3319 IN A 200.2.119.126
1249
1250Received 356 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 200 ms
1251#################################################################################################################################
1252; <<>> DiG 9.11.16-2-Debian <<>> +trace uach.cl any
1253;; global options: +cmd
1254. 86400 IN NS a.root-servers.net.
1255. 86400 IN NS b.root-servers.net.
1256. 86400 IN NS c.root-servers.net.
1257. 86400 IN NS d.root-servers.net.
1258. 86400 IN NS e.root-servers.net.
1259. 86400 IN NS f.root-servers.net.
1260. 86400 IN NS g.root-servers.net.
1261. 86400 IN NS h.root-servers.net.
1262. 86400 IN NS i.root-servers.net.
1263. 86400 IN NS j.root-servers.net.
1264. 86400 IN NS k.root-servers.net.
1265. 86400 IN NS l.root-servers.net.
1266. 86400 IN NS m.root-servers.net.
1267. 86400 IN RRSIG NS 8 0 518400 20200401050000 20200319040000 33853 . B3YXtn4NP7F4Mmz433w+D9K44DZZBZGg42mA3MiPA2BmABNBMMifiBIf 2HFQMlZgheM0MmYGP8ttqX4hrRVNBbEi8cJrKQCGKei3yNyDN97Hyb7v jaZHU1/JMo/tqohMHmneUjKSSotkyix9lmOC7r8CxdG10k3X0QY9/Z5J l38szvHxmroMv2i09ouE9ATWx7+heQtUObBpmlmTMbCb8dNERp+I4kVC NbyvXqiu/8JMuhtDHGWNw/yd97lyh2wCgJooDP2uLyPKBbBC3fLEzYet C/agaiSZYjVM+YJXH7FZVYjh3098wqJ3VHBgQ8Gz5/Dk/Gi13/lA3qxh ylhQ+w==
1268;; Received 525 bytes from 10.101.0.243#53(10.101.0.243) in 231 ms
1269
1270cl. 172800 IN NS b.nic.cl.
1271cl. 172800 IN NS cl-ns.anycast.pch.net.
1272cl. 172800 IN NS cl2-tld.d-zone.ca.
1273cl. 172800 IN NS cl1-tld.d-zone.ca.
1274cl. 172800 IN NS a.nic.cl.
1275cl. 172800 IN NS cl1.dnsnode.net.
1276cl. 172800 IN NS c.nic.cl.
1277cl. 86400 IN DS 21199 8 2 7D756DFFAB6D3CD9C786FF5C659954C22944FAEF9433EEE26F1D84EB 5370B394
1278cl. 86400 IN RRSIG DS 8 1 86400 20200401050000 20200319040000 33853 . J/bYw/wt6wrtEI6UY2Ai8GEvNGSuXnl3TBfOa1RXcAdNr4ddBEcNj3Zo p5sAaA4WQrnHkqYNIGR1w1e6VF6L86u939/e5An9Z8DROlqIEpUuTO/r mbjOrWCbwDBEddMy/S3m191LwvWdeqZ/D4SGj/GWLanN1MiUbOrUcV9z DDYFGAEcV01Cxt7uuvhzHMI6dtXjPAYmWW6qr3kYqUz419UWGmaLw1sw Fiv8x5i9UHb5FJ5DzdFeVkHs6ozRbtThrhMG0Rbk1lAUdYJz5beaFT/s vhXejaCD8uAapf0meevvdTMcqgJug86DbvsjSX5ffdvuV/g/5Z4lrePc 86Mb/Q==
1279;; Received 845 bytes from 2001:500:200::b#53(b.root-servers.net) in 73 ms
1280
1281uach.cl. 3600 IN NS secundario.nic.cl.
1282uach.cl. 3600 IN NS ns1.uach.cl.
12834QBMV5HQ44Q4FC4C1LGEF9SHCMUMLRG7.cl. 900 IN NSEC3 1 1 2 47C94D988D5BA14CC65BDA845F3CFDBE 4RPNA8P5NK73BDFKM8BVVOR3CAAL7V7E NS SOA TXT RRSIG DNSKEY NSEC3PARAM
12844QBMV5HQ44Q4FC4C1LGEF9SHCMUMLRG7.cl. 900 IN RRSIG NSEC3 8 2 900 20200502015756 20200319093027 24384 cl. imerCW/AusopBzTsD9ZRdVpMhSXX2cKuRhuGOkH3ME8dMvueuraSUmIF cz222TWJfb8AMeEN6m7aEqyVIxOHzfO0ScYbBhZuZkl5KrifuZc9Vwgg /kyjT6vAHnCTrFcPauw+j5LmscRVNH0K7TKKxXyPV7a+bLRZfF/K/Lkd 5io=
1285OFHG1S869T14IKP6KJ524ARQMV07DS9C.cl. 900 IN NSEC3 1 1 2 47C94D988D5BA14CC65BDA845F3CFDBE OKOS5URGGTD78SMHFSC7OE9N3DQ5MC7Q NS DS RRSIG
1286OFHG1S869T14IKP6KJ524ARQMV07DS9C.cl. 900 IN RRSIG NSEC3 8 2 900 20200429075201 20200319093027 24384 cl. vxkxqk3A4We1fmVnFKVwjnc9rHpi4yR6fBzG8d19AzvLuGYoSuCNXxLH ZMKOr41YWGXI17RhSaXb7aX8jpF8vbk0OnJ9EqYdZ16WazOu1vE0mMYC yVrOdN4dTNnLHko2Q+9OAVJ+/Iw3NUOQs6hx2OcMHtZBccmxFRCdIh8z 3Os=
1287;; Received 1018 bytes from 200.16.112.16#53(c.nic.cl) in 388 ms
1288
1289uach.cl. 86400 IN SOA ns1.uach.cl. operaciones.uach.cl. 2019070936 10800 3600 604800 86400
1290uach.cl. 86400 IN NS secundario.nic.cl.
1291uach.cl. 86400 IN NS ns1.uach.cl.
1292uach.cl. 86400 IN MX 10 uach-cl.mail.protection.outlook.com.
1293uach.cl. 86400 IN TXT "v=spf1 include:spf.protection.outlook.com ip4:146.83.222.104 ip4:146.83.222.226 ip4:146.83.222.71 ip4:146.83.222.155 ip4:146.83.222.235 ~all"
1294uach.cl. 86400 IN A 146.83.222.104
1295;; Received 367 bytes from 200.2.119.126#53(ns1.uach.cl) in 403 ms
1296#################################################################################################################################
1297[*] Performing General Enumeration of Domain: uach.cl
1298[-] DNSSEC is not configured for uach.cl
1299[*] SOA ns1.uach.cl 200.2.119.126
1300[*] NS ns1.uach.cl 200.2.119.126
1301[*] Bind Version for 200.2.119.126 b'unknow'
1302[*] NS secundario.nic.cl 200.7.5.7
1303[*] Bind Version for 200.7.5.7 b'BIND 9'
1304[*] NS secundario.nic.cl 2001:1398:276:0:200:7:5:7
1305[*] Bind Version for 2001:1398:276:0:200:7:5:7 b'BIND 9'
1306[*] MX uach-cl.mail.protection.outlook.com 104.47.33.36
1307[*] A uach.cl 146.83.222.104
1308[*] Enumerating SRV Records
1309[*] SRV _sip._tls.uach.cl sipdir.online.lync.com 52.112.196.11 443 1
1310[*] SRV _sip._tls.uach.cl sipdir.online.lync.com 2603:1027:0:2::b 443 1
1311[*] SRV _sipfederationtls._tcp.uach.cl sipfed.online.lync.com 52.112.192.139 5061 1
1312[*] SRV _sipfederationtls._tcp.uach.cl sipfed.online.lync.com 2603:1027:0:48::c 5061 1
1313[+] 4 Records Found
1314#################################################################################################################################
1315 AVAILABLE PLUGINS
1316 -----------------
1317
1318 SessionRenegotiationPlugin
1319 SessionResumptionPlugin
1320 CompressionPlugin
1321 OpenSslCipherSuitesPlugin
1322 CertificateInfoPlugin
1323 FallbackScsvPlugin
1324 HttpHeadersPlugin
1325 EarlyDataPlugin
1326 OpenSslCcsInjectionPlugin
1327 RobotPlugin
1328 HeartbleedPlugin
1329
1330
1331
1332 CHECKING HOST(S) AVAILABILITY
1333 -----------------------------
1334
1335 146.83.222.104:443 => 146.83.222.104
1336
1337
1338
1339
1340 SCAN RESULTS FOR 146.83.222.104:443 - 146.83.222.104
1341 ----------------------------------------------------
1342
1343 * TLSV1_3 Cipher Suites:
1344 Server rejected all cipher suites.
1345
1346 * TLS 1.2 Session Resumption Support:
1347 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1348 With TLS Tickets: OK - Supported
1349
1350 * Session Renegotiation:
1351 Client-initiated Renegotiation: OK - Rejected
1352 Secure Renegotiation: OK - Supported
1353
1354 * Deflate Compression:
1355 OK - Compression disabled
1356
1357 * TLSV1_1 Cipher Suites:
1358 Server rejected all cipher suites.
1359
1360 * Certificate Information:
1361 Content
1362 SHA1 Fingerprint: 0a255f16352f8fa89b35399a21ef67445931b3d1
1363 Common Name: *.uach.cl
1364 Issuer: GlobalSign Organization Validation CA - SHA256 - G2
1365 Serial Number: 17490971650536066425136344128
1366 Not Before: 2018-09-12 17:56:11
1367 Not After: 2020-09-13 16:06:02
1368 Signature Algorithm: sha256
1369 Public Key Algorithm: RSA
1370 Key Size: 2048
1371 Exponent: 65537 (0x10001)
1372 DNS Subject Alternative Names: ['*.uach.cl', 'uach.cl']
1373
1374 Trust
1375 Hostname Validation: FAILED - Certificate does NOT match 146.83.222.104
1376 Android CA Store (9.0.0_r9): OK - Certificate is trusted
1377 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
1378 Java CA Store (jdk-12.0.1): OK - Certificate is trusted
1379 Mozilla CA Store (2019-03-14): OK - Certificate is trusted
1380 Windows CA Store (2019-05-27): OK - Certificate is trusted
1381 Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
1382 Received Chain: *.uach.cl --> GlobalSign Organization Validation CA - SHA256 - G2
1383 Verified Chain: *.uach.cl --> GlobalSign Organization Validation CA - SHA256 - G2 --> GlobalSign Root CA
1384 Received Chain Contains Anchor: OK - Anchor certificate not sent
1385 Received Chain Order: OK - Order is valid
1386 Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
1387
1388 Extensions
1389 OCSP Must-Staple: NOT SUPPORTED - Extension not found
1390 Certificate Transparency: OK - 3 SCTs included
1391
1392 OCSP Stapling
1393 NOT SUPPORTED - Server did not send back an OCSP response
1394
1395 * Downgrade Attacks:
1396 TLS_FALLBACK_SCSV: OK - Supported
1397
1398 * TLSV1_2 Cipher Suites:
1399 Forward Secrecy OK - Supported
1400 RC4 OK - Not Supported
1401
1402 Preferred:
1403 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
1404 Accepted:
1405 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
1406 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
1407 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
1408 TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
1409 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1410 TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
1411 TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
1412 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1413 TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1414 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
1415 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
1416 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1417 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
1418 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
1419 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1420 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1421 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
1422 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
1423 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
1424 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
1425 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1426 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
1427 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
1428 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1429 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1430 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1431
1432 * OpenSSL Heartbleed:
1433 OK - Not vulnerable to Heartbleed
1434
1435 * ROBOT Attack:
1436 OK - Not vulnerable
1437
1438 * OpenSSL CCS Injection:
1439 OK - Not vulnerable to OpenSSL CCS injection
1440
1441 * SSLV2 Cipher Suites:
1442 Server rejected all cipher suites.
1443
1444 * TLSV1 Cipher Suites:
1445 Server rejected all cipher suites.
1446
1447 * SSLV3 Cipher Suites:
1448 Server rejected all cipher suites.
1449
1450
1451 SCAN COMPLETED IN 33.82 S
1452 -------------------------
1453#################################################################################################################################
1454traceroute to www.uach.cl (146.83.222.104), 30 hops max, 60 byte packets
1455 1 _gateway (10.203.17.1) 135.362 ms 135.364 ms 135.357 ms
1456 2 * * *
1457 3 te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49) 136.945 ms 136.937 ms 136.929 ms
1458 4 be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249) 136.807 ms 136.807 ms 135.434 ms
1459 5 be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194) 140.962 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190) 140.909 ms 140.920 ms
1460 6 be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1) 162.883 ms 162.427 ms 162.380 ms
1461 7 be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205) 171.541 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209) 167.967 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205) 175.118 ms
1462 8 be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41) 256.167 ms 256.159 ms 259.428 ms
1463 9 be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70) 256.798 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130) 259.395 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70) 256.766 ms
146410 be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117) 260.735 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197) 256.835 ms be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117) 252.239 ms
146511 be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110) 248.591 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245) 257.435 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110) 251.392 ms
146612 be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65) 258.394 ms 257.957 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158) 263.845 ms
146713 be3482.ccr21.mia01.atlas.cogentco.com (154.54.24.146) 276.999 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222) 269.999 ms be3482.ccr21.mia01.atlas.cogentco.com (154.54.24.146) 280.477 ms
146814 be3482.ccr21.mia01.atlas.cogentco.com (154.54.24.146) 278.959 ms 278.502 ms be3400.ccr21.mia03.atlas.cogentco.com (154.54.47.18) 276.768 ms
146915 38.104.95.186 (38.104.95.186) 276.911 ms 280.307 ms 280.905 ms
147016 38.104.95.186 (38.104.95.186) 279.731 ms cl-us.redclara.net (200.0.204.59) 384.730 ms 38.104.95.186 (38.104.95.186) 279.538 ms
147117 cl-us.redclara.net (200.0.204.59) 382.832 ms reacciun-pa.redclara.net (200.0.204.150) 389.484 ms 385.912 ms
147218 ra-uach-cga.reuna.cl (146.83.244.51) 397.718 ms 395.550 ms reacciun-pa.redclara.net (200.0.204.150) 391.505 ms
147319 * ra-uach-cga.reuna.cl (146.83.244.51) 403.107 ms *
1474#################################################################################################################################
1475Domains still to check: 1
1476 Checking if the hostname uach.cl. given is in fact a domain...
1477
1478Analyzing domain: uach.cl.
1479 Checking NameServers using system default resolver...
1480 IP: 200.2.119.126 (Chile)
1481 HostName: ns1.uach.cl Type: NS
1482 HostName: ns1.uach.cl Type: PTR
1483 IP: 200.7.5.7 (Chile)
1484 HostName: secundario.nic.cl Type: NS
1485 HostName: secundario.nic.cl Type: PTR
1486
1487 Checking MailServers using system default resolver...
1488 IP: 104.47.32.36 (United States)
1489 HostName: uach-cl.mail.protection.outlook.com Type: MX
1490 HostName: mail-sn1nam010036.inbound.protection.outlook.com Type: PTR
1491
1492 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
1493 No zone transfer found on nameserver 200.7.5.7
1494 No zone transfer found on nameserver 200.2.119.126
1495
1496 Checking SPF record...
1497
1498 Checking SPF record...
1499 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 40.92.0.0/15, but only the network IP
1500 New IP found: 40.92.0.0
1501 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 40.107.0.0/16, but only the network IP
1502 New IP found: 40.107.0.0
1503 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 52.100.0.0/14, but only the network IP
1504 New IP found: 52.100.0.0
1505 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 104.47.0.0/17, but only the network IP
1506 New IP found: 104.47.0.0
1507 There are no IPv4 addresses in the SPF. Maybe IPv6.
1508 There are no IPv4 addresses in the SPF. Maybe IPv6.
1509 New IP found: 146.83.222.104
1510 New IP found: 146.83.222.226
1511 New IP found: 146.83.222.71
1512 New IP found: 146.83.222.155
1513 New IP found: 146.83.222.235
1514
1515 Checking 192 most common hostnames using system default resolver...
1516 IP: 146.83.222.104 (Chile)
1517 Type: SPF
1518 HostName: www.uach.cl. Type: A
1519 HostName: callecalle5.uach.cl Type: PTR
1520 IP: 146.83.222.76 (Chile)
1521 HostName: secure.uach.cl. Type: A
1522 IP: 200.2.119.126 (Chile)
1523 HostName: ns1.uach.cl Type: NS
1524 HostName: ns1.uach.cl Type: PTR
1525 HostName: ns1.uach.cl. Type: A
1526 IP: 146.83.183.94 (Chile)
1527 HostName: ns2.uach.cl. Type: A
1528 IP: 172.16.54.202 (None)
1529 HostName: ntp.uach.cl. Type: A
1530 IP: 146.83.216.1 (Chile)
1531 HostName: router.uach.cl. Type: A
1532
1533 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
1534 Checking netblock 52.100.0.0
1535 Checking netblock 104.47.32.0
1536 Checking netblock 146.83.222.0
1537 Checking netblock 172.16.54.0
1538 Checking netblock 104.47.0.0
1539 Checking netblock 200.7.5.0
1540 Checking netblock 146.83.183.0
1541 Checking netblock 200.2.119.0
1542 Checking netblock 40.107.0.0
1543 Checking netblock 146.83.216.0
1544 Checking netblock 40.92.0.0
1545
1546 Searching for uach.cl. emails in Google
1547 jardinbotanico@uach.cl�
1548 sindicato.trabajadores@uach.cl; - Is this real?
1549 jisaez@uach.cl.
1550 ausrevista@uach.cl
1551 sbrauchi@uach.cl.
1552 ausrevista@uach.cl.
1553 etalentos@uach.cl.
1554 cotth@uach.cl
1555 sergio.estay@uach.cl
1556 cotth@uach.cl.
1557 archmv@uach.cl.
1558 escuela.graduados.facjuridica@uach.cl. - Is this real?
1559 asuntos.internacionales@uach.cl. - Is this real?
1560 pmarshall@uach.cl
1561 monserratguerra@uach.cl.
1562 ediciones@uach.cl
1563 gonzalo.tampier@uach.cl.
1564 last@uach.cl
1565 alexandre.corgne@uach.cl
1566 olga.barbosa@uach.cl
1567 jiriarte@uach.cl.
1568 ceruach@uach.cl.
1569
1570 Checking 16 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
1571 Host 52.100.0.0 is down
1572 Host 104.47.32.36 is up (syn-ack ttl 105)
1573 Host 146.83.222.71 is down
1574 Host 146.83.222.76 is down
1575 Host 172.16.54.202 is down
1576 Host 146.83.222.104 is up (syn-ack ttl 41)
1577 Host 104.47.0.0 is down
1578 Host 146.83.222.226 is down
1579 Host 200.7.5.7 is up (udp-response ttl 46)
1580 Host 146.83.222.235 is up (syn-ack ttl 44)
1581 Host 146.83.183.94 is up (echo-reply ttl 46)
1582 Host 200.2.119.126 is up (udp-response ttl 43)
1583 Host 40.107.0.0 is down
1584 Host 146.83.216.1 is down
1585 Host 40.92.0.0 is down
1586 Host 146.83.222.155 is down
1587
1588 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
1589 Scanning ip 104.47.32.36 (mail-sn1nam010036.inbound.protection.outlook.com (PTR)):
1590 25/tcp open smtp syn-ack ttl 105 Microsoft Exchange smtpd
1591 | smtp-commands: SN1NAM01FT018.mail.protection.outlook.com Hello [45.132.192.67], SIZE 157286400, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, 8BITMIME, BINARYMIME, CHUNKING, SMTPUTF8,
1592 |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT
1593 | ssl-cert: Subject: commonName=mail.protection.outlook.com/organizationName=Microsoft Corporation/stateOrProvinceName=Washington/countryName=US
1594 | Subject Alternative Name: DNS:mail.protection.outlook.com, DNS:*.mail.eo.outlook.com, DNS:*.mail.protection.outlook.com, DNS:mail.messaging.microsoft.com, DNS:outlook.com, DNS:*.olc.protection.outlook.com, DNS:*.pamx1.hotmail.com
1595 | Issuer: commonName=GlobalSign Organization Validation CA - SHA256 - G3/organizationName=GlobalSign nv-sa/countryName=BE
1596 | Public Key type: rsa
1597 | Public Key bits: 2048
1598 | Signature Algorithm: sha256WithRSAEncryption
1599 | Not valid before: 2020-02-24T18:33:10
1600 | Not valid after: 2022-02-24T18:33:10
1601 | MD5: 4f90 9eee 29eb abe5 e29a d55e 8c08 c310
1602 |_SHA-1: ea85 9504 40a6 97c1 8482 3304 a7dc 19e5 fcd5 8e6b
1603 |_ssl-date: 2020-03-19T10:55:27+00:00; -5s from scanner time.
1604 OS Info: Service Info: Host: SN1NAM01FT031.mail.protection.outlook.com; OS: Windows; CPE: cpe:/o:microsoft:windows
1605 |_clock-skew: -5s
1606 Scanning ip 146.83.222.104 (callecalle5.uach.cl (PTR)):
1607 80/tcp open http syn-ack ttl 41 Apache httpd
1608 | http-methods:
1609 |_ Supported Methods: GET HEAD POST OPTIONS
1610 |_http-server-header: Apache
1611 |_http-title: Did not follow redirect to https://146.83.222.104/
1612 443/tcp open ssl/http syn-ack ttl 41 Apache httpd
1613 | ssl-cert: Subject: commonName=*.uach.cl/organizationName=Universidad Austral de Chile/stateOrProvinceName=Valdivia/countryName=CL
1614 | Subject Alternative Name: DNS:*.uach.cl, DNS:uach.cl
1615 | Issuer: commonName=GlobalSign Organization Validation CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
1616 | Public Key type: rsa
1617 | Public Key bits: 2048
1618 | Signature Algorithm: sha256WithRSAEncryption
1619 | Not valid before: 2018-09-12T17:56:11
1620 | Not valid after: 2020-09-13T16:06:02
1621 | MD5: 2591 57c5 3d2e e7ba 9c6d 2028 7325 bf37
1622 |_SHA-1: 0a25 5f16 352f 8fa8 9b35 399a 21ef 6744 5931 b3d1
1623 |_ssl-date: 2020-03-19T10:58:26+00:00; -16s from scanner time.
1624 8008/tcp open http syn-ack ttl 44
1625 | fingerprint-strings:
1626 | FourOhFourRequest:
1627 | HTTP/1.1 302 Found
1628 | Location: https://:8010/nice%20ports%2C/Tri%6Eity.txt%2ebak
1629 | Connection: close
1630 | X-Frame-Options: SAMEORIGIN
1631 | X-XSS-Protection: 1; mode=block
1632 | X-Content-Type-Options: nosniff
1633 | Content-Security-Policy: frame-ancestors
1634 | GenericLines, HTTPOptions, RTSPRequest, SIPOptions:
1635 | HTTP/1.1 302 Found
1636 | Location: https://:8010
1637 | Connection: close
1638 | X-Frame-Options: SAMEORIGIN
1639 | X-XSS-Protection: 1; mode=block
1640 | X-Content-Type-Options: nosniff
1641 | Content-Security-Policy: frame-ancestors
1642 | GetRequest:
1643 | HTTP/1.1 302 Found
1644 | Location: https://:8010/
1645 | Connection: close
1646 | X-Frame-Options: SAMEORIGIN
1647 | X-XSS-Protection: 1; mode=block
1648 | X-Content-Type-Options: nosniff
1649 |_ Content-Security-Policy: frame-ancestors
1650 | http-methods:
1651 |_ Supported Methods: GET HEAD POST OPTIONS
1652 |_http-title: Did not follow redirect to https://146.83.222.104:8010/
1653 |_https-redirect: ERROR: Script execution failed (use -d to debug)
1654 OS Info: Service Info: Host: localhost.localdomain
1655 Scanning ip 200.7.5.7 (secundario.nic.cl (PTR)):
1656 53/tcp open domain syn-ack ttl 46 (unknown banner: BIND 9)
1657 | dns-nsid:
1658 | NSID: sec-blanco (7365632d626c616e636f)
1659 | id.server: sec-blanco
1660 |_ bind.version: BIND 9
1661 | fingerprint-strings:
1662 | DNSVersionBindReqTCP:
1663 | version
1664 | bind
1665 |_ BIND 9
1666 Scanning ip 146.83.222.235 ():
1667 80/tcp open http syn-ack ttl 44 Apache httpd 2.2.15
1668 |_http-server-header: Apache/2.2.15 (CentOS)
1669 |_http-title: 403 Forbidden
1670 443/tcp open ssl/http syn-ack ttl 41 Apache httpd 2.2.15
1671 | ssl-cert: Subject: commonName=*.uach.cl/organizationName=Universidad Austral de Chile/stateOrProvinceName=Valdivia/countryName=CL
1672 | Subject Alternative Name: DNS:*.uach.cl, DNS:uach.cl
1673 | Issuer: commonName=GlobalSign Organization Validation CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
1674 | Public Key type: rsa
1675 | Public Key bits: 2048
1676 | Signature Algorithm: sha256WithRSAEncryption
1677 | Not valid before: 2018-09-12T17:56:11
1678 | Not valid after: 2020-09-13T16:06:02
1679 | MD5: 2591 57c5 3d2e e7ba 9c6d 2028 7325 bf37
1680 |_SHA-1: 0a25 5f16 352f 8fa8 9b35 399a 21ef 6744 5931 b3d1
1681 |_ssl-date: 2020-03-19T11:01:34+00:00; -1m07s from scanner time.
1682 8008/tcp open http syn-ack ttl 44
1683 | fingerprint-strings:
1684 | FourOhFourRequest:
1685 | HTTP/1.1 302 Found
1686 | Location: https://:8010/nice%20ports%2C/Tri%6Eity.txt%2ebak
1687 | Connection: close
1688 | X-Frame-Options: SAMEORIGIN
1689 | X-XSS-Protection: 1; mode=block
1690 | X-Content-Type-Options: nosniff
1691 | Content-Security-Policy: frame-ancestors
1692 | GenericLines, HTTPOptions, RTSPRequest, SIPOptions:
1693 | HTTP/1.1 302 Found
1694 | Location: https://:8010
1695 | Connection: close
1696 | X-Frame-Options: SAMEORIGIN
1697 | X-XSS-Protection: 1; mode=block
1698 | X-Content-Type-Options: nosniff
1699 | Content-Security-Policy: frame-ancestors
1700 | GetRequest:
1701 | HTTP/1.1 302 Found
1702 | Location: https://:8010/
1703 | Connection: close
1704 | X-Frame-Options: SAMEORIGIN
1705 | X-XSS-Protection: 1; mode=block
1706 | X-Content-Type-Options: nosniff
1707 |_ Content-Security-Policy: frame-ancestors
1708 | http-methods:
1709 |_ Supported Methods: GET HEAD POST OPTIONS
1710 |_http-title: Did not follow redirect to https://146.83.222.235:8010/
1711 |_https-redirect: ERROR: Script execution failed (use -d to debug)
1712 OS Info: Service Info: Hosts: 146.83.222.235, siveduc.uach.cl
1713 Scanning ip 146.83.183.94 (ns2.uach.cl.):
1714 53/tcp open domain syn-ack ttl 46 ISC BIND 9.3.6-P1 (RedHat Enterprise Linux 5)
1715 | dns-nsid:
1716 |_ bind.version: 9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.3
1717 Device type: firewall|general purpose|proxy server|WAP|PBX|media device|storage-misc
1718 OS Info: Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:5
1719 Scanning ip 200.2.119.126 (ns1.uach.cl.):
1720 53/tcp open domain syn-ack ttl 43 (unknown banner: unknow)
1721 | dns-nsid:
1722 |_ bind.version: unknow
1723 | fingerprint-strings:
1724 | DNSVersionBindReqTCP:
1725 | version
1726 | bind
1727 |_ unknow
1728 WebCrawling domain's web servers... up to 50 max links.
1729
1730 + URL to crawl: http://www.uach.cl.
1731 + Date: 2020-03-19
1732
1733 + Crawling URL: http://www.uach.cl.:
1734 + Links:
1735 + Crawling http://www.uach.cl.
1736 + Crawling http://www.uach.cl./inicio-uach/contacto
1737 + Crawling http://www.uach.cl./inicio-uach/mapa
1738 + Crawling http://www.uach.cl./inicio-uach
1739 + Crawling http://www.uach.cl./www.uach.cl/transparencia (404 Not Found)
1740 + Crawling http://www.uach.cl./sedes-y-campus/informacion-general/mapas
1741 + Crawling http://www.uach.cl./dw/guia/
1742 + Crawling http://www.uach.cl./inicio-uach/contacto/inicio-uach
1743 + Crawling http://www.uach.cl./inicio-uach/mapa/inicio-uach
1744 + Crawling http://www.uach.cl./inicio-uach/inicio-uach
1745 + Crawling http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach
1746 + Crawling http://www.uach.cl./dw/guia/js/modal/source/jquery.fancybox.js?v=2.1.5 (File! Not crawling it.)
1747 + Crawling http://www.uach.cl./dw/guia/js/modal/source/jquery.fancybox.css?v=2.1.5 (File! Not crawling it.)
1748 + Crawling http://www.uach.cl./dw/guia/js/modal/source/helpers/jquery.fancybox-media.js?v=1.0.6 (File! Not crawling it.)
1749 + Crawling http://www.uach.cl./dw/guia/inicio-uach
1750 + Crawling http://www.uach.cl./dw/guia/servicios
1751 + Crawling http://www.uach.cl./dw/guia/funciones
1752 + Crawling http://www.uach.cl./mapas
1753 + Crawling http://www.uach.cl./dw/guia/codigos
1754 + Crawling http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach
1755 + Crawling http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach
1756 + Crawling http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach
1757 + Crawling http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach
1758 + Crawling http://www.uach.cl./dw/guia/inicio-uach/inicio-uach
1759 + Crawling http://www.uach.cl./dw/guia/servicios/inicio-uach
1760 + Crawling http://www.uach.cl./dw/guia/funciones/inicio-uach
1761 + Crawling http://www.uach.cl./dw/guia/codigos/inicio-uach
1762 + Crawling http://www.uach.cl./secure01.uach.cl/infofuncionarios/CheqLogin.aspx?pagina=PerCambiadatos.aspx (404 Not Found)
1763 + Crawling http://www.uach.cl./dw/guia/codigos/
1764 + Crawling http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach
1765 + Crawling http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach
1766 + Crawling http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach
1767 + Crawling http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach
1768 + Crawling http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach
1769 + Crawling http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach
1770 + Crawling http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach
1771 + Crawling http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach
1772 + Crawling http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1773 + Crawling http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1774 + Crawling http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1775 + Crawling http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1776 + Crawling http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1777 + Crawling http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach
1778 + Crawling http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach
1779 + Crawling http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach
1780 + Crawling http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1781 + Crawling http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1782 + Crawling http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1783 + Crawling http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1784 + Crawling http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1785 + Crawling http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1786 + Crawling http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1787 + Crawling http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach
1788 + Searching for directories...
1789 - Found: http://www.uach.cl./inicio-uach/
1790 - Found: http://www.uach.cl./www.uach.cl/
1791 - Found: http://www.uach.cl./sedes-y-campus/
1792 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/
1793 - Found: http://www.uach.cl./dw/
1794 - Found: http://www.uach.cl./dw/guia/
1795 - Found: http://www.uach.cl./inicio-uach/contacto/
1796 - Found: http://www.uach.cl./inicio-uach/mapa/
1797 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/
1798 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/
1799 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/
1800 - Found: http://www.uach.cl./inicio-uach/inicio-uach/
1801 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/
1802 - Found: http://www.uach.cl./dw/guia/inicio-uach/
1803 - Found: http://www.uach.cl./dw/guia/servicios/
1804 - Found: http://www.uach.cl./dw/guia/funciones/
1805 - Found: http://www.uach.cl./dw/guia/codigos/
1806 - Found: http://www.uach.cl./secure01.uach.cl/
1807 - Found: http://www.uach.cl./secure01.uach.cl/infofuncionarios/
1808 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/
1809 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/
1810 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/
1811 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/
1812 - Found: http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/
1813 - Found: http://www.uach.cl./dw/guia/servicios/inicio-uach/
1814 - Found: http://www.uach.cl./dw/guia/funciones/inicio-uach/
1815 - Found: http://www.uach.cl./dw/guia/codigos/inicio-uach/
1816 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/
1817 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/
1818 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1819 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/
1820 - Found: http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/
1821 - Found: http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/
1822 - Found: http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/
1823 - Found: http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/
1824 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1825 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1826 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1827 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1828 - Found: http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1829 - Found: http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/
1830 - Found: http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/
1831 - Found: http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/
1832 - Found: http://www.uach.cl./_includes/
1833 - Found: http://www.uach.cl./_includes/fade/
1834 - Found: http://www.uach.cl./_imag/
1835 - Found: http://www.uach.cl./uach/
1836 - Found: http://www.uach.cl./uach/cache/
1837 - Found: http://www.uach.cl./inicio-uach/contacto/_includes/
1838 - Found: http://www.uach.cl./inicio-uach/contacto/_includes/fade/
1839 - Found: http://www.uach.cl./inicio-uach/contacto/_imag/
1840 - Found: http://www.uach.cl./inicio-uach/mapa/_imag/
1841 - Found: http://www.uach.cl./inicio-uach/_includes/
1842 - Found: http://www.uach.cl./inicio-uach/_includes/fade/
1843 - Found: http://www.uach.cl./inicio-uach/_imag/
1844 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/_imag/
1845 - Found: http://www.uach.cl./uach/_file/
1846 - Found: http://www.uach.cl./dw/guia/css/
1847 - Found: http://www.uach.cl./dw/guia/css/webfontkit/
1848 - Found: http://www.uach.cl./dw/guia/css/font/
1849 - Found: http://www.uach.cl./dw/guia/css/font/garamond/
1850 - Found: http://www.uach.cl./dw/guia/js/
1851 - Found: http://www.uach.cl./dw/guia/js/modal/
1852 - Found: http://www.uach.cl./dw/guia/js/modal/lib/
1853 - Found: http://www.uach.cl./dw/guia/_imag/
1854 - Found: http://www.uach.cl./dw/guia/img/
1855 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/_includes/
1856 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/_includes/fade/
1857 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/_imag/
1858 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/_includes/
1859 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/_includes/fade/
1860 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/_imag/
1861 - Found: http://www.uach.cl./inicio-uach/inicio-uach/_includes/
1862 - Found: http://www.uach.cl./inicio-uach/inicio-uach/_includes/fade/
1863 - Found: http://www.uach.cl./inicio-uach/inicio-uach/_imag/
1864 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_includes/
1865 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_includes/fade/
1866 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_imag/
1867 - Found: http://www.uach.cl./dw/guia/js/modal/source/
1868 - Found: http://www.uach.cl./dw/guia/js/modal/source/helpers/
1869 - Found: http://www.uach.cl./dw/guia/inicio-uach/_imag/
1870 - Found: http://www.uach.cl./img/
1871 - Found: http://www.uach.cl./dw/guia/servicios/css/
1872 - Found: http://www.uach.cl./dw/guia/servicios/css/webfontkit/
1873 - Found: http://www.uach.cl./dw/guia/servicios/js/
1874 - Found: http://www.uach.cl./dw/guia/servicios/js/accordion/
1875 - Found: http://www.uach.cl./code.jquery.com/
1876 - Found: http://www.uach.cl./dw/guia/servicios/_imag/
1877 - Found: http://www.uach.cl./dw/guia/funciones/css/
1878 - Found: http://www.uach.cl./dw/guia/funciones/css/webfontkit/
1879 - Found: http://www.uach.cl./dw/guia/funciones/js/
1880 - Found: http://www.uach.cl./dw/guia/funciones/js/accordion/
1881 - Found: http://www.uach.cl./dw/guia/funciones/_imag/
1882 - Found: http://www.uach.cl./dw/guia/codigos/css/
1883 - Found: http://www.uach.cl./dw/guia/codigos/css/webfontkit/
1884 - Found: http://www.uach.cl./dw/guia/codigos/js/
1885 - Found: http://www.uach.cl./dw/guia/codigos/js/accordion/
1886 - Found: http://www.uach.cl./dw/guia/codigos/_imag/
1887 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_includes/
1888 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_includes/fade/
1889 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_imag/
1890 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_includes/
1891 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_includes/fade/
1892 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_imag/
1893 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_includes/
1894 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1895 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_imag/
1896 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_includes/
1897 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_includes/fade/
1898 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_imag/
1899 - Found: http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/_imag/
1900 - Found: http://www.uach.cl./dw/guia/servicios/inicio-uach/_imag/
1901 - Found: http://www.uach.cl./dw/guia/funciones/inicio-uach/_imag/
1902 - Found: http://www.uach.cl./dw/guia/codigos/inicio-uach/_imag/
1903 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_includes/
1904 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1905 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_imag/
1906 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_includes/
1907 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1908 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_imag/
1909 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/
1910 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1911 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1912 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_includes/
1913 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1914 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_imag/
1915 - Found: http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/_imag/
1916 - Found: http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/_imag/
1917 - Found: http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/_imag/
1918 - Found: http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/_imag/
1919 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/
1920 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1921 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1922 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/
1923 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1924 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1925 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/
1926 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1927 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1928 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/
1929 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1930 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1931 - Found: http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1932 - Found: http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/_imag/
1933 - Found: http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/_imag/
1934 - Found: http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/_imag/
1935 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1936 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/
1937 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1938 - Found: http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1939 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1940 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/
1941 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1942 - Found: http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1943 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1944 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/
1945 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1946 - Found: http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1947 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1948 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/
1949 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/
1950 - Found: http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1951 - Found: http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1952 - Found: http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1953 - Found: http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1954 - Found: http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1955 - Found: http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1956 - Found: http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1957 - Found: http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach/
1958 - Found: http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/
1959 + Searching open folders...
1960 - http://www.uach.cl./inicio-uach/ (404 Not Found)
1961 - http://www.uach.cl./www.uach.cl/ (404 Not Found)
1962 - http://www.uach.cl./sedes-y-campus/ (404 Not Found)
1963 - http://www.uach.cl./sedes-y-campus/informacion-general/ (404 Not Found)
1964 - http://www.uach.cl./dw/ (403 Forbidden)
1965 - http://www.uach.cl./dw/guia/ (No Open Folder)
1966 - http://www.uach.cl./inicio-uach/contacto/ (404 Not Found)
1967 - http://www.uach.cl./inicio-uach/mapa/ (404 Not Found)
1968 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/ (404 Not Found)
1969 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/ (404 Not Found)
1970 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/ (404 Not Found)
1971 - http://www.uach.cl./inicio-uach/inicio-uach/ (404 Not Found)
1972 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/ (404 Not Found)
1973 - http://www.uach.cl./dw/guia/inicio-uach/ (No Open Folder)
1974 - http://www.uach.cl./dw/guia/servicios/ (No Open Folder)
1975 - http://www.uach.cl./dw/guia/funciones/ (No Open Folder)
1976 - http://www.uach.cl./dw/guia/codigos/ (No Open Folder)
1977 - http://www.uach.cl./secure01.uach.cl/ (404 Not Found)
1978 - http://www.uach.cl./secure01.uach.cl/infofuncionarios/ (404 Not Found)
1979 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/ (404 Not Found)
1980 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/ (404 Not Found)
1981 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
1982 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/ (404 Not Found)
1983 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/ (No Open Folder)
1984 - http://www.uach.cl./dw/guia/servicios/inicio-uach/ (No Open Folder)
1985 - http://www.uach.cl./dw/guia/funciones/inicio-uach/ (No Open Folder)
1986 - http://www.uach.cl./dw/guia/codigos/inicio-uach/ (No Open Folder)
1987 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
1988 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
1989 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
1990 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
1991 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/ (No Open Folder)
1992 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/ (No Open Folder)
1993 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/ (No Open Folder)
1994 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/ (No Open Folder)
1995 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
1996 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
1997 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
1998 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
1999 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No Open Folder)
2000 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/ (No Open Folder)
2001 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/ (No Open Folder)
2002 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/ (No Open Folder)
2003 - http://www.uach.cl./_includes/ (404 Not Found)
2004 - http://www.uach.cl./_includes/fade/ (404 Not Found)
2005 - http://www.uach.cl./_imag/ (404 Not Found)
2006 - http://www.uach.cl./uach/ (No Open Folder)
2007 - http://www.uach.cl./uach/cache/ (403 Forbidden)
2008 - http://www.uach.cl./inicio-uach/contacto/_includes/ (404 Not Found)
2009 - http://www.uach.cl./inicio-uach/contacto/_includes/fade/ (404 Not Found)
2010 - http://www.uach.cl./inicio-uach/contacto/_imag/ (404 Not Found)
2011 - http://www.uach.cl./inicio-uach/mapa/_imag/ (404 Not Found)
2012 - http://www.uach.cl./inicio-uach/_includes/ (404 Not Found)
2013 - http://www.uach.cl./inicio-uach/_includes/fade/ (404 Not Found)
2014 - http://www.uach.cl./inicio-uach/_imag/ (404 Not Found)
2015 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/_imag/ (404 Not Found)
2016 - http://www.uach.cl./uach/_file/ (403 Forbidden)
2017 - http://www.uach.cl./dw/guia/css/ (403 Forbidden)
2018 - http://www.uach.cl./dw/guia/css/webfontkit/ (403 Forbidden)
2019 - http://www.uach.cl./dw/guia/css/font/ (403 Forbidden)
2020 - http://www.uach.cl./dw/guia/css/font/garamond/ (403 Forbidden)
2021 - http://www.uach.cl./dw/guia/js/ (403 Forbidden)
2022 - http://www.uach.cl./dw/guia/js/modal/ (403 Forbidden)
2023 - http://www.uach.cl./dw/guia/js/modal/lib/ (403 Forbidden)
2024 - http://www.uach.cl./dw/guia/_imag/ (No Open Folder)
2025 - http://www.uach.cl./dw/guia/img/ (403 Forbidden)
2026 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_includes/ (404 Not Found)
2027 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_includes/fade/ (404 Not Found)
2028 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_imag/ (404 Not Found)
2029 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_includes/ (404 Not Found)
2030 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_includes/fade/ (404 Not Found)
2031 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_imag/ (404 Not Found)
2032 - http://www.uach.cl./inicio-uach/inicio-uach/_includes/ (404 Not Found)
2033 - http://www.uach.cl./inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2034 - http://www.uach.cl./inicio-uach/inicio-uach/_imag/ (404 Not Found)
2035 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_includes/ (404 Not Found)
2036 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_includes/fade/ (404 Not Found)
2037 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_imag/ (404 Not Found)
2038 - http://www.uach.cl./dw/guia/js/modal/source/ (403 Forbidden)
2039 - http://www.uach.cl./dw/guia/js/modal/source/helpers/ (403 Forbidden)
2040 - http://www.uach.cl./dw/guia/inicio-uach/_imag/ (No Open Folder)
2041 - http://www.uach.cl./img/ (403 Forbidden)
2042 - http://www.uach.cl./dw/guia/servicios/css/ (No Open Folder)
2043 - http://www.uach.cl./dw/guia/servicios/css/webfontkit/ (No Open Folder)
2044 - http://www.uach.cl./dw/guia/servicios/js/ (No Open Folder)
2045 - http://www.uach.cl./dw/guia/servicios/js/accordion/ (No Open Folder)
2046 - http://www.uach.cl./code.jquery.com/ (404 Not Found)
2047 - http://www.uach.cl./dw/guia/servicios/_imag/ (No Open Folder)
2048 - http://www.uach.cl./dw/guia/funciones/css/ (No Open Folder)
2049 - http://www.uach.cl./dw/guia/funciones/css/webfontkit/ (No Open Folder)
2050 - http://www.uach.cl./dw/guia/funciones/js/ (No Open Folder)
2051 - http://www.uach.cl./dw/guia/funciones/js/accordion/ (No Open Folder)
2052 - http://www.uach.cl./dw/guia/funciones/_imag/ (No Open Folder)
2053 - http://www.uach.cl./dw/guia/codigos/css/ (No Open Folder)
2054 - http://www.uach.cl./dw/guia/codigos/css/webfontkit/ (No Open Folder)
2055 - http://www.uach.cl./dw/guia/codigos/js/ (No Open Folder)
2056 - http://www.uach.cl./dw/guia/codigos/js/accordion/ (No Open Folder)
2057 - http://www.uach.cl./dw/guia/codigos/_imag/ (No Open Folder)
2058 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2059 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2060 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2061 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2062 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2063 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2064 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2065 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2066 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2067 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2068 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2069 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2070 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2071 - http://www.uach.cl./dw/guia/servicios/inicio-uach/_imag/ (No Open Folder)
2072 - http://www.uach.cl./dw/guia/funciones/inicio-uach/_imag/ (No Open Folder)
2073 - http://www.uach.cl./dw/guia/codigos/inicio-uach/_imag/ (No Open Folder)
2074 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2075 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2076 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2077 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2078 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2079 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2080 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2081 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2082 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2083 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2084 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2085 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2086 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2087 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2088 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2089 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2090 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2091 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2092 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2093 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2094 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2095 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2096 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2097 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2098 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2099 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2100 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2101 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2102 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2103 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2104 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2105 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2106 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2107 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2108 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2109 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2110 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2111 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2112 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2113 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2114 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2115 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2116 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2117 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2118 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2119 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2120 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2121 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2122 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No Open Folder)
2123 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2124 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No Open Folder)
2125 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2126 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No Open Folder)
2127 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2128 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No Open Folder)
2129 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No Open Folder)
2130 + Crawl finished successfully.
2131----------------------------------------------------------------------
2132Summary of http://http://www.uach.cl.
2133----------------------------------------------------------------------
2134+ Links crawled:
2135 - http://www.uach.cl.
2136 - http://www.uach.cl./dw/guia/
2137 - http://www.uach.cl./dw/guia/codigos
2138 - http://www.uach.cl./dw/guia/codigos/
2139 - http://www.uach.cl./dw/guia/codigos/inicio-uach
2140 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach
2141 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach
2142 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2143 - http://www.uach.cl./dw/guia/funciones
2144 - http://www.uach.cl./dw/guia/funciones/inicio-uach
2145 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach
2146 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach
2147 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2148 - http://www.uach.cl./dw/guia/inicio-uach
2149 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach
2150 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach
2151 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2152 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2153 - http://www.uach.cl./dw/guia/servicios
2154 - http://www.uach.cl./dw/guia/servicios/inicio-uach
2155 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach
2156 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach
2157 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2158 - http://www.uach.cl./inicio-uach
2159 - http://www.uach.cl./inicio-uach/contacto
2160 - http://www.uach.cl./inicio-uach/contacto/inicio-uach
2161 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach
2162 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach
2163 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2164 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2165 - http://www.uach.cl./inicio-uach/inicio-uach
2166 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach
2167 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach
2168 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2169 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2170 - http://www.uach.cl./inicio-uach/mapa
2171 - http://www.uach.cl./inicio-uach/mapa/inicio-uach
2172 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach
2173 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach
2174 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2175 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2176 - http://www.uach.cl./mapas
2177 - http://www.uach.cl./secure01.uach.cl/infofuncionarios/CheqLogin.aspx?pagina=PerCambiadatos.aspx (404 Not Found)
2178 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas
2179 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach
2180 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach
2181 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach
2182 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2183 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach
2184 - http://www.uach.cl./www.uach.cl/transparencia (404 Not Found)
2185 Total links crawled: 50
2186
2187+ Links to files found:
2188 - http://www.uach.cl./_imag/facebook.jpg
2189 - http://www.uach.cl./_imag/menu_f.jpg
2190 - http://www.uach.cl./_imag/twitter.jpg
2191 - http://www.uach.cl./_includes/fade/jquery-1.7.1.min.js
2192 - http://www.uach.cl./code.jquery.com/jquery-1.10.2.js
2193 - http://www.uach.cl./dw/guia/_imag/facebook.jpg
2194 - http://www.uach.cl./dw/guia/_imag/menu_f.jpg
2195 - http://www.uach.cl./dw/guia/_imag/twitter.jpg
2196 - http://www.uach.cl./dw/guia/codigos/_imag/facebook.jpg
2197 - http://www.uach.cl./dw/guia/codigos/_imag/menu_f.jpg
2198 - http://www.uach.cl./dw/guia/codigos/_imag/twitter.jpg
2199 - http://www.uach.cl./dw/guia/codigos/css/webfontkit/stylesheet.css
2200 - http://www.uach.cl./dw/guia/codigos/inicio-uach/_imag/facebook.jpg
2201 - http://www.uach.cl./dw/guia/codigos/inicio-uach/_imag/menu_f.jpg
2202 - http://www.uach.cl./dw/guia/codigos/inicio-uach/_imag/twitter.jpg
2203 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/_imag/facebook.jpg
2204 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/_imag/menu_f.jpg
2205 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/_imag/twitter.jpg
2206 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2207 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2208 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2209 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2210 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2211 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2212 - http://www.uach.cl./dw/guia/codigos/js/accordion/jquery-ui.css
2213 - http://www.uach.cl./dw/guia/codigos/js/accordion/jquery-ui.js
2214 - http://www.uach.cl./dw/guia/css/font/garamond/font-uach.css
2215 - http://www.uach.cl./dw/guia/css/webfontkit/stylesheet.css
2216 - http://www.uach.cl./dw/guia/funciones/_imag/facebook.jpg
2217 - http://www.uach.cl./dw/guia/funciones/_imag/menu_f.jpg
2218 - http://www.uach.cl./dw/guia/funciones/_imag/twitter.jpg
2219 - http://www.uach.cl./dw/guia/funciones/css/webfontkit/stylesheet.css
2220 - http://www.uach.cl./dw/guia/funciones/inicio-uach/_imag/facebook.jpg
2221 - http://www.uach.cl./dw/guia/funciones/inicio-uach/_imag/menu_f.jpg
2222 - http://www.uach.cl./dw/guia/funciones/inicio-uach/_imag/twitter.jpg
2223 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/_imag/facebook.jpg
2224 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/_imag/menu_f.jpg
2225 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/_imag/twitter.jpg
2226 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2227 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2228 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2229 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2230 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2231 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2232 - http://www.uach.cl./dw/guia/funciones/js/accordion/jquery-ui.css
2233 - http://www.uach.cl./dw/guia/funciones/js/accordion/jquery-ui.js
2234 - http://www.uach.cl./dw/guia/img/b-centrex.png
2235 - http://www.uach.cl./dw/guia/img/b-codigos.png
2236 - http://www.uach.cl./dw/guia/img/b-planos.png
2237 - http://www.uach.cl./dw/guia/img/b-servicios.png
2238 - http://www.uach.cl./dw/guia/inicio-uach/_imag/facebook.jpg
2239 - http://www.uach.cl./dw/guia/inicio-uach/_imag/menu_f.jpg
2240 - http://www.uach.cl./dw/guia/inicio-uach/_imag/twitter.jpg
2241 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/_imag/facebook.jpg
2242 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/_imag/menu_f.jpg
2243 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/_imag/twitter.jpg
2244 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2245 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2246 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2247 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2248 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2249 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2250 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2251 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2252 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2253 - http://www.uach.cl./dw/guia/js/ajax_funciones.js
2254 - http://www.uach.cl./dw/guia/js/modal/lib/jquery-1.10.1.min.js
2255 - http://www.uach.cl./dw/guia/js/modal/lib/jquery.mousewheel-3.0.6.pack.js
2256 - http://www.uach.cl./dw/guia/js/modal/source/helpers/jquery.fancybox-media.js?v=1.0.6
2257 - http://www.uach.cl./dw/guia/js/modal/source/jquery.fancybox.css?v=2.1.5
2258 - http://www.uach.cl./dw/guia/js/modal/source/jquery.fancybox.js?v=2.1.5
2259 - http://www.uach.cl./dw/guia/servicios/_imag/facebook.jpg
2260 - http://www.uach.cl./dw/guia/servicios/_imag/menu_f.jpg
2261 - http://www.uach.cl./dw/guia/servicios/_imag/twitter.jpg
2262 - http://www.uach.cl./dw/guia/servicios/css/webfontkit/stylesheet.css
2263 - http://www.uach.cl./dw/guia/servicios/inicio-uach/_imag/facebook.jpg
2264 - http://www.uach.cl./dw/guia/servicios/inicio-uach/_imag/menu_f.jpg
2265 - http://www.uach.cl./dw/guia/servicios/inicio-uach/_imag/twitter.jpg
2266 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/_imag/facebook.jpg
2267 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/_imag/menu_f.jpg
2268 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/_imag/twitter.jpg
2269 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2270 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2271 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2272 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2273 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2274 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2275 - http://www.uach.cl./dw/guia/servicios/js/accordion/jquery-ui.css
2276 - http://www.uach.cl./dw/guia/servicios/js/accordion/jquery-ui.js
2277 - http://www.uach.cl./img/noencontrada.jpg
2278 - http://www.uach.cl./inicio-uach/_imag/facebook.jpg
2279 - http://www.uach.cl./inicio-uach/_imag/menu_f.jpg
2280 - http://www.uach.cl./inicio-uach/_imag/twitter.jpg
2281 - http://www.uach.cl./inicio-uach/_includes/fade/jquery-1.7.1.min.js
2282 - http://www.uach.cl./inicio-uach/contacto/_imag/facebook.jpg
2283 - http://www.uach.cl./inicio-uach/contacto/_imag/menu_f.jpg
2284 - http://www.uach.cl./inicio-uach/contacto/_imag/twitter.jpg
2285 - http://www.uach.cl./inicio-uach/contacto/_includes/fade/jquery-1.7.1.min.js
2286 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_imag/facebook.jpg
2287 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_imag/menu_f.jpg
2288 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_imag/twitter.jpg
2289 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2290 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_imag/facebook.jpg
2291 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_imag/menu_f.jpg
2292 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_imag/twitter.jpg
2293 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2294 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2295 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2296 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2297 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2298 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2299 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2300 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2301 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2302 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2303 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2304 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2305 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2306 - http://www.uach.cl./inicio-uach/inicio-uach/_imag/facebook.jpg
2307 - http://www.uach.cl./inicio-uach/inicio-uach/_imag/menu_f.jpg
2308 - http://www.uach.cl./inicio-uach/inicio-uach/_imag/twitter.jpg
2309 - http://www.uach.cl./inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2310 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2311 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2312 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2313 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2314 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2315 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2316 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2317 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2318 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2319 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2320 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2321 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2322 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2323 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2324 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2325 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2326 - http://www.uach.cl./inicio-uach/mapa/_imag/facebook.jpg
2327 - http://www.uach.cl./inicio-uach/mapa/_imag/menu_f.jpg
2328 - http://www.uach.cl./inicio-uach/mapa/_imag/twitter.jpg
2329 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_imag/facebook.jpg
2330 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_imag/menu_f.jpg
2331 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_imag/twitter.jpg
2332 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2333 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_imag/facebook.jpg
2334 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_imag/menu_f.jpg
2335 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_imag/twitter.jpg
2336 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2337 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2338 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2339 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2340 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2341 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2342 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2343 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2344 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2345 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2346 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2347 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2348 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2349 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/_imag/facebook.jpg
2350 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/_imag/menu_f.jpg
2351 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/_imag/twitter.jpg
2352 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_imag/facebook.jpg
2353 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_imag/menu_f.jpg
2354 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_imag/twitter.jpg
2355 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2356 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_imag/facebook.jpg
2357 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_imag/menu_f.jpg
2358 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_imag/twitter.jpg
2359 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2360 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2361 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2362 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2363 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2364 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2365 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2366 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2367 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2368 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/facebook.jpg
2369 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/menu_f.jpg
2370 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/twitter.jpg
2371 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/jquery-1.7.1.min.js
2372 - http://www.uach.cl./uach/_file/mapa_miraflores.png
2373 - http://www.uach.cl./uach/_file/mapa_teja.png
2374 - http://www.uach.cl./uach/_file/mapas_puerto.png
2375 - http://www.uach.cl./uach/cache/not-2019-12-escudo_uach.jpg
2376 - http://www.uach.cl./uach/cache/not-2020-03-dsc_8336.jpg
2377 - http://www.uach.cl./uach/cache/not-2020-03-dsc_8603-recorte.jpg
2378 - http://www.uach.cl./uach/cache/not-2020-03-img_0066.jpg
2379 - http://www.uach.cl./uach/cache/not-2020-03-rea-de-consultas-y-procedimientos-clinicos-universidad-austral-de-chile.jpg
2380 - http://www.uach.cl./uach/cache/not-2020-03-rs-matricula-online.jpg
2381 Total links to files: 193
2382
2383+ Externals links found:
2384 - http://diario.uach.cl
2385 - http://diario.uach.cl/
2386 - http://empleos.uach.cl
2387 - http://innovat.education/innovat-education-es/
2388 - http://international.uach.cl/
2389 - http://intranet.uach.cl
2390 - http://maps.googleapis.com/maps/api/js?key=AIzaSyAJGZXvdnKZYEuAkxnK8SvWZO_uF4ySUzs&sensor=false
2391 - http://noticias.uach.cl/principal.php?pag=noticia-externo&cod=115441
2392 - http://redg9.cl
2393 - http://tvaustral.uach.cl
2394 - http://vinculacion.uach.cl/index.php/unidades-adscritas/radio-uach
2395 - http://www.consejoderectores.cl
2396 - http://www.consejoderectores.cl/
2397 - http://www.explora.cl/rios
2398 - http://www.reuna.cl
2399 - http://www.uach.cl/
2400 - http://www.uach.cl/academicos
2401 - http://www.uach.cl/alumnos
2402 - http://www.uach.cl/dw/guia
2403 - http://www.uach.cl/dw/mapas/6/miraflores
2404 - http://www.uach.cl/dw/mapas/6/puertomontt
2405 - http://www.uach.cl/exalumnos
2406 - http://www.uach.cl/facultades/arquitectura-y-artes
2407 - http://www.uach.cl/facultades/ciencias
2408 - http://www.uach.cl/facultades/ciencias-agrarias
2409 - http://www.uach.cl/facultades/ciencias-de-la-ingenieria
2410 - http://www.uach.cl/facultades/ciencias-juridicas-y-sociales
2411 - http://www.uach.cl/facultades/ciencias-veterinarias
2412 - http://www.uach.cl/facultades/cs-economicas-y-administrativas
2413 - http://www.uach.cl/facultades/cs-forestales-y-recursos-naturales
2414 - http://www.uach.cl/facultades/filosofia-y-humanidades
2415 - http://www.uach.cl/facultades/medicina
2416 - http://www.uach.cl/funcionarios
2417 - http://www.uach.cl/futuros-alumnos
2418 - http://www.uach.cl/organizacion/asociaciones-gremiales
2419 - http://www.uach.cl/organizacion/contraloria
2420 - http://www.uach.cl/organizacion/cuerpos-colegiados
2421 - http://www.uach.cl/organizacion/prorrectoria
2422 - http://www.uach.cl/organizacion/rectoria
2423 - http://www.uach.cl/organizacion/secretaria-general
2424 - http://www.uach.cl/organizacion/vicerrectoria-academica
2425 - http://www.uach.cl/organizacion/vicerrectoria-gestion-economica
2426 - http://www.uach.cl/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica
2427 - http://www.uach.cl/organizacion/vicerrectoria-sede-puerto-montt
2428 - http://www.uach.cl/organizacion/vicerrectoria/academica/oficina/autoevaluacion/?go=institucional
2429 - http://www.uach.cl/sedes-y-campus/campus-patagonia
2430 - http://www.uach.cl/sedes-y-campus/informacion-general
2431 - http://www.uach.cl/sedes-y-campus/sede-puerto-montt
2432 - http://www.uach.cl/uach/_file/5151be071d10c.jpg
2433 - http://www.uach.cl/uach/_file/518d15c15279d.jpg
2434 - http://www.uach.cl/uach/_imag/buscar.jpg
2435 - http://www.uach.cl/uach/_imag/logo.jpg
2436 - http://www.uach.cl/uach/_imag/pix_menu3.jpg
2437 - http://www.uach.cl/uach/_includes/buscar.js
2438 - http://www.uach.cl/uach/_includes/carousel/jquery-1.6.2.min.js
2439 - http://www.uach.cl/uach/_includes/fade/default.css
2440 - http://www.uach.cl/uach/_includes/fade/jquery-2.1.1.js
2441 - http://www.uach.cl/uach/_includes/fade/style.css
2442 - http://www.uach.cl/uach/css/info.css
2443 - http://www.uach.cl/uach/css/sitio.css
2444 - http://www.uach.cl/uach/css/tabla.css
2445 - http://www.universia.cl
2446 - https://derecho.uach.cl/index.php?option=com_content&view=article&id=671&catid=2
2447 - https://diario.uach.cl/artistas-y-creadores-exponen-sus-obras-en-la-appalachian-state-university/
2448 - https://diario.uach.cl/covid-19-uach-anuncia-nuevas-medidas-ante-emergencia-sanitaria/
2449 - https://diario.uach.cl/covid-19-uach-coordina-acciones-con-autoridades-de-salud-y-educacion/
2450 - https://diario.uach.cl/dan-a-conocer-resultados-de-segunda-encuesta-de-proceso-constituyente-en-chile/
2451 - https://diario.uach.cl/nuevo-llamado-a-concurso-academico-para-integrarse-a-las-facultades-de-ciencias-ciencias-de-la-ingenieria-y-medicina/
2452 - https://diario.uach.cl/por-contingencia-de-covid-19-sede-puerto-montt-cede-espacio-para-urgencia-de-maternidad/
2453 - https://diario.uach.cl/postulaciones-abiertas-para-diplomado-en-arte-terapia/
2454 - https://diario.uach.cl/uach-realizara-matricula-on-line-para-sus-estudiantes/
2455 - https://diario.uach.cl/wp-content/uploads/2020/03/Protocolo-para-la-Preveci%C3%B3n-del-Contagio-de-COVID-19-UACh-16.03.2020.pdf
2456 - https://maps.google.com/maps/ms?msa=0&msid=215369224586216224257.0004d255a7bb45f6c8c6c&hl=es&ie=UTF8&t=h&source=embed&ll=-39.806987,-73.251257&spn=0.00989,0.034289&z=15
2457 - https://maps.google.com/maps/ms?msa=0&msid=215369224586216224257.0004d2b708580c9d7b78b&hl=es&ie=UTF8&t=h&ll=-41.490739,-72.896433&spn=0.002813,0.00456&z=17&source=embed
2458 - https://maps.google.com/maps/ms?msid=215369224586216224257.0004d255a7bb45f6c8c6c&msa=0&ie=UTF8&t=h&ll=-39.831741,-73.247566&spn=0.004943,0.017145&z=16&source=embed
2459 - https://online.flippingbook.com/view/919282/
2460 - https://radiouach.cl/
2461 - https://secure01.uach.cl/infofuncionarios/CheqLogin.aspx?pagina=PerCambiadatos.aspx
2462 - https://secure12.uach.cl/servicios/certificados/
2463 - https://siveduc.uach.cl/
2464 - https://twitter.com/UAustraldeChile
2465 - https://www.facebook.com/UAustraldeChile/
2466 - https://www.instagram.com/universidadaustraldechile/
2467 - https://www.mbauach.cl/
2468 - https://www.uach.cl/academicos
2469 - https://www.uach.cl/alumnos
2470 - https://www.uach.cl/dw/guia/
2471 - https://www.uach.cl/dw/mapas/6/miraflores
2472 - https://www.uach.cl/dw/mapas/6/puertomontt
2473 - https://www.uach.cl/dw/mapas/6/teja
2474 - https://www.uach.cl/exalumnos
2475 - https://www.uach.cl/facultades/arquitectura-y-artes
2476 - https://www.uach.cl/facultades/ciencias
2477 - https://www.uach.cl/facultades/ciencias-agrarias
2478 - https://www.uach.cl/facultades/ciencias-de-la-ingenieria
2479 - https://www.uach.cl/facultades/ciencias-juridicas-y-sociales
2480 - https://www.uach.cl/facultades/ciencias-veterinarias
2481 - https://www.uach.cl/facultades/cs-economicas-y-administrativas
2482 - https://www.uach.cl/facultades/cs-forestales-y-recursos-naturales
2483 - https://www.uach.cl/facultades/filosofia-y-humanidades
2484 - https://www.uach.cl/facultades/medicina
2485 - https://www.uach.cl/funcionarios
2486 - https://www.uach.cl/futuros-alumnos
2487 - https://www.uach.cl/organizacion/asociaciones-gremiales
2488 - https://www.uach.cl/organizacion/contraloria
2489 - https://www.uach.cl/organizacion/cuerpos-colegiados
2490 - https://www.uach.cl/organizacion/prorrectoria
2491 - https://www.uach.cl/organizacion/rectoria
2492 - https://www.uach.cl/organizacion/secretaria-general
2493 - https://www.uach.cl/organizacion/vicerrectoria-academica
2494 - https://www.uach.cl/organizacion/vicerrectoria-gestion-economica
2495 - https://www.uach.cl/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica
2496 - https://www.uach.cl/organizacion/vicerrectoria-sede-puerto-montt
2497 - https://www.uach.cl/sedes-y-campus/campus-patagonia
2498 - https://www.uach.cl/sedes-y-campus/informacion-general
2499 - https://www.uach.cl/sedes-y-campus/informacion-general/campo-clinico-osorno
2500 - https://www.uach.cl/sedes-y-campus/informacion-general/campus-isla-teja
2501 - https://www.uach.cl/sedes-y-campus/informacion-general/campus-miraflores
2502 - https://www.uach.cl/sedes-y-campus/informacion-general/campus-patagonia
2503 - https://www.uach.cl/sedes-y-campus/informacion-general/oficina-santiago
2504 - https://www.uach.cl/sedes-y-campus/informacion-general/sede-puerto-montt
2505 - https://www.uach.cl/sedes-y-campus/sede-puerto-montt
2506 - https://www.uach.cl/uach/_file/5151be071d10c.jpg
2507 - https://www.uach.cl/uach/_file/5151ca6a14b04.gif
2508 - https://www.uach.cl/uach/_file/5151cafdd0ffb.gif
2509 - https://www.uach.cl/uach/_file/5151cb23eee24.gif
2510 - https://www.uach.cl/uach/_file/51642ea63edd7.jpg
2511 - https://www.uach.cl/uach/_file/516433c374ea9.jpg
2512 - https://www.uach.cl/uach/_file/518972375b5cf.gif
2513 - https://www.uach.cl/uach/_file/518d15c15279d.jpg
2514 - https://www.uach.cl/uach/_file/547cd3a385136.png
2515 - https://www.uach.cl/uach/_file/547cd3fe4f9ac.png
2516 - https://www.uach.cl/uach/_file/55953fdce59cf.gif
2517 - https://www.uach.cl/uach/_file/564b24838a9f1.jpg
2518 - https://www.uach.cl/uach/_file/5ae3718bf3264.jpg
2519 - https://www.uach.cl/uach/_file/5c3fac8e1055a.jpg
2520 - https://www.uach.cl/uach/_file/5cc0b91e0e510.jpg
2521 - https://www.uach.cl/uach/_file/5cd03cc1a2226.jpg
2522 - https://www.uach.cl/uach/_file/5cf543da57229.jpg
2523 - https://www.uach.cl/uach/_file/5d964a93a4c75.jpg
2524 - https://www.uach.cl/uach/_file/5df939e7686be.jpg
2525 - https://www.uach.cl/uach/_file/5e285c4975a24.png
2526 - https://www.uach.cl/uach/_file/5e5d25ac732f7.jpg
2527 - https://www.uach.cl/uach/_file/5e6bd53940d90.jpg
2528 - https://www.uach.cl/uach/_file/5e6e2c1a4c5c6.jpg
2529 - https://www.uach.cl/uach/_file/5e6f991a7a817.jpg
2530 - https://www.uach.cl/uach/_file/5e72472ecc3dd.jpg
2531 - https://www.uach.cl/uach/_file/en-59e0a18cd955d.png
2532 - https://www.uach.cl/uach/_imag/buscar.jpg
2533 - https://www.uach.cl/uach/_imag/logo.jpg
2534 - https://www.uach.cl/uach/_imag/pix_logos.jpg
2535 - https://www.uach.cl/uach/_imag/pix_menu3.jpg
2536 - https://www.uach.cl/uach/_includes/FormCheq.js
2537 - https://www.uach.cl/uach/_includes/baron/baron.css
2538 - https://www.uach.cl/uach/_includes/baron/baron.js
2539 - https://www.uach.cl/uach/_includes/baron/script.js
2540 - https://www.uach.cl/uach/_includes/baron/style.css
2541 - https://www.uach.cl/uach/_includes/basic.js
2542 - https://www.uach.cl/uach/_includes/buscar.js
2543 - https://www.uach.cl/uach/_includes/carousel/colorbox.css
2544 - https://www.uach.cl/uach/_includes/carousel/estilo.css
2545 - https://www.uach.cl/uach/_includes/carousel/jquery-1.6.2.min.js
2546 - https://www.uach.cl/uach/_includes/fade/default.css
2547 - https://www.uach.cl/uach/_includes/fade/jquery-1.7.1.min.js
2548 - https://www.uach.cl/uach/_includes/fade/jquery-2.1.1.js
2549 - https://www.uach.cl/uach/_includes/fade/jquery.nivo.slider.js
2550 - https://www.uach.cl/uach/_includes/fade/nivo-slider.css
2551 - https://www.uach.cl/uach/_includes/fade/style.css
2552 - https://www.uach.cl/uach/academicos/centro-servicios
2553 - https://www.uach.cl/uach/academicos/docencia
2554 - https://www.uach.cl/uach/academicos/extension
2555 - https://www.uach.cl/uach/academicos/investigacion
2556 - https://www.uach.cl/uach/academicos/portada
2557 - https://www.uach.cl/uach/alumnos/academica
2558 - https://www.uach.cl/uach/alumnos/aranceles-y-creditos
2559 - https://www.uach.cl/uach/alumnos/beneficios
2560 - https://www.uach.cl/uach/alumnos/centro-servicios
2561 - https://www.uach.cl/uach/alumnos/extension
2562 - https://www.uach.cl/uach/alumnos/portada
2563 - https://www.uach.cl/uach/bootstrap/css/bootstrap.css
2564 - https://www.uach.cl/uach/bootstrap/js/bootstrap.js
2565 - https://www.uach.cl/uach/css/css_capt/reset.css
2566 - https://www.uach.cl/uach/css/css_capt/style.css
2567 - https://www.uach.cl/uach/css/info.css
2568 - https://www.uach.cl/uach/css/sitio.css
2569 - https://www.uach.cl/uach/css/tabla.css
2570 - https://www.uach.cl/uach/exalumnos/beneficios-y-servicios
2571 - https://www.uach.cl/uach/exalumnos/contacto
2572 - https://www.uach.cl/uach/exalumnos/documentos
2573 - https://www.uach.cl/uach/exalumnos/eventos
2574 - https://www.uach.cl/uach/exalumnos/inicio-egresados
2575 - https://www.uach.cl/uach/exalumnos/portada
2576 - https://www.uach.cl/uach/exalumnos/quienes-somos
2577 - https://www.uach.cl/uach/exalumnos/registrate
2578 - https://www.uach.cl/uach/facultades/arquitectura-y-artes
2579 - https://www.uach.cl/uach/facultades/arquitectura-y-artes/portada
2580 - https://www.uach.cl/uach/facultades/ciencias
2581 - https://www.uach.cl/uach/facultades/ciencias-agrarias
2582 - https://www.uach.cl/uach/facultades/ciencias-agrarias/portada
2583 - https://www.uach.cl/uach/facultades/ciencias-de-la-ingenieria
2584 - https://www.uach.cl/uach/facultades/ciencias-de-la-ingenieria/portada
2585 - https://www.uach.cl/uach/facultades/ciencias-juridicas-y-sociales
2586 - https://www.uach.cl/uach/facultades/ciencias-juridicas-y-sociales/portada
2587 - https://www.uach.cl/uach/facultades/ciencias-veterinarias
2588 - https://www.uach.cl/uach/facultades/ciencias-veterinarias/portada
2589 - https://www.uach.cl/uach/facultades/ciencias/portada
2590 - https://www.uach.cl/uach/facultades/cs-economicas-y-administrativas
2591 - https://www.uach.cl/uach/facultades/cs-forestales-y-recursos-naturales
2592 - https://www.uach.cl/uach/facultades/cs-forestales-y-recursos-naturales/portada
2593 - https://www.uach.cl/uach/facultades/filosofia-y-humanidades
2594 - https://www.uach.cl/uach/facultades/filosofia-y-humanidades/portada
2595 - https://www.uach.cl/uach/facultades/medicina
2596 - https://www.uach.cl/uach/facultades/medicina/portada
2597 - https://www.uach.cl/uach/funcionarios/bienestar
2598 - https://www.uach.cl/uach/funcionarios/centro-servicios
2599 - https://www.uach.cl/uach/funcionarios/extension
2600 - https://www.uach.cl/uach/funcionarios/fondo-de-ahorro
2601 - https://www.uach.cl/uach/funcionarios/informacion-de-personal
2602 - https://www.uach.cl/uach/funcionarios/portada
2603 - https://www.uach.cl/uach/futuros-alumnos/portada
2604 - https://www.uach.cl/uach/image.php
2605 - https://www.uach.cl/uach/internacional/principal
2606 - https://www.uach.cl/uach/internacional/principal/becas
2607 - https://www.uach.cl/uach/internacional/principal/conocenos
2608 - https://www.uach.cl/uach/internacional/principal/convenios
2609 - https://www.uach.cl/uach/internacional/principal/doble-graduacion
2610 - https://www.uach.cl/uach/internacional/principal/movilidad
2611 - https://www.uach.cl/uach/internacional/principal/nexos
2612 - https://www.uach.cl/uach/internacional/principal/portada
2613 - https://www.uach.cl/uach/internacional/principal/testimonios
2614 - https://www.uach.cl/uach/internacional/principal/uach
2615 - https://www.uach.cl/uach/investigacion/principal
2616 - https://www.uach.cl/uach/investigacion/principal/contactos
2617 - https://www.uach.cl/uach/investigacion/principal/creacion-artistica
2618 - https://www.uach.cl/uach/investigacion/principal/desarrollo-e-innovacion
2619 - https://www.uach.cl/uach/investigacion/principal/investigacion
2620 - https://www.uach.cl/uach/investigacion/principal/nucleos
2621 - https://www.uach.cl/uach/investigacion/principal/portada
2622 - https://www.uach.cl/uach/investigacion/principal/vidca
2623 - https://www.uach.cl/uach/organizacion/asociaciones-gremiales
2624 - https://www.uach.cl/uach/organizacion/asociaciones-gremiales/aga
2625 - https://www.uach.cl/uach/organizacion/asociaciones-gremiales/cepuach
2626 - https://www.uach.cl/uach/organizacion/asociaciones-gremiales/ex-academicos
2627 - https://www.uach.cl/uach/organizacion/asociaciones-gremiales/feuach
2628 - https://www.uach.cl/uach/organizacion/asociaciones-gremiales/segesex
2629 - https://www.uach.cl/uach/organizacion/asociaciones-gremiales/sindicato-nacional-de-trabajadores
2630 - https://www.uach.cl/uach/organizacion/asociaciones-gremiales/sindoc
2631 - https://www.uach.cl/uach/organizacion/contraloria
2632 - https://www.uach.cl/uach/organizacion/contraloria/presentacion
2633 - https://www.uach.cl/uach/organizacion/cuerpos-colegiados
2634 - https://www.uach.cl/uach/organizacion/cuerpos-colegiados/consejo-academico
2635 - https://www.uach.cl/uach/organizacion/cuerpos-colegiados/consejo-superior-universitario
2636 - https://www.uach.cl/uach/organizacion/cuerpos-colegiados/directorio
2637 - https://www.uach.cl/uach/organizacion/prorrectoria
2638 - https://www.uach.cl/uach/organizacion/prorrectoria/contacto
2639 - https://www.uach.cl/uach/organizacion/prorrectoria/convenios
2640 - https://www.uach.cl/uach/organizacion/prorrectoria/plan-estrategico
2641 - https://www.uach.cl/uach/organizacion/prorrectoria/portada
2642 - https://www.uach.cl/uach/organizacion/prorrectoria/presentacion
2643 - https://www.uach.cl/uach/organizacion/prorrectoria/representaciones-y-comisiones
2644 - https://www.uach.cl/uach/organizacion/prorrectoria/unidades
2645 - https://www.uach.cl/uach/organizacion/rectoria
2646 - https://www.uach.cl/uach/organizacion/rectoria/contacto
2647 - https://www.uach.cl/uach/organizacion/rectoria/direccion-juridica
2648 - https://www.uach.cl/uach/organizacion/rectoria/documentos
2649 - https://www.uach.cl/uach/organizacion/rectoria/gabinete
2650 - https://www.uach.cl/uach/organizacion/rectoria/portada
2651 - https://www.uach.cl/uach/organizacion/rectoria/rector
2652 - https://www.uach.cl/uach/organizacion/rectoria/rrpp
2653 - https://www.uach.cl/uach/organizacion/secretaria-general
2654 - https://www.uach.cl/uach/organizacion/secretaria-general/contacto
2655 - https://www.uach.cl/uach/organizacion/secretaria-general/presentacion
2656 - https://www.uach.cl/uach/organizacion/vicerrectoria-academica
2657 - https://www.uach.cl/uach/organizacion/vicerrectoria-academica/contactos
2658 - https://www.uach.cl/uach/organizacion/vicerrectoria-academica/direcciones-adscritas
2659 - https://www.uach.cl/uach/organizacion/vicerrectoria-academica/presentacion
2660 - https://www.uach.cl/uach/organizacion/vicerrectoria-academica/unidades
2661 - https://www.uach.cl/uach/organizacion/vicerrectoria-gestion-economica
2662 - https://www.uach.cl/uach/organizacion/vicerrectoria-gestion-economica/direccion-de-finanzas
2663 - https://www.uach.cl/uach/organizacion/vicerrectoria-gestion-economica/direccion-de-personal
2664 - https://www.uach.cl/uach/organizacion/vicerrectoria-gestion-economica/direccion-de-servicios
2665 - https://www.uach.cl/uach/organizacion/vicerrectoria-gestion-economica/direccion-de-ti
2666 - https://www.uach.cl/uach/organizacion/vicerrectoria-gestion-economica/infraestructura
2667 - https://www.uach.cl/uach/organizacion/vicerrectoria-gestion-economica/presentacion
2668 - https://www.uach.cl/uach/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica
2669 - https://www.uach.cl/uach/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica/concursos-y-apoyos
2670 - https://www.uach.cl/uach/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica/contacto
2671 - https://www.uach.cl/uach/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica/departamentos
2672 - https://www.uach.cl/uach/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica/oficinas-de-gestion
2673 - https://www.uach.cl/uach/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica/presentacion
2674 - https://www.uach.cl/uach/organizacion/vicerrectoria-investigacion-desarrollo-y-creacion-artistica/unidades
2675 - https://www.uach.cl/uach/organizacion/vicerrectoria-sede-puerto-montt
2676 - https://www.uach.cl/uach/organizacion/vicerrectoria-sede-puerto-montt/carreras-y-programas
2677 - https://www.uach.cl/uach/organizacion/vicerrectoria-sede-puerto-montt/presentacion
2678 - https://www.uach.cl/uach/postgrado/principal
2679 - https://www.uach.cl/uach/postgrado/principal/
2680 - https://www.uach.cl/uach/postgrado/principal/becas
2681 - https://www.uach.cl/uach/postgrado/principal/contacto
2682 - https://www.uach.cl/uach/postgrado/principal/doctorado
2683 - https://www.uach.cl/uach/postgrado/principal/documentos
2684 - https://www.uach.cl/uach/postgrado/principal/especialidades
2685 - https://www.uach.cl/uach/postgrado/principal/magister
2686 - https://www.uach.cl/uach/postgrado/principal/postulaciones
2687 - https://www.uach.cl/uach/postgrado/principal/presentacion
2688 - https://www.uach.cl/uach/pregrado/principal
2689 - https://www.uach.cl/uach/pregrado/principal/carreras-profesionales
2690 - https://www.uach.cl/uach/pregrado/principal/carreras-tecnicas
2691 - https://www.uach.cl/uach/pregrado/principal/contacto
2692 - https://www.uach.cl/uach/pregrado/principal/presentacion
2693 - https://www.uach.cl/uach/sedes-y-campus/campus-patagonia
2694 - https://www.uach.cl/uach/sedes-y-campus/campus-patagonia/principal
2695 - https://www.uach.cl/uach/sedes-y-campus/informacion-general
2696 - https://www.uach.cl/uach/sedes-y-campus/informacion-general/campo-clinico-osorno
2697 - https://www.uach.cl/uach/sedes-y-campus/informacion-general/campus-isla-teja
2698 - https://www.uach.cl/uach/sedes-y-campus/informacion-general/campus-miraflores
2699 - https://www.uach.cl/uach/sedes-y-campus/informacion-general/campus-patagonia
2700 - https://www.uach.cl/uach/sedes-y-campus/informacion-general/oficina-santiago
2701 - https://www.uach.cl/uach/sedes-y-campus/informacion-general/sede-puerto-montt
2702 - https://www.uach.cl/uach/sedes-y-campus/sede-puerto-montt
2703 - https://www.uach.cl/uach/sedes-y-campus/sede-puerto-montt/principal
2704 - https://www.uach.cl/uach/servicios/principal
2705 - https://www.uach.cl/uach/servicios/principal/centros
2706 - https://www.uach.cl/uach/servicios/principal/portada
2707 - https://www.uach.cl/uach/vinculacion/principal
2708 - https://www.uach.cl/uach/vinculacion/principal/comunicaciones
2709 - https://www.uach.cl/uach/vinculacion/principal/contactos
2710 - https://www.uach.cl/uach/vinculacion/principal/portada
2711 - https://www.uach.cl/uach/vinculacion/principal/presentacion
2712 - https://www.uach.cl/uach/vinculacion/principal/sitio-web
2713 - tel:+56 63 2 221222
2714 - tel:+56 63 2 221254
2715 - tel:+56 63 2 221267
2716 - tel:+56 63 2 221277
2717 - tel:+56 63 2 221321
2718 - tel:+56 63 2 221376
2719 - tel:+56 63 2 221399
2720 - tel:+56 63 2 221414
2721 - tel:+56 63 2 221416
2722 - tel:+56 63 2 221501
2723 - tel:+56 63 2 293291
2724 - tel:+56 63 2 293552
2725 - tel:+56 63 221277
2726 - tel:+56 63 222 1376
2727 - tel:+56 63 2221277
2728 Total external links: 344
2729
2730+ Email addresses found:
2731 Total email address found: 0
2732
2733+ Directories found:
2734 - http://www.uach.cl./_imag/ (404 Not Found)
2735 - http://www.uach.cl./_includes/ (404 Not Found)
2736 - http://www.uach.cl./_includes/fade/ (404 Not Found)
2737 - http://www.uach.cl./code.jquery.com/ (404 Not Found)
2738 - http://www.uach.cl./dw/ (403 Forbidden)
2739 - http://www.uach.cl./dw/guia/ (No open folder)
2740 - http://www.uach.cl./dw/guia/_imag/ (No open folder)
2741 - http://www.uach.cl./dw/guia/codigos/ (No open folder)
2742 - http://www.uach.cl./dw/guia/codigos/_imag/ (No open folder)
2743 - http://www.uach.cl./dw/guia/codigos/css/ (No open folder)
2744 - http://www.uach.cl./dw/guia/codigos/css/webfontkit/ (No open folder)
2745 - http://www.uach.cl./dw/guia/codigos/inicio-uach/ (No open folder)
2746 - http://www.uach.cl./dw/guia/codigos/inicio-uach/_imag/ (No open folder)
2747 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/ (No open folder)
2748 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/_imag/ (No open folder)
2749 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/ (No open folder)
2750 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/_imag/ (No open folder)
2751 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No open folder)
2752 - http://www.uach.cl./dw/guia/codigos/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No open folder)
2753 - http://www.uach.cl./dw/guia/codigos/js/ (No open folder)
2754 - http://www.uach.cl./dw/guia/codigos/js/accordion/ (No open folder)
2755 - http://www.uach.cl./dw/guia/css/ (403 Forbidden)
2756 - http://www.uach.cl./dw/guia/css/font/ (403 Forbidden)
2757 - http://www.uach.cl./dw/guia/css/font/garamond/ (403 Forbidden)
2758 - http://www.uach.cl./dw/guia/css/webfontkit/ (403 Forbidden)
2759 - http://www.uach.cl./dw/guia/funciones/ (No open folder)
2760 - http://www.uach.cl./dw/guia/funciones/_imag/ (No open folder)
2761 - http://www.uach.cl./dw/guia/funciones/css/ (No open folder)
2762 - http://www.uach.cl./dw/guia/funciones/css/webfontkit/ (No open folder)
2763 - http://www.uach.cl./dw/guia/funciones/inicio-uach/ (No open folder)
2764 - http://www.uach.cl./dw/guia/funciones/inicio-uach/_imag/ (No open folder)
2765 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/ (No open folder)
2766 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/_imag/ (No open folder)
2767 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/ (No open folder)
2768 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/_imag/ (No open folder)
2769 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No open folder)
2770 - http://www.uach.cl./dw/guia/funciones/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No open folder)
2771 - http://www.uach.cl./dw/guia/funciones/js/ (No open folder)
2772 - http://www.uach.cl./dw/guia/funciones/js/accordion/ (No open folder)
2773 - http://www.uach.cl./dw/guia/img/ (403 Forbidden)
2774 - http://www.uach.cl./dw/guia/inicio-uach/ (No open folder)
2775 - http://www.uach.cl./dw/guia/inicio-uach/_imag/ (No open folder)
2776 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/ (No open folder)
2777 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/_imag/ (No open folder)
2778 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/ (No open folder)
2779 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/_imag/ (No open folder)
2780 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No open folder)
2781 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No open folder)
2782 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No open folder)
2783 - http://www.uach.cl./dw/guia/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No open folder)
2784 - http://www.uach.cl./dw/guia/js/ (403 Forbidden)
2785 - http://www.uach.cl./dw/guia/js/modal/ (403 Forbidden)
2786 - http://www.uach.cl./dw/guia/js/modal/lib/ (403 Forbidden)
2787 - http://www.uach.cl./dw/guia/js/modal/source/ (403 Forbidden)
2788 - http://www.uach.cl./dw/guia/js/modal/source/helpers/ (403 Forbidden)
2789 - http://www.uach.cl./dw/guia/servicios/ (No open folder)
2790 - http://www.uach.cl./dw/guia/servicios/_imag/ (No open folder)
2791 - http://www.uach.cl./dw/guia/servicios/css/ (No open folder)
2792 - http://www.uach.cl./dw/guia/servicios/css/webfontkit/ (No open folder)
2793 - http://www.uach.cl./dw/guia/servicios/inicio-uach/ (No open folder)
2794 - http://www.uach.cl./dw/guia/servicios/inicio-uach/_imag/ (No open folder)
2795 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/ (No open folder)
2796 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/_imag/ (No open folder)
2797 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/ (No open folder)
2798 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/_imag/ (No open folder)
2799 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (No open folder)
2800 - http://www.uach.cl./dw/guia/servicios/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (No open folder)
2801 - http://www.uach.cl./dw/guia/servicios/js/ (No open folder)
2802 - http://www.uach.cl./dw/guia/servicios/js/accordion/ (No open folder)
2803 - http://www.uach.cl./img/ (403 Forbidden)
2804 - http://www.uach.cl./inicio-uach/ (404 Not Found)
2805 - http://www.uach.cl./inicio-uach/_imag/ (404 Not Found)
2806 - http://www.uach.cl./inicio-uach/_includes/ (404 Not Found)
2807 - http://www.uach.cl./inicio-uach/_includes/fade/ (404 Not Found)
2808 - http://www.uach.cl./inicio-uach/contacto/ (404 Not Found)
2809 - http://www.uach.cl./inicio-uach/contacto/_imag/ (404 Not Found)
2810 - http://www.uach.cl./inicio-uach/contacto/_includes/ (404 Not Found)
2811 - http://www.uach.cl./inicio-uach/contacto/_includes/fade/ (404 Not Found)
2812 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/ (404 Not Found)
2813 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_imag/ (404 Not Found)
2814 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_includes/ (404 Not Found)
2815 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/_includes/fade/ (404 Not Found)
2816 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/ (404 Not Found)
2817 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2818 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2819 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2820 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2821 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2822 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2823 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2824 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2825 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2826 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2827 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2828 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2829 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2830 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2831 - http://www.uach.cl./inicio-uach/contacto/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2832 - http://www.uach.cl./inicio-uach/inicio-uach/ (404 Not Found)
2833 - http://www.uach.cl./inicio-uach/inicio-uach/_imag/ (404 Not Found)
2834 - http://www.uach.cl./inicio-uach/inicio-uach/_includes/ (404 Not Found)
2835 - http://www.uach.cl./inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2836 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2837 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2838 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2839 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2840 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2841 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2842 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2843 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2844 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2845 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2846 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2847 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2848 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2849 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2850 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2851 - http://www.uach.cl./inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2852 - http://www.uach.cl./inicio-uach/mapa/ (404 Not Found)
2853 - http://www.uach.cl./inicio-uach/mapa/_imag/ (404 Not Found)
2854 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/ (404 Not Found)
2855 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_imag/ (404 Not Found)
2856 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_includes/ (404 Not Found)
2857 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/_includes/fade/ (404 Not Found)
2858 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/ (404 Not Found)
2859 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2860 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2861 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2862 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2863 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2864 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2865 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2866 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2867 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2868 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2869 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2870 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2871 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2872 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2873 - http://www.uach.cl./inicio-uach/mapa/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2874 - http://www.uach.cl./secure01.uach.cl/ (404 Not Found)
2875 - http://www.uach.cl./secure01.uach.cl/infofuncionarios/ (404 Not Found)
2876 - http://www.uach.cl./sedes-y-campus/ (404 Not Found)
2877 - http://www.uach.cl./sedes-y-campus/informacion-general/ (404 Not Found)
2878 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/ (404 Not Found)
2879 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/_imag/ (404 Not Found)
2880 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/ (404 Not Found)
2881 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_imag/ (404 Not Found)
2882 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_includes/ (404 Not Found)
2883 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/_includes/fade/ (404 Not Found)
2884 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/ (404 Not Found)
2885 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2886 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2887 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2888 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2889 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2890 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2891 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2892 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2893 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2894 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2895 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2896 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/ (404 Not Found)
2897 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_imag/ (404 Not Found)
2898 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/ (404 Not Found)
2899 - http://www.uach.cl./sedes-y-campus/informacion-general/mapas/inicio-uach/inicio-uach/inicio-uach/inicio-uach/inicio-uach/_includes/fade/ (404 Not Found)
2900 - http://www.uach.cl./uach/ (No open folder)
2901 - http://www.uach.cl./uach/_file/ (403 Forbidden)
2902 - http://www.uach.cl./uach/cache/ (403 Forbidden)
2903 - http://www.uach.cl./www.uach.cl/ (404 Not Found)
2904 Total directories: 170
2905
2906+ Directory indexing found:
2907 Total directories with indexing: 0
2908
2909----------------------------------------------------------------------
2910
2911
2912 + URL to crawl: https://www.uach.cl.
2913 + Date: 2020-03-19
2914
2915 + Crawling URL: https://www.uach.cl.:
2916 + Links:
2917 + Crawling https://www.uach.cl.
2918 + Searching for directories...
2919 + Searching open folders...
2920
2921
2922 + URL to crawl: http://www.uach.cl.:8008
2923 + Date: 2020-03-19
2924
2925 + Crawling URL: http://www.uach.cl.:8008:
2926 + Links:
2927 + Crawling http://www.uach.cl.:8008 (timed out)
2928 + Searching for directories...
2929 + Searching open folders...
2930
2931--Finished--
2932Summary information for domain uach.cl.
2933-----------------------------------------
2934 Domain Specific Information:
2935 Email: jardinbotanico@uach.cl�
2936 Email: sindicato.trabajadores@uach.cl; - Is this real?
2937 Email: jisaez@uach.cl.
2938 Email: ausrevista@uach.cl
2939 Email: sbrauchi@uach.cl.
2940 Email: ausrevista@uach.cl.
2941 Email: etalentos@uach.cl.
2942 Email: cotth@uach.cl
2943 Email: sergio.estay@uach.cl
2944 Email: cotth@uach.cl.
2945 Email: archmv@uach.cl.
2946 Email: escuela.graduados.facjuridica@uach.cl. - Is this real?
2947 Email: asuntos.internacionales@uach.cl. - Is this real?
2948 Email: pmarshall@uach.cl
2949 Email: monserratguerra@uach.cl.
2950 Email: ediciones@uach.cl
2951 Email: gonzalo.tampier@uach.cl.
2952 Email: last@uach.cl
2953 Email: alexandre.corgne@uach.cl
2954 Email: olga.barbosa@uach.cl
2955 Email: jiriarte@uach.cl.
2956 Email: ceruach@uach.cl.
2957
2958 Domain Ips Information:
2959 IP: 52.100.0.0
2960 Type: SPF
2961 Is Active: False
2962 IP: 104.47.32.36
2963 HostName: uach-cl.mail.protection.outlook.com Type: MX
2964 HostName: mail-sn1nam010036.inbound.protection.outlook.com Type: PTR
2965 Country: United States
2966 Is Active: True (syn-ack ttl 105)
2967 Port: 25/tcp open smtp syn-ack ttl 105 Microsoft Exchange smtpd
2968 Script Info: | smtp-commands: SN1NAM01FT018.mail.protection.outlook.com Hello [45.132.192.67], SIZE 157286400, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, 8BITMIME, BINARYMIME, CHUNKING, SMTPUTF8,
2969 Script Info: |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT
2970 Script Info: | ssl-cert: Subject: commonName=mail.protection.outlook.com/organizationName=Microsoft Corporation/stateOrProvinceName=Washington/countryName=US
2971 Script Info: | Subject Alternative Name: DNS:mail.protection.outlook.com, DNS:*.mail.eo.outlook.com, DNS:*.mail.protection.outlook.com, DNS:mail.messaging.microsoft.com, DNS:outlook.com, DNS:*.olc.protection.outlook.com, DNS:*.pamx1.hotmail.com
2972 Script Info: | Issuer: commonName=GlobalSign Organization Validation CA - SHA256 - G3/organizationName=GlobalSign nv-sa/countryName=BE
2973 Script Info: | Public Key type: rsa
2974 Script Info: | Public Key bits: 2048
2975 Script Info: | Signature Algorithm: sha256WithRSAEncryption
2976 Script Info: | Not valid before: 2020-02-24T18:33:10
2977 Script Info: | Not valid after: 2022-02-24T18:33:10
2978 Script Info: | MD5: 4f90 9eee 29eb abe5 e29a d55e 8c08 c310
2979 Script Info: |_SHA-1: ea85 9504 40a6 97c1 8482 3304 a7dc 19e5 fcd5 8e6b
2980 Script Info: |_ssl-date: 2020-03-19T10:55:27+00:00; -5s from scanner time.
2981 Os Info: Host: SN1NAM01FT031.mail.protection.outlook.com; OS: Windows; CPE: cpe:/o:microsoft:windows
2982 Script Info: |_clock-skew: -5s
2983 IP: 146.83.222.71
2984 Type: SPF
2985 Is Active: False
2986 IP: 146.83.222.76
2987 HostName: secure.uach.cl. Type: A
2988 Country: Chile
2989 Is Active: False
2990 IP: 172.16.54.202
2991 HostName: ntp.uach.cl. Type: A
2992 Country: None
2993 Is Active: False
2994 IP: 146.83.222.104
2995 Type: SPF
2996 HostName: www.uach.cl. Type: A
2997 HostName: callecalle5.uach.cl Type: PTR
2998 Country: Chile
2999 Is Active: True (syn-ack ttl 41)
3000 Port: 80/tcp open http syn-ack ttl 41 Apache httpd
3001 Script Info: | http-methods:
3002 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
3003 Script Info: |_http-server-header: Apache
3004 Script Info: |_http-title: Did not follow redirect to https://146.83.222.104/
3005 Port: 443/tcp open ssl/http syn-ack ttl 41 Apache httpd
3006 Script Info: | ssl-cert: Subject: commonName=*.uach.cl/organizationName=Universidad Austral de Chile/stateOrProvinceName=Valdivia/countryName=CL
3007 Script Info: | Subject Alternative Name: DNS:*.uach.cl, DNS:uach.cl
3008 Script Info: | Issuer: commonName=GlobalSign Organization Validation CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
3009 Script Info: | Public Key type: rsa
3010 Script Info: | Public Key bits: 2048
3011 Script Info: | Signature Algorithm: sha256WithRSAEncryption
3012 Script Info: | Not valid before: 2018-09-12T17:56:11
3013 Script Info: | Not valid after: 2020-09-13T16:06:02
3014 Script Info: | MD5: 2591 57c5 3d2e e7ba 9c6d 2028 7325 bf37
3015 Script Info: |_SHA-1: 0a25 5f16 352f 8fa8 9b35 399a 21ef 6744 5931 b3d1
3016 Script Info: |_ssl-date: 2020-03-19T10:58:26+00:00; -16s from scanner time.
3017 Port: 8008/tcp open http syn-ack ttl 44
3018 Script Info: | fingerprint-strings:
3019 Script Info: | FourOhFourRequest:
3020 Script Info: | HTTP/1.1 302 Found
3021 Script Info: | Location: https://:8010/nice%20ports%2C/Tri%6Eity.txt%2ebak
3022 Script Info: | Connection: close
3023 Script Info: | X-Frame-Options: SAMEORIGIN
3024 Script Info: | X-XSS-Protection: 1; mode=block
3025 Script Info: | X-Content-Type-Options: nosniff
3026 Script Info: | Content-Security-Policy: frame-ancestors
3027 Script Info: | GenericLines, HTTPOptions, RTSPRequest, SIPOptions:
3028 Script Info: | HTTP/1.1 302 Found
3029 Script Info: | Location: https://:8010
3030 Script Info: | Connection: close
3031 Script Info: | X-Frame-Options: SAMEORIGIN
3032 Script Info: | X-XSS-Protection: 1; mode=block
3033 Script Info: | X-Content-Type-Options: nosniff
3034 Script Info: | Content-Security-Policy: frame-ancestors
3035 Script Info: | GetRequest:
3036 Script Info: | HTTP/1.1 302 Found
3037 Script Info: | Location: https://:8010/
3038 Script Info: | Connection: close
3039 Script Info: | X-Frame-Options: SAMEORIGIN
3040 Script Info: | X-XSS-Protection: 1; mode=block
3041 Script Info: | X-Content-Type-Options: nosniff
3042 Script Info: |_ Content-Security-Policy: frame-ancestors
3043 Script Info: | http-methods:
3044 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
3045 Script Info: |_http-title: Did not follow redirect to https://146.83.222.104:8010/
3046 Script Info: |_https-redirect: ERROR: Script execution failed (use -d to debug)
3047 Os Info: Host: localhost.localdomain
3048 IP: 104.47.0.0
3049 Type: SPF
3050 Is Active: False
3051 IP: 146.83.222.226
3052 Type: SPF
3053 Is Active: False
3054 IP: 200.7.5.7
3055 HostName: secundario.nic.cl Type: NS
3056 HostName: secundario.nic.cl Type: PTR
3057 Country: Chile
3058 Is Active: True (udp-response ttl 46)
3059 Port: 53/tcp open domain syn-ack ttl 46 (unknown banner: BIND 9)
3060 Script Info: | dns-nsid:
3061 Script Info: | NSID: sec-blanco (7365632d626c616e636f)
3062 Script Info: | id.server: sec-blanco
3063 Script Info: |_ bind.version: BIND 9
3064 Script Info: | fingerprint-strings:
3065 Script Info: | DNSVersionBindReqTCP:
3066 Script Info: | version
3067 Script Info: | bind
3068 Script Info: |_ BIND 9
3069 IP: 146.83.222.235
3070 Type: SPF
3071 Is Active: True (syn-ack ttl 44)
3072 Port: 80/tcp open http syn-ack ttl 44 Apache httpd 2.2.15
3073 Script Info: |_http-server-header: Apache/2.2.15 (CentOS)
3074 Script Info: |_http-title: 403 Forbidden
3075 Port: 443/tcp open ssl/http syn-ack ttl 41 Apache httpd 2.2.15
3076 Script Info: | ssl-cert: Subject: commonName=*.uach.cl/organizationName=Universidad Austral de Chile/stateOrProvinceName=Valdivia/countryName=CL
3077 Script Info: | Subject Alternative Name: DNS:*.uach.cl, DNS:uach.cl
3078 Script Info: | Issuer: commonName=GlobalSign Organization Validation CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
3079 Script Info: | Public Key type: rsa
3080 Script Info: | Public Key bits: 2048
3081 Script Info: | Signature Algorithm: sha256WithRSAEncryption
3082 Script Info: | Not valid before: 2018-09-12T17:56:11
3083 Script Info: | Not valid after: 2020-09-13T16:06:02
3084 Script Info: | MD5: 2591 57c5 3d2e e7ba 9c6d 2028 7325 bf37
3085 Script Info: |_SHA-1: 0a25 5f16 352f 8fa8 9b35 399a 21ef 6744 5931 b3d1
3086 Script Info: |_ssl-date: 2020-03-19T11:01:34+00:00; -1m07s from scanner time.
3087 Port: 8008/tcp open http syn-ack ttl 44
3088 Script Info: | fingerprint-strings:
3089 Script Info: | FourOhFourRequest:
3090 Script Info: | HTTP/1.1 302 Found
3091 Script Info: | Location: https://:8010/nice%20ports%2C/Tri%6Eity.txt%2ebak
3092 Script Info: | Connection: close
3093 Script Info: | X-Frame-Options: SAMEORIGIN
3094 Script Info: | X-XSS-Protection: 1; mode=block
3095 Script Info: | X-Content-Type-Options: nosniff
3096 Script Info: | Content-Security-Policy: frame-ancestors
3097 Script Info: | GenericLines, HTTPOptions, RTSPRequest, SIPOptions:
3098 Script Info: | HTTP/1.1 302 Found
3099 Script Info: | Location: https://:8010
3100 Script Info: | Connection: close
3101 Script Info: | X-Frame-Options: SAMEORIGIN
3102 Script Info: | X-XSS-Protection: 1; mode=block
3103 Script Info: | X-Content-Type-Options: nosniff
3104 Script Info: | Content-Security-Policy: frame-ancestors
3105 Script Info: | GetRequest:
3106 Script Info: | HTTP/1.1 302 Found
3107 Script Info: | Location: https://:8010/
3108 Script Info: | Connection: close
3109 Script Info: | X-Frame-Options: SAMEORIGIN
3110 Script Info: | X-XSS-Protection: 1; mode=block
3111 Script Info: | X-Content-Type-Options: nosniff
3112 Script Info: |_ Content-Security-Policy: frame-ancestors
3113 Script Info: | http-methods:
3114 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
3115 Script Info: |_http-title: Did not follow redirect to https://146.83.222.235:8010/
3116 Script Info: |_https-redirect: ERROR: Script execution failed (use -d to debug)
3117 Os Info: Hosts: 146.83.222.235, siveduc.uach.cl
3118 IP: 146.83.183.94
3119 HostName: ns2.uach.cl. Type: A
3120 Country: Chile
3121 Is Active: True (echo-reply ttl 46)
3122 Port: 53/tcp open domain syn-ack ttl 46 ISC BIND 9.3.6-P1 (RedHat Enterprise Linux 5)
3123 Script Info: | dns-nsid:
3124 Script Info: |_ bind.version: 9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.3
3125 Script Info: Device type: firewall|general purpose|proxy server|WAP|PBX|media device|storage-misc
3126 Os Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:5
3127 IP: 200.2.119.126
3128 HostName: ns1.uach.cl Type: NS
3129 HostName: ns1.uach.cl Type: PTR
3130 HostName: ns1.uach.cl. Type: A
3131 Country: Chile
3132 Is Active: True (udp-response ttl 43)
3133 Port: 53/tcp open domain syn-ack ttl 43 (unknown banner: unknow)
3134 Script Info: | dns-nsid:
3135 Script Info: |_ bind.version: unknow
3136 Script Info: | fingerprint-strings:
3137 Script Info: | DNSVersionBindReqTCP:
3138 Script Info: | version
3139 Script Info: | bind
3140 Script Info: |_ unknow
3141 IP: 40.107.0.0
3142 Type: SPF
3143 Is Active: False
3144 IP: 146.83.216.1
3145 HostName: router.uach.cl. Type: A
3146 Country: Chile
3147 Is Active: False
3148 IP: 40.92.0.0
3149 Type: SPF
3150 Is Active: False
3151 IP: 146.83.222.155
3152 Type: SPF
3153 Is Active: False
3154
3155--------------End Summary --------------
3156-----------------------------------------
3157#################################################################################################################################
3158----- uach.cl -----
3159
3160
3161Host's addresses:
3162__________________
3163
3164uach.cl. 85776 IN A 146.83.222.104
3165
3166
3167Name Servers:
3168______________
3169
3170ns1.uach.cl. 85388 IN A 200.2.119.126
3171secundario.nic.cl. 42188 IN A 200.7.5.7
3172
3173
3174Mail (MX) Servers:
3175___________________
3176
3177uach-cl.mail.protection.outlook.com. 10 IN A 104.47.32.36
3178
3179
3180Trying Zone Transfers and getting Bind Versions:
3181_________________________________________________
3182
3183
3184Trying Zone Transfer for uach.cl on ns1.uach.cl ...
3185AXFR record query failed: REFUSED
3186
3187Trying Zone Transfer for uach.cl on secundario.nic.cl ...
3188AXFR record query failed: REFUSED
3189
3190
3191Scraping uach.cl subdomains from Google:
3192_________________________________________
3193
3194
3195 ---- Google search page: 1 ----
3196
3197 tmedicapm
3198 fonoaudiologia
3199 infraestructura
3200 mna
3201 impt
3202 paisajeaustral
3203 bacalao
3204 infraestructura
3205 empleos
3206
3207 ---- Google search page: 2 ----
3208
3209 infraestructura
3210 cybertesis
3211 cybertesis
3212 ict
3213 ict
3214 revistas
3215
3216
3217Google Results:
3218________________
3219
3220paisajeaustral.uach.cl. 86400 IN A 200.24.13.65
3221ict.uach.cl. 86400 IN A 146.83.216.167
3222revistas.uach.cl. 86400 IN A 146.83.217.169
3223mna.uach.cl. 86400 IN A 200.2.116.250
3224fonoaudiologia.uach.cl. 86400 IN A 200.2.116.252
3225impt.uach.cl. 86400 IN A 200.73.115.31
3226infraestructura.uach.cl. 86399 IN A 198.54.115.123
3227cybertesis.uach.cl. 86400 IN A 146.83.217.166
3228bacalao.uach.cl. 86400 IN A 190.110.123.219
3229empleos.uach.cl. 86400 IN A 200.29.145.55
3230tmedicapm.uach.cl. 86400 IN A 200.2.116.252
3231
3232
3233Brute forcing with /usr/share/dnsenum/dns.txt:
3234_______________________________________________
3235
3236ap.uach.cl. 86400 IN A 146.83.222.103
3237ftp.uach.cl. 86193 IN CNAME picarte.uca.uach.cl.
3238intranet.uach.cl. 86400 IN A 146.83.222.226
3239irc.uach.cl. 86248 IN CNAME chaos.uach.cl.
3240nav.uach.cl. 86400 IN A 200.2.113.53
3241ns1.uach.cl. 85186 IN A 200.2.119.126
3242ns2.uach.cl. 86134 IN CNAME terminus.reuna.cl.
3243terminus.reuna.cl. 37193 IN A 146.83.183.94
3244ntp.uach.cl. 86187 IN A 172.16.54.202
3245router.uach.cl. 86167 IN A 146.83.216.1
3246secure.uach.cl. 86081 IN A 146.83.222.76
3247siem.uach.cl. 86400 IN A 200.2.117.40
3248vpn.uach.cl. 86400 IN A 200.2.119.114
3249www.uach.cl. 85131 IN CNAME callecalle5.uach.cl.
3250callecalle5.uach.cl. 85131 IN A 146.83.222.104
3251
3252
3253Launching Whois Queries:
3254_________________________
3255
3256 whois ip result: 198.54.115.0 -> 198.54.112.0/20
3257 whois ip result: 146.83.217.0 -> 146.83.0.0/16
3258 c class default: 146.83.222.0 -> 146.83.222.0/24 (whois netrange operation failed)
3259 c class default: 190.110.123.0 -> 190.110.123.0/24 (whois netrange operation failed)
3260 whois ip result: 200.2.113.0 -> 200.2.112.0/21
3261 whois ip result: 200.24.13.0 -> 200.24.13.0/24
3262 whois ip result: 200.29.145.0 -> 200.29.145.0/27
3263 whois ip result: 200.73.115.0 -> 200.73.112.0/21
3264
3265
3266uach.cl_______
3267
3268 198.54.112.0/20
3269 200.29.145.0/27
3270 200.73.112.0/21
3271 146.83.0.0/16
3272 200.24.13.0/24
3273 200.2.112.0/21
3274 190.110.123.0/24
3275 146.83.222.0/24
3276#################################################################################################################################
3277URLCrazy Domain Report
3278Domain : www.uach.cl
3279Keyboard : qwerty
3280At : 2020-03-19 06:46:56 -0400
3281
3282# Please wait. 116 hostnames to process
3283
3284Typo Type Typo DNS-A CC-A DNS-MX Extn
3285-----------------------------------------------------------------------------------------------------------------------------------------
3286Character Omission ww.uach.cl ? cl
3287Character Omission www.ach.cl ? cl
3288Character Omission www.uac.cl 186.67.150.166 CL,CHILE alt1.aspmx.l.google.com cl
3289Character Omission www.uah.cl 190.98.232.103 CL,CHILE cl
3290Character Omission www.uch.cl 91.195.240.126 DE,GERMANY mail.pickelhost.com cl
3291Character Omission wwwuach.cl ? cl
3292Character Repeat www.uaach.cl ? cl
3293Character Repeat www.uacch.cl ? cl
3294Character Repeat www.uachh.cl ? cl
3295Character Repeat www.uuach.cl ? cl
3296Character Repeat wwww.uach.cl ? cl
3297Character Swap ww.wuach.cl ? cl
3298Character Swap www.auch.cl 67.23.253.235 US,UNITED STATES auch.cl cl
3299Character Swap www.uach.lc ? lc
3300Character Swap www.uahc.cl ? cl
3301Character Swap www.ucah.cl ? cl
3302Character Swap wwwu.ach.cl ? cl
3303Character Replacement eww.uach.cl ? cl
3304Character Replacement qww.uach.cl ? cl
3305Character Replacement wew.uach.cl ? cl
3306Character Replacement wqw.uach.cl ? cl
3307Character Replacement wwe.uach.cl ? cl
3308Character Replacement wwq.uach.cl ? cl
3309Character Replacement www.iach.cl 190.107.176.3 CL,CHILE aspmx.l.google.com cl
3310Character Replacement www.uacg.cl ? cl
3311Character Replacement www.uacj.cl ? cl
3312Character Replacement www.uavh.cl ? cl
3313Character Replacement www.uaxh.cl ? cl
3314Character Replacement www.usch.cl ? cl
3315Character Replacement www.yach.cl ? cl
3316Double Character Replacement eew.uach.cl ? cl
3317Double Character Replacement qqw.uach.cl ? cl
3318Double Character Replacement wee.uach.cl ? cl
3319Double Character Replacement wqq.uach.cl ? cl
3320Character Insertion weww.uach.cl ? cl
3321Character Insertion wqww.uach.cl ? cl
3322Character Insertion wwew.uach.cl ? cl
3323Character Insertion wwqw.uach.cl ? cl
3324Character Insertion www.uachg.cl ? cl
3325Character Insertion www.uachj.cl ? cl
3326Character Insertion www.uacvh.cl ? cl
3327Character Insertion www.uacxh.cl ? cl
3328Character Insertion www.uasch.cl ? cl
3329Character Insertion www.uiach.cl ? cl
3330Character Insertion www.uyach.cl ? cl
3331Character Insertion wwwe.uach.cl ? cl
3332Character Insertion wwwq.uach.cl ? cl
3333Missing Dot wwwwww.uach.cl ? cl
3334Singular or Pluralise uach.cl 146.83.222.104 CL,CHILE uach-cl.mail.protection.outlook.com cl
3335Singular or Pluralise uaches.cl ? cl
3336Vowel Swap www.aach.cl 200.6.65.102 CL,CHILE cl
3337Vowel Swap www.each.cl 104.18.61.113 cl
3338Vowel Swap www.oach.cl ? cl
3339Vowel Swap www.uech.cl ? cl
3340Vowel Swap www.uich.cl ? cl
3341Vowel Swap www.uoch.cl ? cl
3342Vowel Swap www.uuch.cl ? cl
3343Bit Flipping 7ww.uach.cl ? cl
3344Bit Flipping gww.uach.cl ? cl
3345Bit Flipping sww.uach.cl ? cl
3346Bit Flipping uww.uach.cl ? cl
3347Bit Flipping vww.uach.cl ? cl
3348Bit Flipping w7w.uach.cl ? cl
3349Bit Flipping wgw.uach.cl ? cl
3350Bit Flipping wsw.uach.cl ? cl
3351Bit Flipping wuw.uach.cl ? cl
3352Bit Flipping wvw.uach.cl ? cl
3353Bit Flipping ww7.uach.cl ? cl
3354Bit Flipping wwg.uach.cl ? cl
3355Bit Flipping wws.uach.cl ? cl
3356Bit Flipping wwu.uach.cl ? cl
3357Bit Flipping wwv.uach.cl ? cl
3358Bit Flipping www.5ach.cl ? cl
3359Bit Flipping www.qach.cl ? cl
3360Bit Flipping www.tach.cl 186.64.117.75 alt1.aspmx.l.google.com cl
3361Bit Flipping www.uaah.cl ? cl
3362Bit Flipping www.uabh.cl ? cl
3363Bit Flipping www.uach.cd ? cd
3364Bit Flipping www.uach.ch ? ch
3365Bit Flipping www.uach.cm ? cm
3366Bit Flipping www.uach.cn 213.176.118.180 IR,IRAN (ISLAMIC REPUBLIC OF) cn
3367Bit Flipping www.uach.gl ? gl
3368Bit Flipping www.uach.sl ? sl
3369Bit Flipping www.uaci.cl ? cl
3370Bit Flipping www.uacl.cl ? cl
3371Bit Flipping www.uacx.cl ? cl
3372Bit Flipping www.uagh.cl ? cl
3373Bit Flipping www.uakh.cl ? cl
3374Bit Flipping www.uash.cl ? cl
3375Bit Flipping www.ucch.cl ? cl
3376Bit Flipping www.uqch.cl ? cl
3377Bit Flipping www.wach.cl 72.47.228.149 US,UNITED STATES cl
3378Bit Flipping wwwnuach.cl ? cl
3379Homoglyphs vvvvvv.uach.cl ? cl
3380Homoglyphs vvvvw.uach.cl ? cl
3381Homoglyphs vvwvv.uach.cl ? cl
3382Homoglyphs vvww.uach.cl ? cl
3383Homoglyphs wvvvv.uach.cl ? cl
3384Homoglyphs wvvw.uach.cl ? cl
3385Homoglyphs wwvv.uach.cl ? cl
3386Wrong TLD uach.ca ? ca
3387Wrong TLD uach.ch ? ch
3388Wrong TLD uach.com 108.175.168.68 US,UNITED STATES uach.com com
3389Wrong TLD uach.de 88.198.231.12 DE,GERMANY mail.b-io.co de
3390Wrong TLD uach.edu ? edu
3391Wrong TLD uach.es ? es
3392Wrong TLD uach.fr ? fr
3393Wrong TLD uach.it ? it
3394Wrong TLD uach.jp ? jp
3395Wrong TLD uach.net 69.172.201.153 US,UNITED STATES mx247.in-mx.com net
3396Wrong TLD uach.nl ? nl
3397Wrong TLD uach.no ? no
3398Wrong TLD uach.org 64.90.52.84 US,UNITED STATES mx1.dreamhost.com org
3399Wrong TLD uach.ru 91.144.158.89 RU,RUSSIAN FEDERATION ru
3400Wrong TLD uach.se ? se
3401Wrong TLD uach.us ? us
3402#################################################################################################################################
3403--------------------------------------------------------------------------------------------------------------------------------
3404
3405[3/25] http://www.uach.cl/proforma/guias/g_agua.pdf
3406[4/25] http://www.uach.cl/proforma/gcampo/6condlab.pdf
3407[5/25] http://www.uach.cl/proforma/varios/crecimiento.PDF
3408[6/25] http://www.uach.cl/proforma/guias/paisaje.pdf
3409[7/25] http://www.uach.cl/proforma/insitu/10_insitu.pdf
3410[8/25] http://www.uach.cl/proforma/insitu/9_insitu.pdf
3411[9/25] http://www.uach.cl/proforma/guias/gcsuelo.pdf
3412[10/25] http://www.uach.cl/proforma/insitu/7_insitu.pdf
3413[11/25] http://www.uach.cl/proforma/gcampo/bmp.pdf
3414[12/25] http://www.uach.cl/proforma/insitu/2_insitu.pdf
3415[13/25] http://www.uach.cl/proforma/asses/assess.pdf
3416[14/25] http://www.uach.cl/proforma/gcampo/4transp.pdf
3417[15/25] http://www.uach.cl/proforma/varios/Paolapub.PDF
3418[16/25] http://www.uach.cl/proforma/sga/sga.pdf
3419[17/25] http://www.uach.cl/proforma/carbono/guiproca.pdf
3420[18/25] http://www.uach.cl/proforma/gcampo/gbmps.pdf
3421[19/25] http://www.uach.cl/proforma/insitu/8_insitu.pdf
3422[20/25] http://www.uach.cl/bases/concurso182016/
3423[21/25] http://www.uach.cl/bases/concurso172016/
3424[22/25] https://www.uach.cl/externos/proforma/varios/Valdivia.PDF
3425[23/25] https://www.uach.cl/externos/proforma/gcampo/3caminos.pdf
3426[24/25] https://www.uach.cl/procarbono/pdf/simposio_carbono/32_Nadler.PDF
3427[25/25] https://www.uach.cl/procarbono/pdf/simposio_carbono/08_Acosta.PDF
3428--------------------------------------------------------------------------------------------------------------------------------
3429
3430[+] List of users found:
3431--------------------------
3432Jorge Gayoso, Bastienne Schlegel y Mauricio Acu�a
3433Jorge Gayoso - Mauricio Acu�a
3434��Jorge Gayoso
3435Jorge Gayoso y Mauricio Acu�a
3436Jorge Gayoso y Diego Alarc�n
3437Jorge Gayoso & Roberto Mu�oz
3438Jorge Gayoso & Diego Alarc�n
3439��Bastienne Schlegel
3440��scalderon
3441
3442[+] List of software found:
3443-----------------------------
3444Microsoft Office Word
3445Acrobat PDFWriter 4.0 for Windows
3446��C:\WINDOWS\Escritorio\Gu�a de A
3447��SINTITUL
3448Acrobat PDFWriter 4.0 para Windows
3449��Microsoft Word
3450��\\Macu�a\paisaje\Gu�a de Paisaj
3451��C:\DIEGO\GCSFOR~1\GCS3.p65
3452Acrobat 4.0 Import Plug-in for Windows
3453��\\Flacam\impsga\MSGAFt.p65
3454
3455[+] List of paths and servers found:
3456---------------------------------------
3457 Normal.dotm
3458
3459[+] List of e-mails found:
3460#################################################################################################################################
3461[+] www.uach.cl has no SPF record!
3462[*] No DMARC record found. Looking for organizational record
3463[+] No organizational DMARC record
3464[+] Spoofing possible for www.uach.cl!
3465################################################################################################################################
3466WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
3467Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 06:56 EDT
3468Nmap scan report for www.uach.cl (146.83.222.104)
3469Host is up (0.41s latency).
3470rDNS record for 146.83.222.104: callecalle5.uach.cl
3471Not shown: 492 filtered ports, 1 closed port
3472Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3473PORT STATE SERVICE
347480/tcp open http
3475443/tcp open https
34768008/tcp open http
3477
3478Nmap done: 1 IP address (1 host up) scanned in 14.39 seconds
3479#################################################################################################################################
3480Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 06:56 EDT
3481Nmap scan report for www.uach.cl (146.83.222.104)
3482Host is up (0.40s latency).
3483rDNS record for 146.83.222.104: callecalle5.uach.cl
3484Not shown: 1 filtered port
3485PORT STATE SERVICE
348653/udp open|filtered domain
348767/udp open|filtered dhcps
348868/udp open|filtered dhcpc
348969/udp open|filtered tftp
349088/udp open|filtered kerberos-sec
3491123/udp open|filtered ntp
3492137/udp open|filtered netbios-ns
3493139/udp open|filtered netbios-ssn
3494161/udp open|filtered snmp
3495162/udp open|filtered snmptrap
3496389/udp open|filtered ldap
3497500/udp open|filtered isakmp
3498520/udp open|filtered route
34992049/udp open|filtered nfs
3500
3501Nmap done: 1 IP address (1 host up) scanned in 6.15 seconds
3502#################################################################################################################################
3503HTTP/1.1 302 Found
3504Date: Thu, 19 Mar 2020 10:56:36 GMT
3505Server: Apache
3506Location: https://www.uach.cl/
3507Content-Type: text/html; charset=iso-8859-1
3508#################################################################################################################################
3509http://diario.uach.cl/
3510http://innovat.education/innovat-education-es/
3511http://noticias.uach.cl/principal.php?pag=noticia-externo&cod=115441
3512https://derecho.uach.cl/index.php?option=com_content&view=article&id=671&catid=2
3513https://diario.uach.cl/nuevo-llamado-a-concurso-academico-para-integrarse-a-las-facultades-de-ciencias-ciencias-de-la-ingenieria-y-medicina/
3514https://diario.uach.cl/postulaciones-abiertas-para-diplomado-en-arte-terapia/
3515https://diario.uach.cl/uach-realizara-matricula-on-line-para-sus-estudiantes/
3516https://diario.uach.cl/wp-content/uploads/2020/03/Protocolo-para-la-Preveci%C3%B3n-del-Contagio-de-COVID-19-UACh-16.03.2020.pdf
3517https://online.flippingbook.com/view/919282/
3518https://radiouach.cl/
3519https://siveduc.uach.cl/
3520https://twitter.com/UAustraldeChile
3521https://www.facebook.com/UAustraldeChile/
3522https://www.instagram.com/universidadaustraldechile/
3523https://www.mbauach.cl/
3524https://www.uach.cl/alumnos
3525https://www.uach.cl/dw/guia/
3526https://www.uach.cl/exalumnos
3527https://www.uach.cl/facultades/arquitectura-y-artes
3528https://www.uach.cl/facultades/ciencias
3529https://www.uach.cl/facultades/ciencias-agrarias
3530https://www.uach.cl/facultades/ciencias-veterinarias
3531https://www.uach.cl/facultades/cs-forestales-y-recursos-naturales
3532https://www.uach.cl/facultades/medicina
3533https://www.uach.cl/funcionarios
3534https://www.uach.cl/futuros-alumnos
3535https://www.uach.cl/organizacion/asociaciones-gremiales
3536https://www.uach.cl/organizacion/cuerpos-colegiados
3537https://www.uach.cl/sedes-y-campus/campus-patagonia
3538https://www.uach.cl/sedes-y-campus/sede-puerto-montt
3539https://www.uach.cl/uach/_file/5151be071d10c.jpg
3540https://www.uach.cl/uach/_file/518d15c15279d.jpg
3541https://www.uach.cl/uach/_file/5ae3718bf3264.jpg
3542https://www.uach.cl/uach/_file/5c3fac8e1055a.jpg
3543https://www.uach.cl/uach/_file/5cd03cc1a2226.jpg
3544https://www.uach.cl/uach/_file/5cf543da57229.jpg
3545https://www.uach.cl/uach/_file/5e6e2c1a4c5c6.jpg
3546https://www.uach.cl/uach/_file/5e6f991a7a817.jpg
3547https://www.uach.cl/uach/_file/5e72472ecc3dd.jpg
3548https://www.uach.cl/uach/_imag/pix_logos.jpg
3549https://www.w3.org/1999/xhtml
3550http://tvaustral.uach.cl
3551http://www.uach.cl/
3552http://www.uach.cl/organizacion/vicerrectoria/academica/oficina/autoevaluacion/?go=institucional
3553_imag/facebook.jpg
3554/inicio-uach/contacto
3555/sedes-y-campus/informacion-general/mapas
3556text/css
3557text/javascript
3558-//W3C//DTD XHTML 1.0 Transitional//EN
3559//www.uach.cl/transparencia
3560#################################################################################################################################
3561http://www.uach.cl [302 Found] Apache, Country[CHILE][CL], HTTPServer[Apache], IP[146.83.222.104], RedirectLocation[https://www.uach.cl/], Title[302 Found]
3562https://www.uach.cl/ [200 OK] Apache, Country[CHILE][CL], Google-Analytics[UA-27179444-1], HTTPServer[Apache], IP[146.83.222.104], JQuery[1.7.1,2.1.1], Script[text/javascript], Title[Universidad Austral de Chile], probably WordPress, X-UA-Compatible[IE=edge]
3563##################################################################################################################################
3564
3565wig - WebApp Information Gatherer
3566
3567
3568Scanning https://www.uach.cl...
3569___________________________________________ SITE INFO ____________________________________________
3570IP Title
3571146.83.222.104 Universidad Austral de Chile
3572
3573____________________________________________ VERSION _____________________________________________
3574Name Versions Type
3575Apache 2.2.11 | 2.2.12 | 2.2.13 | 2.2.14 | 2.2.15 | 2.2.16 | 2.2.17 Platform
3576 2.2.18 | 2.2.19 | 2.2.20 | 2.2.21 | 2.2.22 | 2.2.23 | 2.2.24
3577 2.2.25 | 2.2.26 | 2.3.0 | 2.3.1 | 2.3.10 | 2.3.11 | 2.3.12
3578 2.3.13 | 2.3.14 | 2.3.15 | 2.3.16 | 2.3.2 | 2.3.3 | 2.3.4
3579 2.3.5 | 2.3.6 | 2.3.7 | 2.3.8 | 2.3.9 | 2.4.0 | 2.4.1
3580 2.4.2 | 2.4.3
3581jQuery 2.1.1 JavaScript
3582
3583__________________________________________ INTERESTING ___________________________________________
3584URL Note Type
3585/robots.txt robots.txt index Interesting
3586
3587__________________________________________________________________________________________________
3588Time: 209.1 sec Urls: 863 Fingerprints: 40401
3589#################################################################################################################################
3590===============================================================
3591Gobuster v3.0.1
3592by OJ Reeves (@TheColonial) & Christian Mehlmauer (@_FireFart_)
3593===============================================================
3594[+] Url: http://www.uach.cl
3595[+] Threads: 10
3596[+] Wordlist: /usr/share/sniper/wordlists/vhosts.txt
3597[+] User Agent: gobuster/3.0.1
3598[+] Timeout: 10s
3599===============================================================
36002020/03/19 07:03:51 Starting gobuster
3601===============================================================
3602Found: api.www.uach.cl (Status: 302) [Size: 273]
3603Found: adserver.www.uach.cl (Status: 302) [Size: 283]
3604Found: apache.www.uach.cl (Status: 302) [Size: 279]
3605Found: ap.www.uach.cl (Status: 302) [Size: 271]
3606Found: 127.0.0.1.www.uach.cl (Status: 302) [Size: 285]
3607Found: alerts.www.uach.cl (Status: 302) [Size: 279]
3608Found: admin.www.uach.cl (Status: 302) [Size: 277]
3609Found: administration.www.uach.cl (Status: 302) [Size: 295]
3610Found: ads.www.uach.cl (Status: 302) [Size: 273]
3611Found: alpha.www.uach.cl (Status: 302) [Size: 277]
3612Found: app.www.uach.cl (Status: 302) [Size: 273]
3613Found: apps.www.uach.cl (Status: 302) [Size: 275]
3614Found: appserver.www.uach.cl (Status: 302) [Size: 285]
3615Found: aptest.www.uach.cl (Status: 302) [Size: 279]
3616Found: auth.www.uach.cl (Status: 302) [Size: 275]
3617Found: backup.www.uach.cl (Status: 302) [Size: 279]
3618Found: blog.www.uach.cl (Status: 302) [Size: 275]
3619Found: beta.www.uach.cl (Status: 302) [Size: 275]
3620Found: cdn.www.uach.cl (Status: 302) [Size: 273]
3621Found: chat.www.uach.cl (Status: 302) [Size: 275]
3622Found: citrix.www.uach.cl (Status: 302) [Size: 279]
3623Found: cms.www.uach.cl (Status: 302) [Size: 273]
3624Found: corp.www.uach.cl (Status: 302) [Size: 275]
3625Found: crs.www.uach.cl (Status: 302) [Size: 273]
3626Found: dashboard.www.uach.cl (Status: 302) [Size: 285]
3627Found: cvs.www.uach.cl (Status: 302) [Size: 273]
3628Found: database.www.uach.cl (Status: 302) [Size: 283]
3629Found: db.www.uach.cl (Status: 302) [Size: 271]
3630Found: demo.www.uach.cl (Status: 302) [Size: 275]
3631Found: dev.www.uach.cl (Status: 302) [Size: 273]
3632Found: devel.www.uach.cl (Status: 302) [Size: 277]
3633Found: development.www.uach.cl (Status: 302) [Size: 289]
3634Found: devsql.www.uach.cl (Status: 302) [Size: 279]
3635Found: devtest.www.uach.cl (Status: 302) [Size: 281]
3636Found: dhcp.www.uach.cl (Status: 302) [Size: 275]
3637Found: direct.www.uach.cl (Status: 302) [Size: 279]
3638Found: dmz.www.uach.cl (Status: 302) [Size: 273]
3639Found: dns.www.uach.cl (Status: 302) [Size: 273]
3640Found: dns0.www.uach.cl (Status: 302) [Size: 275]
3641Found: dns1.www.uach.cl (Status: 302) [Size: 275]
3642Found: dns2.www.uach.cl (Status: 302) [Size: 275]
3643Found: download.www.uach.cl (Status: 302) [Size: 283]
3644Found: en.www.uach.cl (Status: 302) [Size: 271]
3645Found: erp.www.uach.cl (Status: 302) [Size: 273]
3646Found: eshop.www.uach.cl (Status: 302) [Size: 277]
3647Found: exchange.www.uach.cl (Status: 302) [Size: 283]
3648Found: f5.www.uach.cl (Status: 302) [Size: 271]
3649Found: fileserver.www.uach.cl (Status: 302) [Size: 287]
3650Found: firewall.www.uach.cl (Status: 302) [Size: 283]
3651Found: forum.www.uach.cl (Status: 302) [Size: 277]
3652Found: ftp.www.uach.cl (Status: 302) [Size: 273]
3653Found: ftp0.www.uach.cl (Status: 302) [Size: 275]
3654Found: git.www.uach.cl (Status: 302) [Size: 273]
3655Found: gw.www.uach.cl (Status: 302) [Size: 271]
3656Found: help.www.uach.cl (Status: 302) [Size: 275]
3657Found: helpdesk.www.uach.cl (Status: 302) [Size: 283]
3658Found: host.www.uach.cl (Status: 302) [Size: 275]
3659Found: home.www.uach.cl (Status: 302) [Size: 275]
3660Found: http.www.uach.cl (Status: 302) [Size: 275]
3661Found: id.www.uach.cl (Status: 302) [Size: 271]
3662Found: images.www.uach.cl (Status: 302) [Size: 279]
3663Found: info.www.uach.cl (Status: 302) [Size: 275]
3664Found: internal.www.uach.cl (Status: 302) [Size: 283]
3665Found: internet.www.uach.cl (Status: 302) [Size: 283]
3666Found: intra.www.uach.cl (Status: 302) [Size: 277]
3667Found: intranet.www.uach.cl (Status: 302) [Size: 283]
3668Found: ipv6.www.uach.cl (Status: 302) [Size: 275]
3669Found: lab.www.uach.cl (Status: 302) [Size: 273]
3670Found: ldap.www.uach.cl (Status: 302) [Size: 275]
3671Found: linux.www.uach.cl (Status: 302) [Size: 277]
3672Found: local.www.uach.cl (Status: 302) [Size: 277]
3673Found: localhost.www.uach.cl (Status: 302) [Size: 285]
3674Found: log.www.uach.cl (Status: 302) [Size: 273]
3675Found: m.www.uach.cl (Status: 302) [Size: 269]
3676Found: mail.www.uach.cl (Status: 302) [Size: 275]
3677Found: mail2.www.uach.cl (Status: 302) [Size: 277]
3678Found: mail3.www.uach.cl (Status: 302) [Size: 277]
3679Found: mailgate.www.uach.cl (Status: 302) [Size: 283]
3680Found: main.www.uach.cl (Status: 302) [Size: 275]
3681Found: manage.www.uach.cl (Status: 302) [Size: 279]
3682Found: mgmt.www.uach.cl (Status: 302) [Size: 275]
3683Found: mirror.www.uach.cl (Status: 302) [Size: 279]
3684Found: mobile.www.uach.cl (Status: 302) [Size: 279]
3685Found: monitor.www.uach.cl (Status: 302) [Size: 281]
3686Found: mssql.www.uach.cl (Status: 302) [Size: 277]
3687Found: mta.www.uach.cl (Status: 302) [Size: 273]
3688Found: mx0.www.uach.cl (Status: 302) [Size: 273]
3689Found: mx.www.uach.cl (Status: 302) [Size: 271]
3690Found: mx1.www.uach.cl (Status: 302) [Size: 273]
3691Found: mysql.www.uach.cl (Status: 302) [Size: 277]
3692Found: news.www.uach.cl (Status: 302) [Size: 275]
3693Found: noc.www.uach.cl (Status: 302) [Size: 273]
3694Found: ns.www.uach.cl (Status: 302) [Size: 271]
3695Found: ns0.www.uach.cl (Status: 302) [Size: 273]
3696Found: ns1.www.uach.cl (Status: 302) [Size: 273]
3697Found: ns2.www.uach.cl (Status: 302) [Size: 273]
3698Found: ns3.www.uach.cl (Status: 302) [Size: 273]
3699Found: ntp.www.uach.cl (Status: 302) [Size: 273]
3700Found: old.www.uach.cl (Status: 302) [Size: 273]
3701Found: owa.www.uach.cl (Status: 302) [Size: 273]
3702Found: ops.www.uach.cl (Status: 302) [Size: 273]
3703Found: oracle.www.uach.cl (Status: 302) [Size: 279]
3704Found: pbx.www.uach.cl (Status: 302) [Size: 273]
3705Found: portal.www.uach.cl (Status: 302) [Size: 279]
3706Found: s3.www.uach.cl (Status: 302) [Size: 271]
3707Found: secure.www.uach.cl (Status: 302) [Size: 279]
3708Found: server.www.uach.cl (Status: 302) [Size: 279]
3709Found: sharepoint.www.uach.cl (Status: 302) [Size: 287]
3710Found: shop.www.uach.cl (Status: 302) [Size: 275]
3711Found: sip.www.uach.cl (Status: 302) [Size: 273]
3712Found: smtp.www.uach.cl (Status: 302) [Size: 275]
3713Found: sql.www.uach.cl (Status: 302) [Size: 273]
3714Found: squid.www.uach.cl (Status: 302) [Size: 277]
3715Found: ssh.www.uach.cl (Status: 302) [Size: 273]
3716Found: ssl.www.uach.cl (Status: 302) [Size: 273]
3717Found: stage.www.uach.cl (Status: 302) [Size: 277]
3718Found: staging.www.uach.cl (Status: 302) [Size: 281]
3719Found: stats.www.uach.cl (Status: 302) [Size: 277]
3720Found: status.www.uach.cl (Status: 302) [Size: 279]
3721Found: svn.www.uach.cl (Status: 302) [Size: 273]
3722Found: syslog.www.uach.cl (Status: 302) [Size: 279]
3723Found: test1.www.uach.cl (Status: 302) [Size: 277]
3724Found: test.www.uach.cl (Status: 302) [Size: 275]
3725Found: test2.www.uach.cl (Status: 302) [Size: 277]
3726Found: testing.www.uach.cl (Status: 302) [Size: 281]
3727Found: uat.www.uach.cl (Status: 302) [Size: 273]
3728Found: upload.www.uach.cl (Status: 302) [Size: 279]
3729Found: v1.www.uach.cl (Status: 302) [Size: 271]
3730Found: v2.www.uach.cl (Status: 302) [Size: 271]
3731Found: v3.www.uach.cl (Status: 302) [Size: 271]
3732Found: vnc.www.uach.cl (Status: 302) [Size: 273]
3733Found: vpn.www.uach.cl (Status: 302) [Size: 273]
3734Found: vm.www.uach.cl (Status: 302) [Size: 271]
3735Found: voip.www.uach.cl (Status: 302) [Size: 275]
3736Found: web.www.uach.cl (Status: 302) [Size: 273]
3737Found: web2test.www.uach.cl (Status: 302) [Size: 283]
3738Found: whois.www.uach.cl (Status: 302) [Size: 277]
3739Found: wiki.www.uach.cl (Status: 302) [Size: 275]
3740Found: www.www.uach.cl (Status: 302) [Size: 273]
3741Found: www2.www.uach.cl (Status: 302) [Size: 275]
3742Found: xml.www.uach.cl (Status: 302) [Size: 273]
3743===============================================================
37442020/03/19 07:03:59 Finished
3745===============================================================
3746#################################################################################################################################
3747Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 07:03 EDT
3748NSE: Loaded 161 scripts for scanning.
3749NSE: Script Pre-scanning.
3750Initiating NSE at 07:03
3751Completed NSE at 07:03, 0.00s elapsed
3752Initiating NSE at 07:03
3753Completed NSE at 07:03, 0.00s elapsed
3754Initiating Parallel DNS resolution of 1 host. at 07:03
3755Completed Parallel DNS resolution of 1 host. at 07:03, 0.02s elapsed
3756Initiating SYN Stealth Scan at 07:03
3757Scanning www.uach.cl (146.83.222.104) [1 port]
3758Discovered open port 80/tcp on 146.83.222.104
3759Completed SYN Stealth Scan at 07:04, 0.44s elapsed (1 total ports)
3760Initiating Service scan at 07:04
3761Scanning 1 service on www.uach.cl (146.83.222.104)
3762Completed Service scan at 07:04, 6.85s elapsed (1 service on 1 host)
3763Initiating OS detection (try #1) against www.uach.cl (146.83.222.104)
3764Retrying OS detection (try #2) against www.uach.cl (146.83.222.104)
3765Initiating Traceroute at 07:04
3766Completed Traceroute at 07:04, 3.02s elapsed
3767Initiating Parallel DNS resolution of 19 hosts. at 07:04
3768Completed Parallel DNS resolution of 19 hosts. at 07:04, 2.52s elapsed
3769NSE: Script scanning 146.83.222.104.
3770Initiating NSE at 07:04
3771Completed NSE at 07:05, 90.10s elapsed
3772Initiating NSE at 07:05
3773Completed NSE at 07:05, 1.85s elapsed
3774Nmap scan report for www.uach.cl (146.83.222.104)
3775Host is up (0.40s latency).
3776rDNS record for 146.83.222.104: callecalle5.uach.cl
3777
3778PORT STATE SERVICE VERSION
377980/tcp open http Apache httpd
3780| http-brute:
3781|_ Path "/" does not require authentication
3782|_http-chrono: Request times for /; avg: 1004.60ms; min: 948.25ms; max: 1053.37ms
3783|_http-csrf: Couldn't find any CSRF vulnerabilities.
3784|_http-date: Thu, 19 Mar 2020 11:04:08 GMT; -17s from local time.
3785|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
3786|_http-dombased-xss: Couldn't find any DOM based XSS.
3787|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
3788|_http-errors: Couldn't find any error pages.
3789|_http-feed: Couldn't find any feeds.
3790|_http-fetch: Please enter the complete path of the directory to save data in.
3791| http-headers:
3792| Date: Thu, 19 Mar 2020 11:04:21 GMT
3793| Server: Apache
3794| Location: https://www.uach.cl/
3795| Content-Length: 265
3796| Connection: close
3797| Content-Type: text/html; charset=iso-8859-1
3798|
3799|_ (Request type: GET)
3800|_http-jsonp-detection: Couldn't find any JSONP endpoints.
3801| http-methods:
3802|_ Supported Methods: GET HEAD POST OPTIONS
3803|_http-mobileversion-checker: No mobile version detected.
3804|_http-security-headers:
3805|_http-server-header: Apache
3806| http-sitemap-generator:
3807| Directory structure:
3808| Longest directory structure:
3809| Depth: 0
3810| Dir: /
3811| Total files found (by extension):
3812|_
3813|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
3814|_http-title: Did not follow redirect to https://www.uach.cl/
3815| http-vhosts:
3816|_127 names had status 302
3817|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
3818|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
3819|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
3820|_http-xssed: No previously reported XSS vuln.
3821Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3822Device type: general purpose|storage-misc|firewall
3823Running (JUST GUESSING): Linux 2.6.X|3.X (90%), Synology DiskStation Manager 5.X (88%), WatchGuard Fireware 11.X (87%)
3824OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8
3825Aggressive OS guesses: Linux 2.6.32 (90%), Linux 2.6.39 (90%), Linux 3.10 (89%), Linux 3.4 (89%), Linux 3.1 - 3.2 (89%), Synology DiskStation Manager 5.1 (88%), Linux 2.6.32 or 3.10 (87%), WatchGuard Fireware 11.8 (87%), Linux 2.6.32 - 2.6.39 (85%)
3826No exact OS matches for host (test conditions non-ideal).
3827Uptime guess: 23.978 days (since Mon Feb 24 06:38:10 2020)
3828Network Distance: 22 hops
3829TCP Sequence Prediction: Difficulty=263 (Good luck!)
3830IP ID Sequence Generation: All zeros
3831Service Info: Host: localhost.localdomain
3832
3833TRACEROUTE (using port 80/tcp)
3834HOP RTT ADDRESS
38351 137.07 ms 10.203.17.1
38362 ...
38373 137.65 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
38384 137.63 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
38395 143.21 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
38406 165.10 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
38417 166.83 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
38428 259.14 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
38439 251.78 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
384410 247.46 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
384511 260.99 ms be2331.ccr41.iad02.atlas.cogentco.com (154.54.85.241)
384612 259.76 ms be3083.ccr41.dca01.atlas.cogentco.com (154.54.30.53)
384713 268.97 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
384814 278.48 ms be3483.ccr22.mia01.atlas.cogentco.com (154.54.28.50)
384915 277.52 ms 38.104.95.186
385016 280.50 ms 38.104.95.186
385117 385.91 ms reacciun-pa.redclara.net (200.0.204.150)
385218 394.89 ms ra-uach-cga.reuna.cl (146.83.244.51)
385319 420.98 ms vpn.uach.cl (200.2.119.114)
385420 389.97 ms 200.2.119.206
385521 397.12 ms 200.2.119.206
385622 395.26 ms callecalle5.uach.cl (146.83.222.104)
3857
3858NSE: Script Post-scanning.
3859Initiating NSE at 07:05
3860Completed NSE at 07:05, 0.00s elapsed
3861Initiating NSE at 07:05
3862Completed NSE at 07:05, 0.00s elapsed
3863#################################################################################################################################
3864------------------------------------------------------------------------------------------------------------------------
3865
3866[ ! ] Starting SCANNER INURLBR 2.1 at [19-03-2020 07:06:28]
3867[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
3868It is the end user's responsibility to obey all applicable local, state and federal laws.
3869Developers assume no liability and are not responsible for any misuse or damage caused by this program
3870
3871[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.uach.cl/output/inurlbr-www.uach.cl ]
3872[ INFO ][ DORK ]::[ site:www.uach.cl ]
3873[ INFO ][ SEARCHING ]:: {
3874[ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.sb ]
3875
3876[ INFO ][ SEARCHING ]::
3877-[:::]
3878[ INFO ][ ENGINE ]::[ GOOGLE API ]
3879
3880[ INFO ][ SEARCHING ]::
3881-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3882[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.sm ID: 007843865286850066037:b0heuatvay8 ]
3883
3884[ INFO ][ SEARCHING ]::
3885-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3886
3887[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
3888
3889
3890 _[ - ]::--------------------------------------------------------------------------------------------------------------
3891|_[ + ] [ 0 / 100 ]-[07:06:49] [ - ]
3892|_[ + ] Target:: [ https://www.uach.cl/office/ ]
3893|_[ + ] Exploit::
3894|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
3895|_[ + ] More details:: / - / , ISP:
3896|_[ + ] Found:: UNIDENTIFIED
3897
3898 _[ - ]::--------------------------------------------------------------------------------------------------------------
3899|_[ + ] [ 1 / 100 ]-[07:06:51] [ - ]
3900|_[ + ] Target:: [ https://www.uach.cl/ ]
3901|_[ + ] Exploit::
3902|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
3903|_[ + ] More details:: / - / , ISP:
3904|_[ + ] Found:: UNIDENTIFIED
3905
3906 _[ - ]::--------------------------------------------------------------------------------------------------------------
3907|_[ + ] [ 2 / 100 ]-[07:06:54] [ - ]
3908|_[ + ] Target:: [ https://www.uach.cl/dw/postulaciones2020/ ]
3909|_[ + ] Exploit::
3910|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
3911|_[ + ] More details:: / - / , ISP:
3912|_[ + ] Found:: UNIDENTIFIED
3913
3914 _[ - ]::--------------------------------------------------------------------------------------------------------------
3915|_[ + ] [ 3 / 100 ]-[07:06:56] [ - ]
3916|_[ + ] Target:: [ http://www.uach.cl/dw/guia/ ]
3917|_[ + ] Exploit::
3918|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:80
3919|_[ + ] More details:: / - / , ISP:
3920|_[ + ] Found:: UNIDENTIFIED
3921
3922 _[ - ]::--------------------------------------------------------------------------------------------------------------
3923|_[ + ] [ 4 / 100 ]-[07:06:59] [ - ]
3924|_[ + ] Target:: [ https://www.uach.cl/alumnos ]
3925|_[ + ] Exploit::
3926|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
3927|_[ + ] More details:: / - / , ISP:
3928|_[ + ] Found:: UNIDENTIFIED
3929
3930 _[ - ]::--------------------------------------------------------------------------------------------------------------
3931|_[ + ] [ 5 / 100 ]-[07:07:02] [ - ]
3932|_[ + ] Target:: [ https://www.uach.cl/funcionarios ]
3933|_[ + ] Exploit::
3934|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
3935|_[ + ] More details:: / - / , ISP:
3936|_[ + ] Found:: UNIDENTIFIED
3937
3938 _[ - ]::--------------------------------------------------------------------------------------------------------------
3939|_[ + ] [ 6 / 100 ]-[07:07:05] [ - ]
3940|_[ + ] Target:: [ https://www.uach.cl/mecesup ]
3941|_[ + ] Exploit::
3942|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
3943|_[ + ] More details:: / - / , ISP:
3944|_[ + ] Found:: UNIDENTIFIED
3945
3946 _[ - ]::--------------------------------------------------------------------------------------------------------------
3947|_[ + ] [ 7 / 100 ]-[07:07:08] [ - ]
3948|_[ + ] Target:: [ https://www.uach.cl/academicos ]
3949|_[ + ] Exploit::
3950|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
3951|_[ + ] More details:: / - / , ISP:
3952|_[ + ] Found:: UNIDENTIFIED
3953
3954 _[ - ]::--------------------------------------------------------------------------------------------------------------
3955|_[ + ] [ 8 / 100 ]-[07:07:10] [ - ]
3956|_[ + ] Target:: [ http://www.uach.cl/programahonor/ ]
3957|_[ + ] Exploit::
3958|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
3959|_[ + ] More details:: / - / , ISP:
3960|_[ + ] Found:: UNIDENTIFIED
3961
3962 _[ - ]::--------------------------------------------------------------------------------------------------------------
3963|_[ + ] [ 9 / 100 ]-[07:07:12] [ - ]
3964|_[ + ] Target:: [ https://www.uach.cl/acreditacion ]
3965|_[ + ] Exploit::
3966|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
3967|_[ + ] More details:: / - / , ISP:
3968|_[ + ] Found:: UNIDENTIFIED
3969
3970 _[ - ]::--------------------------------------------------------------------------------------------------------------
3971|_[ + ] [ 10 / 100 ]-[07:07:18] [ - ]
3972|_[ + ] Target:: [ https://www.uach.cl/bases/ ]
3973|_[ + ] Exploit::
3974|_[ + ] Information Server:: , , IP:146.83.222.104:443
3975|_[ + ] More details:: / - / , ISP:
3976|_[ + ] Found:: UNIDENTIFIED
3977
3978 _[ - ]::--------------------------------------------------------------------------------------------------------------
3979|_[ + ] [ 11 / 100 ]-[07:07:21] [ - ]
3980|_[ + ] Target:: [ https://www.uach.cl/tui ]
3981|_[ + ] Exploit::
3982|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
3983|_[ + ] More details:: / - / , ISP:
3984|_[ + ] Found:: UNIDENTIFIED
3985
3986 _[ - ]::--------------------------------------------------------------------------------------------------------------
3987|_[ + ] [ 12 / 100 ]-[07:07:22] [ - ]
3988|_[ + ] Target:: [ http://www.uach.cl/procarbono ]
3989|_[ + ] Exploit::
3990|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
3991|_[ + ] More details:: / - / , ISP:
3992|_[ + ] Found:: UNIDENTIFIED
3993
3994 _[ - ]::--------------------------------------------------------------------------------------------------------------
3995|_[ + ] [ 13 / 100 ]-[07:07:23] [ - ]
3996|_[ + ] Target:: [ http://www.uach.cl/labsuelosforestales/ ]
3997|_[ + ] Exploit::
3998|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
3999|_[ + ] More details:: / - / , ISP:
4000|_[ + ] Found:: UNIDENTIFIED
4001
4002 _[ - ]::--------------------------------------------------------------------------------------------------------------
4003|_[ + ] [ 14 / 100 ]-[07:07:26] [ - ]
4004|_[ + ] Target:: [ https://www.uach.cl/elecciones ]
4005|_[ + ] Exploit::
4006|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4007|_[ + ] More details:: / - / , ISP:
4008|_[ + ] Found:: UNIDENTIFIED
4009
4010 _[ - ]::--------------------------------------------------------------------------------------------------------------
4011|_[ + ] [ 15 / 100 ]-[07:07:28] [ - ]
4012|_[ + ] Target:: [ https://www.uach.cl/organizacion/ ]
4013|_[ + ] Exploit::
4014|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4015|_[ + ] More details:: / - / , ISP:
4016|_[ + ] Found:: UNIDENTIFIED
4017
4018 _[ - ]::--------------------------------------------------------------------------------------------------------------
4019|_[ + ] [ 16 / 100 ]-[07:07:30] [ - ]
4020|_[ + ] Target:: [ http://www.uach.cl/abacom/ ]
4021|_[ + ] Exploit::
4022|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4023|_[ + ] More details:: / - / , ISP:
4024|_[ + ] Found:: UNIDENTIFIED
4025
4026 _[ - ]::--------------------------------------------------------------------------------------------------------------
4027|_[ + ] [ 17 / 100 ]-[07:07:32] [ - ]
4028|_[ + ] Target:: [ https://www.uach.cl/tvaustral/ ]
4029|_[ + ] Exploit::
4030|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4031|_[ + ] More details:: / - / , ISP:
4032|_[ + ] Found:: UNIDENTIFIED
4033
4034 _[ - ]::--------------------------------------------------------------------------------------------------------------
4035|_[ + ] [ 18 / 100 ]-[07:07:35] [ - ]
4036|_[ + ] Target:: [ https://www.uach.cl/uach/ ]
4037|_[ + ] Exploit::
4038|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4039|_[ + ] More details:: / - / , ISP:
4040|_[ + ] Found:: UNIDENTIFIED
4041
4042 _[ - ]::--------------------------------------------------------------------------------------------------------------
4043|_[ + ] [ 19 / 100 ]-[07:07:37] [ - ]
4044|_[ + ] Target:: [ https://www.uach.cl/externos/bip30040215/ ]
4045|_[ + ] Exploit::
4046|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
4047|_[ + ] More details:: / - / , ISP:
4048|_[ + ] Found:: UNIDENTIFIED
4049
4050 _[ - ]::--------------------------------------------------------------------------------------------------------------
4051|_[ + ] [ 20 / 100 ]-[07:07:39] [ - ]
4052|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/lareina.html ]
4053|_[ + ] Exploit::
4054|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4055|_[ + ] More details:: / - / , ISP:
4056|_[ + ] Found:: UNIDENTIFIED
4057
4058 _[ - ]::--------------------------------------------------------------------------------------------------------------
4059|_[ + ] [ 21 / 100 ]-[07:07:41] [ - ]
4060|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/eiastripticos_en.html ]
4061|_[ + ] Exploit::
4062|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4063|_[ + ] More details:: / - / , ISP:
4064|_[ + ] Found:: UNIDENTIFIED
4065
4066 _[ - ]::--------------------------------------------------------------------------------------------------------------
4067|_[ + ] [ 22 / 100 ]-[07:07:43] [ - ]
4068|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/legislacion_en.html ]
4069|_[ + ] Exploit::
4070|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4071|_[ + ] More details:: / - / , ISP:
4072|_[ + ] Found:: UNIDENTIFIED
4073
4074 _[ - ]::--------------------------------------------------------------------------------------------------------------
4075|_[ + ] [ 23 / 100 ]-[07:07:44] [ - ]
4076|_[ + ] Target:: [ http://www.uach.cl/proforma/varios/crecimiento.PDF ]
4077|_[ + ] Exploit::
4078|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4079|_[ + ] More details:: / - / , ISP:
4080|_[ + ] Found:: UNIDENTIFIED
4081
4082 _[ - ]::--------------------------------------------------------------------------------------------------------------
4083|_[ + ] [ 24 / 100 ]-[07:07:47] [ - ]
4084|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/autoria_eng.html ]
4085|_[ + ] Exploit::
4086|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4087|_[ + ] More details:: / - / , ISP:
4088|_[ + ] Found:: UNIDENTIFIED
4089
4090 _[ - ]::--------------------------------------------------------------------------------------------------------------
4091|_[ + ] [ 25 / 100 ]-[07:07:50] [ - ]
4092|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/eventos_extremos_en.html ]
4093|_[ + ] Exploit::
4094|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4095|_[ + ] More details:: / - / , ISP:
4096|_[ + ] Found:: UNIDENTIFIED
4097
4098 _[ - ]::--------------------------------------------------------------------------------------------------------------
4099|_[ + ] [ 26 / 100 ]-[07:07:51] [ - ]
4100|_[ + ] Target:: [ http://www.uach.cl/proforma/guias/paisaje.pdf ]
4101|_[ + ] Exploit::
4102|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4103|_[ + ] More details:: / - / , ISP:
4104|_[ + ] Found:: UNIDENTIFIED
4105
4106 _[ - ]::--------------------------------------------------------------------------------------------------------------
4107|_[ + ] [ 27 / 100 ]-[07:07:52] [ - ]
4108|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/otrosdoc.html ]
4109|_[ + ] Exploit::
4110|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4111|_[ + ] More details:: / - / , ISP:
4112|_[ + ] Found:: UNIDENTIFIED
4113
4114 _[ - ]::--------------------------------------------------------------------------------------------------------------
4115|_[ + ] [ 28 / 100 ]-[07:07:55] [ - ]
4116|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/wp3_iroume_hubert_schulz_2005.html ]
4117|_[ + ] Exploit::
4118|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4119|_[ + ] More details:: / - / , ISP:
4120|_[ + ] Found:: UNIDENTIFIED
4121
4122 _[ - ]::--------------------------------------------------------------------------------------------------------------
4123|_[ + ] [ 29 / 100 ]-[07:07:59] [ - ]
4124|_[ + ] Target:: [ https://www.uach.cl/organizacion/prorrectoria ]
4125|_[ + ] Exploit::
4126|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4127|_[ + ] More details:: / - / , ISP:
4128|_[ + ] Found:: UNIDENTIFIED
4129
4130 _[ - ]::--------------------------------------------------------------------------------------------------------------
4131|_[ + ] [ 30 / 100 ]-[07:08:02] [ - ]
4132|_[ + ] Target:: [ https://www.uach.cl/dw/matricula/ ]
4133|_[ + ] Exploit::
4134|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4135|_[ + ] More details:: / - / , ISP:
4136|_[ + ] Found:: UNIDENTIFIED
4137
4138 _[ - ]::--------------------------------------------------------------------------------------------------------------
4139|_[ + ] [ 31 / 100 ]-[07:08:05] [ - ]
4140|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/grupochile.html ]
4141|_[ + ] Exploit::
4142|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4143|_[ + ] More details:: / - / , ISP:
4144|_[ + ] Found:: UNIDENTIFIED
4145
4146 _[ - ]::--------------------------------------------------------------------------------------------------------------
4147|_[ + ] [ 32 / 100 ]-[07:08:07] [ - ]
4148|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/eiasmanuales.html ]
4149|_[ + ] Exploit::
4150|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4151|_[ + ] More details:: / - / , ISP:
4152|_[ + ] Found:: UNIDENTIFIED
4153
4154 _[ - ]::--------------------------------------------------------------------------------------------------------------
4155|_[ + ] [ 33 / 100 ]-[07:08:10] [ - ]
4156|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/legislacion.html ]
4157|_[ + ] Exploit::
4158|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4159|_[ + ] More details:: / - / , ISP:
4160|_[ + ] Found:: UNIDENTIFIED
4161
4162 _[ - ]::--------------------------------------------------------------------------------------------------------------
4163|_[ + ] [ 34 / 100 ]-[07:08:13] [ - ]
4164|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/wp3_iroume_mayen_hubert_2005.html ]
4165|_[ + ] Exploit::
4166|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4167|_[ + ] More details:: / - / , ISP:
4168|_[ + ] Found:: UNIDENTIFIED
4169
4170 _[ - ]::--------------------------------------------------------------------------------------------------------------
4171|_[ + ] [ 35 / 100 ]-[07:08:16] [ - ]
4172|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/presentposter_en.html ]
4173|_[ + ] Exploit::
4174|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4175|_[ + ] More details:: / - / , ISP:
4176|_[ + ] Found:: UNIDENTIFIED
4177
4178 _[ - ]::--------------------------------------------------------------------------------------------------------------
4179|_[ + ] [ 36 / 100 ]-[07:08:18] [ - ]
4180|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/pumilahue_en.html ]
4181|_[ + ] Exploit::
4182|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4183|_[ + ] More details:: / - / , ISP:
4184|_[ + ] Found:: UNIDENTIFIED
4185
4186 _[ - ]::--------------------------------------------------------------------------------------------------------------
4187|_[ + ] [ 37 / 100 ]-[07:08:19] [ - ]
4188|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/lospinos.html ]
4189|_[ + ] Exploit::
4190|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4191|_[ + ] More details:: / - / , ISP:
4192|_[ + ] Found:: UNIDENTIFIED
4193
4194 _[ - ]::--------------------------------------------------------------------------------------------------------------
4195|_[ + ] [ 38 / 100 ]-[07:08:22] [ - ]
4196|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/visitas.html ]
4197|_[ + ] Exploit::
4198|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4199|_[ + ] More details:: / - / , ISP:
4200|_[ + ] Found:: UNIDENTIFIED
4201
4202 _[ - ]::--------------------------------------------------------------------------------------------------------------
4203|_[ + ] [ 39 / 100 ]-[07:08:23] [ - ]
4204|_[ + ] Target:: [ http://www.uach.cl/internacional/principal ]
4205|_[ + ] Exploit::
4206|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4207|_[ + ] More details:: / - / , ISP:
4208|_[ + ] Found:: UNIDENTIFIED
4209
4210 _[ - ]::--------------------------------------------------------------------------------------------------------------
4211|_[ + ] [ 40 / 100 ]-[07:08:25] [ - ]
4212|_[ + ] Target:: [ http://www.uach.cl/proforma/gcampo/bmp.pdf ]
4213|_[ + ] Exploit::
4214|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4215|_[ + ] More details:: / - / , ISP:
4216|_[ + ] Found:: UNIDENTIFIED
4217
4218 _[ - ]::--------------------------------------------------------------------------------------------------------------
4219|_[ + ] [ 41 / 100 ]-[07:08:26] [ - ]
4220|_[ + ] Target:: [ http://www.uach.cl/proforma/insitu/2_insitu.pdf ]
4221|_[ + ] Exploit::
4222|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4223|_[ + ] More details:: / - / , ISP:
4224|_[ + ] Found:: UNIDENTIFIED
4225
4226 _[ - ]::--------------------------------------------------------------------------------------------------------------
4227|_[ + ] [ 42 / 100 ]-[07:08:28] [ - ]
4228|_[ + ] Target:: [ http://www.uach.cl/unidades/contraloria/ ]
4229|_[ + ] Exploit::
4230|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4231|_[ + ] More details:: / - / , ISP:
4232|_[ + ] Found:: UNIDENTIFIED
4233
4234 _[ - ]::--------------------------------------------------------------------------------------------------------------
4235|_[ + ] [ 43 / 100 ]-[07:08:30] [ - ]
4236|_[ + ] Target:: [ https://www.uach.cl/mecesup/pmis ]
4237|_[ + ] Exploit::
4238|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4239|_[ + ] More details:: / - / , ISP:
4240|_[ + ] Found:: UNIDENTIFIED
4241
4242 _[ - ]::--------------------------------------------------------------------------------------------------------------
4243|_[ + ] [ 44 / 100 ]-[07:08:33] [ - ]
4244|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/contacto_en.html ]
4245|_[ + ] Exploit::
4246|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4247|_[ + ] More details:: / - / , ISP:
4248|_[ + ] Found:: UNIDENTIFIED
4249
4250 _[ - ]::--------------------------------------------------------------------------------------------------------------
4251|_[ + ] [ 45 / 100 ]-[07:08:34] [ - ]
4252|_[ + ] Target:: [ http://www.uach.cl/proforma/asses/assess.pdf ]
4253|_[ + ] Exploit::
4254|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4255|_[ + ] More details:: / - / , ISP:
4256|_[ + ] Found:: UNIDENTIFIED
4257
4258 _[ - ]::--------------------------------------------------------------------------------------------------------------
4259|_[ + ] [ 46 / 100 ]-[07:08:36] [ - ]
4260|_[ + ] Target:: [ http://www.uach.cl/proforma/gcampo/4transp.pdf ]
4261|_[ + ] Exploit::
4262|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4263|_[ + ] More details:: / - / , ISP:
4264|_[ + ] Found:: UNIDENTIFIED
4265
4266 _[ - ]::--------------------------------------------------------------------------------------------------------------
4267|_[ + ] [ 47 / 100 ]-[07:08:39] [ - ]
4268|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/revision_en.html ]
4269|_[ + ] Exploit::
4270|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4271|_[ + ] More details:: / - / , ISP:
4272|_[ + ] Found:: UNIDENTIFIED
4273
4274 _[ - ]::--------------------------------------------------------------------------------------------------------------
4275|_[ + ] [ 48 / 100 ]-[07:08:41] [ - ]
4276|_[ + ] Target:: [ https://www.uach.cl/pregrado/principal ]
4277|_[ + ] Exploit::
4278|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
4279|_[ + ] More details:: / - / , ISP:
4280|_[ + ] Found:: UNIDENTIFIED
4281
4282 _[ - ]::--------------------------------------------------------------------------------------------------------------
4283|_[ + ] [ 49 / 100 ]-[07:08:44] [ - ]
4284|_[ + ] Target:: [ https://www.uach.cl/organizacion/contraloria ]
4285|_[ + ] Exploit::
4286|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
4287|_[ + ] More details:: / - / , ISP:
4288|_[ + ] Found:: UNIDENTIFIED
4289
4290 _[ - ]::--------------------------------------------------------------------------------------------------------------
4291|_[ + ] [ 50 / 100 ]-[07:08:47] [ - ]
4292|_[ + ] Target:: [ https://www.uach.cl/externos/iv_encuentro_secretarias/ ]
4293|_[ + ] Exploit::
4294|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4295|_[ + ] More details:: / - / , ISP:
4296|_[ + ] Found:: UNIDENTIFIED
4297
4298 _[ - ]::--------------------------------------------------------------------------------------------------------------
4299|_[ + ] [ 51 / 100 ]-[07:08:49] [ - ]
4300|_[ + ] Target:: [ https://www.uach.cl/aniversario/65 ]
4301|_[ + ] Exploit::
4302|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4303|_[ + ] More details:: / - / , ISP:
4304|_[ + ] Found:: UNIDENTIFIED
4305
4306 _[ - ]::--------------------------------------------------------------------------------------------------------------
4307|_[ + ] [ 52 / 100 ]-[07:08:53] [ - ]
4308|_[ + ] Target:: [ https://www.uach.cl/investigacion/principal ]
4309|_[ + ] Exploit::
4310|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4311|_[ + ] More details:: / - / , ISP:
4312|_[ + ] Found:: UNIDENTIFIED
4313
4314 _[ - ]::--------------------------------------------------------------------------------------------------------------
4315|_[ + ] [ 53 / 100 ]-[07:08:55] [ - ]
4316|_[ + ] Target:: [ https://www.uach.cl/transparencia/investigacion ]
4317|_[ + ] Exploit::
4318|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4319|_[ + ] More details:: / - / , ISP:
4320|_[ + ] Found:: UNIDENTIFIED
4321
4322 _[ - ]::--------------------------------------------------------------------------------------------------------------
4323|_[ + ] [ 54 / 100 ]-[07:08:58] [ - ]
4324|_[ + ] Target:: [ https://www.uach.cl/aniversario/64 ]
4325|_[ + ] Exploit::
4326|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4327|_[ + ] More details:: / - / , ISP:
4328|_[ + ] Found:: UNIDENTIFIED
4329
4330 _[ - ]::--------------------------------------------------------------------------------------------------------------
4331|_[ + ] [ 55 / 100 ]-[07:09:01] [ - ]
4332|_[ + ] Target:: [ https://www.uach.cl/exalumnos/contacto ]
4333|_[ + ] Exploit::
4334|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4335|_[ + ] More details:: / - / , ISP:
4336|_[ + ] Found:: UNIDENTIFIED
4337
4338 _[ - ]::--------------------------------------------------------------------------------------------------------------
4339|_[ + ] [ 56 / 100 ]-[07:09:03] [ - ]
4340|_[ + ] Target:: [ https://www.uach.cl/cop25/presentacion ]
4341|_[ + ] Exploit::
4342|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4343|_[ + ] More details:: / - / , ISP:
4344|_[ + ] Found:: UNIDENTIFIED
4345
4346 _[ - ]::--------------------------------------------------------------------------------------------------------------
4347|_[ + ] [ 57 / 100 ]-[07:09:06] [ - ]
4348|_[ + ] Target:: [ https://www.uach.cl/elecciones/comision ]
4349|_[ + ] Exploit::
4350|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4351|_[ + ] More details:: / - / , ISP:
4352|_[ + ] Found:: UNIDENTIFIED
4353
4354 _[ - ]::--------------------------------------------------------------------------------------------------------------
4355|_[ + ] [ 58 / 100 ]-[07:09:08] [ - ]
4356|_[ + ] Target:: [ https://www.uach.cl/mecesup/ogpi ]
4357|_[ + ] Exploit::
4358|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4359|_[ + ] More details:: / - / , ISP:
4360|_[ + ] Found:: UNIDENTIFIED
4361
4362 _[ - ]::--------------------------------------------------------------------------------------------------------------
4363|_[ + ] [ 59 / 100 ]-[07:09:11] [ - ]
4364|_[ + ] Target:: [ https://www.uach.cl/elecciones/normativa ]
4365|_[ + ] Exploit::
4366|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4367|_[ + ] More details:: / - / , ISP:
4368|_[ + ] Found:: UNIDENTIFIED
4369
4370 _[ - ]::--------------------------------------------------------------------------------------------------------------
4371|_[ + ] [ 60 / 100 ]-[07:09:14] [ - ]
4372|_[ + ] Target:: [ https://www.uach.cl/solicitudemail.php ]
4373|_[ + ] Exploit::
4374|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4375|_[ + ] More details:: / - / , ISP:
4376|_[ + ] Found:: UNIDENTIFIED
4377
4378 _[ - ]::--------------------------------------------------------------------------------------------------------------
4379|_[ + ] [ 61 / 100 ]-[07:09:17] [ - ]
4380|_[ + ] Target:: [ https://www.uach.cl/elecciones/candidatos ]
4381|_[ + ] Exploit::
4382|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4383|_[ + ] More details:: / - / , ISP:
4384|_[ + ] Found:: UNIDENTIFIED
4385
4386 _[ - ]::--------------------------------------------------------------------------------------------------------------
4387|_[ + ] [ 62 / 100 ]-[07:09:19] [ - ]
4388|_[ + ] Target:: [ https://www.uach.cl/mecesup/pms ]
4389|_[ + ] Exploit::
4390|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4391|_[ + ] More details:: / - / , ISP:
4392|_[ + ] Found:: UNIDENTIFIED
4393
4394 _[ - ]::--------------------------------------------------------------------------------------------------------------
4395|_[ + ] [ 63 / 100 ]-[07:09:22] [ - ]
4396|_[ + ] Target:: [ https://www.uach.cl/dw/puntajes2020/ ]
4397|_[ + ] Exploit::
4398|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4399|_[ + ] More details:: / - / , ISP:
4400|_[ + ] Found:: UNIDENTIFIED
4401
4402 _[ - ]::--------------------------------------------------------------------------------------------------------------
4403|_[ + ] [ 64 / 100 ]-[07:09:25] [ - ]
4404|_[ + ] Target:: [ https://www.uach.cl/exalumnos/registrate ]
4405|_[ + ] Exploit::
4406|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4407|_[ + ] More details:: / - / , ISP:
4408|_[ + ] Found:: UNIDENTIFIED
4409
4410 _[ - ]::--------------------------------------------------------------------------------------------------------------
4411|_[ + ] [ 65 / 100 ]-[07:09:26] [ - ]
4412|_[ + ] Target:: [ http://www.uach.cl/bases/concurso182016/ ]
4413|_[ + ] Exploit::
4414|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4415|_[ + ] More details:: / - / , ISP:
4416|_[ + ] Found:: UNIDENTIFIED
4417
4418 _[ - ]::--------------------------------------------------------------------------------------------------------------
4419|_[ + ] [ 66 / 100 ]-[07:09:29] [ - ]
4420|_[ + ] Target:: [ https://www.uach.cl/tui/contacto ]
4421|_[ + ] Exploit::
4422|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4423|_[ + ] More details:: / - / , ISP:
4424|_[ + ] Found:: UNIDENTIFIED
4425
4426 _[ - ]::--------------------------------------------------------------------------------------------------------------
4427|_[ + ] [ 67 / 100 ]-[07:09:31] [ - ]
4428|_[ + ] Target:: [ https://www.uach.cl/form2mail.php ]
4429|_[ + ] Exploit::
4430|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4431|_[ + ] More details:: / - / , ISP:
4432|_[ + ] Found:: UNIDENTIFIED
4433
4434 _[ - ]::--------------------------------------------------------------------------------------------------------------
4435|_[ + ] [ 68 / 100 ]-[07:09:34] [ - ]
4436|_[ + ] Target:: [ https://www.uach.cl/mapa.php ]
4437|_[ + ] Exploit::
4438|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4439|_[ + ] More details:: / - / , ISP:
4440|_[ + ] Found:: UNIDENTIFIED
4441
4442 _[ - ]::--------------------------------------------------------------------------------------------------------------
4443|_[ + ] [ 69 / 100 ]-[07:09:36] [ - ]
4444|_[ + ] Target:: [ https://www.uach.cl/externos/maderasclear/ ]
4445|_[ + ] Exploit::
4446|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4447|_[ + ] More details:: / - / , ISP:
4448|_[ + ] Found:: UNIDENTIFIED
4449
4450 _[ - ]::--------------------------------------------------------------------------------------------------------------
4451|_[ + ] [ 70 / 100 ]-[07:09:38] [ - ]
4452|_[ + ] Target:: [ https://www.uach.cl/externos/acap/ ]
4453|_[ + ] Exploit::
4454|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4455|_[ + ] More details:: / - / , ISP:
4456|_[ + ] Found:: UNIDENTIFIED
4457
4458 _[ - ]::--------------------------------------------------------------------------------------------------------------
4459|_[ + ] [ 71 / 100 ]-[07:09:42] [ - ]
4460|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/varios/Valdivia.PDF ]
4461|_[ + ] Exploit::
4462|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4463|_[ + ] More details:: / - / , ISP:
4464|_[ + ] Found:: UNIDENTIFIED
4465
4466 _[ - ]::--------------------------------------------------------------------------------------------------------------
4467|_[ + ] [ 72 / 100 ]-[07:09:47] [ - ]
4468|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/gcampo/3caminos.pdf ]
4469|_[ + ] Exploit::
4470|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4471|_[ + ] More details:: / - / , ISP:
4472|_[ + ] Found:: UNIDENTIFIED
4473
4474 _[ - ]::--------------------------------------------------------------------------------------------------------------
4475|_[ + ] [ 73 / 100 ]-[07:09:50] [ - ]
4476|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/08_Acosta.PDF ]
4477|_[ + ] Exploit::
4478|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4479|_[ + ] More details:: / - / , ISP:
4480|_[ + ] Found:: UNIDENTIFIED
4481
4482 _[ - ]::--------------------------------------------------------------------------------------------------------------
4483|_[ + ] [ 74 / 100 ]-[07:09:54] [ - ]
4484|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/17_Zapata.PDF ]
4485|_[ + ] Exploit::
4486|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4487|_[ + ] More details:: / - / , ISP:
4488|_[ + ] Found:: UNIDENTIFIED
4489
4490 _[ - ]::--------------------------------------------------------------------------------------------------------------
4491|_[ + ] [ 75 / 100 ]-[07:09:58] [ - ]
4492|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/52_Schlatter.PDF ]
4493|_[ + ] Exploit::
4494|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4495|_[ + ] More details:: / - / , ISP:
4496|_[ + ] Found:: UNIDENTIFIED
4497
4498 _[ - ]::--------------------------------------------------------------------------------------------------------------
4499|_[ + ] [ 76 / 100 ]-[07:10:01] [ - ]
4500|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/41_Watzlawick.PDF ]
4501|_[ + ] Exploit::
4502|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4503|_[ + ] More details:: / - / , ISP:
4504|_[ + ] Found:: UNIDENTIFIED
4505
4506 _[ - ]::--------------------------------------------------------------------------------------------------------------
4507|_[ + ] [ 77 / 100 ]-[07:10:06] [ - ]
4508|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/gcampo/6condlab.pdf ]
4509|_[ + ] Exploit::
4510|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4511|_[ + ] More details:: / - / , ISP:
4512|_[ + ] Found:: UNIDENTIFIED
4513
4514 _[ - ]::--------------------------------------------------------------------------------------------------------------
4515|_[ + ] [ 78 / 100 ]-[07:10:09] [ - ]
4516|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/22_Mercadet.PDF ]
4517|_[ + ] Exploit::
4518|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4519|_[ + ] More details:: / - / , ISP:
4520|_[ + ] Found:: UNIDENTIFIED
4521
4522 _[ - ]::--------------------------------------------------------------------------------------------------------------
4523|_[ + ] [ 79 / 100 ]-[07:10:12] [ - ]
4524|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/insitu/9_insitu.pdf ]
4525|_[ + ] Exploit::
4526|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4527|_[ + ] More details:: / - / , ISP:
4528|_[ + ] Found:: UNIDENTIFIED
4529
4530 _[ - ]::--------------------------------------------------------------------------------------------------------------
4531|_[ + ] [ 80 / 100 ]-[07:10:16] [ - ]
4532|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/insitu/10_insitu.pdf ]
4533|_[ + ] Exploit::
4534|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4535|_[ + ] More details:: / - / , ISP:
4536|_[ + ] Found:: UNIDENTIFIED
4537
4538 _[ - ]::--------------------------------------------------------------------------------------------------------------
4539|_[ + ] [ 81 / 100 ]-[07:10:21] [ ! ]
4540|_[ + ] Target:: [ ( POTENTIALLY VULNERABLE ) https://www.uach.cl/externos/proforma/suelos/gcsuelo.pdf ]
4541|_[ + ] Exploit::
4542|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4543|_[ + ] More details:: / - / , ISP:
4544|_[ + ] Found:: POSTGRESQL-06 - VALUE: pg_
4545|_[ + ] VALUE SAVED IN THE FILE:: inurlbr-www.uach.cl
4546
4547 _[ - ]::--------------------------------------------------------------------------------------------------------------
4548|_[ + ] [ 82 / 100 ]-[07:10:24] [ - ]
4549|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/insitu/6_insitu.pdf ]
4550|_[ + ] Exploit::
4551|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4552|_[ + ] More details:: / - / , ISP:
4553|_[ + ] Found:: UNIDENTIFIED
4554
4555 _[ - ]::--------------------------------------------------------------------------------------------------------------
4556|_[ + ] [ 83 / 100 ]-[07:10:28] [ - ]
4557|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/28_Herrera.PDF ]
4558|_[ + ] Exploit::
4559|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4560|_[ + ] More details:: / - / , ISP:
4561|_[ + ] Found:: UNIDENTIFIED
4562
4563 _[ - ]::--------------------------------------------------------------------------------------------------------------
4564|_[ + ] [ 84 / 100 ]-[07:10:31] [ - ]
4565|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/31_Navar.PDF ]
4566|_[ + ] Exploit::
4567|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4568|_[ + ] More details:: / - / , ISP:
4569|_[ + ] Found:: UNIDENTIFIED
4570
4571 _[ - ]::--------------------------------------------------------------------------------------------------------------
4572|_[ + ] [ 85 / 100 ]-[07:10:34] [ - ]
4573|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/15_Gutierrez.PDF ]
4574|_[ + ] Exploit::
4575|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4576|_[ + ] More details:: / - / , ISP:
4577|_[ + ] Found:: UNIDENTIFIED
4578
4579 _[ - ]::--------------------------------------------------------------------------------------------------------------
4580|_[ + ] [ 86 / 100 ]-[07:10:38] [ - ]
4581|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/26_Orrego.PDF ]
4582|_[ + ] Exploit::
4583|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4584|_[ + ] More details:: / - / , ISP:
4585|_[ + ] Found:: UNIDENTIFIED
4586
4587 _[ - ]::--------------------------------------------------------------------------------------------------------------
4588|_[ + ] [ 87 / 100 ]-[07:10:41] [ - ]
4589|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/04_Harkin.PDF ]
4590|_[ + ] Exploit::
4591|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4592|_[ + ] More details:: / - / , ISP:
4593|_[ + ] Found:: UNIDENTIFIED
4594
4595 _[ - ]::--------------------------------------------------------------------------------------------------------------
4596|_[ + ] [ 88 / 100 ]-[07:10:45] [ - ]
4597|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/44_Loguercio.PDF ]
4598|_[ + ] Exploit::
4599|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4600|_[ + ] More details:: / - / , ISP:
4601|_[ + ] Found:: UNIDENTIFIED
4602
4603 _[ - ]::--------------------------------------------------------------------------------------------------------------
4604|_[ + ] [ 89 / 100 ]-[07:10:50] [ - ]
4605|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/pdf/flyer_lwd.pdf ]
4606|_[ + ] Exploit::
4607|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4608|_[ + ] More details:: / - / , ISP:
4609|_[ + ] Found:: UNIDENTIFIED
4610
4611 _[ - ]::--------------------------------------------------------------------------------------------------------------
4612|_[ + ] [ 90 / 100 ]-[07:10:55] [ - ]
4613|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/gcampo/1psitio.pdf ]
4614|_[ + ] Exploit::
4615|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4616|_[ + ] More details:: / - / , ISP:
4617|_[ + ] Found:: UNIDENTIFIED
4618
4619 _[ - ]::--------------------------------------------------------------------------------------------------------------
4620|_[ + ] [ 91 / 100 ]-[07:11:00] [ - ]
4621|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/manuales/guia_destructivo.pdf ]
4622|_[ + ] Exploit::
4623|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4624|_[ + ] More details:: / - / , ISP:
4625|_[ + ] Found:: UNIDENTIFIED
4626
4627 _[ - ]::--------------------------------------------------------------------------------------------------------------
4628|_[ + ] [ 92 / 100 ]-[07:11:04] [ - ]
4629|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/gcampo/5combust.pdf ]
4630|_[ + ] Exploit::
4631|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4632|_[ + ] More details:: / - / , ISP:
4633|_[ + ] Found:: UNIDENTIFIED
4634
4635 _[ - ]::--------------------------------------------------------------------------------------------------------------
4636|_[ + ] [ 93 / 100 ]-[07:11:07] [ - ]
4637|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/varios/Ley19561.PDF ]
4638|_[ + ] Exploit::
4639|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4640|_[ + ] More details:: / - / , ISP:
4641|_[ + ] Found:: UNIDENTIFIED
4642
4643 _[ - ]::--------------------------------------------------------------------------------------------------------------
4644|_[ + ] [ 94 / 100 ]-[07:11:10] [ - ]
4645|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/24_Loza_Balbuena.PDF ]
4646|_[ + ] Exploit::
4647|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4648|_[ + ] More details:: / - / , ISP:
4649|_[ + ] Found:: UNIDENTIFIED
4650
4651 _[ - ]::--------------------------------------------------------------------------------------------------------------
4652|_[ + ] [ 95 / 100 ]-[07:11:14] [ - ]
4653|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/02_De_Jong.PDF ]
4654|_[ + ] Exploit::
4655|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4656|_[ + ] More details:: / - / , ISP:
4657|_[ + ] Found:: UNIDENTIFIED
4658
4659 _[ - ]::--------------------------------------------------------------------------------------------------------------
4660|_[ + ] [ 96 / 100 ]-[07:11:18] [ - ]
4661|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/10_Acosta.PDF ]
4662|_[ + ] Exploit::
4663|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4664|_[ + ] More details:: / - / , ISP:
4665|_[ + ] Found:: UNIDENTIFIED
4666
4667 _[ - ]::--------------------------------------------------------------------------------------------------------------
4668|_[ + ] [ 97 / 100 ]-[07:11:23] [ - ]
4669|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/sga/sga.pdf ]
4670|_[ + ] Exploit::
4671|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4672|_[ + ] More details:: / - / , ISP:
4673|_[ + ] Found:: UNIDENTIFIED
4674
4675 _[ - ]::--------------------------------------------------------------------------------------------------------------
4676|_[ + ] [ 98 / 100 ]-[07:11:26] [ - ]
4677|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/34_Lopez.PDF ]
4678|_[ + ] Exploit::
4679|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4680|_[ + ] More details:: / - / , ISP:
4681|_[ + ] Found:: UNIDENTIFIED
4682
4683 _[ - ]::--------------------------------------------------------------------------------------------------------------
4684|_[ + ] [ 99 / 100 ]-[07:11:27] [ - ]
4685|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/pdf/flyer_wasim.pdf ]
4686|_[ + ] Exploit::
4687|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
4688|_[ + ] More details:: / - / , ISP:
4689|_[ + ] Found:: UNIDENTIFIED
4690
4691[ INFO ] [ Shutting down ]
4692[ INFO ] [ End of process INURLBR at [19-03-2020 07:11:27]
4693[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 1 ]
4694[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.uach.cl/output/inurlbr-www.uach.cl ]
4695|_________________________________________________________________________________________
4696https://www.uach.cl/externos/proforma/suelos/gcsuelo.pdf
4697
4698#################################################################################################################################
4699http://diario.uach.cl/
4700http://innovat.education/innovat-education-es/
4701http://noticias.uach.cl/principal.php?pag=noticia-externo&cod=115441
4702https://derecho.uach.cl/index.php?option=com_content&view=article&id=671&catid=2
4703https://diario.uach.cl/nuevo-llamado-a-concurso-academico-para-integrarse-a-las-facultades-de-ciencias-ciencias-de-la-ingenieria-y-medicina/
4704https://diario.uach.cl/postulaciones-abiertas-para-diplomado-en-arte-terapia/
4705https://diario.uach.cl/uach-realizara-matricula-on-line-para-sus-estudiantes/
4706https://diario.uach.cl/wp-content/uploads/2020/03/Protocolo-para-la-Preveci%C3%B3n-del-Contagio-de-COVID-19-UACh-16.03.2020.pdf
4707https://online.flippingbook.com/view/919282/
4708https://radiouach.cl/
4709https://siveduc.uach.cl/
4710https://twitter.com/UAustraldeChile
4711https://www.facebook.com/UAustraldeChile/
4712https://www.instagram.com/universidadaustraldechile/
4713https://www.mbauach.cl/
4714https://www.uach.cl/alumnos
4715https://www.uach.cl/dw/guia/
4716https://www.uach.cl/exalumnos
4717https://www.uach.cl/facultades/arquitectura-y-artes
4718https://www.uach.cl/facultades/ciencias
4719https://www.uach.cl/facultades/ciencias-agrarias
4720https://www.uach.cl/facultades/ciencias-veterinarias
4721https://www.uach.cl/facultades/cs-forestales-y-recursos-naturales
4722https://www.uach.cl/facultades/medicina
4723https://www.uach.cl/funcionarios
4724https://www.uach.cl/futuros-alumnos
4725https://www.uach.cl/organizacion/asociaciones-gremiales
4726https://www.uach.cl/organizacion/cuerpos-colegiados
4727https://www.uach.cl/sedes-y-campus/campus-patagonia
4728https://www.uach.cl/sedes-y-campus/sede-puerto-montt
4729https://www.uach.cl/uach/_file/5151be071d10c.jpg
4730https://www.uach.cl/uach/_file/518d15c15279d.jpg
4731https://www.uach.cl/uach/_file/5ae3718bf3264.jpg
4732https://www.uach.cl/uach/_file/5c3fac8e1055a.jpg
4733https://www.uach.cl/uach/_file/5cd03cc1a2226.jpg
4734https://www.uach.cl/uach/_file/5cf543da57229.jpg
4735https://www.uach.cl/uach/_file/5e6e2c1a4c5c6.jpg
4736https://www.uach.cl/uach/_file/5e6f991a7a817.jpg
4737https://www.uach.cl/uach/_file/5e72472ecc3dd.jpg
4738https://www.uach.cl/uach/_imag/pix_logos.jpg
4739https://www.w3.org/1999/xhtml
4740http://tvaustral.uach.cl
4741http://www.uach.cl/
4742http://www.uach.cl/organizacion/vicerrectoria/academica/oficina/autoevaluacion/?go=institucional
4743_imag/facebook.jpg
4744/inicio-uach/contacto
4745/sedes-y-campus/informacion-general/mapas
4746text/css
4747text/javascript
4748-//W3C//DTD XHTML 1.0 Transitional//EN
4749//www.uach.cl/transparencia
4750#################################################################################################################################
4751https://www.uach.cl [200 OK] Apache, Country[CHILE][CL], Google-Analytics[UA-27179444-1], HTTPServer[Apache], IP[146.83.222.104], JQuery[1.7.1,2.1.1], Script[text/javascript], Title[Universidad Austral de Chile], probably WordPress, X-UA-Compatible[IE=edge]
4752#################################################################################################################################
4753
4754wig - WebApp Information Gatherer
4755
4756
4757Scanning https://www.uach.cl...
4758__________________________________________ SITE INFO ___________________________________________
4759IP Title
4760146.83.222.104 Universidad Austral de Chile
4761
4762___________________________________________ VERSION ____________________________________________
4763Name Versions Type
4764Apache 2.2.11 | 2.2.12 | 2.2.13 | 2.2.14 | 2.2.15 | 2.2.16 | 2.2.17 Platform
4765 2.2.18 | 2.2.19 | 2.2.20 | 2.2.21 | 2.2.22 | 2.2.23 | 2.2.24
4766 2.2.25 | 2.2.26 | 2.3.0 | 2.3.1 | 2.3.10 | 2.3.11 | 2.3.12
4767 2.3.13 | 2.3.14 | 2.3.15 | 2.3.16 | 2.3.2 | 2.3.3 | 2.3.4
4768 2.3.5 | 2.3.6 | 2.3.7 | 2.3.8 | 2.3.9 | 2.4.0 | 2.4.1
4769 2.4.2 | 2.4.3
4770jQuery 2.1.1 JavaScript
4771
4772_________________________________________ INTERESTING __________________________________________
4773URL Note Type
4774/robots.txt robots.txt index Interesting
4775
4776________________________________________________________________________________________________
4777Time: 1.6 sec Urls: 863 Fingerprints: 40401
4778#################################################################################################################################
4779Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 07:14 EDT
4780NSE: Loaded 161 scripts for scanning.
4781NSE: Script Pre-scanning.
4782Initiating NSE at 07:14
4783Completed NSE at 07:14, 0.00s elapsed
4784Initiating NSE at 07:14
4785Completed NSE at 07:14, 0.00s elapsed
4786Initiating Parallel DNS resolution of 1 host. at 07:14
4787Completed Parallel DNS resolution of 1 host. at 07:14, 0.02s elapsed
4788Initiating SYN Stealth Scan at 07:14
4789Scanning www.uach.cl (146.83.222.104) [1 port]
4790Discovered open port 443/tcp on 146.83.222.104
4791Completed SYN Stealth Scan at 07:14, 0.43s elapsed (1 total ports)
4792Initiating Service scan at 07:14
4793Scanning 1 service on www.uach.cl (146.83.222.104)
4794Completed Service scan at 07:14, 14.58s elapsed (1 service on 1 host)
4795Initiating OS detection (try #1) against www.uach.cl (146.83.222.104)
4796Retrying OS detection (try #2) against www.uach.cl (146.83.222.104)
4797Initiating Traceroute at 07:15
4798Completed Traceroute at 07:15, 3.03s elapsed
4799Initiating Parallel DNS resolution of 20 hosts. at 07:15
4800Completed Parallel DNS resolution of 20 hosts. at 07:15, 2.52s elapsed
4801NSE: Script scanning 146.83.222.104.
4802Initiating NSE at 07:15
4803Completed NSE at 07:16, 90.90s elapsed
4804Initiating NSE at 07:16
4805Completed NSE at 07:16, 2.00s elapsed
4806Nmap scan report for www.uach.cl (146.83.222.104)
4807Host is up (0.40s latency).
4808rDNS record for 146.83.222.104: callecalle5.uach.cl
4809
4810PORT STATE SERVICE VERSION
4811443/tcp open ssl/http Apache httpd
4812|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
4813| http-brute:
4814|_ Path "/" does not require authentication
4815|_http-chrono: ERROR: Script execution failed (use -d to debug)
4816|_http-csrf: Couldn't find any CSRF vulnerabilities.
4817|_http-errors: Couldn't find any error pages.
4818|_http-feed: Couldn't find any feeds.
4819|_http-fetch: Please enter the complete path of the directory to save data in.
4820|_http-jsonp-detection: Couldn't find any JSONP endpoints.
4821| http-security-headers:
4822| Strict_Transport_Security:
4823|_ HSTS not configured in HTTPS Server
4824| http-sitemap-generator:
4825| Directory structure:
4826| Longest directory structure:
4827| Depth: 0
4828| Dir: /
4829| Total files found (by extension):
4830|_
4831|_http-traceroute: ERROR: Script execution failed (use -d to debug)
4832| http-vhosts:
4833|_127 names had status ERROR
4834|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
4835|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
4836|_http-xssed: No previously reported XSS vuln.
4837Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4838Device type: general purpose|firewall|storage-misc
4839Running (JUST GUESSING): Linux 2.6.X|3.X (90%), WatchGuard Fireware 11.X (89%), Synology DiskStation Manager 5.X (88%)
4840OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1
4841Aggressive OS guesses: Linux 2.6.32 (90%), Linux 2.6.39 (90%), Linux 2.6.32 or 3.10 (89%), Linux 3.4 (89%), WatchGuard Fireware 11.8 (89%), Linux 3.1 - 3.2 (89%), Synology DiskStation Manager 5.1 (88%), Linux 3.10 (87%), Linux 2.6.32 - 2.6.39 (85%)
4842No exact OS matches for host (test conditions non-ideal).
4843Uptime guess: 23.985 days (since Mon Feb 24 06:38:10 2020)
4844Network Distance: 21 hops
4845TCP Sequence Prediction: Difficulty=258 (Good luck!)
4846IP ID Sequence Generation: All zeros
4847
4848TRACEROUTE (using port 443/tcp)
4849HOP RTT ADDRESS
48501 139.27 ms 10.203.17.1
48512 ...
48523 135.58 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
48534 135.56 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
48545 140.95 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
48556 163.19 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
48567 168.24 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
48578 255.04 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
48589 256.44 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
485910 258.36 ms be2315.ccr31.bio02.atlas.cogentco.com (154.54.61.113)
486011 260.39 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245)
486112 265.77 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
486213 268.13 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
486314 280.08 ms be3482.ccr21.mia01.atlas.cogentco.com (154.54.24.146)
486415 278.02 ms be3400.ccr21.mia03.atlas.cogentco.com (154.54.47.18)
486516 279.42 ms 38.104.95.186
486617 384.72 ms cl-us.redclara.net (200.0.204.59)
486718 389.07 ms reacciun-pa.redclara.net (200.0.204.150)
486819 398.03 ms ra-uach-cga.reuna.cl (146.83.244.51)
486920 421.83 ms vpn.uach.cl (200.2.119.114)
487021 393.12 ms callecalle5.uach.cl (146.83.222.104)
4871
4872NSE: Script Post-scanning.
4873Initiating NSE at 07:16
4874Completed NSE at 07:16, 0.00s elapsed
4875Initiating NSE at 07:16
4876Completed NSE at 07:16, 0.00s elapsed
4877#################################################################################################################################
4878Version: 2.0.0-static
4879OpenSSL 1.1.1e-dev xx XXX xxxx
4880
4881Connected to 146.83.222.104
4882
4883Testing SSL server www.uach.cl on port 443 using SNI name www.uach.cl
4884
4885 SSL/TLS Protocols:
4886SSLv2 disabled
4887SSLv3 disabled
4888TLSv1.0 disabled
4889TLSv1.1 disabled
4890TLSv1.2 enabled
4891TLSv1.3 disabled
4892
4893 TLS Fallback SCSV:
4894Server supports TLS Fallback SCSV
4895
4896 TLS renegotiation:
4897Session renegotiation not supported
4898
4899 TLS Compression:
4900Compression disabled
4901
4902 Heartbleed:
4903TLSv1.2 not vulnerable to heartbleed
4904
4905 Supported Server Cipher(s):
4906Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
4907Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
4908Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
4909Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
4910Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
4911Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
4912Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
4913Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
4914Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
4915Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
4916Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
4917Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
4918Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
4919Accepted TLSv1.2 112 bits DHE-RSA-DES-CBC3-SHA DHE 2048 bits
4920Accepted TLSv1.2 256 bits AES256-GCM-SHA384
4921Accepted TLSv1.2 128 bits AES128-GCM-SHA256
4922Accepted TLSv1.2 256 bits AES256-SHA256
4923Accepted TLSv1.2 128 bits AES128-SHA256
4924Accepted TLSv1.2 256 bits AES256-SHA
4925Accepted TLSv1.2 128 bits AES128-SHA
4926Accepted TLSv1.2 112 bits DES-CBC3-SHA
4927Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
4928Accepted TLSv1.2 256 bits CAMELLIA256-SHA
4929Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
4930Accepted TLSv1.2 128 bits CAMELLIA128-SHA
4931
4932 Server Key Exchange Group(s):
4933TLSv1.2 128 bits secp256r1 (NIST P-256)
4934
4935 Server Signature Algorithm(s):
4936TLSv1.2 Server accepts all signature algorithms.
4937
4938 SSL Certificate:
4939Signature Algorithm: sha256WithRSAEncryption
4940RSA Key Strength: 2048
4941
4942Subject: *.uach.cl
4943Altnames: DNS:*.uach.cl, DNS:uach.cl
4944Issuer: GlobalSign Organization Validation CA - SHA256 - G2
4945
4946Not valid before: Sep 12 17:56:11 2018 GMT
4947Not valid after: Sep 13 16:06:02 2020 GMT
4948#################################################################################################################################
4949------------------------------------------------------------------------------------------------------------------------
4950
4951[ ! ] Starting SCANNER INURLBR 2.1 at [19-03-2020 07:46:19]
4952[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
4953It is the end user's responsibility to obey all applicable local, state and federal laws.
4954Developers assume no liability and are not responsible for any misuse or damage caused by this program
4955
4956[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.uach.cl/output/inurlbr-www.uach.cl ]
4957[ INFO ][ DORK ]::[ site:www.uach.cl ]
4958[ INFO ][ SEARCHING ]:: {
4959[ INFO ][ ENGINE ]::[ GOOGLE - www.google.me ]
4960
4961[ INFO ][ SEARCHING ]::
4962-[:::]
4963[ INFO ][ ENGINE ]::[ GOOGLE API ]
4964
4965[ INFO ][ SEARCHING ]::
4966-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
4967[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.no ID: 007843865286850066037:b0heuatvay8 ]
4968
4969[ INFO ][ SEARCHING ]::
4970-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
4971
4972[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
4973
4974
4975 _[ - ]::--------------------------------------------------------------------------------------------------------------
4976|_[ + ] [ 0 / 100 ]-[07:46:40] [ - ]
4977|_[ + ] Target:: [ https://www.uach.cl/office/ ]
4978|_[ + ] Exploit::
4979|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
4980|_[ + ] More details:: / - / , ISP:
4981|_[ + ] Found:: UNIDENTIFIED
4982
4983 _[ - ]::--------------------------------------------------------------------------------------------------------------
4984|_[ + ] [ 1 / 100 ]-[07:46:43] [ - ]
4985|_[ + ] Target:: [ https://www.uach.cl/ ]
4986|_[ + ] Exploit::
4987|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4988|_[ + ] More details:: / - / , ISP:
4989|_[ + ] Found:: UNIDENTIFIED
4990
4991 _[ - ]::--------------------------------------------------------------------------------------------------------------
4992|_[ + ] [ 2 / 100 ]-[07:46:46] [ - ]
4993|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/ ]
4994|_[ + ] Exploit::
4995|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
4996|_[ + ] More details:: / - / , ISP:
4997|_[ + ] Found:: UNIDENTIFIED
4998
4999 _[ - ]::--------------------------------------------------------------------------------------------------------------
5000|_[ + ] [ 3 / 100 ]-[07:46:48] [ - ]
5001|_[ + ] Target:: [ https://www.uach.cl/dw/postulaciones2020/ ]
5002|_[ + ] Exploit::
5003|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5004|_[ + ] More details:: / - / , ISP:
5005|_[ + ] Found:: UNIDENTIFIED
5006
5007 _[ - ]::--------------------------------------------------------------------------------------------------------------
5008|_[ + ] [ 4 / 100 ]-[07:46:50] [ - ]
5009|_[ + ] Target:: [ http://www.uach.cl/dw/guia/ ]
5010|_[ + ] Exploit::
5011|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:80
5012|_[ + ] More details:: / - / , ISP:
5013|_[ + ] Found:: UNIDENTIFIED
5014
5015 _[ - ]::--------------------------------------------------------------------------------------------------------------
5016|_[ + ] [ 5 / 100 ]-[07:46:53] [ - ]
5017|_[ + ] Target:: [ https://www.uach.cl/alumnos ]
5018|_[ + ] Exploit::
5019|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5020|_[ + ] More details:: / - / , ISP:
5021|_[ + ] Found:: UNIDENTIFIED
5022
5023 _[ - ]::--------------------------------------------------------------------------------------------------------------
5024|_[ + ] [ 6 / 100 ]-[07:46:57] [ - ]
5025|_[ + ] Target:: [ https://www.uach.cl/funcionarios ]
5026|_[ + ] Exploit::
5027|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5028|_[ + ] More details:: / - / , ISP:
5029|_[ + ] Found:: UNIDENTIFIED
5030
5031 _[ - ]::--------------------------------------------------------------------------------------------------------------
5032|_[ + ] [ 7 / 100 ]-[07:46:59] [ - ]
5033|_[ + ] Target:: [ https://www.uach.cl/mecesup ]
5034|_[ + ] Exploit::
5035|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
5036|_[ + ] More details:: / - / , ISP:
5037|_[ + ] Found:: UNIDENTIFIED
5038
5039 _[ - ]::--------------------------------------------------------------------------------------------------------------
5040|_[ + ] [ 8 / 100 ]-[07:47:02] [ - ]
5041|_[ + ] Target:: [ https://www.uach.cl/academicos ]
5042|_[ + ] Exploit::
5043|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5044|_[ + ] More details:: / - / , ISP:
5045|_[ + ] Found:: UNIDENTIFIED
5046
5047 _[ - ]::--------------------------------------------------------------------------------------------------------------
5048|_[ + ] [ 9 / 100 ]-[07:47:04] [ - ]
5049|_[ + ] Target:: [ http://www.uach.cl/programahonor/ ]
5050|_[ + ] Exploit::
5051|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5052|_[ + ] More details:: / - / , ISP:
5053|_[ + ] Found:: UNIDENTIFIED
5054
5055 _[ - ]::--------------------------------------------------------------------------------------------------------------
5056|_[ + ] [ 10 / 100 ]-[07:47:07] [ - ]
5057|_[ + ] Target:: [ https://www.uach.cl/acreditacion ]
5058|_[ + ] Exploit::
5059|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5060|_[ + ] More details:: / - / , ISP:
5061|_[ + ] Found:: UNIDENTIFIED
5062
5063 _[ - ]::--------------------------------------------------------------------------------------------------------------
5064|_[ + ] [ 11 / 100 ]-[07:47:12] [ - ]
5065|_[ + ] Target:: [ https://www.uach.cl/bases/ ]
5066|_[ + ] Exploit::
5067|_[ + ] Information Server:: , , IP:146.83.222.104:443
5068|_[ + ] More details:: / - / , ISP:
5069|_[ + ] Found:: UNIDENTIFIED
5070
5071 _[ - ]::--------------------------------------------------------------------------------------------------------------
5072|_[ + ] [ 12 / 100 ]-[07:47:15] [ - ]
5073|_[ + ] Target:: [ https://www.uach.cl/tui ]
5074|_[ + ] Exploit::
5075|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5076|_[ + ] More details:: / - / , ISP:
5077|_[ + ] Found:: UNIDENTIFIED
5078
5079 _[ - ]::--------------------------------------------------------------------------------------------------------------
5080|_[ + ] [ 13 / 100 ]-[07:47:16] [ - ]
5081|_[ + ] Target:: [ http://www.uach.cl/procarbono ]
5082|_[ + ] Exploit::
5083|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5084|_[ + ] More details:: / - / , ISP:
5085|_[ + ] Found:: UNIDENTIFIED
5086
5087 _[ - ]::--------------------------------------------------------------------------------------------------------------
5088|_[ + ] [ 14 / 100 ]-[07:47:18] [ - ]
5089|_[ + ] Target:: [ http://www.uach.cl/labsuelosforestales/ ]
5090|_[ + ] Exploit::
5091|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5092|_[ + ] More details:: / - / , ISP:
5093|_[ + ] Found:: UNIDENTIFIED
5094
5095 _[ - ]::--------------------------------------------------------------------------------------------------------------
5096|_[ + ] [ 15 / 100 ]-[07:47:20] [ - ]
5097|_[ + ] Target:: [ https://www.uach.cl/elecciones ]
5098|_[ + ] Exploit::
5099|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5100|_[ + ] More details:: / - / , ISP:
5101|_[ + ] Found:: UNIDENTIFIED
5102
5103 _[ - ]::--------------------------------------------------------------------------------------------------------------
5104|_[ + ] [ 16 / 100 ]-[07:47:22] [ - ]
5105|_[ + ] Target:: [ http://www.uach.cl/abacom/ ]
5106|_[ + ] Exploit::
5107|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5108|_[ + ] More details:: / - / , ISP:
5109|_[ + ] Found:: UNIDENTIFIED
5110
5111 _[ - ]::--------------------------------------------------------------------------------------------------------------
5112|_[ + ] [ 17 / 100 ]-[07:47:24] [ - ]
5113|_[ + ] Target:: [ https://www.uach.cl/tvaustral/ ]
5114|_[ + ] Exploit::
5115|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5116|_[ + ] More details:: / - / , ISP:
5117|_[ + ] Found:: UNIDENTIFIED
5118
5119 _[ - ]::--------------------------------------------------------------------------------------------------------------
5120|_[ + ] [ 18 / 100 ]-[07:47:27] [ - ]
5121|_[ + ] Target:: [ https://www.uach.cl/uach/ ]
5122|_[ + ] Exploit::
5123|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5124|_[ + ] More details:: / - / , ISP:
5125|_[ + ] Found:: UNIDENTIFIED
5126
5127 _[ - ]::--------------------------------------------------------------------------------------------------------------
5128|_[ + ] [ 19 / 100 ]-[07:47:30] [ - ]
5129|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/eiastripticos_en.html ]
5130|_[ + ] Exploit::
5131|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5132|_[ + ] More details:: / - / , ISP:
5133|_[ + ] Found:: UNIDENTIFIED
5134
5135 _[ - ]::--------------------------------------------------------------------------------------------------------------
5136|_[ + ] [ 20 / 100 ]-[07:47:33] [ - ]
5137|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/epicwp_en.html ]
5138|_[ + ] Exploit::
5139|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5140|_[ + ] More details:: / - / , ISP:
5141|_[ + ] Found:: UNIDENTIFIED
5142
5143 _[ - ]::--------------------------------------------------------------------------------------------------------------
5144|_[ + ] [ 21 / 100 ]-[07:47:34] [ - ]
5145|_[ + ] Target:: [ http://www.uach.cl/proforma/varios/crecimiento.PDF ]
5146|_[ + ] Exploit::
5147|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5148|_[ + ] More details:: / - / , ISP:
5149|_[ + ] Found:: UNIDENTIFIED
5150
5151 _[ - ]::--------------------------------------------------------------------------------------------------------------
5152|_[ + ] [ 22 / 100 ]-[07:47:37] [ - ]
5153|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/autoria_eng.html ]
5154|_[ + ] Exploit::
5155|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5156|_[ + ] More details:: / - / , ISP:
5157|_[ + ] Found:: UNIDENTIFIED
5158
5159 _[ - ]::--------------------------------------------------------------------------------------------------------------
5160|_[ + ] [ 23 / 100 ]-[07:47:40] [ - ]
5161|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/epic_internacional.html ]
5162|_[ + ] Exploit::
5163|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5164|_[ + ] More details:: / - / , ISP:
5165|_[ + ] Found:: UNIDENTIFIED
5166
5167 _[ - ]::--------------------------------------------------------------------------------------------------------------
5168|_[ + ] [ 24 / 100 ]-[07:47:43] [ - ]
5169|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/resproyecto_en.html ]
5170|_[ + ] Exploit::
5171|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5172|_[ + ] More details:: / - / , ISP:
5173|_[ + ] Found:: UNIDENTIFIED
5174
5175 _[ - ]::--------------------------------------------------------------------------------------------------------------
5176|_[ + ] [ 25 / 100 ]-[07:47:44] [ - ]
5177|_[ + ] Target:: [ http://www.uach.cl/proforma/guias/paisaje.pdf ]
5178|_[ + ] Exploit::
5179|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5180|_[ + ] More details:: / - / , ISP:
5181|_[ + ] Found:: UNIDENTIFIED
5182
5183 _[ - ]::--------------------------------------------------------------------------------------------------------------
5184|_[ + ] [ 26 / 100 ]-[07:47:45] [ - ]
5185|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/eiastripticos.html ]
5186|_[ + ] Exploit::
5187|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5188|_[ + ] More details:: / - / , ISP:
5189|_[ + ] Found:: UNIDENTIFIED
5190
5191 _[ - ]::--------------------------------------------------------------------------------------------------------------
5192|_[ + ] [ 27 / 100 ]-[07:47:47] [ - ]
5193|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/otrosdoc.html ]
5194|_[ + ] Exploit::
5195|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5196|_[ + ] More details:: / - / , ISP:
5197|_[ + ] Found:: UNIDENTIFIED
5198
5199 _[ - ]::--------------------------------------------------------------------------------------------------------------
5200|_[ + ] [ 28 / 100 ]-[07:47:50] [ - ]
5201|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/controlerosion_en.html ]
5202|_[ + ] Exploit::
5203|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5204|_[ + ] More details:: / - / , ISP:
5205|_[ + ] Found:: UNIDENTIFIED
5206
5207 _[ - ]::--------------------------------------------------------------------------------------------------------------
5208|_[ + ] [ 29 / 100 ]-[07:47:53] [ - ]
5209|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/wp3_iroume_hubert_schulz_2005.html ]
5210|_[ + ] Exploit::
5211|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5212|_[ + ] More details:: / - / , ISP:
5213|_[ + ] Found:: UNIDENTIFIED
5214
5215 _[ - ]::--------------------------------------------------------------------------------------------------------------
5216|_[ + ] [ 30 / 100 ]-[07:47:57] [ - ]
5217|_[ + ] Target:: [ https://www.uach.cl/organizacion/prorrectoria ]
5218|_[ + ] Exploit::
5219|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5220|_[ + ] More details:: / - / , ISP:
5221|_[ + ] Found:: UNIDENTIFIED
5222
5223 _[ - ]::--------------------------------------------------------------------------------------------------------------
5224|_[ + ] [ 31 / 100 ]-[07:48:00] [ - ]
5225|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/wp3_uyttedaele_iroume_2002_en.html ]
5226|_[ + ] Exploit::
5227|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5228|_[ + ] More details:: / - / , ISP:
5229|_[ + ] Found:: UNIDENTIFIED
5230
5231 _[ - ]::--------------------------------------------------------------------------------------------------------------
5232|_[ + ] [ 32 / 100 ]-[07:48:03] [ - ]
5233|_[ + ] Target:: [ https://www.uach.cl/dw/matricula/ ]
5234|_[ + ] Exploit::
5235|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5236|_[ + ] More details:: / - / , ISP:
5237|_[ + ] Found:: UNIDENTIFIED
5238
5239 _[ - ]::--------------------------------------------------------------------------------------------------------------
5240|_[ + ] [ 33 / 100 ]-[07:48:05] [ - ]
5241|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/eventos_extremos.html ]
5242|_[ + ] Exploit::
5243|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5244|_[ + ] More details:: / - / , ISP:
5245|_[ + ] Found:: UNIDENTIFIED
5246
5247 _[ - ]::--------------------------------------------------------------------------------------------------------------
5248|_[ + ] [ 34 / 100 ]-[07:48:08] [ - ]
5249|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/grupochile.html ]
5250|_[ + ] Exploit::
5251|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5252|_[ + ] More details:: / - / , ISP:
5253|_[ + ] Found:: UNIDENTIFIED
5254
5255 _[ - ]::--------------------------------------------------------------------------------------------------------------
5256|_[ + ] [ 35 / 100 ]-[07:48:11] [ - ]
5257|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/presentposter_en.html ]
5258|_[ + ] Exploit::
5259|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5260|_[ + ] More details:: / - / , ISP:
5261|_[ + ] Found:: UNIDENTIFIED
5262
5263 _[ - ]::--------------------------------------------------------------------------------------------------------------
5264|_[ + ] [ 36 / 100 ]-[07:48:14] [ - ]
5265|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/guiabpracta_en.html ]
5266|_[ + ] Exploit::
5267|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5268|_[ + ] More details:: / - / , ISP:
5269|_[ + ] Found:: UNIDENTIFIED
5270
5271 _[ - ]::--------------------------------------------------------------------------------------------------------------
5272|_[ + ] [ 37 / 100 ]-[07:48:17] [ - ]
5273|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/wp3_iroume_mayen_hubert_2005_en.html ]
5274|_[ + ] Exploit::
5275|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5276|_[ + ] More details:: / - / , ISP:
5277|_[ + ] Found:: UNIDENTIFIED
5278
5279 _[ - ]::--------------------------------------------------------------------------------------------------------------
5280|_[ + ] [ 38 / 100 ]-[07:48:18] [ - ]
5281|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/marco_politico.html ]
5282|_[ + ] Exploit::
5283|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5284|_[ + ] More details:: / - / , ISP:
5285|_[ + ] Found:: UNIDENTIFIED
5286
5287 _[ - ]::--------------------------------------------------------------------------------------------------------------
5288|_[ + ] [ 39 / 100 ]-[07:48:20] [ - ]
5289|_[ + ] Target:: [ http://www.uach.cl/internacional/principal ]
5290|_[ + ] Exploit::
5291|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5292|_[ + ] More details:: / - / , ISP:
5293|_[ + ] Found:: UNIDENTIFIED
5294
5295 _[ - ]::--------------------------------------------------------------------------------------------------------------
5296|_[ + ] [ 40 / 100 ]-[07:48:21] [ - ]
5297|_[ + ] Target:: [ http://www.uach.cl/proforma/gcampo/bmp.pdf ]
5298|_[ + ] Exploit::
5299|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5300|_[ + ] More details:: / - / , ISP:
5301|_[ + ] Found:: UNIDENTIFIED
5302
5303 _[ - ]::--------------------------------------------------------------------------------------------------------------
5304|_[ + ] [ 41 / 100 ]-[07:48:23] [ - ]
5305|_[ + ] Target:: [ http://www.uach.cl/proforma/insitu/2_insitu.pdf ]
5306|_[ + ] Exploit::
5307|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5308|_[ + ] More details:: / - / , ISP:
5309|_[ + ] Found:: UNIDENTIFIED
5310
5311 _[ - ]::--------------------------------------------------------------------------------------------------------------
5312|_[ + ] [ 42 / 100 ]-[07:48:24] [ - ]
5313|_[ + ] Target:: [ http://www.uach.cl/unidades/contraloria/ ]
5314|_[ + ] Exploit::
5315|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5316|_[ + ] More details:: / - / , ISP:
5317|_[ + ] Found:: UNIDENTIFIED
5318
5319 _[ - ]::--------------------------------------------------------------------------------------------------------------
5320|_[ + ] [ 43 / 100 ]-[07:48:27] [ - ]
5321|_[ + ] Target:: [ https://www.uach.cl/mecesup/pmis ]
5322|_[ + ] Exploit::
5323|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5324|_[ + ] More details:: / - / , ISP:
5325|_[ + ] Found:: UNIDENTIFIED
5326
5327 _[ - ]::--------------------------------------------------------------------------------------------------------------
5328|_[ + ] [ 44 / 100 ]-[07:48:28] [ - ]
5329|_[ + ] Target:: [ http://www.uach.cl/proforma/gcampo/4transp.pdf ]
5330|_[ + ] Exploit::
5331|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5332|_[ + ] More details:: / - / , ISP:
5333|_[ + ] Found:: UNIDENTIFIED
5334
5335 _[ - ]::--------------------------------------------------------------------------------------------------------------
5336|_[ + ] [ 45 / 100 ]-[07:48:31] [ - ]
5337|_[ + ] Target:: [ https://www.uach.cl/externos/epicforce/revision_en.html ]
5338|_[ + ] Exploit::
5339|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5340|_[ + ] More details:: / - / , ISP:
5341|_[ + ] Found:: UNIDENTIFIED
5342
5343 _[ - ]::--------------------------------------------------------------------------------------------------------------
5344|_[ + ] [ 46 / 100 ]-[07:48:34] [ - ]
5345|_[ + ] Target:: [ https://www.uach.cl/pregrado/principal ]
5346|_[ + ] Exploit::
5347|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
5348|_[ + ] More details:: / - / , ISP:
5349|_[ + ] Found:: UNIDENTIFIED
5350
5351 _[ - ]::--------------------------------------------------------------------------------------------------------------
5352|_[ + ] [ 47 / 100 ]-[07:48:36] [ - ]
5353|_[ + ] Target:: [ https://www.uach.cl/organizacion/contraloria ]
5354|_[ + ] Exploit::
5355|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:443
5356|_[ + ] More details:: / - / , ISP:
5357|_[ + ] Found:: UNIDENTIFIED
5358
5359 _[ - ]::--------------------------------------------------------------------------------------------------------------
5360|_[ + ] [ 48 / 100 ]-[07:48:39] [ - ]
5361|_[ + ] Target:: [ https://www.uach.cl/externos/iv_encuentro_secretarias/ ]
5362|_[ + ] Exploit::
5363|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5364|_[ + ] More details:: / - / , ISP:
5365|_[ + ] Found:: UNIDENTIFIED
5366
5367 _[ - ]::--------------------------------------------------------------------------------------------------------------
5368|_[ + ] [ 49 / 100 ]-[07:48:42] [ - ]
5369|_[ + ] Target:: [ https://www.uach.cl/aniversario/65 ]
5370|_[ + ] Exploit::
5371|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5372|_[ + ] More details:: / - / , ISP:
5373|_[ + ] Found:: UNIDENTIFIED
5374
5375 _[ - ]::--------------------------------------------------------------------------------------------------------------
5376|_[ + ] [ 50 / 100 ]-[07:48:45] [ - ]
5377|_[ + ] Target:: [ https://www.uach.cl/investigacion/principal ]
5378|_[ + ] Exploit::
5379|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5380|_[ + ] More details:: / - / , ISP:
5381|_[ + ] Found:: UNIDENTIFIED
5382
5383 _[ - ]::--------------------------------------------------------------------------------------------------------------
5384|_[ + ] [ 51 / 100 ]-[07:48:48] [ - ]
5385|_[ + ] Target:: [ https://www.uach.cl/transparencia/investigacion ]
5386|_[ + ] Exploit::
5387|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5388|_[ + ] More details:: / - / , ISP:
5389|_[ + ] Found:: UNIDENTIFIED
5390
5391 _[ - ]::--------------------------------------------------------------------------------------------------------------
5392|_[ + ] [ 52 / 100 ]-[07:48:51] [ - ]
5393|_[ + ] Target:: [ https://www.uach.cl/aniversario/64 ]
5394|_[ + ] Exploit::
5395|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5396|_[ + ] More details:: / - / , ISP:
5397|_[ + ] Found:: UNIDENTIFIED
5398
5399 _[ - ]::--------------------------------------------------------------------------------------------------------------
5400|_[ + ] [ 53 / 100 ]-[07:48:53] [ - ]
5401|_[ + ] Target:: [ https://www.uach.cl/exalumnos/contacto ]
5402|_[ + ] Exploit::
5403|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5404|_[ + ] More details:: / - / , ISP:
5405|_[ + ] Found:: UNIDENTIFIED
5406
5407 _[ - ]::--------------------------------------------------------------------------------------------------------------
5408|_[ + ] [ 54 / 100 ]-[07:48:56] [ - ]
5409|_[ + ] Target:: [ https://www.uach.cl/cop25/presentacion ]
5410|_[ + ] Exploit::
5411|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5412|_[ + ] More details:: / - / , ISP:
5413|_[ + ] Found:: UNIDENTIFIED
5414
5415 _[ - ]::--------------------------------------------------------------------------------------------------------------
5416|_[ + ] [ 55 / 100 ]-[07:48:59] [ - ]
5417|_[ + ] Target:: [ https://www.uach.cl/elecciones/comision ]
5418|_[ + ] Exploit::
5419|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5420|_[ + ] More details:: / - / , ISP:
5421|_[ + ] Found:: UNIDENTIFIED
5422
5423 _[ - ]::--------------------------------------------------------------------------------------------------------------
5424|_[ + ] [ 56 / 100 ]-[07:49:02] [ - ]
5425|_[ + ] Target:: [ https://www.uach.cl/mecesup/ogpi ]
5426|_[ + ] Exploit::
5427|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5428|_[ + ] More details:: / - / , ISP:
5429|_[ + ] Found:: UNIDENTIFIED
5430
5431 _[ - ]::--------------------------------------------------------------------------------------------------------------
5432|_[ + ] [ 57 / 100 ]-[07:49:04] [ - ]
5433|_[ + ] Target:: [ https://www.uach.cl/elecciones/normativa ]
5434|_[ + ] Exploit::
5435|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5436|_[ + ] More details:: / - / , ISP:
5437|_[ + ] Found:: UNIDENTIFIED
5438
5439 _[ - ]::--------------------------------------------------------------------------------------------------------------
5440|_[ + ] [ 58 / 100 ]-[07:49:07] [ - ]
5441|_[ + ] Target:: [ https://www.uach.cl/elecciones/candidatos ]
5442|_[ + ] Exploit::
5443|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5444|_[ + ] More details:: / - / , ISP:
5445|_[ + ] Found:: UNIDENTIFIED
5446
5447 _[ - ]::--------------------------------------------------------------------------------------------------------------
5448|_[ + ] [ 59 / 100 ]-[07:49:10] [ - ]
5449|_[ + ] Target:: [ https://www.uach.cl/mecesup/pms ]
5450|_[ + ] Exploit::
5451|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5452|_[ + ] More details:: / - / , ISP:
5453|_[ + ] Found:: UNIDENTIFIED
5454
5455 _[ - ]::--------------------------------------------------------------------------------------------------------------
5456|_[ + ] [ 60 / 100 ]-[07:49:12] [ - ]
5457|_[ + ] Target:: [ https://www.uach.cl/dw/puntajes2020/ ]
5458|_[ + ] Exploit::
5459|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5460|_[ + ] More details:: / - / , ISP:
5461|_[ + ] Found:: UNIDENTIFIED
5462
5463 _[ - ]::--------------------------------------------------------------------------------------------------------------
5464|_[ + ] [ 61 / 100 ]-[07:49:15] [ - ]
5465|_[ + ] Target:: [ https://www.uach.cl/exalumnos/registrate ]
5466|_[ + ] Exploit::
5467|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5468|_[ + ] More details:: / - / , ISP:
5469|_[ + ] Found:: UNIDENTIFIED
5470
5471 _[ - ]::--------------------------------------------------------------------------------------------------------------
5472|_[ + ] [ 62 / 100 ]-[07:49:18] [ - ]
5473|_[ + ] Target:: [ https://www.uach.cl/cop25/contacto ]
5474|_[ + ] Exploit::
5475|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5476|_[ + ] More details:: / - / , ISP:
5477|_[ + ] Found:: UNIDENTIFIED
5478
5479 _[ - ]::--------------------------------------------------------------------------------------------------------------
5480|_[ + ] [ 63 / 100 ]-[07:49:19] [ - ]
5481|_[ + ] Target:: [ http://www.uach.cl/bases/concurso182016/ ]
5482|_[ + ] Exploit::
5483|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5484|_[ + ] More details:: / - / , ISP:
5485|_[ + ] Found:: UNIDENTIFIED
5486
5487 _[ - ]::--------------------------------------------------------------------------------------------------------------
5488|_[ + ] [ 64 / 100 ]-[07:49:22] [ - ]
5489|_[ + ] Target:: [ https://www.uach.cl/mapa.php ]
5490|_[ + ] Exploit::
5491|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5492|_[ + ] More details:: / - / , ISP:
5493|_[ + ] Found:: UNIDENTIFIED
5494
5495 _[ - ]::--------------------------------------------------------------------------------------------------------------
5496|_[ + ] [ 65 / 100 ]-[07:49:24] [ - ]
5497|_[ + ] Target:: [ https://www.uach.cl/externos/crustaceos/ ]
5498|_[ + ] Exploit::
5499|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5500|_[ + ] More details:: / - / , ISP:
5501|_[ + ] Found:: UNIDENTIFIED
5502
5503 _[ - ]::--------------------------------------------------------------------------------------------------------------
5504|_[ + ] [ 66 / 100 ]-[07:49:27] [ - ]
5505|_[ + ] Target:: [ https://www.uach.cl/externos/maderasclear/ ]
5506|_[ + ] Exploit::
5507|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5508|_[ + ] More details:: / - / , ISP:
5509|_[ + ] Found:: UNIDENTIFIED
5510
5511 _[ - ]::--------------------------------------------------------------------------------------------------------------
5512|_[ + ] [ 67 / 100 ]-[07:49:28] [ - ]
5513|_[ + ] Target:: [ http://www.uach.cl/bases/concurso172016/ ]
5514|_[ + ] Exploit::
5515|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5516|_[ + ] More details:: / - / , ISP:
5517|_[ + ] Found:: UNIDENTIFIED
5518
5519 _[ - ]::--------------------------------------------------------------------------------------------------------------
5520|_[ + ] [ 68 / 100 ]-[07:49:30] [ - ]
5521|_[ + ] Target:: [ https://www.uach.cl/externos/acap/ ]
5522|_[ + ] Exploit::
5523|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5524|_[ + ] More details:: / - / , ISP:
5525|_[ + ] Found:: UNIDENTIFIED
5526
5527 _[ - ]::--------------------------------------------------------------------------------------------------------------
5528|_[ + ] [ 69 / 100 ]-[07:49:33] [ - ]
5529|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/varios/Valdivia.PDF ]
5530|_[ + ] Exploit::
5531|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5532|_[ + ] More details:: / - / , ISP:
5533|_[ + ] Found:: UNIDENTIFIED
5534
5535 _[ - ]::--------------------------------------------------------------------------------------------------------------
5536|_[ + ] [ 70 / 100 ]-[07:49:39] [ - ]
5537|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/gcampo/3caminos.pdf ]
5538|_[ + ] Exploit::
5539|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5540|_[ + ] More details:: / - / , ISP:
5541|_[ + ] Found:: UNIDENTIFIED
5542
5543 _[ - ]::--------------------------------------------------------------------------------------------------------------
5544|_[ + ] [ 71 / 100 ]-[07:49:42] [ - ]
5545|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/08_Acosta.PDF ]
5546|_[ + ] Exploit::
5547|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5548|_[ + ] More details:: / - / , ISP:
5549|_[ + ] Found:: UNIDENTIFIED
5550
5551 _[ - ]::--------------------------------------------------------------------------------------------------------------
5552|_[ + ] [ 72 / 100 ]-[07:49:46] [ - ]
5553|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/17_Zapata.PDF ]
5554|_[ + ] Exploit::
5555|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5556|_[ + ] More details:: / - / , ISP:
5557|_[ + ] Found:: UNIDENTIFIED
5558
5559 _[ - ]::--------------------------------------------------------------------------------------------------------------
5560|_[ + ] [ 73 / 100 ]-[07:49:49] [ - ]
5561|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/52_Schlatter.PDF ]
5562|_[ + ] Exploit::
5563|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5564|_[ + ] More details:: / - / , ISP:
5565|_[ + ] Found:: UNIDENTIFIED
5566
5567 _[ - ]::--------------------------------------------------------------------------------------------------------------
5568|_[ + ] [ 74 / 100 ]-[07:49:52] [ - ]
5569|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/41_Watzlawick.PDF ]
5570|_[ + ] Exploit::
5571|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5572|_[ + ] More details:: / - / , ISP:
5573|_[ + ] Found:: UNIDENTIFIED
5574
5575 _[ - ]::--------------------------------------------------------------------------------------------------------------
5576|_[ + ] [ 75 / 100 ]-[07:49:54] [ - ]
5577|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/pdf/flyer_lwd.pdf ]
5578|_[ + ] Exploit::
5579|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5580|_[ + ] More details:: / - / , ISP:
5581|_[ + ] Found:: UNIDENTIFIED
5582
5583 _[ - ]::--------------------------------------------------------------------------------------------------------------
5584|_[ + ] [ 76 / 100 ]-[07:49:59] [ - ]
5585|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/gcampo/6condlab.pdf ]
5586|_[ + ] Exploit::
5587|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5588|_[ + ] More details:: / - / , ISP:
5589|_[ + ] Found:: UNIDENTIFIED
5590
5591 _[ - ]::--------------------------------------------------------------------------------------------------------------
5592|_[ + ] [ 77 / 100 ]-[07:50:03] [ - ]
5593|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/insitu/10_insitu.pdf ]
5594|_[ + ] Exploit::
5595|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5596|_[ + ] More details:: / - / , ISP:
5597|_[ + ] Found:: UNIDENTIFIED
5598
5599 _[ - ]::--------------------------------------------------------------------------------------------------------------
5600|_[ + ] [ 78 / 100 ]-[07:50:08] [ - ]
5601|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/suelos/gcsuelo.pdf ]
5602|_[ + ] Exploit::
5603|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5604|_[ + ] More details:: / - / , ISP:
5605|_[ + ] Found:: UNIDENTIFIED
5606
5607 _[ - ]::--------------------------------------------------------------------------------------------------------------
5608|_[ + ] [ 79 / 100 ]-[07:50:11] [ - ]
5609|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/insitu/6_insitu.pdf ]
5610|_[ + ] Exploit::
5611|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5612|_[ + ] More details:: / - / , ISP:
5613|_[ + ] Found:: UNIDENTIFIED
5614
5615 _[ - ]::--------------------------------------------------------------------------------------------------------------
5616|_[ + ] [ 80 / 100 ]-[07:50:15] [ - ]
5617|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/28_Herrera.PDF ]
5618|_[ + ] Exploit::
5619|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5620|_[ + ] More details:: / - / , ISP:
5621|_[ + ] Found:: UNIDENTIFIED
5622
5623 _[ - ]::--------------------------------------------------------------------------------------------------------------
5624|_[ + ] [ 81 / 100 ]-[07:50:19] [ - ]
5625|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/31_Navar.PDF ]
5626|_[ + ] Exploit::
5627|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5628|_[ + ] More details:: / - / , ISP:
5629|_[ + ] Found:: UNIDENTIFIED
5630
5631 _[ - ]::--------------------------------------------------------------------------------------------------------------
5632|_[ + ] [ 82 / 100 ]-[07:50:22] [ - ]
5633|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/15_Gutierrez.PDF ]
5634|_[ + ] Exploit::
5635|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5636|_[ + ] More details:: / - / , ISP:
5637|_[ + ] Found:: UNIDENTIFIED
5638
5639 _[ - ]::--------------------------------------------------------------------------------------------------------------
5640|_[ + ] [ 83 / 100 ]-[07:50:26] [ - ]
5641|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/26_Orrego.PDF ]
5642|_[ + ] Exploit::
5643|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5644|_[ + ] More details:: / - / , ISP:
5645|_[ + ] Found:: UNIDENTIFIED
5646
5647 _[ - ]::--------------------------------------------------------------------------------------------------------------
5648|_[ + ] [ 84 / 100 ]-[07:50:30] [ - ]
5649|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/04_Harkin.PDF ]
5650|_[ + ] Exploit::
5651|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5652|_[ + ] More details:: / - / , ISP:
5653|_[ + ] Found:: UNIDENTIFIED
5654
5655 _[ - ]::--------------------------------------------------------------------------------------------------------------
5656|_[ + ] [ 85 / 100 ]-[07:50:32] [ - ]
5657|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/varios/crecimiento.PDF ]
5658|_[ + ] Exploit::
5659|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5660|_[ + ] More details:: / - / , ISP:
5661|_[ + ] Found:: UNIDENTIFIED
5662
5663 _[ - ]::--------------------------------------------------------------------------------------------------------------
5664|_[ + ] [ 86 / 100 ]-[07:50:35] [ - ]
5665|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/44_Loguercio.PDF ]
5666|_[ + ] Exploit::
5667|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5668|_[ + ] More details:: / - / , ISP:
5669|_[ + ] Found:: UNIDENTIFIED
5670
5671 _[ - ]::--------------------------------------------------------------------------------------------------------------
5672|_[ + ] [ 87 / 100 ]-[07:50:41] [ - ]
5673|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/gcampo/1psitio.pdf ]
5674|_[ + ] Exploit::
5675|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5676|_[ + ] More details:: / - / , ISP:
5677|_[ + ] Found:: UNIDENTIFIED
5678
5679 _[ - ]::--------------------------------------------------------------------------------------------------------------
5680|_[ + ] [ 88 / 100 ]-[07:50:45] [ - ]
5681|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/manuales/guia_destructivo.pdf ]
5682|_[ + ] Exploit::
5683|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5684|_[ + ] More details:: / - / , ISP:
5685|_[ + ] Found:: UNIDENTIFIED
5686
5687 _[ - ]::--------------------------------------------------------------------------------------------------------------
5688|_[ + ] [ 89 / 100 ]-[07:50:48] [ - ]
5689|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/varios/Ley19561.PDF ]
5690|_[ + ] Exploit::
5691|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5692|_[ + ] More details:: / - / , ISP:
5693|_[ + ] Found:: UNIDENTIFIED
5694
5695 _[ - ]::--------------------------------------------------------------------------------------------------------------
5696|_[ + ] [ 90 / 100 ]-[07:50:52] [ - ]
5697|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/02_De_Jong.PDF ]
5698|_[ + ] Exploit::
5699|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5700|_[ + ] More details:: / - / , ISP:
5701|_[ + ] Found:: UNIDENTIFIED
5702
5703 _[ - ]::--------------------------------------------------------------------------------------------------------------
5704|_[ + ] [ 91 / 100 ]-[07:50:55] [ - ]
5705|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/10_Acosta.PDF ]
5706|_[ + ] Exploit::
5707|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5708|_[ + ] More details:: / - / , ISP:
5709|_[ + ] Found:: UNIDENTIFIED
5710
5711 _[ - ]::--------------------------------------------------------------------------------------------------------------
5712|_[ + ] [ 92 / 100 ]-[07:51:00] [ - ]
5713|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/sga/sga.pdf ]
5714|_[ + ] Exploit::
5715|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5716|_[ + ] More details:: / - / , ISP:
5717|_[ + ] Found:: UNIDENTIFIED
5718
5719 _[ - ]::--------------------------------------------------------------------------------------------------------------
5720|_[ + ] [ 93 / 100 ]-[07:51:03] [ - ]
5721|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/34_Lopez.PDF ]
5722|_[ + ] Exploit::
5723|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5724|_[ + ] More details:: / - / , ISP:
5725|_[ + ] Found:: UNIDENTIFIED
5726
5727 _[ - ]::--------------------------------------------------------------------------------------------------------------
5728|_[ + ] [ 94 / 100 ]-[07:51:06] [ - ]
5729|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/16_Gutierrez.PDF ]
5730|_[ + ] Exploit::
5731|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5732|_[ + ] More details:: / - / , ISP:
5733|_[ + ] Found:: UNIDENTIFIED
5734
5735 _[ - ]::--------------------------------------------------------------------------------------------------------------
5736|_[ + ] [ 95 / 100 ]-[07:51:12] [ - ]
5737|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/gcampo/7anexos.pdf ]
5738|_[ + ] Exploit::
5739|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5740|_[ + ] More details:: / - / , ISP:
5741|_[ + ] Found:: UNIDENTIFIED
5742
5743 _[ - ]::--------------------------------------------------------------------------------------------------------------
5744|_[ + ] [ 96 / 100 ]-[07:51:15] [ - ]
5745|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/simposio_carbono/09_Etchevers.PDF ]
5746|_[ + ] Exploit::
5747|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5748|_[ + ] More details:: / - / , ISP:
5749|_[ + ] Found:: UNIDENTIFIED
5750
5751 _[ - ]::--------------------------------------------------------------------------------------------------------------
5752|_[ + ] [ 97 / 100 ]-[07:51:16] [ - ]
5753|_[ + ] Target:: [ http://www.uach.cl/externos/epicforce/pdf/flyer_wasim.pdf ]
5754|_[ + ] Exploit::
5755|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: Apache , IP:146.83.222.104:80
5756|_[ + ] More details:: / - / , ISP:
5757|_[ + ] Found:: UNIDENTIFIED
5758
5759 _[ - ]::--------------------------------------------------------------------------------------------------------------
5760|_[ + ] [ 98 / 100 ]-[07:51:18] [ - ]
5761|_[ + ] Target:: [ https://www.uach.cl/externos/proforma/insitu/8_insitu.pdf ]
5762|_[ + ] Exploit::
5763|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5764|_[ + ] More details:: / - / , ISP:
5765|_[ + ] Found:: UNIDENTIFIED
5766
5767 _[ - ]::--------------------------------------------------------------------------------------------------------------
5768|_[ + ] [ 99 / 100 ]-[07:51:21] [ - ]
5769|_[ + ] Target:: [ https://www.uach.cl/procarbono/pdf/docs_publicaciones/torres_Juan.pdf ]
5770|_[ + ] Exploit::
5771|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache , IP:146.83.222.104:443
5772|_[ + ] More details:: / - / , ISP:
5773|_[ + ] Found:: UNIDENTIFIED
5774
5775[ INFO ] [ Shutting down ]
5776[ INFO ] [ End of process INURLBR at [19-03-2020 07:51:21]
5777[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
5778[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.uach.cl/output/inurlbr-www.uach.cl ]
5779|_________________________________________________________________________________________
5780
5781\_________________________________________________________________________________________/
5782#################################################################################################################################
5783--------------------------------------------------------
5784<<<Yasuo discovered following vulnerable applications>>>
5785--------------------------------------------------------
5786+------------+--------------------------------------+--------------------------------------------------+----------+----------+
5787| App Name | URL to Application | Potential Exploit | Username | Password |
5788+------------+--------------------------------------+--------------------------------------------------+----------+----------+
5789| phpMyAdmin | http://146.83.222.104:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | | |
5790+------------+--------------------------------------+--------------------------------------------------+----------+----------+
5791#################################################################################################################################
5792Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 06:46 EDT
5793Warning: 146.83.222.104 giving up on port because retransmission cap hit (2).
5794Nmap scan report for callecalle5.uach.cl (146.83.222.104)
5795Host is up (0.37s latency).
5796Not shown: 472 filtered ports, 1 closed port
5797Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
5798PORT STATE SERVICE VERSION
579980/tcp open http Apache httpd
5800|_http-server-header: Apache
5801|_http-title: Did not follow redirect to https://callecalle5.uach.cl/
5802443/tcp open ssl/http Apache httpd
5803| ssl-cert: Subject: commonName=*.uach.cl/organizationName=Universidad Austral de Chile/stateOrProvinceName=Valdivia/countryName=CL
5804| Subject Alternative Name: DNS:*.uach.cl, DNS:uach.cl
5805| Not valid before: 2018-09-12T17:56:11
5806|_Not valid after: 2020-09-13T16:06:02
5807|_ssl-date: 2020-03-19T10:49:49+00:00; -16s from scanner time.
58088008/tcp open http
5809| fingerprint-strings:
5810| FourOhFourRequest:
5811| HTTP/1.1 302 Found
5812| Location: https://:8010/nice%20ports%2C/Tri%6Eity.txt%2ebak
5813| Connection: close
5814| X-Frame-Options: SAMEORIGIN
5815| X-XSS-Protection: 1; mode=block
5816| X-Content-Type-Options: nosniff
5817| Content-Security-Policy: frame-ancestors
5818| GenericLines, HTTPOptions, RTSPRequest, SIPOptions:
5819| HTTP/1.1 302 Found
5820| Location: https://:8010
5821| Connection: close
5822| X-Frame-Options: SAMEORIGIN
5823| X-XSS-Protection: 1; mode=block
5824| X-Content-Type-Options: nosniff
5825| Content-Security-Policy: frame-ancestors
5826| GetRequest:
5827| HTTP/1.1 302 Found
5828| Location: https://:8010/
5829| Connection: close
5830| X-Frame-Options: SAMEORIGIN
5831| X-XSS-Protection: 1; mode=block
5832| X-Content-Type-Options: nosniff
5833|_ Content-Security-Policy: frame-ancestors
5834|_http-title: Did not follow redirect to https://callecalle5.uach.cl:8010/
5835|_https-redirect: ERROR: Script execution failed (use -d to debug)
58361 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
5837SF-Port8008-TCP:V=7.80%I=7%D=3/19%Time=5E734DA4%P=x86_64-pc-linux-gnu%r(Ge
5838SF:tRequest,CC,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20https://:8010/\r
5839SF:\nConnection:\x20close\r\nX-Frame-Options:\x20SAMEORIGIN\r\nX-XSS-Prote
5840SF:ction:\x201;\x20mode=block\r\nX-Content-Type-Options:\x20nosniff\r\nCon
5841SF:tent-Security-Policy:\x20frame-ancestors\r\n\r\n")%r(FourOhFourRequest,
5842SF:EF,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20https://:8010/nice%20port
5843SF:s%2C/Tri%6Eity\.txt%2ebak\r\nConnection:\x20close\r\nX-Frame-Options:\x
5844SF:20SAMEORIGIN\r\nX-XSS-Protection:\x201;\x20mode=block\r\nX-Content-Type
5845SF:-Options:\x20nosniff\r\nContent-Security-Policy:\x20frame-ancestors\r\n
5846SF:\r\n")%r(GenericLines,CB,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20htt
5847SF:ps://:8010\r\nConnection:\x20close\r\nX-Frame-Options:\x20SAMEORIGIN\r\
5848SF:nX-XSS-Protection:\x201;\x20mode=block\r\nX-Content-Type-Options:\x20no
5849SF:sniff\r\nContent-Security-Policy:\x20frame-ancestors\r\n\r\n")%r(HTTPOp
5850SF:tions,CB,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20https://:8010\r\nCo
5851SF:nnection:\x20close\r\nX-Frame-Options:\x20SAMEORIGIN\r\nX-XSS-Protectio
5852SF:n:\x201;\x20mode=block\r\nX-Content-Type-Options:\x20nosniff\r\nContent
5853SF:-Security-Policy:\x20frame-ancestors\r\n\r\n")%r(RTSPRequest,CB,"HTTP/1
5854SF:\.1\x20302\x20Found\r\nLocation:\x20https://:8010\r\nConnection:\x20clo
5855SF:se\r\nX-Frame-Options:\x20SAMEORIGIN\r\nX-XSS-Protection:\x201;\x20mode
5856SF:=block\r\nX-Content-Type-Options:\x20nosniff\r\nContent-Security-Policy
5857SF::\x20frame-ancestors\r\n\r\n")%r(SIPOptions,CB,"HTTP/1\.1\x20302\x20Fou
5858SF:nd\r\nLocation:\x20https://:8010\r\nConnection:\x20close\r\nX-Frame-Opt
5859SF:ions:\x20SAMEORIGIN\r\nX-XSS-Protection:\x201;\x20mode=block\r\nX-Conte
5860SF:nt-Type-Options:\x20nosniff\r\nContent-Security-Policy:\x20frame-ancest
5861SF:ors\r\n\r\n");
5862Device type: general purpose|firewall|storage-misc|VoIP phone
5863Running (JUST GUESSING): Linux 2.6.X|3.X|4.X (92%), WatchGuard Fireware 11.X (92%), Synology DiskStation Manager 5.X (91%), Grandstream embedded (86%), FreeBSD 6.X (85%)
5864OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275 cpe:/o:linux:linux_kernel:4.4 cpe:/o:freebsd:freebsd:6.2
5865Aggressive OS guesses: Linux 2.6.32 (92%), Linux 2.6.32 or 3.10 (92%), Linux 2.6.39 (92%), WatchGuard Fireware 11.8 (92%), Synology DiskStation Manager 5.1 (91%), Linux 3.4 (91%), Linux 3.1 - 3.2 (90%), Linux 3.10 (89%), Linux 2.6.32 - 2.6.39 (89%), Linux 2.6.32 - 3.0 (87%)
5866No exact OS matches for host (test conditions non-ideal).
5867Network Distance: 22 hops
5868Service Info: Host: localhost.localdomain
5869
5870Host script results:
5871|_clock-skew: -16s
5872
5873TRACEROUTE (using port 443/tcp)
5874HOP RTT ADDRESS
58751 137.65 ms 10.203.17.1
58762 ...
58773 138.45 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
58784 137.71 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
58795 143.07 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
58806 158.28 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
58817 163.52 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
58828 259.58 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
58839 257.99 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
588410 249.07 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
588511 256.54 ms be2331.ccr41.iad02.atlas.cogentco.com (154.54.85.241)
588612 257.43 ms be3083.ccr41.dca01.atlas.cogentco.com (154.54.30.53)
588713 274.07 ms be3483.ccr22.mia01.atlas.cogentco.com (154.54.28.50)
588814 281.93 ms be3483.ccr22.mia01.atlas.cogentco.com (154.54.28.50)
588915 278.45 ms be3401.ccr21.mia03.atlas.cogentco.com (154.54.47.30)
589016 379.28 ms cl-us.redclara.net (200.0.204.59)
589117 385.99 ms reacciun-pa.redclara.net (200.0.204.150)
589218 396.11 ms ra-uach-cga.reuna.cl (146.83.244.51)
589319 418.28 ms vpn.uach.cl (200.2.119.114)
589420 391.41 ms 200.2.119.206
589521 396.49 ms 200.2.119.206
589622 401.91 ms callecalle5.uach.cl (146.83.222.104)
5897#################################################################################################################################
5898Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 06:50 EDT
5899Warning: 146.83.222.104 giving up on port because retransmission cap hit (2).
5900Nmap scan report for callecalle5.uach.cl (146.83.222.104)
5901Host is up (0.40s latency).
5902Not shown: 16 filtered ports
5903Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
5904PORT STATE SERVICE VERSION
590553/udp open|filtered domain
590667/udp open|filtered dhcps
590768/udp open|filtered dhcpc
590888/udp open|filtered kerberos-sec
5909123/udp open|filtered ntp
5910137/udp open|filtered netbios-ns
5911138/udp open|filtered netbios-dgm
5912161/udp open|filtered snmp
5913162/udp open|filtered snmptrap
5914389/udp open|filtered ldap
5915520/udp open|filtered route
59162049/udp open|filtered nfs
5917Too many fingerprints match this host to give specific OS details
5918
5919TRACEROUTE (using port 139/udp)
5920HOP RTT ADDRESS
59211 138.58 ms 10.203.17.1
59222 ...
59233 140.07 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
59244 140.03 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
59255 145.18 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
59266 163.54 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
59277 168.41 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
59288 261.50 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
59299 254.74 ms be12489.ccr42.par01.atlas.cogentco.com (154.54.57.70)
593010 257.78 ms be2318.ccr32.bio02.atlas.cogentco.com (154.54.61.117)
593111 258.38 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
593212 262.90 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
593313 265.53 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
593414 276.61 ms be3483.ccr22.mia01.atlas.cogentco.com (154.54.28.50)
593515 278.95 ms be3401.ccr21.mia03.atlas.cogentco.com (154.54.47.30)
593616 283.36 ms 38.104.95.186
593717 386.06 ms reacciun-pa.redclara.net (200.0.204.150)
593818 397.59 ms ra-uach-cga.reuna.cl (146.83.244.51)
593919 394.85 ms ra-uach-cga.reuna.cl (146.83.244.51)
594020 ... 25
594126 399.41 ms ra-uach-cga.reuna.cl (146.83.244.51)
594227 ...
594328 399.44 ms ra-uach-cga.reuna.cl (146.83.244.51)
594429 402.45 ms ra-uach-cga.reuna.cl (146.83.244.51)
594530 404.46 ms ra-uach-cga.reuna.cl (146.83.244.51)
5946#################################################################################################################################
5947Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 06:54 EDT
5948Nmap scan report for callecalle5.uach.cl (146.83.222.104)
5949Host is up.
5950
5951PORT STATE SERVICE VERSION
595267/tcp filtered dhcps
595367/udp open|filtered dhcps
5954|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
5955Too many fingerprints match this host to give specific OS details
5956
5957TRACEROUTE (using proto 1/icmp)
5958HOP RTT ADDRESS
59591 136.93 ms 10.203.17.1
59602 ...
59613 138.53 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
59624 138.60 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
59635 143.94 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
59646 161.65 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
59657 166.98 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
59668 249.76 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
59679 252.25 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
596810 253.27 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
596911 254.17 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
597012 259.95 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
597113 278.29 ms be3482.ccr21.mia01.atlas.cogentco.com (154.54.24.146)
597214 274.40 ms be3400.ccr21.mia03.atlas.cogentco.com (154.54.47.18)
597315 276.02 ms 38.104.95.186
597416 382.24 ms cl-us.redclara.net (200.0.204.59)
597517 386.08 ms reacciun-pa.redclara.net (200.0.204.150)
597618 395.45 ms ra-uach-cga.reuna.cl (146.83.244.51)
597719 ... 30
5978#################################################################################################################################
5979Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 06:56 EDT
5980Nmap scan report for callecalle5.uach.cl (146.83.222.104)
5981Host is up.
5982
5983PORT STATE SERVICE VERSION
598468/tcp filtered dhcpc
598568/udp open|filtered dhcpc
5986Too many fingerprints match this host to give specific OS details
5987
5988TRACEROUTE (using proto 1/icmp)
5989HOP RTT ADDRESS
59901 136.84 ms 10.203.17.1
59912 ...
59923 134.37 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
59934 133.76 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
59945 139.38 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
59956 158.99 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
59967 166.39 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
59978 249.24 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
59989 253.06 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
599910 253.70 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
600011 254.25 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
600112 260.18 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
600213 275.19 ms be3482.ccr21.mia01.atlas.cogentco.com (154.54.24.146)
600314 274.60 ms be3400.ccr21.mia03.atlas.cogentco.com (154.54.47.18)
600415 280.04 ms 38.104.95.186
600516 383.15 ms cl-us.redclara.net (200.0.204.59)
600617 387.88 ms reacciun-pa.redclara.net (200.0.204.150)
600718 396.12 ms ra-uach-cga.reuna.cl (146.83.244.51)
600819 ... 30
6009#################################################################################################################################
6010http://146.83.222.104 [302 Found] Apache, Country[CHILE][CL], HTTPServer[Apache], IP[146.83.222.104], RedirectLocation[https://146.83.222.104/], Title[302 Found]
6011https://146.83.222.104/ [200 OK] Apache, Country[CHILE][CL], Google-Analytics[UA-27179444-1], HTTPServer[Apache], IP[146.83.222.104], JQuery[1.7.1,2.1.1], Script[text/javascript], Title[Universidad Austral de Chile], probably WordPress, X-UA-Compatible[IE=edge]
6012#################################################################################################################################
6013HTTP/1.1 302 Found
6014Date: Thu, 19 Mar 2020 11:00:56 GMT
6015Server: Apache
6016Location: https://146.83.222.104/
6017Content-Type: text/html; charset=iso-8859-1
6018
6019HTTP/1.1 302 Found
6020Date: Thu, 19 Mar 2020 11:00:56 GMT
6021Server: Apache
6022Location: https://146.83.222.104/
6023Content-Type: text/html; charset=iso-8859-1
6024#################################################################################################################################
6025Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 07:01 EDT
6026Nmap scan report for callecalle5.uach.cl (146.83.222.104)
6027Host is up.
6028
6029PORT STATE SERVICE VERSION
6030123/tcp filtered ntp
6031123/udp open|filtered ntp
6032Too many fingerprints match this host to give specific OS details
6033
6034TRACEROUTE (using proto 1/icmp)
6035HOP RTT ADDRESS
60361 138.47 ms 10.203.17.1
60372 ...
60383 139.41 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
60394 139.36 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
60405 144.57 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
60416 164.19 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
60427 172.00 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
60438 254.29 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
60449 253.88 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
604510 255.32 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
604611 255.66 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
604712 262.24 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
604813 277.21 ms be3482.ccr21.mia01.atlas.cogentco.com (154.54.24.146)
604914 275.51 ms be3400.ccr21.mia03.atlas.cogentco.com (154.54.47.18)
605015 276.83 ms 38.104.95.186
605116 382.18 ms cl-us.redclara.net (200.0.204.59)
605217 386.07 ms reacciun-pa.redclara.net (200.0.204.150)
605318 395.44 ms ra-uach-cga.reuna.cl (146.83.244.51)
605419 ... 30
6055#################################################################################################################################
6056https://146.83.222.104/ [200 OK] Apache, Country[CHILE][CL], Google-Analytics[UA-27179444-1], HTTPServer[Apache], IP[146.83.222.104], JQuery[1.7.1,2.1.1], Script[text/javascript], Title[Universidad Austral de Chile], probably WordPress, X-UA-Compatible[IE=edge]
6057#################################################################################################################################
6058Version: 2.0.0-static
6059OpenSSL 1.1.1e-dev xx XXX xxxx
6060
6061Connected to 146.83.222.104
6062
6063Testing SSL server 146.83.222.104 on port 443 using SNI name 146.83.222.104
6064
6065 SSL/TLS Protocols:
6066SSLv2 disabled
6067SSLv3 disabled
6068TLSv1.0 disabled
6069TLSv1.1 disabled
6070TLSv1.2 enabled
6071TLSv1.3 disabled
6072
6073 TLS Fallback SCSV:
6074Server supports TLS Fallback SCSV
6075
6076 TLS renegotiation:
6077Session renegotiation not supported
6078
6079 TLS Compression:
6080Compression disabled
6081
6082 Heartbleed:
6083TLSv1.2 not vulnerable to heartbleed
6084
6085 Supported Server Cipher(s):
6086Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
6087Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
6088Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
6089Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
6090Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
6091Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
6092Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
6093Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
6094Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
6095Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
6096Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
6097Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
6098Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
6099Accepted TLSv1.2 112 bits DHE-RSA-DES-CBC3-SHA DHE 2048 bits
6100Accepted TLSv1.2 256 bits AES256-GCM-SHA384
6101Accepted TLSv1.2 128 bits AES128-GCM-SHA256
6102Accepted TLSv1.2 256 bits AES256-SHA256
6103Accepted TLSv1.2 128 bits AES128-SHA256
6104Accepted TLSv1.2 256 bits AES256-SHA
6105Accepted TLSv1.2 128 bits AES128-SHA
6106Accepted TLSv1.2 112 bits DES-CBC3-SHA
6107Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
6108Accepted TLSv1.2 256 bits CAMELLIA256-SHA
6109Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
6110Accepted TLSv1.2 128 bits CAMELLIA128-SHA
6111
6112 Server Key Exchange Group(s):
6113TLSv1.2 128 bits secp256r1 (NIST P-256)
6114
6115 Server Signature Algorithm(s):
6116TLSv1.2 Server accepts all signature algorithms.
6117
6118 SSL Certificate:
6119Signature Algorithm: sha256WithRSAEncryption
6120RSA Key Strength: 2048
6121
6122Subject: *.uach.cl
6123Altnames: DNS:*.uach.cl, DNS:uach.cl
6124Issuer: GlobalSign Organization Validation CA - SHA256 - G2
6125
6126Not valid before: Sep 12 17:56:11 2018 GMT
6127Not valid after: Sep 13 16:06:02 2020 GMT
6128#################################################################################################################################
6129--------------------------------------------------------
6130<<<Yasuo discovered following vulnerable applications>>>
6131--------------------------------------------------------
6132+------------+--------------------------------------+--------------------------------------------------+----------+----------+
6133| App Name | URL to Application | Potential Exploit | Username | Password |
6134+------------+--------------------------------------+--------------------------------------------------+----------+----------+
6135| phpMyAdmin | http://146.83.222.104:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | | |
6136+------------+--------------------------------------+--------------------------------------------------+----------+----------+
6137#################################################################################################################################
6138Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 07:32 EDT
6139Nmap scan report for callecalle5.uach.cl (146.83.222.104)
6140Host is up (0.40s latency).
6141
6142PORT STATE SERVICE VERSION
614353/tcp filtered domain
614467/tcp filtered dhcps
614568/tcp filtered dhcpc
614669/tcp filtered tftp
614788/tcp filtered kerberos-sec
6148123/tcp filtered ntp
6149137/tcp filtered netbios-ns
6150138/tcp filtered netbios-dgm
6151139/tcp filtered netbios-ssn
6152161/tcp filtered snmp
6153162/tcp filtered snmptrap
6154389/tcp filtered ldap
6155520/tcp filtered efs
61562049/tcp filtered nfs
615753/udp open|filtered domain
615867/udp open|filtered dhcps
615968/udp open|filtered dhcpc
616069/udp filtered tftp
616188/udp open|filtered kerberos-sec
6162123/udp open|filtered ntp
6163137/udp open|filtered netbios-ns
6164138/udp filtered netbios-dgm
6165139/udp open|filtered netbios-ssn
6166161/udp open|filtered snmp
6167162/udp open|filtered snmptrap
6168389/udp open|filtered ldap
6169520/udp open|filtered route
61702049/udp open|filtered nfs
6171Too many fingerprints match this host to give specific OS details
6172
6173TRACEROUTE (using port 138/udp)
6174HOP RTT ADDRESS
61751 140.74 ms 10.203.17.1
61762 ...
61773 141.54 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
61784 141.33 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
61795 146.98 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
61806 169.19 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
61817 173.93 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
61828 251.05 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
61839 253.65 ms be12497.ccr41.par01.atlas.cogentco.com (154.54.56.130)
618410 253.53 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
618511 263.98 ms be2332.ccr41.iad02.atlas.cogentco.com (154.54.85.245)
618612 262.51 ms be3083.ccr41.dca01.atlas.cogentco.com (154.54.30.53)
618713 287.29 ms be3483.ccr22.mia01.atlas.cogentco.com (154.54.28.50)
618814 283.05 ms be3483.ccr22.mia01.atlas.cogentco.com (154.54.28.50)
618915 278.02 ms be3401.ccr21.mia03.atlas.cogentco.com (154.54.47.30)
619016 280.06 ms 38.104.95.186
619117 384.39 ms reacciun-pa.redclara.net (200.0.204.150)
619218 388.82 ms reacciun-pa.redclara.net (200.0.204.150)
619319 401.72 ms ra-uach-cga.reuna.cl (146.83.244.51)
619420 404.03 ms ra-uach-cga.reuna.cl (146.83.244.51)
619521 402.99 ms ra-uach-cga.reuna.cl (146.83.244.51)
619622 399.19 ms ra-uach-cga.reuna.cl (146.83.244.51)
619723 ... 29
619830 397.15 ms ra-uach-cga.reuna.cl (146.83.244.51)
6199#################################################################################################################################
6200Hosts
6201=====
6202
6203address mac name os_name os_flavor os_sp purpose info comments
6204------- --- ---- ------- --------- ----- ------- ---- --------
62053.83.211.23 ec2-3-83-211-23.compute-1.amazonaws.com embedded device
62063.216.98.236 ec2-3-216-98-236.compute-1.amazonaws.com Linux 3.X server
620734.224.171.238 ec2-34-224-171-238.compute-1.amazonaws.com Linux server
620834.236.0.217 ec2-34-236-0-217.compute-1.amazonaws.com Linux 3.X server
620934.253.89.155 ec2-34-253-89-155.eu-west-1.compute.amazonaws.com Linux 4.X server
621037.1.207.121 teens-sins.net 2-Series 3.X device
621143.245.223.4 Linux 2.6.X server
621245.60.47.218 Linux 3.X server
621345.88.202.111 Linux 3.X server
621445.239.108.252 whale.ecohosting.cl Linux 3.X server
621552.1.2.24 ec2-52-1-2-24.compute-1.amazonaws.com Linux server
621652.1.174.10 ec2-52-1-174-10.compute-1.amazonaws.com Linux 3.X server
621752.30.54.73 ec2-52-30-54-73.eu-west-1.compute.amazonaws.com Linux 4.X server
621852.52.234.222 ec2-52-52-234-222.us-west-1.compute.amazonaws.com Unknown device
621954.36.158.42 lb.xtgem.com Linux 3.X server
622054.72.57.25 ec2-54-72-57-25.eu-west-1.compute.amazonaws.com Linux 4.X server
622154.85.59.109 ec2-54-85-59-109.compute-1.amazonaws.com Linux 3.X server
622254.194.134.190 ec2-54-194-134-190.eu-west-1.compute.amazonaws.com Linux 4.X server
622364.69.94.253 Unknown device
622469.163.233.4 ps54052.dreamhostps.com Linux 14.04 server
622574.117.180.192 embedded device
622682.94.222.131 Unknown device
622792.123.250.35 a92-123-250-35.deploy.static.akamaitechnologies.com embedded device
622892.123.250.65 a92-123-250-65.deploy.static.akamaitechnologies.com Linux 3.X server
622994.102.51.111 Linux 2.6.X server
623094.102.51.112 no-reverse-dns-configured.com Linux 2.6.X server
6231104.244.73.40 Unknown device
6232104.244.76.231 Linux 3.X server
6233104.244.77.188 Linux 3.X server
6234104.244.79.89 Linux 3.X server
6235107.180.28.114 ip-107-180-28-114.ip.secureserver.net Unknown device
6236111.90.145.39 web16.support-emilid.com Linux 2.6.X server
6237143.95.110.248 ip-143-95-110-248.iplocal Linux 3.X server
6238146.83.222.104 callecalle5.uach.cl Unknown device
6239149.126.72.220 149.126.72.220.ip.incapdns.net Linux 3.X server
6240151.106.38.107 ns3152160.ip-151-106-38.eu embedded device
6241158.69.13.254 ip254.ip-158-69-13.net 2-Series 2.6.X device
6242162.244.35.13 xnlog.com FreeBSD 7.X device
6243163.247.48.46 Unknown device
6244163.247.127.20 Unknown device
6245163.247.130.114 embedded device
6246163.247.175.176 Unknown device
6247165.22.143.229 Linux 2.6.X server
6248165.227.99.239 Linux 3.X server
6249169.239.218.20 cp10.domains.co.za Linux 2.6.X server
6250173.214.244.169 173.214.244.169.serverel.net Unknown device
6251174.142.53.51 mail.marineland.ca Linux 3.X server
6252186.64.118.40 mail.blue127.dnsmisitio.net embedded device
6253190.98.209.37 static.190.98.209.37.gtdinternet.com Unknown device
6254190.107.177.35 srv25.cpanelhost.cl Linux 2.6.X server
6255190.110.121.175 todofutbol.hn.cl Unknown device
6256190.153.209.187 static.190.153.209.187.gtdinternet.com Unknown device
6257190.153.219.254 mail.evopoli.cl Linux 3.X server
6258192.185.134.58 ns36.accountservergroup.com Linux 3.X server
6259199.38.245.243 embedded device
6260200.2.249.28 Linux 3.X server
6261200.10.251.82 homer.sii.cl Unknown device
6262200.12.19.101 embedded device
6263200.29.0.33 cp33.puntoweb.cl Unknown device
6264200.54.92.108 Linux 9.0 server
6265200.54.230.247 plesk.tdata.cloud Linux 3.X server
6266200.55.198.228 Linux 2.4.X server
6267200.68.30.227 mail.gorecoquimbo.cl Unknown device
6268200.68.34.99 Unknown device
6269200.73.54.34 mail.maxtel.cl Linux 2.6.X server
6270200.91.40.252 200-91-40-252.avz.cl Unknown device
6271200.91.41.5 cruzblanca.cl Unknown device
6272200.126.100.83 toqui.gorearaucania.cl Unknown device
6273201.159.170.136 soloweb.sinc.cl Unknown device
6274204.93.193.141 suzuka.mochahost.com Unknown device
6275206.48.140.40 Unknown device
6276207.246.147.189 2-Series device
6277207.246.147.190 Linux 4.X server
6278207.246.147.247 Linux 4.X server
6279207.246.147.248 Linux 4.X server
6280211.13.196.135 sv3.isle.ne.jp Linux 2.6.X server
6281212.174.0.150 Windows 2012 server
6282216.172.184.117 Linux 3.X server
6283218.45.5.97 www.town.koya.wakayama.jp Linux 2.6.X server
6284#################################################################################################################################
6285Services
6286========
6287
6288host port proto name state info
6289---- ---- ----- ---- ----- ----
62903.83.211.23 53 tcp domain filtered
62913.83.211.23 53 udp domain unknown
62923.83.211.23 67 tcp dhcps filtered
62933.83.211.23 67 udp dhcps unknown
62943.83.211.23 68 tcp dhcpc filtered
62953.83.211.23 68 udp dhcpc unknown
62963.83.211.23 69 tcp tftp filtered
62973.83.211.23 69 udp tftp unknown
62983.83.211.23 80 tcp http open Microsoft IIS httpd 10.0
62993.83.211.23 88 tcp kerberos-sec filtered
63003.83.211.23 88 udp kerberos-sec unknown
63013.83.211.23 123 tcp ntp filtered
63023.83.211.23 123 udp ntp unknown
63033.83.211.23 137 tcp netbios-ns filtered
63043.83.211.23 137 udp netbios-ns unknown
63053.83.211.23 138 tcp netbios-dgm filtered
63063.83.211.23 138 udp netbios-dgm unknown
63073.83.211.23 139 tcp netbios-ssn filtered
63083.83.211.23 139 udp netbios-ssn unknown
63093.83.211.23 161 tcp snmp filtered
63103.83.211.23 161 udp snmp unknown
63113.83.211.23 162 tcp snmptrap filtered
63123.83.211.23 162 udp snmptrap unknown
63133.83.211.23 389 tcp ldap filtered
63143.83.211.23 389 udp ldap unknown
63153.83.211.23 443 tcp ssl/http open Microsoft IIS httpd 10.0
63163.83.211.23 520 tcp efs filtered
63173.83.211.23 520 udp route unknown
63183.83.211.23 2049 tcp nfs filtered
63193.83.211.23 2049 udp nfs unknown
63203.216.98.236 53 tcp domain filtered
63213.216.98.236 53 udp domain unknown
63223.216.98.236 67 tcp dhcps filtered
63233.216.98.236 67 udp dhcps unknown
63243.216.98.236 68 tcp dhcpc filtered
63253.216.98.236 68 udp dhcpc unknown
63263.216.98.236 69 tcp tftp filtered
63273.216.98.236 69 udp tftp unknown
63283.216.98.236 80 tcp http open Microsoft IIS httpd 10.0
63293.216.98.236 88 tcp kerberos-sec filtered
63303.216.98.236 88 udp kerberos-sec unknown
63313.216.98.236 123 tcp ntp filtered
63323.216.98.236 123 udp ntp unknown
63333.216.98.236 137 tcp netbios-ns filtered
63343.216.98.236 137 udp netbios-ns unknown
63353.216.98.236 138 tcp netbios-dgm filtered
63363.216.98.236 138 udp netbios-dgm unknown
63373.216.98.236 139 tcp netbios-ssn filtered
63383.216.98.236 139 udp netbios-ssn unknown
63393.216.98.236 161 tcp snmp filtered
63403.216.98.236 161 udp snmp unknown
63413.216.98.236 162 tcp snmptrap filtered
63423.216.98.236 162 udp snmptrap unknown
63433.216.98.236 389 tcp ldap filtered
63443.216.98.236 389 udp ldap unknown
63453.216.98.236 443 tcp ssl/http open Microsoft IIS httpd 10.0
63463.216.98.236 520 tcp efs filtered
63473.216.98.236 520 udp route unknown
63483.216.98.236 2049 tcp nfs filtered
63493.216.98.236 2049 udp nfs unknown
635034.224.171.238 53 tcp domain filtered
635134.224.171.238 53 udp domain unknown
635234.224.171.238 67 tcp dhcps filtered
635334.224.171.238 67 udp dhcps unknown
635434.224.171.238 68 tcp dhcpc filtered
635534.224.171.238 68 udp dhcpc unknown
635634.224.171.238 69 tcp tftp filtered
635734.224.171.238 69 udp tftp unknown
635834.224.171.238 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
635934.224.171.238 88 tcp kerberos-sec filtered
636034.224.171.238 88 udp kerberos-sec unknown
636134.224.171.238 123 tcp ntp filtered
636234.224.171.238 123 udp ntp unknown
636334.224.171.238 137 tcp netbios-ns filtered
636434.224.171.238 137 udp netbios-ns unknown
636534.224.171.238 138 tcp netbios-dgm filtered
636634.224.171.238 138 udp netbios-dgm unknown
636734.224.171.238 139 tcp netbios-ssn filtered
636834.224.171.238 139 udp netbios-ssn unknown
636934.224.171.238 161 tcp snmp filtered
637034.224.171.238 161 udp snmp unknown
637134.224.171.238 162 tcp snmptrap filtered
637234.224.171.238 162 udp snmptrap unknown
637334.224.171.238 389 tcp ldap filtered
637434.224.171.238 389 udp ldap unknown
637534.224.171.238 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
637634.224.171.238 520 tcp efs filtered
637734.224.171.238 520 udp route unknown
637834.224.171.238 2049 tcp nfs filtered
637934.224.171.238 2049 udp nfs unknown
638034.236.0.217 53 tcp domain filtered
638134.236.0.217 53 udp domain unknown
638234.236.0.217 67 tcp dhcps filtered
638334.236.0.217 67 udp dhcps unknown
638434.236.0.217 68 tcp dhcpc filtered
638534.236.0.217 68 udp dhcpc unknown
638634.236.0.217 69 tcp tftp filtered
638734.236.0.217 69 udp tftp unknown
638834.236.0.217 80 tcp http open nginx
638934.236.0.217 88 tcp kerberos-sec filtered
639034.236.0.217 88 udp kerberos-sec unknown
639134.236.0.217 123 tcp ntp filtered
639234.236.0.217 123 udp ntp unknown
639334.236.0.217 137 tcp netbios-ns filtered
639434.236.0.217 137 udp netbios-ns unknown
639534.236.0.217 138 tcp netbios-dgm filtered
639634.236.0.217 138 udp netbios-dgm unknown
639734.236.0.217 139 tcp netbios-ssn filtered
639834.236.0.217 139 udp netbios-ssn unknown
639934.236.0.217 161 tcp snmp filtered
640034.236.0.217 161 udp snmp unknown
640134.236.0.217 162 tcp snmptrap filtered
640234.236.0.217 162 udp snmptrap unknown
640334.236.0.217 389 tcp ldap filtered
640434.236.0.217 389 udp ldap unknown
640534.236.0.217 443 tcp ssl/http open nginx
640634.236.0.217 520 tcp efs filtered
640734.236.0.217 520 udp route unknown
640834.236.0.217 2049 tcp nfs filtered
640934.236.0.217 2049 udp nfs unknown
641034.253.89.155 53 tcp domain closed
641134.253.89.155 53 udp domain unknown
641234.253.89.155 67 tcp dhcps closed
641334.253.89.155 67 udp dhcps unknown
641434.253.89.155 68 tcp dhcpc closed
641534.253.89.155 68 udp dhcpc unknown
641634.253.89.155 69 tcp tftp closed
641734.253.89.155 69 udp tftp unknown
641834.253.89.155 80 tcp http open nginx
641934.253.89.155 88 tcp kerberos-sec closed
642034.253.89.155 88 udp kerberos-sec unknown
642134.253.89.155 123 tcp ntp closed
642234.253.89.155 123 udp ntp unknown
642334.253.89.155 137 tcp netbios-ns closed
642434.253.89.155 137 udp netbios-ns unknown
642534.253.89.155 138 tcp netbios-dgm closed
642634.253.89.155 138 udp netbios-dgm unknown
642734.253.89.155 139 tcp netbios-ssn closed
642834.253.89.155 139 udp netbios-ssn unknown
642934.253.89.155 161 tcp snmp closed
643034.253.89.155 161 udp snmp unknown
643134.253.89.155 162 tcp snmptrap closed
643234.253.89.155 162 udp snmptrap unknown
643334.253.89.155 389 tcp ldap closed
643434.253.89.155 389 udp ldap unknown
643534.253.89.155 443 tcp ssl/http open nginx
643634.253.89.155 520 tcp efs closed
643734.253.89.155 520 udp route unknown
643834.253.89.155 2049 tcp nfs closed
643934.253.89.155 2049 udp nfs unknown
644037.1.207.121 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
644137.1.207.121 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
644237.1.207.121 67 tcp dhcps filtered
644337.1.207.121 67 udp dhcps unknown
644437.1.207.121 68 tcp dhcpc filtered
644537.1.207.121 68 udp dhcpc filtered
644637.1.207.121 69 tcp tftp filtered
644737.1.207.121 69 udp tftp unknown
644837.1.207.121 88 tcp kerberos-sec filtered
644937.1.207.121 88 udp kerberos-sec filtered
645037.1.207.121 123 tcp ntp filtered
645137.1.207.121 123 udp ntp unknown
645237.1.207.121 137 tcp netbios-ns filtered
645337.1.207.121 137 udp netbios-ns unknown
645437.1.207.121 138 tcp netbios-dgm filtered
645537.1.207.121 138 udp netbios-dgm unknown
645637.1.207.121 139 tcp netbios-ssn filtered
645737.1.207.121 139 udp netbios-ssn unknown
645837.1.207.121 161 tcp snmp filtered
645937.1.207.121 161 udp snmp unknown
646037.1.207.121 162 tcp snmptrap filtered
646137.1.207.121 162 udp snmptrap unknown
646237.1.207.121 389 tcp ldap filtered
646337.1.207.121 389 udp ldap unknown
646437.1.207.121 520 tcp efs filtered
646537.1.207.121 520 udp route unknown
646637.1.207.121 2049 tcp nfs filtered
646737.1.207.121 2049 udp nfs filtered
646843.245.223.4 80 tcp http open nginx
646943.245.223.4 443 tcp ssl/http open nginx
647043.245.223.4 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
647145.60.47.218 25 tcp http open Incapsula CDN httpd
647245.60.47.218 53 tcp domain open
647345.60.47.218 53 udp domain open
647445.60.47.218 67 udp dhcps unknown
647545.60.47.218 68 udp dhcpc unknown
647645.60.47.218 69 udp tftp unknown
647745.60.47.218 80 tcp http open Incapsula CDN httpd
647845.60.47.218 81 tcp http open Incapsula CDN httpd
647945.60.47.218 85 tcp http open Incapsula CDN httpd
648045.60.47.218 88 tcp http open Incapsula CDN httpd
648145.60.47.218 88 udp kerberos-sec unknown
648245.60.47.218 123 udp ntp unknown
648345.60.47.218 137 udp netbios-ns unknown
648445.60.47.218 138 udp netbios-dgm unknown
648545.60.47.218 139 udp netbios-ssn unknown
648645.60.47.218 161 udp snmp unknown
648745.60.47.218 162 udp snmptrap unknown
648845.60.47.218 389 tcp ssl/http open Incapsula CDN httpd
648945.60.47.218 389 udp ldap unknown
649045.60.47.218 443 tcp ssl/http open Incapsula CDN httpd
649145.60.47.218 444 tcp ssl/http open Incapsula CDN httpd
649245.60.47.218 445 tcp ssl/http open Incapsula CDN httpd
649345.60.47.218 446 tcp http open Incapsula CDN httpd
649445.60.47.218 520 udp route unknown
649545.60.47.218 587 tcp http open Incapsula CDN httpd
649645.60.47.218 631 tcp http open Incapsula CDN httpd
649745.60.47.218 888 tcp http open Incapsula CDN httpd
649845.60.47.218 995 tcp ssl/http open Incapsula CDN httpd
649945.60.47.218 998 tcp ssl/http open Incapsula CDN httpd
650045.60.47.218 999 tcp http open Incapsula CDN httpd
650145.60.47.218 1000 tcp http open Incapsula CDN httpd
650245.60.47.218 1024 tcp http open Incapsula CDN httpd
650345.60.47.218 1103 tcp http open Incapsula CDN httpd
650445.60.47.218 1234 tcp http open Incapsula CDN httpd
650545.60.47.218 1433 tcp http open Incapsula CDN httpd
650645.60.47.218 1494 tcp http open Incapsula CDN httpd
650745.60.47.218 2000 tcp ssl/http open Incapsula CDN httpd
650845.60.47.218 2001 tcp http open Incapsula CDN httpd
650945.60.47.218 2049 tcp http open Incapsula CDN httpd
651045.60.47.218 2049 udp nfs unknown
651145.60.47.218 2067 tcp http open Incapsula CDN httpd
651245.60.47.218 2100 tcp ssl/http open Incapsula CDN httpd
651345.60.47.218 2222 tcp http open Incapsula CDN httpd
651445.60.47.218 2598 tcp http open Incapsula CDN httpd
651545.60.47.218 3000 tcp http open Incapsula CDN httpd
651645.60.47.218 3050 tcp http open Incapsula CDN httpd
651745.60.47.218 3057 tcp http open Incapsula CDN httpd
651845.60.47.218 3299 tcp http open Incapsula CDN httpd
651945.60.47.218 3306 tcp ssl/http open Incapsula CDN httpd
652045.60.47.218 3333 tcp http open Incapsula CDN httpd
652145.60.47.218 3389 tcp ssl/http open Incapsula CDN httpd
652245.60.47.218 3500 tcp http open Incapsula CDN httpd
652345.60.47.218 3790 tcp http open Incapsula CDN httpd
652445.60.47.218 4000 tcp http open Incapsula CDN httpd
652545.60.47.218 4444 tcp ssl/http open Incapsula CDN httpd
652645.60.47.218 4445 tcp ssl/http open Incapsula CDN httpd
652745.60.47.218 4848 tcp http open Incapsula CDN httpd
652845.60.47.218 5000 tcp http open Incapsula CDN httpd
652945.60.47.218 5009 tcp http open Incapsula CDN httpd
653045.60.47.218 5051 tcp ssl/http open Incapsula CDN httpd
653145.60.47.218 5060 tcp ssl/http open Incapsula CDN httpd
653245.60.47.218 5061 tcp ssl/http open Incapsula CDN httpd
653345.60.47.218 5227 tcp ssl/http open Incapsula CDN httpd
653445.60.47.218 5247 tcp ssl/http open Incapsula CDN httpd
653545.60.47.218 5250 tcp ssl/http open Incapsula CDN httpd
653645.60.47.218 5555 tcp http open Incapsula CDN httpd
653745.60.47.218 5900 tcp http open Incapsula CDN httpd
653845.60.47.218 5901 tcp ssl/http open Incapsula CDN httpd
653945.60.47.218 5902 tcp ssl/http open Incapsula CDN httpd
654045.60.47.218 5903 tcp ssl/http open Incapsula CDN httpd
654145.60.47.218 5904 tcp ssl/http open Incapsula CDN httpd
654245.60.47.218 5905 tcp ssl/http open Incapsula CDN httpd
654345.60.47.218 5906 tcp ssl/http open Incapsula CDN httpd
654445.60.47.218 5907 tcp ssl/http open Incapsula CDN httpd
654545.60.47.218 5908 tcp ssl/http open Incapsula CDN httpd
654645.60.47.218 5909 tcp ssl/http open Incapsula CDN httpd
654745.60.47.218 5910 tcp ssl/http open Incapsula CDN httpd
654845.60.47.218 5920 tcp ssl/http open Incapsula CDN httpd
654945.60.47.218 5984 tcp ssl/http open Incapsula CDN httpd
655045.60.47.218 5985 tcp http open Incapsula CDN httpd
655145.60.47.218 5986 tcp ssl/http open Incapsula CDN httpd
655245.60.47.218 5999 tcp ssl/http open Incapsula CDN httpd
655345.60.47.218 6000 tcp http open Incapsula CDN httpd
655445.60.47.218 6060 tcp http open Incapsula CDN httpd
655545.60.47.218 6161 tcp http open Incapsula CDN httpd
655645.60.47.218 6379 tcp http open Incapsula CDN httpd
655745.60.47.218 6661 tcp ssl/http open Incapsula CDN httpd
655845.60.47.218 6789 tcp http open Incapsula CDN httpd
655945.60.47.218 7000 tcp ssl/http open Incapsula CDN httpd
656045.60.47.218 7001 tcp http open Incapsula CDN httpd
656145.60.47.218 7021 tcp http open Incapsula CDN httpd
656245.60.47.218 7071 tcp ssl/http open Incapsula CDN httpd
656345.60.47.218 7080 tcp http open Incapsula CDN httpd
656445.60.47.218 7272 tcp ssl/http open Incapsula CDN httpd
656545.60.47.218 7443 tcp ssl/http open Incapsula CDN httpd
656645.60.47.218 7700 tcp http open Incapsula CDN httpd
656745.60.47.218 7777 tcp http open Incapsula CDN httpd
656845.60.47.218 7778 tcp http open Incapsula CDN httpd
656945.60.47.218 8000 tcp http open Incapsula CDN httpd
657045.60.47.218 8001 tcp http open Incapsula CDN httpd
657145.60.47.218 8008 tcp http open Incapsula CDN httpd
657245.60.47.218 8014 tcp http open Incapsula CDN httpd
657345.60.47.218 8020 tcp http open Incapsula CDN httpd
657445.60.47.218 8023 tcp http open Incapsula CDN httpd
657545.60.47.218 8028 tcp http open Incapsula CDN httpd
657645.60.47.218 8030 tcp http open Incapsula CDN httpd
657745.60.47.218 8050 tcp http open Incapsula CDN httpd
657845.60.47.218 8051 tcp http open Incapsula CDN httpd
657945.60.47.218 8080 tcp http open Incapsula CDN httpd
658045.60.47.218 8081 tcp http open Incapsula CDN httpd
658145.60.47.218 8082 tcp http open Incapsula CDN httpd
658245.60.47.218 8085 tcp http open Incapsula CDN httpd
658345.60.47.218 8086 tcp http open Incapsula CDN httpd
658445.60.47.218 8087 tcp http open Incapsula CDN httpd
658545.60.47.218 8088 tcp http open Incapsula CDN httpd
658645.60.47.218 8090 tcp http open Incapsula CDN httpd
658745.60.47.218 8091 tcp http open Incapsula CDN httpd
658845.60.47.218 8095 tcp http open Incapsula CDN httpd
658945.60.47.218 8101 tcp http open Incapsula CDN httpd
659045.60.47.218 8161 tcp http open Incapsula CDN httpd
659145.60.47.218 8180 tcp http open Incapsula CDN httpd
659245.60.47.218 8222 tcp http open Incapsula CDN httpd
659345.60.47.218 8333 tcp http open Incapsula CDN httpd
659445.60.47.218 8443 tcp ssl/http open Incapsula CDN httpd
659545.60.47.218 8444 tcp http open Incapsula CDN httpd
659645.60.47.218 8445 tcp http open Incapsula CDN httpd
659745.60.47.218 8503 tcp ssl/http open Incapsula CDN httpd
659845.60.47.218 8686 tcp http open Incapsula CDN httpd
659945.60.47.218 8701 tcp ssl/http open Incapsula CDN httpd
660045.60.47.218 8787 tcp http open Incapsula CDN httpd
660145.60.47.218 8800 tcp http open Incapsula CDN httpd
660245.60.47.218 8812 tcp http open Incapsula CDN httpd
660345.60.47.218 8834 tcp http open Incapsula CDN httpd
660445.60.47.218 8880 tcp http open Incapsula CDN httpd
660545.60.47.218 8888 tcp http open Incapsula CDN httpd
660645.60.47.218 8889 tcp http open Incapsula CDN httpd
660745.60.47.218 8890 tcp http open Incapsula CDN httpd
660845.60.47.218 8899 tcp http open Incapsula CDN httpd
660945.60.47.218 8901 tcp http open Incapsula CDN httpd
661045.60.47.218 8902 tcp http open Incapsula CDN httpd
661145.60.47.218 8999 tcp http open Incapsula CDN httpd
661245.60.47.218 9000 tcp http open Incapsula CDN httpd
661345.60.47.218 9001 tcp http open Incapsula CDN httpd
661445.60.47.218 9002 tcp http open Incapsula CDN httpd
661545.60.47.218 9003 tcp http open Incapsula CDN httpd
661645.60.47.218 9004 tcp http open Incapsula CDN httpd
661745.60.47.218 9005 tcp http open Incapsula CDN httpd
661845.60.47.218 9010 tcp http open Incapsula CDN httpd
661945.60.47.218 9050 tcp http open Incapsula CDN httpd
662045.60.47.218 9080 tcp http open Incapsula CDN httpd
662145.60.47.218 9081 tcp ssl/http open Incapsula CDN httpd
662245.60.47.218 9084 tcp http open Incapsula CDN httpd
662345.60.47.218 9090 tcp http open Incapsula CDN httpd
662445.60.47.218 9099 tcp http open Incapsula CDN httpd
662545.60.47.218 9100 tcp jetdirect open
662645.60.47.218 9111 tcp http open Incapsula CDN httpd
662745.60.47.218 9200 tcp http open Incapsula CDN httpd
662845.60.47.218 9300 tcp http open Incapsula CDN httpd
662945.60.47.218 9500 tcp http open Incapsula CDN httpd
663045.60.47.218 9711 tcp ssl/http open Incapsula CDN httpd
663145.60.47.218 9991 tcp http open Incapsula CDN httpd
663245.60.47.218 9999 tcp http open Incapsula CDN httpd
663345.60.47.218 10000 tcp http open Incapsula CDN httpd
663445.60.47.218 10001 tcp http open Incapsula CDN httpd
663545.60.47.218 10008 tcp http open Incapsula CDN httpd
663645.60.47.218 10443 tcp ssl/http open Incapsula CDN httpd
663745.60.47.218 11001 tcp ssl/http open Incapsula CDN httpd
663845.60.47.218 12174 tcp http open Incapsula CDN httpd
663945.60.47.218 12203 tcp http open Incapsula CDN httpd
664045.60.47.218 12221 tcp http open Incapsula CDN httpd
664145.60.47.218 12345 tcp http open Incapsula CDN httpd
664245.60.47.218 12397 tcp http open Incapsula CDN httpd
664345.60.47.218 12401 tcp http open Incapsula CDN httpd
664445.60.47.218 14330 tcp http open Incapsula CDN httpd
664545.60.47.218 16000 tcp http open Incapsula CDN httpd
664645.60.47.218 20000 tcp http open Incapsula CDN httpd
664745.60.47.218 20010 tcp ssl/http open Incapsula CDN httpd
664845.60.47.218 25000 tcp ssl/http open Incapsula CDN httpd
664945.60.47.218 30000 tcp http open Incapsula CDN httpd
665045.60.47.218 44334 tcp ssl/http open Incapsula CDN httpd
665145.60.47.218 50000 tcp http open Incapsula CDN httpd
665245.60.47.218 50001 tcp ssl/http open Incapsula CDN httpd
665345.60.47.218 50050 tcp ssl/http open Incapsula CDN httpd
665445.88.202.111 22 tcp ssh open OpenSSH 7.9p1 Debian 10+deb10u1 protocol 2.0
665545.88.202.111 53 tcp domain open PowerDNS Authoritative Server 4.2.0-rc3
665645.88.202.111 53 udp domain open PowerDNS Authoritative Server 4.2.0-rc3
665745.88.202.111 67 tcp dhcps closed
665845.88.202.111 67 udp dhcps unknown
665945.88.202.111 68 tcp dhcpc closed
666045.88.202.111 68 udp dhcpc unknown
666145.88.202.111 69 tcp tftp closed
666245.88.202.111 69 udp tftp closed
666345.88.202.111 80 tcp http open nginx
666445.88.202.111 88 tcp kerberos-sec closed
666545.88.202.111 88 udp kerberos-sec unknown
666645.88.202.111 123 tcp ntp closed
666745.88.202.111 123 udp ntp closed
666845.88.202.111 137 tcp netbios-ns closed
666945.88.202.111 137 udp netbios-ns filtered
667045.88.202.111 138 tcp netbios-dgm closed
667145.88.202.111 138 udp netbios-dgm filtered
667245.88.202.111 139 tcp netbios-ssn closed
667345.88.202.111 139 udp netbios-ssn closed
667445.88.202.111 161 tcp snmp closed
667545.88.202.111 161 udp snmp closed
667645.88.202.111 162 tcp snmptrap closed
667745.88.202.111 162 udp snmptrap closed
667845.88.202.111 179 tcp bgp filtered
667945.88.202.111 389 tcp ldap closed
668045.88.202.111 389 udp ldap unknown
668145.88.202.111 443 tcp ssl/http open nginx
668245.88.202.111 520 tcp efs closed
668345.88.202.111 520 udp route unknown
668445.88.202.111 2049 tcp nfs closed
668545.88.202.111 2049 udp nfs closed
668645.88.202.111 10050 tcp tcpwrapped open
668745.239.108.252 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
668845.239.108.252 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
668945.239.108.252 67 tcp dhcps filtered
669045.239.108.252 67 udp dhcps unknown
669145.239.108.252 68 tcp dhcpc filtered
669245.239.108.252 68 udp dhcpc unknown
669345.239.108.252 69 tcp tftp filtered
669445.239.108.252 69 udp tftp unknown
669545.239.108.252 88 tcp kerberos-sec filtered
669645.239.108.252 88 udp kerberos-sec unknown
669745.239.108.252 123 tcp ntp filtered
669845.239.108.252 123 udp ntp unknown
669945.239.108.252 137 tcp netbios-ns filtered
670045.239.108.252 137 udp netbios-ns unknown
670145.239.108.252 138 tcp netbios-dgm filtered
670245.239.108.252 138 udp netbios-dgm unknown
670345.239.108.252 139 tcp netbios-ssn filtered
670445.239.108.252 139 udp netbios-ssn unknown
670545.239.108.252 161 tcp snmp filtered
670645.239.108.252 161 udp snmp unknown
670745.239.108.252 162 tcp snmptrap filtered
670845.239.108.252 162 udp snmptrap unknown
670945.239.108.252 389 tcp ldap filtered
671045.239.108.252 389 udp ldap unknown
671145.239.108.252 520 tcp efs filtered
671245.239.108.252 520 udp route unknown
671345.239.108.252 2049 tcp nfs filtered
671445.239.108.252 2049 udp nfs unknown
671552.1.2.24 53 tcp domain filtered
671652.1.2.24 53 udp domain unknown
671752.1.2.24 67 tcp dhcps filtered
671852.1.2.24 67 udp dhcps unknown
671952.1.2.24 68 tcp dhcpc filtered
672052.1.2.24 68 udp dhcpc unknown
672152.1.2.24 69 tcp tftp filtered
672252.1.2.24 69 udp tftp unknown
672352.1.2.24 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
672452.1.2.24 88 tcp kerberos-sec filtered
672552.1.2.24 88 udp kerberos-sec unknown
672652.1.2.24 123 tcp ntp filtered
672752.1.2.24 123 udp ntp unknown
672852.1.2.24 137 tcp netbios-ns filtered
672952.1.2.24 137 udp netbios-ns unknown
673052.1.2.24 138 tcp netbios-dgm filtered
673152.1.2.24 138 udp netbios-dgm unknown
673252.1.2.24 139 tcp netbios-ssn filtered
673352.1.2.24 139 udp netbios-ssn unknown
673452.1.2.24 161 tcp snmp filtered
673552.1.2.24 161 udp snmp unknown
673652.1.2.24 162 tcp snmptrap filtered
673752.1.2.24 162 udp snmptrap unknown
673852.1.2.24 389 tcp ldap filtered
673952.1.2.24 389 udp ldap unknown
674052.1.2.24 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
674152.1.2.24 520 tcp efs filtered
674252.1.2.24 520 udp route unknown
674352.1.2.24 2049 tcp nfs filtered
674452.1.2.24 2049 udp nfs unknown
674552.1.174.10 53 tcp domain filtered
674652.1.174.10 53 udp domain unknown
674752.1.174.10 67 tcp dhcps filtered
674852.1.174.10 67 udp dhcps unknown
674952.1.174.10 68 tcp dhcpc filtered
675052.1.174.10 68 udp dhcpc unknown
675152.1.174.10 69 tcp tftp filtered
675252.1.174.10 69 udp tftp unknown
675352.1.174.10 80 tcp http open nginx
675452.1.174.10 88 tcp kerberos-sec filtered
675552.1.174.10 88 udp kerberos-sec unknown
675652.1.174.10 123 tcp ntp filtered
675752.1.174.10 123 udp ntp unknown
675852.1.174.10 137 tcp netbios-ns filtered
675952.1.174.10 137 udp netbios-ns unknown
676052.1.174.10 138 tcp netbios-dgm filtered
676152.1.174.10 138 udp netbios-dgm unknown
676252.1.174.10 139 tcp netbios-ssn filtered
676352.1.174.10 139 udp netbios-ssn unknown
676452.1.174.10 161 tcp snmp filtered
676552.1.174.10 161 udp snmp unknown
676652.1.174.10 162 tcp snmptrap filtered
676752.1.174.10 162 udp snmptrap unknown
676852.1.174.10 389 tcp ldap filtered
676952.1.174.10 389 udp ldap unknown
677052.1.174.10 443 tcp ssl/http open nginx
677152.1.174.10 520 tcp efs filtered
677252.1.174.10 520 udp route unknown
677352.1.174.10 2049 tcp nfs filtered
677452.1.174.10 2049 udp nfs unknown
677552.30.54.73 53 tcp domain closed
677652.30.54.73 53 udp domain unknown
677752.30.54.73 67 tcp dhcps closed
677852.30.54.73 67 udp dhcps unknown
677952.30.54.73 68 tcp dhcpc closed
678052.30.54.73 68 udp dhcpc unknown
678152.30.54.73 69 tcp tftp closed
678252.30.54.73 69 udp tftp unknown
678352.30.54.73 80 tcp http open nginx
678452.30.54.73 88 tcp kerberos-sec closed
678552.30.54.73 88 udp kerberos-sec unknown
678652.30.54.73 123 tcp ntp closed
678752.30.54.73 123 udp ntp unknown
678852.30.54.73 137 tcp netbios-ns closed
678952.30.54.73 137 udp netbios-ns unknown
679052.30.54.73 138 tcp netbios-dgm closed
679152.30.54.73 138 udp netbios-dgm unknown
679252.30.54.73 139 tcp netbios-ssn closed
679352.30.54.73 139 udp netbios-ssn unknown
679452.30.54.73 161 tcp snmp closed
679552.30.54.73 161 udp snmp unknown
679652.30.54.73 162 tcp snmptrap closed
679752.30.54.73 162 udp snmptrap unknown
679852.30.54.73 389 tcp ldap closed
679952.30.54.73 389 udp ldap unknown
680052.30.54.73 443 tcp ssl/http open nginx
680152.30.54.73 520 tcp efs closed
680252.30.54.73 520 udp route unknown
680352.30.54.73 2049 tcp nfs closed
680452.30.54.73 2049 udp nfs unknown
680552.52.234.222 53 tcp domain filtered
680652.52.234.222 53 udp domain unknown
680752.52.234.222 67 tcp dhcps filtered
680852.52.234.222 67 udp dhcps unknown
680952.52.234.222 68 tcp dhcpc filtered
681052.52.234.222 68 udp dhcpc unknown
681152.52.234.222 69 tcp tftp filtered
681252.52.234.222 69 udp tftp unknown
681352.52.234.222 88 tcp kerberos-sec filtered
681452.52.234.222 88 udp kerberos-sec unknown
681552.52.234.222 123 tcp ntp filtered
681652.52.234.222 123 udp ntp unknown
681752.52.234.222 137 tcp netbios-ns filtered
681852.52.234.222 137 udp netbios-ns unknown
681952.52.234.222 138 tcp netbios-dgm filtered
682052.52.234.222 138 udp netbios-dgm unknown
682152.52.234.222 139 tcp netbios-ssn filtered
682252.52.234.222 139 udp netbios-ssn unknown
682352.52.234.222 161 tcp snmp filtered
682452.52.234.222 161 udp snmp unknown
682552.52.234.222 162 tcp snmptrap filtered
682652.52.234.222 162 udp snmptrap unknown
682752.52.234.222 389 tcp ldap filtered
682852.52.234.222 389 udp ldap unknown
682952.52.234.222 520 tcp efs filtered
683052.52.234.222 520 udp route unknown
683152.52.234.222 2049 tcp nfs filtered
683252.52.234.222 2049 udp nfs unknown
683354.36.158.42 22 tcp ssh open OpenSSH 7.4 protocol 2.0
683454.36.158.42 53 udp domain unknown
683554.36.158.42 67 udp dhcps unknown
683654.36.158.42 68 udp dhcpc unknown
683754.36.158.42 80 tcp http-proxy open HAProxy http proxy 1.3.1 or later
683854.36.158.42 137 udp netbios-ns unknown
683954.36.158.42 139 udp netbios-ssn unknown
684054.36.158.42 443 tcp ssl/http-proxy open HAProxy http proxy 1.3.1 or later
684154.36.158.42 2049 udp nfs unknown
684254.36.158.42 5000 tcp http open Apache httpd
684354.36.158.42 8088 tcp radan-http open
684454.36.158.42 22222 tcp ssh open OpenSSH 7.4 protocol 2.0
684554.72.57.25 53 tcp domain closed
684654.72.57.25 53 udp domain unknown
684754.72.57.25 67 tcp dhcps closed
684854.72.57.25 67 udp dhcps unknown
684954.72.57.25 68 tcp dhcpc closed
685054.72.57.25 68 udp dhcpc unknown
685154.72.57.25 69 tcp tftp closed
685254.72.57.25 69 udp tftp unknown
685354.72.57.25 80 tcp http open nginx
685454.72.57.25 88 tcp kerberos-sec closed
685554.72.57.25 88 udp kerberos-sec unknown
685654.72.57.25 123 tcp ntp closed
685754.72.57.25 123 udp ntp unknown
685854.72.57.25 137 tcp netbios-ns closed
685954.72.57.25 137 udp netbios-ns unknown
686054.72.57.25 138 tcp netbios-dgm closed
686154.72.57.25 138 udp netbios-dgm unknown
686254.72.57.25 139 tcp netbios-ssn closed
686354.72.57.25 139 udp netbios-ssn unknown
686454.72.57.25 161 tcp snmp closed
686554.72.57.25 161 udp snmp unknown
686654.72.57.25 162 tcp snmptrap closed
686754.72.57.25 162 udp snmptrap unknown
686854.72.57.25 389 tcp ldap closed
686954.72.57.25 389 udp ldap unknown
687054.72.57.25 443 tcp ssl/http open nginx
687154.72.57.25 520 tcp efs closed
687254.72.57.25 520 udp route unknown
687354.72.57.25 2049 tcp nfs closed
687454.72.57.25 2049 udp nfs unknown
687554.85.59.109 53 tcp domain filtered
687654.85.59.109 53 udp domain unknown
687754.85.59.109 67 tcp dhcps filtered
687854.85.59.109 67 udp dhcps unknown
687954.85.59.109 68 tcp dhcpc filtered
688054.85.59.109 68 udp dhcpc unknown
688154.85.59.109 69 tcp tftp filtered
688254.85.59.109 69 udp tftp unknown
688354.85.59.109 80 tcp http open nginx
688454.85.59.109 88 tcp kerberos-sec filtered
688554.85.59.109 88 udp kerberos-sec unknown
688654.85.59.109 123 tcp ntp filtered
688754.85.59.109 123 udp ntp unknown
688854.85.59.109 137 tcp netbios-ns filtered
688954.85.59.109 137 udp netbios-ns unknown
689054.85.59.109 138 tcp netbios-dgm filtered
689154.85.59.109 138 udp netbios-dgm unknown
689254.85.59.109 139 tcp netbios-ssn filtered
689354.85.59.109 139 udp netbios-ssn unknown
689454.85.59.109 161 tcp snmp filtered
689554.85.59.109 161 udp snmp unknown
689654.85.59.109 162 tcp snmptrap filtered
689754.85.59.109 162 udp snmptrap unknown
689854.85.59.109 389 tcp ldap filtered
689954.85.59.109 389 udp ldap unknown
690054.85.59.109 443 tcp ssl/http open nginx
690154.85.59.109 520 tcp efs filtered
690254.85.59.109 520 udp route unknown
690354.85.59.109 2049 tcp nfs filtered
690454.85.59.109 2049 udp nfs unknown
690554.194.134.190 53 tcp domain closed
690654.194.134.190 53 udp domain unknown
690754.194.134.190 67 tcp dhcps closed
690854.194.134.190 67 udp dhcps unknown
690954.194.134.190 68 tcp dhcpc closed
691054.194.134.190 68 udp dhcpc unknown
691154.194.134.190 69 tcp tftp closed
691254.194.134.190 69 udp tftp unknown
691354.194.134.190 80 tcp http open nginx
691454.194.134.190 88 tcp kerberos-sec closed
691554.194.134.190 88 udp kerberos-sec unknown
691654.194.134.190 123 tcp ntp closed
691754.194.134.190 123 udp ntp unknown
691854.194.134.190 137 tcp netbios-ns closed
691954.194.134.190 137 udp netbios-ns unknown
692054.194.134.190 138 tcp netbios-dgm closed
692154.194.134.190 138 udp netbios-dgm unknown
692254.194.134.190 139 tcp netbios-ssn closed
692354.194.134.190 139 udp netbios-ssn unknown
692454.194.134.190 161 tcp snmp closed
692554.194.134.190 161 udp snmp unknown
692654.194.134.190 162 tcp snmptrap closed
692754.194.134.190 162 udp snmptrap unknown
692854.194.134.190 389 tcp ldap closed
692954.194.134.190 389 udp ldap unknown
693054.194.134.190 443 tcp ssl/http open nginx
693154.194.134.190 520 tcp efs closed
693254.194.134.190 520 udp route unknown
693354.194.134.190 2049 tcp nfs closed
693454.194.134.190 2049 udp nfs unknown
693564.69.94.253 53 tcp domain filtered
693664.69.94.253 53 udp domain unknown
693764.69.94.253 67 tcp dhcps filtered
693864.69.94.253 67 udp dhcps unknown
693964.69.94.253 68 tcp dhcpc filtered
694064.69.94.253 68 udp dhcpc unknown
694164.69.94.253 69 tcp tftp filtered
694264.69.94.253 69 udp tftp unknown
694364.69.94.253 88 tcp kerberos-sec filtered
694464.69.94.253 88 udp kerberos-sec unknown
694564.69.94.253 123 tcp ntp filtered
694664.69.94.253 123 udp ntp unknown
694764.69.94.253 137 tcp netbios-ns filtered
694864.69.94.253 137 udp netbios-ns unknown
694964.69.94.253 138 tcp netbios-dgm filtered
695064.69.94.253 138 udp netbios-dgm unknown
695164.69.94.253 139 tcp netbios-ssn filtered
695264.69.94.253 139 udp netbios-ssn unknown
695364.69.94.253 161 tcp snmp filtered
695464.69.94.253 161 udp snmp unknown
695564.69.94.253 162 tcp snmptrap filtered
695664.69.94.253 162 udp snmptrap unknown
695764.69.94.253 389 tcp ldap filtered
695864.69.94.253 389 udp ldap unknown
695964.69.94.253 520 tcp efs filtered
696064.69.94.253 520 udp route unknown
696164.69.94.253 2049 tcp nfs filtered
696264.69.94.253 2049 udp nfs unknown
696369.163.233.4 21 tcp ftp open 220 DreamHost FTP Server\x0d\x0a
696469.163.233.4 22 tcp ssh open SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
696569.163.233.4 25 tcp open
696669.163.233.4 53 tcp domain closed
696769.163.233.4 53 udp domain unknown
696869.163.233.4 67 tcp dhcps closed
696969.163.233.4 67 udp dhcps closed
697069.163.233.4 68 tcp dhcpc closed
697169.163.233.4 68 udp dhcpc unknown
697269.163.233.4 69 tcp tftp closed
697369.163.233.4 69 udp tftp closed
697469.163.233.4 88 tcp kerberos-sec closed
697569.163.233.4 88 udp kerberos-sec unknown
697669.163.233.4 123 tcp ntp closed
697769.163.233.4 123 udp ntp unknown
697869.163.233.4 137 tcp netbios-ns closed
697969.163.233.4 137 udp netbios-ns closed
698069.163.233.4 138 tcp netbios-dgm closed
698169.163.233.4 138 udp netbios-dgm closed
698269.163.233.4 139 tcp netbios-ssn closed
698369.163.233.4 139 udp netbios-ssn unknown
698469.163.233.4 161 tcp snmp closed
698569.163.233.4 161 udp snmp closed
698669.163.233.4 162 tcp snmptrap closed
698769.163.233.4 162 udp snmptrap closed
698869.163.233.4 389 tcp ldap closed
698969.163.233.4 389 udp ldap unknown
699069.163.233.4 520 tcp efs closed
699169.163.233.4 520 udp route closed
699269.163.233.4 2049 tcp nfs closed
699369.163.233.4 2049 udp nfs unknown
699474.117.180.192 21 tcp ftp filtered 220 Hello.\x0d\x0a
699574.117.180.192 22 tcp ssh filtered
699674.117.180.192 25 tcp smtp filtered
699774.117.180.192 53 tcp domain closed
699874.117.180.192 53 udp domain unknown
699974.117.180.192 67 tcp dhcps closed
700074.117.180.192 67 udp dhcps unknown
700174.117.180.192 68 tcp dhcpc closed
700274.117.180.192 68 udp dhcpc closed
700374.117.180.192 69 tcp tftp closed
700474.117.180.192 69 udp tftp closed
700574.117.180.192 80 tcp http filtered
700674.117.180.192 88 tcp kerberos-sec closed
700774.117.180.192 88 udp kerberos-sec closed
700874.117.180.192 110 tcp pop3 filtered
700974.117.180.192 111 tcp rpcbind filtered
701074.117.180.192 123 tcp ntp closed
701174.117.180.192 123 udp ntp unknown
701274.117.180.192 137 tcp netbios-ns closed
701374.117.180.192 137 udp netbios-ns closed
701474.117.180.192 138 tcp netbios-dgm closed
701574.117.180.192 138 udp netbios-dgm unknown
701674.117.180.192 139 tcp netbios-ssn closed
701774.117.180.192 139 udp netbios-ssn unknown
701874.117.180.192 143 tcp imap filtered
701974.117.180.192 161 tcp snmp closed
702074.117.180.192 161 udp snmp closed
702174.117.180.192 162 tcp snmptrap closed
702274.117.180.192 162 udp snmptrap unknown
702374.117.180.192 323 tcp rpki-rtr filtered
702474.117.180.192 389 tcp ldap closed
702574.117.180.192 389 udp ldap closed
702674.117.180.192 443 tcp https filtered
702774.117.180.192 465 tcp ssl/smtp open Exim smtpd 4.92.3
702874.117.180.192 520 tcp efs closed
702974.117.180.192 520 udp route unknown
703074.117.180.192 587 tcp submission filtered
703174.117.180.192 873 tcp rsync filtered
703274.117.180.192 993 tcp imaps filtered
703374.117.180.192 995 tcp pop3s filtered
703474.117.180.192 2049 tcp nfs closed
703574.117.180.192 2049 udp nfs closed
703674.117.180.192 2525 tcp smtp open Exim smtpd
703774.117.180.192 3306 tcp mysql filtered
703874.117.180.192 4949 tcp tcpwrapped open
703974.117.180.192 5666 tcp tcpwrapped open
704074.117.180.192 6380 tcp filtered
704174.117.180.192 9306 tcp sphinx-search open Sphinx Search daemon 2.1.5-id64-release
704274.117.180.192 11211 tcp memcache filtered
704382.94.222.131 53 udp domain unknown
704482.94.222.131 67 udp dhcps unknown
704582.94.222.131 68 udp dhcpc unknown
704682.94.222.131 69 udp tftp unknown
704782.94.222.131 88 udp kerberos-sec unknown
704882.94.222.131 123 udp ntp unknown
704982.94.222.131 137 udp netbios-ns unknown
705082.94.222.131 138 udp netbios-dgm unknown
705182.94.222.131 139 udp netbios-ssn unknown
705282.94.222.131 161 udp snmp unknown
705382.94.222.131 162 udp snmptrap unknown
705482.94.222.131 389 udp ldap unknown
705582.94.222.131 520 udp route unknown
705682.94.222.131 2049 udp nfs unknown
705792.123.250.35 53 tcp domain closed
705892.123.250.35 53 udp domain closed
705992.123.250.35 67 tcp dhcps filtered
706092.123.250.35 67 udp dhcps unknown
706192.123.250.35 68 tcp dhcpc filtered
706292.123.250.35 68 udp dhcpc unknown
706392.123.250.35 69 tcp tftp filtered
706492.123.250.35 69 udp tftp unknown
706592.123.250.35 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
706692.123.250.35 88 tcp kerberos-sec filtered
706792.123.250.35 88 udp kerberos-sec unknown
706892.123.250.35 123 tcp ntp filtered
706992.123.250.35 123 udp ntp unknown
707092.123.250.35 137 tcp netbios-ns filtered
707192.123.250.35 137 udp netbios-ns unknown
707292.123.250.35 138 tcp netbios-dgm filtered
707392.123.250.35 138 udp netbios-dgm unknown
707492.123.250.35 139 tcp netbios-ssn filtered
707592.123.250.35 139 udp netbios-ssn unknown
707692.123.250.35 161 tcp snmp filtered
707792.123.250.35 161 udp snmp unknown
707892.123.250.35 162 tcp snmptrap filtered
707992.123.250.35 162 udp snmptrap unknown
708092.123.250.35 389 tcp ldap filtered
708192.123.250.35 389 udp ldap unknown
708292.123.250.35 443 tcp ssl/https open
708392.123.250.35 520 tcp efs filtered
708492.123.250.35 520 udp route unknown
708592.123.250.35 2049 tcp nfs filtered
708692.123.250.35 2049 udp nfs unknown
708792.123.250.35 8883 tcp secure-mqtt open
708892.123.250.65 53 tcp domain filtered
708992.123.250.65 53 udp domain unknown
709092.123.250.65 67 tcp dhcps filtered
709192.123.250.65 67 udp dhcps unknown
709292.123.250.65 68 tcp dhcpc filtered
709392.123.250.65 68 udp dhcpc unknown
709492.123.250.65 69 tcp tftp filtered
709592.123.250.65 69 udp tftp unknown
709692.123.250.65 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
709792.123.250.65 88 tcp kerberos-sec filtered
709892.123.250.65 88 udp kerberos-sec unknown
709992.123.250.65 123 tcp ntp filtered
710092.123.250.65 123 udp ntp unknown
710192.123.250.65 137 tcp netbios-ns filtered
710292.123.250.65 137 udp netbios-ns unknown
710392.123.250.65 138 tcp netbios-dgm filtered
710492.123.250.65 138 udp netbios-dgm unknown
710592.123.250.65 139 tcp netbios-ssn filtered
710692.123.250.65 139 udp netbios-ssn unknown
710792.123.250.65 161 tcp snmp filtered
710892.123.250.65 161 udp snmp unknown
710992.123.250.65 162 tcp snmptrap filtered
711092.123.250.65 162 udp snmptrap unknown
711192.123.250.65 389 tcp ldap filtered
711292.123.250.65 389 udp ldap unknown
711392.123.250.65 443 tcp ssl/https open
711492.123.250.65 520 tcp efs filtered
711592.123.250.65 520 udp route unknown
711692.123.250.65 2049 tcp nfs filtered
711792.123.250.65 2049 udp nfs unknown
711892.123.250.65 8883 tcp secure-mqtt open
711994.102.51.111 22 tcp ssh open
712094.102.51.111 25 tcp smtp open Exim smtpd 4.89
712194.102.51.111 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
712294.102.51.111 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
712394.102.51.111 67 tcp dhcps filtered
712494.102.51.111 67 udp dhcps unknown
712594.102.51.111 68 tcp dhcpc filtered
712694.102.51.111 68 udp dhcpc unknown
712794.102.51.111 69 tcp tftp filtered
712894.102.51.111 69 udp tftp unknown
712994.102.51.111 80 tcp http open nginx
713094.102.51.111 88 tcp kerberos-sec filtered
713194.102.51.111 88 udp kerberos-sec unknown
713294.102.51.111 110 tcp pop3 open Dovecot pop3d
713394.102.51.111 123 tcp ntp filtered
713494.102.51.111 123 udp ntp unknown
713594.102.51.111 137 tcp netbios-ns filtered
713694.102.51.111 137 udp netbios-ns unknown
713794.102.51.111 138 tcp netbios-dgm filtered
713894.102.51.111 138 udp netbios-dgm unknown
713994.102.51.111 139 tcp netbios-ssn filtered
714094.102.51.111 139 udp netbios-ssn unknown
714194.102.51.111 143 tcp imap open Dovecot imapd
714294.102.51.111 161 tcp snmp filtered
714394.102.51.111 161 udp snmp unknown
714494.102.51.111 162 tcp snmptrap filtered
714594.102.51.111 162 udp snmptrap unknown
714694.102.51.111 389 tcp ldap filtered
714794.102.51.111 389 udp ldap unknown
714894.102.51.111 465 tcp ssl/smtp open Exim smtpd 4.89
714994.102.51.111 520 tcp efs filtered
715094.102.51.111 520 udp route unknown
715194.102.51.111 993 tcp ssl/imaps open
715294.102.51.111 995 tcp ssl/pop3s open
715394.102.51.111 2049 tcp nfs filtered
715494.102.51.111 2049 udp nfs unknown
715594.102.51.112 22 tcp ssh open
715694.102.51.112 25 tcp smtp open Exim smtpd 4.89
715794.102.51.112 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
715894.102.51.112 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
715994.102.51.112 67 tcp dhcps filtered
716094.102.51.112 67 udp dhcps unknown
716194.102.51.112 68 tcp dhcpc filtered
716294.102.51.112 68 udp dhcpc unknown
716394.102.51.112 69 tcp tftp filtered
716494.102.51.112 69 udp tftp unknown
716594.102.51.112 80 tcp http open nginx
716694.102.51.112 88 tcp kerberos-sec filtered
716794.102.51.112 88 udp kerberos-sec unknown
716894.102.51.112 110 tcp pop3 open Dovecot pop3d
716994.102.51.112 123 tcp ntp filtered
717094.102.51.112 123 udp ntp unknown
717194.102.51.112 137 tcp netbios-ns filtered
717294.102.51.112 137 udp netbios-ns unknown
717394.102.51.112 138 tcp netbios-dgm filtered
717494.102.51.112 138 udp netbios-dgm unknown
717594.102.51.112 139 tcp netbios-ssn filtered
717694.102.51.112 139 udp netbios-ssn unknown
717794.102.51.112 143 tcp imap open Dovecot imapd
717894.102.51.112 161 tcp snmp filtered
717994.102.51.112 161 udp snmp unknown
718094.102.51.112 162 tcp snmptrap filtered
718194.102.51.112 162 udp snmptrap unknown
718294.102.51.112 389 tcp ldap filtered
718394.102.51.112 389 udp ldap unknown
718494.102.51.112 465 tcp ssl/smtp open Exim smtpd 4.89
718594.102.51.112 520 tcp efs filtered
718694.102.51.112 520 udp route unknown
718794.102.51.112 993 tcp ssl/imaps open
718894.102.51.112 995 tcp ssl/pop3s open
718994.102.51.112 2049 tcp nfs filtered
719094.102.51.112 2049 udp nfs unknown
7191104.244.73.40 53 udp domain unknown
7192104.244.73.40 67 udp dhcps unknown
7193104.244.73.40 68 udp dhcpc unknown
7194104.244.73.40 69 udp tftp unknown
7195104.244.73.40 88 udp kerberos-sec unknown
7196104.244.73.40 123 udp ntp unknown
7197104.244.73.40 137 udp netbios-ns unknown
7198104.244.73.40 138 udp netbios-dgm unknown
7199104.244.73.40 139 udp netbios-ssn unknown
7200104.244.73.40 161 udp snmp unknown
7201104.244.73.40 162 udp snmptrap unknown
7202104.244.73.40 389 udp ldap unknown
7203104.244.73.40 520 udp route unknown
7204104.244.73.40 2049 udp nfs unknown
7205104.244.76.231 53 tcp domain filtered
7206104.244.76.231 53 udp domain unknown
7207104.244.76.231 67 tcp dhcps filtered
7208104.244.76.231 67 udp dhcps unknown
7209104.244.76.231 68 tcp dhcpc filtered
7210104.244.76.231 68 udp dhcpc unknown
7211104.244.76.231 69 tcp tftp filtered
7212104.244.76.231 69 udp tftp unknown
7213104.244.76.231 80 tcp http open nginx
7214104.244.76.231 88 tcp kerberos-sec filtered
7215104.244.76.231 88 udp kerberos-sec unknown
7216104.244.76.231 123 tcp ntp filtered
7217104.244.76.231 123 udp ntp unknown
7218104.244.76.231 137 tcp netbios-ns filtered
7219104.244.76.231 137 udp netbios-ns unknown
7220104.244.76.231 138 tcp netbios-dgm filtered
7221104.244.76.231 138 udp netbios-dgm unknown
7222104.244.76.231 139 tcp netbios-ssn filtered
7223104.244.76.231 139 udp netbios-ssn unknown
7224104.244.76.231 161 tcp snmp filtered
7225104.244.76.231 161 udp snmp unknown
7226104.244.76.231 162 tcp snmptrap filtered
7227104.244.76.231 162 udp snmptrap unknown
7228104.244.76.231 389 tcp ldap filtered
7229104.244.76.231 389 udp ldap unknown
7230104.244.76.231 443 tcp ssl/http open nginx
7231104.244.76.231 520 tcp efs filtered
7232104.244.76.231 520 udp route unknown
7233104.244.76.231 2049 tcp nfs filtered
7234104.244.76.231 2049 udp nfs unknown
7235104.244.76.231 5040 tcp unknown closed
7236104.244.76.231 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
7237104.244.76.231 16221 tcp closed
7238104.244.76.231 23022 tcp closed
7239104.244.76.231 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
7240104.244.77.188 53 tcp domain filtered
7241104.244.77.188 53 udp domain unknown
7242104.244.77.188 67 tcp dhcps filtered
7243104.244.77.188 67 udp dhcps unknown
7244104.244.77.188 68 tcp dhcpc filtered
7245104.244.77.188 68 udp dhcpc unknown
7246104.244.77.188 69 tcp tftp filtered
7247104.244.77.188 69 udp tftp unknown
7248104.244.77.188 80 tcp http open nginx
7249104.244.77.188 88 tcp kerberos-sec filtered
7250104.244.77.188 88 udp kerberos-sec unknown
7251104.244.77.188 123 tcp ntp filtered
7252104.244.77.188 123 udp ntp unknown
7253104.244.77.188 137 tcp netbios-ns filtered
7254104.244.77.188 137 udp netbios-ns unknown
7255104.244.77.188 138 tcp netbios-dgm filtered
7256104.244.77.188 138 udp netbios-dgm unknown
7257104.244.77.188 139 tcp netbios-ssn filtered
7258104.244.77.188 139 udp netbios-ssn unknown
7259104.244.77.188 161 tcp snmp filtered
7260104.244.77.188 161 udp snmp unknown
7261104.244.77.188 162 tcp snmptrap filtered
7262104.244.77.188 162 udp snmptrap unknown
7263104.244.77.188 389 tcp ldap filtered
7264104.244.77.188 389 udp ldap unknown
7265104.244.77.188 443 tcp ssl/http open nginx
7266104.244.77.188 520 tcp efs filtered
7267104.244.77.188 520 udp route unknown
7268104.244.77.188 2049 tcp nfs filtered
7269104.244.77.188 2049 udp nfs unknown
7270104.244.77.188 5040 tcp unknown closed
7271104.244.77.188 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
7272104.244.77.188 16221 tcp closed
7273104.244.77.188 23022 tcp closed
7274104.244.77.188 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
7275104.244.79.89 53 tcp domain filtered
7276104.244.79.89 53 udp domain unknown
7277104.244.79.89 67 tcp dhcps filtered
7278104.244.79.89 67 udp dhcps unknown
7279104.244.79.89 68 tcp dhcpc filtered
7280104.244.79.89 68 udp dhcpc unknown
7281104.244.79.89 69 tcp tftp filtered
7282104.244.79.89 69 udp tftp unknown
7283104.244.79.89 80 tcp http open nginx
7284104.244.79.89 88 tcp kerberos-sec filtered
7285104.244.79.89 88 udp kerberos-sec unknown
7286104.244.79.89 123 tcp ntp filtered
7287104.244.79.89 123 udp ntp unknown
7288104.244.79.89 137 tcp netbios-ns filtered
7289104.244.79.89 137 udp netbios-ns unknown
7290104.244.79.89 138 tcp netbios-dgm filtered
7291104.244.79.89 138 udp netbios-dgm unknown
7292104.244.79.89 139 tcp netbios-ssn filtered
7293104.244.79.89 139 udp netbios-ssn unknown
7294104.244.79.89 161 tcp snmp filtered
7295104.244.79.89 161 udp snmp unknown
7296104.244.79.89 162 tcp snmptrap filtered
7297104.244.79.89 162 udp snmptrap unknown
7298104.244.79.89 389 tcp ldap filtered
7299104.244.79.89 389 udp ldap unknown
7300104.244.79.89 443 tcp ssl/http open nginx
7301104.244.79.89 520 tcp efs filtered
7302104.244.79.89 520 udp route unknown
7303104.244.79.89 2049 tcp nfs filtered
7304104.244.79.89 2049 udp nfs unknown
7305104.244.79.89 7910 tcp ssl/http open nginx
7306104.244.79.89 7920 tcp unknown closed
7307104.244.79.89 7930 tcp closed
7308104.244.79.89 16001 tcp http open MiniServ 1.930 Webmin httpd
7309104.244.79.89 16010 tcp ssl/http open nginx
7310104.244.79.89 16221 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
7311104.244.79.89 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
7312107.180.28.114 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 3 of 500 allowed.\x0d\x0a220-Local time is now 05:54. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
7313107.180.28.114 22 tcp ssh open SSH-2.0-OpenSSH_5.3
7314107.180.28.114 53 tcp domain filtered
7315107.180.28.114 53 udp domain unknown
7316107.180.28.114 67 tcp dhcps filtered
7317107.180.28.114 67 udp dhcps unknown
7318107.180.28.114 68 tcp dhcpc filtered
7319107.180.28.114 68 udp dhcpc unknown
7320107.180.28.114 69 tcp tftp filtered
7321107.180.28.114 69 udp tftp unknown
7322107.180.28.114 88 tcp kerberos-sec filtered
7323107.180.28.114 88 udp kerberos-sec unknown
7324107.180.28.114 123 tcp ntp filtered
7325107.180.28.114 123 udp ntp unknown
7326107.180.28.114 137 tcp netbios-ns filtered
7327107.180.28.114 137 udp netbios-ns unknown
7328107.180.28.114 138 tcp netbios-dgm filtered
7329107.180.28.114 138 udp netbios-dgm unknown
7330107.180.28.114 139 tcp netbios-ssn filtered
7331107.180.28.114 139 udp netbios-ssn unknown
7332107.180.28.114 161 tcp snmp filtered
7333107.180.28.114 161 udp snmp unknown
7334107.180.28.114 162 tcp snmptrap filtered
7335107.180.28.114 162 udp snmptrap unknown
7336107.180.28.114 389 tcp ldap filtered
7337107.180.28.114 389 udp ldap unknown
7338107.180.28.114 520 tcp efs filtered
7339107.180.28.114 520 udp route unknown
7340107.180.28.114 2049 tcp nfs filtered
7341107.180.28.114 2049 udp nfs unknown
7342111.90.145.39 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 15:04. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
7343111.90.145.39 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
7344111.90.145.39 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
7345111.90.145.39 67 tcp dhcps closed
7346111.90.145.39 67 udp dhcps closed
7347111.90.145.39 68 tcp dhcpc closed
7348111.90.145.39 68 udp dhcpc unknown
7349111.90.145.39 69 tcp tftp closed
7350111.90.145.39 69 udp tftp unknown
7351111.90.145.39 88 tcp kerberos-sec closed
7352111.90.145.39 88 udp kerberos-sec unknown
7353111.90.145.39 123 tcp ntp closed
7354111.90.145.39 123 udp ntp closed
7355111.90.145.39 137 tcp netbios-ns closed
7356111.90.145.39 137 udp netbios-ns unknown
7357111.90.145.39 138 tcp netbios-dgm closed
7358111.90.145.39 138 udp netbios-dgm unknown
7359111.90.145.39 139 tcp netbios-ssn filtered
7360111.90.145.39 139 udp netbios-ssn closed
7361111.90.145.39 161 tcp snmp closed
7362111.90.145.39 161 udp snmp unknown
7363111.90.145.39 162 tcp snmptrap closed
7364111.90.145.39 162 udp snmptrap closed
7365111.90.145.39 389 tcp ldap closed
7366111.90.145.39 389 udp ldap unknown
7367111.90.145.39 520 tcp efs closed
7368111.90.145.39 520 udp route closed
7369111.90.145.39 2049 tcp nfs closed
7370111.90.145.39 2049 udp nfs closed
7371143.95.110.248 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 150 allowed.\x0d\x0a220-Local time is now 05:55. Server port: 21.\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
7372143.95.110.248 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
7373143.95.110.248 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
7374143.95.110.248 67 tcp dhcps closed
7375143.95.110.248 67 udp dhcps unknown
7376143.95.110.248 68 tcp dhcpc closed
7377143.95.110.248 68 udp dhcpc unknown
7378143.95.110.248 69 tcp tftp closed
7379143.95.110.248 69 udp tftp unknown
7380143.95.110.248 88 tcp kerberos-sec closed
7381143.95.110.248 88 udp kerberos-sec unknown
7382143.95.110.248 123 tcp ntp closed
7383143.95.110.248 123 udp ntp unknown
7384143.95.110.248 137 tcp netbios-ns closed
7385143.95.110.248 137 udp netbios-ns unknown
7386143.95.110.248 138 tcp netbios-dgm closed
7387143.95.110.248 138 udp netbios-dgm closed
7388143.95.110.248 139 tcp netbios-ssn closed
7389143.95.110.248 139 udp netbios-ssn unknown
7390143.95.110.248 161 tcp snmp closed
7391143.95.110.248 161 udp snmp closed
7392143.95.110.248 162 tcp snmptrap closed
7393143.95.110.248 162 udp snmptrap unknown
7394143.95.110.248 389 tcp ldap closed
7395143.95.110.248 389 udp ldap closed
7396143.95.110.248 520 tcp efs closed
7397143.95.110.248 520 udp route unknown
7398143.95.110.248 2049 tcp nfs closed
7399143.95.110.248 2049 udp nfs unknown
7400146.83.222.104 53 tcp domain filtered
7401146.83.222.104 53 udp domain unknown
7402146.83.222.104 67 tcp dhcps filtered
7403146.83.222.104 67 udp dhcps unknown
7404146.83.222.104 68 tcp dhcpc filtered
7405146.83.222.104 68 udp dhcpc unknown
7406146.83.222.104 69 tcp tftp filtered
7407146.83.222.104 69 udp tftp filtered
7408146.83.222.104 88 tcp kerberos-sec filtered
7409146.83.222.104 88 udp kerberos-sec unknown
7410146.83.222.104 123 tcp ntp filtered
7411146.83.222.104 123 udp ntp unknown
7412146.83.222.104 137 tcp netbios-ns filtered
7413146.83.222.104 137 udp netbios-ns unknown
7414146.83.222.104 138 tcp netbios-dgm filtered
7415146.83.222.104 138 udp netbios-dgm unknown
7416146.83.222.104 139 tcp netbios-ssn filtered
7417146.83.222.104 139 udp netbios-ssn unknown
7418146.83.222.104 161 tcp snmp filtered
7419146.83.222.104 161 udp snmp unknown
7420146.83.222.104 162 tcp snmptrap filtered
7421146.83.222.104 162 udp snmptrap unknown
7422146.83.222.104 389 tcp ldap filtered
7423146.83.222.104 389 udp ldap unknown
7424146.83.222.104 520 tcp efs filtered
7425146.83.222.104 520 udp route unknown
7426146.83.222.104 2049 tcp nfs filtered
7427146.83.222.104 2049 udp nfs unknown
7428149.126.72.220 25 tcp smtp closed
7429149.126.72.220 51 tcp tcpwrapped open
7430149.126.72.220 53 tcp domain open
7431149.126.72.220 53 udp domain open
7432149.126.72.220 65 tcp tcpwrapped open
7433149.126.72.220 66 tcp tcpwrapped open
7434149.126.72.220 67 tcp dhcps filtered
7435149.126.72.220 67 udp dhcps unknown
7436149.126.72.220 68 tcp dhcpc filtered
7437149.126.72.220 68 udp dhcpc unknown
7438149.126.72.220 69 tcp tftp filtered
7439149.126.72.220 69 udp tftp unknown
7440149.126.72.220 80 tcp tcpwrapped open
7441149.126.72.220 81 tcp tcpwrapped open
7442149.126.72.220 82 tcp tcpwrapped open
7443149.126.72.220 83 tcp tcpwrapped open
7444149.126.72.220 84 tcp tcpwrapped open
7445149.126.72.220 85 tcp tcpwrapped open
7446149.126.72.220 86 tcp tcpwrapped open
7447149.126.72.220 88 tcp http open Incapsula CDN httpd
7448149.126.72.220 88 udp kerberos-sec unknown
7449149.126.72.220 89 tcp tcpwrapped open
7450149.126.72.220 90 tcp tcpwrapped open
7451149.126.72.220 91 tcp tcpwrapped open
7452149.126.72.220 92 tcp tcpwrapped open
7453149.126.72.220 98 tcp tcpwrapped open
7454149.126.72.220 99 tcp tcpwrapped open
7455149.126.72.220 123 tcp ntp filtered
7456149.126.72.220 123 udp ntp unknown
7457149.126.72.220 137 tcp netbios-ns filtered
7458149.126.72.220 137 udp netbios-ns filtered
7459149.126.72.220 138 tcp netbios-dgm filtered
7460149.126.72.220 138 udp netbios-dgm filtered
7461149.126.72.220 139 tcp netbios-ssn closed
7462149.126.72.220 139 udp netbios-ssn unknown
7463149.126.72.220 160 tcp sgmp-traps closed
7464149.126.72.220 161 tcp snmp filtered
7465149.126.72.220 161 udp snmp unknown
7466149.126.72.220 162 tcp snmptrap filtered
7467149.126.72.220 162 udp snmptrap unknown
7468149.126.72.220 189 tcp tcpwrapped open
7469149.126.72.220 190 tcp tcpwrapped open
7470149.126.72.220 192 tcp tcpwrapped open
7471149.126.72.220 243 tcp tcpwrapped open
7472149.126.72.220 285 tcp tcpwrapped open
7473149.126.72.220 314 tcp tcpwrapped open
7474149.126.72.220 343 tcp tcpwrapped open
7475149.126.72.220 347 tcp tcpwrapped open
7476149.126.72.220 385 tcp tcpwrapped open
7477149.126.72.220 389 tcp ssl/http open Incapsula CDN httpd
7478149.126.72.220 389 udp ldap unknown
7479149.126.72.220 400 tcp tcpwrapped open
7480149.126.72.220 440 tcp tcpwrapped open
7481149.126.72.220 441 tcp tcpwrapped open
7482149.126.72.220 442 tcp tcpwrapped open
7483149.126.72.220 443 tcp ssl/tcpwrapped open
7484149.126.72.220 444 tcp tcpwrapped open
7485149.126.72.220 445 tcp microsoft-ds closed
7486149.126.72.220 446 tcp tcpwrapped open
7487149.126.72.220 447 tcp tcpwrapped open
7488149.126.72.220 448 tcp tcpwrapped open
7489149.126.72.220 449 tcp tcpwrapped open
7490149.126.72.220 452 tcp tcpwrapped open
7491149.126.72.220 461 tcp tcpwrapped open
7492149.126.72.220 462 tcp tcpwrapped open
7493149.126.72.220 480 tcp tcpwrapped open
7494149.126.72.220 485 tcp tcpwrapped open
7495149.126.72.220 487 tcp tcpwrapped open
7496149.126.72.220 488 tcp tcpwrapped open
7497149.126.72.220 491 tcp tcpwrapped open
7498149.126.72.220 520 tcp efs filtered
7499149.126.72.220 520 udp route unknown
7500149.126.72.220 555 tcp tcpwrapped open
7501149.126.72.220 556 tcp tcpwrapped open
7502149.126.72.220 587 tcp tcpwrapped open
7503149.126.72.220 631 tcp tcpwrapped open
7504149.126.72.220 632 tcp tcpwrapped open
7505149.126.72.220 636 tcp tcpwrapped open
7506149.126.72.220 743 tcp tcpwrapped open
7507149.126.72.220 772 tcp tcpwrapped open
7508149.126.72.220 777 tcp tcpwrapped open
7509149.126.72.220 782 tcp tcpwrapped open
7510149.126.72.220 785 tcp tcpwrapped open
7511149.126.72.220 800 tcp tcpwrapped open
7512149.126.72.220 801 tcp tcpwrapped open
7513149.126.72.220 805 tcp tcpwrapped open
7514149.126.72.220 806 tcp tcpwrapped open
7515149.126.72.220 809 tcp tcpwrapped open
7516149.126.72.220 843 tcp tcpwrapped open
7517149.126.72.220 853 tcp tcpwrapped open
7518149.126.72.220 885 tcp tcpwrapped open
7519149.126.72.220 886 tcp tcpwrapped open
7520149.126.72.220 887 tcp tcpwrapped open
7521149.126.72.220 888 tcp tcpwrapped open
7522149.126.72.220 943 tcp tcpwrapped open
7523149.126.72.220 947 tcp tcpwrapped open
7524149.126.72.220 953 tcp tcpwrapped open
7525149.126.72.220 990 tcp tcpwrapped open
7526149.126.72.220 995 tcp tcpwrapped open
7527149.126.72.220 998 tcp tcpwrapped open
7528149.126.72.220 999 tcp tcpwrapped open
7529149.126.72.220 1000 tcp tcpwrapped open
7530149.126.72.220 1002 tcp tcpwrapped open
7531149.126.72.220 1024 tcp tcpwrapped open
7532149.126.72.220 1025 tcp tcpwrapped open
7533149.126.72.220 1028 tcp tcpwrapped open
7534149.126.72.220 1080 tcp tcpwrapped open
7535149.126.72.220 1103 tcp tcpwrapped open
7536149.126.72.220 1111 tcp tcpwrapped open
7537149.126.72.220 1180 tcp tcpwrapped open
7538149.126.72.220 1181 tcp tcpwrapped open
7539149.126.72.220 1207 tcp tcpwrapped open
7540149.126.72.220 1234 tcp tcpwrapped open
7541149.126.72.220 1250 tcp tcpwrapped open
7542149.126.72.220 1283 tcp tcpwrapped open
7543149.126.72.220 1291 tcp tcpwrapped open
7544149.126.72.220 1292 tcp tcpwrapped open
7545149.126.72.220 1293 tcp tcpwrapped open
7546149.126.72.220 1337 tcp tcpwrapped open
7547149.126.72.220 1344 tcp tcpwrapped open
7548149.126.72.220 1355 tcp tcpwrapped open
7549149.126.72.220 1364 tcp tcpwrapped open
7550149.126.72.220 1366 tcp tcpwrapped open
7551149.126.72.220 1377 tcp tcpwrapped open
7552149.126.72.220 1387 tcp tcpwrapped open
7553149.126.72.220 1388 tcp tcpwrapped open
7554149.126.72.220 1433 tcp tcpwrapped open
7555149.126.72.220 1443 tcp tcpwrapped open
7556149.126.72.220 1447 tcp tcpwrapped open
7557149.126.72.220 1450 tcp tcpwrapped open
7558149.126.72.220 1451 tcp tcpwrapped open
7559149.126.72.220 1452 tcp tcpwrapped open
7560149.126.72.220 1453 tcp tcpwrapped open
7561149.126.72.220 1454 tcp tcpwrapped open
7562149.126.72.220 1455 tcp tcpwrapped open
7563149.126.72.220 1456 tcp tcpwrapped open
7564149.126.72.220 1457 tcp tcpwrapped open
7565149.126.72.220 1458 tcp tcpwrapped open
7566149.126.72.220 1459 tcp tcpwrapped open
7567149.126.72.220 1460 tcp tcpwrapped open
7568149.126.72.220 1494 tcp tcpwrapped open
7569149.126.72.220 1935 tcp tcpwrapped open
7570149.126.72.220 1950 tcp tcpwrapped open
7571149.126.72.220 1951 tcp tcpwrapped open
7572149.126.72.220 1952 tcp tcpwrapped open
7573149.126.72.220 1953 tcp tcpwrapped open
7574149.126.72.220 1954 tcp tcpwrapped open
7575149.126.72.220 1955 tcp tcpwrapped open
7576149.126.72.220 1956 tcp tcpwrapped open
7577149.126.72.220 1957 tcp tcpwrapped open
7578149.126.72.220 1958 tcp tcpwrapped open
7579149.126.72.220 1959 tcp tcpwrapped open
7580149.126.72.220 1960 tcp tcpwrapped open
7581149.126.72.220 1964 tcp tcpwrapped open
7582149.126.72.220 1965 tcp tcpwrapped open
7583149.126.72.220 1966 tcp tcpwrapped open
7584149.126.72.220 1967 tcp tcpwrapped open
7585149.126.72.220 1968 tcp tcpwrapped open
7586149.126.72.220 1969 tcp tcpwrapped open
7587149.126.72.220 1970 tcp tcpwrapped open
7588149.126.72.220 1971 tcp tcpwrapped open
7589149.126.72.220 1972 tcp tcpwrapped open
7590149.126.72.220 1973 tcp tcpwrapped open
7591149.126.72.220 1974 tcp tcpwrapped open
7592149.126.72.220 1975 tcp tcpwrapped open
7593149.126.72.220 1976 tcp tcpwrapped open
7594149.126.72.220 1977 tcp tcpwrapped open
7595149.126.72.220 1978 tcp tcpwrapped open
7596149.126.72.220 1979 tcp tcpwrapped open
7597149.126.72.220 1980 tcp tcpwrapped open
7598149.126.72.220 1981 tcp tcpwrapped open
7599149.126.72.220 1982 tcp tcpwrapped open
7600149.126.72.220 1983 tcp tcpwrapped open
7601149.126.72.220 1984 tcp tcpwrapped open
7602149.126.72.220 1985 tcp tcpwrapped open
7603149.126.72.220 1986 tcp tcpwrapped open
7604149.126.72.220 1987 tcp tcpwrapped open
7605149.126.72.220 1988 tcp tcpwrapped open
7606149.126.72.220 1989 tcp tcpwrapped open
7607149.126.72.220 2000 tcp tcpwrapped open
7608149.126.72.220 2001 tcp tcpwrapped open
7609149.126.72.220 2006 tcp tcpwrapped open
7610149.126.72.220 2012 tcp tcpwrapped open
7611149.126.72.220 2020 tcp tcpwrapped open
7612149.126.72.220 2048 tcp tcpwrapped open
7613149.126.72.220 2049 tcp http open Incapsula CDN httpd
7614149.126.72.220 2049 udp nfs unknown
7615149.126.72.220 2050 tcp tcpwrapped open
7616149.126.72.220 2051 tcp tcpwrapped open
7617149.126.72.220 2052 tcp tcpwrapped open
7618149.126.72.220 2053 tcp tcpwrapped open
7619149.126.72.220 2054 tcp tcpwrapped open
7620149.126.72.220 2055 tcp tcpwrapped open
7621149.126.72.220 2056 tcp tcpwrapped open
7622149.126.72.220 2057 tcp tcpwrapped open
7623149.126.72.220 2058 tcp tcpwrapped open
7624149.126.72.220 2059 tcp tcpwrapped open
7625149.126.72.220 2060 tcp tcpwrapped open
7626149.126.72.220 2061 tcp tcpwrapped open
7627149.126.72.220 2062 tcp tcpwrapped open
7628149.126.72.220 2063 tcp tcpwrapped open
7629149.126.72.220 2064 tcp tcpwrapped open
7630149.126.72.220 2065 tcp tcpwrapped open
7631149.126.72.220 2066 tcp tcpwrapped open
7632149.126.72.220 2067 tcp tcpwrapped open
7633149.126.72.220 2068 tcp tcpwrapped open
7634149.126.72.220 2069 tcp tcpwrapped open
7635149.126.72.220 2070 tcp tcpwrapped open
7636149.126.72.220 2072 tcp tcpwrapped open
7637149.126.72.220 2082 tcp tcpwrapped open
7638149.126.72.220 2083 tcp tcpwrapped open
7639149.126.72.220 2087 tcp tcpwrapped open
7640149.126.72.220 2096 tcp tcpwrapped open
7641149.126.72.220 2100 tcp tcpwrapped open
7642149.126.72.220 2108 tcp tcpwrapped open
7643149.126.72.220 2200 tcp tcpwrapped open
7644149.126.72.220 2209 tcp tcpwrapped open
7645149.126.72.220 2222 tcp tcpwrapped open
7646149.126.72.220 2226 tcp tcpwrapped open
7647149.126.72.220 2248 tcp tcpwrapped open
7648149.126.72.220 2344 tcp tcpwrapped open
7649149.126.72.220 2345 tcp tcpwrapped open
7650149.126.72.220 2353 tcp tcpwrapped open
7651149.126.72.220 2363 tcp tcpwrapped open
7652149.126.72.220 2423 tcp tcpwrapped open
7653149.126.72.220 2433 tcp tcpwrapped open
7654149.126.72.220 2435 tcp tcpwrapped open
7655149.126.72.220 2443 tcp tcpwrapped open
7656149.126.72.220 2453 tcp tcpwrapped open
7657149.126.72.220 2480 tcp tcpwrapped open
7658149.126.72.220 2548 tcp tcpwrapped open
7659149.126.72.220 2549 tcp tcpwrapped open
7660149.126.72.220 2550 tcp tcpwrapped open
7661149.126.72.220 2551 tcp tcpwrapped open
7662149.126.72.220 2552 tcp tcpwrapped open
7663149.126.72.220 2553 tcp tcpwrapped open
7664149.126.72.220 2554 tcp tcpwrapped open
7665149.126.72.220 2555 tcp tcpwrapped open
7666149.126.72.220 2556 tcp tcpwrapped open
7667149.126.72.220 2557 tcp tcpwrapped open
7668149.126.72.220 2558 tcp tcpwrapped open
7669149.126.72.220 2559 tcp tcpwrapped open
7670149.126.72.220 2560 tcp tcpwrapped open
7671149.126.72.220 2561 tcp tcpwrapped open
7672149.126.72.220 2562 tcp tcpwrapped open
7673149.126.72.220 2563 tcp tcpwrapped open
7674149.126.72.220 2566 tcp tcpwrapped open
7675149.126.72.220 2567 tcp tcpwrapped open
7676149.126.72.220 2568 tcp tcpwrapped open
7677149.126.72.220 2569 tcp tcpwrapped open
7678149.126.72.220 2570 tcp tcpwrapped open
7679149.126.72.220 2572 tcp tcpwrapped open
7680149.126.72.220 2598 tcp tcpwrapped open
7681149.126.72.220 2599 tcp tcpwrapped open
7682149.126.72.220 2850 tcp tcpwrapped open
7683149.126.72.220 2985 tcp tcpwrapped open
7684149.126.72.220 2995 tcp tcpwrapped open
7685149.126.72.220 3000 tcp tcpwrapped open
7686149.126.72.220 3001 tcp tcpwrapped open
7687149.126.72.220 3002 tcp tcpwrapped open
7688149.126.72.220 3003 tcp tcpwrapped open
7689149.126.72.220 3004 tcp tcpwrapped open
7690149.126.72.220 3005 tcp tcpwrapped open
7691149.126.72.220 3006 tcp tcpwrapped open
7692149.126.72.220 3007 tcp tcpwrapped open
7693149.126.72.220 3008 tcp tcpwrapped open
7694149.126.72.220 3009 tcp tcpwrapped open
7695149.126.72.220 3010 tcp tcpwrapped open
7696149.126.72.220 3011 tcp tcpwrapped open
7697149.126.72.220 3012 tcp tcpwrapped open
7698149.126.72.220 3013 tcp tcpwrapped open
7699149.126.72.220 3014 tcp tcpwrapped open
7700149.126.72.220 3015 tcp tcpwrapped open
7701149.126.72.220 3016 tcp tcpwrapped open
7702149.126.72.220 3017 tcp tcpwrapped open
7703149.126.72.220 3018 tcp tcpwrapped open
7704149.126.72.220 3019 tcp tcpwrapped open
7705149.126.72.220 3020 tcp tcpwrapped open
7706149.126.72.220 3021 tcp tcpwrapped open
7707149.126.72.220 3022 tcp tcpwrapped open
7708149.126.72.220 3030 tcp tcpwrapped open
7709149.126.72.220 3047 tcp tcpwrapped open
7710149.126.72.220 3048 tcp tcpwrapped open
7711149.126.72.220 3049 tcp tcpwrapped open
7712149.126.72.220 3050 tcp tcpwrapped open
7713149.126.72.220 3051 tcp tcpwrapped open
7714149.126.72.220 3052 tcp tcpwrapped open
7715149.126.72.220 3053 tcp tcpwrapped open
7716149.126.72.220 3054 tcp tcpwrapped open
7717149.126.72.220 3055 tcp tcpwrapped open
7718149.126.72.220 3056 tcp tcpwrapped open
7719149.126.72.220 3057 tcp tcpwrapped open
7720149.126.72.220 3058 tcp tcpwrapped open
7721149.126.72.220 3059 tcp tcpwrapped open
7722149.126.72.220 3060 tcp tcpwrapped open
7723149.126.72.220 3061 tcp tcpwrapped open
7724149.126.72.220 3062 tcp tcpwrapped open
7725149.126.72.220 3063 tcp tcpwrapped open
7726149.126.72.220 3064 tcp tcpwrapped open
7727149.126.72.220 3065 tcp tcpwrapped open
7728149.126.72.220 3066 tcp tcpwrapped open
7729149.126.72.220 3067 tcp tcpwrapped open
7730149.126.72.220 3068 tcp tcpwrapped open
7731149.126.72.220 3069 tcp tcpwrapped open
7732149.126.72.220 3070 tcp tcpwrapped open
7733149.126.72.220 3071 tcp tcpwrapped open
7734149.126.72.220 3072 tcp tcpwrapped open
7735149.126.72.220 3073 tcp tcpwrapped open
7736149.126.72.220 3074 tcp tcpwrapped open
7737149.126.72.220 3075 tcp tcpwrapped open
7738149.126.72.220 3076 tcp tcpwrapped open
7739149.126.72.220 3077 tcp tcpwrapped open
7740149.126.72.220 3078 tcp tcpwrapped open
7741149.126.72.220 3079 tcp tcpwrapped open
7742149.126.72.220 3080 tcp tcpwrapped open
7743149.126.72.220 3081 tcp tcpwrapped open
7744149.126.72.220 3082 tcp tcpwrapped open
7745149.126.72.220 3083 tcp tcpwrapped open
7746149.126.72.220 3084 tcp tcpwrapped open
7747149.126.72.220 3085 tcp tcpwrapped open
7748149.126.72.220 3086 tcp tcpwrapped open
7749149.126.72.220 3087 tcp tcpwrapped open
7750149.126.72.220 3088 tcp tcpwrapped open
7751149.126.72.220 3089 tcp tcpwrapped open
7752149.126.72.220 3090 tcp tcpwrapped open
7753149.126.72.220 3091 tcp tcpwrapped open
7754149.126.72.220 3092 tcp tcpwrapped open
7755149.126.72.220 3093 tcp tcpwrapped open
7756149.126.72.220 3094 tcp tcpwrapped open
7757149.126.72.220 3095 tcp tcpwrapped open
7758149.126.72.220 3096 tcp tcpwrapped open
7759149.126.72.220 3097 tcp tcpwrapped open
7760149.126.72.220 3098 tcp tcpwrapped open
7761149.126.72.220 3099 tcp tcpwrapped open
7762149.126.72.220 3100 tcp tcpwrapped open
7763149.126.72.220 3101 tcp tcpwrapped open
7764149.126.72.220 3102 tcp tcpwrapped open
7765149.126.72.220 3103 tcp tcpwrapped open
7766149.126.72.220 3104 tcp tcpwrapped open
7767149.126.72.220 3105 tcp tcpwrapped open
7768149.126.72.220 3106 tcp tcpwrapped open
7769149.126.72.220 3107 tcp tcpwrapped open
7770149.126.72.220 3108 tcp tcpwrapped open
7771149.126.72.220 3109 tcp tcpwrapped open
7772149.126.72.220 3110 tcp tcpwrapped open
7773149.126.72.220 3111 tcp tcpwrapped open
7774149.126.72.220 3112 tcp tcpwrapped open
7775149.126.72.220 3113 tcp tcpwrapped open
7776149.126.72.220 3114 tcp tcpwrapped open
7777149.126.72.220 3115 tcp tcpwrapped open
7778149.126.72.220 3116 tcp tcpwrapped open
7779149.126.72.220 3117 tcp tcpwrapped open
7780149.126.72.220 3118 tcp tcpwrapped open
7781149.126.72.220 3119 tcp tcpwrapped open
7782149.126.72.220 3120 tcp tcpwrapped open
7783149.126.72.220 3121 tcp tcpwrapped open
7784149.126.72.220 3150 tcp tcpwrapped open
7785149.126.72.220 3155 tcp tcpwrapped open
7786149.126.72.220 3160 tcp tcpwrapped open
7787149.126.72.220 3165 tcp tcpwrapped open
7788149.126.72.220 3270 tcp tcpwrapped open
7789149.126.72.220 3299 tcp tcpwrapped open
7790149.126.72.220 3306 tcp tcpwrapped open
7791149.126.72.220 3333 tcp tcpwrapped open
7792149.126.72.220 3389 tcp tcpwrapped open
7793149.126.72.220 3391 tcp tcpwrapped open
7794149.126.72.220 3400 tcp tcpwrapped open
7795149.126.72.220 3401 tcp tcpwrapped open
7796149.126.72.220 3402 tcp tcpwrapped open
7797149.126.72.220 3403 tcp tcpwrapped open
7798149.126.72.220 3404 tcp tcpwrapped open
7799149.126.72.220 3405 tcp tcpwrapped open
7800149.126.72.220 3406 tcp tcpwrapped open
7801149.126.72.220 3407 tcp tcpwrapped open
7802149.126.72.220 3408 tcp tcpwrapped open
7803149.126.72.220 3409 tcp tcpwrapped open
7804149.126.72.220 3410 tcp tcpwrapped open
7805149.126.72.220 3412 tcp tcpwrapped open
7806149.126.72.220 3443 tcp tcpwrapped open
7807149.126.72.220 3500 tcp tcpwrapped open
7808149.126.72.220 3510 tcp tcpwrapped open
7809149.126.72.220 3521 tcp tcpwrapped open
7810149.126.72.220 3522 tcp tcpwrapped open
7811149.126.72.220 3523 tcp tcpwrapped open
7812149.126.72.220 3524 tcp tcpwrapped open
7813149.126.72.220 3530 tcp tcpwrapped open
7814149.126.72.220 3531 tcp tcpwrapped open
7815149.126.72.220 3540 tcp tcpwrapped open
7816149.126.72.220 3548 tcp tcpwrapped open
7817149.126.72.220 3549 tcp tcpwrapped open
7818149.126.72.220 3550 tcp tcpwrapped open
7819149.126.72.220 3551 tcp tcpwrapped open
7820149.126.72.220 3552 tcp tcpwrapped open
7821149.126.72.220 3553 tcp tcpwrapped open
7822149.126.72.220 3554 tcp tcpwrapped open
7823149.126.72.220 3555 tcp tcpwrapped open
7824149.126.72.220 3556 tcp tcpwrapped open
7825149.126.72.220 3557 tcp tcpwrapped open
7826149.126.72.220 3558 tcp tcpwrapped open
7827149.126.72.220 3559 tcp tcpwrapped open
7828149.126.72.220 3560 tcp tcpwrapped open
7829149.126.72.220 3561 tcp tcpwrapped open
7830149.126.72.220 3562 tcp tcpwrapped open
7831149.126.72.220 3563 tcp tcpwrapped open
7832149.126.72.220 3566 tcp tcpwrapped open
7833149.126.72.220 3567 tcp tcpwrapped open
7834149.126.72.220 3568 tcp tcpwrapped open
7835149.126.72.220 3569 tcp tcpwrapped open
7836149.126.72.220 3570 tcp tcpwrapped open
7837149.126.72.220 3572 tcp tcpwrapped open
7838149.126.72.220 3580 tcp tcpwrapped open
7839149.126.72.220 3590 tcp tcpwrapped open
7840149.126.72.220 3790 tcp tcpwrapped open
7841149.126.72.220 3791 tcp tcpwrapped open
7842149.126.72.220 3792 tcp tcpwrapped open
7843149.126.72.220 3793 tcp tcpwrapped open
7844149.126.72.220 3794 tcp tcpwrapped open
7845149.126.72.220 3838 tcp tcpwrapped open
7846149.126.72.220 3841 tcp tcpwrapped open
7847149.126.72.220 3842 tcp tcpwrapped open
7848149.126.72.220 3950 tcp tcpwrapped open
7849149.126.72.220 3951 tcp tcpwrapped open
7850149.126.72.220 3952 tcp tcpwrapped open
7851149.126.72.220 3953 tcp tcpwrapped open
7852149.126.72.220 3954 tcp adrep open
7853149.126.72.220 4000 tcp tcpwrapped open
7854149.126.72.220 4001 tcp newoak open
7855149.126.72.220 4002 tcp mlchat-proxy open
7856149.126.72.220 4021 tcp nexus-portal open
7857149.126.72.220 4022 tcp dnox open
7858149.126.72.220 4023 tcp esnm-zoning open
7859149.126.72.220 4043 tcp nirp open
7860149.126.72.220 4072 tcp zieto-sock open
7861149.126.72.220 4080 tcp lorica-in open
7862149.126.72.220 4085 tcp ezmessagesrv open
7863149.126.72.220 4120 tcp minirem open
7864149.126.72.220 4147 tcp vrxpservman open
7865149.126.72.220 4148 tcp hhb-handheld open
7866149.126.72.220 4150 tcp poweralert-nsa open
7867149.126.72.220 4155 tcp bzr open
7868149.126.72.220 4160 tcp jini-discovery open
7869149.126.72.220 4165 tcp altcp open
7870149.126.72.220 4172 tcp pcoip open
7871149.126.72.220 4243 tcp vrml-multi-use open
7872149.126.72.220 4244 tcp vrml-multi-use open
7873149.126.72.220 4250 tcp vrml-multi-use open
7874149.126.72.220 4300 tcp corelccam open
7875149.126.72.220 4333 tcp msql open
7876149.126.72.220 4343 tcp unicall open
7877149.126.72.220 4344 tcp vinainstall open
7878149.126.72.220 4400 tcp ds-srv open
7879149.126.72.220 4401 tcp tcpwrapped open
7880149.126.72.220 4402 tcp tcpwrapped open
7881149.126.72.220 4430 tcp tcpwrapped open
7882149.126.72.220 4431 tcp tcpwrapped open
7883149.126.72.220 4432 tcp tcpwrapped open
7884149.126.72.220 4434 tcp tcpwrapped open
7885149.126.72.220 4435 tcp tcpwrapped open
7886149.126.72.220 4436 tcp tcpwrapped open
7887149.126.72.220 4437 tcp tcpwrapped open
7888149.126.72.220 4439 tcp tcpwrapped open
7889149.126.72.220 4440 tcp tcpwrapped open
7890149.126.72.220 4443 tcp tcpwrapped open
7891149.126.72.220 4444 tcp tcpwrapped open
7892149.126.72.220 4445 tcp tcpwrapped open
7893149.126.72.220 4451 tcp tcpwrapped open
7894149.126.72.220 4455 tcp tcpwrapped open
7895149.126.72.220 4457 tcp tcpwrapped open
7896149.126.72.220 4459 tcp tcpwrapped open
7897149.126.72.220 4461 tcp tcpwrapped open
7898149.126.72.220 4463 tcp tcpwrapped open
7899149.126.72.220 4477 tcp tcpwrapped open
7900149.126.72.220 4482 tcp tcpwrapped open
7901149.126.72.220 4500 tcp tcpwrapped open
7902149.126.72.220 4502 tcp tcpwrapped open
7903149.126.72.220 4505 tcp tcpwrapped open
7904149.126.72.220 4572 tcp tcpwrapped open
7905149.126.72.220 4602 tcp tcpwrapped open
7906149.126.72.220 4620 tcp tcpwrapped open
7907149.126.72.220 4643 tcp tcpwrapped open
7908149.126.72.220 4848 tcp tcpwrapped open
7909149.126.72.220 4933 tcp tcpwrapped open
7910149.126.72.220 4993 tcp tcpwrapped open
7911149.126.72.220 5000 tcp tcpwrapped open
7912149.126.72.220 5001 tcp tcpwrapped open
7913149.126.72.220 5002 tcp tcpwrapped open
7914149.126.72.220 5003 tcp tcpwrapped open
7915149.126.72.220 5004 tcp tcpwrapped open
7916149.126.72.220 5005 tcp tcpwrapped open
7917149.126.72.220 5006 tcp tcpwrapped open
7918149.126.72.220 5007 tcp tcpwrapped open
7919149.126.72.220 5008 tcp tcpwrapped open
7920149.126.72.220 5009 tcp tcpwrapped open
7921149.126.72.220 5010 tcp tcpwrapped open
7922149.126.72.220 5011 tcp tcpwrapped open
7923149.126.72.220 5022 tcp tcpwrapped open
7924149.126.72.220 5050 tcp tcpwrapped open
7925149.126.72.220 5053 tcp tcpwrapped open
7926149.126.72.220 5060 tcp tcpwrapped open
7927149.126.72.220 5061 tcp tcpwrapped open
7928149.126.72.220 5080 tcp tcpwrapped open
7929149.126.72.220 5083 tcp tcpwrapped open
7930149.126.72.220 5089 tcp tcpwrapped open
7931149.126.72.220 5090 tcp tcpwrapped open
7932149.126.72.220 5100 tcp tcpwrapped open
7933149.126.72.220 5105 tcp tcpwrapped open
7934149.126.72.220 5119 tcp tcpwrapped open
7935149.126.72.220 5120 tcp tcpwrapped open
7936149.126.72.220 5130 tcp tcpwrapped open
7937149.126.72.220 5140 tcp tcpwrapped open
7938149.126.72.220 5150 tcp tcpwrapped open
7939149.126.72.220 5160 tcp tcpwrapped open
7940149.126.72.220 5180 tcp tcpwrapped open
7941149.126.72.220 5201 tcp tcpwrapped open
7942149.126.72.220 5222 tcp tcpwrapped open
7943149.126.72.220 5223 tcp tcpwrapped open
7944149.126.72.220 5224 tcp tcpwrapped open
7945149.126.72.220 5225 tcp tcpwrapped open
7946149.126.72.220 5226 tcp tcpwrapped open
7947149.126.72.220 5227 tcp tcpwrapped open
7948149.126.72.220 5228 tcp tcpwrapped open
7949149.126.72.220 5229 tcp tcpwrapped open
7950149.126.72.220 5230 tcp tcpwrapped open
7951149.126.72.220 5231 tcp tcpwrapped open
7952149.126.72.220 5232 tcp tcpwrapped open
7953149.126.72.220 5233 tcp tcpwrapped open
7954149.126.72.220 5234 tcp tcpwrapped open
7955149.126.72.220 5235 tcp tcpwrapped open
7956149.126.72.220 5236 tcp tcpwrapped open
7957149.126.72.220 5237 tcp tcpwrapped open
7958149.126.72.220 5238 tcp tcpwrapped open
7959149.126.72.220 5239 tcp tcpwrapped open
7960149.126.72.220 5240 tcp tcpwrapped open
7961149.126.72.220 5241 tcp tcpwrapped open
7962149.126.72.220 5242 tcp tcpwrapped open
7963149.126.72.220 5243 tcp tcpwrapped open
7964149.126.72.220 5244 tcp tcpwrapped open
7965149.126.72.220 5245 tcp tcpwrapped open
7966149.126.72.220 5246 tcp tcpwrapped open
7967149.126.72.220 5247 tcp tcpwrapped open
7968149.126.72.220 5248 tcp tcpwrapped open
7969149.126.72.220 5249 tcp tcpwrapped open
7970149.126.72.220 5250 tcp tcpwrapped open
7971149.126.72.220 5251 tcp tcpwrapped open
7972149.126.72.220 5252 tcp tcpwrapped open
7973149.126.72.220 5253 tcp tcpwrapped open
7974149.126.72.220 5254 tcp tcpwrapped open
7975149.126.72.220 5255 tcp tcpwrapped open
7976149.126.72.220 5256 tcp tcpwrapped open
7977149.126.72.220 5257 tcp tcpwrapped open
7978149.126.72.220 5258 tcp tcpwrapped open
7979149.126.72.220 5259 tcp tcpwrapped open
7980149.126.72.220 5260 tcp tcpwrapped open
7981149.126.72.220 5261 tcp tcpwrapped open
7982149.126.72.220 5262 tcp tcpwrapped open
7983149.126.72.220 5263 tcp tcpwrapped open
7984149.126.72.220 5264 tcp tcpwrapped open
7985149.126.72.220 5265 tcp tcpwrapped open
7986149.126.72.220 5266 tcp tcpwrapped open
7987149.126.72.220 5267 tcp tcpwrapped open
7988149.126.72.220 5268 tcp tcpwrapped open
7989149.126.72.220 5269 tcp tcpwrapped open
7990149.126.72.220 5270 tcp tcpwrapped open
7991149.126.72.220 5271 tcp tcpwrapped open
7992149.126.72.220 5272 tcp tcpwrapped open
7993149.126.72.220 5273 tcp tcpwrapped open
7994149.126.72.220 5274 tcp tcpwrapped open
7995149.126.72.220 5275 tcp tcpwrapped open
7996149.126.72.220 5276 tcp tcpwrapped open
7997149.126.72.220 5277 tcp tcpwrapped open
7998149.126.72.220 5278 tcp tcpwrapped open
7999149.126.72.220 5279 tcp tcpwrapped open
8000149.126.72.220 5280 tcp tcpwrapped open
8001149.126.72.220 5440 tcp tcpwrapped open
8002149.126.72.220 5443 tcp tcpwrapped open
8003149.126.72.220 5456 tcp tcpwrapped open
8004149.126.72.220 5494 tcp tcpwrapped open
8005149.126.72.220 5495 tcp tcpwrapped open
8006149.126.72.220 5500 tcp tcpwrapped open
8007149.126.72.220 5503 tcp tcpwrapped open
8008149.126.72.220 5552 tcp tcpwrapped open
8009149.126.72.220 5555 tcp tcpwrapped open
8010149.126.72.220 5556 tcp tcpwrapped open
8011149.126.72.220 5557 tcp tcpwrapped open
8012149.126.72.220 5567 tcp tcpwrapped open
8013149.126.72.220 5568 tcp tcpwrapped open
8014149.126.72.220 5569 tcp tcpwrapped open
8015149.126.72.220 5590 tcp tcpwrapped open
8016149.126.72.220 5591 tcp tcpwrapped open
8017149.126.72.220 5592 tcp tcpwrapped open
8018149.126.72.220 5593 tcp tcpwrapped open
8019149.126.72.220 5594 tcp tcpwrapped open
8020149.126.72.220 5595 tcp tcpwrapped open
8021149.126.72.220 5596 tcp tcpwrapped open
8022149.126.72.220 5597 tcp tcpwrapped open
8023149.126.72.220 5598 tcp tcpwrapped open
8024149.126.72.220 5599 tcp tcpwrapped open
8025149.126.72.220 5600 tcp tcpwrapped open
8026149.126.72.220 5601 tcp tcpwrapped open
8027149.126.72.220 5602 tcp tcpwrapped open
8028149.126.72.220 5603 tcp tcpwrapped open
8029149.126.72.220 5604 tcp tcpwrapped open
8030149.126.72.220 5605 tcp tcpwrapped open
8031149.126.72.220 5606 tcp tcpwrapped open
8032149.126.72.220 5607 tcp tcpwrapped open
8033149.126.72.220 5608 tcp tcpwrapped open
8034149.126.72.220 5609 tcp tcpwrapped open
8035149.126.72.220 5613 tcp tcpwrapped open
8036149.126.72.220 5614 tcp tcpwrapped open
8037149.126.72.220 5620 tcp tcpwrapped open
8038149.126.72.220 5630 tcp tcpwrapped open
8039149.126.72.220 5640 tcp tcpwrapped open
8040149.126.72.220 5650 tcp tcpwrapped open
8041149.126.72.220 5660 tcp tcpwrapped open
8042149.126.72.220 5671 tcp tcpwrapped open
8043149.126.72.220 5672 tcp tcpwrapped open
8044149.126.72.220 5673 tcp tcpwrapped open
8045149.126.72.220 5680 tcp tcpwrapped open
8046149.126.72.220 5696 tcp tcpwrapped open
8047149.126.72.220 5698 tcp tcpwrapped open
8048149.126.72.220 5701 tcp tcpwrapped open
8049149.126.72.220 5721 tcp tcpwrapped open
8050149.126.72.220 5900 tcp tcpwrapped open
8051149.126.72.220 5901 tcp tcpwrapped open
8052149.126.72.220 5902 tcp tcpwrapped open
8053149.126.72.220 5903 tcp tcpwrapped open
8054149.126.72.220 5904 tcp tcpwrapped open
8055149.126.72.220 5905 tcp tcpwrapped open
8056149.126.72.220 5906 tcp tcpwrapped open
8057149.126.72.220 5907 tcp tcpwrapped open
8058149.126.72.220 5908 tcp tcpwrapped open
8059149.126.72.220 5909 tcp tcpwrapped open
8060149.126.72.220 5910 tcp tcpwrapped open
8061149.126.72.220 5911 tcp tcpwrapped open
8062149.126.72.220 5912 tcp tcpwrapped open
8063149.126.72.220 5913 tcp tcpwrapped open
8064149.126.72.220 5914 tcp tcpwrapped open
8065149.126.72.220 5915 tcp tcpwrapped open
8066149.126.72.220 5916 tcp tcpwrapped open
8067149.126.72.220 5917 tcp tcpwrapped open
8068149.126.72.220 5918 tcp tcpwrapped open
8069149.126.72.220 5919 tcp tcpwrapped open
8070149.126.72.220 5920 tcp tcpwrapped open
8071149.126.72.220 5984 tcp tcpwrapped open
8072149.126.72.220 5985 tcp tcpwrapped open
8073149.126.72.220 5986 tcp tcpwrapped open
8074149.126.72.220 5987 tcp tcpwrapped open
8075149.126.72.220 5988 tcp tcpwrapped open
8076149.126.72.220 5989 tcp tcpwrapped open
8077149.126.72.220 5990 tcp tcpwrapped open
8078149.126.72.220 5991 tcp tcpwrapped open
8079149.126.72.220 5992 tcp tcpwrapped open
8080149.126.72.220 5993 tcp tcpwrapped open
8081149.126.72.220 5994 tcp tcpwrapped open
8082149.126.72.220 5995 tcp tcpwrapped open
8083149.126.72.220 5996 tcp tcpwrapped open
8084149.126.72.220 5997 tcp tcpwrapped open
8085149.126.72.220 5998 tcp tcpwrapped open
8086149.126.72.220 5999 tcp tcpwrapped open
8087149.126.72.220 6000 tcp tcpwrapped open
8088149.126.72.220 6001 tcp tcpwrapped open
8089149.126.72.220 6002 tcp tcpwrapped open
8090149.126.72.220 6003 tcp tcpwrapped open
8091149.126.72.220 6004 tcp tcpwrapped open
8092149.126.72.220 6005 tcp tcpwrapped open
8093149.126.72.220 6006 tcp tcpwrapped open
8094149.126.72.220 6007 tcp tcpwrapped open
8095149.126.72.220 6008 tcp tcpwrapped open
8096149.126.72.220 6009 tcp tcpwrapped open
8097149.126.72.220 6010 tcp tcpwrapped open
8098149.126.72.220 6011 tcp tcpwrapped open
8099149.126.72.220 6021 tcp tcpwrapped open
8100149.126.72.220 6060 tcp tcpwrapped open
8101149.126.72.220 6061 tcp tcpwrapped open
8102149.126.72.220 6081 tcp tcpwrapped open
8103149.126.72.220 6100 tcp tcpwrapped open
8104149.126.72.220 6102 tcp tcpwrapped open
8105149.126.72.220 6134 tcp tcpwrapped open
8106149.126.72.220 6161 tcp tcpwrapped open
8107149.126.72.220 6331 tcp tcpwrapped open
8108149.126.72.220 6348 tcp tcpwrapped open
8109149.126.72.220 6379 tcp tcpwrapped open
8110149.126.72.220 6380 tcp tcpwrapped open
8111149.126.72.220 6433 tcp tcpwrapped open
8112149.126.72.220 6440 tcp tcpwrapped open
8113149.126.72.220 6443 tcp tcpwrapped open
8114149.126.72.220 6488 tcp tcpwrapped open
8115149.126.72.220 6500 tcp tcpwrapped open
8116149.126.72.220 6505 tcp tcpwrapped open
8117149.126.72.220 6510 tcp tcpwrapped open
8118149.126.72.220 6511 tcp tcpwrapped open
8119149.126.72.220 6512 tcp tcpwrapped open
8120149.126.72.220 6514 tcp tcpwrapped open
8121149.126.72.220 6543 tcp tcpwrapped open
8122149.126.72.220 6544 tcp tcpwrapped open
8123149.126.72.220 6560 tcp tcpwrapped open
8124149.126.72.220 6561 tcp tcpwrapped open
8125149.126.72.220 6565 tcp tcpwrapped open
8126149.126.72.220 6580 tcp tcpwrapped open
8127149.126.72.220 6581 tcp tcpwrapped open
8128149.126.72.220 6590 tcp tcpwrapped open
8129149.126.72.220 6601 tcp tcpwrapped open
8130149.126.72.220 6603 tcp tcpwrapped open
8131149.126.72.220 6605 tcp tcpwrapped open
8132149.126.72.220 6661 tcp tcpwrapped open
8133149.126.72.220 6662 tcp tcpwrapped open
8134149.126.72.220 6666 tcp tcpwrapped open
8135149.126.72.220 6686 tcp tcpwrapped open
8136149.126.72.220 6688 tcp tcpwrapped open
8137149.126.72.220 6700 tcp tcpwrapped open
8138149.126.72.220 6755 tcp tcpwrapped open
8139149.126.72.220 6775 tcp tcpwrapped open
8140149.126.72.220 6779 tcp tcpwrapped open
8141149.126.72.220 6789 tcp tcpwrapped open
8142149.126.72.220 6799 tcp tcpwrapped open
8143149.126.72.220 7000 tcp tcpwrapped open
8144149.126.72.220 7001 tcp tcpwrapped open
8145149.126.72.220 7002 tcp tcpwrapped open
8146149.126.72.220 7003 tcp tcpwrapped open
8147149.126.72.220 7004 tcp tcpwrapped open
8148149.126.72.220 7005 tcp tcpwrapped open
8149149.126.72.220 7007 tcp tcpwrapped open
8150149.126.72.220 7010 tcp tcpwrapped open
8151149.126.72.220 7011 tcp tcpwrapped open
8152149.126.72.220 7021 tcp tcpwrapped open
8153149.126.72.220 7070 tcp tcpwrapped open
8154149.126.72.220 7071 tcp tcpwrapped open
8155149.126.72.220 7079 tcp tcpwrapped open
8156149.126.72.220 7080 tcp tcpwrapped open
8157149.126.72.220 7081 tcp tcpwrapped open
8158149.126.72.220 7082 tcp tcpwrapped open
8159149.126.72.220 7083 tcp tcpwrapped open
8160149.126.72.220 7084 tcp tcpwrapped open
8161149.126.72.220 7085 tcp tcpwrapped open
8162149.126.72.220 7086 tcp tcpwrapped open
8163149.126.72.220 7087 tcp tcpwrapped open
8164149.126.72.220 7088 tcp tcpwrapped open
8165149.126.72.220 7090 tcp tcpwrapped open
8166149.126.72.220 7171 tcp tcpwrapped open
8167149.126.72.220 7172 tcp tcpwrapped open
8168149.126.72.220 7272 tcp tcpwrapped open
8169149.126.72.220 7348 tcp tcpwrapped open
8170149.126.72.220 7403 tcp tcpwrapped open
8171149.126.72.220 7433 tcp tcpwrapped open
8172149.126.72.220 7441 tcp tcpwrapped open
8173149.126.72.220 7443 tcp tcpwrapped open
8174149.126.72.220 7444 tcp tcpwrapped open
8175149.126.72.220 7445 tcp tcpwrapped open
8176149.126.72.220 7473 tcp tcpwrapped open
8177149.126.72.220 7500 tcp tcpwrapped open
8178149.126.72.220 7537 tcp tcpwrapped open
8179149.126.72.220 7687 tcp tcpwrapped open
8180149.126.72.220 7700 tcp tcpwrapped open
8181149.126.72.220 7771 tcp tcpwrapped open
8182149.126.72.220 7773 tcp tcpwrapped open
8183149.126.72.220 7774 tcp tcpwrapped open
8184149.126.72.220 7775 tcp tcpwrapped open
8185149.126.72.220 7776 tcp tcpwrapped open
8186149.126.72.220 7777 tcp tcpwrapped open
8187149.126.72.220 7778 tcp tcpwrapped open
8188149.126.72.220 7779 tcp tcpwrapped open
8189149.126.72.220 7788 tcp tcpwrapped open
8190149.126.72.220 7799 tcp tcpwrapped open
8191149.126.72.220 7998 tcp tcpwrapped open
8192149.126.72.220 7999 tcp tcpwrapped open
8193149.126.72.220 8000 tcp tcpwrapped open
8194149.126.72.220 8001 tcp tcpwrapped open
8195149.126.72.220 8002 tcp tcpwrapped open
8196149.126.72.220 8003 tcp tcpwrapped open
8197149.126.72.220 8004 tcp tcpwrapped open
8198149.126.72.220 8005 tcp tcpwrapped open
8199149.126.72.220 8006 tcp tcpwrapped open
8200149.126.72.220 8007 tcp tcpwrapped open
8201149.126.72.220 8008 tcp tcpwrapped open
8202149.126.72.220 8009 tcp tcpwrapped open
8203149.126.72.220 8010 tcp tcpwrapped open
8204149.126.72.220 8011 tcp tcpwrapped open
8205149.126.72.220 8012 tcp tcpwrapped open
8206149.126.72.220 8013 tcp tcpwrapped open
8207149.126.72.220 8014 tcp tcpwrapped open
8208149.126.72.220 8015 tcp tcpwrapped open
8209149.126.72.220 8016 tcp tcpwrapped open
8210149.126.72.220 8017 tcp tcpwrapped open
8211149.126.72.220 8018 tcp tcpwrapped open
8212149.126.72.220 8019 tcp tcpwrapped open
8213149.126.72.220 8020 tcp tcpwrapped open
8214149.126.72.220 8021 tcp tcpwrapped open
8215149.126.72.220 8022 tcp tcpwrapped open
8216149.126.72.220 8023 tcp tcpwrapped open
8217149.126.72.220 8024 tcp tcpwrapped open
8218149.126.72.220 8025 tcp tcpwrapped open
8219149.126.72.220 8026 tcp tcpwrapped open
8220149.126.72.220 8027 tcp tcpwrapped open
8221149.126.72.220 8028 tcp tcpwrapped open
8222149.126.72.220 8029 tcp tcpwrapped open
8223149.126.72.220 8030 tcp tcpwrapped open
8224149.126.72.220 8031 tcp tcpwrapped open
8225149.126.72.220 8032 tcp tcpwrapped open
8226149.126.72.220 8033 tcp tcpwrapped open
8227149.126.72.220 8034 tcp tcpwrapped open
8228149.126.72.220 8035 tcp tcpwrapped open
8229149.126.72.220 8036 tcp tcpwrapped open
8230149.126.72.220 8037 tcp tcpwrapped open
8231149.126.72.220 8038 tcp tcpwrapped open
8232149.126.72.220 8039 tcp tcpwrapped open
8233149.126.72.220 8040 tcp tcpwrapped open
8234149.126.72.220 8041 tcp tcpwrapped open
8235149.126.72.220 8042 tcp tcpwrapped open
8236149.126.72.220 8043 tcp tcpwrapped open
8237149.126.72.220 8044 tcp tcpwrapped open
8238149.126.72.220 8045 tcp tcpwrapped open
8239149.126.72.220 8046 tcp tcpwrapped open
8240149.126.72.220 8047 tcp tcpwrapped open
8241149.126.72.220 8048 tcp tcpwrapped open
8242149.126.72.220 8049 tcp tcpwrapped open
8243149.126.72.220 8050 tcp tcpwrapped open
8244149.126.72.220 8051 tcp tcpwrapped open
8245149.126.72.220 8052 tcp tcpwrapped open
8246149.126.72.220 8053 tcp tcpwrapped open
8247149.126.72.220 8054 tcp tcpwrapped open
8248149.126.72.220 8055 tcp tcpwrapped open
8249149.126.72.220 8056 tcp tcpwrapped open
8250149.126.72.220 8057 tcp tcpwrapped open
8251149.126.72.220 8058 tcp tcpwrapped open
8252149.126.72.220 8060 tcp tcpwrapped open
8253149.126.72.220 8064 tcp tcpwrapped open
8254149.126.72.220 8065 tcp tcpwrapped open
8255149.126.72.220 8069 tcp tcpwrapped open
8256149.126.72.220 8070 tcp tcpwrapped open
8257149.126.72.220 8071 tcp tcpwrapped open
8258149.126.72.220 8072 tcp tcpwrapped open
8259149.126.72.220 8074 tcp tcpwrapped open
8260149.126.72.220 8079 tcp tcpwrapped open
8261149.126.72.220 8080 tcp tcpwrapped open
8262149.126.72.220 8081 tcp tcpwrapped open
8263149.126.72.220 8082 tcp tcpwrapped open
8264149.126.72.220 8083 tcp tcpwrapped open
8265149.126.72.220 8084 tcp tcpwrapped open
8266149.126.72.220 8085 tcp tcpwrapped open
8267149.126.72.220 8086 tcp tcpwrapped open
8268149.126.72.220 8087 tcp tcpwrapped open
8269149.126.72.220 8088 tcp tcpwrapped open
8270149.126.72.220 8089 tcp tcpwrapped open
8271149.126.72.220 8090 tcp tcpwrapped open
8272149.126.72.220 8091 tcp tcpwrapped open
8273149.126.72.220 8092 tcp tcpwrapped open
8274149.126.72.220 8093 tcp tcpwrapped open
8275149.126.72.220 8094 tcp tcpwrapped open
8276149.126.72.220 8095 tcp tcpwrapped open
8277149.126.72.220 8096 tcp tcpwrapped open
8278149.126.72.220 8097 tcp tcpwrapped open
8279149.126.72.220 8098 tcp tcpwrapped open
8280149.126.72.220 8099 tcp tcpwrapped open
8281149.126.72.220 8100 tcp tcpwrapped open
8282149.126.72.220 8101 tcp tcpwrapped open
8283149.126.72.220 8102 tcp tcpwrapped open
8284149.126.72.220 8103 tcp tcpwrapped open
8285149.126.72.220 8104 tcp tcpwrapped open
8286149.126.72.220 8105 tcp tcpwrapped open
8287149.126.72.220 8106 tcp tcpwrapped open
8288149.126.72.220 8107 tcp tcpwrapped open
8289149.126.72.220 8108 tcp tcpwrapped open
8290149.126.72.220 8109 tcp tcpwrapped open
8291149.126.72.220 8110 tcp tcpwrapped open
8292149.126.72.220 8113 tcp tcpwrapped open
8293149.126.72.220 8114 tcp tcpwrapped open
8294149.126.72.220 8115 tcp tcpwrapped open
8295149.126.72.220 8118 tcp tcpwrapped open
8296149.126.72.220 8119 tcp tcpwrapped open
8297149.126.72.220 8120 tcp tcpwrapped open
8298149.126.72.220 8121 tcp tcpwrapped open
8299149.126.72.220 8123 tcp tcpwrapped open
8300149.126.72.220 8125 tcp tcpwrapped open
8301149.126.72.220 8126 tcp tcpwrapped open
8302149.126.72.220 8128 tcp tcpwrapped open
8303149.126.72.220 8129 tcp tcpwrapped open
8304149.126.72.220 8130 tcp tcpwrapped open
8305149.126.72.220 8131 tcp tcpwrapped open
8306149.126.72.220 8132 tcp tcpwrapped open
8307149.126.72.220 8133 tcp tcpwrapped open
8308149.126.72.220 8136 tcp tcpwrapped open
8309149.126.72.220 8140 tcp tcpwrapped open
8310149.126.72.220 8142 tcp tcpwrapped open
8311149.126.72.220 8143 tcp tcpwrapped open
8312149.126.72.220 8144 tcp tcpwrapped open
8313149.126.72.220 8147 tcp tcpwrapped open
8314149.126.72.220 8148 tcp tcpwrapped open
8315149.126.72.220 8149 tcp tcpwrapped open
8316149.126.72.220 8150 tcp tcpwrapped open
8317149.126.72.220 8154 tcp tcpwrapped open
8318149.126.72.220 8156 tcp tcpwrapped open
8319149.126.72.220 8157 tcp tcpwrapped open
8320149.126.72.220 8158 tcp tcpwrapped open
8321149.126.72.220 8160 tcp tcpwrapped open
8322149.126.72.220 8161 tcp tcpwrapped open
8323149.126.72.220 8162 tcp tcpwrapped open
8324149.126.72.220 8163 tcp tcpwrapped open
8325149.126.72.220 8164 tcp tcpwrapped open
8326149.126.72.220 8165 tcp tcpwrapped open
8327149.126.72.220 8166 tcp tcpwrapped open
8328149.126.72.220 8167 tcp tcpwrapped open
8329149.126.72.220 8168 tcp tcpwrapped open
8330149.126.72.220 8169 tcp tcpwrapped open
8331149.126.72.220 8170 tcp tcpwrapped open
8332149.126.72.220 8171 tcp tcpwrapped open
8333149.126.72.220 8172 tcp tcpwrapped open
8334149.126.72.220 8173 tcp tcpwrapped open
8335149.126.72.220 8175 tcp tcpwrapped open
8336149.126.72.220 8176 tcp tcpwrapped open
8337149.126.72.220 8178 tcp tcpwrapped open
8338149.126.72.220 8179 tcp tcpwrapped open
8339149.126.72.220 8180 tcp tcpwrapped open
8340149.126.72.220 8181 tcp tcpwrapped open
8341149.126.72.220 8182 tcp tcpwrapped open
8342149.126.72.220 8183 tcp tcpwrapped open
8343149.126.72.220 8184 tcp tcpwrapped open
8344149.126.72.220 8185 tcp tcpwrapped open
8345149.126.72.220 8186 tcp tcpwrapped open
8346149.126.72.220 8187 tcp tcpwrapped open
8347149.126.72.220 8188 tcp tcpwrapped open
8348149.126.72.220 8189 tcp tcpwrapped open
8349149.126.72.220 8190 tcp tcpwrapped open
8350149.126.72.220 8191 tcp tcpwrapped open
8351149.126.72.220 8192 tcp tcpwrapped open
8352149.126.72.220 8193 tcp tcpwrapped open
8353149.126.72.220 8194 tcp tcpwrapped open
8354149.126.72.220 8195 tcp tcpwrapped open
8355149.126.72.220 8198 tcp tcpwrapped open
8356149.126.72.220 8199 tcp tcpwrapped open
8357149.126.72.220 8200 tcp tcpwrapped open
8358149.126.72.220 8203 tcp tcpwrapped open
8359149.126.72.220 8222 tcp tcpwrapped open
8360149.126.72.220 8230 tcp tcpwrapped open
8361149.126.72.220 8236 tcp tcpwrapped open
8362149.126.72.220 8237 tcp tcpwrapped open
8363149.126.72.220 8238 tcp tcpwrapped open
8364149.126.72.220 8239 tcp tcpwrapped open
8365149.126.72.220 8241 tcp tcpwrapped open
8366149.126.72.220 8243 tcp tcpwrapped open
8367149.126.72.220 8248 tcp tcpwrapped open
8368149.126.72.220 8249 tcp tcpwrapped open
8369149.126.72.220 8250 tcp tcpwrapped open
8370149.126.72.220 8251 tcp tcpwrapped open
8371149.126.72.220 8252 tcp tcpwrapped open
8372149.126.72.220 8280 tcp tcpwrapped open
8373149.126.72.220 8282 tcp tcpwrapped open
8374149.126.72.220 8333 tcp tcpwrapped open
8375149.126.72.220 8340 tcp tcpwrapped open
8376149.126.72.220 8343 tcp tcpwrapped open
8377149.126.72.220 8350 tcp tcpwrapped open
8378149.126.72.220 8381 tcp tcpwrapped open
8379149.126.72.220 8382 tcp tcpwrapped open
8380149.126.72.220 8383 tcp tcpwrapped open
8381149.126.72.220 8384 tcp tcpwrapped open
8382149.126.72.220 8385 tcp tcpwrapped open
8383149.126.72.220 8388 tcp tcpwrapped open
8384149.126.72.220 8393 tcp tcpwrapped open
8385149.126.72.220 8401 tcp tcpwrapped open
8386149.126.72.220 8402 tcp tcpwrapped open
8387149.126.72.220 8403 tcp tcpwrapped open
8388149.126.72.220 8404 tcp tcpwrapped open
8389149.126.72.220 8405 tcp tcpwrapped open
8390149.126.72.220 8406 tcp tcpwrapped open
8391149.126.72.220 8407 tcp tcpwrapped open
8392149.126.72.220 8408 tcp tcpwrapped open
8393149.126.72.220 8409 tcp tcpwrapped open
8394149.126.72.220 8410 tcp tcpwrapped open
8395149.126.72.220 8411 tcp tcpwrapped open
8396149.126.72.220 8412 tcp tcpwrapped open
8397149.126.72.220 8413 tcp tcpwrapped open
8398149.126.72.220 8414 tcp tcpwrapped open
8399149.126.72.220 8415 tcp tcpwrapped open
8400149.126.72.220 8416 tcp tcpwrapped open
8401149.126.72.220 8417 tcp tcpwrapped open
8402149.126.72.220 8418 tcp tcpwrapped open
8403149.126.72.220 8419 tcp tcpwrapped open
8404149.126.72.220 8420 tcp tcpwrapped open
8405149.126.72.220 8421 tcp tcpwrapped open
8406149.126.72.220 8422 tcp tcpwrapped open
8407149.126.72.220 8423 tcp tcpwrapped open
8408149.126.72.220 8424 tcp tcpwrapped open
8409149.126.72.220 8425 tcp tcpwrapped open
8410149.126.72.220 8426 tcp tcpwrapped open
8411149.126.72.220 8427 tcp tcpwrapped open
8412149.126.72.220 8428 tcp tcpwrapped open
8413149.126.72.220 8429 tcp tcpwrapped open
8414149.126.72.220 8430 tcp tcpwrapped open
8415149.126.72.220 8431 tcp tcpwrapped open
8416149.126.72.220 8432 tcp tcpwrapped open
8417149.126.72.220 8433 tcp tcpwrapped open
8418149.126.72.220 8435 tcp tcpwrapped open
8419149.126.72.220 8440 tcp tcpwrapped open
8420149.126.72.220 8441 tcp tcpwrapped open
8421149.126.72.220 8442 tcp tcpwrapped open
8422149.126.72.220 8443 tcp tcpwrapped open
8423149.126.72.220 8444 tcp tcpwrapped open
8424149.126.72.220 8445 tcp tcpwrapped open
8425149.126.72.220 8446 tcp tcpwrapped open
8426149.126.72.220 8447 tcp tcpwrapped open
8427149.126.72.220 8448 tcp tcpwrapped open
8428149.126.72.220 8449 tcp tcpwrapped open
8429149.126.72.220 8450 tcp tcpwrapped open
8430149.126.72.220 8451 tcp tcpwrapped open
8431149.126.72.220 8452 tcp tcpwrapped open
8432149.126.72.220 8453 tcp tcpwrapped open
8433149.126.72.220 8454 tcp tcpwrapped open
8434149.126.72.220 8455 tcp tcpwrapped open
8435149.126.72.220 8456 tcp tcpwrapped open
8436149.126.72.220 8457 tcp tcpwrapped open
8437149.126.72.220 8458 tcp tcpwrapped open
8438149.126.72.220 8459 tcp tcpwrapped open
8439149.126.72.220 8460 tcp tcpwrapped open
8440149.126.72.220 8461 tcp tcpwrapped open
8441149.126.72.220 8462 tcp tcpwrapped open
8442149.126.72.220 8463 tcp tcpwrapped open
8443149.126.72.220 8464 tcp tcpwrapped open
8444149.126.72.220 8465 tcp tcpwrapped open
8445149.126.72.220 8466 tcp tcpwrapped open
8446149.126.72.220 8467 tcp tcpwrapped open
8447149.126.72.220 8470 tcp tcpwrapped open
8448149.126.72.220 8472 tcp tcpwrapped open
8449149.126.72.220 8473 tcp tcpwrapped open
8450149.126.72.220 8475 tcp tcpwrapped open
8451149.126.72.220 8480 tcp tcpwrapped open
8452149.126.72.220 8481 tcp tcpwrapped open
8453149.126.72.220 8482 tcp tcpwrapped open
8454149.126.72.220 8484 tcp tcpwrapped open
8455149.126.72.220 8485 tcp tcpwrapped open
8456149.126.72.220 8488 tcp tcpwrapped open
8457149.126.72.220 8493 tcp tcpwrapped open
8458149.126.72.220 8494 tcp tcpwrapped open
8459149.126.72.220 8500 tcp tcpwrapped open
8460149.126.72.220 8502 tcp tcpwrapped open
8461149.126.72.220 8503 tcp tcpwrapped open
8462149.126.72.220 8504 tcp tcpwrapped open
8463149.126.72.220 8505 tcp tcpwrapped open
8464149.126.72.220 8506 tcp tcpwrapped open
8465149.126.72.220 8510 tcp tcpwrapped open
8466149.126.72.220 8513 tcp tcpwrapped open
8467149.126.72.220 8514 tcp tcpwrapped open
8468149.126.72.220 8515 tcp tcpwrapped open
8469149.126.72.220 8519 tcp tcpwrapped open
8470149.126.72.220 8520 tcp tcpwrapped open
8471149.126.72.220 8521 tcp tcpwrapped open
8472149.126.72.220 8523 tcp tcpwrapped open
8473149.126.72.220 8524 tcp tcpwrapped open
8474149.126.72.220 8525 tcp tcpwrapped open
8475149.126.72.220 8526 tcp tcpwrapped open
8476149.126.72.220 8528 tcp tcpwrapped open
8477149.126.72.220 8529 tcp tcpwrapped open
8478149.126.72.220 8530 tcp tcpwrapped open
8479149.126.72.220 8531 tcp tcpwrapped open
8480149.126.72.220 8532 tcp tcpwrapped open
8481149.126.72.220 8533 tcp tcpwrapped open
8482149.126.72.220 8536 tcp tcpwrapped open
8483149.126.72.220 8540 tcp tcpwrapped open
8484149.126.72.220 8543 tcp tcpwrapped open
8485149.126.72.220 8544 tcp tcpwrapped open
8486149.126.72.220 8548 tcp tcpwrapped open
8487149.126.72.220 8549 tcp tcpwrapped open
8488149.126.72.220 8550 tcp tcpwrapped open
8489149.126.72.220 8551 tcp tcpwrapped open
8490149.126.72.220 8553 tcp tcpwrapped open
8491149.126.72.220 8556 tcp tcpwrapped open
8492149.126.72.220 8557 tcp tcpwrapped open
8493149.126.72.220 8558 tcp tcpwrapped open
8494149.126.72.220 8560 tcp tcpwrapped open
8495149.126.72.220 8561 tcp tcpwrapped open
8496149.126.72.220 8562 tcp tcpwrapped open
8497149.126.72.220 8563 tcp tcpwrapped open
8498149.126.72.220 8564 tcp tcpwrapped open
8499149.126.72.220 8565 tcp tcpwrapped open
8500149.126.72.220 8566 tcp tcpwrapped open
8501149.126.72.220 8567 tcp tcpwrapped open
8502149.126.72.220 8568 tcp tcpwrapped open
8503149.126.72.220 8569 tcp tcpwrapped open
8504149.126.72.220 8570 tcp tcpwrapped open
8505149.126.72.220 8571 tcp tcpwrapped open
8506149.126.72.220 8573 tcp tcpwrapped open
8507149.126.72.220 8574 tcp tcpwrapped open
8508149.126.72.220 8575 tcp tcpwrapped open
8509149.126.72.220 8576 tcp tcpwrapped open
8510149.126.72.220 8577 tcp tcpwrapped open
8511149.126.72.220 8578 tcp tcpwrapped open
8512149.126.72.220 8579 tcp tcpwrapped open
8513149.126.72.220 8580 tcp tcpwrapped open
8514149.126.72.220 8581 tcp tcpwrapped open
8515149.126.72.220 8582 tcp tcpwrapped open
8516149.126.72.220 8583 tcp tcpwrapped open
8517149.126.72.220 8585 tcp tcpwrapped open
8518149.126.72.220 8586 tcp tcpwrapped open
8519149.126.72.220 8588 tcp tcpwrapped open
8520149.126.72.220 8589 tcp tcpwrapped open
8521149.126.72.220 8590 tcp tcpwrapped open
8522149.126.72.220 8591 tcp tcpwrapped open
8523149.126.72.220 8592 tcp tcpwrapped open
8524149.126.72.220 8593 tcp tcpwrapped open
8525149.126.72.220 8594 tcp tcpwrapped open
8526149.126.72.220 8595 tcp tcpwrapped open
8527149.126.72.220 8596 tcp tcpwrapped open
8528149.126.72.220 8597 tcp tcpwrapped open
8529149.126.72.220 8598 tcp tcpwrapped open
8530149.126.72.220 8599 tcp tcpwrapped open
8531149.126.72.220 8600 tcp tcpwrapped open
8532149.126.72.220 8601 tcp tcpwrapped open
8533149.126.72.220 8605 tcp tcpwrapped open
8534149.126.72.220 8606 tcp tcpwrapped open
8535149.126.72.220 8630 tcp tcpwrapped open
8536149.126.72.220 8640 tcp tcpwrapped open
8537149.126.72.220 8641 tcp tcpwrapped open
8538149.126.72.220 8643 tcp tcpwrapped open
8539149.126.72.220 8663 tcp tcpwrapped open
8540149.126.72.220 8666 tcp tcpwrapped open
8541149.126.72.220 8686 tcp tcpwrapped open
8542149.126.72.220 8688 tcp tcpwrapped open
8543149.126.72.220 8700 tcp tcpwrapped open
8544149.126.72.220 8701 tcp tcpwrapped open
8545149.126.72.220 8702 tcp tcpwrapped open
8546149.126.72.220 8703 tcp tcpwrapped open
8547149.126.72.220 8704 tcp tcpwrapped open
8548149.126.72.220 8705 tcp tcpwrapped open
8549149.126.72.220 8706 tcp tcpwrapped open
8550149.126.72.220 8707 tcp tcpwrapped open
8551149.126.72.220 8708 tcp tcpwrapped open
8552149.126.72.220 8709 tcp tcpwrapped open
8553149.126.72.220 8723 tcp tcpwrapped open
8554149.126.72.220 8724 tcp tcpwrapped open
8555149.126.72.220 8731 tcp tcpwrapped open
8556149.126.72.220 8732 tcp tcpwrapped open
8557149.126.72.220 8764 tcp tcpwrapped open
8558149.126.72.220 8765 tcp tcpwrapped open
8559149.126.72.220 8766 tcp tcpwrapped open
8560149.126.72.220 8767 tcp tcpwrapped open
8561149.126.72.220 8771 tcp tcpwrapped open
8562149.126.72.220 8787 tcp tcpwrapped open
8563149.126.72.220 8788 tcp tcpwrapped open
8564149.126.72.220 8789 tcp tcpwrapped open
8565149.126.72.220 8790 tcp tcpwrapped open
8566149.126.72.220 8791 tcp tcpwrapped open
8567149.126.72.220 8800 tcp tcpwrapped open
8568149.126.72.220 8801 tcp tcpwrapped open
8569149.126.72.220 8802 tcp tcpwrapped open
8570149.126.72.220 8803 tcp tcpwrapped open
8571149.126.72.220 8804 tcp tcpwrapped open
8572149.126.72.220 8805 tcp tcpwrapped open
8573149.126.72.220 8806 tcp tcpwrapped open
8574149.126.72.220 8807 tcp tcpwrapped open
8575149.126.72.220 8808 tcp tcpwrapped open
8576149.126.72.220 8809 tcp tcpwrapped open
8577149.126.72.220 8810 tcp tcpwrapped open
8578149.126.72.220 8811 tcp tcpwrapped open
8579149.126.72.220 8812 tcp tcpwrapped open
8580149.126.72.220 8813 tcp tcpwrapped open
8581149.126.72.220 8814 tcp tcpwrapped open
8582149.126.72.220 8815 tcp tcpwrapped open
8583149.126.72.220 8816 tcp tcpwrapped open
8584149.126.72.220 8817 tcp tcpwrapped open
8585149.126.72.220 8818 tcp tcpwrapped open
8586149.126.72.220 8819 tcp tcpwrapped open
8587149.126.72.220 8820 tcp tcpwrapped open
8588149.126.72.220 8821 tcp tcpwrapped open
8589149.126.72.220 8822 tcp tcpwrapped open
8590149.126.72.220 8823 tcp tcpwrapped open
8591149.126.72.220 8824 tcp tcpwrapped open
8592149.126.72.220 8825 tcp tcpwrapped open
8593149.126.72.220 8826 tcp tcpwrapped open
8594149.126.72.220 8827 tcp tcpwrapped open
8595149.126.72.220 8828 tcp tcpwrapped open
8596149.126.72.220 8829 tcp tcpwrapped open
8597149.126.72.220 8830 tcp tcpwrapped open
8598149.126.72.220 8831 tcp tcpwrapped open
8599149.126.72.220 8832 tcp tcpwrapped open
8600149.126.72.220 8833 tcp tcpwrapped open
8601149.126.72.220 8834 tcp tcpwrapped open
8602149.126.72.220 8835 tcp tcpwrapped open
8603149.126.72.220 8836 tcp tcpwrapped open
8604149.126.72.220 8837 tcp tcpwrapped open
8605149.126.72.220 8838 tcp tcpwrapped open
8606149.126.72.220 8839 tcp tcpwrapped open
8607149.126.72.220 8840 tcp tcpwrapped open
8608149.126.72.220 8841 tcp tcpwrapped open
8609149.126.72.220 8842 tcp tcpwrapped open
8610149.126.72.220 8843 tcp tcpwrapped open
8611149.126.72.220 8844 tcp tcpwrapped open
8612149.126.72.220 8845 tcp tcpwrapped open
8613149.126.72.220 8846 tcp tcpwrapped open
8614149.126.72.220 8847 tcp tcpwrapped open
8615149.126.72.220 8848 tcp tcpwrapped open
8616149.126.72.220 8849 tcp tcpwrapped open
8617149.126.72.220 8850 tcp tcpwrapped open
8618149.126.72.220 8851 tcp tcpwrapped open
8619149.126.72.220 8852 tcp tcpwrapped open
8620149.126.72.220 8853 tcp tcpwrapped open
8621149.126.72.220 8854 tcp tcpwrapped open
8622149.126.72.220 8855 tcp tcpwrapped open
8623149.126.72.220 8856 tcp tcpwrapped open
8624149.126.72.220 8857 tcp tcpwrapped open
8625149.126.72.220 8858 tcp tcpwrapped open
8626149.126.72.220 8859 tcp tcpwrapped open
8627149.126.72.220 8860 tcp tcpwrapped open
8628149.126.72.220 8861 tcp tcpwrapped open
8629149.126.72.220 8862 tcp tcpwrapped open
8630149.126.72.220 8863 tcp tcpwrapped open
8631149.126.72.220 8864 tcp tcpwrapped open
8632149.126.72.220 8865 tcp tcpwrapped open
8633149.126.72.220 8866 tcp tcpwrapped open
8634149.126.72.220 8867 tcp tcpwrapped open
8635149.126.72.220 8868 tcp tcpwrapped open
8636149.126.72.220 8869 tcp tcpwrapped open
8637149.126.72.220 8870 tcp tcpwrapped open
8638149.126.72.220 8871 tcp tcpwrapped open
8639149.126.72.220 8872 tcp tcpwrapped open
8640149.126.72.220 8873 tcp tcpwrapped open
8641149.126.72.220 8874 tcp tcpwrapped open
8642149.126.72.220 8875 tcp tcpwrapped open
8643149.126.72.220 8876 tcp tcpwrapped open
8644149.126.72.220 8877 tcp tcpwrapped open
8645149.126.72.220 8878 tcp tcpwrapped open
8646149.126.72.220 8879 tcp tcpwrapped open
8647149.126.72.220 8880 tcp tcpwrapped open
8648149.126.72.220 8881 tcp tcpwrapped open
8649149.126.72.220 8882 tcp tcpwrapped open
8650149.126.72.220 8883 tcp tcpwrapped open
8651149.126.72.220 8884 tcp tcpwrapped open
8652149.126.72.220 8885 tcp tcpwrapped open
8653149.126.72.220 8887 tcp tcpwrapped open
8654149.126.72.220 8888 tcp tcpwrapped open
8655149.126.72.220 8889 tcp tcpwrapped open
8656149.126.72.220 8890 tcp tcpwrapped open
8657149.126.72.220 8891 tcp tcpwrapped open
8658149.126.72.220 8899 tcp tcpwrapped open
8659149.126.72.220 8900 tcp tcpwrapped open
8660149.126.72.220 8901 tcp tcpwrapped open
8661149.126.72.220 8902 tcp tcpwrapped open
8662149.126.72.220 8905 tcp tcpwrapped open
8663149.126.72.220 8906 tcp tcpwrapped open
8664149.126.72.220 8907 tcp tcpwrapped open
8665149.126.72.220 8908 tcp tcpwrapped open
8666149.126.72.220 8910 tcp tcpwrapped open
8667149.126.72.220 8911 tcp tcpwrapped open
8668149.126.72.220 8912 tcp tcpwrapped open
8669149.126.72.220 8913 tcp tcpwrapped open
8670149.126.72.220 8915 tcp tcpwrapped open
8671149.126.72.220 8916 tcp tcpwrapped open
8672149.126.72.220 8935 tcp tcpwrapped open
8673149.126.72.220 8943 tcp tcpwrapped open
8674149.126.72.220 8969 tcp tcpwrapped open
8675149.126.72.220 8988 tcp tcpwrapped open
8676149.126.72.220 8989 tcp tcpwrapped open
8677149.126.72.220 8999 tcp tcpwrapped open
8678149.126.72.220 9000 tcp tcpwrapped open
8679149.126.72.220 9001 tcp tcpwrapped open
8680149.126.72.220 9002 tcp tcpwrapped open
8681149.126.72.220 9003 tcp tcpwrapped open
8682149.126.72.220 9004 tcp tcpwrapped open
8683149.126.72.220 9005 tcp tcpwrapped open
8684149.126.72.220 9006 tcp tcpwrapped open
8685149.126.72.220 9007 tcp tcpwrapped open
8686149.126.72.220 9008 tcp tcpwrapped open
8687149.126.72.220 9009 tcp tcpwrapped open
8688149.126.72.220 9010 tcp tcpwrapped open
8689149.126.72.220 9011 tcp tcpwrapped open
8690149.126.72.220 9012 tcp tcpwrapped open
8691149.126.72.220 9013 tcp tcpwrapped open
8692149.126.72.220 9014 tcp tcpwrapped open
8693149.126.72.220 9015 tcp tcpwrapped open
8694149.126.72.220 9016 tcp tcpwrapped open
8695149.126.72.220 9017 tcp tcpwrapped open
8696149.126.72.220 9018 tcp tcpwrapped open
8697149.126.72.220 9019 tcp tcpwrapped open
8698149.126.72.220 9020 tcp tcpwrapped open
8699149.126.72.220 9021 tcp tcpwrapped open
8700149.126.72.220 9022 tcp tcpwrapped open
8701149.126.72.220 9023 tcp tcpwrapped open
8702149.126.72.220 9024 tcp tcpwrapped open
8703149.126.72.220 9025 tcp tcpwrapped open
8704149.126.72.220 9026 tcp tcpwrapped open
8705149.126.72.220 9027 tcp tcpwrapped open
8706149.126.72.220 9028 tcp tcpwrapped open
8707149.126.72.220 9029 tcp tcpwrapped open
8708149.126.72.220 9030 tcp tcpwrapped open
8709149.126.72.220 9031 tcp tcpwrapped open
8710149.126.72.220 9032 tcp tcpwrapped open
8711149.126.72.220 9033 tcp tcpwrapped open
8712149.126.72.220 9034 tcp tcpwrapped open
8713149.126.72.220 9035 tcp tcpwrapped open
8714149.126.72.220 9036 tcp tcpwrapped open
8715149.126.72.220 9037 tcp tcpwrapped open
8716149.126.72.220 9038 tcp tcpwrapped open
8717149.126.72.220 9039 tcp tcpwrapped open
8718149.126.72.220 9040 tcp tcpwrapped open
8719149.126.72.220 9041 tcp tcpwrapped open
8720149.126.72.220 9042 tcp tcpwrapped open
8721149.126.72.220 9043 tcp tcpwrapped open
8722149.126.72.220 9044 tcp tcpwrapped open
8723149.126.72.220 9045 tcp tcpwrapped open
8724149.126.72.220 9046 tcp tcpwrapped open
8725149.126.72.220 9047 tcp tcpwrapped open
8726149.126.72.220 9048 tcp tcpwrapped open
8727149.126.72.220 9049 tcp tcpwrapped open
8728149.126.72.220 9050 tcp tcpwrapped open
8729149.126.72.220 9051 tcp tcpwrapped open
8730149.126.72.220 9052 tcp tcpwrapped open
8731149.126.72.220 9058 tcp tcpwrapped open
8732149.126.72.220 9060 tcp tcpwrapped open
8733149.126.72.220 9061 tcp tcpwrapped open
8734149.126.72.220 9070 tcp tcpwrapped open
8735149.126.72.220 9080 tcp tcpwrapped open
8736149.126.72.220 9081 tcp tcpwrapped open
8737149.126.72.220 9082 tcp tcpwrapped open
8738149.126.72.220 9084 tcp tcpwrapped open
8739149.126.72.220 9085 tcp tcpwrapped open
8740149.126.72.220 9086 tcp tcpwrapped open
8741149.126.72.220 9088 tcp tcpwrapped open
8742149.126.72.220 9089 tcp tcpwrapped open
8743149.126.72.220 9090 tcp tcpwrapped open
8744149.126.72.220 9091 tcp tcpwrapped open
8745149.126.72.220 9092 tcp tcpwrapped open
8746149.126.72.220 9093 tcp tcpwrapped open
8747149.126.72.220 9094 tcp tcpwrapped open
8748149.126.72.220 9095 tcp tcpwrapped open
8749149.126.72.220 9096 tcp tcpwrapped open
8750149.126.72.220 9097 tcp tcpwrapped open
8751149.126.72.220 9098 tcp tcpwrapped open
8752149.126.72.220 9099 tcp tcpwrapped open
8753149.126.72.220 9100 tcp jetdirect open
8754149.126.72.220 9101 tcp jetdirect open
8755149.126.72.220 9102 tcp jetdirect open
8756149.126.72.220 9103 tcp jetdirect open
8757149.126.72.220 9104 tcp jetdirect open
8758149.126.72.220 9105 tcp jetdirect open
8759149.126.72.220 9106 tcp jetdirect open
8760149.126.72.220 9107 tcp jetdirect open
8761149.126.72.220 9108 tcp tcpwrapped open
8762149.126.72.220 9109 tcp tcpwrapped open
8763149.126.72.220 9110 tcp tcpwrapped open
8764149.126.72.220 9111 tcp tcpwrapped open
8765149.126.72.220 9136 tcp tcpwrapped open
8766149.126.72.220 9143 tcp tcpwrapped open
8767149.126.72.220 9189 tcp tcpwrapped open
8768149.126.72.220 9199 tcp tcpwrapped open
8769149.126.72.220 9200 tcp tcpwrapped open
8770149.126.72.220 9201 tcp tcpwrapped open
8771149.126.72.220 9202 tcp tcpwrapped open
8772149.126.72.220 9203 tcp tcpwrapped open
8773149.126.72.220 9204 tcp tcpwrapped open
8774149.126.72.220 9205 tcp tcpwrapped open
8775149.126.72.220 9206 tcp tcpwrapped open
8776149.126.72.220 9207 tcp tcpwrapped open
8777149.126.72.220 9208 tcp tcpwrapped open
8778149.126.72.220 9209 tcp tcpwrapped open
8779149.126.72.220 9210 tcp tcpwrapped open
8780149.126.72.220 9211 tcp tcpwrapped open
8781149.126.72.220 9212 tcp tcpwrapped open
8782149.126.72.220 9213 tcp tcpwrapped open
8783149.126.72.220 9214 tcp tcpwrapped open
8784149.126.72.220 9215 tcp tcpwrapped open
8785149.126.72.220 9216 tcp tcpwrapped open
8786149.126.72.220 9217 tcp tcpwrapped open
8787149.126.72.220 9218 tcp tcpwrapped open
8788149.126.72.220 9219 tcp tcpwrapped open
8789149.126.72.220 9220 tcp tcpwrapped open
8790149.126.72.220 9221 tcp tcpwrapped open
8791149.126.72.220 9236 tcp tcpwrapped open
8792149.126.72.220 9251 tcp tcpwrapped open
8793149.126.72.220 9289 tcp tcpwrapped open
8794149.126.72.220 9299 tcp tcpwrapped open
8795149.126.72.220 9300 tcp tcpwrapped open
8796149.126.72.220 9301 tcp tcpwrapped open
8797149.126.72.220 9302 tcp tcpwrapped open
8798149.126.72.220 9303 tcp tcpwrapped open
8799149.126.72.220 9304 tcp tcpwrapped open
8800149.126.72.220 9305 tcp tcpwrapped open
8801149.126.72.220 9306 tcp tcpwrapped open
8802149.126.72.220 9307 tcp tcpwrapped open
8803149.126.72.220 9308 tcp tcpwrapped open
8804149.126.72.220 9309 tcp tcpwrapped open
8805149.126.72.220 9310 tcp tcpwrapped open
8806149.126.72.220 9311 tcp tcpwrapped open
8807149.126.72.220 9350 tcp tcpwrapped open
8808149.126.72.220 9383 tcp tcpwrapped open
8809149.126.72.220 9387 tcp tcpwrapped open
8810149.126.72.220 9389 tcp tcpwrapped open
8811149.126.72.220 9433 tcp tcpwrapped open
8812149.126.72.220 9443 tcp tcpwrapped open
8813149.126.72.220 9444 tcp tcpwrapped open
8814149.126.72.220 9446 tcp tcpwrapped open
8815149.126.72.220 9447 tcp tcpwrapped open
8816149.126.72.220 9500 tcp tcpwrapped open
8817149.126.72.220 9510 tcp tcpwrapped open
8818149.126.72.220 9530 tcp tcpwrapped open
8819149.126.72.220 9550 tcp tcpwrapped open
8820149.126.72.220 9600 tcp tcpwrapped open
8821149.126.72.220 9663 tcp tcpwrapped open
8822149.126.72.220 9690 tcp tcpwrapped open
8823149.126.72.220 9704 tcp tcpwrapped open
8824149.126.72.220 9710 tcp tcpwrapped open
8825149.126.72.220 9711 tcp tcpwrapped open
8826149.126.72.220 9765 tcp tcpwrapped open
8827149.126.72.220 9773 tcp tcpwrapped open
8828149.126.72.220 9779 tcp tcpwrapped open
8829149.126.72.220 9800 tcp tcpwrapped open
8830149.126.72.220 9803 tcp tcpwrapped open
8831149.126.72.220 9804 tcp tcpwrapped open
8832149.126.72.220 9950 tcp tcpwrapped open
8833149.126.72.220 9991 tcp tcpwrapped open
8834149.126.72.220 9992 tcp tcpwrapped open
8835149.126.72.220 9993 tcp tcpwrapped open
8836149.126.72.220 9994 tcp tcpwrapped open
8837149.126.72.220 9997 tcp tcpwrapped open
8838149.126.72.220 9998 tcp tcpwrapped open
8839149.126.72.220 9999 tcp tcpwrapped open
8840149.126.72.220 10000 tcp tcpwrapped open
8841149.126.72.220 10001 tcp tcpwrapped open
8842149.126.72.220 10002 tcp tcpwrapped open
8843149.126.72.220 10003 tcp tcpwrapped open
8844149.126.72.220 10004 tcp tcpwrapped open
8845149.126.72.220 10005 tcp tcpwrapped open
8846149.126.72.220 10006 tcp tcpwrapped open
8847149.126.72.220 10007 tcp tcpwrapped open
8848149.126.72.220 10008 tcp tcpwrapped open
8849149.126.72.220 10009 tcp tcpwrapped open
8850149.126.72.220 10010 tcp tcpwrapped open
8851149.126.72.220 10011 tcp tcpwrapped open
8852149.126.72.220 10012 tcp tcpwrapped open
8853149.126.72.220 10013 tcp tcpwrapped open
8854149.126.72.220 10014 tcp tcpwrapped open
8855149.126.72.220 10015 tcp tcpwrapped open
8856149.126.72.220 10016 tcp tcpwrapped open
8857149.126.72.220 10017 tcp tcpwrapped open
8858149.126.72.220 10018 tcp tcpwrapped open
8859149.126.72.220 10019 tcp tcpwrapped open
8860149.126.72.220 10020 tcp tcpwrapped open
8861149.126.72.220 10021 tcp tcpwrapped open
8862149.126.72.220 10022 tcp tcpwrapped open
8863149.126.72.220 10023 tcp tcpwrapped open
8864149.126.72.220 10024 tcp tcpwrapped open
8865149.126.72.220 10025 tcp tcpwrapped open
8866149.126.72.220 10026 tcp tcpwrapped open
8867149.126.72.220 10027 tcp tcpwrapped open
8868149.126.72.220 10028 tcp tcpwrapped open
8869149.126.72.220 10029 tcp tcpwrapped open
8870149.126.72.220 10030 tcp tcpwrapped open
8871149.126.72.220 10031 tcp tcpwrapped open
8872149.126.72.220 10032 tcp tcpwrapped open
8873149.126.72.220 10033 tcp tcpwrapped open
8874149.126.72.220 10034 tcp tcpwrapped open
8875149.126.72.220 10035 tcp tcpwrapped open
8876149.126.72.220 10036 tcp tcpwrapped open
8877149.126.72.220 10037 tcp tcpwrapped open
8878149.126.72.220 10038 tcp tcpwrapped open
8879149.126.72.220 10039 tcp tcpwrapped open
8880149.126.72.220 10040 tcp tcpwrapped open
8881149.126.72.220 10041 tcp tcpwrapped open
8882149.126.72.220 10042 tcp tcpwrapped open
8883149.126.72.220 10043 tcp tcpwrapped open
8884149.126.72.220 10044 tcp tcpwrapped open
8885149.126.72.220 10045 tcp tcpwrapped open
8886149.126.72.220 10046 tcp tcpwrapped open
8887149.126.72.220 10047 tcp tcpwrapped open
8888149.126.72.220 10048 tcp tcpwrapped open
8889149.126.72.220 10049 tcp tcpwrapped open
8890149.126.72.220 10065 tcp tcpwrapped open
8891149.126.72.220 10071 tcp tcpwrapped open
8892149.126.72.220 10075 tcp tcpwrapped open
8893149.126.72.220 10082 tcp tcpwrapped open
8894149.126.72.220 10084 tcp tcpwrapped open
8895149.126.72.220 10100 tcp tcpwrapped open
8896149.126.72.220 10123 tcp tcpwrapped open
8897149.126.72.220 10200 tcp tcpwrapped open
8898149.126.72.220 10443 tcp tcpwrapped open
8899149.126.72.220 10444 tcp tcpwrapped open
8900149.126.72.220 10892 tcp tcpwrapped open
8901149.126.72.220 10894 tcp tcpwrapped open
8902149.126.72.220 11001 tcp tcpwrapped open
8903149.126.72.220 11002 tcp tcpwrapped open
8904149.126.72.220 11007 tcp tcpwrapped open
8905149.126.72.220 11027 tcp tcpwrapped open
8906149.126.72.220 11065 tcp tcpwrapped open
8907149.126.72.220 11075 tcp tcpwrapped open
8908149.126.72.220 11082 tcp tcpwrapped open
8909149.126.72.220 11084 tcp tcpwrapped open
8910149.126.72.220 11110 tcp tcpwrapped open
8911149.126.72.220 11182 tcp tcpwrapped open
8912149.126.72.220 11184 tcp tcpwrapped open
8913149.126.72.220 11443 tcp tcpwrapped open
8914149.126.72.220 12016 tcp tcpwrapped open
8915149.126.72.220 12082 tcp tcpwrapped open
8916149.126.72.220 12084 tcp tcpwrapped open
8917149.126.72.220 12103 tcp tcpwrapped open
8918149.126.72.220 12104 tcp tcpwrapped open
8919149.126.72.220 12105 tcp tcpwrapped open
8920149.126.72.220 12106 tcp tcpwrapped open
8921149.126.72.220 12107 tcp tcpwrapped open
8922149.126.72.220 12108 tcp tcpwrapped open
8923149.126.72.220 12109 tcp tcpwrapped open
8924149.126.72.220 12110 tcp tcpwrapped open
8925149.126.72.220 12111 tcp tcpwrapped open
8926149.126.72.220 12112 tcp tcpwrapped open
8927149.126.72.220 12113 tcp tcpwrapped open
8928149.126.72.220 12114 tcp tcpwrapped open
8929149.126.72.220 12115 tcp tcpwrapped open
8930149.126.72.220 12116 tcp tcpwrapped open
8931149.126.72.220 12117 tcp tcpwrapped open
8932149.126.72.220 12118 tcp tcpwrapped open
8933149.126.72.220 12119 tcp tcpwrapped open
8934149.126.72.220 12120 tcp tcpwrapped open
8935149.126.72.220 12121 tcp tcpwrapped open
8936149.126.72.220 12122 tcp tcpwrapped open
8937149.126.72.220 12123 tcp tcpwrapped open
8938149.126.72.220 12124 tcp tcpwrapped open
8939149.126.72.220 12125 tcp tcpwrapped open
8940149.126.72.220 12126 tcp tcpwrapped open
8941149.126.72.220 12127 tcp tcpwrapped open
8942149.126.72.220 12128 tcp tcpwrapped open
8943149.126.72.220 12129 tcp tcpwrapped open
8944149.126.72.220 12130 tcp tcpwrapped open
8945149.126.72.220 12131 tcp tcpwrapped open
8946149.126.72.220 12132 tcp tcpwrapped open
8947149.126.72.220 12133 tcp tcpwrapped open
8948149.126.72.220 12134 tcp tcpwrapped open
8949149.126.72.220 12135 tcp tcpwrapped open
8950149.126.72.220 12136 tcp tcpwrapped open
8951149.126.72.220 12137 tcp tcpwrapped open
8952149.126.72.220 12138 tcp tcpwrapped open
8953149.126.72.220 12139 tcp tcpwrapped open
8954149.126.72.220 12140 tcp tcpwrapped open
8955149.126.72.220 12141 tcp tcpwrapped open
8956149.126.72.220 12142 tcp tcpwrapped open
8957149.126.72.220 12143 tcp tcpwrapped open
8958149.126.72.220 12144 tcp tcpwrapped open
8959149.126.72.220 12145 tcp tcpwrapped open
8960149.126.72.220 12146 tcp tcpwrapped open
8961149.126.72.220 12147 tcp tcpwrapped open
8962149.126.72.220 12148 tcp tcpwrapped open
8963149.126.72.220 12149 tcp tcpwrapped open
8964149.126.72.220 12150 tcp tcpwrapped open
8965149.126.72.220 12151 tcp tcpwrapped open
8966149.126.72.220 12152 tcp tcpwrapped open
8967149.126.72.220 12153 tcp tcpwrapped open
8968149.126.72.220 12154 tcp tcpwrapped open
8969149.126.72.220 12155 tcp tcpwrapped open
8970149.126.72.220 12156 tcp tcpwrapped open
8971149.126.72.220 12157 tcp tcpwrapped open
8972149.126.72.220 12158 tcp tcpwrapped open
8973149.126.72.220 12159 tcp tcpwrapped open
8974149.126.72.220 12160 tcp tcpwrapped open
8975149.126.72.220 12161 tcp tcpwrapped open
8976149.126.72.220 12162 tcp tcpwrapped open
8977149.126.72.220 12163 tcp tcpwrapped open
8978149.126.72.220 12164 tcp tcpwrapped open
8979149.126.72.220 12165 tcp tcpwrapped open
8980149.126.72.220 12166 tcp tcpwrapped open
8981149.126.72.220 12167 tcp tcpwrapped open
8982149.126.72.220 12168 tcp tcpwrapped open
8983149.126.72.220 12169 tcp tcpwrapped open
8984149.126.72.220 12170 tcp tcpwrapped open
8985149.126.72.220 12171 tcp tcpwrapped open
8986149.126.72.220 12172 tcp tcpwrapped open
8987149.126.72.220 12173 tcp tcpwrapped open
8988149.126.72.220 12174 tcp tcpwrapped open
8989149.126.72.220 12175 tcp tcpwrapped open
8990149.126.72.220 12176 tcp tcpwrapped open
8991149.126.72.220 12177 tcp tcpwrapped open
8992149.126.72.220 12178 tcp tcpwrapped open
8993149.126.72.220 12179 tcp tcpwrapped open
8994149.126.72.220 12180 tcp tcpwrapped open
8995149.126.72.220 12181 tcp tcpwrapped open
8996149.126.72.220 12182 tcp tcpwrapped open
8997149.126.72.220 12183 tcp tcpwrapped open
8998149.126.72.220 12184 tcp tcpwrapped open
8999149.126.72.220 12185 tcp tcpwrapped open
9000149.126.72.220 12186 tcp tcpwrapped open
9001149.126.72.220 12187 tcp tcpwrapped open
9002149.126.72.220 12188 tcp tcpwrapped open
9003149.126.72.220 12189 tcp tcpwrapped open
9004149.126.72.220 12190 tcp tcpwrapped open
9005149.126.72.220 12191 tcp tcpwrapped open
9006149.126.72.220 12192 tcp tcpwrapped open
9007149.126.72.220 12193 tcp tcpwrapped open
9008149.126.72.220 12194 tcp tcpwrapped open
9009149.126.72.220 12195 tcp tcpwrapped open
9010149.126.72.220 12196 tcp tcpwrapped open
9011149.126.72.220 12197 tcp tcpwrapped open
9012149.126.72.220 12198 tcp tcpwrapped open
9013149.126.72.220 12199 tcp tcpwrapped open
9014149.126.72.220 12200 tcp tcpwrapped open
9015149.126.72.220 12201 tcp tcpwrapped open
9016149.126.72.220 12202 tcp tcpwrapped open
9017149.126.72.220 12203 tcp tcpwrapped open
9018149.126.72.220 12204 tcp tcpwrapped open
9019149.126.72.220 12205 tcp tcpwrapped open
9020149.126.72.220 12206 tcp tcpwrapped open
9021149.126.72.220 12207 tcp tcpwrapped open
9022149.126.72.220 12208 tcp tcpwrapped open
9023149.126.72.220 12209 tcp tcpwrapped open
9024149.126.72.220 12210 tcp tcpwrapped open
9025149.126.72.220 12211 tcp tcpwrapped open
9026149.126.72.220 12212 tcp tcpwrapped open
9027149.126.72.220 12213 tcp tcpwrapped open
9028149.126.72.220 12214 tcp tcpwrapped open
9029149.126.72.220 12215 tcp tcpwrapped open
9030149.126.72.220 12216 tcp tcpwrapped open
9031149.126.72.220 12217 tcp tcpwrapped open
9032149.126.72.220 12218 tcp tcpwrapped open
9033149.126.72.220 12219 tcp tcpwrapped open
9034149.126.72.220 12220 tcp tcpwrapped open
9035149.126.72.220 12221 tcp tcpwrapped open
9036149.126.72.220 12222 tcp tcpwrapped open
9037149.126.72.220 12223 tcp tcpwrapped open
9038149.126.72.220 12224 tcp tcpwrapped open
9039149.126.72.220 12225 tcp tcpwrapped open
9040149.126.72.220 12226 tcp tcpwrapped open
9041149.126.72.220 12227 tcp tcpwrapped open
9042149.126.72.220 12228 tcp tcpwrapped open
9043149.126.72.220 12229 tcp tcpwrapped open
9044149.126.72.220 12230 tcp tcpwrapped open
9045149.126.72.220 12231 tcp tcpwrapped open
9046149.126.72.220 12232 tcp tcpwrapped open
9047149.126.72.220 12233 tcp tcpwrapped open
9048149.126.72.220 12234 tcp tcpwrapped open
9049149.126.72.220 12235 tcp tcpwrapped open
9050149.126.72.220 12236 tcp tcpwrapped open
9051149.126.72.220 12237 tcp tcpwrapped open
9052149.126.72.220 12238 tcp tcpwrapped open
9053149.126.72.220 12239 tcp tcpwrapped open
9054149.126.72.220 12240 tcp tcpwrapped open
9055149.126.72.220 12241 tcp tcpwrapped open
9056149.126.72.220 12242 tcp tcpwrapped open
9057149.126.72.220 12243 tcp tcpwrapped open
9058149.126.72.220 12244 tcp tcpwrapped open
9059149.126.72.220 12245 tcp tcpwrapped open
9060149.126.72.220 12246 tcp tcpwrapped open
9061149.126.72.220 12247 tcp tcpwrapped open
9062149.126.72.220 12248 tcp tcpwrapped open
9063149.126.72.220 12249 tcp tcpwrapped open
9064149.126.72.220 12250 tcp tcpwrapped open
9065149.126.72.220 12251 tcp tcpwrapped open
9066149.126.72.220 12252 tcp tcpwrapped open
9067149.126.72.220 12253 tcp tcpwrapped open
9068149.126.72.220 12254 tcp tcpwrapped open
9069149.126.72.220 12255 tcp tcpwrapped open
9070149.126.72.220 12256 tcp tcpwrapped open
9071149.126.72.220 12257 tcp tcpwrapped open
9072149.126.72.220 12258 tcp tcpwrapped open
9073149.126.72.220 12259 tcp tcpwrapped open
9074149.126.72.220 12260 tcp tcpwrapped open
9075149.126.72.220 12261 tcp tcpwrapped open
9076149.126.72.220 12262 tcp tcpwrapped open
9077149.126.72.220 12263 tcp tcpwrapped open
9078149.126.72.220 12264 tcp tcpwrapped open
9079149.126.72.220 12265 tcp tcpwrapped open
9080149.126.72.220 12266 tcp tcpwrapped open
9081149.126.72.220 12267 tcp tcpwrapped open
9082149.126.72.220 12268 tcp tcpwrapped open
9083149.126.72.220 12269 tcp tcpwrapped open
9084149.126.72.220 12270 tcp tcpwrapped open
9085149.126.72.220 12271 tcp tcpwrapped open
9086149.126.72.220 12272 tcp tcpwrapped open
9087149.126.72.220 12273 tcp tcpwrapped open
9088149.126.72.220 12274 tcp tcpwrapped open
9089149.126.72.220 12275 tcp tcpwrapped open
9090149.126.72.220 12276 tcp tcpwrapped open
9091149.126.72.220 12277 tcp tcpwrapped open
9092149.126.72.220 12278 tcp tcpwrapped open
9093149.126.72.220 12279 tcp tcpwrapped open
9094149.126.72.220 12280 tcp tcpwrapped open
9095149.126.72.220 12281 tcp tcpwrapped open
9096149.126.72.220 12282 tcp tcpwrapped open
9097149.126.72.220 12283 tcp tcpwrapped open
9098149.126.72.220 12284 tcp tcpwrapped open
9099149.126.72.220 12285 tcp tcpwrapped open
9100149.126.72.220 12286 tcp tcpwrapped open
9101149.126.72.220 12287 tcp tcpwrapped open
9102149.126.72.220 12288 tcp tcpwrapped open
9103149.126.72.220 12289 tcp tcpwrapped open
9104149.126.72.220 12290 tcp tcpwrapped open
9105149.126.72.220 12291 tcp tcpwrapped open
9106149.126.72.220 12292 tcp tcpwrapped open
9107149.126.72.220 12293 tcp tcpwrapped open
9108149.126.72.220 12294 tcp tcpwrapped open
9109149.126.72.220 12295 tcp tcpwrapped open
9110149.126.72.220 12296 tcp tcpwrapped open
9111149.126.72.220 12297 tcp tcpwrapped open
9112149.126.72.220 12298 tcp tcpwrapped open
9113149.126.72.220 12299 tcp tcpwrapped open
9114149.126.72.220 12300 tcp tcpwrapped open
9115149.126.72.220 12301 tcp tcpwrapped open
9116149.126.72.220 12302 tcp tcpwrapped open
9117149.126.72.220 12303 tcp tcpwrapped open
9118149.126.72.220 12304 tcp tcpwrapped open
9119149.126.72.220 12305 tcp tcpwrapped open
9120149.126.72.220 12306 tcp tcpwrapped open
9121149.126.72.220 12307 tcp tcpwrapped open
9122149.126.72.220 12308 tcp tcpwrapped open
9123149.126.72.220 12309 tcp tcpwrapped open
9124149.126.72.220 12310 tcp tcpwrapped open
9125149.126.72.220 12311 tcp tcpwrapped open
9126149.126.72.220 12312 tcp tcpwrapped open
9127149.126.72.220 12313 tcp tcpwrapped open
9128149.126.72.220 12314 tcp tcpwrapped open
9129149.126.72.220 12315 tcp tcpwrapped open
9130149.126.72.220 12316 tcp tcpwrapped open
9131149.126.72.220 12317 tcp tcpwrapped open
9132149.126.72.220 12318 tcp tcpwrapped open
9133149.126.72.220 12319 tcp tcpwrapped open
9134149.126.72.220 12320 tcp tcpwrapped open
9135149.126.72.220 12321 tcp tcpwrapped open
9136149.126.72.220 12322 tcp tcpwrapped open
9137149.126.72.220 12323 tcp tcpwrapped open
9138149.126.72.220 12324 tcp tcpwrapped open
9139149.126.72.220 12325 tcp tcpwrapped open
9140149.126.72.220 12326 tcp tcpwrapped open
9141149.126.72.220 12327 tcp tcpwrapped open
9142149.126.72.220 12328 tcp tcpwrapped open
9143149.126.72.220 12329 tcp tcpwrapped open
9144149.126.72.220 12330 tcp tcpwrapped open
9145149.126.72.220 12331 tcp tcpwrapped open
9146149.126.72.220 12332 tcp tcpwrapped open
9147149.126.72.220 12333 tcp tcpwrapped open
9148149.126.72.220 12334 tcp tcpwrapped open
9149149.126.72.220 12335 tcp tcpwrapped open
9150149.126.72.220 12336 tcp tcpwrapped open
9151149.126.72.220 12337 tcp tcpwrapped open
9152149.126.72.220 12338 tcp tcpwrapped open
9153149.126.72.220 12339 tcp tcpwrapped open
9154149.126.72.220 12340 tcp tcpwrapped open
9155149.126.72.220 12341 tcp tcpwrapped open
9156149.126.72.220 12342 tcp tcpwrapped open
9157149.126.72.220 12343 tcp tcpwrapped open
9158149.126.72.220 12344 tcp tcpwrapped open
9159149.126.72.220 12345 tcp tcpwrapped open
9160149.126.72.220 12346 tcp tcpwrapped open
9161149.126.72.220 12347 tcp tcpwrapped open
9162149.126.72.220 12348 tcp tcpwrapped open
9163149.126.72.220 12349 tcp tcpwrapped open
9164149.126.72.220 12350 tcp tcpwrapped open
9165149.126.72.220 12351 tcp tcpwrapped open
9166149.126.72.220 12352 tcp tcpwrapped open
9167149.126.72.220 12353 tcp tcpwrapped open
9168149.126.72.220 12354 tcp tcpwrapped open
9169149.126.72.220 12355 tcp tcpwrapped open
9170149.126.72.220 12356 tcp tcpwrapped open
9171149.126.72.220 12357 tcp tcpwrapped open
9172149.126.72.220 12358 tcp tcpwrapped open
9173149.126.72.220 12359 tcp tcpwrapped open
9174149.126.72.220 12360 tcp tcpwrapped open
9175149.126.72.220 12361 tcp tcpwrapped open
9176149.126.72.220 12362 tcp tcpwrapped open
9177149.126.72.220 12363 tcp tcpwrapped open
9178149.126.72.220 12364 tcp tcpwrapped open
9179149.126.72.220 12365 tcp tcpwrapped open
9180149.126.72.220 12366 tcp tcpwrapped open
9181149.126.72.220 12367 tcp tcpwrapped open
9182149.126.72.220 12368 tcp tcpwrapped open
9183149.126.72.220 12369 tcp tcpwrapped open
9184149.126.72.220 12370 tcp tcpwrapped open
9185149.126.72.220 12371 tcp tcpwrapped open
9186149.126.72.220 12372 tcp tcpwrapped open
9187149.126.72.220 12373 tcp tcpwrapped open
9188149.126.72.220 12374 tcp tcpwrapped open
9189149.126.72.220 12375 tcp tcpwrapped open
9190149.126.72.220 12376 tcp tcpwrapped open
9191149.126.72.220 12377 tcp tcpwrapped open
9192149.126.72.220 12378 tcp tcpwrapped open
9193149.126.72.220 12379 tcp tcpwrapped open
9194149.126.72.220 12380 tcp tcpwrapped open
9195149.126.72.220 12381 tcp tcpwrapped open
9196149.126.72.220 12382 tcp tcpwrapped open
9197149.126.72.220 12383 tcp tcpwrapped open
9198149.126.72.220 12384 tcp tcpwrapped open
9199149.126.72.220 12385 tcp tcpwrapped open
9200149.126.72.220 12386 tcp tcpwrapped open
9201149.126.72.220 12387 tcp tcpwrapped open
9202149.126.72.220 12388 tcp tcpwrapped open
9203149.126.72.220 12389 tcp tcpwrapped open
9204149.126.72.220 12390 tcp tcpwrapped open
9205149.126.72.220 12391 tcp tcpwrapped open
9206149.126.72.220 12392 tcp tcpwrapped open
9207149.126.72.220 12393 tcp tcpwrapped open
9208149.126.72.220 12394 tcp tcpwrapped open
9209149.126.72.220 12395 tcp tcpwrapped open
9210149.126.72.220 12396 tcp tcpwrapped open
9211149.126.72.220 12397 tcp tcpwrapped open
9212149.126.72.220 12398 tcp tcpwrapped open
9213149.126.72.220 12399 tcp tcpwrapped open
9214149.126.72.220 12400 tcp tcpwrapped open
9215149.126.72.220 12401 tcp tcpwrapped open
9216149.126.72.220 12402 tcp tcpwrapped open
9217149.126.72.220 12403 tcp tcpwrapped open
9218149.126.72.220 12404 tcp tcpwrapped open
9219149.126.72.220 12405 tcp tcpwrapped open
9220149.126.72.220 12406 tcp tcpwrapped open
9221149.126.72.220 12407 tcp tcpwrapped open
9222149.126.72.220 12408 tcp tcpwrapped open
9223149.126.72.220 12409 tcp tcpwrapped open
9224149.126.72.220 12410 tcp tcpwrapped open
9225149.126.72.220 12411 tcp tcpwrapped open
9226149.126.72.220 12412 tcp tcpwrapped open
9227149.126.72.220 12413 tcp tcpwrapped open
9228149.126.72.220 12414 tcp tcpwrapped open
9229149.126.72.220 12415 tcp tcpwrapped open
9230149.126.72.220 12416 tcp tcpwrapped open
9231149.126.72.220 12417 tcp tcpwrapped open
9232149.126.72.220 12418 tcp tcpwrapped open
9233149.126.72.220 12419 tcp tcpwrapped open
9234149.126.72.220 12420 tcp tcpwrapped open
9235149.126.72.220 12421 tcp tcpwrapped open
9236149.126.72.220 12422 tcp tcpwrapped open
9237149.126.72.220 12423 tcp tcpwrapped open
9238149.126.72.220 12424 tcp tcpwrapped open
9239149.126.72.220 12425 tcp tcpwrapped open
9240149.126.72.220 12426 tcp tcpwrapped open
9241149.126.72.220 12427 tcp tcpwrapped open
9242149.126.72.220 12428 tcp tcpwrapped open
9243149.126.72.220 12429 tcp tcpwrapped open
9244149.126.72.220 12430 tcp tcpwrapped open
9245149.126.72.220 12431 tcp tcpwrapped open
9246149.126.72.220 12432 tcp tcpwrapped open
9247149.126.72.220 12433 tcp tcpwrapped open
9248149.126.72.220 12434 tcp tcpwrapped open
9249149.126.72.220 12435 tcp tcpwrapped open
9250149.126.72.220 12436 tcp tcpwrapped open
9251149.126.72.220 12437 tcp tcpwrapped open
9252149.126.72.220 12438 tcp tcpwrapped open
9253149.126.72.220 12439 tcp tcpwrapped open
9254149.126.72.220 12440 tcp tcpwrapped open
9255149.126.72.220 12441 tcp tcpwrapped open
9256149.126.72.220 12442 tcp tcpwrapped open
9257149.126.72.220 12443 tcp tcpwrapped open
9258149.126.72.220 12444 tcp tcpwrapped open
9259149.126.72.220 12445 tcp tcpwrapped open
9260149.126.72.220 12446 tcp tcpwrapped open
9261149.126.72.220 12447 tcp tcpwrapped open
9262149.126.72.220 12448 tcp tcpwrapped open
9263149.126.72.220 12449 tcp tcpwrapped open
9264149.126.72.220 12450 tcp tcpwrapped open
9265149.126.72.220 12451 tcp tcpwrapped open
9266149.126.72.220 12452 tcp tcpwrapped open
9267149.126.72.220 12453 tcp tcpwrapped open
9268149.126.72.220 12454 tcp tcpwrapped open
9269149.126.72.220 12455 tcp tcpwrapped open
9270149.126.72.220 12456 tcp tcpwrapped open
9271149.126.72.220 12457 tcp tcpwrapped open
9272149.126.72.220 12458 tcp tcpwrapped open
9273149.126.72.220 12459 tcp tcpwrapped open
9274149.126.72.220 12460 tcp tcpwrapped open
9275149.126.72.220 12461 tcp tcpwrapped open
9276149.126.72.220 12462 tcp tcpwrapped open
9277149.126.72.220 12463 tcp tcpwrapped open
9278149.126.72.220 12464 tcp tcpwrapped open
9279149.126.72.220 12465 tcp tcpwrapped open
9280149.126.72.220 12466 tcp tcpwrapped open
9281149.126.72.220 12467 tcp tcpwrapped open
9282149.126.72.220 12468 tcp tcpwrapped open
9283149.126.72.220 12469 tcp tcpwrapped open
9284149.126.72.220 12470 tcp tcpwrapped open
9285149.126.72.220 12471 tcp tcpwrapped open
9286149.126.72.220 12472 tcp tcpwrapped open
9287149.126.72.220 12473 tcp tcpwrapped open
9288149.126.72.220 12474 tcp tcpwrapped open
9289149.126.72.220 12475 tcp tcpwrapped open
9290149.126.72.220 12476 tcp tcpwrapped open
9291149.126.72.220 12477 tcp tcpwrapped open
9292149.126.72.220 12478 tcp tcpwrapped open
9293149.126.72.220 12479 tcp tcpwrapped open
9294149.126.72.220 12480 tcp tcpwrapped open
9295149.126.72.220 12481 tcp tcpwrapped open
9296149.126.72.220 12482 tcp tcpwrapped open
9297149.126.72.220 12483 tcp tcpwrapped open
9298149.126.72.220 12484 tcp tcpwrapped open
9299149.126.72.220 12485 tcp tcpwrapped open
9300149.126.72.220 12486 tcp tcpwrapped open
9301149.126.72.220 12487 tcp tcpwrapped open
9302149.126.72.220 12488 tcp tcpwrapped open
9303149.126.72.220 12489 tcp tcpwrapped open
9304149.126.72.220 12490 tcp tcpwrapped open
9305149.126.72.220 12491 tcp tcpwrapped open
9306149.126.72.220 12492 tcp tcpwrapped open
9307149.126.72.220 12493 tcp tcpwrapped open
9308149.126.72.220 12494 tcp tcpwrapped open
9309149.126.72.220 12495 tcp tcpwrapped open
9310149.126.72.220 12496 tcp tcpwrapped open
9311149.126.72.220 12497 tcp tcpwrapped open
9312149.126.72.220 12498 tcp tcpwrapped open
9313149.126.72.220 12499 tcp tcpwrapped open
9314149.126.72.220 12500 tcp tcpwrapped open
9315149.126.72.220 12501 tcp tcpwrapped open
9316149.126.72.220 12502 tcp tcpwrapped open
9317149.126.72.220 12503 tcp tcpwrapped open
9318149.126.72.220 12504 tcp tcpwrapped open
9319149.126.72.220 12505 tcp tcpwrapped open
9320149.126.72.220 12506 tcp tcpwrapped open
9321149.126.72.220 12507 tcp tcpwrapped open
9322149.126.72.220 12508 tcp tcpwrapped open
9323149.126.72.220 12509 tcp tcpwrapped open
9324149.126.72.220 12510 tcp tcpwrapped open
9325149.126.72.220 12511 tcp tcpwrapped open
9326149.126.72.220 12512 tcp tcpwrapped open
9327149.126.72.220 12513 tcp tcpwrapped open
9328149.126.72.220 12514 tcp tcpwrapped open
9329149.126.72.220 12515 tcp tcpwrapped open
9330149.126.72.220 12516 tcp tcpwrapped open
9331149.126.72.220 12517 tcp tcpwrapped open
9332149.126.72.220 12518 tcp tcpwrapped open
9333149.126.72.220 12519 tcp tcpwrapped open
9334149.126.72.220 12520 tcp tcpwrapped open
9335149.126.72.220 12521 tcp tcpwrapped open
9336149.126.72.220 12522 tcp tcpwrapped open
9337149.126.72.220 12523 tcp tcpwrapped open
9338149.126.72.220 12524 tcp tcpwrapped open
9339149.126.72.220 12525 tcp tcpwrapped open
9340149.126.72.220 12526 tcp tcpwrapped open
9341149.126.72.220 12527 tcp tcpwrapped open
9342149.126.72.220 12528 tcp tcpwrapped open
9343149.126.72.220 12529 tcp tcpwrapped open
9344149.126.72.220 12530 tcp tcpwrapped open
9345149.126.72.220 12531 tcp tcpwrapped open
9346149.126.72.220 12532 tcp tcpwrapped open
9347149.126.72.220 12533 tcp tcpwrapped open
9348149.126.72.220 12534 tcp tcpwrapped open
9349149.126.72.220 12535 tcp tcpwrapped open
9350149.126.72.220 12536 tcp tcpwrapped open
9351149.126.72.220 12537 tcp tcpwrapped open
9352149.126.72.220 12538 tcp tcpwrapped open
9353149.126.72.220 12539 tcp tcpwrapped open
9354149.126.72.220 12540 tcp tcpwrapped open
9355149.126.72.220 12541 tcp tcpwrapped open
9356149.126.72.220 12542 tcp tcpwrapped open
9357149.126.72.220 12543 tcp tcpwrapped open
9358149.126.72.220 12544 tcp tcpwrapped open
9359149.126.72.220 12545 tcp tcpwrapped open
9360149.126.72.220 12546 tcp tcpwrapped open
9361149.126.72.220 12547 tcp tcpwrapped open
9362149.126.72.220 12548 tcp tcpwrapped open
9363149.126.72.220 12549 tcp tcpwrapped open
9364149.126.72.220 12550 tcp tcpwrapped open
9365149.126.72.220 12551 tcp tcpwrapped open
9366149.126.72.220 12552 tcp tcpwrapped open
9367149.126.72.220 12553 tcp tcpwrapped open
9368149.126.72.220 12554 tcp tcpwrapped open
9369149.126.72.220 12555 tcp tcpwrapped open
9370149.126.72.220 12556 tcp tcpwrapped open
9371149.126.72.220 12557 tcp tcpwrapped open
9372149.126.72.220 12558 tcp tcpwrapped open
9373149.126.72.220 12559 tcp tcpwrapped open
9374149.126.72.220 12560 tcp tcpwrapped open
9375149.126.72.220 12561 tcp tcpwrapped open
9376149.126.72.220 12562 tcp tcpwrapped open
9377149.126.72.220 12563 tcp tcpwrapped open
9378149.126.72.220 12564 tcp tcpwrapped open
9379149.126.72.220 12565 tcp tcpwrapped open
9380149.126.72.220 12566 tcp tcpwrapped open
9381149.126.72.220 12567 tcp tcpwrapped open
9382149.126.72.220 12568 tcp tcpwrapped open
9383149.126.72.220 12569 tcp tcpwrapped open
9384149.126.72.220 12570 tcp tcpwrapped open
9385149.126.72.220 12571 tcp tcpwrapped open
9386149.126.72.220 12572 tcp tcpwrapped open
9387149.126.72.220 12573 tcp tcpwrapped open
9388149.126.72.220 12574 tcp tcpwrapped open
9389149.126.72.220 12575 tcp tcpwrapped open
9390149.126.72.220 12576 tcp tcpwrapped open
9391149.126.72.220 12577 tcp tcpwrapped open
9392149.126.72.220 12578 tcp tcpwrapped open
9393149.126.72.220 12579 tcp tcpwrapped open
9394149.126.72.220 12580 tcp tcpwrapped open
9395149.126.72.220 12581 tcp tcpwrapped open
9396149.126.72.220 12582 tcp tcpwrapped open
9397149.126.72.220 12583 tcp tcpwrapped open
9398149.126.72.220 12584 tcp tcpwrapped open
9399149.126.72.220 12585 tcp tcpwrapped open
9400149.126.72.220 12586 tcp tcpwrapped open
9401149.126.72.220 12587 tcp tcpwrapped open
9402149.126.72.220 12588 tcp tcpwrapped open
9403149.126.72.220 12589 tcp tcpwrapped open
9404149.126.72.220 12590 tcp tcpwrapped open
9405149.126.72.220 13082 tcp tcpwrapped open
9406149.126.72.220 13084 tcp tcpwrapped open
9407149.126.72.220 13333 tcp tcpwrapped open
9408149.126.72.220 13443 tcp tcpwrapped open
9409149.126.72.220 14006 tcp tcpwrapped open
9410149.126.72.220 14082 tcp tcpwrapped open
9411149.126.72.220 14084 tcp tcpwrapped open
9412149.126.72.220 14104 tcp tcpwrapped open
9413149.126.72.220 14130 tcp tcpwrapped open
9414149.126.72.220 14182 tcp tcpwrapped open
9415149.126.72.220 14184 tcp tcpwrapped open
9416149.126.72.220 14330 tcp tcpwrapped open
9417149.126.72.220 14443 tcp tcpwrapped open
9418149.126.72.220 14825 tcp tcpwrapped open
9419149.126.72.220 15002 tcp tcpwrapped open
9420149.126.72.220 15006 tcp tcpwrapped open
9421149.126.72.220 15082 tcp tcpwrapped open
9422149.126.72.220 15084 tcp tcpwrapped open
9423149.126.72.220 15151 tcp tcpwrapped open
9424149.126.72.220 15555 tcp tcpwrapped open
9425149.126.72.220 16000 tcp tcpwrapped open
9426149.126.72.220 16001 tcp tcpwrapped open
9427149.126.72.220 16015 tcp tcpwrapped open
9428149.126.72.220 16016 tcp tcpwrapped open
9429149.126.72.220 16017 tcp tcpwrapped open
9430149.126.72.220 16082 tcp tcpwrapped open
9431149.126.72.220 16084 tcp tcpwrapped open
9432149.126.72.220 16311 tcp tcpwrapped open
9433149.126.72.220 16316 tcp tcpwrapped open
9434149.126.72.220 16443 tcp tcpwrapped open
9435149.126.72.220 16800 tcp tcpwrapped open
9436149.126.72.220 16888 tcp tcpwrapped open
9437149.126.72.220 17082 tcp tcpwrapped open
9438149.126.72.220 17084 tcp tcpwrapped open
9439149.126.72.220 17182 tcp tcpwrapped open
9440149.126.72.220 17184 tcp tcpwrapped open
9441149.126.72.220 17770 tcp tcpwrapped open
9442149.126.72.220 17771 tcp tcpwrapped open
9443149.126.72.220 17772 tcp tcpwrapped open
9444149.126.72.220 17773 tcp tcpwrapped open
9445149.126.72.220 17774 tcp tcpwrapped open
9446149.126.72.220 17775 tcp tcpwrapped open
9447149.126.72.220 17776 tcp tcpwrapped open
9448149.126.72.220 17777 tcp tcpwrapped open
9449149.126.72.220 17778 tcp tcpwrapped open
9450149.126.72.220 17779 tcp tcpwrapped open
9451149.126.72.220 17780 tcp tcpwrapped open
9452149.126.72.220 18000 tcp tcpwrapped open
9453149.126.72.220 18001 tcp tcpwrapped open
9454149.126.72.220 18002 tcp tcpwrapped open
9455149.126.72.220 18003 tcp tcpwrapped open
9456149.126.72.220 18004 tcp tcpwrapped open
9457149.126.72.220 18005 tcp tcpwrapped open
9458149.126.72.220 18006 tcp tcpwrapped open
9459149.126.72.220 18007 tcp tcpwrapped open
9460149.126.72.220 18008 tcp tcpwrapped open
9461149.126.72.220 18009 tcp tcpwrapped open
9462149.126.72.220 18010 tcp tcpwrapped open
9463149.126.72.220 18011 tcp tcpwrapped open
9464149.126.72.220 18012 tcp tcpwrapped open
9465149.126.72.220 18013 tcp tcpwrapped open
9466149.126.72.220 18014 tcp tcpwrapped open
9467149.126.72.220 18015 tcp tcpwrapped open
9468149.126.72.220 18016 tcp tcpwrapped open
9469149.126.72.220 18017 tcp tcpwrapped open
9470149.126.72.220 18018 tcp tcpwrapped open
9471149.126.72.220 18019 tcp tcpwrapped open
9472149.126.72.220 18020 tcp tcpwrapped open
9473149.126.72.220 18021 tcp tcpwrapped open
9474149.126.72.220 18022 tcp tcpwrapped open
9475149.126.72.220 18023 tcp tcpwrapped open
9476149.126.72.220 18024 tcp tcpwrapped open
9477149.126.72.220 18025 tcp tcpwrapped open
9478149.126.72.220 18026 tcp tcpwrapped open
9479149.126.72.220 18027 tcp tcpwrapped open
9480149.126.72.220 18028 tcp tcpwrapped open
9481149.126.72.220 18029 tcp tcpwrapped open
9482149.126.72.220 18030 tcp tcpwrapped open
9483149.126.72.220 18031 tcp tcpwrapped open
9484149.126.72.220 18032 tcp tcpwrapped open
9485149.126.72.220 18033 tcp tcpwrapped open
9486149.126.72.220 18034 tcp tcpwrapped open
9487149.126.72.220 18035 tcp tcpwrapped open
9488149.126.72.220 18036 tcp tcpwrapped open
9489149.126.72.220 18037 tcp tcpwrapped open
9490149.126.72.220 18038 tcp tcpwrapped open
9491149.126.72.220 18039 tcp tcpwrapped open
9492149.126.72.220 18040 tcp tcpwrapped open
9493149.126.72.220 18041 tcp tcpwrapped open
9494149.126.72.220 18042 tcp tcpwrapped open
9495149.126.72.220 18043 tcp tcpwrapped open
9496149.126.72.220 18044 tcp tcpwrapped open
9497149.126.72.220 18045 tcp tcpwrapped open
9498149.126.72.220 18046 tcp tcpwrapped open
9499149.126.72.220 18047 tcp tcpwrapped open
9500149.126.72.220 18048 tcp tcpwrapped open
9501149.126.72.220 18049 tcp tcpwrapped open
9502149.126.72.220 18050 tcp tcpwrapped open
9503149.126.72.220 18051 tcp tcpwrapped open
9504149.126.72.220 18052 tcp tcpwrapped open
9505149.126.72.220 18053 tcp tcpwrapped open
9506149.126.72.220 18054 tcp tcpwrapped open
9507149.126.72.220 18055 tcp tcpwrapped open
9508149.126.72.220 18056 tcp tcpwrapped open
9509149.126.72.220 18057 tcp tcpwrapped open
9510149.126.72.220 18058 tcp tcpwrapped open
9511149.126.72.220 18059 tcp tcpwrapped open
9512149.126.72.220 18060 tcp tcpwrapped open
9513149.126.72.220 18061 tcp tcpwrapped open
9514149.126.72.220 18062 tcp tcpwrapped open
9515149.126.72.220 18063 tcp tcpwrapped open
9516149.126.72.220 18064 tcp tcpwrapped open
9517149.126.72.220 18065 tcp tcpwrapped open
9518149.126.72.220 18066 tcp tcpwrapped open
9519149.126.72.220 18067 tcp tcpwrapped open
9520149.126.72.220 18068 tcp tcpwrapped open
9521149.126.72.220 18069 tcp tcpwrapped open
9522149.126.72.220 18070 tcp tcpwrapped open
9523149.126.72.220 18071 tcp tcpwrapped open
9524149.126.72.220 18072 tcp tcpwrapped open
9525149.126.72.220 18073 tcp tcpwrapped open
9526149.126.72.220 18074 tcp tcpwrapped open
9527149.126.72.220 18075 tcp tcpwrapped open
9528149.126.72.220 18076 tcp tcpwrapped open
9529149.126.72.220 18077 tcp tcpwrapped open
9530149.126.72.220 18078 tcp tcpwrapped open
9531149.126.72.220 18079 tcp tcpwrapped open
9532149.126.72.220 18080 tcp tcpwrapped open
9533149.126.72.220 18081 tcp tcpwrapped open
9534149.126.72.220 18082 tcp tcpwrapped open
9535149.126.72.220 18083 tcp tcpwrapped open
9536149.126.72.220 18084 tcp tcpwrapped open
9537149.126.72.220 18085 tcp tcpwrapped open
9538149.126.72.220 18086 tcp tcpwrapped open
9539149.126.72.220 18087 tcp tcpwrapped open
9540149.126.72.220 18088 tcp tcpwrapped open
9541149.126.72.220 18089 tcp tcpwrapped open
9542149.126.72.220 18090 tcp tcpwrapped open
9543149.126.72.220 18091 tcp tcpwrapped open
9544149.126.72.220 18092 tcp tcpwrapped open
9545149.126.72.220 18093 tcp tcpwrapped open
9546149.126.72.220 18094 tcp tcpwrapped open
9547149.126.72.220 18095 tcp tcpwrapped open
9548149.126.72.220 18096 tcp tcpwrapped open
9549149.126.72.220 18097 tcp tcpwrapped open
9550149.126.72.220 18098 tcp tcpwrapped open
9551149.126.72.220 18099 tcp tcpwrapped open
9552149.126.72.220 18100 tcp tcpwrapped open
9553149.126.72.220 18101 tcp tcpwrapped open
9554149.126.72.220 18102 tcp tcpwrapped open
9555149.126.72.220 18103 tcp tcpwrapped open
9556149.126.72.220 18104 tcp tcpwrapped open
9557149.126.72.220 18105 tcp tcpwrapped open
9558149.126.72.220 18106 tcp tcpwrapped open
9559149.126.72.220 18107 tcp tcpwrapped open
9560149.126.72.220 18108 tcp tcpwrapped open
9561149.126.72.220 18109 tcp tcpwrapped open
9562149.126.72.220 18110 tcp tcpwrapped open
9563149.126.72.220 18111 tcp tcpwrapped open
9564149.126.72.220 18112 tcp tcpwrapped open
9565149.126.72.220 18113 tcp tcpwrapped open
9566149.126.72.220 18200 tcp tcpwrapped open
9567149.126.72.220 18239 tcp tcpwrapped open
9568149.126.72.220 18443 tcp tcpwrapped open
9569149.126.72.220 18802 tcp tcpwrapped open
9570149.126.72.220 19013 tcp tcpwrapped open
9571149.126.72.220 19014 tcp tcpwrapped open
9572149.126.72.220 19015 tcp tcpwrapped open
9573149.126.72.220 19016 tcp tcpwrapped open
9574149.126.72.220 19017 tcp tcpwrapped open
9575149.126.72.220 19022 tcp tcpwrapped open
9576149.126.72.220 19080 tcp tcpwrapped open
9577149.126.72.220 19082 tcp tcpwrapped open
9578149.126.72.220 19084 tcp tcpwrapped open
9579149.126.72.220 19443 tcp tcpwrapped open
9580149.126.72.220 20000 tcp tcpwrapped open
9581149.126.72.220 20001 tcp tcpwrapped open
9582149.126.72.220 20010 tcp tcpwrapped open
9583149.126.72.220 20020 tcp tcpwrapped open
9584149.126.72.220 20030 tcp tcpwrapped open
9585149.126.72.220 20040 tcp tcpwrapped open
9586149.126.72.220 20050 tcp tcpwrapped open
9587149.126.72.220 20053 tcp tcpwrapped open
9588149.126.72.220 20060 tcp tcpwrapped open
9589149.126.72.220 20070 tcp tcpwrapped open
9590149.126.72.220 20080 tcp tcpwrapped open
9591149.126.72.220 20082 tcp tcpwrapped open
9592149.126.72.220 20084 tcp tcpwrapped open
9593149.126.72.220 20090 tcp tcpwrapped open
9594149.126.72.220 20100 tcp tcpwrapped open
9595149.126.72.220 20106 tcp tcpwrapped open
9596149.126.72.220 20107 tcp tcpwrapped open
9597149.126.72.220 20110 tcp tcpwrapped open
9598149.126.72.220 20150 tcp tcpwrapped open
9599149.126.72.220 20182 tcp tcpwrapped open
9600149.126.72.220 20184 tcp tcpwrapped open
9601149.126.72.220 20185 tcp tcpwrapped open
9602149.126.72.220 20200 tcp tcpwrapped open
9603149.126.72.220 20208 tcp tcpwrapped open
9604149.126.72.220 20325 tcp tcpwrapped open
9605149.126.72.220 20500 tcp tcpwrapped open
9606149.126.72.220 20512 tcp tcpwrapped open
9607149.126.72.220 20600 tcp tcpwrapped open
9608149.126.72.220 20800 tcp tcpwrapped open
9609149.126.72.220 20892 tcp tcpwrapped open
9610149.126.72.220 20894 tcp tcpwrapped open
9611149.126.72.220 20900 tcp tcpwrapped open
9612149.126.72.220 21081 tcp tcpwrapped open
9613149.126.72.220 21082 tcp tcpwrapped open
9614149.126.72.220 21083 tcp tcpwrapped open
9615149.126.72.220 21084 tcp tcpwrapped open
9616149.126.72.220 21100 tcp tcpwrapped open
9617149.126.72.220 21200 tcp tcpwrapped open
9618149.126.72.220 21300 tcp tcpwrapped open
9619149.126.72.220 21357 tcp tcpwrapped open
9620149.126.72.220 21381 tcp tcpwrapped open
9621149.126.72.220 21400 tcp tcpwrapped open
9622149.126.72.220 21500 tcp tcpwrapped open
9623149.126.72.220 21935 tcp tcpwrapped open
9624149.126.72.220 22082 tcp tcpwrapped open
9625149.126.72.220 22084 tcp tcpwrapped open
9626149.126.72.220 22103 tcp tcpwrapped open
9627149.126.72.220 22107 tcp tcpwrapped open
9628149.126.72.220 22206 tcp tcpwrapped open
9629149.126.72.220 22345 tcp tcpwrapped open
9630149.126.72.220 22403 tcp tcpwrapped open
9631149.126.72.220 22609 tcp tcpwrapped open
9632149.126.72.220 22703 tcp tcpwrapped open
9633149.126.72.220 22705 tcp tcpwrapped open
9634149.126.72.220 23082 tcp tcpwrapped open
9635149.126.72.220 23084 tcp tcpwrapped open
9636149.126.72.220 23182 tcp tcpwrapped open
9637149.126.72.220 23184 tcp tcpwrapped open
9638149.126.72.220 24082 tcp tcpwrapped open
9639149.126.72.220 24084 tcp tcpwrapped open
9640149.126.72.220 24472 tcp tcpwrapped open
9641149.126.72.220 24510 tcp tcpwrapped open
9642149.126.72.220 25000 tcp tcpwrapped open
9643149.126.72.220 25001 tcp tcpwrapped open
9644149.126.72.220 25002 tcp tcpwrapped open
9645149.126.72.220 25003 tcp tcpwrapped open
9646149.126.72.220 25004 tcp tcpwrapped open
9647149.126.72.220 25005 tcp tcpwrapped open
9648149.126.72.220 25006 tcp tcpwrapped open
9649149.126.72.220 25007 tcp tcpwrapped open
9650149.126.72.220 25008 tcp tcpwrapped open
9651149.126.72.220 25009 tcp tcpwrapped open
9652149.126.72.220 25010 tcp tcpwrapped open
9653149.126.72.220 25082 tcp tcpwrapped open
9654149.126.72.220 25084 tcp tcpwrapped open
9655149.126.72.220 25782 tcp tcpwrapped open
9656149.126.72.220 25952 tcp tcpwrapped open
9657149.126.72.220 27571 tcp tcpwrapped open
9658149.126.72.220 28001 tcp tcpwrapped open
9659149.126.72.220 28080 tcp tcpwrapped open
9660149.126.72.220 28818 tcp tcpwrapped open
9661149.126.72.220 29798 tcp tcpwrapped open
9662149.126.72.220 29799 tcp tcpwrapped open
9663149.126.72.220 30000 tcp tcpwrapped open
9664149.126.72.220 30001 tcp tcpwrapped open
9665149.126.72.220 30003 tcp tcpwrapped open
9666149.126.72.220 30005 tcp tcpwrapped open
9667149.126.72.220 30007 tcp tcpwrapped open
9668149.126.72.220 30009 tcp tcpwrapped open
9669149.126.72.220 30011 tcp tcpwrapped open
9670149.126.72.220 30013 tcp tcpwrapped open
9671149.126.72.220 30015 tcp tcpwrapped open
9672149.126.72.220 30017 tcp tcpwrapped open
9673149.126.72.220 30019 tcp tcpwrapped open
9674149.126.72.220 30021 tcp tcpwrapped open
9675149.126.72.220 30050 tcp tcpwrapped open
9676149.126.72.220 30106 tcp tcpwrapped open
9677149.126.72.220 30110 tcp tcpwrapped open
9678149.126.72.220 30111 tcp tcpwrapped open
9679149.126.72.220 30112 tcp tcpwrapped open
9680149.126.72.220 30113 tcp tcpwrapped open
9681149.126.72.220 30120 tcp tcpwrapped open
9682149.126.72.220 30121 tcp tcpwrapped open
9683149.126.72.220 30122 tcp tcpwrapped open
9684149.126.72.220 30123 tcp tcpwrapped open
9685149.126.72.220 30452 tcp tcpwrapped open
9686149.126.72.220 30468 tcp tcpwrapped open
9687149.126.72.220 30473 tcp tcpwrapped open
9688149.126.72.220 30479 tcp tcpwrapped open
9689149.126.72.220 30501 tcp tcpwrapped open
9690149.126.72.220 30700 tcp tcpwrapped open
9691149.126.72.220 30701 tcp tcpwrapped open
9692149.126.72.220 30892 tcp tcpwrapped open
9693149.126.72.220 30894 tcp tcpwrapped open
9694149.126.72.220 31337 tcp tcpwrapped open
9695149.126.72.220 32101 tcp tcpwrapped open
9696149.126.72.220 32102 tcp tcpwrapped open
9697149.126.72.220 32202 tcp tcpwrapped open
9698149.126.72.220 32303 tcp tcpwrapped open
9699149.126.72.220 32443 tcp tcpwrapped open
9700149.126.72.220 32444 tcp tcpwrapped open
9701149.126.72.220 32746 tcp tcpwrapped open
9702149.126.72.220 32800 tcp tcpwrapped open
9703149.126.72.220 34225 tcp tcpwrapped open
9704149.126.72.220 34500 tcp tcpwrapped open
9705149.126.72.220 35522 tcp tcpwrapped open
9706149.126.72.220 35524 tcp tcpwrapped open
9707149.126.72.220 35531 tcp tcpwrapped open
9708149.126.72.220 35554 tcp tcpwrapped open
9709149.126.72.220 35559 tcp tcpwrapped open
9710149.126.72.220 35560 tcp tcpwrapped open
9711149.126.72.220 36982 tcp tcpwrapped open
9712149.126.72.220 36983 tcp tcpwrapped open
9713149.126.72.220 36984 tcp tcpwrapped open
9714149.126.72.220 37080 tcp tcpwrapped open
9715149.126.72.220 38880 tcp tcpwrapped open
9716149.126.72.220 39001 tcp tcpwrapped open
9717149.126.72.220 40070 tcp tcpwrapped open
9718149.126.72.220 40099 tcp tcpwrapped open
9719149.126.72.220 40892 tcp tcpwrapped open
9720149.126.72.220 40894 tcp tcpwrapped open
9721149.126.72.220 42208 tcp tcpwrapped open
9722149.126.72.220 42424 tcp tcpwrapped open
9723149.126.72.220 42901 tcp tcpwrapped open
9724149.126.72.220 43008 tcp tcpwrapped open
9725149.126.72.220 43009 tcp tcpwrapped open
9726149.126.72.220 43200 tcp tcpwrapped open
9727149.126.72.220 44100 tcp tcpwrapped open
9728149.126.72.220 44300 tcp tcpwrapped open
9729149.126.72.220 44301 tcp tcpwrapped open
9730149.126.72.220 44302 tcp tcpwrapped open
9731149.126.72.220 44303 tcp tcpwrapped open
9732149.126.72.220 44304 tcp tcpwrapped open
9733149.126.72.220 44305 tcp tcpwrapped open
9734149.126.72.220 44306 tcp tcpwrapped open
9735149.126.72.220 44307 tcp tcpwrapped open
9736149.126.72.220 44308 tcp tcpwrapped open
9737149.126.72.220 44309 tcp tcpwrapped open
9738149.126.72.220 44310 tcp tcpwrapped open
9739149.126.72.220 44320 tcp tcpwrapped open
9740149.126.72.220 44332 tcp tcpwrapped open
9741149.126.72.220 44333 tcp tcpwrapped open
9742149.126.72.220 44334 tcp tcpwrapped open
9743149.126.72.220 44336 tcp tcpwrapped open
9744149.126.72.220 44337 tcp tcpwrapped open
9745149.126.72.220 44340 tcp tcpwrapped open
9746149.126.72.220 44341 tcp tcpwrapped open
9747149.126.72.220 44345 tcp tcpwrapped open
9748149.126.72.220 44400 tcp tcpwrapped open
9749149.126.72.220 44410 tcp tcpwrapped open
9750149.126.72.220 44420 tcp tcpwrapped open
9751149.126.72.220 45000 tcp tcpwrapped open
9752149.126.72.220 45555 tcp tcpwrapped open
9753149.126.72.220 45666 tcp tcpwrapped open
9754149.126.72.220 45667 tcp tcpwrapped open
9755149.126.72.220 45668 tcp tcpwrapped open
9756149.126.72.220 45677 tcp tcpwrapped open
9757149.126.72.220 45777 tcp tcpwrapped open
9758149.126.72.220 45788 tcp tcpwrapped open
9759149.126.72.220 45821 tcp tcpwrapped open
9760149.126.72.220 45886 tcp tcpwrapped open
9761149.126.72.220 45888 tcp tcpwrapped open
9762149.126.72.220 46000 tcp tcpwrapped open
9763149.126.72.220 46443 tcp tcpwrapped open
9764149.126.72.220 46862 tcp tcpwrapped open
9765149.126.72.220 47000 tcp tcpwrapped open
9766149.126.72.220 47080 tcp tcpwrapped open
9767149.126.72.220 47534 tcp tcpwrapped open
9768149.126.72.220 48888 tcp tcpwrapped open
9769149.126.72.220 48889 tcp tcpwrapped open
9770149.126.72.220 49200 tcp tcpwrapped open
9771149.126.72.220 49210 tcp tcpwrapped open
9772149.126.72.220 49443 tcp tcpwrapped open
9773149.126.72.220 49682 tcp tcpwrapped open
9774149.126.72.220 49684 tcp tcpwrapped open
9775149.126.72.220 49686 tcp tcpwrapped open
9776149.126.72.220 49688 tcp tcpwrapped open
9777149.126.72.220 49690 tcp tcpwrapped open
9778149.126.72.220 49692 tcp tcpwrapped open
9779149.126.72.220 49694 tcp tcpwrapped open
9780149.126.72.220 50000 tcp tcpwrapped open
9781149.126.72.220 50001 tcp tcpwrapped open
9782149.126.72.220 50042 tcp tcpwrapped open
9783149.126.72.220 50050 tcp tcpwrapped open
9784149.126.72.220 50073 tcp tcpwrapped open
9785149.126.72.220 50085 tcp tcpwrapped open
9786149.126.72.220 50101 tcp tcpwrapped open
9787149.126.72.220 50102 tcp tcpwrapped open
9788149.126.72.220 50103 tcp tcpwrapped open
9789149.126.72.220 50104 tcp tcpwrapped open
9790149.126.72.220 50105 tcp tcpwrapped open
9791149.126.72.220 50106 tcp tcpwrapped open
9792149.126.72.220 50107 tcp tcpwrapped open
9793149.126.72.220 50112 tcp tcpwrapped open
9794149.126.72.220 50113 tcp tcpwrapped open
9795149.126.72.220 50122 tcp tcpwrapped open
9796149.126.72.220 50160 tcp tcpwrapped open
9797149.126.72.220 50443 tcp tcpwrapped open
9798149.126.72.220 51002 tcp tcpwrapped open
9799149.126.72.220 51003 tcp tcpwrapped open
9800149.126.72.220 51434 tcp tcpwrapped open
9801149.126.72.220 52010 tcp tcpwrapped open
9802149.126.72.220 52230 tcp tcpwrapped open
9803149.126.72.220 52311 tcp tcpwrapped open
9804149.126.72.220 52536 tcp tcpwrapped open
9805149.126.72.220 53480 tcp tcpwrapped open
9806149.126.72.220 53481 tcp tcpwrapped open
9807149.126.72.220 53482 tcp tcpwrapped open
9808149.126.72.220 53483 tcp tcpwrapped open
9809149.126.72.220 53484 tcp tcpwrapped open
9810149.126.72.220 53485 tcp tcpwrapped open
9811149.126.72.220 53490 tcp tcpwrapped open
9812149.126.72.220 53805 tcp tcpwrapped open
9813149.126.72.220 53806 tcp tcpwrapped open
9814149.126.72.220 54327 tcp tcpwrapped open
9815149.126.72.220 54490 tcp tcpwrapped open
9816149.126.72.220 54545 tcp tcpwrapped open
9817149.126.72.220 55055 tcp tcpwrapped open
9818149.126.72.220 55080 tcp tcpwrapped open
9819149.126.72.220 55081 tcp tcpwrapped open
9820149.126.72.220 55350 tcp tcpwrapped open
9821149.126.72.220 55388 tcp tcpwrapped open
9822149.126.72.220 55470 tcp tcpwrapped open
9823149.126.72.220 55475 tcp tcpwrapped open
9824149.126.72.220 55481 tcp tcpwrapped open
9825149.126.72.220 55490 tcp tcpwrapped open
9826149.126.72.220 57778 tcp tcpwrapped open
9827149.126.72.220 57779 tcp tcpwrapped open
9828149.126.72.220 57780 tcp tcpwrapped open
9829149.126.72.220 57781 tcp tcpwrapped open
9830149.126.72.220 57782 tcp tcpwrapped open
9831149.126.72.220 57783 tcp tcpwrapped open
9832149.126.72.220 57784 tcp tcpwrapped open
9833149.126.72.220 57785 tcp tcpwrapped open
9834149.126.72.220 57786 tcp tcpwrapped open
9835149.126.72.220 57787 tcp tcpwrapped open
9836149.126.72.220 57788 tcp tcpwrapped open
9837149.126.72.220 58443 tcp tcpwrapped open
9838149.126.72.220 58585 tcp tcpwrapped open
9839149.126.72.220 59012 tcp tcpwrapped open
9840149.126.72.220 59443 tcp tcpwrapped open
9841149.126.72.220 60021 tcp tcpwrapped open
9842149.126.72.220 60023 tcp tcpwrapped open
9843149.126.72.220 60443 tcp tcpwrapped open
9844149.126.72.220 62080 tcp tcpwrapped open
9845149.126.72.220 62237 tcp tcpwrapped open
9846149.126.72.220 62443 tcp tcpwrapped open
9847149.126.72.220 62865 tcp tcpwrapped open
9848149.126.72.220 63443 tcp tcpwrapped open
9849149.126.72.220 64477 tcp tcpwrapped open
9850149.126.72.220 64671 tcp tcpwrapped open
9851151.106.38.107 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 12:11. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
9852151.106.38.107 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
9853151.106.38.107 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
9854151.106.38.107 67 tcp dhcps filtered
9855151.106.38.107 67 udp dhcps unknown
9856151.106.38.107 68 tcp dhcpc filtered
9857151.106.38.107 68 udp dhcpc unknown
9858151.106.38.107 69 tcp tftp filtered
9859151.106.38.107 69 udp tftp unknown
9860151.106.38.107 88 tcp kerberos-sec filtered
9861151.106.38.107 88 udp kerberos-sec unknown
9862151.106.38.107 123 tcp ntp filtered
9863151.106.38.107 123 udp ntp unknown
9864151.106.38.107 137 tcp netbios-ns filtered
9865151.106.38.107 137 udp netbios-ns unknown
9866151.106.38.107 138 tcp netbios-dgm filtered
9867151.106.38.107 138 udp netbios-dgm unknown
9868151.106.38.107 139 tcp netbios-ssn filtered
9869151.106.38.107 139 udp netbios-ssn unknown
9870151.106.38.107 161 tcp snmp filtered
9871151.106.38.107 161 udp snmp unknown
9872151.106.38.107 162 tcp snmptrap filtered
9873151.106.38.107 162 udp snmptrap unknown
9874151.106.38.107 389 tcp ldap filtered
9875151.106.38.107 389 udp ldap unknown
9876151.106.38.107 520 tcp efs filtered
9877151.106.38.107 520 udp route unknown
9878151.106.38.107 2049 tcp nfs filtered
9879151.106.38.107 2049 udp nfs unknown
9880158.69.13.254 22 tcp ssh open OpenSSH 7.4 protocol 2.0
9881158.69.13.254 25 tcp smtp open Exim smtpd 4.92.3
9882158.69.13.254 53 tcp domain open unknown banner: get lost
9883158.69.13.254 53 udp domain open unknown banner: get lost
9884158.69.13.254 67 tcp dhcps filtered
9885158.69.13.254 67 udp dhcps unknown
9886158.69.13.254 68 tcp dhcpc filtered
9887158.69.13.254 68 udp dhcpc unknown
9888158.69.13.254 69 tcp tftp filtered
9889158.69.13.254 69 udp tftp unknown
9890158.69.13.254 80 tcp http open nginx
9891158.69.13.254 88 tcp kerberos-sec filtered
9892158.69.13.254 88 udp kerberos-sec unknown
9893158.69.13.254 123 tcp ntp filtered
9894158.69.13.254 123 udp ntp unknown
9895158.69.13.254 137 tcp netbios-ns filtered
9896158.69.13.254 137 udp netbios-ns unknown
9897158.69.13.254 138 tcp netbios-dgm filtered
9898158.69.13.254 138 udp netbios-dgm unknown
9899158.69.13.254 139 tcp netbios-ssn filtered
9900158.69.13.254 139 udp netbios-ssn unknown
9901158.69.13.254 161 tcp snmp filtered
9902158.69.13.254 161 udp snmp unknown
9903158.69.13.254 162 tcp snmptrap filtered
9904158.69.13.254 162 udp snmptrap unknown
9905158.69.13.254 389 tcp ldap filtered
9906158.69.13.254 389 udp ldap unknown
9907158.69.13.254 443 tcp ssl/http open nginx
9908158.69.13.254 465 tcp ssl/smtp open Exim smtpd 4.92.3
9909158.69.13.254 520 tcp efs filtered
9910158.69.13.254 520 udp route unknown
9911158.69.13.254 587 tcp smtp open Exim smtpd 4.92.3
9912158.69.13.254 2049 tcp nfs filtered
9913158.69.13.254 2049 udp nfs unknown
9914158.69.13.254 2525 tcp smtp open Exim smtpd 4.92.3
9915158.69.13.254 3306 tcp mysql open MySQL blocked - too many connection errors
9916162.244.35.13 22 tcp ssh open SSH-2.0-OpenSSH_7.2 FreeBSD-20160310
9917162.244.35.13 25 tcp open
9918162.244.35.13 53 tcp domain open ISC BIND 9.10.6
9919162.244.35.13 53 udp domain open ISC BIND 9.10.6
9920162.244.35.13 67 tcp dhcps closed
9921162.244.35.13 67 udp dhcps closed
9922162.244.35.13 68 tcp dhcpc closed
9923162.244.35.13 68 udp dhcpc closed
9924162.244.35.13 69 tcp tftp closed
9925162.244.35.13 69 udp tftp closed
9926162.244.35.13 88 tcp kerberos-sec closed
9927162.244.35.13 88 udp kerberos-sec closed
9928162.244.35.13 123 tcp ntp closed
9929162.244.35.13 123 udp ntp closed
9930162.244.35.13 137 tcp netbios-ns filtered
9931162.244.35.13 137 udp netbios-ns unknown
9932162.244.35.13 138 tcp netbios-dgm filtered
9933162.244.35.13 138 udp netbios-dgm unknown
9934162.244.35.13 139 tcp netbios-ssn filtered
9935162.244.35.13 139 udp netbios-ssn unknown
9936162.244.35.13 161 tcp snmp closed
9937162.244.35.13 161 udp snmp closed
9938162.244.35.13 162 tcp snmptrap closed
9939162.244.35.13 162 udp snmptrap closed
9940162.244.35.13 389 tcp ldap closed
9941162.244.35.13 389 udp ldap closed
9942162.244.35.13 520 tcp efs closed
9943162.244.35.13 520 udp route closed
9944162.244.35.13 2049 tcp nfs closed
9945162.244.35.13 2049 udp nfs closed
9946163.247.48.46 53 tcp domain filtered
9947163.247.48.46 53 udp domain unknown
9948163.247.48.46 67 tcp dhcps filtered
9949163.247.48.46 67 udp dhcps unknown
9950163.247.48.46 68 tcp dhcpc filtered
9951163.247.48.46 68 udp dhcpc unknown
9952163.247.48.46 69 tcp tftp filtered
9953163.247.48.46 69 udp tftp unknown
9954163.247.48.46 88 tcp kerberos-sec filtered
9955163.247.48.46 88 udp kerberos-sec unknown
9956163.247.48.46 123 tcp ntp filtered
9957163.247.48.46 123 udp ntp unknown
9958163.247.48.46 137 tcp netbios-ns filtered
9959163.247.48.46 137 udp netbios-ns unknown
9960163.247.48.46 138 tcp netbios-dgm filtered
9961163.247.48.46 138 udp netbios-dgm unknown
9962163.247.48.46 139 tcp netbios-ssn filtered
9963163.247.48.46 139 udp netbios-ssn unknown
9964163.247.48.46 161 tcp snmp filtered
9965163.247.48.46 161 udp snmp unknown
9966163.247.48.46 162 tcp snmptrap filtered
9967163.247.48.46 162 udp snmptrap unknown
9968163.247.48.46 389 tcp ldap filtered
9969163.247.48.46 389 udp ldap unknown
9970163.247.48.46 520 tcp efs filtered
9971163.247.48.46 520 udp route unknown
9972163.247.48.46 2049 tcp nfs filtered
9973163.247.48.46 2049 udp nfs unknown
9974163.247.127.20 53 tcp domain filtered
9975163.247.127.20 53 udp domain unknown
9976163.247.127.20 67 tcp dhcps filtered
9977163.247.127.20 67 udp dhcps unknown
9978163.247.127.20 68 tcp dhcpc filtered
9979163.247.127.20 68 udp dhcpc unknown
9980163.247.127.20 69 tcp tftp filtered
9981163.247.127.20 69 udp tftp unknown
9982163.247.127.20 88 tcp kerberos-sec filtered
9983163.247.127.20 88 udp kerberos-sec unknown
9984163.247.127.20 123 tcp ntp filtered
9985163.247.127.20 123 udp ntp unknown
9986163.247.127.20 137 tcp netbios-ns filtered
9987163.247.127.20 137 udp netbios-ns unknown
9988163.247.127.20 138 tcp netbios-dgm filtered
9989163.247.127.20 138 udp netbios-dgm unknown
9990163.247.127.20 139 tcp netbios-ssn filtered
9991163.247.127.20 139 udp netbios-ssn unknown
9992163.247.127.20 161 tcp snmp filtered
9993163.247.127.20 161 udp snmp unknown
9994163.247.127.20 162 tcp snmptrap filtered
9995163.247.127.20 162 udp snmptrap unknown
9996163.247.127.20 389 tcp ldap filtered
9997163.247.127.20 389 udp ldap unknown
9998163.247.127.20 520 tcp efs filtered
9999163.247.127.20 520 udp route unknown
10000163.247.127.20 2049 tcp nfs filtered
10001163.247.127.20 2049 udp nfs unknown
10002163.247.130.114 53 tcp domain closed
10003163.247.130.114 53 udp domain unknown
10004163.247.130.114 67 tcp dhcps filtered
10005163.247.130.114 67 udp dhcps unknown
10006163.247.130.114 68 tcp dhcpc filtered
10007163.247.130.114 68 udp dhcpc unknown
10008163.247.130.114 69 tcp tftp filtered
10009163.247.130.114 69 udp tftp closed
10010163.247.130.114 88 tcp kerberos-sec filtered
10011163.247.130.114 88 udp kerberos-sec unknown
10012163.247.130.114 123 tcp ntp filtered
10013163.247.130.114 123 udp ntp unknown
10014163.247.130.114 137 tcp netbios-ns filtered
10015163.247.130.114 137 udp netbios-ns unknown
10016163.247.130.114 138 tcp netbios-dgm filtered
10017163.247.130.114 138 udp netbios-dgm unknown
10018163.247.130.114 139 tcp netbios-ssn filtered
10019163.247.130.114 139 udp netbios-ssn unknown
10020163.247.130.114 161 tcp snmp filtered
10021163.247.130.114 161 udp snmp open net-snmp; net-snmp SNMPv3 server
10022163.247.130.114 162 tcp snmptrap filtered
10023163.247.130.114 162 udp snmptrap unknown
10024163.247.130.114 389 tcp ldap filtered
10025163.247.130.114 389 udp ldap unknown
10026163.247.130.114 520 tcp efs filtered
10027163.247.130.114 520 udp route unknown
10028163.247.130.114 2049 tcp nfs filtered
10029163.247.130.114 2049 udp nfs unknown
10030163.247.175.176 53 tcp tcpwrapped open
10031163.247.175.176 53 udp domain unknown
10032163.247.175.176 67 tcp tcpwrapped open
10033163.247.175.176 67 udp dhcps unknown
10034163.247.175.176 68 tcp tcpwrapped open
10035163.247.175.176 68 udp dhcpc unknown
10036163.247.175.176 69 tcp tcpwrapped open
10037163.247.175.176 69 udp tftp unknown
10038163.247.175.176 88 tcp tcpwrapped open
10039163.247.175.176 88 udp kerberos-sec unknown
10040163.247.175.176 123 tcp tcpwrapped open
10041163.247.175.176 123 udp ntp unknown
10042163.247.175.176 137 tcp tcpwrapped open
10043163.247.175.176 137 udp netbios-ns unknown
10044163.247.175.176 138 tcp tcpwrapped open
10045163.247.175.176 138 udp netbios-dgm unknown
10046163.247.175.176 139 udp netbios-ssn unknown
10047163.247.175.176 161 tcp tcpwrapped open
10048163.247.175.176 161 udp snmp unknown
10049163.247.175.176 162 tcp tcpwrapped open
10050163.247.175.176 162 udp snmptrap unknown
10051163.247.175.176 389 tcp tcpwrapped open
10052163.247.175.176 389 udp ldap unknown
10053163.247.175.176 520 tcp tcpwrapped open
10054163.247.175.176 520 udp route unknown
10055163.247.175.176 2049 tcp tcpwrapped open
10056163.247.175.176 2049 udp nfs unknown
10057165.22.143.229 53 tcp domain closed
10058165.22.143.229 53 udp domain unknown
10059165.22.143.229 67 tcp dhcps closed
10060165.22.143.229 67 udp dhcps unknown
10061165.22.143.229 68 tcp dhcpc closed
10062165.22.143.229 68 udp dhcpc unknown
10063165.22.143.229 69 tcp tftp closed
10064165.22.143.229 69 udp tftp closed
10065165.22.143.229 88 tcp kerberos-sec closed
10066165.22.143.229 88 udp kerberos-sec unknown
10067165.22.143.229 123 tcp ntp closed
10068165.22.143.229 123 udp ntp open NTP v4 secondary server
10069165.22.143.229 137 tcp netbios-ns closed
10070165.22.143.229 137 udp netbios-ns closed
10071165.22.143.229 138 tcp netbios-dgm closed
10072165.22.143.229 138 udp netbios-dgm closed
10073165.22.143.229 139 tcp netbios-ssn closed
10074165.22.143.229 139 udp netbios-ssn unknown
10075165.22.143.229 161 tcp snmp closed
10076165.22.143.229 161 udp snmp closed
10077165.22.143.229 162 tcp snmptrap closed
10078165.22.143.229 162 udp snmptrap unknown
10079165.22.143.229 389 tcp ldap closed
10080165.22.143.229 389 udp ldap closed
10081165.22.143.229 520 tcp efs closed
10082165.22.143.229 520 udp route closed
10083165.22.143.229 2049 tcp nfs closed
10084165.22.143.229 2049 udp nfs closed
10085165.227.99.239 53 tcp domain filtered
10086165.227.99.239 53 udp domain unknown
10087165.227.99.239 67 tcp dhcps filtered
10088165.227.99.239 67 udp dhcps unknown
10089165.227.99.239 68 tcp dhcpc filtered
10090165.227.99.239 68 udp dhcpc unknown
10091165.227.99.239 69 tcp tftp filtered
10092165.227.99.239 69 udp tftp unknown
10093165.227.99.239 80 tcp http open nginx
10094165.227.99.239 88 tcp kerberos-sec filtered
10095165.227.99.239 88 udp kerberos-sec unknown
10096165.227.99.239 123 tcp ntp filtered
10097165.227.99.239 123 udp ntp unknown
10098165.227.99.239 137 tcp netbios-ns filtered
10099165.227.99.239 137 udp netbios-ns unknown
10100165.227.99.239 138 tcp netbios-dgm filtered
10101165.227.99.239 138 udp netbios-dgm unknown
10102165.227.99.239 139 tcp netbios-ssn filtered
10103165.227.99.239 139 udp netbios-ssn unknown
10104165.227.99.239 161 tcp snmp filtered
10105165.227.99.239 161 udp snmp open net-snmp; net-snmp SNMPv3 server
10106165.227.99.239 162 tcp snmptrap filtered
10107165.227.99.239 162 udp snmptrap closed
10108165.227.99.239 389 tcp ldap filtered
10109165.227.99.239 389 udp ldap unknown
10110165.227.99.239 443 tcp ssl/http open nginx
10111165.227.99.239 520 tcp efs filtered
10112165.227.99.239 520 udp route unknown
10113165.227.99.239 2049 tcp nfs filtered
10114165.227.99.239 2049 udp nfs unknown
10115169.239.218.20 25 tcp smtp closed
10116169.239.218.20 53 tcp domain filtered
10117169.239.218.20 53 udp domain unknown
10118169.239.218.20 67 tcp dhcps filtered
10119169.239.218.20 67 udp dhcps unknown
10120169.239.218.20 68 tcp dhcpc filtered
10121169.239.218.20 68 udp dhcpc unknown
10122169.239.218.20 69 tcp tftp filtered
10123169.239.218.20 69 udp tftp unknown
10124169.239.218.20 88 tcp kerberos-sec filtered
10125169.239.218.20 88 udp kerberos-sec unknown
10126169.239.218.20 113 tcp ident closed
10127169.239.218.20 123 tcp ntp filtered
10128169.239.218.20 123 udp ntp unknown
10129169.239.218.20 137 tcp netbios-ns filtered
10130169.239.218.20 137 udp netbios-ns filtered
10131169.239.218.20 138 tcp netbios-dgm filtered
10132169.239.218.20 138 udp netbios-dgm filtered
10133169.239.218.20 139 tcp netbios-ssn closed
10134169.239.218.20 139 udp netbios-ssn unknown
10135169.239.218.20 161 tcp snmp filtered
10136169.239.218.20 161 udp snmp unknown
10137169.239.218.20 162 tcp snmptrap filtered
10138169.239.218.20 162 udp snmptrap unknown
10139169.239.218.20 389 tcp ldap filtered
10140169.239.218.20 389 udp ldap unknown
10141169.239.218.20 445 tcp microsoft-ds closed
10142169.239.218.20 520 tcp efs filtered
10143169.239.218.20 520 udp route unknown
10144169.239.218.20 2049 tcp nfs filtered
10145169.239.218.20 2049 udp nfs unknown
10146169.239.218.20 8008 tcp tcpwrapped open
10147173.214.244.169 53 tcp domain filtered
10148173.214.244.169 53 udp domain unknown
10149173.214.244.169 67 tcp dhcps filtered
10150173.214.244.169 67 udp dhcps unknown
10151173.214.244.169 68 tcp dhcpc filtered
10152173.214.244.169 68 udp dhcpc unknown
10153173.214.244.169 69 tcp tftp filtered
10154173.214.244.169 69 udp tftp unknown
10155173.214.244.169 88 tcp kerberos-sec filtered
10156173.214.244.169 88 udp kerberos-sec unknown
10157173.214.244.169 123 tcp ntp filtered
10158173.214.244.169 123 udp ntp unknown
10159173.214.244.169 137 tcp netbios-ns filtered
10160173.214.244.169 137 udp netbios-ns unknown
10161173.214.244.169 138 tcp netbios-dgm filtered
10162173.214.244.169 138 udp netbios-dgm unknown
10163173.214.244.169 139 tcp netbios-ssn filtered
10164173.214.244.169 139 udp netbios-ssn unknown
10165173.214.244.169 161 tcp snmp filtered
10166173.214.244.169 161 udp snmp unknown
10167173.214.244.169 162 tcp snmptrap filtered
10168173.214.244.169 162 udp snmptrap unknown
10169173.214.244.169 389 tcp ldap filtered
10170173.214.244.169 389 udp ldap unknown
10171173.214.244.169 520 tcp efs filtered
10172173.214.244.169 520 udp route unknown
10173173.214.244.169 2049 tcp nfs filtered
10174173.214.244.169 2049 udp nfs unknown
10175174.142.53.51 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 13:59. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
10176174.142.53.51 22 tcp ssh open SSH-2.0-OpenSSH_7.4
10177174.142.53.51 25 tcp smtp closed
10178174.142.53.51 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
10179174.142.53.51 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
10180174.142.53.51 67 tcp dhcps filtered
10181174.142.53.51 67 udp dhcps unknown
10182174.142.53.51 68 tcp dhcpc filtered
10183174.142.53.51 68 udp dhcpc unknown
10184174.142.53.51 69 tcp tftp filtered
10185174.142.53.51 69 udp tftp unknown
10186174.142.53.51 88 tcp kerberos-sec filtered
10187174.142.53.51 88 udp kerberos-sec unknown
10188174.142.53.51 123 tcp ntp filtered
10189174.142.53.51 123 udp ntp unknown
10190174.142.53.51 137 tcp netbios-ns filtered
10191174.142.53.51 137 udp netbios-ns filtered
10192174.142.53.51 138 tcp netbios-dgm filtered
10193174.142.53.51 138 udp netbios-dgm filtered
10194174.142.53.51 139 tcp netbios-ssn closed
10195174.142.53.51 139 udp netbios-ssn unknown
10196174.142.53.51 161 tcp snmp filtered
10197174.142.53.51 161 udp snmp unknown
10198174.142.53.51 162 tcp snmptrap filtered
10199174.142.53.51 162 udp snmptrap unknown
10200174.142.53.51 389 tcp ldap filtered
10201174.142.53.51 389 udp ldap unknown
10202174.142.53.51 445 tcp microsoft-ds closed
10203174.142.53.51 520 tcp efs filtered
10204174.142.53.51 520 udp route unknown
10205174.142.53.51 2049 tcp nfs filtered
10206174.142.53.51 2049 udp nfs unknown
10207186.64.118.40 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 100 allowed.\x0d\x0a220-Local time is now 13:39. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 10 minutes of inactivity.\x0d\x0a
10208186.64.118.40 53 tcp domain filtered
10209186.64.118.40 53 udp domain closed
10210186.64.118.40 67 tcp dhcps filtered
10211186.64.118.40 67 udp dhcps unknown
10212186.64.118.40 68 tcp dhcpc filtered
10213186.64.118.40 68 udp dhcpc unknown
10214186.64.118.40 69 tcp tftp filtered
10215186.64.118.40 69 udp tftp unknown
10216186.64.118.40 88 tcp kerberos-sec filtered
10217186.64.118.40 88 udp kerberos-sec unknown
10218186.64.118.40 123 tcp ntp filtered
10219186.64.118.40 123 udp ntp unknown
10220186.64.118.40 137 tcp netbios-ns filtered
10221186.64.118.40 137 udp netbios-ns unknown
10222186.64.118.40 138 tcp netbios-dgm filtered
10223186.64.118.40 138 udp netbios-dgm unknown
10224186.64.118.40 139 tcp netbios-ssn filtered
10225186.64.118.40 139 udp netbios-ssn unknown
10226186.64.118.40 161 tcp snmp filtered
10227186.64.118.40 161 udp snmp unknown
10228186.64.118.40 162 tcp snmptrap filtered
10229186.64.118.40 162 udp snmptrap unknown
10230186.64.118.40 389 tcp ldap filtered
10231186.64.118.40 389 udp ldap unknown
10232186.64.118.40 520 tcp efs filtered
10233186.64.118.40 520 udp route unknown
10234186.64.118.40 2049 tcp nfs closed
10235186.64.118.40 2049 udp nfs unknown
10236190.98.209.37 53 tcp domain filtered
10237190.98.209.37 53 udp domain unknown
10238190.98.209.37 67 tcp dhcps filtered
10239190.98.209.37 67 udp dhcps unknown
10240190.98.209.37 68 tcp dhcpc filtered
10241190.98.209.37 68 udp dhcpc unknown
10242190.98.209.37 69 tcp tftp filtered
10243190.98.209.37 69 udp tftp unknown
10244190.98.209.37 88 tcp kerberos-sec filtered
10245190.98.209.37 88 udp kerberos-sec unknown
10246190.98.209.37 123 tcp ntp filtered
10247190.98.209.37 123 udp ntp unknown
10248190.98.209.37 137 tcp netbios-ns filtered
10249190.98.209.37 137 udp netbios-ns unknown
10250190.98.209.37 138 tcp netbios-dgm filtered
10251190.98.209.37 138 udp netbios-dgm unknown
10252190.98.209.37 139 tcp netbios-ssn filtered
10253190.98.209.37 139 udp netbios-ssn unknown
10254190.98.209.37 161 tcp snmp filtered
10255190.98.209.37 161 udp snmp unknown
10256190.98.209.37 162 tcp snmptrap filtered
10257190.98.209.37 162 udp snmptrap unknown
10258190.98.209.37 389 tcp ldap filtered
10259190.98.209.37 389 udp ldap unknown
10260190.98.209.37 520 tcp efs filtered
10261190.98.209.37 520 udp route unknown
10262190.98.209.37 2049 tcp nfs filtered
10263190.98.209.37 2049 udp nfs unknown
10264190.107.177.35 53 tcp domain filtered ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10265190.107.177.35 53 udp domain unknown ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10266190.107.177.35 67 tcp dhcps filtered
10267190.107.177.35 67 udp dhcps unknown
10268190.107.177.35 68 tcp dhcpc filtered
10269190.107.177.35 68 udp dhcpc unknown
10270190.107.177.35 69 tcp tftp filtered
10271190.107.177.35 69 udp tftp unknown
10272190.107.177.35 88 tcp kerberos-sec filtered
10273190.107.177.35 88 udp kerberos-sec unknown
10274190.107.177.35 123 tcp ntp filtered
10275190.107.177.35 123 udp ntp unknown
10276190.107.177.35 137 tcp netbios-ns filtered
10277190.107.177.35 137 udp netbios-ns unknown
10278190.107.177.35 138 tcp netbios-dgm filtered
10279190.107.177.35 138 udp netbios-dgm unknown
10280190.107.177.35 139 tcp netbios-ssn filtered
10281190.107.177.35 139 udp netbios-ssn unknown
10282190.107.177.35 161 tcp snmp filtered
10283190.107.177.35 161 udp snmp unknown
10284190.107.177.35 162 tcp snmptrap filtered
10285190.107.177.35 162 udp snmptrap unknown
10286190.107.177.35 389 tcp ldap filtered
10287190.107.177.35 389 udp ldap unknown
10288190.107.177.35 520 tcp efs filtered
10289190.107.177.35 520 udp route unknown
10290190.107.177.35 2049 tcp nfs filtered
10291190.107.177.35 2049 udp nfs unknown
10292190.110.121.175 53 tcp domain filtered
10293190.110.121.175 53 udp domain unknown
10294190.110.121.175 67 tcp dhcps filtered
10295190.110.121.175 67 udp dhcps unknown
10296190.110.121.175 68 tcp dhcpc filtered
10297190.110.121.175 68 udp dhcpc unknown
10298190.110.121.175 69 tcp tftp filtered
10299190.110.121.175 69 udp tftp unknown
10300190.110.121.175 88 tcp kerberos-sec filtered
10301190.110.121.175 88 udp kerberos-sec unknown
10302190.110.121.175 123 tcp ntp filtered
10303190.110.121.175 123 udp ntp unknown
10304190.110.121.175 137 tcp netbios-ns filtered
10305190.110.121.175 137 udp netbios-ns unknown
10306190.110.121.175 138 tcp netbios-dgm filtered
10307190.110.121.175 138 udp netbios-dgm unknown
10308190.110.121.175 139 tcp netbios-ssn filtered
10309190.110.121.175 139 udp netbios-ssn unknown
10310190.110.121.175 161 tcp snmp filtered
10311190.110.121.175 161 udp snmp unknown
10312190.110.121.175 162 tcp snmptrap filtered
10313190.110.121.175 162 udp snmptrap unknown
10314190.110.121.175 389 tcp ldap filtered
10315190.110.121.175 389 udp ldap unknown
10316190.110.121.175 520 tcp efs filtered
10317190.110.121.175 520 udp route unknown
10318190.110.121.175 2049 tcp nfs filtered
10319190.110.121.175 2049 udp nfs unknown
10320190.153.209.187 53 tcp domain filtered
10321190.153.209.187 53 udp domain unknown
10322190.153.209.187 67 tcp dhcps filtered
10323190.153.209.187 67 udp dhcps unknown
10324190.153.209.187 68 tcp dhcpc filtered
10325190.153.209.187 68 udp dhcpc unknown
10326190.153.209.187 69 tcp tftp filtered
10327190.153.209.187 69 udp tftp unknown
10328190.153.209.187 88 tcp kerberos-sec filtered
10329190.153.209.187 88 udp kerberos-sec unknown
10330190.153.209.187 123 tcp ntp filtered
10331190.153.209.187 123 udp ntp unknown
10332190.153.209.187 137 tcp netbios-ns filtered
10333190.153.209.187 137 udp netbios-ns unknown
10334190.153.209.187 138 tcp netbios-dgm filtered
10335190.153.209.187 138 udp netbios-dgm unknown
10336190.153.209.187 139 tcp netbios-ssn filtered
10337190.153.209.187 139 udp netbios-ssn unknown
10338190.153.209.187 161 tcp snmp filtered
10339190.153.209.187 161 udp snmp unknown
10340190.153.209.187 162 tcp snmptrap filtered
10341190.153.209.187 162 udp snmptrap unknown
10342190.153.209.187 389 tcp ldap filtered
10343190.153.209.187 389 udp ldap unknown
10344190.153.209.187 520 tcp efs filtered
10345190.153.209.187 520 udp route unknown
10346190.153.209.187 2049 tcp nfs filtered
10347190.153.209.187 2049 udp nfs unknown
10348190.153.219.254 22 tcp ssh open SSH-2.0-OpenSSH_7.4
10349190.153.219.254 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
10350190.153.219.254 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
10351190.153.219.254 67 tcp dhcps filtered
10352190.153.219.254 67 udp dhcps unknown
10353190.153.219.254 68 tcp dhcpc filtered
10354190.153.219.254 68 udp dhcpc unknown
10355190.153.219.254 69 tcp tftp filtered
10356190.153.219.254 69 udp tftp unknown
10357190.153.219.254 88 tcp kerberos-sec filtered
10358190.153.219.254 88 udp kerberos-sec unknown
10359190.153.219.254 123 tcp ntp filtered
10360190.153.219.254 123 udp ntp unknown
10361190.153.219.254 137 tcp netbios-ns filtered
10362190.153.219.254 137 udp netbios-ns unknown
10363190.153.219.254 138 tcp netbios-dgm filtered
10364190.153.219.254 138 udp netbios-dgm unknown
10365190.153.219.254 139 tcp netbios-ssn filtered
10366190.153.219.254 139 udp netbios-ssn unknown
10367190.153.219.254 161 tcp snmp filtered
10368190.153.219.254 161 udp snmp unknown
10369190.153.219.254 162 tcp snmptrap filtered
10370190.153.219.254 162 udp snmptrap unknown
10371190.153.219.254 389 tcp ldap filtered
10372190.153.219.254 389 udp ldap unknown
10373190.153.219.254 520 tcp efs filtered
10374190.153.219.254 520 udp route unknown
10375190.153.219.254 2049 tcp nfs filtered
10376190.153.219.254 2049 udp nfs unknown
10377192.185.134.58 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 150 allowed.\x0d\x0a220-Local time is now 22:31. Server port: 21.\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
10378192.185.134.58 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10379192.185.134.58 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10380192.185.134.58 67 tcp dhcps closed
10381192.185.134.58 67 udp dhcps unknown
10382192.185.134.58 68 tcp dhcpc closed
10383192.185.134.58 68 udp dhcpc unknown
10384192.185.134.58 69 tcp tftp closed
10385192.185.134.58 69 udp tftp closed
10386192.185.134.58 88 tcp kerberos-sec closed
10387192.185.134.58 88 udp kerberos-sec closed
10388192.185.134.58 123 tcp ntp closed
10389192.185.134.58 123 udp ntp unknown
10390192.185.134.58 137 tcp netbios-ns closed
10391192.185.134.58 137 udp netbios-ns closed
10392192.185.134.58 138 tcp netbios-dgm closed
10393192.185.134.58 138 udp netbios-dgm closed
10394192.185.134.58 139 tcp netbios-ssn closed
10395192.185.134.58 139 udp netbios-ssn closed
10396192.185.134.58 161 tcp snmp closed
10397192.185.134.58 161 udp snmp unknown
10398192.185.134.58 162 tcp snmptrap closed
10399192.185.134.58 162 udp snmptrap closed
10400192.185.134.58 389 tcp ldap closed
10401192.185.134.58 389 udp ldap unknown
10402192.185.134.58 520 tcp efs closed
10403192.185.134.58 520 udp route unknown
10404192.185.134.58 2049 tcp nfs closed
10405192.185.134.58 2049 udp nfs unknown
10406199.38.245.243 21 tcp ftp open Pure-FTPd
10407199.38.245.243 22 tcp ssh open OpenSSH 5.3 protocol 2.0
10408199.38.245.243 25 tcp smtp open Exim smtpd 4.92
10409199.38.245.243 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10410199.38.245.243 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10411199.38.245.243 67 tcp dhcps closed
10412199.38.245.243 67 udp dhcps unknown
10413199.38.245.243 68 tcp dhcpc closed
10414199.38.245.243 68 udp dhcpc unknown
10415199.38.245.243 69 tcp tftp closed
10416199.38.245.243 69 udp tftp unknown
10417199.38.245.243 80 tcp ssl/http open Apache/2
10418199.38.245.243 88 tcp kerberos-sec closed
10419199.38.245.243 88 udp kerberos-sec unknown
10420199.38.245.243 110 tcp pop3 open Dovecot DirectAdmin pop3d
10421199.38.245.243 123 tcp ntp closed
10422199.38.245.243 123 udp ntp unknown
10423199.38.245.243 137 tcp netbios-ns closed
10424199.38.245.243 137 udp netbios-ns unknown
10425199.38.245.243 138 tcp netbios-dgm closed
10426199.38.245.243 138 udp netbios-dgm unknown
10427199.38.245.243 139 tcp netbios-ssn closed
10428199.38.245.243 139 udp netbios-ssn unknown
10429199.38.245.243 143 tcp imap open Dovecot imapd
10430199.38.245.243 161 tcp snmp closed
10431199.38.245.243 161 udp snmp unknown
10432199.38.245.243 162 tcp snmptrap closed
10433199.38.245.243 162 udp snmptrap unknown
10434199.38.245.243 389 tcp ldap closed
10435199.38.245.243 389 udp ldap unknown
10436199.38.245.243 443 tcp ssl/ssl open Apache httpd SSL-only mode
10437199.38.245.243 465 tcp ssl/smtp open Exim smtpd 4.92
10438199.38.245.243 520 tcp efs closed
10439199.38.245.243 520 udp route unknown
10440199.38.245.243 587 tcp smtp open Exim smtpd 4.92
10441199.38.245.243 993 tcp ssl/imap open
10442199.38.245.243 995 tcp ssl/pop3 open Dovecot DirectAdmin pop3d
10443199.38.245.243 2049 tcp nfs closed
10444199.38.245.243 2049 udp nfs unknown
10445199.38.245.243 2222 tcp http open DirectAdmin httpd 1.57.1 Registered to Your Domain Goes Here, LLP
10446199.38.245.243 3306 tcp mysql open MySQL unauthorized
10447200.2.249.28 21 tcp ftp open vsftpd 3.0.2
10448200.2.249.28 53 udp domain unknown
10449200.2.249.28 67 udp dhcps unknown
10450200.2.249.28 68 udp dhcpc unknown
10451200.2.249.28 69 udp tftp unknown
10452200.2.249.28 80 tcp http open Oracle Application Server 10g httpd 10.1.3.5.0
10453200.2.249.28 88 udp kerberos-sec unknown
10454200.2.249.28 123 udp ntp unknown
10455200.2.249.28 137 udp netbios-ns unknown
10456200.2.249.28 138 udp netbios-dgm unknown
10457200.2.249.28 139 tcp netbios-ssn open Samba smbd 4.8.3 workgroup: SAMBA
10458200.2.249.28 139 udp netbios-ssn unknown
10459200.2.249.28 161 udp snmp unknown
10460200.2.249.28 162 udp snmptrap unknown
10461200.2.249.28 389 udp ldap unknown
10462200.2.249.28 445 tcp netbios-ssn open Samba smbd 4.8.3 workgroup: SAMBA
10463200.2.249.28 520 udp route unknown
10464200.2.249.28 2049 udp nfs unknown
10465200.10.251.82 53 tcp domain filtered
10466200.10.251.82 53 udp domain unknown
10467200.10.251.82 67 tcp dhcps filtered
10468200.10.251.82 67 udp dhcps unknown
10469200.10.251.82 68 tcp dhcpc filtered
10470200.10.251.82 68 udp dhcpc unknown
10471200.10.251.82 69 tcp tftp filtered
10472200.10.251.82 69 udp tftp unknown
10473200.10.251.82 88 tcp kerberos-sec filtered
10474200.10.251.82 88 udp kerberos-sec unknown
10475200.10.251.82 123 tcp ntp filtered
10476200.10.251.82 123 udp ntp unknown
10477200.10.251.82 137 tcp netbios-ns filtered
10478200.10.251.82 137 udp netbios-ns unknown
10479200.10.251.82 138 tcp netbios-dgm filtered
10480200.10.251.82 138 udp netbios-dgm unknown
10481200.10.251.82 139 tcp netbios-ssn filtered
10482200.10.251.82 139 udp netbios-ssn unknown
10483200.10.251.82 161 tcp snmp filtered
10484200.10.251.82 161 udp snmp unknown
10485200.10.251.82 162 tcp snmptrap filtered
10486200.10.251.82 162 udp snmptrap unknown
10487200.10.251.82 389 tcp ldap filtered
10488200.10.251.82 389 udp ldap unknown
10489200.10.251.82 520 tcp efs filtered
10490200.10.251.82 520 udp route unknown
10491200.10.251.82 2049 tcp nfs filtered
10492200.10.251.82 2049 udp nfs unknown
10493200.12.19.101 21 tcp ftp open 220 Microsoft FTP Service\x0d\x0a
10494200.12.19.101 53 tcp domain filtered
10495200.12.19.101 53 udp domain unknown
10496200.12.19.101 67 tcp dhcps filtered
10497200.12.19.101 67 udp dhcps closed
10498200.12.19.101 68 tcp dhcpc closed
10499200.12.19.101 68 udp dhcpc closed
10500200.12.19.101 69 tcp tftp closed
10501200.12.19.101 69 udp tftp closed
10502200.12.19.101 88 tcp kerberos-sec closed
10503200.12.19.101 88 udp kerberos-sec closed
10504200.12.19.101 123 tcp ntp filtered
10505200.12.19.101 123 udp ntp unknown
10506200.12.19.101 137 tcp netbios-ns closed
10507200.12.19.101 137 udp netbios-ns unknown
10508200.12.19.101 138 tcp netbios-dgm closed
10509200.12.19.101 138 udp netbios-dgm closed
10510200.12.19.101 139 tcp netbios-ssn closed
10511200.12.19.101 139 udp netbios-ssn closed
10512200.12.19.101 161 tcp snmp closed
10513200.12.19.101 161 udp snmp unknown
10514200.12.19.101 162 tcp snmptrap closed
10515200.12.19.101 162 udp snmptrap closed
10516200.12.19.101 389 tcp ldap closed
10517200.12.19.101 389 udp ldap unknown
10518200.12.19.101 520 tcp efs filtered
10519200.12.19.101 520 udp route unknown
10520200.12.19.101 2049 tcp nfs closed
10521200.12.19.101 2049 udp nfs unknown
10522200.29.0.33 53 tcp domain filtered
10523200.29.0.33 53 udp domain unknown
10524200.29.0.33 67 tcp dhcps filtered
10525200.29.0.33 67 udp dhcps unknown
10526200.29.0.33 68 tcp dhcpc filtered
10527200.29.0.33 68 udp dhcpc unknown
10528200.29.0.33 69 tcp tftp filtered
10529200.29.0.33 69 udp tftp unknown
10530200.29.0.33 88 tcp kerberos-sec filtered
10531200.29.0.33 88 udp kerberos-sec unknown
10532200.29.0.33 123 tcp ntp filtered
10533200.29.0.33 123 udp ntp unknown
10534200.29.0.33 137 tcp netbios-ns filtered
10535200.29.0.33 137 udp netbios-ns unknown
10536200.29.0.33 138 tcp netbios-dgm filtered
10537200.29.0.33 138 udp netbios-dgm unknown
10538200.29.0.33 139 tcp netbios-ssn filtered
10539200.29.0.33 139 udp netbios-ssn unknown
10540200.29.0.33 161 tcp snmp filtered
10541200.29.0.33 161 udp snmp unknown
10542200.29.0.33 162 tcp snmptrap filtered
10543200.29.0.33 162 udp snmptrap unknown
10544200.29.0.33 389 tcp ldap filtered
10545200.29.0.33 389 udp ldap unknown
10546200.29.0.33 520 tcp efs filtered
10547200.29.0.33 520 udp route unknown
10548200.29.0.33 2049 tcp nfs filtered
10549200.29.0.33 2049 udp nfs unknown
10550200.54.92.108 21 tcp ftp open 220 (vsFTPd 3.0.3)\x0d\x0a
10551200.54.92.108 22 tcp ssh open SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
10552200.54.92.108 53 tcp domain closed
10553200.54.92.108 53 udp domain unknown
10554200.54.92.108 67 tcp dhcps closed
10555200.54.92.108 67 udp dhcps unknown
10556200.54.92.108 68 tcp dhcpc closed
10557200.54.92.108 68 udp dhcpc unknown
10558200.54.92.108 69 tcp tftp closed
10559200.54.92.108 69 udp tftp unknown
10560200.54.92.108 88 tcp kerberos-sec closed
10561200.54.92.108 88 udp kerberos-sec unknown
10562200.54.92.108 123 tcp ntp closed
10563200.54.92.108 123 udp ntp unknown
10564200.54.92.108 137 tcp netbios-ns closed
10565200.54.92.108 137 udp netbios-ns unknown
10566200.54.92.108 138 tcp netbios-dgm closed
10567200.54.92.108 138 udp netbios-dgm unknown
10568200.54.92.108 139 tcp netbios-ssn closed
10569200.54.92.108 139 udp netbios-ssn unknown
10570200.54.92.108 161 tcp snmp closed
10571200.54.92.108 161 udp snmp unknown
10572200.54.92.108 162 tcp snmptrap closed
10573200.54.92.108 162 udp snmptrap unknown
10574200.54.92.108 389 tcp ldap closed
10575200.54.92.108 389 udp ldap unknown
10576200.54.92.108 520 tcp efs closed
10577200.54.92.108 520 udp route unknown
10578200.54.92.108 2049 tcp nfs closed
10579200.54.92.108 2049 udp nfs unknown
10580200.54.230.247 21 tcp ftp open 220 ProFTPD Server (ProFTPD) [200.54.230.247]\x0d\x0a
10581200.54.230.247 22 tcp ssh open SSH-2.0-OpenSSH_7.4
10582200.54.230.247 53 tcp domain open unknown banner: none
10583200.54.230.247 53 udp domain open unknown banner: none
10584200.54.230.247 67 tcp dhcps filtered
10585200.54.230.247 67 udp dhcps unknown
10586200.54.230.247 68 tcp dhcpc filtered
10587200.54.230.247 68 udp dhcpc unknown
10588200.54.230.247 69 tcp tftp filtered
10589200.54.230.247 69 udp tftp unknown
10590200.54.230.247 88 tcp kerberos-sec filtered
10591200.54.230.247 88 udp kerberos-sec unknown
10592200.54.230.247 123 tcp ntp filtered
10593200.54.230.247 123 udp ntp unknown
10594200.54.230.247 137 tcp netbios-ns filtered
10595200.54.230.247 137 udp netbios-ns unknown
10596200.54.230.247 138 tcp netbios-dgm filtered
10597200.54.230.247 138 udp netbios-dgm unknown
10598200.54.230.247 139 tcp netbios-ssn filtered
10599200.54.230.247 139 udp netbios-ssn filtered
10600200.54.230.247 161 tcp snmp filtered
10601200.54.230.247 161 udp snmp unknown
10602200.54.230.247 162 tcp snmptrap filtered
10603200.54.230.247 162 udp snmptrap unknown
10604200.54.230.247 389 tcp ldap filtered
10605200.54.230.247 389 udp ldap filtered
10606200.54.230.247 520 tcp efs filtered
10607200.54.230.247 520 udp route filtered
10608200.54.230.247 2049 tcp nfs filtered
10609200.54.230.247 2049 udp nfs unknown
10610200.55.198.228 22 tcp ssh open SSH-2.0-OpenSSH_7.4p1 Debian-11.0nosystemd1
10611200.55.198.228 53 tcp domain open
10612200.55.198.228 53 udp domain open
10613200.55.198.228 67 tcp dhcps filtered
10614200.55.198.228 67 udp dhcps unknown
10615200.55.198.228 68 tcp dhcpc filtered
10616200.55.198.228 68 udp dhcpc unknown
10617200.55.198.228 69 tcp tftp filtered
10618200.55.198.228 69 udp tftp unknown
10619200.55.198.228 88 tcp kerberos-sec filtered
10620200.55.198.228 88 udp kerberos-sec unknown
10621200.55.198.228 123 tcp ntp filtered
10622200.55.198.228 123 udp ntp unknown
10623200.55.198.228 137 tcp netbios-ns filtered
10624200.55.198.228 137 udp netbios-ns unknown
10625200.55.198.228 138 tcp netbios-dgm filtered
10626200.55.198.228 138 udp netbios-dgm unknown
10627200.55.198.228 139 tcp netbios-ssn filtered
10628200.55.198.228 139 udp netbios-ssn unknown
10629200.55.198.228 161 tcp snmp filtered
10630200.55.198.228 161 udp snmp unknown
10631200.55.198.228 162 tcp snmptrap filtered
10632200.55.198.228 162 udp snmptrap unknown
10633200.55.198.228 389 tcp ldap filtered
10634200.55.198.228 389 udp ldap unknown
10635200.55.198.228 520 tcp efs filtered
10636200.55.198.228 520 udp route closed
10637200.55.198.228 2049 tcp nfs filtered
10638200.55.198.228 2049 udp nfs unknown
10639200.68.30.227 53 tcp domain closed
10640200.68.30.227 53 udp domain unknown
10641200.68.30.227 67 tcp dhcps closed
10642200.68.30.227 67 udp dhcps filtered
10643200.68.30.227 68 tcp dhcpc closed
10644200.68.30.227 68 udp dhcpc unknown
10645200.68.30.227 69 tcp tftp closed
10646200.68.30.227 69 udp tftp unknown
10647200.68.30.227 88 tcp kerberos-sec closed
10648200.68.30.227 88 udp kerberos-sec unknown
10649200.68.30.227 123 tcp ntp closed
10650200.68.30.227 123 udp ntp filtered
10651200.68.30.227 137 tcp netbios-ns closed
10652200.68.30.227 137 udp netbios-ns filtered
10653200.68.30.227 138 tcp netbios-dgm closed
10654200.68.30.227 138 udp netbios-dgm filtered
10655200.68.30.227 139 tcp netbios-ssn closed
10656200.68.30.227 139 udp netbios-ssn filtered
10657200.68.30.227 161 tcp snmp closed
10658200.68.30.227 161 udp snmp filtered
10659200.68.30.227 162 tcp snmptrap closed
10660200.68.30.227 162 udp snmptrap filtered
10661200.68.30.227 389 tcp ldap closed
10662200.68.30.227 389 udp ldap unknown
10663200.68.30.227 520 tcp efs closed
10664200.68.30.227 520 udp route filtered
10665200.68.30.227 2049 tcp nfs closed
10666200.68.30.227 2049 udp nfs filtered
10667200.68.34.99 53 tcp domain filtered
10668200.68.34.99 53 udp domain unknown
10669200.68.34.99 67 tcp dhcps filtered
10670200.68.34.99 67 udp dhcps unknown
10671200.68.34.99 68 tcp dhcpc filtered
10672200.68.34.99 68 udp dhcpc unknown
10673200.68.34.99 69 tcp tftp filtered
10674200.68.34.99 69 udp tftp unknown
10675200.68.34.99 88 tcp kerberos-sec filtered
10676200.68.34.99 88 udp kerberos-sec unknown
10677200.68.34.99 123 tcp ntp filtered
10678200.68.34.99 123 udp ntp unknown
10679200.68.34.99 137 tcp netbios-ns filtered
10680200.68.34.99 137 udp netbios-ns unknown
10681200.68.34.99 138 tcp netbios-dgm filtered
10682200.68.34.99 138 udp netbios-dgm unknown
10683200.68.34.99 139 tcp netbios-ssn filtered
10684200.68.34.99 139 udp netbios-ssn unknown
10685200.68.34.99 161 tcp snmp filtered
10686200.68.34.99 161 udp snmp unknown
10687200.68.34.99 162 tcp snmptrap filtered
10688200.68.34.99 162 udp snmptrap unknown
10689200.68.34.99 389 tcp ldap filtered
10690200.68.34.99 389 udp ldap unknown
10691200.68.34.99 520 tcp efs filtered
10692200.68.34.99 520 udp route unknown
10693200.68.34.99 2049 tcp nfs filtered
10694200.68.34.99 2049 udp nfs unknown
10695200.73.54.34 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10696200.73.54.34 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
10697200.73.54.34 67 tcp dhcps filtered
10698200.73.54.34 67 udp dhcps unknown
10699200.73.54.34 68 tcp dhcpc filtered
10700200.73.54.34 68 udp dhcpc unknown
10701200.73.54.34 69 tcp tftp filtered
10702200.73.54.34 69 udp tftp unknown
10703200.73.54.34 88 tcp kerberos-sec filtered
10704200.73.54.34 88 udp kerberos-sec unknown
10705200.73.54.34 123 tcp ntp filtered
10706200.73.54.34 123 udp ntp unknown
10707200.73.54.34 137 tcp netbios-ns filtered
10708200.73.54.34 137 udp netbios-ns unknown
10709200.73.54.34 138 tcp netbios-dgm filtered
10710200.73.54.34 138 udp netbios-dgm unknown
10711200.73.54.34 139 tcp netbios-ssn filtered
10712200.73.54.34 139 udp netbios-ssn unknown
10713200.73.54.34 161 tcp snmp filtered
10714200.73.54.34 161 udp snmp unknown
10715200.73.54.34 162 tcp snmptrap filtered
10716200.73.54.34 162 udp snmptrap unknown
10717200.73.54.34 389 tcp ldap filtered
10718200.73.54.34 389 udp ldap unknown
10719200.73.54.34 520 tcp efs filtered
10720200.73.54.34 520 udp route unknown
10721200.73.54.34 2049 tcp nfs filtered
10722200.73.54.34 2049 udp nfs unknown
10723200.91.40.252 53 tcp domain filtered
10724200.91.40.252 53 udp domain unknown
10725200.91.40.252 67 tcp dhcps filtered
10726200.91.40.252 67 udp dhcps unknown
10727200.91.40.252 68 tcp dhcpc filtered
10728200.91.40.252 68 udp dhcpc unknown
10729200.91.40.252 69 tcp tftp filtered
10730200.91.40.252 69 udp tftp unknown
10731200.91.40.252 88 tcp kerberos-sec filtered
10732200.91.40.252 88 udp kerberos-sec unknown
10733200.91.40.252 123 tcp ntp filtered
10734200.91.40.252 123 udp ntp unknown
10735200.91.40.252 137 tcp netbios-ns filtered
10736200.91.40.252 137 udp netbios-ns unknown
10737200.91.40.252 138 tcp netbios-dgm filtered
10738200.91.40.252 138 udp netbios-dgm unknown
10739200.91.40.252 139 tcp netbios-ssn filtered
10740200.91.40.252 139 udp netbios-ssn unknown
10741200.91.40.252 161 tcp snmp filtered
10742200.91.40.252 161 udp snmp unknown
10743200.91.40.252 162 tcp snmptrap filtered
10744200.91.40.252 162 udp snmptrap unknown
10745200.91.40.252 389 tcp ldap filtered
10746200.91.40.252 389 udp ldap unknown
10747200.91.40.252 520 tcp efs filtered
10748200.91.40.252 520 udp route unknown
10749200.91.40.252 2049 tcp nfs filtered
10750200.91.40.252 2049 udp nfs unknown
10751200.91.41.5 53 tcp domain filtered
10752200.91.41.5 53 udp domain unknown
10753200.91.41.5 67 tcp dhcps filtered
10754200.91.41.5 67 udp dhcps unknown
10755200.91.41.5 68 tcp dhcpc filtered
10756200.91.41.5 68 udp dhcpc unknown
10757200.91.41.5 69 tcp tftp filtered
10758200.91.41.5 69 udp tftp unknown
10759200.91.41.5 88 tcp kerberos-sec filtered
10760200.91.41.5 88 udp kerberos-sec unknown
10761200.91.41.5 123 tcp ntp filtered
10762200.91.41.5 123 udp ntp unknown
10763200.91.41.5 137 tcp netbios-ns filtered
10764200.91.41.5 137 udp netbios-ns unknown
10765200.91.41.5 138 tcp netbios-dgm filtered
10766200.91.41.5 138 udp netbios-dgm unknown
10767200.91.41.5 139 tcp netbios-ssn filtered
10768200.91.41.5 139 udp netbios-ssn unknown
10769200.91.41.5 161 tcp snmp filtered
10770200.91.41.5 161 udp snmp unknown
10771200.91.41.5 162 tcp snmptrap filtered
10772200.91.41.5 162 udp snmptrap unknown
10773200.91.41.5 389 tcp ldap filtered
10774200.91.41.5 389 udp ldap unknown
10775200.91.41.5 520 tcp efs filtered
10776200.91.41.5 520 udp route unknown
10777200.91.41.5 2049 tcp nfs filtered
10778200.91.41.5 2049 udp nfs unknown
10779200.126.100.83 53 tcp domain filtered
10780200.126.100.83 53 udp domain unknown
10781200.126.100.83 67 tcp dhcps filtered
10782200.126.100.83 67 udp dhcps unknown
10783200.126.100.83 68 tcp dhcpc filtered
10784200.126.100.83 68 udp dhcpc unknown
10785200.126.100.83 69 tcp tftp filtered
10786200.126.100.83 69 udp tftp unknown
10787200.126.100.83 88 tcp kerberos-sec filtered
10788200.126.100.83 88 udp kerberos-sec unknown
10789200.126.100.83 123 tcp ntp filtered
10790200.126.100.83 123 udp ntp unknown
10791200.126.100.83 137 tcp netbios-ns filtered
10792200.126.100.83 137 udp netbios-ns unknown
10793200.126.100.83 138 tcp netbios-dgm filtered
10794200.126.100.83 138 udp netbios-dgm unknown
10795200.126.100.83 139 tcp netbios-ssn filtered
10796200.126.100.83 139 udp netbios-ssn unknown
10797200.126.100.83 161 tcp snmp filtered
10798200.126.100.83 161 udp snmp unknown
10799200.126.100.83 162 tcp snmptrap filtered
10800200.126.100.83 162 udp snmptrap unknown
10801200.126.100.83 389 tcp ldap filtered
10802200.126.100.83 389 udp ldap unknown
10803200.126.100.83 520 tcp efs filtered
10804200.126.100.83 520 udp route unknown
10805200.126.100.83 2049 tcp nfs filtered
10806200.126.100.83 2049 udp nfs unknown
10807201.159.170.136 53 tcp domain filtered
10808201.159.170.136 53 udp domain unknown
10809201.159.170.136 67 tcp dhcps filtered
10810201.159.170.136 67 udp dhcps unknown
10811201.159.170.136 68 tcp dhcpc filtered
10812201.159.170.136 68 udp dhcpc unknown
10813201.159.170.136 69 tcp tftp filtered
10814201.159.170.136 69 udp tftp unknown
10815201.159.170.136 88 tcp kerberos-sec filtered
10816201.159.170.136 88 udp kerberos-sec unknown
10817201.159.170.136 123 tcp ntp filtered
10818201.159.170.136 123 udp ntp unknown
10819201.159.170.136 137 tcp netbios-ns filtered
10820201.159.170.136 137 udp netbios-ns unknown
10821201.159.170.136 138 tcp netbios-dgm filtered
10822201.159.170.136 138 udp netbios-dgm unknown
10823201.159.170.136 139 tcp netbios-ssn filtered
10824201.159.170.136 139 udp netbios-ssn unknown
10825201.159.170.136 161 tcp snmp filtered
10826201.159.170.136 161 udp snmp unknown
10827201.159.170.136 162 tcp snmptrap filtered
10828201.159.170.136 162 udp snmptrap unknown
10829201.159.170.136 389 tcp ldap filtered
10830201.159.170.136 389 udp ldap unknown
10831201.159.170.136 520 tcp efs filtered
10832201.159.170.136 520 udp route unknown
10833201.159.170.136 2049 tcp nfs filtered
10834201.159.170.136 2049 udp nfs unknown
10835204.93.193.141 21 tcp ftp open Your connection to this server has been blocked.\x0d\x0a\x0d\x0aYou are most likely being blocked due to use of incorrect user/pass combination. Please, check all of your computers/devices to make sure that they are using the correct login credentials, including your email clients. You may also get blocked due to too many POP3/IMAP logins in 1 minute interval, please adjust your email client settings.\x0d\x0a
10836204.93.193.141 53 tcp domain filtered
10837204.93.193.141 53 udp domain unknown
10838204.93.193.141 67 tcp dhcps filtered
10839204.93.193.141 67 udp dhcps unknown
10840204.93.193.141 68 tcp dhcpc filtered
10841204.93.193.141 68 udp dhcpc unknown
10842204.93.193.141 69 tcp tftp filtered
10843204.93.193.141 69 udp tftp unknown
10844204.93.193.141 88 tcp kerberos-sec filtered
10845204.93.193.141 88 udp kerberos-sec unknown
10846204.93.193.141 123 tcp ntp filtered
10847204.93.193.141 123 udp ntp unknown
10848204.93.193.141 137 tcp netbios-ns filtered
10849204.93.193.141 137 udp netbios-ns unknown
10850204.93.193.141 138 tcp netbios-dgm filtered
10851204.93.193.141 138 udp netbios-dgm unknown
10852204.93.193.141 139 tcp netbios-ssn filtered
10853204.93.193.141 139 udp netbios-ssn unknown
10854204.93.193.141 161 tcp snmp filtered
10855204.93.193.141 161 udp snmp unknown
10856204.93.193.141 162 tcp snmptrap filtered
10857204.93.193.141 162 udp snmptrap unknown
10858204.93.193.141 389 tcp ldap filtered
10859204.93.193.141 389 udp ldap unknown
10860204.93.193.141 520 tcp efs filtered
10861204.93.193.141 520 udp route unknown
10862204.93.193.141 2049 tcp nfs filtered
10863204.93.193.141 2049 udp nfs unknown
10864206.48.140.40 53 tcp domain filtered
10865206.48.140.40 53 udp domain unknown
10866206.48.140.40 67 tcp dhcps filtered
10867206.48.140.40 67 udp dhcps unknown
10868206.48.140.40 68 tcp dhcpc filtered
10869206.48.140.40 68 udp dhcpc unknown
10870206.48.140.40 69 tcp tftp filtered
10871206.48.140.40 69 udp tftp unknown
10872206.48.140.40 88 tcp kerberos-sec filtered
10873206.48.140.40 88 udp kerberos-sec unknown
10874206.48.140.40 123 tcp ntp filtered
10875206.48.140.40 123 udp ntp unknown
10876206.48.140.40 137 tcp netbios-ns filtered
10877206.48.140.40 137 udp netbios-ns unknown
10878206.48.140.40 138 tcp netbios-dgm filtered
10879206.48.140.40 138 udp netbios-dgm unknown
10880206.48.140.40 139 tcp netbios-ssn filtered
10881206.48.140.40 139 udp netbios-ssn unknown
10882206.48.140.40 161 tcp snmp filtered
10883206.48.140.40 161 udp snmp unknown
10884206.48.140.40 162 tcp snmptrap filtered
10885206.48.140.40 162 udp snmptrap unknown
10886206.48.140.40 389 tcp ldap filtered
10887206.48.140.40 389 udp ldap unknown
10888206.48.140.40 520 tcp efs filtered
10889206.48.140.40 520 udp route unknown
10890206.48.140.40 2049 tcp nfs filtered
10891206.48.140.40 2049 udp nfs unknown
10892207.246.147.189 53 tcp domain filtered
10893207.246.147.189 53 udp domain unknown
10894207.246.147.189 67 tcp dhcps filtered
10895207.246.147.189 67 udp dhcps unknown
10896207.246.147.189 68 tcp dhcpc filtered
10897207.246.147.189 68 udp dhcpc unknown
10898207.246.147.189 69 tcp tftp filtered
10899207.246.147.189 69 udp tftp unknown
10900207.246.147.189 80 tcp http open nginx
10901207.246.147.189 88 tcp kerberos-sec filtered
10902207.246.147.189 88 udp kerberos-sec unknown
10903207.246.147.189 123 tcp ntp filtered
10904207.246.147.189 123 udp ntp unknown
10905207.246.147.189 137 tcp netbios-ns filtered
10906207.246.147.189 137 udp netbios-ns unknown
10907207.246.147.189 138 tcp netbios-dgm filtered
10908207.246.147.189 138 udp netbios-dgm unknown
10909207.246.147.189 139 tcp netbios-ssn filtered
10910207.246.147.189 139 udp netbios-ssn unknown
10911207.246.147.189 161 tcp snmp filtered
10912207.246.147.189 161 udp snmp unknown
10913207.246.147.189 162 tcp snmptrap filtered
10914207.246.147.189 162 udp snmptrap unknown
10915207.246.147.189 389 tcp ldap filtered
10916207.246.147.189 389 udp ldap unknown
10917207.246.147.189 443 tcp ssl/http open nginx
10918207.246.147.189 520 tcp efs filtered
10919207.246.147.189 520 udp route unknown
10920207.246.147.189 2049 tcp nfs filtered
10921207.246.147.189 2049 udp nfs unknown
10922207.246.147.190 53 tcp domain filtered
10923207.246.147.190 53 udp domain unknown
10924207.246.147.190 67 tcp dhcps filtered
10925207.246.147.190 67 udp dhcps unknown
10926207.246.147.190 68 tcp dhcpc filtered
10927207.246.147.190 68 udp dhcpc unknown
10928207.246.147.190 69 tcp tftp filtered
10929207.246.147.190 69 udp tftp unknown
10930207.246.147.190 80 tcp http open nginx
10931207.246.147.190 88 tcp kerberos-sec filtered
10932207.246.147.190 88 udp kerberos-sec unknown
10933207.246.147.190 123 tcp ntp filtered
10934207.246.147.190 123 udp ntp unknown
10935207.246.147.190 137 tcp netbios-ns filtered
10936207.246.147.190 137 udp netbios-ns unknown
10937207.246.147.190 138 tcp netbios-dgm filtered
10938207.246.147.190 138 udp netbios-dgm filtered
10939207.246.147.190 139 tcp netbios-ssn filtered
10940207.246.147.190 139 udp netbios-ssn unknown
10941207.246.147.190 161 tcp snmp filtered
10942207.246.147.190 161 udp snmp unknown
10943207.246.147.190 162 tcp snmptrap filtered
10944207.246.147.190 162 udp snmptrap unknown
10945207.246.147.190 389 tcp ldap filtered
10946207.246.147.190 389 udp ldap unknown
10947207.246.147.190 443 tcp ssl/http open nginx
10948207.246.147.190 520 tcp efs filtered
10949207.246.147.190 520 udp route unknown
10950207.246.147.190 2049 tcp nfs filtered
10951207.246.147.190 2049 udp nfs unknown
10952207.246.147.247 53 tcp domain filtered
10953207.246.147.247 53 udp domain filtered
10954207.246.147.247 67 tcp dhcps filtered
10955207.246.147.247 67 udp dhcps unknown
10956207.246.147.247 68 tcp dhcpc filtered
10957207.246.147.247 68 udp dhcpc unknown
10958207.246.147.247 69 tcp tftp filtered
10959207.246.147.247 69 udp tftp unknown
10960207.246.147.247 80 tcp http open nginx
10961207.246.147.247 88 tcp kerberos-sec filtered
10962207.246.147.247 88 udp kerberos-sec unknown
10963207.246.147.247 123 tcp ntp filtered
10964207.246.147.247 123 udp ntp unknown
10965207.246.147.247 137 tcp netbios-ns filtered
10966207.246.147.247 137 udp netbios-ns filtered
10967207.246.147.247 138 tcp netbios-dgm filtered
10968207.246.147.247 138 udp netbios-dgm unknown
10969207.246.147.247 139 tcp netbios-ssn filtered
10970207.246.147.247 139 udp netbios-ssn unknown
10971207.246.147.247 161 tcp snmp filtered
10972207.246.147.247 161 udp snmp unknown
10973207.246.147.247 162 tcp snmptrap filtered
10974207.246.147.247 162 udp snmptrap unknown
10975207.246.147.247 389 tcp ldap filtered
10976207.246.147.247 389 udp ldap unknown
10977207.246.147.247 443 tcp ssl/http open nginx
10978207.246.147.247 520 tcp efs filtered
10979207.246.147.247 520 udp route unknown
10980207.246.147.247 2049 tcp nfs filtered
10981207.246.147.247 2049 udp nfs unknown
10982207.246.147.248 53 tcp domain filtered
10983207.246.147.248 53 udp domain unknown
10984207.246.147.248 67 tcp dhcps filtered
10985207.246.147.248 67 udp dhcps unknown
10986207.246.147.248 68 tcp dhcpc filtered
10987207.246.147.248 68 udp dhcpc unknown
10988207.246.147.248 69 tcp tftp filtered
10989207.246.147.248 69 udp tftp unknown
10990207.246.147.248 80 tcp http open nginx
10991207.246.147.248 88 tcp kerberos-sec filtered
10992207.246.147.248 88 udp kerberos-sec unknown
10993207.246.147.248 123 tcp ntp filtered
10994207.246.147.248 123 udp ntp unknown
10995207.246.147.248 137 tcp netbios-ns filtered
10996207.246.147.248 137 udp netbios-ns unknown
10997207.246.147.248 138 tcp netbios-dgm filtered
10998207.246.147.248 138 udp netbios-dgm unknown
10999207.246.147.248 139 tcp netbios-ssn filtered
11000207.246.147.248 139 udp netbios-ssn unknown
11001207.246.147.248 161 tcp snmp filtered
11002207.246.147.248 161 udp snmp unknown
11003207.246.147.248 162 tcp snmptrap filtered
11004207.246.147.248 162 udp snmptrap unknown
11005207.246.147.248 389 tcp ldap filtered
11006207.246.147.248 389 udp ldap unknown
11007207.246.147.248 443 tcp ssl/http open nginx
11008207.246.147.248 520 tcp efs filtered
11009207.246.147.248 520 udp route unknown
11010207.246.147.248 2049 tcp nfs filtered
11011207.246.147.248 2049 udp nfs unknown
11012211.13.196.135 25 tcp smtp closed
11013211.13.196.135 53 tcp domain filtered
11014211.13.196.135 53 udp domain unknown
11015211.13.196.135 67 tcp dhcps filtered
11016211.13.196.135 67 udp dhcps unknown
11017211.13.196.135 68 tcp dhcpc filtered
11018211.13.196.135 68 udp dhcpc unknown
11019211.13.196.135 69 tcp tftp filtered
11020211.13.196.135 69 udp tftp unknown
11021211.13.196.135 80 tcp http open Apache httpd
11022211.13.196.135 88 tcp kerberos-sec filtered
11023211.13.196.135 88 udp kerberos-sec unknown
11024211.13.196.135 113 tcp ident closed
11025211.13.196.135 123 tcp ntp filtered
11026211.13.196.135 123 udp ntp unknown
11027211.13.196.135 137 tcp netbios-ns filtered
11028211.13.196.135 137 udp netbios-ns filtered
11029211.13.196.135 138 tcp netbios-dgm filtered
11030211.13.196.135 138 udp netbios-dgm filtered
11031211.13.196.135 139 tcp netbios-ssn closed
11032211.13.196.135 139 udp netbios-ssn unknown
11033211.13.196.135 161 tcp snmp filtered
11034211.13.196.135 161 udp snmp unknown
11035211.13.196.135 162 tcp snmptrap filtered
11036211.13.196.135 162 udp snmptrap unknown
11037211.13.196.135 389 tcp ldap filtered
11038211.13.196.135 389 udp ldap unknown
11039211.13.196.135 443 tcp ssl/http open Apache httpd
11040211.13.196.135 445 tcp microsoft-ds closed
11041211.13.196.135 520 tcp efs filtered
11042211.13.196.135 520 udp route unknown
11043211.13.196.135 2049 tcp nfs filtered
11044211.13.196.135 2049 udp nfs unknown
11045212.174.0.150 53 tcp domain filtered
11046212.174.0.150 53 udp domain unknown
11047212.174.0.150 67 tcp dhcps filtered
11048212.174.0.150 67 udp dhcps unknown
11049212.174.0.150 68 tcp dhcpc filtered
11050212.174.0.150 68 udp dhcpc unknown
11051212.174.0.150 69 tcp tftp filtered
11052212.174.0.150 69 udp tftp unknown
11053212.174.0.150 80 tcp http open Microsoft IIS httpd 8.5
11054212.174.0.150 88 tcp kerberos-sec filtered
11055212.174.0.150 88 udp kerberos-sec unknown
11056212.174.0.150 123 tcp ntp filtered
11057212.174.0.150 123 udp ntp unknown
11058212.174.0.150 137 tcp netbios-ns filtered
11059212.174.0.150 137 udp netbios-ns unknown
11060212.174.0.150 138 tcp netbios-dgm filtered
11061212.174.0.150 138 udp netbios-dgm unknown
11062212.174.0.150 139 tcp netbios-ssn filtered
11063212.174.0.150 139 udp netbios-ssn unknown
11064212.174.0.150 161 tcp snmp filtered
11065212.174.0.150 161 udp snmp unknown
11066212.174.0.150 162 tcp snmptrap filtered
11067212.174.0.150 162 udp snmptrap unknown
11068212.174.0.150 389 tcp ldap filtered
11069212.174.0.150 389 udp ldap unknown
11070212.174.0.150 520 tcp efs filtered
11071212.174.0.150 520 udp route unknown
11072212.174.0.150 2049 tcp nfs filtered
11073212.174.0.150 2049 udp nfs unknown
11074216.172.184.117 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 5 of 150 allowed.\x0d\x0a220-Local time is now 01:41. Server port: 21.\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
11075216.172.184.117 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
11076216.172.184.117 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
11077216.172.184.117 67 tcp dhcps closed
11078216.172.184.117 67 udp dhcps closed
11079216.172.184.117 68 tcp dhcpc closed
11080216.172.184.117 68 udp dhcpc unknown
11081216.172.184.117 69 tcp tftp closed
11082216.172.184.117 69 udp tftp unknown
11083216.172.184.117 88 tcp kerberos-sec closed
11084216.172.184.117 88 udp kerberos-sec unknown
11085216.172.184.117 123 tcp ntp closed
11086216.172.184.117 123 udp ntp unknown
11087216.172.184.117 137 tcp netbios-ns closed
11088216.172.184.117 137 udp netbios-ns unknown
11089216.172.184.117 138 tcp netbios-dgm closed
11090216.172.184.117 138 udp netbios-dgm closed
11091216.172.184.117 139 tcp netbios-ssn closed
11092216.172.184.117 139 udp netbios-ssn closed
11093216.172.184.117 161 tcp snmp closed
11094216.172.184.117 161 udp snmp unknown
11095216.172.184.117 162 tcp snmptrap closed
11096216.172.184.117 162 udp snmptrap closed
11097216.172.184.117 389 tcp ldap closed
11098216.172.184.117 389 udp ldap closed
11099216.172.184.117 520 tcp efs closed
11100216.172.184.117 520 udp route closed
11101216.172.184.117 2049 tcp nfs closed
11102216.172.184.117 2049 udp nfs unknown
11103218.45.5.97 25 tcp smtp closed
11104218.45.5.97 53 tcp domain filtered
11105218.45.5.97 53 udp domain unknown
11106218.45.5.97 67 tcp dhcps filtered
11107218.45.5.97 67 udp dhcps unknown
11108218.45.5.97 68 tcp dhcpc filtered
11109218.45.5.97 68 udp dhcpc unknown
11110218.45.5.97 69 tcp tftp filtered
11111218.45.5.97 69 udp tftp unknown
11112218.45.5.97 80 tcp http open Apache httpd 2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.2.15
11113218.45.5.97 88 tcp kerberos-sec filtered
11114218.45.5.97 88 udp kerberos-sec unknown
11115218.45.5.97 113 tcp ident closed
11116218.45.5.97 123 tcp ntp filtered
11117218.45.5.97 123 udp ntp unknown
11118218.45.5.97 137 tcp netbios-ns filtered
11119218.45.5.97 137 udp netbios-ns filtered
11120218.45.5.97 138 tcp netbios-dgm filtered
11121218.45.5.97 138 udp netbios-dgm filtered
11122218.45.5.97 139 tcp netbios-ssn closed
11123218.45.5.97 139 udp netbios-ssn unknown
11124218.45.5.97 161 tcp snmp filtered
11125218.45.5.97 161 udp snmp unknown
11126218.45.5.97 162 tcp snmptrap filtered
11127218.45.5.97 162 udp snmptrap unknown
11128218.45.5.97 389 tcp ldap filtered
11129218.45.5.97 389 udp ldap unknown
11130218.45.5.97 443 tcp ssl/http open Apache httpd 2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.2.15
11131218.45.5.97 445 tcp microsoft-ds closed
11132218.45.5.97 520 tcp efs filtered
11133218.45.5.97 520 udp route unknown
11134218.45.5.97 2049 tcp nfs filtered
11135218.45.5.97 2049 udp nfs unknown
11136#################################################################################################################################
11137Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-19 06:46 EDT
11138Nmap scan report for callecalle5.uach.cl (146.83.222.104)
11139Host is up (0.40s latency).
11140Not shown: 996 filtered ports
11141PORT STATE SERVICE VERSION
1114280/tcp open http Apache httpd
11143|_http-server-header: Apache
11144| vulscan: VulDB - https://vuldb.com:
11145| [141649] Apache OFBiz up to 16.11.05 Form Widget Freemarker Markup Code Execution
11146| [141648] Apache OFBiz up to 16.11.05 Application Stored cross site scripting
11147| [140386] Apache Commons Beanutils 1.9.2 BeanIntrospector unknown vulnerability
11148| [139708] Apache Ranger up to 1.2.0 Policy Import cross site scripting
11149| [139540] cPanel up to 60.0.24 Apache HTTP Server Key information disclosure
11150| [139386] Apache Tike up to 1.21 RecursiveParserWrapper Stack-based memory corruption
11151| [139385] Apache Tika 1.19/1.20/1.21 SAXParsers Hang denial of service
11152| [139384] Apache Tika up to 1.21 RecursiveParserWrapper ZIP File denial of service
11153| [139261] Apache Solr 8.2.0 DataImportHandler Parameter unknown vulnerability
11154| [139259] cPanel up to 68.0.26 WHM Apache Includes Editor information disclosure
11155| [139256] cPanel up to 68.0.26 WHM Apache Configuration Include Editor cross site scripting
11156| [139239] cPanel up to 70.0.22 Apache HTTP Server Log information disclosure
11157| [139141] Apache ActiveMQ Client up to 5.15.4 ActiveMQConnection.java ActiveMQConnection denial of service
11158| [139130] cPanel up to 73.x Apache HTTP Server Injection privilege escalation
11159| [138914] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 VM sql injection
11160| [138913] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Block Argument privilege escalation
11161| [138912] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Cookie sql injection
11162| [138816] Apache Storm up to 1.2.2 Logviewer Daemon Log information disclosure
11163| [138815] Apache Storm up to 1.2.2 UI Daemon Deserialization privilege escalation
11164| [138164] Oracle 2.7.0.1 Apache Log4j unknown vulnerability
11165| [138155] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Tomcat unknown vulnerability
11166| [138151] Oracle Transportation Management 6.3.7 Apache Tomcat unknown vulnerability
11167| [138149] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Commons FileUpload unknown vulnerability
11168| [138131] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Tomcat unknown vulnerability
11169| [138129] Oracle Retail Xstore Point of Service 7.0/7.1 Apache HTTP Server denial of service
11170| [138123] Oracle Retail Order Management System 5.0 Apache Struts 1 unknown vulnerability
11171| [138122] Oracle Retail Order Broker 5.2/15.0 Apache Tomcat unknown vulnerability
11172| [138121] Oracle Retail Order Broker 5.2/15.0 Apache CXF unknown vulnerability
11173| [138112] Oracle Retail Integration Bus 15.0/16.0 Apache Commons FileUpload unknown vulnerability
11174| [138111] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Commons FileUpload unknown vulnerability
11175| [138103] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56/8.57 Apache WSS4J information disclosure
11176| [138053] Oracle JD Edwards EnterpriseOne Tools 9.2 Apache Log4j unknown vulnerability
11177| [138036] Oracle Insurance Rules Palette 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
11178| [138035] Oracle Insurance Policy Administration J2EE 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
11179| [138034] Oracle Insurance Calculation Engine 9.7/10.0/10.1/10.2 Apache Commons FileUpload unknown vulnerability
11180| [138028] Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
11181| [138020] Oracle BI Publisher 11.1.1.9.0 Apache Tomcat unknown vulnerability
11182| [138019] Oracle BI Publisher (formerly XML Publisher) 11.1.1.9.0 Apache Tomcat unknown vulnerability
11183| [138017] Oracle Outside In Technology 8.5.4 Apache Commons FileUpload unknown vulnerability
11184| [138013] Oracle Outside In Technology 8.5.4 Apache Tomcat unknown vulnerability
11185| [138012] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
11186| [138009] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
11187| [138008] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Struts 1 denial of service
11188| [138007] Oracle WebCenter Sites 12.2.1.3.0 Apache Tomcat denial of service
11189| [138006] Oracle Enterprise Repository 12.1.3.0.0 Apache CXF denial of service
11190| [138000] Oracle WebCenter Sites 12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
11191| [137999] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
11192| [137995] Oracle Hospitality Simphony 18.2.1 Apache WSS4J information disclosure
11193| [137987] Oracle FLEXCUBE Universal Banking up to 12.0.3/12.4.0/14.2.0 Apache Log4j unknown vulnerability
11194| [137981] Oracle Insurance IFRS 17 Analyzer 8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
11195| [137980] Oracle Insurance Data Foundation 8.0.4/8.0.5/8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
11196| [137979] Oracle 8.0.8 Apache Commons FileUpload unknown vulnerability
11197| [137973] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Batik unknown vulnerability
11198| [137970] Oracle Financial Services Profitability Management 8.0.4/8.0.5/8.0.6/8.0.7 Apache ActiveMQ unknown vulnerability
11199| [137967] Oracle up to 8.0.7 Apache httpd unknown vulnerability
11200| [137966] Oracle 8.0.7/8.0.8 Apache Groovy unknown vulnerability
11201| [137965] Oracle Financial Services Liquidity Risk Management 8.0.1/8.0.2/8.0.4/8.0.5/8.0.6 Apache Commons FileUpload unknown vulnerability
11202| [137964] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Log4j unknown vulnerability
11203| [137933] Oracle Banking Platform up to 2.7.1 Apache Tika unknown vulnerability
11204| [137926] Oracle Enterprise Manager for Fusion Middleware 13.2/13.3 Apache Commons FileUpload information disclosure
11205| [137924] Oracle Enterprise Manager Base Platform 12.1.0.5.0/13.2.0.0.0/13.3.0.0.0 Apache Commons FileUpload unknown vulnerability
11206| [137914] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
11207| [137913] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
11208| [137911] Oracle E-Business Suite up to 12.2.8 Apache HTTP Server unknown vulnerability
11209| [137910] Oracle E-Business Suite up to 12.2.8 Apache CXF information disclosure
11210| [137909] Oracle E-Business Suite up to 12.2.8 Apache Commons FileUpload unknown vulnerability
11211| [137905] Oracle Primavera Gateway 15.2/16.2/17.12/18.8 Apache Tika denial of service
11212| [137901] Oracle Primavera Unifier up to 18.8 Apache HTTP Server unknown vulnerability
11213| [137895] Oracle Instant Messaging Server 10.0.1.2.0 Apache Tika information disclosure
11214| [137894] Oracle EAGLE (Software) 46.5/46.6/46.7 Apache Tomcat information disclosure
11215| [137892] Oracle Online Mediation Controller 6.1 Apache Batik denial of service
11216| [137891] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Tomcat unknown vulnerability
11217| [137885] Oracle Diameter Signaling Router (DSR) 8.0/8.1/8.2 Apache cxf unknown vulnerability
11218| [137882] Oracle Unified 8.0.0.2.0 Apache Commons FileUpload unknown vulnerability
11219| [137881] Oracle Online Mediation Controller 6.1 Apache Commons FileUpload unknown vulnerability
11220| [137880] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Log4j unknown vulnerability
11221| [137879] Oracle Convergence 3.0.2 Apache Commons FileUpload unknown vulnerability
11222| [137876] Oracle Application Session Controller 3.7.1/3.8.0 Apache Commons FileUpload unknown vulnerability
11223| [137829] Apache Roller 5.2.3 Math Comment Authenticator Reflected cross site scripting
11224| [137736] Apache Kafka 0.11.0.0/2.1.0 ACL Validation Request privilege escalation
11225| [136858] MakerBot Replicator 5G Printer Apache HTTP Server information disclosure
11226| [136849] Analogic Poste.io 2.1.6 on Apache RoundCube logs/ information disclosure
11227| [136822] Apache Tomcat up to 8.5.40/9.0.19 Incomplete Fix CVE-2019-0199 Resource Exhaustion denial of service
11228| [136808] Apache Geode up to 1.8.0 Secure Mode privilege escalation
11229| [136646] Apache Allura up to 1.10.x Dropdown Selector Stored cross site scripting
11230| [136374] Apache HTTP Server up to 2.4.38 Slash Regular Expression unknown vulnerability
11231| [136373] Apache HTTP Server 2.4.34/2.4.35/2.4.36/2.4.37/2.4.38 HTTP2 Request Crash denial of service
11232| [136372] Apache HTTP Server up to 2.4.38 HTTP2 Request unknown vulnerability
11233| [136370] Apache Fineract up to 1.2.x sql injection
11234| [136369] Apache Fineract up to 1.2.x sql injection
11235| [135731] Apache Hadoop up to 2.8.4/2.9.1/3.1.0 yarn privilege escalation
11236| [135664] Apache Tomcat up to 7.0.93/8.5.39/9.0.0.17 SSI printenv Command cross site scripting
11237| [135663] Apache Camel up to 2.23.x JSON-lib Library XML Data XML External Entity
11238| [135661] Apache Roller up to 5.2.1/5.2.0 XML-RPC Interface XML File Server-Side Request Forgery
11239| [135402] Apache Zookeeper up to 3.4.13/3.5.0-alpha to 3.5.4-beta getACL() information disclosure
11240| [135270] Apache JSPWiki up to 2.11.0.M3 Plugin Link cross site scripting
11241| [135269] Apache JSPWiki up to 2.11.0.M3 InterWiki Link cross site scripting
11242| [135268] Apache JSPWiki up to 2.11.0.M3 Attachment cross site scripting
11243| [134527] Apache Karaf up to 4.2.4 Config Service directory traversal
11244| [134416] Apache Sanselan 0.97-incubator Loop denial of service
11245| [134415] Apache Sanselan 0.97-incubator Hang denial of service
11246| [134291] Apache Axis up to 1.7.8 Server-Side Request Forgery
11247| [134290] Apache UIMA DUCC up to 2.2.2 cross site scripting
11248| [134248] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
11249| [134247] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
11250| [134246] Apache Camel up to 2.19/2.21.3/2.22.2/2.23.0 directory traversal
11251| [134138] Apache Pluto 3.0.0/3.0.1 Chat Room Demo Portlet cross site scripting
11252| [133992] Apache Qpid Proton up to 0.27.0 Certificate Validation Man-in-the-Middle weak authentication
11253| [133977] Apache Zeppelin up to 0.7.x Stored cross site scripting
11254| [133976] Apache Zeppelin up to 0.7.x Cron Scheduler privilege escalation
11255| [133975] Apache Zeppelin up to 0.7.2 Session Fixation weak authentication
11256| [133444] Apache PDFbox 2.0.14 XML Parser XML External Entity
11257| [133573] Oracle FLEXCUBE Private Banking 2.0.0.0/2.2.0.1/12.0.1.0/12.0.3.0/12.1.0.0 Apache ActiveMQ unknown vulnerability
11258| [133407] Apache Tomcat up to 7.0.93/8.5.39/9.0.17 on Windows JRE Command Line Argument Code Execution
11259| [133315] Apache Airflow up to 1.10.2 HTTP Endpoint cross site request forgery
11260| [133314] Apache Airflow up to 1.10.2 Metadata Database cross site scripting
11261| [133290] Apache Tomcat up to 8.5.37/9.0.14 HTTP2 Stream Execution denial of service
11262| [133112] Apache HTTP Server up to 2.4.38 mod_auth_digest race condition privilege escalation
11263| [133111] Apache HTTP Server 2.4.37/2.4.38 mod_ssl Bypass privilege escalation
11264| [133092] Airsonic 10.2.1 org.apache.commons.lang.RandomStringUtils RecoverController.java java.util.Random weak authentication
11265| [132568] Apache JSPWiki up to 2.11.0.M2 URL User information disclosure
11266| [132567] Apache JSPWiki up to 2.11.0.M2 URL cross site scripting
11267| [132566] Apache ActiveMQ up to 5.15.8 MQTT Frame Memory denial of service
11268| [132565] Apache HBase up to 2.1.3 REST Server Request privilege escalation
11269| [132183] Apache Mesos up to pre-1.4.x Docker Image Code Execution
11270| [131988] Apache Karaf up to 4.2.2 kar Deployer directory traversal
11271| [131859] Apache Hadoop up to 2.9.1 privilege escalation
11272| [131479] Apache Solr up to 7.6 HTTP GET Request Server-Side Request Forgery
11273| [131446] Apache Solr up to 5.0.5/6.6.5 Config API HTTP POST Request Code Execution
11274| [131385] Apache Qpid Broker-J up to 6.x/7.0.6/7.1.0 AMQP Command Crash denial of service
11275| [131315] Apache Mesos up to pre-1.4.x Mesos Masters Rendering JSON Payload Recursion denial of service
11276| [131236] Apache Airflow up to 1.10.1 Metadata Database cross site scripting
11277| [130755] Apache JSPWiki up to 2.10.5 URL cross site scripting
11278| [130629] Apache Guacamole Cookie Flag weak encryption
11279| [130628] Apache Hadoop up to 3.0.0 HDFS information disclosure
11280| [130529] Apache Subversion 1.10.0/1.10.1/1.10.2/1.10.3/1.11.0 mod_dav_svn Directory Crash denial of service
11281| [130353] Apache Open Office up to 4.1.5 Document Loader String memory corruption
11282| [130341] Apache HTTP Server 2.4.37 mod_ssl Loop denial of service
11283| [130330] Apache HTTP Server up to 2.4.37 mod_session Expired privilege escalation
11284| [130329] Apache HTTP Server 2.4.37 mod_http2 Slowloris denial of service
11285| [130212] Apache Airflow up to 1.10.0 LDAP Auth Backend Certificate weak authentication
11286| [130123] Apache Airflow up to 1.8.2 information disclosure
11287| [130122] Apache Airflow up to 1.8.2 command injection cross site request forgery
11288| [130121] Apache Airflow up to 1.8.2 Webserver Object Code Execution
11289| [129717] Oracle Secure Global Desktop 5.4 Apache HTTP Server denial of service
11290| [129688] Oracle Tape Library ACSLS 8.4 Apache Log4j unknown vulnerability
11291| [129673] Oracle Retail Returns Management 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
11292| [129672] Oracle Retail Central Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
11293| [129671] Oracle Retail Back Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
11294| [129574] Oracle Outside In Technology 8.5.3/8.5.4 Apache Tomcat denial of service
11295| [129573] Oracle WebLogic Server 10.3.6.0 Apache HTTP Server denial of service
11296| [129563] Oracle Enterprise Repository 12.1.3.0.0 Apache Log4j unknown vulnerability
11297| [129555] Oracle Outside In Technology 8.5.3 Apache Batik denial of service
11298| [129551] Oracle Outside In Technology 8.5.3/8.5.4 Apache Commons FileUpload denial of service
11299| [129542] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
11300| [129538] Oracle SOA Suite 12.1.3.0.0/12.2.1.3.0 Apache Batik unknown vulnerability
11301| [129519] Oracle Enterprise Manager Ops Center 12.2.2/12.3.3 Apache ActiveMQ unknown vulnerability
11302| [129508] Oracle Applications Manager up to 12.2.8 Apache Derby unknown vulnerability
11303| [129507] Oracle Mobile Field Service up to 12.2.8 Apache Log4j unknown vulnerability
11304| [129505] Oracle Email Center up to 12.2.8 Apache Log4j unknown vulnerability
11305| [129504] Oracle CRM Technical Foundation up to 12.2.8 Apache Commons FileUpload unknown vulnerability
11306| [129499] Oracle Partner Management up to 12.2.8 Apache Log4j unknown vulnerability
11307| [129498] Oracle Marketing up to 12.2.8 Apache Commons FileUpload unknown vulnerability
11308| [129480] Oracle Communications WebRTC Session Controller up to 7.1 Apache Batik unknown vulnerability
11309| [129479] Oracle Communications Diameter Signaling Router up to 8.2 Apache Batik unknown vulnerability
11310| [129474] Oracle Communications Diameter Signaling Router up to 8.2 Apache HTTP Server information disclosure
11311| [129472] Oracle Communications WebRTC Session Controller up to 7.1 Apache Struts 1 unknown vulnerability
11312| [129470] Oracle Communications Converged Application Server up to 7.0.0.0 Apache Struts 1 unknown vulnerability
11313| [129463] Oracle Communications WebRTC Session Controller up to 7.1 Apache Log4j unknown vulnerability
11314| [129461] Oracle Communications Services Gatekeeper up to 6.1.0.3.x Apache Commons Collections Fileupload unknown vulnerability
11315| [129460] Oracle Communications Service Broker 6.0 Apache Log4j unknown vulnerability
11316| [129459] Oracle Communications Policy Management up to 12.4 Apache Struts 2 unknown vulnerability
11317| [129458] Oracle Communications Online Mediation Controller 6.1 Apache Log4j unknown vulnerability
11318| [129457] Oracle Communications Diameter Signaling Router up to 8.2 Apache Commons Fileupload unknown vulnerability
11319| [129456] Oracle Communications Converged Application Server 6.1 Apache Log4j unknown vulnerability
11320| [128714] Apache Thrift Java Client Library up to 0.11.0 SASL Negotiation org.apache.thrift.transport.TSaslTransport unknown vulnerability
11321| [128713] Apache Thrift Node.js Static Web Server up to 0.11.0 directory traversal
11322| [128709] Apache Karaf up to 4.1.6/4.2.1 Features Deployer XMLInputFactory XML External Entity
11323| [128575] Apache NetBeans 9.0 Proxy Auto-Config Code Execution
11324| [128369] Apache Tika 1.8-1.19.1 SQLite3Parser Loop sql injection
11325| [128111] Apache NiFi 1.8.0 Template Upload Man-in-the-Middle cross site request forgery
11326| [128110] Apache NiFi 1.8.0 Cluster Request privilege escalation
11327| [128109] Apache NiFi 1.8.0 Error Page message-page.jsp Request Header cross site scripting
11328| [128108] Apache NiFi up to 1.7.x X-Frame-Options Header privilege escalation
11329| [128102] Apache Oozie up to 5.0.0 Workflow XML Impersonation spoofing
11330| [127994] WordPress up to 5.0.0 on Apache httpd MIME Restriction cross site scripting
11331| [127981] Apache OFBiz 16.11.01/16.11.02/16.11.03/16.11.04 HTTP Engine httpService GET Request privilege escalation
11332| [127161] Apache Hadoop 2.7.4/2.7.5/2.7.6 Incomplete Fix CVE-2016-6811 privilege escalation
11333| [127040] Loadbalancer.org Enterprise VA MAX up to 8.3.2 Apache HTTP Server Log cross site scripting
11334| [127007] Apache Spark Request Code Execution
11335| [126791] Apache Hadoop up to 0.23.11/2.7.6/2.8.4/2.9.1/3.0.2 ZIP File unknown vulnerability
11336| [126767] Apache Qpid Proton-J Transport 0.3 Certificate Verification Man-in-the-Middle weak authentication
11337| [126896] Apache Commons FileUpload 1.3.3 on LDAP Manager DiskFileItem File privilege escalation
11338| [126574] Apache Hive up to 2.3.3/3.1.0 Query privilege escalation
11339| [126573] Apache Hive up to 2.3.3/3.1.0 HiveServer2 privilege escalation
11340| [126564] Apache Superset up to 0.22 Pickle Library load Code Execution
11341| [126488] Apache Syncope up to 2.0.10/2.1.1 BPMN Definition xxe privilege escalation
11342| [126487] Apache Syncope up to 2.0.10/2.1.1 cross site scripting
11343| [126346] Apache Tomcat Path privilege escalation
11344| [125922] Apache Impala up to 3.0.0 ALTER privilege escalation
11345| [125921] Apache Impala up to 3.0.0 Queue Injection privilege escalation
11346| [125647] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Install (Apache Tomcat) information disclosure
11347| [125617] Oracle Retail Returns Management 14.1 Apache Batik unknown vulnerability
11348| [125616] Oracle Retail Point-of-Service 13.4/14.0/14.1 Apache Batik unknown vulnerability
11349| [125614] Oracle Retail Central Office 14.1 Apache Batik unknown vulnerability
11350| [125613] Oracle Retail Back Office 13.3/13.4/14/14.1 Apache Batik unknown vulnerability
11351| [125599] Oracle Retail Open Commerce Platform 5.3.0/6.0.0/6.0.1 Apache Log4j unknown vulnerability
11352| [125569] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56 Apache HTTP Server information disclosure
11353| [125494] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat information disclosure
11354| [125447] Oracle Business Intelligence Enterprise Edition 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Batik unknown vulnerability
11355| [125428] Oracle Identity Management Suite 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
11356| [125427] Oracle Identity Analytics 11.1.1.5.8 Apache Log4j unknown vulnerability
11357| [125424] Oracle API Gateway 11.1.2.4.0 Apache Log4j unknown vulnerability
11358| [125423] Oracle BI Publisher 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Log4j unknown vulnerability
11359| [125383] Oracle up to 10.2.0 Apache Trinidad unknown vulnerability
11360| [125379] Oracle up to 10.1.x Apache Struts 1 cross site scripting
11361| [125377] Oracle up to 10.2.0 Apache Commons Collections unknown vulnerability
11362| [125376] Oracle Communications Application Session Controller up to 3.7.0 Apache Commons Collections unknown vulnerability
11363| [125375] Oracle Communications User Data Repository up to 12.1.x Apache Xerces memory corruption
11364| [125248] Apache ActiveMQ up to 5.15.5 Web-based Administration Console queue.jsp Parameter cross site scripting
11365| [125133] Apache Tika up to 1.19 XML Parser reset() denial of service
11366| [124877] Apache PDFbox up to 2.0.11 PDF File denial of service
11367| [124876] Apache Ranger up to 1.1.x UnixAuthenticationService Stack-based memory corruption
11368| [124791] Apache Tomcat up to 7.0.90/8.5.33/9.0.11 URL Open Redirect
11369| [124787] Apache Pony Mail 0.7/0.8/0.9 Statistics Generator Timestamp Data information disclosure
11370| [124447] Apache HTTP Server up to 2.4.34 SETTINGS Frame denial of service
11371| [124346] Apache Mesos pre-1.4.2/1.5.0/1.5.1/1.6.0 on Executor HTTP API String Comparison validation JSON Web Token information disclosure
11372| [124286] Apache Tika up to 1.18 IptcAnpaParser Loop denial of service
11373| [124242] Apache Tika up to 0.18 C:/evil.bat" Directory unknown vulnerability
11374| [124241] Apache Tika up to 0.18 XML Parser Entity Expansion denial of service
11375| [124191] Apache Karaf up to 3.0.8/4.0.8/4.1.0 WebConsole .../gogo/ weak authentication
11376| [124190] Apache Karaf up to 4.1.x sshd privilege escalation
11377| [124152] Apache Camel Mail up to 2.22.0 Path directory traversal
11378| [124143] Apache SpamAssassin up to 3.4.1 PDFInfo Plugin Code Execution
11379| [124134] Apache SpamAssassin up to 3.4.1 Scan Engine HTML::Parser Email denial of service
11380| [124095] PHP up to 5.6.37/7.0.31/7.1.21/7.2.9 Apache2 sapi_apache2.c php_handler cross site scripting
11381| [124024] Apache Mesos 1.4.x/1.5.0 libprocess JSON Payload denial of service
11382| [123814] Apache ActiveMQ Client up to 5.15.5 TLS Hostname Verification Man-in-the-Middle weak authentication
11383| [123393] Apache Traffic Server up to 6.2.2/7.1.3 ESI Plugin Config privilege escalation
11384| [123392] Apache Traffic Server 6.2.2 TLS Handshake Segmentation Fault denial of service
11385| [123391] Apache Traffic Server up to 6.2.2/7.1.3 Range Request Performance denial of service
11386| [123390] Apache Traffic Server up to 6.2.2/7.1.3 Request HTTP Smuggling privilege escalation
11387| [123369] Apache Traffic Server up to 6.2.2/7.1.3 ACL remap.config Request denial of service
11388| [123197] Apache Sentry up to 2.0.0 privilege escalation
11389| [123145] Apache Struts up to 2.3.34/2.5.16 Namespace Code Execution
11390| [123144] Apache Cayenne up to 4.1.M1 CayenneModeler XML File File Transfer privilege escalation
11391| [122981] Apache Commons Compress 1.7 ZipArchiveInputStream ZIP Archive denial of service
11392| [122889] Apache HTTP Server up to 2.2.31/2.4.23 mod_userdir HTTP Response Splitting privilege escalation
11393| [122800] Apache Spark 1.3.0 REST API weak authentication
11394| [122642] Apache Airflow up to 1.8.x 404 Page Reflected cross site scripting
11395| [122568] Apache Tomcat up to 8.5.31/9.0.9 Connection Reuse weak authentication
11396| [122567] Apache Axis 1.0./1.1/1.2/1.3/1.4 cross site scripting
11397| [122556] Apache Tomcat up to 7.0.86/8.0.51/8.5.30/9.0.7 UTF-8 Decoder Loop denial of service
11398| [122531] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.9 WebSocket Client unknown vulnerability
11399| [122456] Apache Camel up to 2.20.3/2.21.0 XSD Validator XML External Entity
11400| [122455] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Revoked Certificate weak authentication
11401| [122454] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Responder Revoked Certificate weak authentication
11402| [122214] Apache Kafka up to 0.9.0.1/0.10.2.1/0.11.0.2/1.0.0 Broker Request Data Loss denial of service
11403| [122202] Apache Kafka up to 0.10.2.1/0.11.0.1 SASL Impersonation spoofing
11404| [122101] Docker Skeleton Runtime for Apache OpenWhisk Docker Action dockerskeleton:1.3.0 privilege escalation
11405| [122100] PHP Runtime for Apache OpenWhisk Docker Action action-php-v7.2:1.0.0 privilege escalation
11406| [122012] Apache Ignite up to 2.5 Serialization privilege escalation
11407| [121911] Apache Ambari up to 2.5.x/2.6.2 Log Message Credentials information disclosure
11408| [121910] Apache HTTP Server 2.4.33 mod_md HTTP Requests denial of service
11409| [121854] Oracle Tape Library ACSLS up to ACSLS 8.4.0-2 Apache Commons Collections unknown vulnerability
11410| [121752] Oracle Insurance Policy Administration 10.0/10.1/10.2/11.0 Apache Log4j unknown vulnerability
11411| [121370] Apache Spark up to 2.1.2/2.2.1/2.3.0 URL cross site scripting
11412| [121354] Apache CouchDB HTTP API Code Execution
11413| [121144] Apache LDAP API up to 1.0.1 SSL Filter information disclosure
11414| [121143] Apache Storm up to 0.10.2/1.0.6/1.1.2/1.2.1 Cluster privilege escalation
11415| [120436] Apache CXF Fediz up to 1.4.3 Application Plugin unknown vulnerability
11416| [120310] Apache PDFbox up to 1.8.14/2.0.10 AFMParser Loop denial of service
11417| [120168] Apache CXF weak authentication
11418| [120080] Apache Cassandra up to 3.11.1 JMX/RMI Interface RMI Request privilege escalation
11419| [120043] Apache HBase up to 1.2.6.0/1.3.2.0/1.4.4/2.0.0 Thrift 1 API Server weak authentication
11420| [119723] Apache Qpid Broker-J 7.0.0/7.0.1/7.0.2/7.0.3/7.0.4 AMQP Messages Crash denial of service
11421| [122569] Apache HTTP Server up to 2.4.33 HTTP2 Request denial of service
11422| [119486] Apache Geode up to 1.4.0 Security Manager Code Execution
11423| [119306] Apache MXNet Network Interface privilege escalation
11424| [118999] Apache Storm up to 1.0.6/1.1.2/1.2.1 Archive directory traversal
11425| [118996] Apache Storm up to 1.0.6/1.1.2/1.2.1 Daemon spoofing
11426| [118644] Apple macOS up to 10.13.5 apache_mod_php unknown vulnerability
11427| [118200] Apache Batik up to 1.9 Deserialization unknown vulnerability
11428| [118143] Apache NiFi activemq-client Library Deserialization denial of service
11429| [118142] Apache NiFi 1.6.0 SplitXML xxe privilege escalation
11430| [118051] Apache Zookeeper up to 3.4.9/3.5.3-beta weak authentication
11431| [117997] Apache ORC up to 1.4.3 ORC File Recursion denial of service
11432| [117825] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.8 CORS Filter privilege escalation
11433| [117405] Apache Derby up to 10.14.1.0 Network Server Network Packet privilege escalation
11434| [117347] Apache Ambari up to 2.6.1 HTTP Request directory traversal
11435| [117265] LibreOffice/Apache Office Writer SMB Connection XML Document information disclosure
11436| [117143] Apache uimaj/uima-as/uimaFIT/uimaDUCC XML XXE information disclosure
11437| [117117] Apache Tika up to 1.17 ChmParser Loop denial of service
11438| [117116] Apache Tika up to 1.17 BPGParser Loop denial of service
11439| [117115] Apache Tika up to 1.17 tika-server command injection
11440| [116929] Apache Fineract getReportType Parameter privilege escalation
11441| [116928] Apache Fineract REST Endpoint Parameter privilege escalation
11442| [116927] Apache Fineract MakercheckersApiResource Parameter sql injection
11443| [116926] Apache Fineract REST Parameter privilege escalation
11444| [116574] Apache wicket-jquery-ui up to 6.29.0/7.10.1/8.0.0-M9.1 WYSIWYG Editor privilege escalation
11445| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
11446| [115931] Apache Solr up to 6.6.2/7.2.1 XML Data Parameter XML External Entity
11447| [115883] Apache Hive up to 2.3.2 privilege escalation
11448| [115882] Apache Hive up to 2.3.2 xpath_short information disclosure
11449| [115881] Apache DriverHive JDBC Driver up to 2.3.2 Escape Argument Bypass privilege escalation
11450| [115518] Apache Ignite 2.3 Deserialization privilege escalation
11451| [115260] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache cross site scripting
11452| [115259] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache Cookie Stack-based memory corruption
11453| [115500] CA Workload Control Center up to r11.4 SP5 Apache MyFaces Component Code Execution
11454| [115121] Apache Struts REST Plugin up to 2.5.15 Xstream XML Data denial of service
11455| [115061] Apache HTTP Server up to 2.4.29 HTTP Digest Authentication Challenge HTTP Requests Replay privilege escalation
11456| [115060] Apache HTTP Server up to 2.4.29 mod_cache_socache Request Header Crash denial of service
11457| [115059] Apache HTTP Server up to 2.4.29 HTTP2 NULL Pointer Dereference denial of service
11458| [115058] Apache HTTP Server up to 2.4.29 HTTP Header Crash denial of service
11459| [115057] Apache HTTP Server up to 2.4.29 mod_session Variable Name Cache privilege escalation
11460| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
11461| [115038] Apache HTTP Server up to 2.0.65/2.2.34/2.4.29 mod_authnz_ldap Crash denial of service
11462| [114817] Apache Syncope up to 1.2.10/2.0.7 Search Parameter information disclosure
11463| [114816] Apache Syncope up to 1.2.10/2.0.7 XSLT Code Execution
11464| [114717] Apache Commons 1.11/1.12/1.13/1.14/1.15 ZIP Archive ZipFile/ZipArchiveInputStream denial of service
11465| [114661] Apache Allura up to 1.8.0 HTTP Response Splitting privilege escalation
11466| [114400] Apache Tomcat JK ISAPI Connector up to 1.2.42 IIS/ISAPI privilege escalation
11467| [114258] Apache HTTP Server up to 2.4.22 mod_cluster Segmentation Fault denial of service
11468| [114086] Apache ODE 1.3.3 ODE Process Deployment Web Service directory traversal
11469| [113955] Apache Xerces-C up to 3.2.0 XML Parser NULL Pointer Dereference denial of service
11470| [113945] Apache Tomcat up to 7.0.84/8.0.49/8.5.27/9.0.4 URL Pattern Empty String privilege escalation
11471| [113944] Apache OpenMeetings up to 3.x/4.0.1 CRUD Operation denial of service
11472| [113905] Apache Traffic Server up to 5.2.x/5.3.2/6.2.0/7.0.0 TLS Handshake Core Dump denial of service
11473| [113904] Apache Traffic Server up to 6.2.0 Host Header privilege escalation
11474| [113895] Apache Geode up to 1.3.x Code Execution
11475| [113894] Apache Geode up to 1.3.x TcpServer Code Execution
11476| [113888] Apache James Hupa WebMail 0.0.2 cross site scripting
11477| [113813] Apache Geode Cluster up to 1.3.x Secure Mode privilege escalation
11478| [113747] Apache Tomcat Servlets privilege escalation
11479| [113647] Apache Qpid up to 0.30 qpidd Broker AMQP Message Crash denial of service
11480| [113645] Apache VCL up to 2.1/2.2.1/2.3.1 Web GUI/XMLRPC API privilege escalation
11481| [113560] Apache jUDDI Console 3.0.0 Log Entries spoofing
11482| [113571] Apache Oozie up to 4.3.0/5.0.0-beta1 XML Data XML File privilege escalation
11483| [113569] Apache Karaf up to 4.0.7 LDAPLoginModule LDAP injection denial of service
11484| [113273] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
11485| [113198] Apache Qpid Dispatch Router 0.7.0/0.8.0 AMQP denial of service
11486| [113186] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
11487| [113145] Apache Thrift up to 0.9.3 Go Client Library privilege escalation
11488| [113106] Apache jUDDI up to 3.3.3 XML Data WADL2Java/WSDL2Java XML Document privilege escalation
11489| [113105] Apache Qpid Broker-J 7.0.0 AMQP Crash denial of service
11490| [112885] Apache Allura up to 1.8.0 File information disclosure
11491| [112856] Apache CloudStack up to 4.8.1.0/4.9.0.0 API weak authentication
11492| [112855] Apache CloudStack 4.1.0/4.1.1 API information disclosure
11493| [112678] Apache Tomcat up to 7.0.82/8.0.47/8.5.23/9.0.1 Bug Fix 61201 privilege escalation
11494| [112677] Apache Tomcat Native Connector up to 1.1.34/1.2.14 OCSP Checker Client weak authentication
11495| [112625] Apache POI up to 3.16 Loop denial of service
11496| [112448] Apache NiFi up to 1.3.x Deserialization privilege escalation
11497| [112396] Apache Hadoop 2.7.3/2.7.4 YARN NodeManager Credentials information disclosure
11498| [112339] Apache NiFi 1.5.0 Header privilege escalation
11499| [112330] Apache NiFi 1.5.0 Header HTTP Request privilege escalation
11500| [112314] NetGain Enterprise Manager 7.2.730 Build 1034 org.apache.jsp.u.jsp.tools.exec_jsp Servlet Parameter privilege escalation
11501| [112253] Apache Hadoop up to 0.23.x/2.7.4/2.8.2 MapReduce Job History Server Configuration File privilege escalation
11502| [112171] Oracle Secure Global Desktop 5.3 Apache Log4j privilege escalation
11503| [112164] Oracle Agile PLM 9.3.5/9.3.6 Apache Tomcat unknown vulnerability
11504| [112161] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Tomcat privilege escalation
11505| [112158] Oracle Autovue for Agile Product Lifecycle Management 21.0.0/21.0.1 Apache Log4j privilege escalation
11506| [112156] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Log4j privilege escalation
11507| [112155] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Apache Log4j privilege escalation
11508| [112137] Oracle MICROS Relate CRM Software 10.8.x/11.4.x/15.0.x, Apache Tomcat unknown vulnerability
11509| [112136] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat privilege escalation
11510| [112133] Oracle Retail Workforce Management 1.60.7/1.64.0 Apache Log4j privilege escalation
11511| [112129] Oracle Retail Assortment Planning 14.1.3/15.0.3/16.0.1 Apache Log4j privilege escalation
11512| [112114] Oracle 9.1 Apache Log4j privilege escalation
11513| [112113] Oracle 9.1 Apache Log4j privilege escalation
11514| [112045] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat privilege escalation
11515| [112038] Oracle Health Sciences Empirica Inspections 1.0.1.1 Apache Tomcat information disclosure
11516| [112019] Oracle Endeca Information Discovery Integrator 3.1.0/3.2.0 Apache Tomcat privilege escalation
11517| [112017] Oracle WebCenter Portal 11.1.1.9.0/12.2.1.2.0/12.2.1.3.0 Apache Struts 1 cross site scripting
11518| [112011] Oracle Identity Manager 11.1.2.3.0 Apache Commons Collections privilege escalation
11519| [111950] Oracle Database 12.2.0.1 Apache Tomcat information disclosure
11520| [111703] Apache Sling XSS Protection API 1.0.4 URL Encoding cross site scripting
11521| [111556] Apache Geode up to 1.2.x Secure Mode Parameter OQL privilege escalation
11522| [111555] Apache Geode up to 1.2.x Secure Mode OQL privilege escalation
11523| [111540] Apache Geode up to 1.2.x Secure Mode information disclosure
11524| [111519] Apache Sling JCR ContentLoader 2.1.4 xmlreader directory traversal
11525| [111338] Apache DeltaSpike-JSF 1.8.0 cross site scripting
11526| [111330] Apache OFBiz 16.11.01/16.11.02/16.11.03 BIRT Plugin cross site scripting
11527| [110789] Apache Sling up to 1.4.0 Authentication Service Credentials information disclosure
11528| [110785] Apache Drill up to 1.11.0 Query Page unknown vulnerability
11529| [110701] Apache Fineract Query Parameter sql injection
11530| [110484] Apache Synapse up to 3.0.0 Apache Commons Collections Serialized Object Code Injection privilege escalation
11531| [110426] Adobe Experience Manager 6.0/6.1/6.2/6.3 Apache Sling Servlets Post cross site scripting
11532| [110141] Apache Struts up to 2.5.14 REST Plugin denial of service
11533| [110140] Apache Qpid Broker-J up to 0.32 privilege escalation
11534| [110139] Apache Qpid Broker-J up to 6.1.4 AMQP Frame denial of service
11535| [110106] Apache CXF Fediz Spring cross site request forgery
11536| [109766] Apache OpenOffice up to 4.1.3 DOC File Parser WW8Fonts memory corruption
11537| [109750] Apache OpenOffice up to 4.1.3 DOC File Parser ImportOldFormatStyles memory corruption
11538| [109749] Apache OpenOffice up to 4.1.3 PPT File Parser PPTStyleSheet memory corruption
11539| [109606] October CMS Build 412 Apache Configuration File Upload privilege escalation
11540| [109419] Apache Camel up to 2.19.3/2.20.0 camel-castor Java Object Deserialization privilege escalation
11541| [109418] Apache Camel up to 2.19.3/2.20.0 camel-hessian Java Object Deserialization privilege escalation
11542| [109400] Apache CouchDB up to 1.6.x/2.1.0 Database Server Shell privilege escalation
11543| [109399] Apache CouchDB up to 1.6.x/2.1.0 JSON Parser Shell privilege escalation
11544| [109398] Apache CXF 3.1.14/3.2.1 JAX-WS/JAX-RS Attachment denial of service
11545| [108872] Apache Hive up to 2.1.1/2.2.0/2.3.0 Policy Enforcement privilege escalation
11546| [108939] Apple macOS up to 10.13.1 apache unknown vulnerability
11547| [108938] Apple macOS up to 10.13.1 apache denial of service
11548| [108937] Apple macOS up to 10.13.1 apache unknown vulnerability
11549| [108936] Apple macOS up to 10.13.1 apache unknown vulnerability
11550| [108935] Apple macOS up to 10.13.1 apache denial of service
11551| [108934] Apple macOS up to 10.13.1 apache unknown vulnerability
11552| [108933] Apple macOS up to 10.13.1 apache unknown vulnerability
11553| [108932] Apple macOS up to 10.13.1 apache unknown vulnerability
11554| [108931] Apple macOS up to 10.13.1 apache denial of service
11555| [108930] Apple macOS up to 10.13.1 apache unknown vulnerability
11556| [108929] Apple macOS up to 10.13.1 apache denial of service
11557| [108928] Apple macOS up to 10.13.1 apache unknown vulnerability
11558| [108797] Apache Struts up to 2.3.19 TextParseUtiltranslateVariables OGNL Expression privilege escalation
11559| [108795] Apache Traffic Server up to 5.3.0 HTTP2 set_dynamic_table_size memory corruption
11560| [108794] Apache WSS4J up to 1.6.16/2.0.1 Incomplete Fix Leak information disclosure
11561| [108793] Apache Qpid up to 0.30 qpidd Crash denial of service
11562| [108792] Apache Traffic Server up to 5.1.0 Access Restriction privilege escalation
11563| [108791] Apache Wicket up to 1.5.11/6.16.x/7.0.0-M2 Session information disclosure
11564| [108790] Apache Storm 0.9.0.1 Log Viewer directory traversal
11565| [108789] Apache Cordova In-App-Browser Standalone Plugin up to 0.3.1 on iOS CDVInAppBrowser privilege escalation
11566| [108788] Apache Cordova File-Transfer Standalone Plugin up to 0.4.1 on iOS ios/CDVFileTransfer.m spoofing
11567| [108787] Apache HttpClient up to 4.3.0 HttpClientBuilder.java unknown vulnerability
11568| [108786] Apache Wicket up to 1.4.21/1.5.9/6.3.x script Tag cross site scripting
11569| [108783] Apache Hadoop up to 0.23.3/1.0.3/2.0.1 Kerberos Security Feature Key weak encryption
11570| [108782] Apache Xerces2 XML Service denial of service
11571| [108781] Apache jUDDI up to 1.x happyjuddi.jsp Parameter cross site scripting
11572| [108780] Apache jUDDI up to 1.x Log File uddiget.jsp spoofing
11573| [108709] Apache Cordova Android up to 3.7.1/4.0.1 intent URL privilege escalation
11574| [108708] Apache ActiveMQ up to 5.10.0 XML Data XML External Entity
11575| [108707] Apache ActiveMQ up to 1.7.0 XML Data XML External Entity
11576| [108629] Apache OFBiz up to 10.04.01 privilege escalation
11577| [108543] Apache Derby 10.1.2.1/10.2.2.0/10.3.1.4/10.4.1.3 Export File privilege escalation
11578| [108312] Apache HTTP Server on RHEL IP Address Filter privilege escalation
11579| [108297] Apache NiFi up to 0.7.1/1.1.1 Proxy Chain Username Deserialization privilege escalation
11580| [108296] Apache NiFi up to 0.7.1/1.1.1 Cluster Request privilege escalation
11581| [108250] Oracle Secure Global Desktop 5.3 Apache HTTP Server memory corruption
11582| [108245] Oracle Transportation Management up to 6.3.7 Apache Tomcat unknown vulnerability
11583| [108244] Oracle Transportation Management 6.4.1/6.4.2 Apache Commons FileUpload denial of service
11584| [108243] Oracle Agile Engineering Data Management 6.1.3/6.2.0 Apache Commons Collections memory corruption
11585| [108222] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Batik denial of service
11586| [108219] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat unknown vulnerability
11587| [108217] Oracle Retail Store Inventory Management 13.2.9/14.0.4/14.1.3/15.0.1/16.0.1 Apache Groovy unknown vulnerability
11588| [108216] Oracle Retail Convenience and Fuel POS Software 2.1.132 Apache Groovy unknown vulnerability
11589| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
11590| [108113] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Batik denial of service
11591| [108107] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat unknown vulnerability
11592| [108102] Oracle Healthcare Master Person Index 4.x Apache Groovy unknown vulnerability
11593| [108085] Oracle Identity Manager 11.1.2.3.0 Apache Struts 1 memory corruption
11594| [108083] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
11595| [108080] Oracle GlassFish Server 3.1.2 Apache Commons FileUpload denial of service
11596| [108066] Oracle Management Pack for GoldenGate 11.2.1.0.12 Apache Tomcat memory corruption
11597| [108062] Oracle BI Publisher 11.1.1.7.0/12.2.1.1.0/12.2.1.2.0 Apache ActiveMQ memory corruption
11598| [108060] Oracle Enterprise Manager Ops Center 12.2.2/12.3.2 Apache Groovy unknown vulnerability
11599| [108033] Oracle Primavera Unifier 9.13/9.14/10.x/15.x/16.x, Apache Groovy unknown vulnerability
11600| [108013] Oracle Communications WebRTC Session Controller 7.0/7.1/7.2 Apache Groovy unknown vulnerability
11601| [108011] Oracle Communications Services Gatekeeper 5.1/6.0 Apache Trinidad unknown vulnerability
11602| [107904] Apache Struts up to 2.3.28 Double OGNL Evaluation privilege escalation
11603| [107860] Apache Solr up to 7.0 Apache Lucene RunExecutableListener XML External Entity
11604| [107834] Apache Ranger up to 0.6.1 Change Password privilege escalation
11605| [107639] Apache NiFi 1.4.0 XML External Entity
11606| [107606] Apache ZooKeper up to 3.4.9/3.5.2 Command CPU Exhaustion denial of service
11607| [107597] Apache Roller up to 5.0.2 XML-RPC Protocol Support XML External Entity
11608| [107429] Apache Impala up to 2.9.x Kudu Table privilege escalation
11609| [107411] Apache Tomcat up to 7.0.81/8.0.46/8.5.22/9.0.0 JSP File File Upload privilege escalation
11610| [107385] Apache Geode up to 1.2.0 Secure Mode privilege escalation
11611| [107339] Apache OpenNLP up to 1.5.3/1.6.0/1.7.2/1.8.1 XML Data XML External Entity
11612| [107333] Apache Wicket up to 8.0.0-M1 CSRF Prevention HTTP Header privilege escalation
11613| [107323] Apache Wicket 1.5.10/6.13.0 Class Request information disclosure
11614| [107310] Apache Geode up to 1.2.0 Command Line Utility Query privilege escalation
11615| [107276] ArcSight ESM/ArcSight ESM Express up to 6.9.1c Patch 3/6.11.0 Apache Tomcat Version information disclosure
11616| [107266] Apache Tika up to 1.12 XML Parser XML External Entity
11617| [107262] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
11618| [107258] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
11619| [107197] Apache Xerces Jelly Parser XML File XML External Entity
11620| [107193] ZTE NR8950 Apache Commons Collections RMI Request Deserialization privilege escalation
11621| [107084] Apache Struts up to 2.3.19 cross site scripting
11622| [106877] Apache Struts up to 2.0.33/2.5.10 Freemarker Tag privilege escalation
11623| [106875] Apache Struts up to 2.5.5 URL Validator denial of service
11624| [106874] Apache Struts up to 2.3.30 Convention Plugin directory traversal
11625| [106847] Apache Tomcat up to 7.0.80 VirtualDirContext Source information disclosure
11626| [106846] Apache Tomcat up to 7.0.79 on Windows HTTP PUT Method Parameter File Upload privilege escalation
11627| [106777] Apache HTTP Server up to 2.2.34/2.4.27 Limit Directive ap_limit_section HTTP Request information disclosure
11628| [106739] puppetlabs-apache up to 1.11.0/2.0.x weak authentication
11629| [106720] Apache Wicket up to 1.5.12/6.18.x/7.0.0-M4 CryptoMapper privilege escalation
11630| [106586] Apache Brooklyn up to 0.9.x REST Server cross site scripting
11631| [106562] Apache Spark up to 2.1.1 Launcher API Deserialization privilege escalation
11632| [106559] Apache Brooklyn up to 0.9.x SnakeYAML YAML Data Java privilege escalation
11633| [106558] Apache Brooklyn up to 0.9.x REST Server cross site request forgery
11634| [106556] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
11635| [106555] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
11636| [106171] Apache Directory LDAP API up to 1.0.0-M30 Timing unknown vulnerability
11637| [106167] Apache Struts up to 2.5.12 REST Plugin XML Data privilege escalation
11638| [106166] Apache Struts up to 2.3.33/2.5.12 REST Plugin denial of service
11639| [106165] Apache Struts up to 2.3.33/2.5.12 URLValidator Regex CPU Exhaustion denial of service
11640| [106115] Apache Hadoop up to 2.6.4/2.7.2 YARN NodeManager Password information disclosure
11641| [106012] Apache Solr up to 5.5.3/6.4.0 Replication directory traversal
11642| [105980] Apache Engine 16.11.01 Parameter Reflected unknown vulnerability
11643| [105962] Apache Atlas 0.6.0/0.7.0 Frame cross site scripting
11644| [105961] Apache Atlas 0.6.0/0.7.0 Stack Trace information disclosure
11645| [105960] Apache Atlas 0.6.0/0.7.0 Search Reflected cross site scripting
11646| [105959] Apache Atlas 0.6.0/0.7.0 edit Tag DOM cross site scripting
11647| [105958] Apache Atlas 0.6.0/0.7.0 edit Tag Stored cross site scripting
11648| [105957] Apache Atlas 0.6.0/0.7.0 Cookie privilege escalation
11649| [105905] Apache Atlas 0.6.0/0.7.0/0.7.1 /js privilege escalation
11650| [105878] Apache Struts up to 2.3.24.0 privilege escalation
11651| [105682] Apache2Triad 1.5.4 phpsftpd/users.php Parameter cross site scripting
11652| [105681] Apache2Triad 1.5.4 phpsftpd/users.php Request cross site request forgery
11653| [105680] Apache2Triad 1.5.4 Parameter Session Fixation weak authentication
11654| [105643] Apache Pony Mail up to 0.8b weak authentication
11655| [105288] Apache Sling up to 2.3.21 Sling.evalString() String cross site scripting
11656| [105219] Apache Tomcat up to 8.5.15/9.0.0.M21 HTTP2 Bypass directory traversal
11657| [105218] Apache Tomcat up to 7.0.78/8.0.44/8.5.15/9.0.0.M21 CORS Filter Cache Poisoning privilege escalation
11658| [105215] Apache CXF up to 3.0.12/3.1.9 OAuth2 Hawk/JOSE MAC Validation Timing unknown vulnerability
11659| [105206] Apache CXF up to 3.0.11/3.1.8 JAX-RS Module XML External Entity
11660| [105205] Apache CXF up to 3.0.11/3.1.8 HTTP Transport Module Parameter cross site scripting
11661| [105202] Apache Storm 1.0.0/1.0.1/1.0.2/1.0.3/1.1.0 Worker privilege escalation
11662| [104987] Apache Xerces-C++ XML Service CPU Exhaustion denial of service
11663| [104986] Apache CXF 2.4.5/2.5.1 WS-SP UsernameToken Policy SOAP Request weak authentication
11664| [104985] Apache MyFaces Core up to 2.1.4 EL Expression Parameter Injection information disclosure
11665| [104983] Apache Wink up to 1.1.1 XML Document xxe privilege escalation
11666| [104981] Apache Commons Email 1.0/1.1/1.2/1.3/1.4 Subject Linebreak SMTP privilege escalation
11667| [104591] MEDHOST Document Management System Apache Solr Default Credentials weak authentication
11668| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
11669| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
11670| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
11671| [103995] Oracle 8.3/8.4/15.1/15.2 Apache Trinidad unknown vulnerability
11672| [103993] Oracle Policy Automation up to 12.2.3 Apache Commons FileUplaod denial of service
11673| [103916] Oracle Banking Platform 2.3/2.4/2.4.1/2.5 Apache Commons FileUpload denial of service
11674| [103906] Oracle Communications BRM 11.2.0.0.0 Apache Commons Collections privilege escalation
11675| [103904] Oracle Communications BRM 11.2.0.0.0/11.3.0.0.0 Apache Groovy memory corruption
11676| [103866] Oracle Transportation Management 6.1/6.2 Apache Webserver unknown vulnerability
11677| [103816] Oracle BI Publisher 11.1.1.9.0/12.2.1.1.0/12.2.1.2.0 Apache Commons Fileupload denial of service
11678| [103797] Oracle Tuxedo System and Applications Monitor Apache Commons Collections privilege escalation
11679| [103792] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Commons Fileupload privilege escalation
11680| [103791] Oracle Endeca Server 7.6.0.0/7.6.1.0 Apache Commons Collections privilege escalation
11681| [103788] Oracle Enterprise Repository 11.1.1.7.0/12.1.3.0.0 Apache ActiveMQ memory corruption
11682| [103787] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Groovy memory corruption
11683| [103763] Apache Sling up to 1.0.11 XSS Protection API XSS.getValidXML() Application XML External Entity
11684| [103762] Apache Sling up to 1.0.12 XSS Protection API XSSAPI.encodeForJSString() Script Tag cross site scripting
11685| [103693] Apache OpenMeetings 1.0.0 HTTP Method privilege escalation
11686| [103692] Apache OpenMeetings 1.0.0 Tomcat Error information disclosure
11687| [103691] Apache OpenMeetings 3.2.0 Parameter privilege escalation
11688| [103690] Apache OpenMeetings 1.0.0 sql injection
11689| [103689] Apache OpenMeetings 1.0.0 crossdomain.xml privilege escalation
11690| [103688] Apache OpenMeetings 1.0.0 weak encryption
11691| [103687] Apache OpenMeetings 1.0.0 cross site request forgery
11692| [103556] Apache Roller 5.1.0/5.1.1 Weblog Page Template VTL privilege escalation
11693| [103554] Apache OpenMeetings 1.0.0 Password Update unknown vulnerability
11694| [103553] Apache OpenMeetings 1.0.0 File Upload privilege escalation
11695| [103552] Apache OpenMeetings 3.2.0 Chat cross site scripting
11696| [103551] Apache OpenMeetings 3.1.0 XML unknown vulnerability
11697| [103521] Apache HTTP Server 2.4.26 HTTP2 Free memory corruption
11698| [103520] Apache HTTP Server up to 2.2.33/2.4.26 mod_auth_digest Authorization Header memory corruption
11699| [103519] Apache Struts up to 2.5.11/2.3.32 Spring AOP denial of service
11700| [103518] Apache Struts up to 2.5.11 URLValidator directory traversal
11701| [103492] Apache Spark up to 2.1.x Web UI Reflected cross site scripting
11702| [103401] Apache Struts 2.3.x Struts 1 Plugin ActionMessage privilege escalation
11703| [103399] Apache Traffic Control Traffic Router TCP Connection Slowloris denial of service
11704| [103387] Apache Impala up to 2.8.0 StatestoreSubscriber weak encryption
11705| [103386] Apache Impala up to 2.7.x/2.8.0 Kerberos weak authentication
11706| [103352] Apache Solr Node weak authentication
11707| [102897] Apache Ignite up to 2.0 Update Notifier information disclosure
11708| [102878] Code42 CrashPlan 5.4.x RMI Server org.apache.commons.ssl.rmi.DateRMI privilege escalation
11709| [102698] Apache HTTP Server up to 2.2.32/2.4.25 mod_mime Content-Type memory corruption
11710| [102697] Apache HTTP Server 2.2.24/2.2.32 HTTP Strict Parsing ap_find_token Request Header memory corruption
11711| [102690] Apache HTTP Server up to 2.2.32/2.4.25 mod_ssl ap_hook_process_connection() denial of service
11712| [102689] Apache HTTP Server up to 2.2.32/2.4.25 ap_get_basic_auth_pw weak authentication
11713| [102622] Apache Thrift up to 0.9.2 Client Libraries skip denial of service
11714| [102538] Apache Ranger up to 0.7.0 Authorizer unknown vulnerability
11715| [102537] Apache Ranger up to 0.7.0 Wildcard Character unknown vulnerability
11716| [102536] Apache Ranger up to 0.6 Stored cross site scripting
11717| [102535] Apache Ranger up to 0.6.2 Policy Engine unknown vulnerability
11718| [102255] Apache NiFi up to 0.7.3/1.2.x Response Header privilege escalation
11719| [102254] Apache NiFi up to 0.7.3/1.2.x UI cross site scripting
11720| [102070] Apache CXF Fediz up to 1.1.2/1.2.0 Application Plugin denial of service
11721| [102020] Apache Tomcat up to 9.0.0.M1 Java Servlet HTTP Method unknown vulnerability
11722| [101858] Apache Hive up to 1.2.1/2.0.0 Client weak authentication
11723| [101802] Apache KNOX up to 0.11.0 WebHDFS privilege escalation
11724| [101928] HPE Aruba ClearPass Apache Tomcat information disclosure
11725| [101524] Apache Archiva up to 1.x/2.2.1 REST Endpoint cross site request forgery
11726| [101513] Apache jUDDI 3.1./3.1.2/3.1.3/3.1.4 Logout Open Redirect
11727| [101430] Apache CXF Fediz up to 1.3.1 OIDC Service cross site request forgery
11728| [101429] Apache CXF Fediz up to 1.2.3/1.3.1 Plugins cross site request forgery
11729| [100619] Apache Hadoop up to 2.6.x HDFS Servlet unknown vulnerability
11730| [100618] Apache Hadoop up to 2.7.0 HDFS Web UI cross site scripting
11731| [100621] Adobe ColdFusion 10/11/2016 Apache BlazeDS Library Deserialization privilege escalation
11732| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
11733| [100191] Oracle Secure Global Desktop 4.71/5.2/5.3 Web Server (Apache HTTP Server) information disclosure
11734| [100162] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Commons Collections privilege escalation
11735| [100160] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Trinidad unknown vulnerability
11736| [99969] Oracle WebCenter Sites 11.1.1.8.0 Apache Tomcat memory corruption
11737| [99937] Apache Batik up to 1.8 privilege escalation
11738| [99936] Apache FOP up to 2.1 privilege escalation
11739| [99935] Apache CXF up to 3.0.12/3.1.10 STSClient Cache information disclosure
11740| [99934] Apache CXF up to 3.0.12/3.1.10 JAX-RS XML Security Streaming Client spoofing
11741| [99930] Apache Traffic Server up to 6.2.0 denial of service
11742| [99929] Apache Log4j up to 2.8.1 Socket Server Deserialization privilege escalation
11743| [99925] Apache Traffic Server 6.0.0/6.1.0/6.2.0 HPACK Bomb denial of service
11744| [99738] Ping Identity OpenID Connect Authentication Module up to 2.13 on Apache Mod_auth_openidc.c spoofing
11745| [117569] Apache Hadoop up to 2.7.3 privilege escalation
11746| [99591] Apache TomEE up to 1.7.3/7.0.0-M2 EjbObjectInputStream Serialized Object privilege escalation
11747| [99370] Apache Ignite up to 1.8 update-notifier Document XML External Entity
11748| [99299] Apache Geode up to 1.1.0 Pulse OQL Query privilege escalation
11749| [99572] Apache Tomcat up to 7.0.75/8.0.41/8.5.11/9.0.0.M17 Application Listener privilege escalation
11750| [99570] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP Connector Cache information disclosure
11751| [99569] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP/2 GOAWAY Frame Resource Exhaustion denial of service
11752| [99568] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 Pipelined Request information disclosure
11753| [99048] Apache Ambari up to 2.3.x REST API Shell Metacharacter privilege escalation
11754| [99014] Apache Camel Jackson/JacksonXML privilege escalation
11755| [98610] Apple macOS up to 10.12.3 apache_mod_php memory corruption
11756| [98609] Apple macOS up to 10.12.3 apache_mod_php denial of service
11757| [98608] Apple macOS up to 10.12.3 apache_mod_php memory corruption
11758| [98607] Apple macOS up to 10.12.3 apache_mod_php denial of service
11759| [98606] Apple macOS up to 10.12.3 apache_mod_php denial of service
11760| [98605] Apple macOS up to 10.12.3 Apache denial of service
11761| [98604] Apple macOS up to 10.12.3 Apache denial of service
11762| [98603] Apple macOS up to 10.12.3 Apache denial of service
11763| [98602] Apple macOS up to 10.12.3 Apache denial of service
11764| [98601] Apple macOS up to 10.12.3 Apache denial of service
11765| [98517] Apache POI up to 3.14 OOXML File XXE denial of service
11766| [98405] Apache Hadoop up to 0.23.10 privilege escalation
11767| [98199] Apache Camel Validation XML External Entity
11768| [97892] Apache Tomcat up to 9.0.0.M15 Reverse-Proxy Http11InputBuffer.java information disclosure
11769| [97617] Apache Camel camel-snakeyaml Deserialization privilege escalation
11770| [97602] Apache Camel camel-jackson/camel-jacksonxml CamelJacksonUnmarshalType privilege escalation
11771| [97732] Apache Struts up to 2.3.31/2.5.10 Jakarta Multipart Parser Content-Type privilege escalation
11772| [97466] mod_auth_openidc up to 2.1.5 on Apache weak authentication
11773| [97455] mod_auth_openidc up to 2.1.4 on Apache weak authentication
11774| [97081] Apache Tomcat HTTPS Request denial of service
11775| [97162] EMC OpenText Documentum D2 BeanShell/Apache Commons privilege escalation
11776| [96949] Hanwha Techwin Smart Security Manager up to 1.5 Redis/Apache Felix Gogo privilege escalation
11777| [96314] Apache Cordova up to 6.1.1 on Android weak authentication
11778| [95945] Apple macOS up to 10.12.2 apache_mod_php denial of service
11779| [95944] Apple macOS up to 10.12.2 apache_mod_php denial of service
11780| [95943] Apple macOS up to 10.12.2 apache_mod_php memory corruption
11781| [95666] Oracle FLEXCUBE Direct Banking 12.0.0/12.0.1/12.0.2/12.0.3 Apache Commons Collections privilege escalation
11782| [95455] Apache NiFi up to 1.0.0/1.1.0 Connection Details Dialogue cross site scripting
11783| [95311] Apache Storm UI Daemon privilege escalation
11784| [95291] ZoneMinder 1.30.0 Apache httpd privilege escalation
11785| [94800] Apache Wicket up to 1.5.16/6.24.x Deserialize DiskFileItem denial of service
11786| [94705] Apache Qpid Broker for Java up to 6.1.0 SCRAM-SHA-1/SCRAM-SHA-256 User information disclosure
11787| [94627] Apache HTTP Server up to 2.4.24 mod_auth_digest Crash denial of service
11788| [94626] Apache HTTP Server up to 2.4.24 mod_session_crypto Padding weak encryption
11789| [94625] Apache HTTP Server up to 2.4.24 Response Split privilege escalation
11790| [94540] Apache Tika 1.9 tika-server File information disclosure
11791| [94600] Apache ActiveMQ up to 5.14.1 Administration Console cross site scripting
11792| [94348] Apple macOS up to 10.12.1 apache_mod_php denial of service
11793| [94347] Apple macOS up to 10.12.1 apache_mod_php denial of service
11794| [94346] Apple macOS up to 10.12.1 apache_mod_php denial of service
11795| [94345] Apple macOS up to 10.12.1 apache_mod_php denial of service
11796| [94344] Apple macOS up to 10.12.1 apache_mod_php denial of service
11797| [94343] Apple macOS up to 10.12.1 apache_mod_php memory corruption
11798| [94342] Apple macOS up to 10.12.1 apache_mod_php memory corruption
11799| [94128] Apache Tomcat up to 9.0.0.M13 Error information disclosure
11800| [93958] Apache HTTP Server up to 2.4.23 mod_http2 h2_stream.c denial of service
11801| [93874] Apache Subversion up to 1.8.16/1.9.4 mod_dontdothat XXE denial of service
11802| [93855] Apache Hadoop up to 2.6.4/2.7.2 HDFS Service privilege escalation
11803| [93609] Apache OpenMeetings 3.1.0 RMI Registry privilege escalation
11804| [93555] Apache Tika 1.6-1.13 jmatio MATLAB File privilege escalation
11805| [93799] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
11806| [93798] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
11807| [93797] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 HTTP Split privilege escalation
11808| [93796] Apache Tomcat up to 8.5.6/9.0.0.M11 HTTP/2 Header Parser denial of service
11809| [93532] Apache Commons Collections Library Java privilege escalation
11810| [93210] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 ResourceLinkFactory privilege escalation
11811| [93209] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Realm Authentication User information disclosure
11812| [93208] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 System Property Replacement information disclosure
11813| [93207] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Utility Method privilege escalation
11814| [93206] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Configuration privilege escalation
11815| [93098] Apache Commons FileUpload privilege escalation
11816| [92987] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Commons Collection memory corruption
11817| [92986] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Tomcat memory corruption
11818| [92982] Oracle Insurance IStream 4.3.2 Apache Commons Collections memory corruption
11819| [92981] Oracle Financial Services Lending and Leasing 14.1.0/14.2.0 Apache Commons Collections memory corruption
11820| [92979] Oracle up to 8.0.3 Apache Commons Collections memory corruption
11821| [92977] Oracle FLEXCUBE Universal Banking up to 12.2.0 Apache Commons Collections memory corruption
11822| [92976] Oracle FLEXCUBE Universal Banking 12.87.1/12.87.2 Apache Commons Collections memory corruption
11823| [92975] Oracle FLEXCUBE Private Banking up to 12.1.0 Apache Commons Collections memory corruption
11824| [92974] Oracle FLEXCUBE Investor Servicing 12.0.1 Apache Commons Collections memory corruption
11825| [92973] Oracle 12.0.0/12.1.0 Apache Commons Collections memory corruption
11826| [92972] Oracle FLEXCUBE Core Banking 11.5.0.0.0/11.6.0.0.0 Apache Commons Collections memory corruption
11827| [92962] Oracle Agile PLM 9.3.4/9.3.5 Apache Commons Collections memory corruption
11828| [92909] Oracle Agile PLM 9.3.4/9.3.5 Apache Tomcat unknown vulnerability
11829| [92786] Oracle Banking Digital Experience 15.1 Apache Commons Collections information disclosure
11830| [92549] Apache Tomcat on Red Hat privilege escalation
11831| [92509] Apache Tomcat JK ISAPI Connector up to 1.2.41 jk_uri_worker_map.c memory corruption
11832| [92314] Apache MyFaces Trinidad up to 1.0.13/1.2.15/2.0.1/2.1.1 CoreResponseStateManager memory corruption
11833| [92313] Apache Struts2 up to 2.3.28/2.5.0 Action Name Cleanup cross site request forgery
11834| [92299] Apache Derby up to 10.12.1.0 SqlXmlUtil XML External Entity
11835| [92217] Apache ActiveMQ Artemis up to 1.3.x Broker/REST GetObject privilege escalation
11836| [92174] Apache Ranger up to 0.6.0 Policy cross site scripting
11837| [91831] Apache Jackrabbit up to 2.13.2 HTTP Header cross site request forgery
11838| [91825] Apache Zookeeper up to 3.4.8/3.5.2 C CLI Shell memory corruption
11839| [91818] Apache CXF Fediz up to 1.2.2/1.3.0 Application Plugin privilege escalation
11840| [92056] Apple macOS up to 10.11 apache_mod_php memory corruption
11841| [92055] Apple macOS up to 10.11 apache_mod_php memory corruption
11842| [92054] Apple macOS up to 10.11 apache_mod_php denial of service
11843| [92053] Apple macOS up to 10.11 apache_mod_php denial of service
11844| [92052] Apple macOS up to 10.11 apache_mod_php denial of service
11845| [92051] Apple macOS up to 10.11 apache_mod_php memory corruption
11846| [92050] Apple macOS up to 10.11 apache_mod_php denial of service
11847| [92049] Apple macOS up to 10.11 apache_mod_php memory corruption
11848| [92048] Apple macOS up to 10.11 apache_mod_php denial of service
11849| [92047] Apple macOS up to 10.11 apache_mod_php memory corruption
11850| [92046] Apple macOS up to 10.11 apache_mod_php memory corruption
11851| [92045] Apple macOS up to 10.11 apache_mod_php memory corruption
11852| [92044] Apple macOS up to 10.11 apache_mod_php memory corruption
11853| [92043] Apple macOS up to 10.11 apache_mod_php denial of service
11854| [92042] Apple macOS up to 10.11 apache_mod_php memory corruption
11855| [92041] Apple macOS up to 10.11 apache_mod_php memory corruption
11856| [92040] Apple macOS up to 10.11 Apache Proxy privilege escalation
11857| [91785] Apache Shiro up to 1.3.1 Servlet Filter privilege escalation
11858| [90879] Apache OpenMeetings up to 3.1.1 SWF Panel cross site scripting
11859| [90878] Apache Sentry up to 1.6.x Blacklist Filter reflect/reflect2/java_method privilege escalation
11860| [90610] Apache POI up to 3.13 XLSX2CSV Example OpenXML Document XML External Entity
11861| [90584] Apache ActiveMQ up to 5.11.3/5.12.2/5.13/1 Administration Web Console privilege escalation
11862| [90385] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site scripting
11863| [90384] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site request forgery
11864| [90383] Apache OpenOffice up to 4.1.2 Impress File memory corruption
11865| [89670] Apache Tomcat up to 8.5.4 CGI Servlet Environment Variable Open Redirect
11866| [89669] Apache HTTP Server up to 2.4.23 RFC 3875 Namespace Conflict Environment Variable Open Redirect
11867| [89726] Apple Mac OS X up to 10.11.5 apache_mod_php memory corruption
11868| [89484] Apache Qpid up to 0.13.0 on Windows Proton Library Certificate weak authentication
11869| [89473] HPE iMC PLAT/EAD/APM/iMC NTA/iMC BIMS/iMC UAM_TAM up to 7.2 Apache Commons Collections Library Command privilege escalation
11870| [90263] Apache Archiva Header denial of service
11871| [90262] Apache Archiva Deserialize privilege escalation
11872| [90261] Apache Archiva XML DTD Connection privilege escalation
11873| [88827] Apache Xerces-C++ up to 3.1.3 DTD Stack-Based memory corruption
11874| [88747] Apache HTTP Server 2.4.17/2.4.18 mod_http2 denial of service
11875| [88608] Apache Struts up to 2.3.28.1/2.5.0 URLValidator Null Value denial of service
11876| [88607] Apache Struts up to 2.3.28.1 REST Plugin Expression privilege escalation
11877| [88606] Apache Struts up to 2.3.28.1 Restriction privilege escalation
11878| [88605] Apache Struts up to 2.3.28.1 Restriction privilege escalation
11879| [88604] Apache Struts up to 2.3.28.1 Token Validator cross site request forgery
11880| [88603] Apache Commons FileUpload up to 1.3.1 MultipartStream denial of service
11881| [88602] Apache Struts up to 1.3.10 ActionServlet.java cross site scripting
11882| [88601] Apache Struts up to 1.3.10 Multithreading ActionServlet.java memory corruption
11883| [88600] Apache Struts up to 1.3.10 MultiPageValidator privilege escalation
11884| [89005] Apache Qpid AMQP JMS Client getObject privilege escalation
11885| [87888] Apache Ranger up to 0.5.2 Policy Admin Tool eventTime sql injection
11886| [87835] Apache CloudStack up to 4.5.2.0/4.6.2.0/4.7.1.0/4.8.0.0 SAML-based Authentication privilege escalation
11887| [87806] HPE Discovery and Dependency Mapping Inventory up to 9.32 update 3 Apache Commons Collections Library privilege escalation
11888| [87805] HPE Universal CMDB up to 10.21 Apache Commons Collections Library privilege escalation
11889| [87768] Apache Shiro up to 1.2.4 Cipher Key privilege escalation
11890| [87765] Apache James Server 2.3.2 Command privilege escalation
11891| [88667] Apache HTTP Server up to 2.4.20 mod_http2 Certificate weak authentication
11892| [87718] Apache Struts up to 2.3.24.1 OGNL Caching denial of service
11893| [87717] Apache Struts up to 2.3.28 REST Plugin privilege escalation
11894| [87706] Apache Qpid Java up to 6.0.2 AMQP privilege escalation
11895| [87703] Apache Qbid Java up to 6.0.2 PlainSaslServer.java denial of service
11896| [87702] Apache ActiveMQ up to 5.13.x Fileserver Web Application Upload privilege escalation
11897| [87700] Apache PDFbox up to 1.8.11/2.0.0 XML Parser PDF Document XML External Entity
11898| [87679] HP Release Control 9.13/9.20/9.21 Apache Commons Collections Library Java Object privilege escalation
11899| [87540] Apache Ambari up to 2.2.0 File Browser View information disclosure
11900| [87433] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
11901| [87432] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
11902| [87431] Apple Mac OS X up to 10.11.4 apache_mod_php Format String
11903| [87430] Apple Mac OS X up to 10.11.4 apache_mod_php denial of service
11904| [87429] Apple Mac OS X up to 10.11.4 apache_mod_php information disclosure
11905| [87428] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
11906| [87427] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
11907| [87389] Apache Xerces C++ up to 3.1.3 XML Document DTDScanner.cpp memory corruption
11908| [87172] Adobe ColdFusion 11 Update 7/2016/up to 10 Update 18 Apache Commons Collections Library privilege escalation
11909| [87121] Apache Cordova iOS up to 3.x Plugin privilege escalation
11910| [87120] Apache Cordova iOS up to 3.x URL Whitelist privilege escalation
11911| [83806] HPE Network Node Manager i up to 10.01 Apache Commons Collections Library privilege escalation
11912| [83077] Apache Subversion up to 1.8.15/1.9.3 mod_authz_svn mod_authz_svn.c denial of service
11913| [83076] Apache Subversion up to 1.8.15/1.9.3 svnserve svnserve/cyrus_auth.c privilege escalation
11914| [82790] Apache Struts 2.0.0/2.3.24/2.3.28 Dynamic Method privilege escalation
11915| [82789] Apache Struts 2.0.0/2.3.24/2.3.28 XSLTResult privilege escalation
11916| [82725] HPE P9000 Command View up to 7.x/8.4.0 Apache Commons Collections Library privilege escalation
11917| [82444] Apache Camel up to 2.14.x/2.15.4/2.16.0 HTTP Request privilege escalation
11918| [82389] Apache Subversion up to 1.7.x/1.8.14/1.9.2 mod_dav_svn util.c memory corruption
11919| [82280] Apache Struts up to 1.7 JRE URLDecoder cross site scripting
11920| [82260] Apache OFBiz up to 12.04.05/13.07.02 Java Object privilege escalation
11921| [82259] Apache Qpid Proton up to 0.12.0 proton.reactor.Connector weak encryption
11922| [82250] Apache Ranger up to 0.5.0 Admin UI weak authentication
11923| [82214] Apache Wicket up to 1.5.14/6.21.x/7.1.x Input Element cross site scripting
11924| [82213] Apache Wicket up to 1.5.14/6.21.x/7.1.x ModalWindow Title getWindowOpenJavaScript cross site scripting
11925| [82212] Apache Ranger up to 0.5.0 Policy Admin Tool privilege escalation
11926| [82211] Apache OFBiz up to 12.04.06/13.07.02 ModelFormField.java DisplayEntityField.getDescription cross site scripting
11927| [82082] Apache JetSpeed up to 2.3.0 User Manager Service privilege escalation
11928| [82081] Apache OpenMeetings up to 3.1.0 SOAP API information disclosure
11929| [82080] Apache OpenMeetings up to 3.1.0 Event cross site scripting
11930| [82078] Apache OpenMeetings up to 3.1.0 Import/Export System Backup ZIP Archive directory traversal
11931| [82077] Apache OpenMeetings up to 3.1.0 Password Reset sendHashByUser privilege escalation
11932| [82076] Apache Ranger up to 0.5.1 privilege escalation
11933| [82075] Apache JetSpeed up to 2.3.0 Portal cross site scripting
11934| [82074] Apache JetSpeed up to 2.3.0 cross site scripting
11935| [82073] Apache JetSpeed up to 2.3.0 User Manager Service sql injection
11936| [82072] Apache JetSpeed up to 2.3.0 Portal Site Manager ZIP Archive directory traversal
11937| [82058] Apache LDAP Studio/Directory Studio up to 2.0.0-M9 CSV Export privilege escalation
11938| [82053] Apache Ranger up to 0.4.x Policy Admin Tool privilege escalation
11939| [82052] Apache Ranger up to 0.4.x Policy Admin Tool HTTP Request cross site scripting
11940| [81696] Apache ActiveMQ up to 5.13.1 HTTP Header privilege escalation
11941| [81695] Apache Xerces-C up to 3.1.2 internal/XMLReader.cpp memory corruption
11942| [81622] HPE Asset Manager 9.40/9.41/9.50 Apache Commons Collections Library Java Object privilege escalation
11943| [81406] HPE Service Manager up to 9.35 P3/9.41 P1 Apache Commons Collections Library Command privilege escalation
11944| [81405] HPE Operations Orchestration up to 10.50 Apache Commons Collections Library Command privilege escalation
11945| [81427] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
11946| [81426] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
11947| [81372] Apache Struts up to 2.3.24.1 I18NInterceptor cross site scripting
11948| [81371] Apache Struts up to 2.3.24.1 Double OGNL Evaluation privilege escalation
11949| [81370] Apache Struts up to 2.3.24.1 Java URLDecoder cross site scripting
11950| [81084] Apache Tomcat 6.0/7.0/8.0/9.0 ServletContext directory traversal
11951| [81083] Apache Tomcat 7.0/8.0/9.0 Index Page cross site request forgery
11952| [81082] Apache Tomcat 7.0/8.0/9.0 ResourceLinkFactory.setGlobalContext privilege escalation
11953| [81081] Apache Tomcat 6.0/7.0/8.0/9.0 Error information disclosure
11954| [81080] Apache Tomcat 6.0/7.0/8.0/9.0 Session Persistence privilege escalation
11955| [81079] Apache Tomcat 6.0/7.0/8.0/9.0 StatusManagerServlet information disclosure
11956| [81078] Apache Tomcat 7.0/8.0/9.0 Session privilege escalation
11957| [80970] Apache Solr up to 5.3.0 Admin UI plugins.js cross site scripting
11958| [80969] Apache Solr up to 5.2 Schema schema-browser.js cross site scripting
11959| [80968] Apache Solr up to 5.0 analysis.js cross site scripting
11960| [80940] HP Continuous Delivery Automation 1.30 Apache Commons Collections Library privilege escalation
11961| [80823] Apache CloudStack up to 4.5.1 KVM Virtual Machine Migration privilege escalation
11962| [80822] Apache CloudStack up to 4.5.1 API Call information disclosure
11963| [80778] Apache Camel up to 2.15.4/2.16.0 camel-xstream privilege escalation
11964| [80750] HPE Operations Manager 8.x/9.0 on Windows Apache Commons Collections Library privilege escalation
11965| [80724] Apache Hive up to 1.2.1 Authorization Framework privilege escalation
11966| [80577] Oracle Secure Global Desktop 4.63/4.71/5.2 Apache HTTP Server denial of service
11967| [80165] Intel McAfee ePolicy Orchestrator up to 4.6.9/5.0.3/5.3.1 Apache Commons Collections Library privilege escalation
11968| [80116] Apache Subversion up to 1.9.2 svn Protocol libsvn_ra_svn/marshal.c read_string memory corruption
11969| [80115] Apache ActiveMQ up to 5.12.x Broker Service privilege escalation
11970| [80036] IBM Cognos Business Intelligence Apache Commons Collections Library InvokerTransformer privilege escalation
11971| [79873] VMware vCenter Operations/vRealize Orchestrator Apache Commons Collections Library Serialized Java Object privilege escalation
11972| [79840] Apache Cordova File Transfer Plugin up to 1.2.x on Android unknown vulnerability
11973| [79839] Apache TomEE Serialized Java Stream EjbObjectInputStream privilege escalation
11974| [79791] Cisco Products Apache Commons Collections Library privilege escalation
11975| [79539] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
11976| [79538] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
11977| [79294] Apache Cordova-Android up to 3.6 BridgeSecret Random Generator weak encryption
11978| [79291] Apache Cordova-Android up to 4.0 Javascript Whitelist privilege escalation
11979| [79244] Apache CXF up to 2.7.17/3.0.7/3.1.2 SAML Web SSO Module SAML Response weak authentication
11980| [79243] Oracle WebLogic Server 10.3.6.0/12.1.2.0/12.1.3.0/12.2.1.0 WLS Security com.bea.core.apache.commons.collections.jar privilege escalation
11981| [78989] Apache Ambari up to 2.1.1 Open Redirect
11982| [78988] Apache Ambari up to 2.0.1/2.1.0 Password privilege escalation
11983| [78987] Apache Ambari up to 2.0.x cross site scripting
11984| [78986] Apache Ambari up to 2.0.x Proxy Endpoint api/v1/proxy privilege escalation
11985| [78780] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
11986| [78779] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
11987| [78778] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
11988| [78777] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
11989| [78776] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
11990| [78775] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
11991| [78774] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
11992| [78297] Apache Commons Components HttpClient up to 4.3.5 HTTPS Timeout denial of service
11993| [77406] Apache Flex BlazeDS AMF Message XML External Entity
11994| [77429] Apache ActiveMQ up to 5.10.0 LDAPLoginModule privilege escalation
11995| [77399] Apache ActiveMQ up to 5.10.0 LDAPLoginModule weak authentication
11996| [77375] Apache Tapestry up to 5.3.5 Client-Side Object Storage privilege escalation
11997| [77331] Apache ActiveMQ up to 5.11.1 on Windows Fileserver Upload/Download directory traversal
11998| [77299] Apache Solr Real-Time Module up to 7.x-1.1 Index Content information disclosure
11999| [77247] Apache ActiveMQ up to 5.10 TransportConnection.java processControlCommand denial of service
12000| [77083] Apache Groovy up to 2.4.3 MethodClosure.java MethodClosure memory corruption
12001| [76953] Apache Subversion 1.7.0/1.8.0/1.8.10 svn_repos_trace_node_locations information disclosure
12002| [76952] Apache Subversion 1.7.0/1.8.0/1.8.10 mod_authz_svn anonymous/authenticated information disclosure
12003| [76567] Apache Struts 2.3.20 unknown vulnerability
12004| [76733] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 ap_some_auth_required unknown vulnerability
12005| [76732] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 Request apr_brigade_flatten privilege escalation
12006| [76731] Apache HTTP Server 2.4.12 ErrorDocument 400 Crash denial of service
12007| [75690] Apache Camel up to 2.13.3/2.14.1 XPathBuilder.java XML External Entity
12008| [75689] Apache Camel up to 2.13.3/2.14.1 XML Converter Setup XmlConverter.java SAXSource privilege escalation
12009| [75668] Apache Sling API/Sling Servlets Post up to 2.2.1 HtmlResponse cross site scripting
12010| [75601] Apache Jackrabbit up to 2.10.0 WebDAV Request XML External Entity
12011| [75420] Apache Tomcat up to 6.0.43/7.0.58/8.0.16 Security Manager privilege escalation
12012| [75145] Apache OpenOffice up to 4.1.1 HWP Filter Crash denial of service
12013| [75032] Apache Tomcat Connectors up to 1.2.40 mod_jk privilege escalation
12014| [75135] PHP 5.4/5.5 HTTP Request sapi_apache2.c apache2handler privilege escalation
12015| [74793] Apache Tomcat File Upload denial of service
12016| [74708] Apple MacOS X up to 10.10.2 Apache denial of service
12017| [74707] Apple MacOS X up to 10.10.2 Apache denial of service
12018| [74706] Apple MacOS X up to 10.10.2 Apache memory corruption
12019| [74705] Apple MacOS X up to 10.10.2 Apache denial of service
12020| [74704] Apple MacOS X up to 10.10.2 Apache denial of service
12021| [74703] Apple MacOS X up to 10.10.2 Apache denial of service
12022| [74702] Apple MacOS X up to 10.10.2 Apache denial of service
12023| [74701] Apple MacOS X up to 10.10.2 Apache cross site request forgery
12024| [74700] Apple MacOS X up to 10.10.2 Apache unknown vulnerability
12025| [74661] Apache Flex up to 4.14.0 asdoc index.html cross site scripting
12026| [74609] Apache Cassandra up to 1.2.19/2.0.13/2.1.3 JMX/RMI Interface privilege escalation
12027| [74469] Apache Xerces-C up to 7.0 internal/XMLReader.cpp denial of service
12028| [74468] Apache Batik up to 1.6 denial of service
12029| [74414] Apache Mod-gnutls up to 0.5.1 Authentication spoofing
12030| [74371] Apache Standard Taglibs up to 1.2.0 memory corruption
12031| [74367] Apache HTTP Server up to 2.4.12 mod_lua lua_request.c wsupgrade denial of service
12032| [74174] Apache WSS4J up to 2.0.0 privilege escalation
12033| [74172] Apache ActiveMQ up to 5.5.0 Administration Console cross site scripting
12034| [69092] Apache Tomcat up to 6.0.42/7.0.54/8.0.8 HTTP Request Smuggling privilege escalation
12035| [73831] Apache Qpid up to 0.30 Access Restriction unknown vulnerability
12036| [73731] Apache XML Security unknown vulnerability
12037| [68660] Oracle BI Publisher 10.1.3.4.2/11.1.1.7 Apache Tomcat cross site scripting
12038| [73659] Apache CloudStack up to 4.3.0 Stack-Based unknown vulnerability
12039| [73593] Apache Traffic Server up to 5.1.0 denial of service
12040| [73511] Apache POI up to 3.10 Deadlock denial of service
12041| [73510] Apache Solr up to 4.3.0 cross site scripting
12042| [68447] Apache Subversion up to 1.7.18/1.8.10 mod_dav_svn Crash denial of service
12043| [68446] Apache Subversion up to 1.7.18/1.8.10 REPORT Request Crash denial of service
12044| [73173] Apache CloudStack Stack-Based unknown vulnerability
12045| [68357] Apache Struts up to 2.3.16.3 Random Number Generator cross site request forgery
12046| [73106] Apache Hadoop up to 2.4.0 Symlink privilege escalation
12047| [68575] Apache HTTP Server up to 2.4.10 LuaAuthzProvider mod_lua.c privilege escalation
12048| [72890] Apache Qpid 0.30 unknown vulnerability
12049| [72887] Apache Hive 0.13.0 File Permission privilege escalation
12050| [72878] Apache Cordova 3.5.0 cross site request forgery
12051| [72877] Apache Cordova 3.5.0 cross site request forgery
12052| [72876] Apache Cordova 3.5.0 cross site request forgery
12053| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
12054| [68065] Apache CXF up to 3.0.1 JAX-RS SAML denial of service
12055| [68064] Apache CXF up to 3.0.0 SAML Token denial of service
12056| [67913] Oracle Retail Markdown Optimization 12.0/13.0/13.1/13.2/13.4 Apache commons-beanutils-1.8.0.jar memory corruption
12057| [67912] Oracle Retail Invoice Matching up to 14.0 Apache commons-beanutils-1.8.0.jar memory corruption
12058| [67911] Oracle Retail Clearance Optimization Engine 13.3/13.4/14.0 Apache commons-beanutils-1.8.0.jar memory corruption
12059| [67910] Oracle Retail Allocation up to 13.2 Apache commons-beanutils-1.8.0.jar memory corruption
12060| [71835] Apache Shiro 1.0.0/1.1.0/1.2.0/1.2.1/1.2.2 unknown vulnerability
12061| [71633] Apachefriends XAMPP 1.8.1 cross site scripting
12062| [71629] Apache Axis2/C spoofing
12063| [67633] Apple Mac OS X up to 10.9.4 apache_mod_php ext/standard/dns.c dns_get_record memory corruption
12064| [67631] Apple Mac OS X up to 10.9.4 apache_mod_php Symlink memory corruption
12065| [67630] Apple Mac OS X up to 10.9.4 apache_mod_php cdf_read_property_info denial of service
12066| [67629] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_count_chain denial of service
12067| [67628] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_check_stream_offset denial of service
12068| [67627] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c mconvert memory corruption
12069| [67626] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c denial of service
12070| [67625] Apple Mac OS X up to 10.9.4 apache_mod_php Crash denial of service
12071| [67624] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_property_info denial of service
12072| [67623] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_unpack_summary_info denial of service
12073| [67622] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_short_sector denial of service
12074| [67620] Apple Mac OS X up to 10.9.4 apache_mod_php magic/Magdir/commands denial of service
12075| [67790] Apache HTTP Server mod_cache NULL Pointer Dereference denial of service
12076| [67522] Apache Tomcat up to 7.0.39 JSP Upload privilege escalation
12077| [70809] Apache POI up to 3.11 Crash denial of service
12078| [70808] Apache POI up to 3.10 unknown vulnerability
12079| [70806] Apache Commons-httpclient 4.2/4.2.1/4.2.2 spoofing
12080| [70749] Apache Axis up to 1.4 getCN spoofing
12081| [70701] Apache Traffic Server up to 3.3.5 denial of service
12082| [70700] Apache OFBiz up to 12.04.03 cross site scripting
12083| [67402] Apache OpenOffice 4.0.0/4.0.1/4.1.0 Calc privilege escalation
12084| [67401] Apache OpenOffice up to 4.1.0 OLE Object information disclosure
12085| [70661] Apache Subversion up to 1.6.17 denial of service
12086| [70660] Apache Subversion up to 1.6.17 spoofing
12087| [70659] Apache Subversion up to 1.6.17 spoofing
12088| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
12089| [67180] Apache HTTP Server up to 2.4.9 WinNT MPM Memory Leak denial of service
12090| [67185] Apache HTTP Server up to 2.4.9 mod_status Heap-Based memory corruption
12091| [67184] Apache HTTP Server 2.4.5/2.4.6 mod_cache NULL Pointer Dereference denial of service
12092| [67182] Apache HTTP Server up to 2.4.9 mod_deflate Memory Consumption denial of service
12093| [67181] Apache HTTP Server up to 2.4.9 mod_cgid denial of service
12094| [70338] Apache Syncope up to 1.1.7 unknown vulnerability
12095| [70295] Apache CXF up to 2.7.9 Cleartext information disclosure
12096| [70106] Apache Open For Business Project up to 10.04.0 getServerError cross site scripting
12097| [70105] Apache MyFaces up to 2.1.5 JavaServer Faces directory traversal
12098| [69846] Apache HBase up to 0.94.8 information disclosure
12099| [69783] Apache CouchDB up to 1.2.0 memory corruption
12100| [13383] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 XML Parser privilege escalation
12101| [13300] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi setuid privilege escalation
12102| [13299] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi Content-Type Header information disclosure
12103| [13164] Apache CXF up to 2.6.13/2.7.10 SOAP OutgoingChainInterceptor.java Invalid Content denial of service
12104| [13163] Apache CXF up to 2.6.13/2.7.10 SOAP HTML Content denial of service
12105| [13158] Apache Struts up to 2.3.16.2 ParametersInterceptor getClass privilege escalation
12106| [69515] Apache Struts up to 2.3.15.0 CookieInterceptor memory corruption
12107| [13086] Apache Struts up to 1.3.10 Class Loader privilege escalation
12108| [13067] Apache Struts up to 2.3.16.1 Class Loader privilege escalation
12109| [69431] Apache Archiva up to 1.3.6 cross site scripting
12110| [69385] Apache Syncope up to 1.1.6 unknown vulnerability
12111| [69338] Apache Xalan-Java up to 2.7.1 system-property unknown vulnerability
12112| [12742] Trustwave ModSecurity up to 2.7.5 Chunk Extension apache2/modsecurity.c modsecurity_tx_init privilege escalation
12113| [12741] Trustwave ModSecurity up to 2.7.6 Chunked HTTP Transfer apache2/modsecurity.c modsecurity_tx_init Trailing Header privilege escalation
12114| [13387] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Content-Length Header privilege escalation
12115| [13386] Apache Tomcat Security Manager up to 6.0.39/7.0.53/8.0.5 XSLT privilege escalation
12116| [13385] Apache Tomcat 8.0.0/8.0.1/8.0.3 AJP Request Zero Length denial of service
12117| [13384] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Chunked HTTP Request denial of service
12118| [12748] Apache CouchDB 1.5.0 UUIDS /_uuids denial of service
12119| [66739] Apache Camel up to 2.12.2 unknown vulnerability
12120| [66738] Apache Camel up to 2.12.2 unknown vulnerability
12121| [12667] Apache HTTP Server 2.4.7 mod_log_config.c log_cookie denial of service
12122| [66695] Apache CouchDB up to 1.2.0 cross site scripting
12123| [66694] Apache CouchDB up to 1.2.0 Partition partition2 directory traversal
12124| [66689] Apache HTTP Server up to 2.0.33 mod_dav dav_xml_get_cdata denial of service
12125| [12518] Apache Tomcat up to 6.0.38/7.0.49/8.0.0-RC9 HTTP Header denial of service
12126| [66498] Apache expressions up to 3.3.0 Whitelist unknown vulnerability
12127| [12781] Apache Struts up to 2.3.8 ParametersInterceptor getClass denial of service
12128| [12439] Apache Tomcat 6.0.33 XML XXE information disclosure
12129| [12438] Apache Tomcat 6.0.33/6.0.34/6.0.35/6.0.36/6.0.37 coyoteadapter.java disableURLRewriting privilege escalation
12130| [66356] Apache Wicket up to 6.8.0 information disclosure
12131| [12209] Apache Tomcat 7.0.0/7.0.50/8.0.0-RC1/8.0.1 Content-Type Header for Multi-Part Request Infinite Loop denial of service
12132| [66322] Apache ActiveMQ up to 5.8.0 cross site scripting
12133| [12291] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
12134| [66255] Apache Open For Business Project up to 10.04.3 cross site scripting
12135| [66200] Apache Hadoop up to 2.0.5 Security Feature information disclosure
12136| [66072] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
12137| [66068] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
12138| [11928] Oracle Secure Global Desktop up to 4.71 Apache Tomcat unknown vulnerability
12139| [11924] Oracle Secure Global Desktop up to 4.63 Apache Tomcat denial of service
12140| [11922] Oracle Secure Global Desktop up to 4.63 Apache Tomcat unknown vulnerability
12141| [66049] Apache XML Security for Java up to 1.4.6 Memory Consumption denial of service
12142| [12199] Apache Subversion up to 1.8.5 mod_dav_svn/repos.c get_resource denial of service
12143| [65946] askapache Firefox Adsense up to 3.0 askapache-firefox-adsense.php cross site request forgery
12144| [65668] Apache Solr 4.0.0 Updater denial of service
12145| [65665] Apache Solr up to 4.3.0 denial of service
12146| [65664] Apache Solr 3.6.0/3.6.1/3.6.2/4.0.0 Updater denial of service
12147| [65663] Apache Solr up to 4.5.1 ResourceLoader directory traversal
12148| [65658] Apache roller 4.0/4.0.1/5.0/5.0.1 unknown vulnerability
12149| [65657] Apache Roller 4.0/4.0.1/5.0/5.0.1 cross site scripting
12150| [11325] Apache Subversion 1.7.13 mod_dontdothat Bypass denial of service
12151| [11324] Apache Subversion up to 1.8.4 mod_dav_svn denial of service
12152| [11098] Apache Tomcat 5.5.25 HTTP Request cross site request forgery
12153| [65410] Apache Struts 2.3.15.3 cross site scripting
12154| [65386] Apache Solr up to 2.2.1 on TYPO3 cross site scripting
12155| [65385] Apache Solr up to 2.2.1 on TYPO3 unknown vulnerability
12156| [11044] Apache Struts 2.3.15.3 showConfig.action cross site scripting
12157| [11043] Apache Struts 2.3.15.3 actionNames.action cross site scripting
12158| [11018] cPanel WHM up to 11.40.0.11 Apache mod_userdir Tweak Interface privilege escalation
12159| [65342] Apache Sling 1.0.2/1.0.4/1.0.6/1.1.0/1.1.2 Auth Core cross site scripting
12160| [65340] Apache Shindig 2.5.0 information disclosure
12161| [65316] Apache Mod Fcgid up to 2.3.7 mod_fcgid fcgid_bucket.c fcgid_header_bucket_read memory corruption
12162| [65313] Apache Sling 2.2.0/2.3.0 AbstractCreateOperation.java deepGetOrCreateNode denial of service
12163| [10826] Apache Struts 2 File privilege escalation
12164| [65204] Apache Camel up to 2.10.1 unknown vulnerability
12165| [10460] Apache Struts 2.0.0/2.3.15.1 Action Mapping Mechanism Bypass privilege escalation
12166| [10459] Apache Struts 2.0.0/2.3.15 Dynamic Method Invocation unknown vulnerability
12167| [10160] Apache Subversion 1.8.0/1.8.1/1.8.2 svnwcsub.py handle_options race condition
12168| [10159] Apache Subversion up to 1.8.2 svnserve write_pid_file race condition
12169| [10158] Apache Subversion 1.8.0/1.8.1/1.8.2 daemonize.py daemon::daemonize race condition
12170| [10157] Apache Subversion up to 1.8.1 FSFS Repository Symlink privilege escalation
12171| [64808] Fail2ban up to 0.8.9 apache-auth.conf denial of service
12172| [64760] Best Practical RT up to 4.0.12 Apache::Session::File information disclosure
12173| [64722] Apache XML Security for C++ Heap-based memory corruption
12174| [64719] Apache XML Security for C++ Heap-based memory corruption
12175| [64718] Apache XML Security for C++ verify denial of service
12176| [64717] Apache XML Security for C++ getURIBaseTXFM memory corruption
12177| [64716] Apache XML Security for C++ spoofing
12178| [64701] Apache CXF up to 2.7.3 XML Parser Memory Consumption denial of service
12179| [64700] Apache CloudStack up to 4.1.0 Stack-Based cross site scripting
12180| [64667] Apache Open For Business Project up to 10.04.04 unknown vulnerability
12181| [64666] Apache Open For Business Project up to 10.04.04 cross site scripting
12182| [9891] Apache HTTP Server 2.2.22 suEXEC Feature .htaccess information disclosure
12183| [64509] Apache ActiveMQ up to 5.8.0 scheduled.jsp cross site scripting
12184| [9826] Apache Subversion up to 1.8.0 mod_dav_svn denial of service
12185| [9683] Apache HTTP Server 2.4.5 mod_session_dbd denial of service
12186| [64485] Apache Struts up to 2.2.3.0 privilege escalation
12187| [9568] Apache Struts up to 2.3.15 DefaultActionMapper cross site request forgery
12188| [9567] Apache Struts up to 2.3.15 DefaultActionMapper memory corruption
12189| [64467] Apache Geronimo 3.0 memory corruption
12190| [64466] Apache OpenJPA up to 2.2.1 Serialization memory corruption
12191| [64457] Apache Struts up to 2.2.3.0 cross site scripting
12192| [64326] Alejandro Garza Apachesolr Autocomplete up to 7.x-1.1 cross site scripting
12193| [9184] Apache Qpid up to 0.20 SSL misconfiguration
12194| [8935] Apache Subversion up to 1.7.9 FSFS Format Repository denial of service
12195| [8934] Apache Subversion up to 1.7.9 Svnserve Server denial of service
12196| [8933] Apache Subversion up to 1.6.21 check-mime-type.pl svnlook memory corruption
12197| [8932] Apache Subversion up to 1.6.21 svn-keyword-check.pl svnlook changed memory corruption
12198| [9022] Apache Struts up to 2.3.14.2 OGNL Expression memory corruption
12199| [8873] Apache Struts 2.3.14 privilege escalation
12200| [8872] Apache Struts 2.3.14 privilege escalation
12201| [8746] Apache HTTP Server Log File Terminal Escape Sequence Filtering mod_rewrite.c do_rewritelog privilege escalation
12202| [8666] Apache Tomcat up to 7.0.32 AsyncListener information disclosure
12203| [8665] Apache Tomcat up to 7.0.29 Chunked Transfer Encoding Extension Size denial of service
12204| [8664] Apache Tomcat up to 7.0.32 FORM Authentication weak authentication
12205| [64075] Apache Subversion up to 1.7.7 mod_dav_svn Crash denial of service
12206| [64074] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
12207| [64073] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
12208| [64072] Apache Subversion up to 1.7.7 mod_dav_svn NULL Pointer Dereference denial of service
12209| [64071] Apache Subversion up to 1.7.8 mod_dav_svn Memory Consumption denial of service
12210| [8768] Apache Struts up to 2.3.14 on Mac EL and OGNL Interpreter memory corruption
12211| [64006] Apache ActiveMQ up to 5.7.0 denial of service
12212| [64005] Apache ActiveMQ up to 5.7.0 Default Configuration denial of service
12213| [64004] Apache ActiveMQ up to 5.7.0 PortfolioPublishServlet.java cross site scripting
12214| [8427] Apache Tomcat Session Transaction weak authentication
12215| [63960] Apache Maven 3.0.4 Default Configuration spoofing
12216| [63751] Apache qpid up to 0.20 qpid::framing::Buffer denial of service
12217| [63750] Apache qpid up to 0.20 checkAvailable denial of service
12218| [63749] Apache Qpid up to 0.20 Memory Consumption denial of service
12219| [63748] Apache Qpid up to 0.20 Default Configuration denial of service
12220| [63747] Apache Rave up to 0.20 User Account information disclosure
12221| [7889] Apache Subversion up to 1.6.17 mod_dav_svn/svn_fs_file_length() denial of service
12222| [63646] Apache HTTP Server up to 2.2.23/2.4.3 mod_proxy_balancer.c balancer_handler cross site scripting
12223| [7688] Apache CXF up to 2.7.1 WSS4JInterceptor Bypass weak authentication
12224| [7687] Apache CXF up to 2.7.2 Token weak authentication
12225| [63334] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
12226| [63299] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
12227| [7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting
12228| [7075] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector NioEndpoint.java denial of service
12229| [7074] Apache Tomcat up to 6.0.35/7.0.29 FORM Authentication RealmBase.java weak authentication
12230| [7073] Apache Tomcat up to 6.0.35/7.0.31 CSRF Prevention Filter cross site request forgery
12231| [63090] Apache Tomcat up to 4.1.24 denial of service
12232| [63089] Apache HTTP Server up to 2.2.13 mod_proxy_ajp denial of service
12233| [62933] Apache Tomcat up to 5.5.0 Access Restriction unknown vulnerability
12234| [62929] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector Memory Consumption denial of service
12235| [62833] Apache CXF -/2.6.0 spoofing
12236| [62832] Apache Axis2 up to 1.6.2 spoofing
12237| [62831] Apache Axis up to 1.4 Java Message Service spoofing
12238| [62830] Apache Commons-httpclient 3.0 Payments spoofing
12239| [62826] Apache Libcloud up to 0.11.0 spoofing
12240| [62757] Apache Open For Business Project up to 10.04.0 unknown vulnerability
12241| [8830] Red Hat JBoss Enterprise Application Platform 6.0.1 org.apache.catalina.connector.Response.encodeURL information disclosure
12242| [62661] Apache Axis2 unknown vulnerability
12243| [62658] Apache Axis2 unknown vulnerability
12244| [62467] Apache Qpid up to 0.17 denial of service
12245| [62417] Apache CXF 2.4.7/2.4.8/2.5.3/2.5.4/2.6.1 spoofing
12246| [6301] Apache HTTP Server mod_pagespeed cross site scripting
12247| [6300] Apache HTTP Server mod_pagespeed Hostname information disclosure
12248| [6123] Apache Wicket up to 1.5.7 Ajax Link cross site scripting
12249| [62035] Apache Struts up to 2.3.4 denial of service
12250| [61916] Apache QPID 0.5/0.6/0.14/0.16 unknown vulnerability
12251| [6998] Apache Tomcat 5.5.35/6.0.35/7.0.28 DIGEST Authentication Session State Caching privilege escalation
12252| [6997] Apache Tomcat 5.5.35/6.0.35/7.0.28 HTTP Digest Authentication Implementation privilege escalation
12253| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
12254| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
12255| [61507] Apache POI up to 3.8 UnhandledDataStructure denial of service
12256| [6070] Apache Struts up to 2.3.4 Token Name Configuration Parameter privilege escalation
12257| [6069] Apache Struts up to 2.3.4 Request Parameter OGNL Expression denial of service
12258| [5764] Oracle Solaris 10 Apache HTTP Server information disclosure
12259| [5700] Oracle Secure Backup 10.3.0.3/10.4.0.1 Apache denial of service
12260| [61255] Apache Hadoop 2.0.0 Kerberos unknown vulnerability
12261| [61229] Apache Sling up to 2.1.1 denial of service
12262| [61152] Apache Commons-compress 1.0/1.1/1.2/1.3/1.4 denial of service
12263| [61094] Apache Roller up to 5.0 cross site scripting
12264| [61093] Apache Roller up to 5.0 cross site request forgery
12265| [61005] Apache OpenOffice 3.3/3.4 unknown vulnerability
12266| [9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service
12267| [5436] Apache OpenOffice 3.3/3.4 WPXContentListener.cpp _closeTableRow File memory corruption
12268| [5435] Apache OpenOffice 3.3/3.4 vclmi.dll File memory corruption
12269| [60730] PHP 5.4.0/5.4.1/5.4.2 apache_request_headers memory corruption
12270| [60708] Apache Qpid 0.12 unknown vulnerability
12271| [5032] Apache Hadoop up to 0.20.205.0/1.0.1/0.23.1 Kerberos/MapReduce Security Feature privilege escalation
12272| [4949] Apache Struts File Upload XSLTResult.java XSLT File privilege escalation
12273| [4955] Apache Traffic Server 3.0.3/3.1.2 HTTP Header Parser memory corruption
12274| [4882] Apache Wicket up to 1.5.4 directory traversal
12275| [4881] Apache Wicket up to 1.4.19 cross site scripting
12276| [4884] Apache HTTP Server up to 2.3.6 mod_fcgid fcgid_spawn_ctl.c FcgidMaxProcessesPerClass HTTP Requests denial of service
12277| [60352] Apache Struts up to 2.2.3 memory corruption
12278| [60153] Apache Portable Runtime up to 1.4.3 denial of service
12279| [4598] Apache Struts 1.3.10 upload-submit.do cross site scripting
12280| [4597] Apache Struts 1.3.10 processSimple.do cross site scripting
12281| [4596] Apache Struts 2.0.14/2.2.3 struts2-rest-showcase/orders cross site scripting
12282| [4595] Apache Struts 2.0.14/2.2.3 struts2-showcase/person/editPerson.action cross site scripting
12283| [4583] Apache HTTP Server up to 2.2.21 Threaded MPM denial of service
12284| [4582] Apache HTTP Server up to 2.2.21 protocol.c information disclosure
12285| [4571] Apache Struts up to 2.3.1.2 privilege escalation
12286| [4557] Apache Tomcat up to 7.0.21 Caching/Recycling information disclosure
12287| [59934] Apache Tomcat up to 6.0.9 DigestAuthenticator.java unknown vulnerability
12288| [59933] Apache Tomcat up to 6.0.9 Access Restriction unknown vulnerability
12289| [59932] Apache Tomcat up to 6.0.9 unknown vulnerability
12290| [59931] Apache Tomcat up to 6.0.9 Access Restriction information disclosure
12291| [59902] Apache Struts up to 2.2.3 Interfaces unknown vulnerability
12292| [4528] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
12293| [4527] Apache Struts up to 2.2.3 ExceptionDelegator cross site scripting
12294| [59888] Apache Tomcat up to 6.0.6 denial of service
12295| [59886] Apache ActiveMQ up to 5.5.1 Crash denial of service
12296| [4513] Apache Struts up to 2.3.1 ParameterInterceptor directory traversal
12297| [4512] Apache Struts up to 2.2.3 CookieInterceptor privilege escalation
12298| [59850] Apache Geronimo up to 2.2.1 denial of service
12299| [59825] Apache HTTP Server up to 2.1.7 mod_reqtimeout denial of service
12300| [59556] Apache HTTP Server up to 2.0.53 mod_proxy information disclosure
12301| [58467] Apache libcloud 0.2.0/0.3.0/0.3.1/0.4.0 Access Restriction spoofing
12302| [58413] Apache Tomcat up to 6.0.10 spoofing
12303| [58381] Apache Wicket up to 1.4.17 cross site scripting
12304| [58296] Apache Tomcat up to 7.0.19 unknown vulnerability
12305| [57888] Apache HttpClient 4.0/4.0.1/4.1 Authorization information disclosure
12306| [57587] Apache Subversion up to 1.6.16 mod_dav_svn information disclosure
12307| [57585] Apache Subversion up to 1.6.16 mod_dav_svn Memory Consumption denial of service
12308| [57584] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
12309| [57577] Apache Rampart-C 1.3.0 Access Restriction rampart_timestamp_token_validate privilege escalation
12310| [57568] Apache Archiva up to 1.3.4 cross site scripting
12311| [57567] Apache Archiva up to 1.3.4 cross site request forgery
12312| [57481] Apache Tomcat 7.0.12/7.0.13 Access Restriction unknown vulnerability
12313| [4355] Apache HTTP Server APR apr_fnmatch denial of service
12314| [57435] Apache Struts up to 2.2.1.1 FileHandler.java cross site scripting
12315| [57425] Apache Struts up to 2.2.1.1 cross site scripting
12316| [4352] Apache HTTP Server 2.2.x APR apr_fnmatch denial of service
12317| [57025] Apache Tomcat up to 7.0.11 information disclosure
12318| [57024] Apache Tomcat 7.0.11 Access Restriction information disclosure
12319| [56774] IBM WebSphere Application Server up to 7.0.0.14 org.apache.jasper.runtime.JspWriterImpl.response denial of service
12320| [56824] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
12321| [56832] Apache Tomcat up to 7.0.10 Access Restriction information disclosure
12322| [56830] Apache Tomcat up to 7.0.9 Access Restriction privilege escalation
12323| [12440] Apache Tomcat 6.0.33 Malicious Request cross site scripting
12324| [56512] Apache Continuum up to 1.4.0 cross site scripting
12325| [4285] Apache Tomcat 5.x JVM getLocale denial of service
12326| [4284] Apache Tomcat 5.x HTML Manager Infinite Loop cross site scripting
12327| [4283] Apache Tomcat 5.x ServletContect privilege escalation
12328| [56441] Apache Tomcat up to 7.0.6 denial of service
12329| [56300] Apache CouchDB up to 1.0.1 Web Administration Interface cross site scripting
12330| [55967] Apache Subversion up to 1.6.4 rev_hunt.c denial of service
12331| [55966] Apache Subversion up to 1.6.4 mod_dav_svn repos.c walk denial of service
12332| [55095] Apache Axis2 up to 1.6 Default Password memory corruption
12333| [55631] Apache Archiva up to 1.3.1 User Account cross site request forgery
12334| [55556] Apache Tomcat up to 6.0.29 Default Configuration information disclosure
12335| [55553] Apache Tomcat up to 7.0.4 sessionsList.jsp cross site scripting
12336| [55162] Apache MyFaces up to 2.0.0 Authentication Code unknown vulnerability
12337| [54881] Apache Subversion up to 1.6.12 mod_dav_svn authz.c privilege escalation
12338| [54879] Apache APR-util up to 0.9.14 mod_reqtimeout apr_brigade_split_line denial of service
12339| [54693] Apache Traffic Server DNS Cache unknown vulnerability
12340| [54416] Apache CouchDB up to 0.11.0 cross site request forgery
12341| [54394] Apache CXF up to 2.2.8 Memory Consumption denial of service
12342| [54261] Apache Tomcat jsp/cal/cal2.jsp cross site scripting
12343| [54166] Apache HTTP Server up to 2.2.12 mod_cache Crash denial of service
12344| [54385] Apache Struts up to 2.1.8.1 ParameterInterceptor unknown vulnerability
12345| [54012] Apache Tomcat up to 6.0.10 denial of service
12346| [53763] Apache Axis2 1.3/1.4/1.4.1/1.5/1.5.1 Memory Consumption denial of service
12347| [53368] Apache MyFaces 1.1.7/1.2.8 cross site scripting
12348| [53397] Apache axis2 1.4.1/1.5.1 Administration Console cross site scripting
12349| [52894] Apache Tomcat up to 6.0.7 information disclosure
12350| [52960] Apache ActiveMQ up to 5.4-snapshot information disclosure
12351| [52843] Apache HTTP Server mod_auth_shadow unknown vulnerability
12352| [52786] Apache Open For Business Project up to 09.04 cross site scripting
12353| [52587] Apache ActiveMQ up to 5.3.0 cross site request forgery
12354| [52586] Apache ActiveMQ up to 5.3.0 cross site scripting
12355| [52584] Apache CouchDB up to 0.10.1 information disclosure
12356| [51757] Apache HTTP Server 2.0.44 cross site scripting
12357| [51756] Apache HTTP Server 2.0.44 spoofing
12358| [51717] Apache HTTP Server up to 1.3.3 mod_proxy ap_proxy_send_fb memory corruption
12359| [51690] Apache Tomcat up to 6.0 directory traversal
12360| [51689] Apache Tomcat up to 6.0 information disclosure
12361| [51688] Apache Tomcat up to 6.0 directory traversal
12362| [50886] HP Operations Manager 8.10 on Windows File Upload org.apache.catalina.manager.HTMLManagerServlet memory corruption
12363| [50802] Apache Tomcat up to 3.3 Default Password weak authentication
12364| [50626] Apache Solr 1.0.0 cross site scripting
12365| [49857] Apache HTTP Server mod_proxy_ftp cross site scripting
12366| [49856] Apache HTTP Server 2.2.13 mod_proxy_ftp ap_proxy_ftp_handler denial of service
12367| [49348] Apache Xerces-C++ 2.7.0 Stack-Based denial of service
12368| [86789] Apache Portable Runtime memory/unix/apr_pools.c unknown vulnerability
12369| [49283] Apache APR-util up to 1.3.8 apr-util misc/apr_rmm.c apr_rmm_realloc memory corruption
12370| [48952] Apache HTTP Server up to 1.3.6 mod_deflate denial of service
12371| [48626] Apache Tomcat up to 4.1.23 Access Restriction directory traversal
12372| [48431] Apache Tomcat up to 4.1.23 j_security_check cross site scripting
12373| [48430] Apache Tomcat up to 4.1.23 mod_jk denial of service
12374| [47801] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site request forgery
12375| [47800] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site scripting
12376| [47799] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console directory traversal
12377| [47648] Apache Tiles 2.1.0/2.1.1 cross site scripting
12378| [47640] Apache Struts 2.0.6/2.0.8/2.0.9/2.0.11/2.1 cross site scripting
12379| [47638] Apache Tomcat up to 4.1.23 mod_jk information disclosure
12380| [47636] Apache Struts 2.0.9 xip_client.html cross site scripting
12381| [47593] Apache Mod Perl 1 perl-status Apache::Status cross site scripting
12382| [47637] Apache Struts 1.0.2/1.1/1.2.4/1.2.7/1.2.8 cross site scripting
12383| [47239] Apache Struts up to 2.1.2 Beta struts directory traversal
12384| [47214] Apachefriends xampp 1.6.8 spoofing
12385| [47213] Apachefriends xampp 1.6.8 htaccess cross site request forgery
12386| [47162] Apachefriends XAMPP 1.4.4 weak authentication
12387| [47065] Apache Tomcat 4.1.23 cross site scripting
12388| [46834] Apache Tomcat up to 5.5.20 cross site scripting
12389| [46004] Apache Jackrabbit 1.4/1.5.0 search.jsp cross site scripting
12390| [49205] Apache Roller 2.3/3.0/3.1/4.0 Search cross site scripting
12391| [86625] Apache Struts directory traversal
12392| [44461] Apache Tomcat up to 5.5.0 information disclosure
12393| [44389] Apache Xerces-C++ XML Parser Memory Consumption denial of service
12394| [44352] Apache Friends XAMPP 1.6.8 adodb.php cross site scripting
12395| [43663] Apache Tomcat up to 6.0.16 directory traversal
12396| [43612] Apache Friends XAMPP 1.6.7 iart.php cross site scripting
12397| [43556] Apache HTTP Server up to 2.1.8 mod_proxy_ftp proxy_ftp.c cross site scripting
12398| [43516] Apache Tomcat up to 4.1.20 directory traversal
12399| [43509] Apache Tomcat up to 6.0.13 cross site scripting
12400| [42637] Apache Tomcat up to 6.0.16 cross site scripting
12401| [42325] Apache HTTP Server up to 2.1.8 Error Page cross site scripting
12402| [41838] Apache-SSL 1.3.34 1.57 expandcert privilege escalation
12403| [41091] Apache Software Foundation Mod Jk up to 2.0.1 mod_jk2 Stack-based memory corruption
12404| [40924] Apache Tomcat up to 6.0.15 information disclosure
12405| [40923] Apache Tomcat up to 6.0.15 unknown vulnerability
12406| [40922] Apache Tomcat up to 6.0 information disclosure
12407| [40710] Apache HTTP Server up to 2.0.61 mod_negotiation cross site scripting
12408| [40709] Apache HTTP Server up to 2.0.53 mod_negotiation cross site scripting
12409| [40656] Apache Tomcat 5.5.20 information disclosure
12410| [40503] Apache HTTP Server mod_proxy_ftp cross site scripting
12411| [40502] Apache HTTP Server up to 2.2.5 mod_proxy_balancer memory corruption
12412| [40501] Apache HTTP Server 2.2.6 mod_proxy_balancer cross site request forgery
12413| [40398] Apache HTTP Server up to 2.2 mod_proxy_balancer cross site scripting
12414| [40397] Apache HTTP Server up to 2.2 mod_proxy_balancer balancer_handler denial of service
12415| [40234] Apache Tomcat up to 6.0.15 directory traversal
12416| [40221] Apache HTTP Server 2.2.6 information disclosure
12417| [40027] David Castro Apache Authcas 0.4 sql injection
12418| [3495] Apache OpenOffice up to 2.3 Database Document Processor unknown vulnerability
12419| [3489] Apache HTTP Server 2.x HTTP Header cross site scripting
12420| [3414] Apache Tomcat WebDAV Stored privilege escalation
12421| [39489] Apache Jakarta Slide up to 2.1 directory traversal
12422| [39540] Apache Geronimo 2.0/2.0.1/2.0.2/2.1 unknown vulnerability
12423| [3310] Apache OpenOffice 1.1.3/2.0.4/2.2.1 TIFF Image Parser Heap-based memory corruption
12424| [38768] Apache HTTP Server up to 2.1.7 mod_autoindex.c cross site scripting
12425| [38952] Apache Geronimo 2.0.1/2.1 unknown vulnerability
12426| [38658] Apache Tomcat 4.1.31 cal2.jsp cross site request forgery
12427| [38524] Apache Geronimo 2.0 unknown vulnerability
12428| [3256] Apache Tomcat up to 6.0.13 cross site scripting
12429| [38331] Apache Tomcat 4.1.24 information disclosure
12430| [38330] Apache Tomcat 4.1.24 information disclosure
12431| [38185] Apache Tomcat 3.3/3.3.1/3.3.1a/3.3.2 Error Message CookieExample cross site scripting
12432| [37967] Apache Tomcat up to 4.1.36 Error Message sendmail.jsp cross site scripting
12433| [37647] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 Authorization unknown vulnerability
12434| [37646] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 unknown vulnerability
12435| [3141] Apache Tomcat up to 4.1.31 Accept-Language Header cross site scripting
12436| [3133] Apache Tomcat up to 6.0 HTTP cross site scripting
12437| [37292] Apache Tomcat up to 5.5.1 cross site scripting
12438| [3130] Apache OpenOffice 2.2.1 RTF Document Heap-based memory corruption
12439| [36981] Apache Tomcat JK Web Server Connector up to 1.2.22 mod_jk directory traversal
12440| [36892] Apache Tomcat up to 4.0.0 hello.jsp cross site scripting
12441| [37320] Apache MyFaces Tomahawk up to 1.1.4 cross site scripting
12442| [36697] Apache Tomcat up to 5.5.17 implicit-objects.jsp cross site scripting
12443| [36491] Apache Axis 1.0 Installation javaioFileNotFoundException information disclosure
12444| [36400] Apache Tomcat 5.5.15 mod_jk cross site scripting
12445| [36698] Apache Tomcat up to 4.0.0 cal2.jsp cross site scripting
12446| [36224] XAMPP Apache Distribution up to 1.6.0a adodb.php connect memory corruption
12447| [36225] XAMPP Apache Distribution 1.6.0a sql injection
12448| [2997] Apache httpd/Tomcat 5.5/6.0 directory traversal
12449| [35896] Apache Apache Test up to 1.29 mod_perl denial of service
12450| [35653] Avaya S8300 Cm 3.1.2 Apache Tomcat unknown vulnerability
12451| [35402] Apache Tomcat JK Web Server Connector 1.2.19 mod_jk.so map_uri_to_worker memory corruption
12452| [35067] Apache Stats up to 0.0.2 extract unknown vulnerability
12453| [35025] Apache Stats up to 0.0.3 extract unknown vulnerability
12454| [34252] Apache HTTP Server denial of service
12455| [2795] Apache OpenOffice 2.0.4 WMF/EMF File Heap-based memory corruption
12456| [33877] Apache Opentaps 0.9.3 cross site scripting
12457| [33876] Apache Open For Business Project unknown vulnerability
12458| [33875] Apache Open For Business Project cross site scripting
12459| [2703] Apache Jakarta Tomcat up to 5.x der_get_oid memory corruption
12460| [2611] Apache HTTP Server up to 1.0.1 set_var Format String
12461|
12462| MITRE CVE - https://cve.mitre.org:
12463| [CVE-2013-4156] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
12464| [CVE-2013-4131] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.
12465| [CVE-2013-3239] phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
12466| [CVE-2013-3060] The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
12467| [CVE-2013-2765] The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
12468| [CVE-2013-2251] Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
12469| [CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
12470| [CVE-2013-2248] Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
12471| [CVE-2013-2189] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
12472| [CVE-2013-2135] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice.
12473| [CVE-2013-2134] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
12474| [CVE-2013-2115] Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.
12475| [CVE-2013-2071] java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes.
12476| [CVE-2013-2067] java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.
12477| [CVE-2013-1966] Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
12478| [CVE-2013-1965] Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.1, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
12479| [CVE-2013-1896] mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
12480| [CVE-2013-1884] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
12481| [CVE-2013-1879] Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."
12482| [CVE-2013-1862] mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
12483| [CVE-2013-1849] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.
12484| [CVE-2013-1847] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
12485| [CVE-2013-1846] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.
12486| [CVE-2013-1845] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
12487| [CVE-2013-1814] The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.
12488| [CVE-2013-1777] The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not property implement the RMI classloader, which allows remote attackers to execute arbitrary code by using the JMX connector to send a crafted serialized object.
12489| [CVE-2013-1768] The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
12490| [CVE-2013-1088] Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
12491| [CVE-2013-1048] The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
12492| [CVE-2013-0966] The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.
12493| [CVE-2013-0942] Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
12494| [CVE-2013-0941] EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
12495| [CVE-2013-0253] The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.
12496| [CVE-2013-0248] The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
12497| [CVE-2013-0239] Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element.
12498| [CVE-2012-6573] Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving autocomplete results.
12499| [CVE-2012-6551] The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
12500| [CVE-2012-6092] Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.
12501| [CVE-2012-5887] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.
12502| [CVE-2012-5886] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.
12503| [CVE-2012-5885] The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.
12504| [CVE-2012-5786] The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
12505| [CVE-2012-5785] Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
12506| [CVE-2012-5784] Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
12507| [CVE-2012-5783] Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
12508| [CVE-2012-5633] The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request.
12509| [CVE-2012-5616] Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.
12510| [CVE-2012-5568] Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
12511| [CVE-2012-5351] Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
12512| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
12513| [CVE-2012-4557] The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
12514| [CVE-2012-4556] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.
12515| [CVE-2012-4555] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.
12516| [CVE-2012-4534] org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.
12517| [CVE-2012-4528] The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
12518| [CVE-2012-4501] Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs.
12519| [CVE-2012-4460] The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash.
12520| [CVE-2012-4459] Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
12521| [CVE-2012-4458] The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
12522| [CVE-2012-4446] The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
12523| [CVE-2012-4431] org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
12524| [CVE-2012-4418] Apache Axis2 allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
12525| [CVE-2012-4387] Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.
12526| [CVE-2012-4386] The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks by setting the token name configuration parameter to a session attribute.
12527| [CVE-2012-4360] Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
12528| [CVE-2012-4063] The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors.
12529| [CVE-2012-4001] The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
12530| [CVE-2012-3908] Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow remote attackers to hijack the authentication of administrators, aka Bug ID CSCty46684.
12531| [CVE-2012-3546] org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.
12532| [CVE-2012-3544] Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
12533| [CVE-2012-3526] The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
12534| [CVE-2012-3513] munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.
12535| [CVE-2012-3506] Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.
12536| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
12537| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
12538| [CVE-2012-3467] Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication.
12539| [CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
12540| [CVE-2012-3446] Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
12541| [CVE-2012-3376] DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.
12542| [CVE-2012-3373] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.21 and 1.5.x before 1.5.8 allows remote attackers to inject arbitrary web script or HTML via vectors involving a %00 sequence in an Ajax link URL associated with a Wicket app.
12543| [CVE-2012-3126] Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent.
12544| [CVE-2012-3123] Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Server.
12545| [CVE-2012-2760] mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.
12546| [CVE-2012-2733] java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
12547| [CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
12548| [CVE-2012-2381] Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the blogger role.
12549| [CVE-2012-2380] Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality.
12550| [CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
12551| [CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.
12552| [CVE-2012-2329] Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.
12553| [CVE-2012-2145] Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
12554| [CVE-2012-2138] The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP request.
12555| [CVE-2012-2098] Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
12556| [CVE-2012-1574] The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
12557| [CVE-2012-1181] fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.
12558| [CVE-2012-1089] Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.
12559| [CVE-2012-1007] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do.
12560| [CVE-2012-1006] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders.
12561| [CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
12562| [CVE-2012-0840] tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
12563| [CVE-2012-0838] Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
12564| [CVE-2012-0788] The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.
12565| [CVE-2012-0394] ** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself."
12566| [CVE-2012-0393] The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object.
12567| [CVE-2012-0392] The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
12568| [CVE-2012-0391] The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
12569| [CVE-2012-0256] Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.
12570| [CVE-2012-0216] The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.
12571| [CVE-2012-0213] The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.
12572| [CVE-2012-0053] protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
12573| [CVE-2012-0047] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter.
12574| [CVE-2012-0031] scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
12575| [CVE-2012-0022] Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
12576| [CVE-2012-0021] The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.
12577| [CVE-2011-5064] DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184.
12578| [CVE-2011-5063] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.
12579| [CVE-2011-5062] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.
12580| [CVE-2011-5057] Apache Struts 2.3.1.1 and earlier provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor."
12581| [CVE-2011-5034] Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.
12582| [CVE-2011-4905] Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
12583| [CVE-2011-4858] Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
12584| [CVE-2011-4668] IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
12585| [CVE-2011-4449] actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
12586| [CVE-2011-4415] The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
12587| [CVE-2011-4317] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
12588| [CVE-2011-3639] The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
12589| [CVE-2011-3620] Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username.
12590| [CVE-2011-3607] Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
12591| [CVE-2011-3376] org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.
12592| [CVE-2011-3375] Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
12593| [CVE-2011-3368] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
12594| [CVE-2011-3348] The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
12595| [CVE-2011-3192] The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
12596| [CVE-2011-3190] Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
12597| [CVE-2011-2729] native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
12598| [CVE-2011-2712] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
12599| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
12600| [CVE-2011-2526] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.
12601| [CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
12602| [CVE-2011-2481] Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. NOTE: this vulnerability exists because of a CVE-2009-0783 regression.
12603| [CVE-2011-2329] The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than CVE-2011-0730.
12604| [CVE-2011-2204] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
12605| [CVE-2011-2088] XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
12606| [CVE-2011-2087] Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
12607| [CVE-2011-1928] The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.
12608| [CVE-2011-1921] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
12609| [CVE-2011-1783] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.
12610| [CVE-2011-1772] Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
12611| [CVE-2011-1752] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
12612| [CVE-2011-1610] Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.
12613| [CVE-2011-1582] Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.
12614| [CVE-2011-1571] Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
12615| [CVE-2011-1570] Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
12616| [CVE-2011-1503] The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL.
12617| [CVE-2011-1502] Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
12618| [CVE-2011-1498] Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.
12619| [CVE-2011-1475] The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users."
12620| [CVE-2011-1419] Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088.
12621| [CVE-2011-1318] Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted.
12622| [CVE-2011-1184] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
12623| [CVE-2011-1183] Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1088 and CVE-2011-1419.
12624| [CVE-2011-1176] The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
12625| [CVE-2011-1088] Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application.
12626| [CVE-2011-1077] Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
12627| [CVE-2011-1026] Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to hijack the authentication of administrators.
12628| [CVE-2011-0715] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
12629| [CVE-2011-0534] Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
12630| [CVE-2011-0533] Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta
12631| [CVE-2011-0419] Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
12632| [CVE-2011-0013] Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
12633| [CVE-2010-4644] Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
12634| [CVE-2010-4539] The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
12635| [CVE-2010-4476] The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
12636| [CVE-2010-4455] Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 and 11.1.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Apache Plugin.
12637| [CVE-2010-4408] Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of the administrator's password at the time of modifying a user account, which makes it easier for context-dependent attackers to gain privileges by leveraging a (1) unattended workstation or (2) cross-site request forgery (CSRF) vulnerability, a related issue to CVE-2010-3449.
12638| [CVE-2010-4312] The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a session via script access to a cookie.
12639| [CVE-2010-4172] Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
12640| [CVE-2010-3872] The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite."
12641| [CVE-2010-3863] Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI.
12642| [CVE-2010-3854] Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
12643| [CVE-2010-3718] Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.
12644| [CVE-2010-3449] Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1
12645| [CVE-2010-3315] authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
12646| [CVE-2010-3083] sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and other products, when SSL is enabled, allows remote attackers to cause a denial of service (daemon outage) by connecting to the SSL port but not participating in an SSL handshake.
12647| [CVE-2010-2952] Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response.
12648| [CVE-2010-2791] mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
12649| [CVE-2010-2375] Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
12650| [CVE-2010-2234] Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL.
12651| [CVE-2010-2227] Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
12652| [CVE-2010-2103] Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.
12653| [CVE-2010-2086] Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
12654| [CVE-2010-2076] Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
12655| [CVE-2010-2068] mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
12656| [CVE-2010-2057] shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack.
12657| [CVE-2010-1632] Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
12658| [CVE-2010-1623] Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
12659| [CVE-2010-1587] The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
12660| [CVE-2010-1452] The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
12661| [CVE-2010-1325] Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect.
12662| [CVE-2010-1244] Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
12663| [CVE-2010-1157] Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
12664| [CVE-2010-1151] Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials.
12665| [CVE-2010-0684] Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
12666| [CVE-2010-0434] The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
12667| [CVE-2010-0432] Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the productStoreId parameter to control/exportProductListing, (2) the partyId parameter to partymgr/control/viewprofile (aka partymgr/control/login), (3) the start parameter to myportal/control/showPortalPage, (4) an invalid URI beginning with /facility/control/ReceiveReturn (aka /crmsfa/control/ReceiveReturn or /cms/control/ReceiveReturn), (5) the contentId parameter (aka the entityName variable) to ecommerce/control/ViewBlogArticle, (6) the entityName parameter to webtools/control/FindGeneric, or the (7) subject or (8) content parameter to an unspecified component under ecommerce/control/contactus.
12668| [CVE-2010-0425] modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
12669| [CVE-2010-0408] The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
12670| [CVE-2010-0390] Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information.
12671| [CVE-2010-0219] Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
12672| [CVE-2010-0010] Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
12673| [CVE-2010-0009] Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
12674| [CVE-2009-5120] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.
12675| [CVE-2009-5119] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
12676| [CVE-2009-5006] The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange.
12677| [CVE-2009-5005] The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service (daemon crash and cluster outage) via invalid AMQP data.
12678| [CVE-2009-4355] Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
12679| [CVE-2009-4269] The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
12680| [CVE-2009-3923] The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
12681| [CVE-2009-3890] Unrestricted file upload vulnerability in the wp_check_filetype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the mod_mime module in the Apache HTTP Server is enabled, allows remote authenticated users to execute arbitrary code by posting an attachment with a multiple-extension filename, and then accessing this attachment via a direct request to a wp-content/uploads/ pathname, as demonstrated by a .php.jpg filename.
12682| [CVE-2009-3843] HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
12683| [CVE-2009-3821] Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
12684| [CVE-2009-3555] The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
12685| [CVE-2009-3548] The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
12686| [CVE-2009-3250] The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. on Windows, or (3) .php/ on Linux, and then making a direct request to a certain pathname under storage/.
12687| [CVE-2009-3095] The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
12688| [CVE-2009-3094] The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
12689| [CVE-2009-2902] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
12690| [CVE-2009-2901] The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests.
12691| [CVE-2009-2823] The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
12692| [CVE-2009-2699] The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
12693| [CVE-2009-2696] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
12694| [CVE-2009-2693] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
12695| [CVE-2009-2625] XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
12696| [CVE-2009-2412] Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR
12697| [CVE-2009-2299] The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
12698| [CVE-2009-1956] Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
12699| [CVE-2009-1955] The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
12700| [CVE-2009-1903] The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
12701| [CVE-2009-1891] The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
12702| [CVE-2009-1890] The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
12703| [CVE-2009-1885] Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
12704| [CVE-2009-1462] The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.
12705| [CVE-2009-1275] Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.
12706| [CVE-2009-1195] The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
12707| [CVE-2009-1191] mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
12708| [CVE-2009-1012] Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.
12709| [CVE-2009-0918] Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
12710| [CVE-2009-0796] Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
12711| [CVE-2009-0783] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
12712| [CVE-2009-0781] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
12713| [CVE-2009-0754] PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.
12714| [CVE-2009-0580] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
12715| [CVE-2009-0486] Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery (CSRF) protection mechanisms and conduct unauthorized activities as other users.
12716| [CVE-2009-0039] Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
12717| [CVE-2009-0038] Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring
12718| [CVE-2009-0033] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
12719| [CVE-2009-0026] Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
12720| [CVE-2009-0023] The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
12721| [CVE-2008-6879] Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
12722| [CVE-2008-6755] ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
12723| [CVE-2008-6722] Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache.
12724| [CVE-2008-6682] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
12725| [CVE-2008-6505] Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x.
12726| [CVE-2008-6504] ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
12727| [CVE-2008-5696] Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
12728| [CVE-2008-5676] Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching."
12729| [CVE-2008-5519] The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.
12730| [CVE-2008-5518] Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet)
12731| [CVE-2008-5515] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
12732| [CVE-2008-5457] Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
12733| [CVE-2008-4308] The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
12734| [CVE-2008-4008] Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter.
12735| [CVE-2008-3666] Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured
12736| [CVE-2008-3271] Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.
12737| [CVE-2008-3257] Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
12738| [CVE-2008-2939] Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
12739| [CVE-2008-2938] Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
12740| [CVE-2008-2742] Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled.
12741| [CVE-2008-2717] TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.
12742| [CVE-2008-2579] Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
12743| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
12744| [CVE-2008-2370] Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.
12745| [CVE-2008-2364] The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
12746| [CVE-2008-2168] Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
12747| [CVE-2008-2025] Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."
12748| [CVE-2008-1947] Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
12749| [CVE-2008-1734] Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.
12750| [CVE-2008-1678] Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
12751| [CVE-2008-1232] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.
12752| [CVE-2008-0869] Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
12753| [CVE-2008-0732] The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
12754| [CVE-2008-0555] The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.
12755| [CVE-2008-0457] Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
12756| [CVE-2008-0456] CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
12757| [CVE-2008-0455] Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
12758| [CVE-2008-0128] The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
12759| [CVE-2008-0005] mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
12760| [CVE-2008-0002] Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.
12761| [CVE-2007-6750] The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
12762| [CVE-2007-6726] Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.
12763| [CVE-2007-6514] Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.
12764| [CVE-2007-6423] ** DISPUTED ** Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue.
12765| [CVE-2007-6422] The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
12766| [CVE-2007-6421] Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
12767| [CVE-2007-6420] Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.
12768| [CVE-2007-6388] Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
12769| [CVE-2007-6361] Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrated by a log file that records the titles of blog entries. NOTE: access to temp/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
12770| [CVE-2007-6342] SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the SESSION_COOKIE_NAME (session ID) in a cookie.
12771| [CVE-2007-6286] Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
12772| [CVE-2007-6258] Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.
12773| [CVE-2007-6231] Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the tm_includepath parameter to (1) Classes.inc.php, (2) statistic.inc.php, (3) status.inc.php, (4) status_top_x.inc.php, or (5) libchart-1.1/libchart.php in include/. NOTE: access to include/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
12774| [CVE-2007-6203] Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
12775| [CVE-2007-5797] SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database.
12776| [CVE-2007-5731] Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461.
12777| [CVE-2007-5461] Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
12778| [CVE-2007-5342] The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
12779| [CVE-2007-5333] Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
12780| [CVE-2007-5156] Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.
12781| [CVE-2007-5085] Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors.
12782| [CVE-2007-5000] Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
12783| [CVE-2007-4724] Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.
12784| [CVE-2007-4723] Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
12785| [CVE-2007-4641] Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting code into an Apache log file.
12786| [CVE-2007-4556] Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a "%{" sequence and ending with a "}" character.
12787| [CVE-2007-4548] The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginException for failed logins, which allows remote attackers to bypass authentication requirements, deploy arbitrary modules, and gain administrative access by sending a blank username and password with the command line deployer in the deployment module.
12788| [CVE-2007-4465] Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.
12789| [CVE-2007-3847] The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
12790| [CVE-2007-3571] The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
12791| [CVE-2007-3386] Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.
12792| [CVE-2007-3385] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.
12793| [CVE-2007-3384] Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages.
12794| [CVE-2007-3383] Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages.
12795| [CVE-2007-3382] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.
12796| [CVE-2007-3304] Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
12797| [CVE-2007-3303] Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.
12798| [CVE-2007-3101] Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client.
12799| [CVE-2007-2450] Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
12800| [CVE-2007-2449] Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the '
12801| [CVE-2007-2353] Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message.
12802| [CVE-2007-2025] Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
12803| [CVE-2007-1863] cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
12804| [CVE-2007-1862] The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
12805| [CVE-2007-1860] mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450.
12806| [CVE-2007-1858] The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
12807| [CVE-2007-1842] Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019.
12808| [CVE-2007-1801] Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf_lang_default parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by inc/lang.php.
12809| [CVE-2007-1743] suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.
12810| [CVE-2007-1742] suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
12811| [CVE-2007-1741] Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
12812| [CVE-2007-1720] Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file.
12813| [CVE-2007-1636] Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header.
12814| [CVE-2007-1633] Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by bbcode_ref.php.
12815| [CVE-2007-1577] Directory traversal vulnerability in index.php in GeBlog 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tplname] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
12816| [CVE-2007-1539] Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.
12817| [CVE-2007-1524] Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the settings[skin] parameter, as demonstrated by injecting PHP code into an Apache HTTP Server log file, which can then be included via themes/default/.
12818| [CVE-2007-1491] Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.
12819| [CVE-2007-1358] Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
12820| [CVE-2007-1349] PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
12821| [CVE-2007-0975] Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array.
12822| [CVE-2007-0930] Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function.
12823| [CVE-2007-0792] The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file.
12824| [CVE-2007-0774] Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine.
12825| [CVE-2007-0637] Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php.
12826| [CVE-2007-0451] Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage."
12827| [CVE-2007-0450] Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
12828| [CVE-2007-0419] The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service (server outage).
12829| [CVE-2007-0173] Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when register_globals is enabled and magic_quotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
12830| [CVE-2007-0098] Directory traversal vulnerability in language.php in VerliAdmin 0.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
12831| [CVE-2007-0086] ** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.
12832| [CVE-2006-7217] Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode.
12833| [CVE-2006-7216] Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
12834| [CVE-2006-7197] The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.
12835| [CVE-2006-7196] Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1.
12836| [CVE-2006-7195] Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values.
12837| [CVE-2006-7098] The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
12838| [CVE-2006-6869] Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
12839| [CVE-2006-6675] Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecifeid parameters in Welcome web-app.
12840| [CVE-2006-6613] Directory traversal vulnerability in language.php in phpAlbum 0.4.1 Beta 6 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files or obtain sensitive information via a .. (dot dot) in the pa_lang[include_file] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
12841| [CVE-2006-6589] Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project (OFBiz) and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCH_STRING parameter, a different issue than CVE-2006-6587. NOTE: some of these details are obtained from third party information.
12842| [CVE-2006-6588] The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact.
12843| [CVE-2006-6587] Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
12844| [CVE-2006-6445] Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
12845| [CVE-2006-6071] TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLogin with sessions and "ErrorDocument 401" redirects to a valid wiki topic, does not properly handle failed login attempts, which allows remote attackers to read arbitrary content by cancelling out of a failed authentication with a valid username and invalid password.
12846| [CVE-2006-6047] Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
12847| [CVE-2006-5894] Directory traversal vulnerability in lang.php in Rama CMS 0.68 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by lang.php.
12848| [CVE-2006-5752] Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
12849| [CVE-2006-5733] Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
12850| [CVE-2006-5263] Directory traversal vulnerability in templates/header.php3 in phpMyAgenda 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter, as demonstrated by a parameter value naming an Apache HTTP Server log file that apparently contains PHP code.
12851| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
12852| [CVE-2006-4636] Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code.
12853| [CVE-2006-4625] PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
12854| [CVE-2006-4558] DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.
12855| [CVE-2006-4191] Directory traversal vulnerability in memcp.php in XMB (Extreme Message Board) 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by header.php.
12856| [CVE-2006-4154] Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
12857| [CVE-2006-4110] Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
12858| [CVE-2006-4004] Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
12859| [CVE-2006-3918] http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
12860| [CVE-2006-3835] Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (
12861| [CVE-2006-3747] Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
12862| [CVE-2006-3362] Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.
12863| [CVE-2006-3102] Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.
12864| [CVE-2006-3070] write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php.
12865| [CVE-2006-2831] Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743.
12866| [CVE-2006-2806] The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
12867| [CVE-2006-2743] Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.
12868| [CVE-2006-2514] Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions.
12869| [CVE-2006-2330] PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata.
12870| [CVE-2006-1777] Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PHP sequences into an Apache error_log file, which is then included by doc/index.php.
12871| [CVE-2006-1564] Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory.
12872| [CVE-2006-1548] Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.
12873| [CVE-2006-1547] ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
12874| [CVE-2006-1546] Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.
12875| [CVE-2006-1393] Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors.
12876| [CVE-2006-1346] Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by index.php.
12877| [CVE-2006-1292] Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php.
12878| [CVE-2006-1243] Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included using install05.php.
12879| [CVE-2006-1095] Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
12880| [CVE-2006-1079] htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
12881| [CVE-2006-1078] Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
12882| [CVE-2006-0743] Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
12883| [CVE-2006-0254] Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.
12884| [CVE-2006-0150] Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username.
12885| [CVE-2006-0144] The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.
12886| [CVE-2006-0042] Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.
12887| [CVE-2005-4857] eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error".
12888| [CVE-2005-4849] Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information.
12889| [CVE-2005-4836] The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.
12890| [CVE-2005-4814] Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory.
12891| [CVE-2005-4703] Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto.
12892| [CVE-2005-3745] Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message.
12893| [CVE-2005-3630] Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.
12894| [CVE-2005-3510] Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
12895| [CVE-2005-3392] Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
12896| [CVE-2005-3357] mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
12897| [CVE-2005-3352] Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
12898| [CVE-2005-3319] The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
12899| [CVE-2005-3164] The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages.
12900| [CVE-2005-2970] Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
12901| [CVE-2005-2963] The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.
12902| [CVE-2005-2728] The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
12903| [CVE-2005-2660] apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug.
12904| [CVE-2005-2088] The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
12905| [CVE-2005-1754] ** DISPUTED ** JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
12906| [CVE-2005-1753] ** DISPUTED ** ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
12907| [CVE-2005-1344] Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
12908| [CVE-2005-1268] Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
12909| [CVE-2005-1266] Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
12910| [CVE-2005-0808] Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
12911| [CVE-2005-0182] The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack.
12912| [CVE-2005-0108] Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument.
12913| [CVE-2004-2734] webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
12914| [CVE-2004-2680] mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
12915| [CVE-2004-2650] Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.
12916| [CVE-2004-2343] ** DISPUTED ** Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument.
12917| [CVE-2004-2336] Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server.
12918| [CVE-2004-2115] Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request.
12919| [CVE-2004-1834] mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information.
12920| [CVE-2004-1765] Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.
12921| [CVE-2004-1545] UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.
12922| [CVE-2004-1438] The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.
12923| [CVE-2004-1405] MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
12924| [CVE-2004-1404] Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
12925| [CVE-2004-1387] The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
12926| [CVE-2004-1084] Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
12927| [CVE-2004-1083] Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization.
12928| [CVE-2004-1082] mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
12929| [CVE-2004-0942] Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
12930| [CVE-2004-0940] Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
12931| [CVE-2004-0885] The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
12932| [CVE-2004-0811] Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
12933| [CVE-2004-0809] The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
12934| [CVE-2004-0786] The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
12935| [CVE-2004-0751] The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).
12936| [CVE-2004-0748] mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.
12937| [CVE-2004-0747] Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
12938| [CVE-2004-0700] Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
12939| [CVE-2004-0646] Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields.
12940| [CVE-2004-0529] The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
12941| [CVE-2004-0493] The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
12942| [CVE-2004-0492] Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
12943| [CVE-2004-0490] cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
12944| [CVE-2004-0488] Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
12945| [CVE-2004-0263] PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
12946| [CVE-2004-0174] Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."
12947| [CVE-2004-0173] Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences.
12948| [CVE-2004-0113] Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
12949| [CVE-2004-0009] Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user.
12950| [CVE-2003-1581] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
12951| [CVE-2003-1580] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
12952| [CVE-2003-1573] The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages."
12953| [CVE-2003-1521] Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
12954| [CVE-2003-1516] The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
12955| [CVE-2003-1502] mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges.
12956| [CVE-2003-1418] Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child proccess IDs (PID).
12957| [CVE-2003-1307] ** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."
12958| [CVE-2003-1172] Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.
12959| [CVE-2003-1171] Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data.
12960| [CVE-2003-1138] The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
12961| [CVE-2003-1054] mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.
12962| [CVE-2003-0993] mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
12963| [CVE-2003-0987] mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
12964| [CVE-2003-0866] The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
12965| [CVE-2003-0844] mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
12966| [CVE-2003-0843] Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header.
12967| [CVE-2003-0789] mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
12968| [CVE-2003-0771] Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.
12969| [CVE-2003-0658] Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
12970| [CVE-2003-0542] Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
12971| [CVE-2003-0460] The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.
12972| [CVE-2003-0254] Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
12973| [CVE-2003-0253] The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
12974| [CVE-2003-0249] ** DISPUTED ** PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report."
12975| [CVE-2003-0245] Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
12976| [CVE-2003-0192] Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.
12977| [CVE-2003-0189] The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.
12978| [CVE-2003-0134] Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.
12979| [CVE-2003-0132] A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
12980| [CVE-2003-0083] Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.
12981| [CVE-2003-0020] Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
12982| [CVE-2003-0017] Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.
12983| [CVE-2003-0016] Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
12984| [CVE-2002-2310] ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.
12985| [CVE-2002-2309] php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
12986| [CVE-2002-2272] Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
12987| [CVE-2002-2103] Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
12988| [CVE-2002-2029] PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
12989| [CVE-2002-2012] Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.
12990| [CVE-2002-2009] Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
12991| [CVE-2002-2008] Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
12992| [CVE-2002-2007] The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.
12993| [CVE-2002-2006] The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
12994| [CVE-2002-1895] The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN.
12995| [CVE-2002-1850] mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.
12996| [CVE-2002-1793] HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.
12997| [CVE-2002-1658] Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
12998| [CVE-2002-1635] The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin.
12999| [CVE-2002-1593] mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
13000| [CVE-2002-1592] The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.
13001| [CVE-2002-1567] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.
13002| [CVE-2002-1394] Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
13003| [CVE-2002-1233] A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
13004| [CVE-2002-1157] Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.
13005| [CVE-2002-1156] Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled.
13006| [CVE-2002-1148] The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
13007| [CVE-2002-0935] Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
13008| [CVE-2002-0843] Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
13009| [CVE-2002-0840] Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.
13010| [CVE-2002-0839] The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
13011| [CVE-2002-0682] Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
13012| [CVE-2002-0661] Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
13013| [CVE-2002-0658] OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
13014| [CVE-2002-0654] Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs when a script (child process) cannot be invoked.
13015| [CVE-2002-0653] Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
13016| [CVE-2002-0513] The PHP administration script in popper_mod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator.
13017| [CVE-2002-0493] Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
13018| [CVE-2002-0392] Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
13019| [CVE-2002-0259] InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.
13020| [CVE-2002-0249] PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
13021| [CVE-2002-0240] PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
13022| [CVE-2002-0082] The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.
13023| [CVE-2002-0061] Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
13024| [CVE-2001-1556] The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.
13025| [CVE-2001-1534] mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.
13026| [CVE-2001-1510] Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
13027| [CVE-2001-1449] The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
13028| [CVE-2001-1385] The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
13029| [CVE-2001-1342] Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
13030| [CVE-2001-1217] Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
13031| [CVE-2001-1216] Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page.
13032| [CVE-2001-1072] Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.
13033| [CVE-2001-1013] Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
13034| [CVE-2001-0925] The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
13035| [CVE-2001-0829] A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
13036| [CVE-2001-0766] Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
13037| [CVE-2001-0731] Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
13038| [CVE-2001-0730] split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
13039| [CVE-2001-0729] Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
13040| [CVE-2001-0590] Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
13041| [CVE-2001-0131] htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
13042| [CVE-2001-0108] PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
13043| [CVE-2001-0042] PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.
13044| [CVE-2000-1247] The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI.
13045| [CVE-2000-1210] Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
13046| [CVE-2000-1206] Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files.
13047| [CVE-2000-1205] Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant.
13048| [CVE-2000-1204] Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.
13049| [CVE-2000-1168] IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
13050| [CVE-2000-1016] The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
13051| [CVE-2000-0913] mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
13052| [CVE-2000-0883] The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
13053| [CVE-2000-0869] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary diretories via the PROPFIND HTTP request method.
13054| [CVE-2000-0868] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
13055| [CVE-2000-0791] Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.
13056| [CVE-2000-0760] The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
13057| [CVE-2000-0759] Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
13058| [CVE-2000-0628] The source.asp example script in the Apache ASP module Apache::ASP 1.93 and earlier allows remote attackers to modify files.
13059| [CVE-2000-0505] The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
13060| [CVE-1999-1412] A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
13061| [CVE-1999-1293] mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
13062| [CVE-1999-1237] Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
13063| [CVE-1999-1199] Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
13064| [CVE-1999-1053] guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
13065| [CVE-1999-0926] Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
13066| [CVE-1999-0678] A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
13067| [CVE-1999-0448] IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
13068| [CVE-1999-0289] The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
13069| [CVE-1999-0236] ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
13070| [CVE-1999-0107] Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
13071| [CVE-1999-0071] Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
13072|
13073| SecurityFocus - https://www.securityfocus.com/bid/:
13074| [104554] Apache HBase CVE-2018-8025 Security Bypass Vulnerability
13075| [104465] Apache Geode CVE-2017-15695 Remote Code Execution Vulnerability
13076| [104418] Apache Storm CVE-2018-8008 Arbitrary File Write Vulnerability
13077| [104399] Apache Storm CVE-2018-1332 User Impersonation Vulnerability
13078| [104348] Apache UIMA CVE-2017-15691 XML External Entity Injection Vulnerability
13079| [104313] Apache NiFi XML External Entity Injection and Denial of Service Vulnerability
13080| [104259] Apache Geode CVE-2017-12622 Authorization Bypass Vulnerability
13081| [104257] Apache Sling XSS Protection API CVE-2017-15717 Cross Site Scripting Vulnerability
13082| [104253] Apache ZooKeeper CVE-2018-8012 Security Bypass Vulnerability
13083| [104252] Apache Batik CVE-2018-8013 Information Disclosure Vulnerability
13084| [104239] Apache Solr CVE-2018-8010 XML External Entity Multiple Information Disclosure Vulnerabilities
13085| [104215] Apache ORC CVE-2018-8015 Denial of Service Vulnerability
13086| [104203] Apache Tomcat CVE-2018-8014 Security Bypass Vulnerability
13087| [104161] Apache Ambari CVE-2018-8003 Directory Traversal Vulnerability
13088| [104140] Apache Derby CVE-2018-1313 Security Bypass Vulnerability
13089| [104135] Apache Tika CVE-2018-1338 Denial of Service Vulnerability
13090| [104008] Apache Fineract CVE-2018-1291 SQL Injection Vulnerability
13091| [104007] Apache Fineract CVE-2018-1292 SQL Injection Vulnerability
13092| [104005] Apache Fineract CVE-2018-1289 SQL Injection Vulnerability
13093| [104001] Apache Tika CVE-2018-1335 Remote Command Injection Vulnerability
13094| [103975] Apache Fineract CVE-2018-1290 SQL Injection Vulnerability
13095| [103974] Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
13096| [103772] Apache Traffic Server CVE-2017-7671 Denial of Service Vulnerability
13097| [103770] Apache Traffic Server CVE-2017-5660 Security Bypass Vulnerability
13098| [103751] Apache Hive CVE-2018-1282 SQL Injection Vulnerability
13099| [103750] Apache Hive CVE-2018-1284 Security Bypass Vulnerability
13100| [103692] Apache Ignite CVE-2018-1295 Arbitrary Code Execution Vulnerability
13101| [103528] Apache HTTP Server CVE-2018-1302 Denial of Service Vulnerability
13102| [103525] Apache HTTP Server CVE-2017-15715 Remote Security Bypass Vulnerability
13103| [103524] Apache HTTP Server CVE-2018-1312 Remote Security Bypass Vulnerability
13104| [103522] Apache HTTP Server CVE-2018-1303 Denial of Service Vulnerability
13105| [103520] Apache HTTP Server CVE-2018-1283 Remote Security Vulnerability
13106| [103516] Apache Struts CVE-2018-1327 Denial of Service Vulnerability
13107| [103515] Apache HTTP Server CVE-2018-1301 Denial of Service Vulnerability
13108| [103512] Apache HTTP Server CVE-2017-15710 Denial of Service Vulnerability
13109| [103508] Apache Syncope CVE-2018-1321 Multiple Remote Code Execution Vulnerabilities
13110| [103507] Apache Syncope CVE-2018-1322 Multiple Information Disclosure Vulnerabilities
13111| [103490] Apache Commons Compress CVE-2018-1324 Multiple Denial Of Service Vulnerabilities
13112| [103434] APACHE Allura CVE-2018-1319 HTTP Response Splitting Vulnerability
13113| [103389] Apache Tomcat JK Connector CVE-2018-1323 Directory Traversal Vulnerability
13114| [103222] Apache CloudStack CVE-2013-4317 Information Disclosure Vulnerability
13115| [103219] Apache Xerces-C CVE-2017-12627 Null Pointer Dereference Denial of Service Vulnerability
13116| [103206] Apache Geode CVE-2017-15693 Remote Code Execution Vulnerability
13117| [103205] Apache Geode CVE-2017-15692 Remote Code Execution Vulnerability
13118| [103170] Apache Tomcat CVE-2018-1304 Security Bypass Vulnerability
13119| [103144] Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
13120| [103102] Apache Oozie CVE-2017-15712 Information Disclosure Vulnerability
13121| [103098] Apache Karaf CVE-2016-8750 LDAP Injection Vulnerability
13122| [103069] Apache Tomcat CVE-2017-15706 Remote Security Weakness
13123| [103068] Apache JMeter CVE-2018-1287 Security Bypass Vulnerability
13124| [103067] Apache Qpid Dispatch Router 'router_core/connections.c' Denial of Service Vulnerability
13125| [103036] Apache CouchDB CVE-2017-12636 Remote Code Execution Vulnerability
13126| [103025] Apache Thrift CVE-2016-5397 Remote Command Injection Vulnerability
13127| [102879] Apache POI CVE-2017-12626 Multiple Denial of Service Vulnerabilities
13128| [102842] Apache NiFi CVE-2017-12632 Host Header Injection Vulnerability
13129| [102815] Apache NiFi CVE-2017-15697 Multiple Cross Site Scripting Vulnerabilities
13130| [102488] Apache Geode CVE-2017-9795 Remote Code Execution Vulnerability
13131| [102229] Apache Sling CVE-2017-15700 Information Disclosure Vulnerability
13132| [102226] Apache Drill CVE-2017-12630 Cross Site Scripting Vulnerability
13133| [102154] Multiple Apache Products CVE-2017-15708 Remote Code Execution Vulnerability
13134| [102127] Apache CXF Fediz CVE-2017-12631 Multiple Cross Site Request Forgery Vulnerabilities
13135| [102041] Apache Qpid Broker-J CVE-2017-15701 Denial of Service Vulnerability
13136| [102040] Apache Qpid Broker CVE-2017-15702 Security Weakness
13137| [102021] Apache Struts CVE-2017-15707 Denial of Service Vulnerability
13138| [101980] EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability
13139| [101876] Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
13140| [101874] Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
13141| [101872] Apache Karaf CVE-2014-0219 Local Denial of Service Vulnerability
13142| [101868] Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
13143| [101859] Apache CXF CVE-2017-12624 Denial of Service Vulnerability
13144| [101844] Apache Sling Servlets Post CVE-2017-11296 Cross Site Scripting Vulnerability
13145| [101686] Apache Hive CVE-2017-12625 Information Disclosure Vulnerability
13146| [101644] Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
13147| [101631] Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
13148| [101630] Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
13149| [101625] Apache jUDDI CVE-2009-1197 Security Bypass Vulnerability
13150| [101623] Apache jUDDI CVE-2009-1198 Cross Site Scripting Vulnerability
13151| [101620] Apache Subversion 'libsvn_fs_fs/fs_fs.c' Denial of Service Vulnerability
13152| [101585] Apache OpenOffice Multiple Remote Code Execution Vulnerabilities
13153| [101577] Apache Wicket CVE-2016-6806 Cross Site Request Forgery Vulnerability
13154| [101575] Apache Wicket CVE-2014-0043 Information Disclosure Vulnerability
13155| [101570] Apache Geode CVE-2017-9797 Information Disclosure Vulnerability
13156| [101562] Apache Derby CVE-2010-2232 Arbitrary File Overwrite Vulnerability
13157| [101560] Apache Portable Runtime Utility CVE-2017-12613 Multiple Information Disclosure Vulnerabilities
13158| [101558] Apache Portable Runtime Utility Local Out-of-Bounds Read Denial of Service Vulnerability
13159| [101532] Apache James CVE-2017-12628 Arbitrary Command Execution Vulnerability
13160| [101516] Apache HTTP Server CVE-2017-12171 Security Bypass Vulnerability
13161| [101261] Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities
13162| [101230] Apache Roller CVE-2014-0030 XML External Entity Injection Vulnerability
13163| [101173] Apache IMPALA CVE-2017-9792 Information Disclosure Vulnerability
13164| [101052] Apache Commons Jelly CVE-2017-12621 Security Bypass Vulnerability
13165| [101027] Apache Mesos CVE-2017-7687 Denial of Service Vulnerability
13166| [101023] Apache Mesos CVE-2017-9790 Denial of Service Vulnerability
13167| [100954] Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
13168| [100946] Apache Wicket CVE-2014-7808 Cross Site Request Forgery Vulnerability
13169| [100901] Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
13170| [100897] Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
13171| [100880] Apache Directory LDAP API CVE-2015-3250 Unspecified Information Disclosure Vulnerability
13172| [100872] Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
13173| [100870] Apache Solr CVE-2017-9803 Remote Privilege Escalation Vulnerability
13174| [100859] puppetlabs-apache CVE-2017-2299 Information Disclosure Vulnerability
13175| [100829] Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability
13176| [100823] Apache Spark CVE-2017-12612 Deserialization Remote Code Execution Vulnerability
13177| [100612] Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
13178| [100611] Apache Struts CVE-2017-9793 Denial of Service Vulnerability
13179| [100609] Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
13180| [100587] Apache Atlas CVE-2017-3155 Cross Frame Scripting Vulnerability
13181| [100581] Apache Atlas CVE-2017-3154 Information Disclosure Vulnerability
13182| [100578] Apache Atlas CVE-2017-3153 Cross Site Scripting Vulnerability
13183| [100577] Apache Atlas CVE-2017-3152 Cross Site Scripting Vulnerability
13184| [100547] Apache Atlas CVE-2017-3151 HTML Injection Vulnerability
13185| [100536] Apache Atlas CVE-2017-3150 Cross Site Scripting Vulnerability
13186| [100449] Apache Pony Mail CVE-2016-4460 Authentication Bypass Vulnerability
13187| [100447] Apache2Triad Multiple Security Vulnerabilities
13188| [100284] Apache Sling Servlets Post CVE-2017-9802 Cross Site Scripting Vulnerability
13189| [100280] Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
13190| [100259] Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
13191| [100256] Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
13192| [100235] Apache Storm CVE-2017-9799 Remote Code Execution Vulnerability
13193| [100082] Apache Commons Email CVE-2017-9801 SMTP Header Injection Vulnerability
13194| [99873] Apache Sling XSS Protection API CVE-2016-6798 XML External Entity Injection Vulnerability
13195| [99870] Apache Sling API CVE-2016-5394 Cross Site Scripting Vulnerability
13196| [99603] Apache Spark CVE-2017-7678 Cross Site Scripting Vulnerability
13197| [99592] Apache OpenMeetings CVE-2017-7685 Security Bypass Vulnerability
13198| [99587] Apache OpenMeetings CVE-2017-7673 Security Bypass Vulnerability
13199| [99586] Apache OpenMeetings CVE-2017-7688 Security Bypass Vulnerability
13200| [99584] Apache OpenMeetings CVE-2017-7684 Denial of Service Vulnerability
13201| [99577] Apache OpenMeetings CVE-2017-7663 Cross Site Scripting Vulnerability
13202| [99576] Apache OpenMeetings CVE-2017-7664 XML External Entity Injection Vulnerability
13203| [99569] Apache HTTP Server CVE-2017-9788 Memory Corruption Vulnerability
13204| [99568] Apache HTTP Server CVE-2017-9789 Denial of Service Vulnerability
13205| [99563] Apache Struts CVE-2017-7672 Denial of Service Vulnerability
13206| [99562] Apache Struts Spring AOP Functionality Denial of Service Vulnerability
13207| [99509] Apache Impala CVE-2017-5652 Information Disclosure Vulnerability
13208| [99508] Apache IMPALA CVE-2017-5640 Authentication Bypass Vulnerability
13209| [99486] Apache Traffic Control CVE-2017-7670 Denial of Service Vulnerability
13210| [99485] Apache Solr CVE-2017-7660 Security Bypass Vulnerability
13211| [99484] Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability
13212| [99292] Apache Ignite CVE-2017-7686 Information Disclosure Vulnerability
13213| [99170] Apache HTTP Server CVE-2017-7679 Buffer Overflow Vulnerability
13214| [99137] Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
13215| [99135] Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability
13216| [99134] Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability
13217| [99132] Apache HTTP Server CVE-2017-7659 Denial of Service Vulnerability
13218| [99112] Apache Thrift CVE-2015-3254 Denial of Service Vulnerability
13219| [99067] Apache Ranger CVE-2016-8751 HTML Injection Vulnerability
13220| [99018] Apache NiFi CVE-2017-7667 Cross Frame Scripting Vulnerability
13221| [99009] Apache NiFi CVE-2017-7665 Cross Site Scripting Vulnerability
13222| [98961] Apache Ranger CVE-2017-7677 Security Bypass Vulnerability
13223| [98958] Apache Ranger CVE-2017-7676 Security Bypass Vulnerability
13224| [98888] Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
13225| [98814] Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability
13226| [98795] Apache Hadoop CVE-2017-7669 Remote Privilege Escalation Vulnerability
13227| [98739] Apache Knox CVE-2017-5646 User Impersonation Vulnerability
13228| [98669] Apache Hive CVE-2016-3083 Security Bypass Vulnerability
13229| [98646] Apache Atlas CVE-2016-8752 Information Disclosure Vulnerability
13230| [98570] Apache Archiva CVE-2017-5657 Multiple Cross-Site Request Forgery Vulnerabilities
13231| [98489] Apache CXF Fediz CVE-2017-7661 Multiple Cross Site Request Forgery Vulnerabilities
13232| [98485] Apache CXF Fediz CVE-2017-7662 Cross Site Request Forgery Vulnerability
13233| [98466] Apache Ambari CVE-2017-5655 Insecure Temporary File Handling Vulnerability
13234| [98365] Apache Cordova For Android CVE-2016-6799 Information Disclosure Vulnerability
13235| [98025] Apache Hadoop CVE-2017-3161 Cross Site Scripting Vulnerability
13236| [98017] Apache Hadoop CVE-2017-3162 Input Validation Vulnerability
13237| [97971] Apache CXF CVE-2017-5656 Information Disclosure Vulnerability
13238| [97968] Apache CXF CVE-2017-5653 Spoofing Vulnerability
13239| [97967] Apache ActiveMQ CVE-2015-7559 Denial of Service Vulnerability
13240| [97949] Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
13241| [97948] Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
13242| [97947] Apache FOP CVE-2017-5661 XML External Entity Information Disclosure Vulnerability
13243| [97945] Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
13244| [97702] Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
13245| [97582] Apache CXF CVE-2016-6812 Cross Site Scripting Vulnerability
13246| [97579] Apache CXF JAX-RS CVE-2016-8739 XML External Entity Injection Vulnerability
13247| [97544] Apache Tomcat CVE-2017-5651 Information Disclosure Vulnerability
13248| [97531] Apache Tomcat CVE-2017-5650 Denial of Service Vulnerability
13249| [97530] Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
13250| [97509] Apache Ignite CVE-2016-6805 Information Disclosure and XML External Entity Injection Vulnerabilities
13251| [97383] Apache Flex BlazeDS CVE-2017-5641 Remote Code Execution Vulnerability
13252| [97378] Apache Geode CVE-2017-5649 Information Disclosure Vulnerability
13253| [97229] Apache Ambari CVE-2016-4976 Local Information Disclosure Vulnerability
13254| [97226] Apache Camel CVE-2017-5643 Server Side Request Forgery Security Bypass Vulnerability
13255| [97184] Apache Ambari CVE-2016-6807 Remote Command Execution Vulnerability
13256| [97179] Apache Camel CVE-2016-8749 Java Deserialization Multiple Remote Code Execution Vulnerabilities
13257| [96983] Apache POI CVE-2017-5644 Denial Of Service Vulnerability
13258| [96895] Apache Tomcat CVE-2016-8747 Information Disclosure Vulnerability
13259| [96731] Apache NiFi CVE-2017-5636 Remote Code Injection Vulnerability
13260| [96730] Apache NiFi CVE-2017-5635 Security Bypass Vulnerability
13261| [96729] Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
13262| [96540] IBM Development Package for Apache Spark CVE-2016-4970 Denial of Service Vulnerability
13263| [96398] Apache CXF CVE-2017-3156 Information Disclosure Vulnerability
13264| [96321] Apache Camel CVE-2017-3159 Remote Code Execution Vulnerability
13265| [96293] Apache Tomcat 'http11/AbstractInputBuffer.java' Denial of Service Vulnerability
13266| [96228] Apache Brooklyn Cross Site Request Forgery and Multiple Cross Site Scripting Vulnerabilities
13267| [95998] Apache Ranger CVE-2016-8746 Security Bypass Vulnerability
13268| [95929] Apache Groovy CVE-2016-6497 Information Disclosure Vulnerability
13269| [95838] Apache Cordova For Android CVE-2017-3160 Man in the Middle Security Bypass Vulnerability
13270| [95675] Apache Struts Remote Code Execution Vulnerability
13271| [95621] Apache NiFi CVE-2106-8748 Cross Site Scripting Vulnerability
13272| [95429] Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
13273| [95335] Apache Hadoop CVE-2016-3086 Information Disclosure Vulnerability
13274| [95168] Apache Wicket CVE-2016-6793 Denial of Service Vulnerability
13275| [95136] Apache Qpid Broker for Java CVE-2016-8741 Remote Information Disclosure Vulnerability
13276| [95078] Apache HTTP Server CVE-2016-0736 Remote Security Vulnerability
13277| [95077] Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability
13278| [95076] Apache HTTP Server CVE-2016-2161 Denial of Service Vulnerability
13279| [95020] Apache Tika CVE-2015-3271 Remote Information Disclosure Vulnerability
13280| [94950] Apache Hadoop CVE-2016-5001 Local Information Disclosure Vulnerability
13281| [94882] Apache ActiveMQ CVE-2016-6810 HTML Injection Vulnerability
13282| [94828] Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
13283| [94766] Apache CouchDB CVE-2016-8742 Local Privilege Escalation Vulnerability
13284| [94657] Apache Struts CVE-2016-8738 Denial of Service Vulnerability
13285| [94650] Apache HTTP Server CVE-2016-8740 Denial of Service Vulnerability
13286| [94588] Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
13287| [94513] Apache Karaf CVE-2016-8648 Remote Code Execution Vulnerability
13288| [94463] Apache Tomcat CVE-2016-8735 Remote Code Execution Vulnerability
13289| [94462] Apache Tomcat CVE-2016-6817 Denial of Service Vulnerability
13290| [94461] Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability
13291| [94418] Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability
13292| [94247] Apache Tika CVE-2016-6809 Remote Code Execution Vulnerability
13293| [94221] Apache Ranger CVE-2016-6815 Local Privilege Escalation Vulnerability
13294| [94145] Apache OpenMeetings CVE-2016-8736 Remote Code Execution Vulnerability
13295| [93945] Apache CloudStack CVE-2016-6813 Authorization Bypass Vulnerability
13296| [93944] Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
13297| [93943] Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
13298| [93942] Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
13299| [93940] Apache Tomcat CVE-2016-6797 Security Bypass Vulnerability
13300| [93939] Apache Tomcat CVE-2016-0762 Information Disclosure Vulnerability
13301| [93774] Apache OpenOffice CVE-2016-6804 DLL Loading Remote Code Execution Vulnerability
13302| [93773] Apache Struts CVE-2016-6795 Directory Traversal Vulnerability
13303| [93478] Apache Tomcat CVE-2016-6325 Local Privilege Escalation Vulnerability
13304| [93472] Apache Tomcat CVE-2016-5425 Insecure File Permissions Vulnerability
13305| [93429] Apache Tomcat JK Connector CVE-2016-6808 Remote Buffer Overflow Vulnerability
13306| [93263] Apache Tomcat CVE-2016-1240 Local Privilege Escalation Vulnerability
13307| [93236] Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
13308| [93142] Apache ActiveMQ Artemis CVE-2016-4978 Remote Code Execution Vulnerability
13309| [93132] Apache Derby CVE-2015-1832 XML External Entity Information Disclosure Vulnerability
13310| [93044] Apache Zookeeper CVE-2016-5017 Buffer Overflow Vulnerability
13311| [92966] Apache Jackrabbit CVE-2016-6801 Cross-Site Request Forgery Vulnerability
13312| [92947] Apache Shiro CVE-2016-6802 Remote Security Bypass Vulnerability
13313| [92905] Apache CXF Fediz CVE-2016-4464 Security Bypass Vulnerability
13314| [92577] Apache Ranger CVE-2016-5395 HTML Injection Vulnerability
13315| [92331] Apache HTTP Server CVE-2016-1546 Remote Denial of Service Vulnerability
13316| [92328] Apache Hive CVE-2016-0760 Multiple Remote Code Execution Vulnerabilities
13317| [92320] Apache APR-util and httpd CVE-2016-6312 Denial of Service Vulnerability
13318| [92100] Apache POI CVE-2016-5000 XML External Entity Injection Vulnerability
13319| [92079] Apache OpenOffice CVE-2016-1513 Remote Code Execution Vulnerability
13320| [91818] Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
13321| [91816] Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
13322| [91788] Apache Qpid Proton CVE-2016-4467 Certificate Verification Security Bypass Vulnerability
13323| [91738] Apache XML-RPC CVE-2016-5003 Remote Code Execution Vulnerability
13324| [91736] Apache XML-RPC Multiple Security Vulnerabilities
13325| [91707] Apache Archiva CVE-2016-5005 HTML Injection Vulnerability
13326| [91703] Apache Archiva CVE-2016-4469 Multiple Cross-Site Request Forgery Vulnerabilities
13327| [91566] Apache HTTP Server CVE-2016-4979 Authentication Bypass Vulnerability
13328| [91537] Apache QPID CVE-2016-4974 Deserialization Security Bypass Vulnerability
13329| [91501] Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
13330| [91453] Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
13331| [91284] Apache Struts CVE-2016-4431 Security Bypass Vulnerability
13332| [91282] Apache Struts CVE-2016-4433 Security Bypass Vulnerability
13333| [91281] Apache Struts CVE-2016-4430 Cross-Site Request Forgery Vulnerability
13334| [91280] Apache Struts CVE-2016-4436 Security Bypass Vulnerability
13335| [91278] Apache Struts CVE-2016-4465 Denial of Service Vulnerability
13336| [91277] Apache Struts Incomplete Fix Remote Code Execution Vulnerability
13337| [91275] Apache Struts CVE-2016-4438 Remote Code Execution Vulnerability
13338| [91217] Apache Continuum 'saveInstallation.action' Command Execution Vulnerability
13339| [91141] Apache CloudStack CVE-2016-3085 Authentication Bypass Vulnerability
13340| [91068] Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
13341| [91067] Apache Struts CVE-2016-1182 Security Bypass Vulnerability
13342| [91024] Apache Shiro CVE-2016-4437 Information Disclosure Vulnerability
13343| [90988] Apache Ranger CVE-2016-2174 SQL Injection Vulnerability
13344| [90961] Apache Struts CVE-2016-3093 Denial of Service Vulnerability
13345| [90960] Apache Struts CVE-2016-3087 Remote Code Execution Vulnerability
13346| [90921] Apache Qpid CVE-2016-4432 Authentication Bypass Vulnerability
13347| [90920] Apache Qpid CVE-2016-3094 Denial of Service Vulnerability
13348| [90902] Apache PDFBox CVE-2016-2175 XML External Entity Injection Vulnerability
13349| [90897] Apache Tika CVE-2016-4434 XML External Entity Injection Vulnerability
13350| [90827] Apache ActiveMQ CVE-2016-3088 Multiple Arbitrary File Upload Vulnerabilities
13351| [90755] Apache Ambari CVE-2016-0707 Multiple Local Information Disclosure Vulnerabilities
13352| [90482] Apache CVE-2004-1387 Local Security Vulnerability
13353| [89762] Apache CVE-2001-1556 Remote Security Vulnerability
13354| [89417] Apache Subversion CVE-2016-2167 Authentication Bypass Vulnerability
13355| [89326] RETIRED: Apache Subversion CVE-2016-2167 Security Bypass Vulnerability
13356| [89320] Apache Subversion CVE-2016-2168 Remote Denial of Service Vulnerability
13357| [88826] Apache Struts CVE-2016-3082 Remote Code Execution Vulnerability
13358| [88797] Apache Cordova For iOS CVE-2015-5208 Arbitrary Code Execution Vulnerability
13359| [88764] Apache Cordova iOS CVE-2015-5207 Multiple Security Bypass Vulnerabilities
13360| [88701] Apache CVE-2001-1449 Remote Security Vulnerability
13361| [88635] Apache CVE-2000-1204 Remote Security Vulnerability
13362| [88590] Apache WWW server CVE-1999-1199 Denial-Of-Service Vulnerability
13363| [88496] Apache CVE-2000-1206 Remote Security Vulnerability
13364| [87828] Apache CVE-1999-1237 Remote Security Vulnerability
13365| [87784] Apache CVE-1999-1293 Denial-Of-Service Vulnerability
13366| [87327] Apache Struts CVE-2016-3081 Remote Code Execution Vulnerability
13367| [86622] Apache Stats CVE-2007-0975 Remote Security Vulnerability
13368| [86399] Apache CVE-2007-1743 Local Security Vulnerability
13369| [86397] Apache CVE-2007-1742 Local Security Vulnerability
13370| [86311] Apache Struts CVE-2016-4003 Cross Site Scripting Vulnerability
13371| [86174] Apache Wicket CVE-2015-5347 Cross Site Scripting Vulnerability
13372| [85971] Apache OFBiz CVE-2016-2170 Java Deserialization Remote Code Execution Vulnerability
13373| [85967] Apache OFBiz CVE-2015-3268 HTML Injection Vulnerability
13374| [85759] Apache Jetspeed CVE-2016-2171 Unauthorized Access Vulnerability
13375| [85758] Apache Jetspeed CVE-2016-0712 Cross Site Scripting Vulnerability
13376| [85756] Apache Jetspeed CVE-2016-0710 Multiple SQL Injection Vulnerabilities
13377| [85755] Apache Jetspeed CVE-2016-0711 Mulitple HTML Injection Vulnerabilities
13378| [85754] Apache Jetspeed CVE-2016-0709 Directory Traversal Vulnerability
13379| [85730] Apache Subversion CVE-2015-5343 Integer Overflow Vulnerability
13380| [85691] Apache Ranger CVE-2016-0735 Security Bypass Vulnerability
13381| [85578] Apache ActiveMQ CVE-2010-1244 Cross-Site Request Forgery Vulnerability
13382| [85554] Apache OpenMeetings CVE-2016-2164 Multiple Information Disclosure Vulnerabilities
13383| [85553] Apache OpenMeetings CVE-2016-0783 Information Disclosure Vulnerability
13384| [85552] Apache OpenMeetings CVE-2016-2163 HTML Injection Vulnerability
13385| [85550] Apache OpenMeetings CVE-2016-0784 Directory Traversal Vulnerability
13386| [85386] Apache Hadoop CVE-2015-7430 Local Privilege Escalation Vulnerability
13387| [85377] Apache Qpid Proton Python API CVE-2016-2166 Man in the Middle Security Bypass Vulnerability
13388| [85205] Apache Solr CVE-2015-8796 Cross Site Scripting Vulnerability
13389| [85203] Apache Solr CVE-2015-8795 Mulitple HTML Injection Vulnerabilities
13390| [85163] Apache Geronimo CVE-2008-0732 Local Security Vulnerability
13391| [85131] Apache Struts 'TextParseUtil.translateVariables()' Method Remote Code Execution Vulnerability
13392| [85070] Apache Struts CVE-2016-2162 Cross Site Scripting Vulnerability
13393| [85066] Apache Struts CVE-2016-0785 Remote Code Execution Vulnerability
13394| [84422] Apache TomEE CVE-2016-0779 Unspecified Security Vulnerability
13395| [84321] Apache ActiveMQ CVE-2016-0734 Clickjacking Vulnerability
13396| [84316] Apache ActiveMQ CVE-2016-0782 Multiple Cross Site Scripting Vulnerabilities
13397| [83910] Apache Wicket CVE-2015-7520 Cross Site Scripting Vulnerability
13398| [83423] Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
13399| [83330] Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
13400| [83329] Apache Tomcat CVE-2015-5174 Directory Traversal Vulnerability
13401| [83328] Apache Tomcat CVE-2015-5345 Directory Traversal Vulnerability
13402| [83327] Apache Tomcat Security Manager CVE-2016-0714 Remote Code Execution Vulnerability
13403| [83326] Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
13404| [83324] Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability
13405| [83323] Apache Tomcat CVE-2015-5346 Session Fixation Vulnerability
13406| [83259] Apache Hadoop CVE-2015-1776 Information Disclosure Vulnerability
13407| [83243] Apache Solr CVE-2015-8797 Cross Site Scripting Vulnerability
13408| [83119] Apache Sling CVE-2016-0956 Information Disclosure Vulnerability
13409| [83002] Apache CVE-2000-1205 Cross-Site Scripting Vulnerability
13410| [82871] Apache Ranger Authentication Bypass and Security Bypass Vulnerabilities
13411| [82800] Apache CloudStack CVE-2015-3251 Information Disclosure Vulnerability
13412| [82798] Apache CloudStack CVE-2015-3252 Authentication Bypass Vulnerability
13413| [82732] Apache Gallery CVE-2003-0771 Local Security Vulnerability
13414| [82676] Apache CVE-2003-1581 Cross-Site Scripting Vulnerability
13415| [82550] Apache Struts CVE-2015-5209 Security Bypass Vulnerability
13416| [82300] Apache Subversion CVE-2015-5259 Integer Overflow Vulnerability
13417| [82260] Apache Camel CVE-2015-5344 Remote Code Execution Vulnerability
13418| [82234] Apache Hive CVE-2015-7521 Security Bypass Vulnerability
13419| [82082] Apache CVE-1999-0289 Remote Security Vulnerability
13420| [81821] Apache Distribution for Solaris CVE-2007-2080 SQL-Injection Vulnerability
13421| [80696] Apache Camel CVE-2015-5348 Information Disclosure Vulnerability
13422| [80525] Apache CVE-2003-1580 Remote Security Vulnerability
13423| [80354] Drupal Apache Solr Search Module Access Bypass Vulnerability
13424| [80193] Apache CVE-1999-0107 Denial-Of-Service Vulnerability
13425| [79812] Apache Directory Studio CVE-2015-5349 Command Injection Vulnerability
13426| [79744] Apache HBase CVE-2015-1836 Unauthorized Access Vulnerability
13427| [79204] Apache TomEE 'EjbObjectInputStream' Remote Code Execution Vulnerability
13428| [77679] Apache Cordova For Android CVE-2015-8320 Weak Randomization Security Bypass Vulnerability
13429| [77677] Apache Cordova For Android CVE-2015-5256 Security Bypass Vulnerability
13430| [77591] Apache CXF SAML SSO Processing CVE-2015-5253 Security Bypass Vulnerability
13431| [77521] Apache Commons Collections 'InvokerTransformer.java' Remote Code Execution Vulnerability
13432| [77110] Apache HttpComponents HttpClient CVE-2015-5262 Denial of Service Vulnerability
13433| [77086] Apache Ambari CVE-2015-1775 Server Side Request Forgery Security Bypass Vulnerability
13434| [77085] Apache Ambari CVE-2015-3270 Remote Privilege Escalation Vulnerability
13435| [77082] Apache Ambari 'targetURI' Parameter Open Redirection Vulnerability
13436| [77059] Apache Ambari CVE-2015-3186 Cross Site Scripting Vulnerability
13437| [76933] Apache James Server Unspecified Command Execution Vulnerability
13438| [76832] Apache cordova-plugin-file-transfer CVE-2015-5204 HTTP Header Injection Vulnerability
13439| [76625] Apache Struts CVE-2015-5169 Cross Site Scripting Vulnerability
13440| [76624] Apache Struts CVE-2015-2992 Cross Site Scripting Vulnerability
13441| [76522] Apache Tapestry CVE-2014-1972 Security Bypass Vulnerability
13442| [76486] Apache CXF Fediz CVE-2015-5175 Denial of Service Vulnerability
13443| [76452] Apache ActiveMQ CVE-2015-1830 Directory Traversal Vulnerability
13444| [76446] Apache Subversion 'libsvn_fs_fs/tree.c' Denial of Service Vulnerability
13445| [76274] Apache Subversion CVE-2015-3184 Information Disclosure Vulnerability
13446| [76273] Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
13447| [76272] Apache ActiveMQ CVE-2014-3576 Denial of Service Vulnerability
13448| [76221] Apache Ranger CVE-2015-0266 Access Bypass Vulnerability
13449| [76208] Apache Ranger CVE-2015-0265 JavaScript Code Injection Vulnerability
13450| [76025] Apache ActiveMQ Artemis CVE-2015-3208 XML External Entity Information Disclosure Vulnerability
13451| [75965] Apache HTTP Server CVE-2015-3185 Security Bypass Vulnerability
13452| [75964] Apache HTTP Server CVE-2015-0253 Remote Denial of Service Vulnerability
13453| [75963] Apache HTTP Server CVE-2015-3183 Security Vulnerability
13454| [75940] Apache Struts CVE-2015-1831 Security Bypass Vulnerability
13455| [75919] Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
13456| [75338] Apache Storm CVE-2015-3188 Remote Code Execution Vulnerability
13457| [75275] Drupal Apache Solr Real-Time Module Access Bypass Vulnerability
13458| [74866] Apache Cordova For Android CVE-2015-1835 Security Bypass Vulnerability
13459| [74839] Apache Sling API and Sling Servlets CVE-2015-2944 Cross Site Scripting Vulnerability
13460| [74761] Apache Jackrabbit CVE-2015-1833 XML External Entity Information Disclosure Vulnerability
13461| [74686] Apache Ambari '/var/lib/ambari-server/ambari-env.sh' Local Privilege Escalation Vulnerability
13462| [74665] Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
13463| [74475] Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
13464| [74423] Apache Struts CVE-2015-0899 Security Bypass Vulnerability
13465| [74338] Apache OpenOffice HWP Filter Memory Corruption Vulnerability
13466| [74265] Apache Tomcat 'mod_jk' CVE-2014-8111 Information Disclosure Vulnerability
13467| [74260] Apache Subversion CVE-2015-0248 Multiple Denial of Service Vulnerabilities
13468| [74259] Apache Subversion 'deadprops.c' Security Bypass Vulnerability
13469| [74204] PHP 'sapi/apache2handler/sapi_apache2.c' Remote Code Execution Vulnerability
13470| [74158] Apache HTTP Server 'protocol.c' Remote Denial of Service Vulnerability
13471| [73954] Apache Flex 'asdoc/templates/index.html' Cross Site Scripting Vulnerability
13472| [73851] Apache2 CVE-2012-0216 Cross-Site Scripting Vulnerability
13473| [73478] Apache Cassandra CVE-2015-0225 Remote Code Execution Vulnerability
13474| [73041] Apache HTTP Server 'mod_lua' Module Denial of Service Vulnerability
13475| [73040] Apache HTTP Server 'mod_lua.c' Local Access Bypass Vulnerability
13476| [72809] Apache Standard Taglibs CVE-2015-0254 XML External Entity Injection Vulnerability
13477| [72717] Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
13478| [72557] Apache WSS4J CVE-2015-0227 Security Bypass Vulnerability
13479| [72553] Apache WSS4J CVE-2015-0226 Information Disclosure Vulnerability
13480| [72513] Apache ActiveMQ CVE-2014-3612 LDAP Authentication Bypass Vulnerability
13481| [72511] Apache ActiveMQ CVE-2014-8110 Multiple Cross Site Scripting Vulnerabilities
13482| [72510] Apache ActiveMQ CVE-2014-3600 XML External Entity Injection Vulnerability
13483| [72508] Apache ActiveMQ Apollo CVE-2014-3579 XML External Entity Injection Vulnerability
13484| [72319] Apache Qpid CVE-2015-0223 Security Bypass Vulnerability
13485| [72317] Apache Qpid CVE-2015-0224 Incomplete Fix Multiple Denial of Service Vulnerabilities
13486| [72115] Apache Santuario 'XML Signature Verification' Security Bypass Vulnerability
13487| [72053] Apache HTTP Server 'mod_remoteip.c' IP Address Spoofing Vulnerability
13488| [72030] Apache Qpid CVE-2015-0203 Multiple Denial of Service Vulnerabilities
13489| [71879] Apache Traffic Server 'HttpTransact.cc' Denial of Service Vulnerability
13490| [71726] Apache Subversion CVE-2014-3580 Remote Denial of Service Vulnerability
13491| [71725] Apache Subversion CVE-2014-8108 Remote Denial of Service Vulnerability
13492| [71657] Apache HTTP Server 'mod_proxy_fcgi' Module Denial of Service Vulnerability
13493| [71656] Apache HTTP Server 'mod_cache' Module Denial of Service Vulnerability
13494| [71548] Apache Struts CVE-2014-7809 Security Bypass Vulnerability
13495| [71466] Apache Hadoop CVE-2014-3627 Information Disclosure Vulnerability
13496| [71353] Apache HTTP Server 'LuaAuthzProvider' Authorization Bypass Vulnerability
13497| [71004] Apache Qpid CVE-2014-3629 XML External Entity Injection Vulnerability
13498| [70970] Apache Traffic Server Cross Site Scripting Vulnerability
13499| [70738] Apache CXF CVE-2014-3584 Denial of Service Vulnerability
13500| [70736] Apache CXF SAML SubjectConfirmation Security Bypass Vulnerability
13501| [69728] Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
13502| [69648] Apache POI CVE-2014-3574 Denial Of Service Vulnerability
13503| [69647] Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
13504| [69351] Apache OpenOffice Calc CVE-2014-3524 Command Injection Vulnerability
13505| [69295] Apache Axis Incomplete Fix CVE-2014-3596 SSL Certificate Validation Security Bypass Vulnerability
13506| [69286] Apache OFBiz CVE-2014-0232 Multiple Cross Site Scripting Vulnerabilities
13507| [69258] Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
13508| [69257] Apache HttpComponents Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
13509| [69248] Apache HTTP Server CVE-2013-4352 Remote Denial of Service Vulnerability
13510| [69237] Apache Subversion CVE-2014-3522 SSL Certificate Validation Information Disclosure Vulnerability
13511| [69173] Apache Traffic Server CVE-2014-3525 Unspecified Security Vulnerability
13512| [69046] Apache Cordova For Android CVE-2014-3502 Information Disclosure Vulnerability
13513| [69041] Apache Cordova For Android CVE-2014-3501 Security Bypass Vulnerability
13514| [69038] Apache Cordova For Android CVE-2014-3500 Security Bypass Vulnerability
13515| [68995] Apache Subversion CVE-2014-3528 Insecure Authentication Weakness
13516| [68966] Apache Subversion 'irkerbridge.py' Local Privilege Escalation Vulnerability
13517| [68965] Apache Subversion 'svnwcsub.py' Local Privilege Escalation Vulnerability
13518| [68863] Apache HTTP Server 'mod_cache' Module Remote Denial of Service Vulnerability
13519| [68747] Apache HTTP Server CVE-2014-3523 Remote Denial of Service Vulnerability
13520| [68745] Apache HTTP Server CVE-2014-0118 Remote Denial of Service Vulnerability
13521| [68742] Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
13522| [68740] Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
13523| [68678] Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
13524| [68445] Apache CXF UsernameToken Information Disclosure Vulnerability
13525| [68441] Apache CXF SAML Tokens Validation Security Bypass Vulnerability
13526| [68431] Apache Syncope CVE-2014-3503 Insecure Password Generation Weakness
13527| [68229] Apache Harmony PRNG Entropy Weakness
13528| [68111] Apache 'mod_wsgi' Module Privilege Escalation Vulnerability
13529| [68072] Apache Tomcat CVE-2014-0186 Remote Denial of Service Vulnerability
13530| [68039] Apache Hive CVE-2014-0228 Security Bypass Vulnerability
13531| [67673] Apache Tomcat CVE-2014-0095 AJP Request Remote Denial Of Service Vulnerability
13532| [67671] Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
13533| [67669] Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
13534| [67668] Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
13535| [67667] Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
13536| [67534] Apache 'mod_wsgi' Module CVE-2014-0242 Information Disclosure Vulnerability
13537| [67532] Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
13538| [67530] Apache Solr Search Template Cross Site Scripting Vulnerability
13539| [67236] Apache CXF CVE-2014-0109 Remote Denial of Service Vulnerability
13540| [67232] Apache CXF CVE-2014-0110 Denial of Service Vulnerability
13541| [67121] Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
13542| [67081] Apache Struts 'getClass()' Method Security Bypass Vulnerability
13543| [67064] Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
13544| [67013] Apache Zookeeper CVE-2014-0085 Local Information Disclosure Vulnerability
13545| [66998] Apache Archiva CVE-2013-2187 Unspecified Cross Site Scripting Vulnerability
13546| [66991] Apache Archiva CVE-2013-2187 HTML Injection Vulnerability
13547| [66927] Apache Syncope CVE-2014-0111 Remote Code Execution Vulnerability
13548| [66474] Apache CouchDB Universally Unique IDentifier (UUID) Remote Denial of Service Vulnerability
13549| [66397] Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
13550| [66303] Apache HTTP Server Multiple Denial of Service Vulnerabilities
13551| [66041] RETIRED: Apache Struts CVE-2014-0094 Classloader Manipulation Security Bypass Vulnerability
13552| [65999] Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
13553| [65967] Apache Cordova File-Transfer Unspecified Security Vulnerability
13554| [65959] Apache Cordova InAppBrowser Remote Privilege Escalation Vulnerability
13555| [65935] Apache Shiro 'login.jsp' Authentication Bypass Vulnerability
13556| [65902] Apache Camel CVE-2014-0003 Remote Code Execution Vulnerability
13557| [65901] Apache Camel CVE-2014-0002 XML External Entity Information Disclosure Vulnerability
13558| [65773] Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
13559| [65769] Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
13560| [65768] Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
13561| [65767] Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
13562| [65615] Apache ActiveMQ 'refresh' Parameter Cross Site Scripting Vulnerability
13563| [65434] Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
13564| [65431] Apache Wicket CVE-2013-2055 Information Disclosure Vulnerability
13565| [65400] Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
13566| [64782] Apache CloudStack Virtual Router Component Security Bypass Vulnerability
13567| [64780] Apache CloudStack Unauthorized Access Vulnerability
13568| [64617] Apache Libcloud Digital Ocean API Local Information Disclosure Vulnerability
13569| [64437] Apache Santuario XML Security For JAVA XML Signature Denial of Service Vulnerability
13570| [64427] Apache Solr Multiple XML External Entity Injection Vulnerabilities
13571| [64009] Apache Solr CVE-2013-6408 XML External Entity Injection Vulnerability
13572| [64008] Apache Solr CVE-2013-6407 XML External Entity Injection Vulnerability
13573| [63981] Apache Subversion 'mod_dav_svn' Module Denial of Service Vulnerability
13574| [63966] Apache Subversion CVE-2013-4505 Security Bypass Vulnerability
13575| [63963] Apache Roller CVE-2013-4171 Cross Site Scripting Vulnerability
13576| [63935] Apache Solr 'SolrResourceLoader' Directory Traversal Vulnerability
13577| [63928] Apache Roller CVE-2013-4212 OGNL Expression Injection Remote Code Execution Vulnerability
13578| [63515] Apache Tomcat Manager Component CVE-2013-6357 Cross Site Request Forgery Vulnerability
13579| [63403] Apache Struts Multiple Cross Site Scripting Vulnerabilities
13580| [63400] Apache 'mod_pagespeed' Module Unspecified Cross Site Scripting Vulnerability
13581| [63260] Apache Shindig CVE-2013-4295 XML External Entity Information Disclosure Vulnerability
13582| [63241] Apache Sling 'AbstractAuthenticationFormServlet' Open Redirection Vulnerability
13583| [63174] Apache Commons FileUpload 'DiskFileItem' Class Null Byte Arbitrary File Write Vulnerability
13584| [62939] Apache 'mod_fcgid' Module CVE-2013-4365 Heap Buffer Overflow Vulnerability
13585| [62903] Apache Sling 'deepGetOrCreateNode()' Function Denial Of Service Vulnerability
13586| [62706] Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
13587| [62677] Apache 'mod_accounting' Module CVE-2013-5697 SQL Injection Vulnerability
13588| [62674] TYPO3 Apache Solr Unspecified Cross Site Scripting and PHP Code Execution Vulnerabilities
13589| [62587] Apache Struts CVE-2013-4316 Remote Code Execution Vulnerability
13590| [62584] Apache Struts CVE-2013-4310 Security Bypass Vulnerability
13591| [62266] Apache Subversion CVE-2013-4277 Insecure Temporary File Creation Vulnerability
13592| [61984] Apache Hadoop RPC Authentication CVE-2013-2192 Man in the Middle Security Bypass Vulnerability
13593| [61981] Apache HBase RPC Authentication Man In The Middle Security Bypass Vulnerability
13594| [61638] Apache CloudStack CVE-2013-2136 Multiple Cross Site Scripting Vulnerabilities
13595| [61454] Apache Subversion CVE-2013-4131 Denial Of Service Vulnerability
13596| [61379] Apache HTTP Server CVE-2013-2249 Unspecified Remote Security Vulnerability
13597| [61370] Apache OFBiz CVE-2013-2317 'View Log' Cross Site Scripting Vulnerability
13598| [61369] Apache OFBiz Nested Expression Remote Code Execution Vulnerability
13599| [61196] Apache Struts CVE-2013-2248 Multiple Open Redirection Vulnerabilities
13600| [61189] Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
13601| [61129] Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
13602| [61030] Apache CXF CVE-2013-2160 Multiple Remote Denial of Service Vulnerabilities
13603| [60875] Apache Geronimo RMI Classloader Security Bypass Vulnerability
13604| [60846] Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
13605| [60817] Apache Santuario XML Security for C++ CVE-2013-2210 Heap Buffer Overflow Vulnerability
13606| [60800] Apache Qpid Python Client SSL Certificate Verification Information Disclosure Vulnerability
13607| [60599] Apache Santuario XML Security for C++ CVE-2013-2156 Remote Heap Buffer Overflow Vulnerability
13608| [60595] Apache Santuario XML Security for C++ XML Signature CVE-2013-2155 Denial of Service Vulnerability
13609| [60594] Apache Santuario XML Security for C++ CVE-2013-2154 Stack Buffer Overflow Vulnerability
13610| [60592] Apache Santuario XML Security for C++ XML Signature CVE-2013-2153 Security Bypass Vulnerability
13611| [60534] Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
13612| [60346] Apache Struts CVE-2013-2134 OGNL Expression Injection Vulnerability
13613| [60345] Apache Struts CVE-2013-2135 OGNL Expression Injection Vulnerability
13614| [60267] Apache Subversion CVE-2013-1968 Remote Denial of Service Vulnerability
13615| [60265] Apache Subversion CVE-2013-2088 Command Injection Vulnerability
13616| [60264] Apache Subversion CVE-2013-2112 Remote Denial of Service Vulnerability
13617| [60187] Apache Tomcat DIGEST Authentication CVE-2013-2051 Incomplete Fix Security Weakness
13618| [60186] Apache Tomcat CVE-2013-1976 Insecure Temporary File Handling Vulnerability
13619| [60167] Apache Struts 'includeParams' CVE-2013-2115 Incomplete Fix Security Bypass Vulnerability
13620| [60166] Apache Struts 'includeParams' CVE-2013-1966 Security Bypass Vulnerability
13621| [60082] Apache Struts 'ParameterInterceptor' Class OGNL CVE-2013-1965 Security Bypass Vulnerability
13622| [59826] Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
13623| [59799] Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
13624| [59798] Apache Tomcat CVE-2013-2071 Information Disclosure Vulnerability
13625| [59797] Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
13626| [59670] Apache VCL Multiple Input Validation Vulnerabilities
13627| [59464] Apache CloudStack CVE-2013-2758 Hash Information Disclosure Vulnerability
13628| [59463] Apache CloudStack CVE-2013-2756 Authentication Bypass Vulnerability
13629| [59402] Apache ActiveMQ CVE-2013-3060 Information Disclosure and Denial of Service Vulnerability
13630| [59401] Apache ActiveMQ CVE-2012-6551 Denial of Service Vulnerability
13631| [59400] Apache ActiveMQ CVE-2012-6092 Multiple Cross Site Scripting Vulnerabilities
13632| [58898] Apache Subversion CVE-2013-1884 Remote Denial of Service Vulnerability
13633| [58897] Apache Subversion 'mod_dav_svn/lock.c' Remote Denial of Service Vulnerability
13634| [58895] Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability
13635| [58455] Apache Rave User RPC API CVE-2013-1814 Information Disclosure Vulnerability
13636| [58379] Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
13637| [58378] Apache Qpid CVE-2012-4460 Denial of Service Vulnerability
13638| [58376] Apache Qpid CVE-2012-4458 Denial of Service Vulnerability
13639| [58337] Apache Qpid CVE-2012-4459 Denial of Service Vulnerability
13640| [58326] Apache Commons FileUpload CVE-2013-0248 Insecure Temporary File Creation Vulnerability
13641| [58325] Debian Apache HTTP Server CVE-2013-1048 Symlink Attack Local Privilege Escalation Vulnerability
13642| [58323] Apache Subversion 'svn_fs_file_length()' Remote Denial of Service Vulnerability
13643| [58165] Apache HTTP Server Multiple Cross Site Scripting Vulnerabilities
13644| [58136] Apache Maven CVE-2013-0253 SSL Certificate Validation Security Bypass Vulnerability
13645| [58124] Apache Tomcat 'log/logdir' Directory Insecure File Permissions Vulnerability
13646| [58073] Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
13647| [57876] Apache CXF WS-SecurityPolicy Authentication Bypass Vulnerability
13648| [57874] Apache CXF CVE-2012-5633 Security Bypass Vulnerability
13649| [57463] Apache OFBiz CVE-2013-0177 Multiple Cross Site Scripting Vulnerabilities
13650| [57425] Apache CXF CVE-2012-5786 SSL Certificate Validation Security Bypass Vulnerability
13651| [57321] Apache CouchDB CVE-2012-5650 Cross Site Scripting Vulnerability
13652| [57314] Apache CouchDB CVE-2012-5649 Remote Code Execution Vulnerability
13653| [57267] Apache Axis2/C SSL Certificate Validation Security Bypass Vulnerability
13654| [57259] Apache CloudStack CVE-2012-5616 Local Information Disclosure Vulnerability
13655| [56814] Apache Tomcat CVE-2012-4431 Cross-Site Request Forgery Vulnerability
13656| [56813] Apache Tomcat CVE-2012-4534 Denial of Service Vulnerability
13657| [56812] Apache Tomcat CVE-2012-3546 Security Bypass Vulnerability
13658| [56753] Apache Apache HTTP Server 'mod_proxy_ajp Module Denial Of Service Vulnerability
13659| [56686] Apache Tomcat CVE-2012-5568 Denial of Service Vulnerability
13660| [56408] Apache Axis and Axis2/Java SSL Certificate Validation Security Bypass Vulnerability
13661| [56403] Apache Tomcat DIGEST Authentication Multiple Security Weaknesses
13662| [56402] Apache Tomcat CVE-2012-2733 Denial of Service Vulnerability
13663| [56171] Apache OFBiz CVE-2012-3506 Unspecified Security Vulnerability
13664| [55876] Apache CloudStack CVE-2012-4501 Security Bypass Vulnerability
13665| [55628] Apache CXF SOAP Action Spoofing Security Bypass Vulnerability
13666| [55608] Apache Qpid (qpidd) Denial of Service Vulnerability
13667| [55536] Apache 'mod_pagespeed' Module Cross Site Scripting and Security Bypass Vulnerabilities
13668| [55508] Apache Axis2 XML Signature Wrapping Security Vulnerability
13669| [55445] Apache Wicket CVE-2012-3373 Cross Site Scripting Vulnerability
13670| [55346] Apache Struts Cross Site Request Forgery and Denial of Service Vulnerabilities
13671| [55290] Drupal Apache Solr Autocomplete Module Cross Site Scripting Vulnerability
13672| [55165] Apache Struts2 Skill Name Remote Code Execution Vulnerability
13673| [55154] Apache 'mod-rpaf' Module Denial of Service Vulnerability
13674| [55131] Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
13675| [54954] Apache QPID NullAuthenticator Authentication Bypass Vulnerability
13676| [54798] Apache Libcloud Man In The Middle Vulnerability
13677| [54358] Apache Hadoop CVE-2012-3376 Information Disclosure Vulnerability
13678| [54341] Apache Sling CVE-2012-2138 Denial Of Service Vulnerability
13679| [54268] Apache Hadoop Symlink Attack Local Privilege Escalation Vulnerability
13680| [54189] Apache Roller Cross Site Request Forgery Vulnerability
13681| [54187] Apache Roller CVE-2012-2381 Cross Site Scripting Vulnerability
13682| [53880] Apache CXF Child Policies Security Bypass Vulnerability
13683| [53877] Apache CXF Elements Validation Security Bypass Vulnerability
13684| [53676] Apache Commons Compress and Apache Ant CVE-2012-2098 Denial Of Service Vulnerability
13685| [53487] Apache POI CVE-2012-0213 Denial Of Service Vulnerability
13686| [53455] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability
13687| [53305] Apache Qpid CVE-2011-3620 Unauthorized Access Security Bypass Vulnerability
13688| [53046] Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
13689| [53025] Apache OFBiz Unspecified Remote Code Execution Vulnerability
13690| [53023] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
13691| [52939] Apache Hadoop CVE-2012-1574 Unspecified User Impersonation Vulnerability
13692| [52702] Apache Struts2 'XSLTResult.java' Remote Arbitrary File Upload Vulnerability
13693| [52696] Apache Traffic Server HTTP Host Header Handling Heap Based Buffer Overflow Vulnerability
13694| [52680] Apache Wicket 'pageMapName' Parameter Cross Site Scripting Vulnerability
13695| [52679] Apache Wicket Hidden Files Information Disclosure Vulnerability
13696| [52565] Apache 'mod_fcgid' Module Denial Of Service Vulnerability
13697| [52146] TYPO3 Apache Solr Extension Unspecified Cross Site Scripting Vulnerability
13698| [51939] Apache MyFaces 'ln' Parameter Information Disclosure Vulnerability
13699| [51917] Apache APR Hash Collision Denial Of Service Vulnerability
13700| [51902] Apache Struts Multiple HTML Injection Vulnerabilities
13701| [51900] Apache Struts CVE-2012-1007 Multiple Cross Site Scripting Vulnerabilities
13702| [51886] Apache CXF UsernameToken Policy Validation Security Bypass Vulnerability
13703| [51869] Apache HTTP Server CVE-2011-3639 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
13704| [51706] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
13705| [51705] Apache HTTP Server CVE-2012-0021 mod_log_config Denial Of Service Vulnerability
13706| [51628] Apache Struts 'ParameterInterceptor' Class OGNL (CVE-2011-3923) Security Bypass Vulnerability
13707| [51447] Apache Tomcat Parameter Handling Denial of Service Vulnerability
13708| [51442] Apache Tomcat Request Object Security Bypass Vulnerability
13709| [51407] Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
13710| [51257] Apache Struts Remote Command Execution and Arbitrary File Overwrite Vulnerabilities
13711| [51238] Apache Geronimo Hash Collision Denial Of Service Vulnerability
13712| [51200] Apache Tomcat Hash Collision Denial Of Service Vulnerability
13713| [50940] Apache Struts Session Tampering Security Bypass Vulnerability
13714| [50912] RETIRED: Apache MyFaces CVE-2011-4343 Information Disclosure Vulnerability
13715| [50904] Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
13716| [50848] Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability
13717| [50802] Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
13718| [50639] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
13719| [50603] Apache Tomcat Manager Application Security Bypass Vulnerability
13720| [50494] Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
13721| [49957] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
13722| [49762] Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses
13723| [49728] Apache Struts Conversion Error OGNL Expression Evaluation Vulnerability
13724| [49616] Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability
13725| [49470] Apache Tomcat CVE-2007-6286 Duplicate Request Processing Security Vulnerability
13726| [49353] Apache Tomcat AJP Protocol Security Bypass Vulnerability
13727| [49303] Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
13728| [49290] Apache Wicket Cross Site Scripting Vulnerability
13729| [49147] Apache Tomcat CVE-2011-2481 Information Disclosure Vulnerability
13730| [49143] Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
13731| [48667] Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
13732| [48653] Apache 'mod_authnz_external' Module SQL Injection Vulnerability
13733| [48611] Apache XML Security for C++ Signature Key Parsing Denial of Service Vulnerability
13734| [48456] Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
13735| [48015] Apache Archiva Multiple Cross Site Request Forgery Vulnerabilities
13736| [48011] Apache Archiva Multiple Cross Site Scripting and HTML Injection Vulnerabilities
13737| [47929] Apache APR 'apr_fnmatch.c' Denial of Service Vulnerability
13738| [47890] Apache Struts 'javatemplates' Plugin Multiple Cross Site Scripting Vulnerabilities
13739| [47886] Apache Tomcat SecurityConstraints Security Bypass Vulnerability
13740| [47820] Apache APR 'apr_fnmatch()' Denial of Service Vulnerability
13741| [47784] Apache Struts XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability
13742| [47199] Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
13743| [47196] Apache Tomcat Login Constraints Security Bypass Vulnerability
13744| [46974] Apache HttpComponents 'HttpClient' Information Disclosure Vulnerability
13745| [46953] Apache MPM-ITK Module Security Weakness
13746| [46734] Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
13747| [46685] Apache Tomcat '@ServletSecurity' Annotations Security Bypass Vulnerability
13748| [46311] Apache Continuum and Archiva Cross Site Scripting Vulnerability
13749| [46177] Apache Tomcat SecurityManager Security Bypass Vulnerability
13750| [46174] Apache Tomcat HTML Manager Interface HTML Injection Vulnerability
13751| [46166] Apache Tomcat JVM Denial of Service Vulnerability
13752| [46164] Apache Tomcat NIO Connector Denial of Service Vulnerability
13753| [46066] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
13754| [45655] Apache Subversion Server Component Multiple Remote Denial Of Service Vulnerabilities
13755| [45123] Awstats Apache Tomcat Configuration File Remote Arbitrary Command Execution Vulnerability
13756| [45095] Apache Archiva Cross Site Request Forgery Vulnerability
13757| [45015] Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
13758| [44900] Apache 'mod_fcgid' Module Unspecified Stack Buffer Overflow Vulnerability
13759| [44616] Apache Shiro Directory Traversal Vulnerability
13760| [44355] Apache MyFaces Encrypted View State Oracle Padding Security Vulnerability
13761| [44068] Apache::AuthenHook Local Information Disclosure Vulnerability
13762| [43862] Apache QPID SSL Connection Denial of Service Vulnerability
13763| [43673] Apache APR-util 'apr_brigade_split_line()' Denial of Service Vulnerability
13764| [43637] Apache XML-RPC SAX Parser Information Disclosure Vulnerability
13765| [43111] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
13766| [42637] Apache Derby 'BUILTIN' Authentication Insecure Password Hashing Vulnerability
13767| [42501] Apache CouchDB Cross Site Request Forgery Vulnerability
13768| [42492] Apache CXF XML DTD Processing Security Vulnerability
13769| [42121] Apache SLMS Insufficient Quoting Cross Site Request Forgery Vulnerability
13770| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
13771| [41963] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
13772| [41544] Apache Tomcat 'Transfer-Encoding' Information Disclosure and Denial Of Service Vulnerabilities
13773| [41076] Apache Axis2 '/axis2/axis2-admin' Session Fixation Vulnerability
13774| [40976] Apache Axis2 Document Type Declaration Processing Security Vulnerability
13775| [40827] Apache 'mod_proxy_http' Timeout Handling Information Disclosure Vulnerability
13776| [40343] Apache Axis2 'xsd' Parameter Directory Traversal Vulnerability
13777| [40327] Apache Axis2 'engagingglobally' Cross-Site Scripting Vulnerability
13778| [39771] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
13779| [39636] Apache ActiveMQ Source Code Information Disclosure Vulnerability
13780| [39635] Apache Tomcat Authentication Header Realm Name Information Disclosure Vulnerability
13781| [39538] Apache mod_auth_shadow Race Condition Security Bypass Vulnerability
13782| [39489] Apache OFBiz Multiple Cross Site Scripting and HTML Injection Vulnerabilities
13783| [39119] Apache ActiveMQ 'createDestination.action' HTML Injection Vulnerability
13784| [38580] Apache Subrequest Handling Information Disclosure Vulnerability
13785| [38494] Apache 'mod_isapi' Memory Corruption Vulnerability
13786| [38491] Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
13787| [37966] Apache 1.3 mod_proxy HTTP Chunked Encoding Integer Overflow Vulnerability
13788| [37945] Apache Tomcat Host Working Directory WAR File Directory Traversal Vulnerability
13789| [37944] Apache Tomcat WAR File Directory Traversal Vulnerability
13790| [37942] Apache Tomcat Directory Host Appbase Authentication Bypass Vulnerability
13791| [37149] Apache Tomcat 404 Error Page Cross Site Scripting Vulnerability
13792| [37027] RETIRED: Apache APR 'apr_uri_parse_hostinfo' Off By One Remote Code Execution Vulnerability
13793| [36990] Apache HTTP TRACE Cross Site Scripting Vulnerability
13794| [36954] Apache Tomcat Windows Installer Insecure Password Vulnerability
13795| [36889] TYPO3 Apache Solr Search Extension Unspecified Cross Site Scripting Vulnerability
13796| [36596] Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability
13797| [36260] Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
13798| [36254] Apache mod_proxy_ftp Remote Command Injection Vulnerability
13799| [35949] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
13800| [35840] Apache HTTP Server HTTP-Basic Authentication Bypass Vulnerability
13801| [35623] Apache 'mod_deflate' Remote Denial Of Service Vulnerability
13802| [35565] Apache 'mod_proxy' Remote Denial Of Service Vulnerability
13803| [35416] Apache Tomcat XML Parser Information Disclosure Vulnerability
13804| [35263] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
13805| [35253] Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
13806| [35251] Apache APR-util 'apr_brigade_vprintf' Off By One Vulnerability
13807| [35221] Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
13808| [35196] Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
13809| [35193] Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
13810| [35115] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
13811| [34686] Apache Struts Multiple Cross Site Scripting Vulnerabilities
13812| [34663] Apache 'mod_proxy_ajp' Information Disclosure Vulnerability
13813| [34657] Apache Tiles Cross Site Scripting And Information Disclosure Vulnerabilities
13814| [34562] Apache Geronimo Application Server Multiple Remote Vulnerabilities
13815| [34552] Apache ActiveMQ Web Console Multiple Unspecified HTML Injection Vulnerabilities
13816| [34412] Apache Tomcat mod_jk Content Length Information Disclosure Vulnerability
13817| [34399] Apache Struts Unspecified Cross Site Scripting Vulnerability
13818| [34383] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
13819| [33913] Apache Tomcat POST Data Information Disclosure Vulnerability
13820| [33360] Apache Jackrabbit 'q' Parameter Multiple Cross Site Scripting Vulnerabilities
13821| [33110] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
13822| [32657] Novell NetWare ApacheAdmin Security Bypass Vulnerability
13823| [31805] Apache HTTP Server OS Fingerprinting Unspecified Security Vulnerability
13824| [31761] Oracle WebLogic Server Apache Connector Stack Based Buffer Overflow Vulnerability
13825| [31698] Apache Tomcat 'RemoteFilterValve' Security Bypass Vulnerability
13826| [31165] Kolab Groupware Server Apache Log File User Password Information Disclosure Vulnerability
13827| [30560] Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
13828| [30496] Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting Vulnerability
13829| [30494] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
13830| [29653] Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
13831| [29502] Apache Tomcat Host Manager Cross Site Scripting Vulnerability
13832| [28576] Apache-SSL Environment Variable Information Disclosure and Privilege Escalation Vulnerability
13833| [28484] Apache Tomcat Requests Containing MS-DOS Device Names Information Disclosure Vulnerability
13834| [28483] Apache Tomcat 'allowLinking' Accepts NULL Byte in URI Information Disclosure Vulnerability
13835| [28482] Apache Tomcat SSL Anonymous Cipher Configuration Information Disclosure Vulnerability
13836| [28481] Apache Tomcat Cross-Site Scripting Vulnerability
13837| [28477] Apache Tomcat AJP Connector Information Disclosure Vulnerability
13838| [27752] Apache mod_jk2 Host Header Multiple Stack Based Buffer Overflow Vulnerabilities
13839| [27706] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
13840| [27703] Apache Tomcat Parameter Processing Remote Information Disclosure Vulnerability
13841| [27409] Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
13842| [27365] Apache Tomcat SingleSignOn Remote Information Disclosure Vulnerability
13843| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
13844| [27236] Apache 'mod_proxy_balancer' Multiple Vulnerabilities
13845| [27234] Apache 'mod_proxy_ftp' Undefined Charset UTF-7 Cross-Site Scripting Vulnerability
13846| [27006] Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
13847| [26939] Apache HTTP Server Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
13848| [26838] Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
13849| [26762] Apache::AuthCAS Cookie SQL Injection Vulnerability
13850| [26663] Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
13851| [26287] Apache Geronimo SQLLoginModule Authentication Bypass Vulnerability
13852| [26070] Apache Tomcat WebDav Remote Information Disclosure Vulnerability
13853| [25804] Apache Geronimo Management EJB Security Bypass Vulnerability
13854| [25653] Apache Mod_AutoIndex.C Undefined Charset Cross-Site Scripting Vulnerability
13855| [25531] Apache Tomcat Cal2.JSP Cross-Site Scripting Vulnerability
13856| [25489] Apache HTTP Server Mod_Proxy Denial of Service Vulnerability
13857| [25316] Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities
13858| [25314] Apache Tomcat Host Manager Servlet Cross Site Scripting Vulnerability
13859| [25174] Apache Tomcat Error Message Reporting Cross Site Scripting Vulnerability
13860| [24999] Apache Tomcat SendMailServlet Cross-Site Scripting Vulnerability
13861| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
13862| [24649] Apache HTTP Server Mod_Cache Denial of Service Vulnerability
13863| [24645] Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
13864| [24553] Apache Mod_Mem_Cache Information Disclosure Vulnerability
13865| [24524] Apache Tomcat Accept-Language Cross Site Scripting Vulnerability
13866| [24480] Apache MyFaces Tomahawk JSF Framework Autoscroll Parameter Cross Site Scripting Vulnerability
13867| [24476] Apache Tomcat JSP Example Web Applications Cross Site Scripting Vulnerability
13868| [24475] Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability
13869| [24215] Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
13870| [24147] Apache Tomcat JK Connector Double Encoding Security Bypass Vulnerability
13871| [24058] Apache Tomcat Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
13872| [23687] Apache AXIS Non-Existent WSDL Path Information Disclosure Vulnerability
13873| [23438] Apache HTTPD suEXEC Local Multiple Privilege Escalation Weaknesses
13874| [22960] Apache HTTP Server Tomcat Directory Traversal Vulnerability
13875| [22849] Apache mod_python Output Filter Mode Information Disclosure Vulnerability
13876| [22791] Apache Tomcat Mod_JK.SO Arbitrary Code Execution Vulnerability
13877| [22732] Debian Apache Root Shell Local Privilege Escalation Vulnerabilities
13878| [22388] Apache Stats Extract Function Multiple Input Validation Vulnerabilities
13879| [21865] Apache And Microsoft IIS Range Denial of Service Vulnerability
13880| [21214] Apache Mod_Auth_Kerb Off-By-One Denial of Service Vulnerability
13881| [20527] Apache Mod_TCL Remote Format String Vulnerability
13882| [19661] Apache HTTP Server Arbitrary HTTP Request Headers Security Weakness
13883| [19447] Apache CGI Script Source Code Information Disclosure Vulnerability
13884| [19204] Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability
13885| [19106] Apache Tomcat Information Disclosure Vulnerability
13886| [18138] Apache James SMTP Denial Of Service Vulnerability
13887| [17342] Apache Struts Multiple Remote Vulnerabilities
13888| [17095] Apache Log4Net Denial Of Service Vulnerability
13889| [16916] Apache mod_python FileSession Code Execution Vulnerability
13890| [16710] Apache Libapreq2 Quadratic Behavior Denial of Service Vulnerability
13891| [16260] Apache Geronimo Multiple Input Validation Vulnerabilities
13892| [16153] Apache mod_auth_pgsql Multiple Format String Vulnerabilities
13893| [16152] Apache Mod_SSL Custom Error Document Remote Denial Of Service Vulnerability
13894| [15834] Apache 'mod_imap' Referer Cross-Site Scripting Vulnerability
13895| [15765] Apache James Spooler Memory Leak Denial Of Service Vulnerability
13896| [15762] Apache MPM Worker.C Denial Of Service Vulnerability
13897| [15512] Apache Struts Error Response Cross-Site Scripting Vulnerability
13898| [15413] PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
13899| [15325] Apache Tomcat Simultaneous Directory Listing Denial Of Service Vulnerability
13900| [15224] Apache Mod_Auth_Shadow Authentication Bypass Vulnerability
13901| [15177] PHP Apache 2 Local Denial of Service Vulnerability
13902| [14982] ApacheTop Insecure Temporary File Creation Vulnerability
13903| [14721] Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
13904| [14660] Apache CGI Byterange Request Denial of Service Vulnerability
13905| [14366] Apache mod_ssl CRL Handling Off-By-One Buffer Overflow Vulnerability
13906| [14106] Apache HTTP Request Smuggling Vulnerability
13907| [13778] Apache HTPasswd Password Command Line Argument Buffer Overflow Vulnerability
13908| [13777] Apache HTPasswd User Command Line Argument Buffer Overflow Vulnerability
13909| [13756] Apache Tomcat Java Security Manager Bypass Vulnerability
13910| [13537] Apache HTDigest Realm Command Line Argument Buffer Overflow Vulnerability
13911| [12877] Apache mod_ssl ssl_io_filter_cleanup Remote Denial Of Service Vulnerability
13912| [12795] Apache Tomcat Remote Malformed Request Denial Of Service Vulnerability
13913| [12619] Apache Software Foundation Batik Squiggle Browser Access Validation Vulnerability
13914| [12519] Apache mod_python Module Publisher Handler Information Disclosure Vulnerability
13915| [12308] Apache Utilities Insecure Temporary File Creation Vulnerability
13916| [12217] Apache mod_auth_radius Malformed RADIUS Server Reply Integer Overflow Vulnerability
13917| [12181] Mod_DOSEvasive Apache Module Local Insecure Temporary File Creation Vulnerability
13918| [11803] Apache Jakarta Results.JSP Remote Cross-Site Scripting Vulnerability
13919| [11471] Apache mod_include Local Buffer Overflow Vulnerability
13920| [11360] Apache mod_ssl SSLCipherSuite Restriction Bypass Vulnerability
13921| [11239] Apache Satisfy Directive Access Control Bypass Vulnerability
13922| [11187] Apache Web Server Remote IPv6 Buffer Overflow Vulnerability
13923| [11185] Apache Mod_DAV LOCK Denial Of Service Vulnerability
13924| [11182] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
13925| [11154] Apache mod_ssl Remote Denial of Service Vulnerability
13926| [11094] Apache mod_ssl Denial Of Service Vulnerability
13927| [10789] Apache mod_userdir Module Information Disclosure Vulnerability
13928| [10736] Apache 'mod_ssl' Log Function Format String Vulnerability
13929| [10619] Apache ap_escape_html Memory Allocation Denial Of Service Vulnerability
13930| [10508] Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability
13931| [10478] ClueCentral Apache Suexec Patch Security Weakness
13932| [10355] Apache 'mod_ssl' 'ssl_util_uuencode_binary()' Stack Buffer Overflow Vulnerability
13933| [10212] Apache mod_auth Malformed Password Potential Memory Corruption Vulnerability
13934| [9933] Apache mod_disk_cache Module Client Authentication Credential Storage Weakness
13935| [9930] Apache Error and Access Logs Escape Sequence Injection Vulnerability
13936| [9921] Apache Connection Blocking Denial Of Service Vulnerability
13937| [9885] Apache Mod_Security Module SecFilterScanPost Off-By-One Buffer Overflow Vulnerability
13938| [9874] Apache HTAccess LIMIT Directive Bypass Configuration Error Weakness
13939| [9829] Apache Mod_Access Access Control Rule Bypass Vulnerability
13940| [9826] Apache Mod_SSL HTTP Request Remote Denial Of Service Vulnerability
13941| [9733] Apache Cygwin Directory Traversal Vulnerability
13942| [9599] Apache mod_php Global Variables Information Disclosure Weakness
13943| [9590] Apache-SSL Client Certificate Forging Vulnerability
13944| [9571] Apache mod_digest Client-Supplied Nonce Verification Vulnerability
13945| [9471] Apache mod_perl Module File Descriptor Leakage Vulnerability
13946| [9404] Mod-Auth-Shadow Apache Module Expired User Credential Weakness
13947| [9302] Apache mod_php Module File Descriptor Leakage Vulnerability
13948| [9129] Apache mod_python Module Malformed Query Denial of Service Vulnerability
13949| [8926] Apache Web Server mod_cgid Module CGI Data Redirection Vulnerability
13950| [8919] Apache Mod_Security Module Heap Corruption Vulnerability
13951| [8911] Apache Web Server Multiple Module Local Buffer Overflow Vulnerability
13952| [8898] Red Hat Apache Directory Index Default Configuration Error
13953| [8883] Apache Cocoon Directory Traversal Vulnerability
13954| [8824] Apache Tomcat Non-HTTP Request Denial Of Service Vulnerability
13955| [8822] Apache Mod_Throttle Module Local Shared Memory Corruption Vulnerability
13956| [8725] Apache2 MOD_CGI STDERR Denial Of Service Vulnerability
13957| [8707] Apache htpasswd Password Entropy Weakness
13958| [8561] Apache::Gallery Insecure Local File Storage Privilege Escalation Vulnerability
13959| [8287] Mod_Mylo Apache Module REQSTR Buffer Overflow Vulnerability
13960| [8226] Apache HTTP Server Multiple Vulnerabilities
13961| [8138] Apache Web Server Type-Map Recursive Loop Denial Of Service Vulnerability
13962| [8137] Apache Web Server Prefork MPM Denial Of Service Vulnerability
13963| [8136] Macromedia Apache Web Server Encoded Space Source Disclosure Vulnerability
13964| [8135] Apache Web Server FTP Proxy IPV6 Denial Of Service Vulnerability
13965| [8134] Apache Web Server SSLCipherSuite Weak CipherSuite Renegotiation Weakness
13966| [7768] Apache Tomcat Insecure Directory Permissions Vulnerability
13967| [7725] Apache Basic Authentication Module Valid User Login Denial Of Service Vulnerability
13968| [7723] Apache APR_PSPrintf Memory Corruption Vulnerability
13969| [7448] Apache Mod_Auth_Any Remote Command Execution Vulnerability
13970| [7375] Apache Mod_Access_Referer NULL Pointer Dereference Denial of Service Vulnerability
13971| [7332] Apache Web Server OS2 Filestat Denial Of Service Vulnerability
13972| [7255] Apache Web Server File Descriptor Leakage Vulnerability
13973| [7254] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
13974| [6943] Apache Web Server MIME Boundary Information Disclosure Vulnerability
13975| [6939] Apache Web Server ETag Header Information Disclosure Weakness
13976| [6722] Apache Tomcat Web.XML File Contents Disclosure Vulnerability
13977| [6721] Apache Tomcat Null Byte Directory/File Disclosure Vulnerability
13978| [6720] Apache Tomcat Example Web Application Cross Site Scripting Vulnerability
13979| [6662] Apache Web Server MS-DOS Device Name Denial Of Service Vulnerability
13980| [6661] Apache Web Server Default Script Mapping Bypass Vulnerability
13981| [6660] Apache Web Server Illegal Character HTTP Request File Disclosure Vulnerability
13982| [6659] Apache Web Server MS-DOS Device Name Arbitrary Code Execution Vulnerability
13983| [6562] Apache Tomcat Invoker Servlet File Disclosure Vulnerability
13984| [6320] Apache/Tomcat Mod_JK Chunked Encoding Denial Of Service Vulnerability
13985| [6117] Apache mod_php File Descriptor Leakage Vulnerability
13986| [6065] Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability
13987| [5996] Apache AB.C Web Benchmarking Buffer Overflow Vulnerability
13988| [5995] Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability
13989| [5993] Multiple Apache HTDigest Buffer Overflow Vulnerabilities
13990| [5992] Apache HTDigest Insecure Temporary File Vulnerability
13991| [5991] Apache HTDigest Arbitrary Command Execution Vulnerability
13992| [5990] Apache HTPasswd Insecure Temporary File Vulnerability
13993| [5981] Multiple Apache HTDigest and HTPassWD Component Vulnerabilites
13994| [5884] Apache Web Server Scoreboard Memory Segment Overwriting SIGUSR1 Sending Vulnerability
13995| [5847] Apache Server Side Include Cross Site Scripting Vulnerability
13996| [5838] Apache Tomcat 3.2 Directory Disclosure Vulnerability
13997| [5816] Apache 2 mod_dav Denial Of Service Vulnerability
13998| [5791] HP VirtualVault Apache mod_ssl Denial Of Service Vulnerability
13999| [5787] Apache Oversized STDERR Buffer Denial Of Service Vulnerability
14000| [5786] Apache Tomcat DefaultServlet File Disclosure Vulnerability
14001| [5542] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
14002| [5486] Apache 2.0 CGI Path Disclosure Vulnerability
14003| [5485] Apache 2.0 Path Disclosure Vulnerability
14004| [5434] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
14005| [5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability
14006| [5194] Apache Tomcat DOS Device Name Cross Site Scripting Vulnerability
14007| [5193] Apache Tomcat Servlet Mapping Cross Site Scripting Vulnerability
14008| [5067] Apache Tomcat Null Character Malformed Request Denial Of Service Vulnerability
14009| [5054] Apache Tomcat Web Root Path Disclosure Vulnerability
14010| [5033] Apache Chunked-Encoding Memory Corruption Vulnerability
14011| [4995] Apache Tomcat JSP Engine Denial of Service Vulnerability
14012| [4878] Apache Tomcat RealPath.JSP Malformed Request Information Disclosure Vulnerability
14013| [4877] Apache Tomcat Example Files Web Root Path Disclosure Vulnerability
14014| [4876] Apache Tomcat Source.JSP Malformed Request Information Disclosure Vulnerability
14015| [4575] Apache Tomcat Servlet Path Disclosure Vulnerability
14016| [4557] Apache Tomcat System Path Information Disclosure Vulnerability
14017| [4437] Apache Error Message Cross-Site Scripting Vulnerability
14018| [4431] Apache PrintEnv/Test_CGI Script Injection Vulnerability
14019| [4358] Apache Double-Reverse Lookup Log Entry Spoofing Vulnerability
14020| [4335] Apache Win32 Batch File Remote Command Execution Vulnerability
14021| [4292] Oracle 9iAS Apache PL/SQL Module Web Administration Access Vulnerability
14022| [4189] Apache mod_ssl/Apache-SSL Buffer Overflow Vulnerability
14023| [4057] Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability
14024| [4056] Apache 2 for Windows php.exe Path Disclosure Vulnerability
14025| [4037] Oracle 9iAS Apache PL/SQL Module Denial of Service Vulnerability
14026| [4032] Oracle 9iAS Apache PL/SQL Module Multiple Buffer Overflows Vulnerability
14027| [3796] Apache HTTP Request Unexpected Behavior Vulnerability
14028| [3790] Apache Non-Existent Log Directory Denial Of Service Vulnerability
14029| [3786] Apache Win32 PHP.EXE Remote File Disclosure Vulnerability
14030| [3727] Oracle 9I Application Server PL/SQL Apache Module Directory Traversal Vulnerability
14031| [3726] Oracle 9I Application Server PL/SQL Apache Module Buffer Overflow Vulnerability
14032| [3596] Apache Split-Logfile File Append Vulnerability
14033| [3521] Apache mod_usertrack Predictable ID Generation Vulnerability
14034| [3335] Red Hat Linux Apache Remote Username Enumeration Vulnerability
14035| [3316] MacOS X Client Apache Directory Contents Disclosure Vulnerability
14036| [3256] Apache mod_auth_oracle Remote SQL Query Manipulation Vulnerability
14037| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
14038| [3254] Apache AuthPG Remote SQL Query Manipulation Vulnerability
14039| [3253] Apache mod_auth_pgsql_sys Remote SQL Query Manipulation Vulnerability
14040| [3251] Apache mod_auth_pgsql Remote SQL Query Manipulation Vulnerability
14041| [3176] Apache Mod ReWrite Rules Bypassing Image Linking Vulnerability
14042| [3169] Apache Server Address Disclosure Vulnerability
14043| [3009] Apache Possible Directory Index Disclosure Vulnerability
14044| [2982] Apache Tomcat Cross-Site Scripting Vulnerability
14045| [2852] MacOS X Client Apache File Protection Bypass Vulnerability
14046| [2740] Apache Web Server HTTP Request Denial of Service Vulnerability
14047| [2518] Apache Tomcat 3.0 Directory Traversal Vulnerability
14048| [2503] Apache Artificially Long Slash Path Directory Listing Vulnerability
14049| [2300] NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability
14050| [2216] Apache Web Server DoS Vulnerability
14051| [2182] Apache /tmp File Race Vulnerability
14052| [2171] Oracle Apache+WebDB Documented Backdoor Vulnerability
14053| [2060] Apache Web Server with Php 3 File Disclosure Vulnerability
14054| [1821] Apache mod_cookies Buffer Overflow Vulnerability
14055| [1728] Apache Rewrite Module Arbitrary File Disclosure Vulnerability
14056| [1658] SuSE Apache CGI Source Code Viewing Vulnerability
14057| [1656] SuSE Apache WebDAV Directory Listings Vulnerability
14058| [1575] Trustix Apache-SSL RPM Permissions Vulnerability
14059| [1548] Apache Jakarta-Tomcat /admin Context Vulnerability
14060| [1532] Apache Tomcat Snoop Servlet Information Disclosure Vulnerability
14061| [1531] Apache Tomcat 3.1 Path Revealing Vulnerability
14062| [1457] Apache::ASP source.asp Example Script Vulnerability
14063| [1284] Apache HTTP Server (win32) Root Directory Access Vulnerability
14064| [1083] Cobalt Raq Apache .htaccess Disclosure Vulnerability
14065|
14066| IBM X-Force - https://exchange.xforce.ibmcloud.com:
14067| [86258] Apache CloudStack text fields cross-site scripting
14068| [85983] Apache Subversion mod_dav_svn module denial of service
14069| [85875] Apache OFBiz UEL code execution
14070| [85874] Apache OFBiz Webtools View Log screen cross-site scripting
14071| [85871] Apache HTTP Server mod_session_dbd unspecified
14072| [85756] Apache Struts OGNL expression command execution
14073| [85755] Apache Struts DefaultActionMapper class open redirect
14074| [85586] Apache ActiveMQ CVE-2013-1879 cross-site scripting
14075| [85574] Apache HTTP Server mod_dav denial of service
14076| [85573] Apache Struts Showcase App OGNL code execution
14077| [85496] Apache CXF denial of service
14078| [85423] Apache Geronimo RMI classloader code execution
14079| [85326] Apache Santuario XML Security for C++ buffer overflow
14080| [85323] Apache Santuario XML Security for Java spoofing
14081| [85319] Apache Qpid Python client SSL spoofing
14082| [85019] Apache Santuario XML Security for C++ CVE-2013-2156 buffer overflow
14083| [85018] Apache Santuario XML Security for C++ CVE-2013-2155 denial of service
14084| [85017] Apache Santuario XML Security for C++ CVE-2013-2154 buffer overflow
14085| [85016] Apache Santuario XML Security for C++ CVE-2013-2153 spoofing
14086| [84952] Apache Tomcat CVE-2012-3544 denial of service
14087| [84763] Apache Struts CVE-2013-2135 security bypass
14088| [84762] Apache Struts CVE-2013-2134 security bypass
14089| [84719] Apache Subversion CVE-2013-2088 command execution
14090| [84718] Apache Subversion CVE-2013-2112 denial of service
14091| [84717] Apache Subversion CVE-2013-1968 denial of service
14092| [84577] Apache Tomcat security bypass
14093| [84576] Apache Tomcat symlink
14094| [84543] Apache Struts CVE-2013-2115 security bypass
14095| [84542] Apache Struts CVE-2013-1966 security bypass
14096| [84154] Apache Tomcat session hijacking
14097| [84144] Apache Tomcat denial of service
14098| [84143] Apache Tomcat information disclosure
14099| [84111] Apache HTTP Server command execution
14100| [84043] Apache Virtual Computing Lab cross-site scripting
14101| [84042] Apache Virtual Computing Lab cross-site scripting
14102| [83782] Apache CloudStack information disclosure
14103| [83781] Apache CloudStack security bypass
14104| [83720] Apache ActiveMQ cross-site scripting
14105| [83719] Apache ActiveMQ denial of service
14106| [83718] Apache ActiveMQ denial of service
14107| [83263] Apache Subversion denial of service
14108| [83262] Apache Subversion denial of service
14109| [83261] Apache Subversion denial of service
14110| [83259] Apache Subversion denial of service
14111| [83035] Apache mod_ruid2 security bypass
14112| [82852] Apache Qpid federation_tag security bypass
14113| [82851] Apache Qpid qpid::framing::Buffer denial of service
14114| [82758] Apache Rave User RPC API information disclosure
14115| [82663] Apache Subversion svn_fs_file_length() denial of service
14116| [82642] Apache Qpid qpid::framing::Buffer::checkAvailable() denial of service
14117| [82641] Apache Qpid AMQP denial of service
14118| [82626] Apache HTTP Server on Debian GNU/Linux Debian apache2ctl symlink
14119| [82618] Apache Commons FileUpload symlink
14120| [82360] Apache HTTP Server manager interface cross-site scripting
14121| [82359] Apache HTTP Server hostnames cross-site scripting
14122| [82338] Apache Tomcat log/logdir information disclosure
14123| [82328] Apache Maven and Apache Maven Wagon SSL spoofing
14124| [82268] Apache OpenJPA deserialization command execution
14125| [81981] Apache CXF UsernameTokens security bypass
14126| [81980] Apache CXF WS-Security security bypass
14127| [81398] Apache OFBiz cross-site scripting
14128| [81240] Apache CouchDB directory traversal
14129| [81226] Apache CouchDB JSONP code execution
14130| [81225] Apache CouchDB Futon user interface cross-site scripting
14131| [81211] Apache Axis2/C SSL spoofing
14132| [81167] Apache CloudStack DeployVM information disclosure
14133| [81166] Apache CloudStack AddHost API information disclosure
14134| [81165] Apache CloudStack createSSHKeyPair API information disclosure
14135| [80518] Apache Tomcat cross-site request forgery security bypass
14136| [80517] Apache Tomcat FormAuthenticator security bypass
14137| [80516] Apache Tomcat NIO denial of service
14138| [80408] Apache Tomcat replay-countermeasure security bypass
14139| [80407] Apache Tomcat HTTP Digest Access Authentication security bypass
14140| [80317] Apache Tomcat slowloris denial of service
14141| [79984] Apache Commons HttpClient SSL spoofing
14142| [79983] Apache CXF SSL spoofing
14143| [79830] Apache Axis2/Java SSL spoofing
14144| [79829] Apache Axis SSL spoofing
14145| [79809] Apache Tomcat DIGEST security bypass
14146| [79806] Apache Tomcat parseHeaders() denial of service
14147| [79540] Apache OFBiz unspecified
14148| [79487] Apache Axis2 SAML security bypass
14149| [79212] Apache Cloudstack code execution
14150| [78734] Apache CXF SOAP Action security bypass
14151| [78730] Apache Qpid broker denial of service
14152| [78617] Eucalyptus Apache Santuario (XML Security for Java) denial of service
14153| [78563] Apache mod_pagespeed module unspecified cross-site scripting
14154| [78562] Apache mod_pagespeed module security bypass
14155| [78454] Apache Axis2 security bypass
14156| [78452] Websense Web Security and Web Filter Apache Tomcat information disclosure
14157| [78451] Websense Web Security and Web Filter Apache Tomcat cross-site scripting
14158| [78321] Apache Wicket unspecified cross-site scripting
14159| [78183] Apache Struts parameters denial of service
14160| [78182] Apache Struts cross-site request forgery
14161| [78153] Apache Solr Autocomplete module for Drupal autocomplete results cross-site scripting
14162| [77987] mod_rpaf module for Apache denial of service
14163| [77958] Apache Struts skill name code execution
14164| [77914] Apache HTTP Server mod_negotiation module cross-site scripting
14165| [77913] Apache HTTP Server mod_proxy_ajp information disclosure
14166| [77568] Apache Qpid broker security bypass
14167| [77421] Apache Libcloud spoofing
14168| [77059] Oracle Solaris Cluster Apache Tomcat Agent unspecified
14169| [77046] Oracle Solaris Apache HTTP Server information disclosure
14170| [76837] Apache Hadoop information disclosure
14171| [76802] Apache Sling CopyFrom denial of service
14172| [76692] Apache Hadoop symlink
14173| [76535] Apache Roller console cross-site request forgery
14174| [76534] Apache Roller weblog cross-site scripting
14175| [76152] Apache CXF elements security bypass
14176| [76151] Apache CXF child policies security bypass
14177| [75983] MapServer for Windows Apache file include
14178| [75857] Apache Commons Compress and Apache Ant bzip2 denial of service
14179| [75558] Apache POI denial of service
14180| [75545] PHP apache_request_headers() buffer overflow
14181| [75302] Apache Qpid SASL security bypass
14182| [75211] Debian GNU/Linux apache 2 cross-site scripting
14183| [74901] Apache HTTP Server LD_LIBRARY_PATH privilege escalation
14184| [74871] Apache OFBiz FlexibleStringExpander code execution
14185| [74870] Apache OFBiz multiple cross-site scripting
14186| [74750] Apache Hadoop unspecified spoofing
14187| [74319] Apache Struts XSLTResult.java file upload
14188| [74313] Apache Traffic Server header buffer overflow
14189| [74276] Apache Wicket directory traversal
14190| [74273] Apache Wicket unspecified cross-site scripting
14191| [74181] Apache HTTP Server mod_fcgid module denial of service
14192| [73690] Apache Struts OGNL code execution
14193| [73432] Apache Solr extension for TYPO3 unspecified cross-site scripting
14194| [73100] Apache MyFaces in directory traversal
14195| [73096] Apache APR hash denial of service
14196| [73052] Apache Struts name cross-site scripting
14197| [73030] Apache CXF UsernameToken security bypass
14198| [72888] Apache Struts lastName cross-site scripting
14199| [72758] Apache HTTP Server httpOnly information disclosure
14200| [72757] Apache HTTP Server MPM denial of service
14201| [72585] Apache Struts ParameterInterceptor security bypass
14202| [72438] Apache Tomcat Digest security bypass
14203| [72437] Apache Tomcat Digest security bypass
14204| [72436] Apache Tomcat DIGEST security bypass
14205| [72425] Apache Tomcat parameter denial of service
14206| [72422] Apache Tomcat request object information disclosure
14207| [72377] Apache HTTP Server scoreboard security bypass
14208| [72345] Apache HTTP Server HTTP request denial of service
14209| [72229] Apache Struts ExceptionDelegator command execution
14210| [72089] Apache Struts ParameterInterceptor directory traversal
14211| [72088] Apache Struts CookieInterceptor command execution
14212| [72047] Apache Geronimo hash denial of service
14213| [72016] Apache Tomcat hash denial of service
14214| [71711] Apache Struts OGNL expression code execution
14215| [71654] Apache Struts interfaces security bypass
14216| [71620] Apache ActiveMQ failover denial of service
14217| [71617] Apache HTTP Server mod_proxy module information disclosure
14218| [71508] Apache MyFaces EL security bypass
14219| [71445] Apache HTTP Server mod_proxy security bypass
14220| [71203] Apache Tomcat servlets privilege escalation
14221| [71181] Apache HTTP Server ap_pregsub() denial of service
14222| [71093] Apache HTTP Server ap_pregsub() buffer overflow
14223| [70336] Apache HTTP Server mod_proxy information disclosure
14224| [69804] Apache HTTP Server mod_proxy_ajp denial of service
14225| [69472] Apache Tomcat AJP security bypass
14226| [69396] Apache HTTP Server ByteRange filter denial of service
14227| [69394] Apache Wicket multi window support cross-site scripting
14228| [69176] Apache Tomcat XML information disclosure
14229| [69161] Apache Tomcat jsvc information disclosure
14230| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
14231| [68541] Apache Tomcat sendfile information disclosure
14232| [68420] Apache XML Security denial of service
14233| [68238] Apache Tomcat JMX information disclosure
14234| [67860] Apache Rampart/C rampart_timestamp_token_validate security bypass
14235| [67804] Apache Subversion control rules information disclosure
14236| [67803] Apache Subversion control rules denial of service
14237| [67802] Apache Subversion baselined denial of service
14238| [67672] Apache Archiva multiple cross-site scripting
14239| [67671] Apache Archiva multiple cross-site request forgery
14240| [67564] Apache APR apr_fnmatch() denial of service
14241| [67532] IBM WebSphere Application Server org.apache.jasper.runtime.JspWriterImpl.response denial of service
14242| [67515] Apache Tomcat annotations security bypass
14243| [67480] Apache Struts s:submit information disclosure
14244| [67414] Apache APR apr_fnmatch() denial of service
14245| [67356] Apache Struts javatemplates cross-site scripting
14246| [67354] Apache Struts Xwork cross-site scripting
14247| [66676] Apache Tomcat HTTP BIO information disclosure
14248| [66675] Apache Tomcat web.xml security bypass
14249| [66640] Apache HttpComponents HttpClient Proxy-Authorization information disclosure
14250| [66241] Apache HttpComponents information disclosure
14251| [66154] Apache Tomcat ServletSecurity security bypass
14252| [65971] Apache Tomcat ServletSecurity security bypass
14253| [65876] Apache Subversion mod_dav_svn denial of service
14254| [65343] Apache Continuum unspecified cross-site scripting
14255| [65162] Apache Tomcat NIO connector denial of service
14256| [65161] Apache Tomcat javax.servlet.ServletRequest.getLocale() denial of service
14257| [65160] Apache Tomcat HTML Manager interface cross-site scripting
14258| [65159] Apache Tomcat ServletContect security bypass
14259| [65050] Apache CouchDB web-based administration UI cross-site scripting
14260| [64773] Oracle HTTP Server Apache Plugin unauthorized access
14261| [64473] Apache Subversion blame -g denial of service
14262| [64472] Apache Subversion walk() denial of service
14263| [64407] Apache Axis2 CVE-2010-0219 code execution
14264| [63926] Apache Archiva password privilege escalation
14265| [63785] Apache CouchDB LD_LIBRARY_PATH privilege escalation
14266| [63493] Apache Archiva credentials cross-site request forgery
14267| [63477] Apache Tomcat HttpOnly session hijacking
14268| [63422] Apache Tomcat sessionsList.jsp cross-site scripting
14269| [63303] Apache mod_fcgid module fcgid_header_bucket_read() buffer overflow
14270| [62959] Apache Shiro filters security bypass
14271| [62790] Apache Perl cgi module denial of service
14272| [62576] Apache Qpid exchange denial of service
14273| [62575] Apache Qpid AMQP denial of service
14274| [62354] Apache Qpid SSL denial of service
14275| [62235] Apache APR-util apr_brigade_split_line() denial of service
14276| [62181] Apache XML-RPC SAX Parser information disclosure
14277| [61721] Apache Traffic Server cache poisoning
14278| [61202] Apache Derby BUILTIN authentication functionality information disclosure
14279| [61186] Apache CouchDB Futon cross-site request forgery
14280| [61169] Apache CXF DTD denial of service
14281| [61070] Apache Jackrabbit search.jsp SQL injection
14282| [61006] Apache SLMS Quoting cross-site request forgery
14283| [60962] Apache Tomcat time cross-site scripting
14284| [60883] Apache mod_proxy_http information disclosure
14285| [60671] Apache HTTP Server mod_cache and mod_dav denial of service
14286| [60264] Apache Tomcat Transfer-Encoding denial of service
14287| [59746] Apache Axis2 axis2/axis2-admin page session hijacking
14288| [59588] Apache Axis2/Java XML DTD (Document Type Declaration) data denial of service
14289| [59413] Apache mod_proxy_http timeout information disclosure
14290| [59058] Apache MyFaces unencrypted view state cross-site scripting
14291| [58827] Apache Axis2 xsd file include
14292| [58790] Apache Axis2 modules cross-site scripting
14293| [58299] Apache ActiveMQ queueBrowse cross-site scripting
14294| [58169] Apache Tomcat Web Application Manager / Host Manager cross-site request forgery
14295| [58056] Apache ActiveMQ .jsp source code disclosure
14296| [58055] Apache Tomcat realm name information disclosure
14297| [58046] Apache HTTP Server mod_auth_shadow security bypass
14298| [57841] Apache Open For Business Project (OFBiz) subject cross-site scripting
14299| [57840] Apache Open For Business Project (OFBiz) multiple parameters cross-site scripting
14300| [57429] Apache CouchDB algorithms information disclosure
14301| [57398] Apache ActiveMQ Web console cross-site request forgery
14302| [57397] Apache ActiveMQ createDestination.action cross-site scripting
14303| [56653] Apache HTTP Server DNS spoofing
14304| [56652] Apache HTTP Server DNS cross-site scripting
14305| [56625] Apache HTTP Server request header information disclosure
14306| [56624] Apache HTTP Server mod_isapi orphaned callback pointer code execution
14307| [56623] Apache HTTP Server mod_proxy_ajp denial of service
14308| [55941] mod_proxy module for Apache ap_proxy_send_fb() buffer overflow
14309| [55857] Apache Tomcat WAR files directory traversal
14310| [55856] Apache Tomcat autoDeploy attribute security bypass
14311| [55855] Apache Tomcat WAR directory traversal
14312| [55210] Intuit component for Joomla! Apache information disclosure
14313| [54533] Apache Tomcat 404 error page cross-site scripting
14314| [54182] Apache Tomcat admin default password
14315| [53878] Apache Solr Search (solr) extension for TYPO3 unspecified cross-site scripting
14316| [53666] Apache HTTP Server Solaris pollset support denial of service
14317| [53650] Apache HTTP Server HTTP basic-auth module security bypass
14318| [53124] mod_proxy_ftp module for Apache HTTP header security bypass
14319| [53041] mod_proxy_ftp module for Apache denial of service
14320| [52540] Apache Portable Runtime and Apache Portable Utility library multiple buffer overflow
14321| [51953] Apache Tomcat Path Disclosure
14322| [51952] Apache Tomcat Path Traversal
14323| [51951] Apache stronghold-status Information Disclosure
14324| [51950] Apache stronghold-info Information Disclosure
14325| [51949] Apache PHP Source Code Disclosure
14326| [51948] Apache Multiviews Attack
14327| [51946] Apache JServ Environment Status Information Disclosure
14328| [51945] Apache error_log Information Disclosure
14329| [51944] Apache Default Installation Page Pattern Found
14330| [51943] Apache AXIS XML Parser echoheaders.jws Sample Web Service Denial of Service
14331| [51942] Apache AXIS XML External Entity File Retrieval
14332| [51941] Apache AXIS Sample Servlet Information Leak
14333| [51940] Apache access_log Information Disclosure
14334| [51626] Apache mod_deflate denial of service
14335| [51532] mod_proxy module for the Apache HTTP Server stream_reqbody_cl denial of service
14336| [51365] Apache Tomcat RequestDispatcher security bypass
14337| [51273] Apache HTTP Server Incomplete Request denial of service
14338| [51195] Apache Tomcat XML information disclosure
14339| [50994] Apache APR-util xml/apr_xml.c denial of service
14340| [50993] Apache APR-util apr_brigade_vprintf denial of service
14341| [50964] Apache APR-util apr_strmatch_precompile() denial of service
14342| [50930] Apache Tomcat j_security_check information disclosure
14343| [50928] Apache Tomcat AJP denial of service
14344| [50884] Apache HTTP Server XML ENTITY denial of service
14345| [50808] Apache HTTP Server AllowOverride privilege escalation
14346| [50108] Apache Struts s:a tag and s:url tag cross-site scripting
14347| [50059] Apache mod_proxy_ajp information disclosure
14348| [49951] Apache Tiles Expression Language (EL) expressions cross-site scripting
14349| [49925] Apache Geronimo Web Administrative Console cross-site request forgery
14350| [49924] Apache Geronimo console/portal/Server/Monitoring cross-site scripting
14351| [49921] Apache ActiveMQ Web interface cross-site scripting
14352| [49898] Apache Geronimo Services/Repository directory traversal
14353| [49725] Apache Tomcat mod_jk module information disclosure
14354| [49715] Apache mod_perl Apache::Status and Apache2::Status modules cross-site scripting
14355| [49712] Apache Struts unspecified cross-site scripting
14356| [49213] Apache Tomcat cal2.jsp cross-site scripting
14357| [48934] Apache Tomcat POST doRead method information disclosure
14358| [48211] Apache Tomcat header HTTP request smuggling
14359| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
14360| [48110] Apache Jackrabbit search.jsp and swr.jsp cross-site scripting
14361| [47709] Apache Roller "
14362| [47104] Novell Netware ApacheAdmin console security bypass
14363| [47086] Apache HTTP Server OS fingerprinting unspecified
14364| [46329] Apache Struts FilterDispatcher and DefaultStaticContentLoader class directory traversal
14365| [45791] Apache Tomcat RemoteFilterValve security bypass
14366| [44435] Oracle WebLogic Apache Connector buffer overflow
14367| [44411] Apache Tomcat allowLinking UTF-8 directory traversal
14368| [44223] Apache HTTP Server mod_proxy_ftp cross-site scripting
14369| [44156] Apache Tomcat RequestDispatcher directory traversal
14370| [44155] Apache Tomcat HttpServletResponse.sendError() cross-site scripting
14371| [43885] Oracle WebLogic Server Apache Connector buffer overflow
14372| [42987] Apache HTTP Server mod_proxy module denial of service
14373| [42915] Apache Tomcat JSP files path disclosure
14374| [42914] Apache Tomcat MS-DOS path disclosure
14375| [42892] Apache Tomcat unspecified unauthorized access
14376| [42816] Apache Tomcat Host Manager cross-site scripting
14377| [42303] Apache 403 error cross-site scripting
14378| [41618] Apache-SSL ExpandCert() authentication bypass
14379| [40761] Apache Derby RDBNAM parameter and DatabaseMetaData.getURL information disclosure
14380| [40736] Apache Tomcat HTTP/1.1 connector information disclosure
14381| [40614] Apache mod_jk2 HTTP Host header buffer overflow
14382| [40562] Apache Geronimo init information disclosure
14383| [40478] Novell Web Manager webadmin-apache.conf security bypass
14384| [40411] Apache Tomcat exception handling information disclosure
14385| [40409] Apache Tomcat native (APR based) connector weak security
14386| [40403] Apache Tomcat quotes and %5C cookie information disclosure
14387| [40388] Sun Java Plug-In org.apache.crimson.tree.XmlDocument security bypass
14388| [39893] Apache HTTP Server mod_negotiation HTTP response splitting
14389| [39867] Apache HTTP Server mod_negotiation cross-site scripting
14390| [39804] Apache Tomcat SingleSignOn information disclosure
14391| [39615] Apache HTTP Server mod_proxy_ftp.c UTF-7 cross-site scripting
14392| [39612] Apache HTTP Server mod_proxy_balancer buffer overflow
14393| [39608] Apache HTTP Server balancer manager cross-site request forgery
14394| [39476] Apache mod_proxy_balancer balancer_handler function denial of service
14395| [39474] Apache HTTP Server mod_proxy_balancer cross-site scripting
14396| [39472] Apache HTTP Server mod_status cross-site scripting
14397| [39201] Apache Tomcat JULI logging weak security
14398| [39158] Apache HTTP Server Windows SMB shares information disclosure
14399| [39001] Apache HTTP Server mod_imap and mod_imagemap module cross-site scripting
14400| [38951] Apache::AuthCAS Perl module cookie SQL injection
14401| [38800] Apache HTTP Server 413 error page cross-site scripting
14402| [38211] Apache Geronimo SQLLoginModule authentication bypass
14403| [37243] Apache Tomcat WebDAV directory traversal
14404| [37178] RHSA update for Apache HTTP Server mod_status module cross-site scripting not installed
14405| [37177] RHSA update for Apache HTTP Server Apache child process denial of service not installed
14406| [37119] RHSA update for Apache mod_auth_kerb off-by-one buffer overflow not installed
14407| [37100] RHSA update for Apache and IBM HTTP Server Expect header cross-site scripting not installed
14408| [36782] Apache Geronimo MEJB unauthorized access
14409| [36586] Apache HTTP Server UTF-7 cross-site scripting
14410| [36468] Apache Geronimo LoginModule security bypass
14411| [36467] Apache Tomcat functions.jsp cross-site scripting
14412| [36402] Apache Tomcat calendar cross-site request forgery
14413| [36354] Apache HTTP Server mod_proxy module denial of service
14414| [36352] Apache HTTP Server ap_proxy_date_canon() denial of service
14415| [36336] Apache Derby lock table privilege escalation
14416| [36335] Apache Derby schema privilege escalation
14417| [36006] Apache Tomcat "
14418| [36001] Apache Tomcat Host Manager Servlet alias cross-site scripting
14419| [35999] Apache Tomcat \"
14420| [35795] Apache Tomcat CookieExample cross-site scripting
14421| [35536] Apache Tomcat SendMailServlet example cross-site scripting
14422| [35384] Apache HTTP Server mod_cache module denial of service
14423| [35097] Apache HTTP Server mod_status module cross-site scripting
14424| [35095] Apache HTTP Server Prefork MPM module denial of service
14425| [34984] Apache HTTP Server recall_headers information disclosure
14426| [34966] Apache HTTP Server MPM content spoofing
14427| [34965] Apache HTTP Server MPM information disclosure
14428| [34963] Apache HTTP Server MPM multiple denial of service
14429| [34872] Apache MyFaces Tomahawk autoscroll parameter cross-site scripting
14430| [34869] Apache Tomcat JSP example Web application cross-site scripting
14431| [34868] Apache Tomcat Manager and Host Manager cross-site scripting
14432| [34496] Apache Tomcat JK Connector security bypass
14433| [34377] Apache Tomcat hello.jsp cross-site scripting
14434| [34212] Apache Tomcat SSL configuration security bypass
14435| [34210] Apache Tomcat Accept-Language cross-site scripting
14436| [34209] Apache Tomcat calendar application cross-site scripting
14437| [34207] Apache Tomcat implicit-objects.jsp cross-site scripting
14438| [34167] Apache Axis WSDL file path disclosure
14439| [34068] Apache Tomcat AJP connector information disclosure
14440| [33584] Apache HTTP Server suEXEC privilege escalation
14441| [32988] Apache Tomcat proxy module directory traversal
14442| [32794] Apache Tomcat JK Web Server Connector map_uri_to_worker() buffer overflow
14443| [32708] Debian Apache tty privilege escalation
14444| [32441] ApacheStats extract() PHP call unspecified
14445| [32128] Apache Tomcat default account
14446| [31680] Apache Tomcat RequestParamExample cross-site scripting
14447| [31649] Apache Tomcat Sample Servlet TroubleShooter detected
14448| [31557] BEA WebLogic Server and WebLogic Express Apache proxy plug-in denial of service
14449| [31236] Apache HTTP Server htpasswd.c strcpy buffer overflow
14450| [30456] Apache mod_auth_kerb off-by-one buffer overflow
14451| [29550] Apache mod_tcl set_var() format string
14452| [28620] Apache and IBM HTTP Server Expect header cross-site scripting
14453| [28357] Apache HTTP Server mod_alias script source information disclosure
14454| [28063] Apache mod_rewrite off-by-one buffer overflow
14455| [27902] Apache Tomcat URL information disclosure
14456| [26786] Apache James SMTP server denial of service
14457| [25680] libapache2 /tmp/svn file upload
14458| [25614] Apache Struts lookupMap cross-site scripting
14459| [25613] Apache Struts ActionForm denial of service
14460| [25612] Apache Struts isCancelled() security bypass
14461| [24965] Apache mod_python FileSession command execution
14462| [24716] Apache James spooler memory leak denial of service
14463| [24159] Apache Geronimo Web-Access-Log Viewer cross-site scripting
14464| [24158] Apache Geronimo jsp-examples cross-site scripting
14465| [24030] Apache auth_ldap module multiple format strings
14466| [24008] Apache mod_ssl custom error message denial of service
14467| [24003] Apache mod_auth_pgsql module multiple syslog format strings
14468| [23612] Apache mod_imap referer field cross-site scripting
14469| [23173] Apache Struts error message cross-site scripting
14470| [22942] Apache Tomcat directory listing denial of service
14471| [22858] Apache Multi-Processing Module code allows denial of service
14472| [22602] RHSA-2005:582 updates for Apache httpd not installed
14473| [22520] Apache mod-auth-shadow "
14474| [22466] ApacheTop symlink
14475| [22109] Apache HTTP Server ssl_engine_kernel client certificate validation
14476| [22006] Apache HTTP Server byte-range filter denial of service
14477| [21567] Apache mod_ssl off-by-one buffer overflow
14478| [21195] Apache HTTP Server header HTTP request smuggling
14479| [20383] Apache HTTP Server htdigest buffer overflow
14480| [19681] Apache Tomcat AJP12 request denial of service
14481| [18993] Apache HTTP server check_forensic symlink attack
14482| [18790] Apache Tomcat Manager cross-site scripting
14483| [18349] Apache HTTP server Apple HFS+ filesystem obtain information
14484| [18348] Apache HTTP server Apple HFS+ filesystem .DS_Store and .ht file disclosure
14485| [18347] Apache HTTP server Apple Mac OS X Server mod_digest_apple module could allow an attacker to replay responses
14486| [17961] Apache Web server ServerTokens has not been set
14487| [17930] Apache HTTP Server HTTP GET request denial of service
14488| [17785] Apache mod_include module buffer overflow
14489| [17671] Apache HTTP Server SSLCipherSuite bypass restrictions
14490| [17473] Apache HTTP Server Satisfy directive allows access to resources
14491| [17413] Apache htpasswd buffer overflow
14492| [17384] Apache HTTP Server environment variable configuration file buffer overflow
14493| [17382] Apache HTTP Server IPv6 apr_util denial of service
14494| [17366] Apache HTTP Server mod_dav module LOCK denial of service
14495| [17273] Apache HTTP Server speculative mode denial of service
14496| [17200] Apache HTTP Server mod_ssl denial of service
14497| [16890] Apache HTTP Server server-info request has been detected
14498| [16889] Apache HTTP Server server-status request has been detected
14499| [16705] Apache mod_ssl format string attack
14500| [16524] Apache HTTP Server ap_get_mime_headers_core denial of service
14501| [16387] Apache HTTP Server mod_proxy Content-Length buffer overflow
14502| [16230] Apache HTTP Server PHP denial of service
14503| [16214] Apache mod_ssl ssl_util_uuencode_binary buffer overflow
14504| [15958] Apache HTTP Server authentication modules memory corruption
14505| [15547] Apache HTTP Server mod_disk_cache local information disclosure
14506| [15540] Apache HTTP Server socket starvation denial of service
14507| [15467] Novell GroupWise WebAccess using Apache Web server allows viewing of files on the server
14508| [15422] Apache HTTP Server mod_access information disclosure
14509| [15419] Apache HTTP Server mod_ssl plain HTTP request denial of service
14510| [15293] Apache for Cygwin "
14511| [15065] Apache-SSL has a default password
14512| [15041] Apache HTTP Server mod_digest module could allow an attacker to replay responses
14513| [15015] Apache httpd server httpd.conf could allow a local user to bypass restrictions
14514| [14751] Apache Mod_python output filter information disclosure
14515| [14125] Apache HTTP Server mod_userdir module information disclosure
14516| [14075] Apache HTTP Server mod_php file descriptor leak
14517| [13703] Apache HTTP Server account
14518| [13689] Apache HTTP Server configuration allows symlinks
14519| [13688] Apache HTTP Server configuration allows SSI
14520| [13687] Apache HTTP Server Server: header value
14521| [13685] Apache HTTP Server ServerTokens value
14522| [13684] Apache HTTP Server ServerSignature value
14523| [13672] Apache HTTP Server config allows directory autoindexing
14524| [13671] Apache HTTP Server default content
14525| [13670] Apache HTTP Server config file directive references outside content root
14526| [13668] Apache HTTP Server httpd not running in chroot environment
14527| [13666] Apache HTTP Server CGI directory contains possible command interpreter or compiler
14528| [13664] Apache HTTP Server config file contains ScriptAlias entry
14529| [13663] Apache HTTP Server CGI support modules loaded
14530| [13661] Apache HTTP Server config file contains AddHandler entry
14531| [13660] Apache HTTP Server 500 error page not CGI script
14532| [13659] Apache HTTP Server 413 error page not CGI script
14533| [13658] Apache HTTP Server 403 error page not CGI script
14534| [13657] Apache HTTP Server 401 error page not CGI script
14535| [13552] Apache HTTP Server mod_cgid module information disclosure
14536| [13550] Apache GET request directory traversal
14537| [13516] Apache Cocoon XMLForm and JXForm could allow execution of code
14538| [13499] Apache Cocoon directory traversal allows downloading of boot.ini file
14539| [13429] Apache Tomcat non-HTTP request denial of service
14540| [13400] Apache HTTP server mod_alias and mod_rewrite buffer overflow
14541| [13295] Apache weak password encryption
14542| [13254] Apache Tomcat .jsp cross-site scripting
14543| [13125] Apache::Gallery Inline::C could allow arbitrary code execution
14544| [13086] Apache Jakarta Tomcat mod_jk format string allows remote access
14545| [12681] Apache HTTP Server mod_proxy could allow mail relaying
14546| [12662] Apache HTTP Server rotatelogs denial of service
14547| [12554] Apache Tomcat stores password in plain text
14548| [12553] Apache HTTP Server redirects and subrequests denial of service
14549| [12552] Apache HTTP Server FTP proxy server denial of service
14550| [12551] Apache HTTP Server prefork MPM denial of service
14551| [12550] Apache HTTP Server weaker than expected encryption
14552| [12549] Apache HTTP Server type-map file denial of service
14553| [12206] Apache Tomcat /opt/tomcat directory insecure permissions
14554| [12102] Apache Jakarta Tomcat MS-DOS device name request denial of service
14555| [12091] Apache HTTP Server apr_password_validate denial of service
14556| [12090] Apache HTTP Server apr_psprintf code execution
14557| [11804] Apache HTTP Server mod_access_referer denial of service
14558| [11750] Apache HTTP Server could leak sensitive file descriptors
14559| [11730] Apache HTTP Server error log and access log terminal escape sequence injection
14560| [11703] Apache long slash path allows directory listing
14561| [11695] Apache HTTP Server LF (Line Feed) denial of service
14562| [11694] Apache HTTP Server filestat.c denial of service
14563| [11438] Apache HTTP Server MIME message boundaries information disclosure
14564| [11412] Apache HTTP Server error log terminal escape sequence injection
14565| [11196] Apache Tomcat examples and ROOT Web applications cross-site scripting
14566| [11195] Apache Tomcat web.xml could be used to read files
14567| [11194] Apache Tomcat URL appended with a null character could list directories
14568| [11139] Apache HTTP Server mass virtual hosting with mod_rewrite or mod_vhost_alias could allow an attacker to obtain files
14569| [11126] Apache HTTP Server illegal character file disclosure
14570| [11125] Apache HTTP Server DOS device name HTTP POST code execution
14571| [11124] Apache HTTP Server DOS device name denial of service
14572| [11088] Apache HTTP Server mod_vhost_alias CGI source disclosure
14573| [10938] Apache HTTP Server printenv test CGI cross-site scripting
14574| [10771] Apache Tomcat mod_jk module multiple HTTP GET request buffer overflow
14575| [10575] Apache mod_php module could allow an attacker to take over the httpd process
14576| [10499] Apache HTTP Server WebDAV HTTP POST view source
14577| [10457] Apache HTTP Server mod_ssl "
14578| [10415] Apache HTTP Server htdigest insecure system() call could allow command execution
14579| [10414] Apache HTTP Server htdigest multiple buffer overflows
14580| [10413] Apache HTTP Server htdigest temporary file race condition
14581| [10412] Apache HTTP Server htpasswd temporary file race condition
14582| [10376] Apache Tomcat invoker servlet used in conjunction with the default servlet reveals source code
14583| [10348] Apache Tomcat HTTP GET request DOS device reference could cause a denial of service
14584| [10281] Apache HTTP Server ab.c ApacheBench long response buffer overflow
14585| [10280] Apache HTTP Server shared memory scorecard overwrite
14586| [10263] Apache Tomcat mod_jk or mod_jserv connector directory disclosure
14587| [10241] Apache HTTP Server Host: header cross-site scripting
14588| [10230] Slapper worm variants A, B, and C target OpenSSL/Apache systems
14589| [10208] Apache HTTP Server mod_dav denial of service
14590| [10206] HP VVOS Apache mod_ssl denial of service
14591| [10200] Apache HTTP Server stderr denial of service
14592| [10175] Apache Tomcat org.apache.catalina.servlets.DefaultServlet reveals source code
14593| [10169] Slapper worm variant (Slapper.C) targets OpenSSL/Apache systems
14594| [10154] Slapper worm variant (Slapper.B) targets OpenSSL/Apache systems
14595| [10098] Slapper worm targets OpenSSL/Apache systems
14596| [9876] Apache HTTP Server cgi/cgid request could disclose the path to a requested script
14597| [9875] Apache HTTP Server .var file request could disclose installation path
14598| [9863] Apache Tomcat web.xml file could allow a remote attacker to bypass restrictions
14599| [9808] Apache HTTP Server non-Unix version URL encoded directory traversal
14600| [9623] Apache HTTP Server ap_log_rerror() path disclosure
14601| [9520] Apache Tomcat /servlet/ mapping cross-site scripting
14602| [9415] Apache HTTP Server mod_ssl .htaccess off-by-one buffer overflow
14603| [9396] Apache Tomcat null character to threads denial of service
14604| [9394] Apache Tomcat HTTP request for LPT9 reveals Web root path
14605| [9249] Apache HTTP Server chunked encoding heap buffer overflow
14606| [9208] Apache Tomcat sample file requests could reveal directory listing and path to Web root directory
14607| [8932] Apache Tomcat example class information disclosure
14608| [8633] Apache HTTP Server with mod_rewrite could allow an attacker to bypass directives
14609| [8629] Apache HTTP Server double-reverse DNS lookup spoofing
14610| [8589] Apache HTTP Server for Windows DOS batch file remote command execution
14611| [8457] Oracle9i Application Server Apache PL/SQL HTTP Location header buffer overflow
14612| [8455] Oracle9i Application Server default installation could allow an attacker to access certain Apache Services
14613| [8400] Apache HTTP Server mod_frontpage buffer overflows
14614| [8326] Apache HTTP Server multiple MIME headers (sioux) denial of service
14615| [8308] Apache "
14616| [8275] Apache HTTP Server with Multiviews enabled could disclose directory contents
14617| [8119] Apache and PHP OPTIONS request reveals "
14618| [8054] Apache is running on the system
14619| [8029] Mandrake Linux default Apache configuration could allow an attacker to browse files and directories
14620| [8027] Mandrake Linux default Apache configuration has remote management interface enabled
14621| [8026] Mandrake Linux Apache sample programs could disclose sensitive information about the server
14622| [7836] Apache HTTP Server log directory denial of service
14623| [7815] Apache for Windows "
14624| [7810] Apache HTTP request could result in unexpected behavior
14625| [7599] Apache Tomcat reveals installation path
14626| [7494] Apache "
14627| [7419] Apache Web Server could allow remote attackers to overwrite .log files
14628| [7363] Apache Web Server hidden HTTP requests
14629| [7249] Apache mod_proxy denial of service
14630| [7129] Linux with Apache Web server could allow an attacker to determine if a specified username exists
14631| [7103] Apple Mac OS X used with Apache Web server could disclose directory contents
14632| [7059] Apache "
14633| [7057] Apache "
14634| [7056] Apache "
14635| [7055] Apache "
14636| [7054] Apache "
14637| [6997] Apache Jakarta Tomcat error message may reveal information
14638| [6971] Apache Jakarta Tomcat may reveal JSP source code with missing HTTP protocol specification
14639| [6970] Apache crafted HTTP request could reveal the internal IP address
14640| [6921] Apache long slash path allows directory listing
14641| [6687] Apple Mac OS X used with Apache Web server could allow arbitrary file disclosure
14642| [6527] Apache Web Server for Windows and OS2 denial of service
14643| [6316] Apache Jakarta Tomcat may reveal JSP source code
14644| [6305] Apache Jakarta Tomcat directory traversal
14645| [5926] Linux Apache symbolic link
14646| [5659] Apache Web server discloses files when used with php script
14647| [5310] Apache mod_rewrite allows attacker to view arbitrary files
14648| [5204] Apache WebDAV directory listings
14649| [5197] Apache Web server reveals CGI script source code
14650| [5160] Apache Jakarta Tomcat default installation
14651| [5099] Trustix Secure Linux installs Apache with world writable access
14652| [4968] Apache Jakarta Tomcat snoop servlet gives out information which could be used in attack
14653| [4967] Apache Jakarta Tomcat 404 error reveals the pathname of the requested file
14654| [4931] Apache source.asp example file allows users to write to files
14655| [4575] IBM HTTP Server running Apache allows users to directory listing and file retrieval
14656| [4205] Apache Jakarta Tomcat delivers file contents
14657| [2084] Apache on Debian by default serves the /usr/doc directory
14658| [1630] MessageMedia UnityMail and Apache Web server MIME header flood denial of service
14659| [697] Apache HTTP server beck exploit
14660| [331] Apache cookies buffer overflow
14661|
14662| Exploit-DB - https://www.exploit-db.com:
14663| [31130] Apache Tomcat <= 6.0.15 Cookie Quote Handling Remote Information Disclosure Vulnerability
14664| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
14665| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
14666| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
14667| [30563] Apache Tomcat <= 5.5.15 Cal2.JSP Cross-Site Scripting Vulnerability
14668| [30496] Apache Tomcat <= 6.0.13 Cookie Handling Quote Delimiter Session ID Disclosure
14669| [30495] Apache Tomcat <= 6.0.13 Host Manager Servlet Cross Site Scripting Vulnerability
14670| [30191] Apache MyFaces Tomahawk JSF Framework 1.1.5 Autoscroll Parameter Cross Site Scripting Vulnerability
14671| [30189] Apache Tomcat <= 6.0.13 JSP Example Web Applications Cross Site Scripting Vulnerability
14672| [30052] Apache Tomcat 6.0.10 Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
14673| [29930] Apache AXIS 1.0 Non-Existent WSDL Path Information Disclosure Vulnerability
14674| [29859] Apache Roller OGNL Injection
14675| [29739] Apache HTTP Server Tomcat 5.x/6.0.x Directory Traversal Vulnerability
14676| [29435] Apache Tomcat 5.5.25 - CSRF Vulnerabilities
14677| [29316] Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner) (2)
14678| [29290] Apache / PHP 5.x Remote Code Execution Exploit
14679| [28713] Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE
14680| [28424] Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
14681| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
14682| [28254] Apache Tomcat 5 Information Disclosure Vulnerability
14683| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
14684| [27397] Apache suEXEC Privilege Elevation / Information Disclosure
14685| [27135] Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
14686| [27096] Apache Geronimo 1.0 Error Page XSS
14687| [27095] Apache Tomcat / Geronimo 1.0 Sample Script cal2.jsp time Parameter XSS
14688| [26710] Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 - Denial of Service
14689| [26542] Apache Struts 1.2.7 Error Response Cross-Site Scripting Vulnerability
14690| [25986] Plesk Apache Zeroday Remote Exploit
14691| [25980] Apache Struts includeParams Remote Code Execution
14692| [25625] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (2)
14693| [25624] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (1)
14694| [24874] Apache Struts ParametersInterceptor Remote Code Execution
14695| [24744] Apache Rave 0.11 - 0.20 - User Information Disclosure
14696| [24694] Apache 1.3.x mod_include Local Buffer Overflow Vulnerability
14697| [24590] Apache 2.0.x mod_ssl Remote Denial of Service Vulnerability
14698| [23751] Apache Cygwin 1.3.x/2.0.x Directory Traversal Vulnerability
14699| [23581] Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability
14700| [23482] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)
14701| [23481] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (1)
14702| [23296] Red Hat Apache 2.0.40 Directory Index Default Configuration Error
14703| [23282] apache cocoon 2.14/2.2 - Directory Traversal vulnerability
14704| [23245] Apache Tomcat 4.0.x Non-HTTP Request Denial of Service Vulnerability
14705| [23119] Apache::Gallery 0.4/0.5/0.6 Insecure Local File Storage Privilege Escalation Vulnerability
14706| [22505] Apache Mod_Access_Referer 1.0.2 NULL Pointer Dereference Denial of Service Vulnerability
14707| [22205] Apache Tomcat 3.x Null Byte Directory/File Disclosure Vulnerability
14708| [22191] Apache Web Server 2.0.x MS-DOS Device Name Denial of Service Vulnerability
14709| [22068] Apache 1.3.x,Tomcat 4.0.x/4.1.x Mod_JK Chunked Encoding Denial of Service Vulnerability
14710| [21885] Apache 1.3/2.0.x Server Side Include Cross Site Scripting Vulnerability
14711| [21882] Apache Tomcat 3.2 Directory Disclosure Vulnerability
14712| [21854] Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service Vulnerability
14713| [21853] Apache Tomcat 3/4 DefaultServlet File Disclosure Vulnerability
14714| [21734] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
14715| [21719] Apache 2.0 Path Disclosure Vulnerability
14716| [21697] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
14717| [21605] Apache Tomcat 4.0.3 DoS Device Name Cross Site Scripting Vulnerability
14718| [21604] Apache Tomcat 4.0.3 Servlet Mapping Cross Site Scripting Vulnerability
14719| [21560] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (2)
14720| [21559] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (1)
14721| [21534] Apache Tomcat 3/4 JSP Engine Denial of Service Vulnerability
14722| [21492] Apache Tomcat 3.2.3/3.2.4 RealPath.JSP Malformed Request Information Disclosure
14723| [21491] Apache Tomcat 3.2.3/3.2.4 Example Files Web Root Path Disclosure
14724| [21490] Apache Tomcat 3.2.3/3.2.4 Source.JSP Malformed Request Information Disclosure
14725| [21412] Apache Tomcat 4.0/4.1 Servlet Path Disclosure Vulnerability
14726| [21350] Apache Win32 1.3.x/2.0.x Batch File Remote Command Execution Vulnerability
14727| [21204] Apache 1.3.20 Win32 PHP.EXE Remote File Disclosure Vulnerability
14728| [21112] Red Hat Linux 7.0 Apache Remote Username Enumeration Vulnerability
14729| [21067] Apache 1.0/1.2/1.3 Server Address Disclosure Vulnerability
14730| [21002] Apache 1.3 Possible Directory Index Disclosure Vulnerability
14731| [20911] Apache 1.3.14 Mac File Protection Bypass Vulnerability
14732| [20716] apache tomcat 3.0 - Directory Traversal vulnerability
14733| [20695] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (4)
14734| [20694] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (3)
14735| [20693] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (2)
14736| [20692] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (1)
14737| [20595] NCSA 1.3/1.4.x/1.5,Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability
14738| [20558] Apache 1.2 Web Server DoS Vulnerability
14739| [20466] Apache 1.3 Web Server with Php 3 File Disclosure Vulnerability
14740| [20435] Apache 0.8.x/1.0.x,NCSA httpd 1.x test-cgi Directory Listing Vulnerability
14741| [20272] Apache 1.2.5/1.3.1,UnityMail 2.0 MIME Header DoS Vulnerability
14742| [20210] Apache 1.3.12 WebDAV Directory Listings Vulnerability
14743| [20131] Apache Tomcat 3.1 Path Revealing Vulnerability
14744| [19975] Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 Root Directory Access Vulnerability
14745| [19828] Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure Vulnerability
14746| [19536] Apache <= 1.1,NCSA httpd <= 1.5.2,Netscape Server 1.12/1.1/2.0 a nph-test-cgi Vulnerability
14747| [19231] PHP apache_request_headers Function Buffer Overflow
14748| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
14749| [18897] Oracle Weblogic Apache Connector POST Request Buffer Overflow
14750| [18619] Apache Tomcat Remote Exploit (PUT Request) and Account Scanner
14751| [18452] Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities
14752| [18442] Apache httpOnly Cookie Disclosure
14753| [18329] Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities
14754| [18221] Apache HTTP Server Denial of Service
14755| [17969] Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
14756| [17696] Apache httpd Remote Denial of Service (memory exhaustion)
14757| [17691] Apache Struts < 2.2.0 - Remote Command Execution
14758| [16798] Apache mod_jk 1.2.20 Buffer Overflow
14759| [16782] Apache Win32 Chunked Encoding
14760| [16752] Apache module mod_rewrite LDAP protocol Buffer Overflow
14761| [16317] Apache Tomcat Manager Application Deployer Authenticated Code Execution
14762| [15710] Apache Archiva 1.0 - 1.3.1 CSRF Vulnerability
14763| [15319] Apache 2.2 (Windows) Local Denial of Service
14764| [14617] Apache JackRabbit 2.0.0 webapp XPath Injection
14765| [14489] Apache Tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
14766| [12721] Apache Axis2 1.4.1 - Local File Inclusion Vulnerability
14767| [12689] Authenticated Cross-Site Scripting Vulnerability (XSS) within Apache Axis2 administration console
14768| [12343] Apache Tomcat 5.5.0 to 5.5.29 & 6.0.0 to 6.0.26 - Information Disclosure Vulnerability
14769| [12330] Apache OFBiz - Multiple XSS
14770| [12264] Apache OFBiz - FULLADMIN Creator PoC Payload
14771| [12263] Apache OFBiz - SQL Remote Execution PoC Payload
14772| [11662] Apache Spamassassin Milter Plugin Remote Root Command Execution
14773| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
14774| [10811] Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability
14775| [10292] Apache Tomcat 3.2.1 - 404 Error Page Cross Site Scripting Vulnerability
14776| [9995] Apache Tomcat Form Authentication Username Enumeration Weakness
14777| [9994] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
14778| [9993] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
14779| [8842] Apache mod_dav / svn Remote Denial of Service Exploit
14780| [8458] Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities
14781| [7264] Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win)
14782| [6229] apache tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
14783| [6100] Apache mod_jk 1.2.19 Remote Buffer Overflow Exploit (win32)
14784| [6089] Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit
14785| [5386] Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
14786| [5330] Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)
14787| [4552] Apache Tomcat (webdav) Remote File Disclosure Exploit (ssl support)
14788| [4530] Apache Tomcat (webdav) Remote File Disclosure Exploit
14789| [4162] Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)
14790| [4093] Apache mod_jk 1.2.19/1.2.20 Remote Buffer Overflow Exploit
14791| [3996] Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)
14792| [3680] Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32)
14793| [3384] Ubuntu/Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit
14794| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
14795| [2061] Apache Tomcat < 5.5.17 Remote Directory Listing Vulnerability
14796| [1056] Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
14797| [855] Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
14798| [764] Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)
14799| [587] Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
14800| [466] htpasswd Apache 1.3.31 - Local Exploit
14801| [371] Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
14802| [360] Apache HTTPd Arbitrary Long HTTP Headers DoS
14803| [132] Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit
14804| [126] Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
14805| [67] Apache 1.3.x mod_mylo Remote Code Execution Exploit
14806| [38] Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
14807| [34] Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
14808| [11] Apache <= 2.0.44 Linux Remote Denial of Service Exploit
14809| [9] Apache HTTP Server 2.x Memory Leak Exploit
14810|
14811| OpenVAS (Nessus) - http://www.openvas.org:
14812| [902924] Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
14813| [902837] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability (Windows)
14814| [902830] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
14815| [902664] Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
14816| [901203] Apache httpd Web Server Range Header Denial of Service Vulnerability
14817| [901110] Apache ActiveMQ Source Code Information Disclosure Vulnerability
14818| [901105] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
14819| [900842] Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)
14820| [900841] Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)
14821| [900573] Apache APR-Utils XML Parser Denial of Service Vulnerability
14822| [900572] Apache APR-Utils Multiple Denial of Service Vulnerabilities
14823| [900571] Apache APR-Utils Version Detection
14824| [900499] Apache mod_proxy_ajp Information Disclosure Vulnerability
14825| [900496] Apache Tiles Multiple XSS Vulnerability
14826| [900493] Apache Tiles Version Detection
14827| [900107] Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
14828| [900021] Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
14829| [880086] CentOS Update for apache CESA-2008:0004-01 centos2 i386
14830| [870175] RedHat Update for apache RHSA-2008:0004-01
14831| [864591] Fedora Update for apache-poi FEDORA-2012-10835
14832| [864383] Fedora Update for apache-commons-compress FEDORA-2012-8428
14833| [864280] Fedora Update for apache-commons-compress FEDORA-2012-8465
14834| [864250] Fedora Update for apache-poi FEDORA-2012-7683
14835| [864249] Fedora Update for apache-poi FEDORA-2012-7686
14836| [863993] Fedora Update for apache-commons-daemon FEDORA-2011-10880
14837| [863466] Fedora Update for apache-commons-daemon FEDORA-2011-10936
14838| [855821] Solaris Update for Apache 1.3 122912-19
14839| [855812] Solaris Update for Apache 1.3 122911-19
14840| [855737] Solaris Update for Apache 1.3 122911-17
14841| [855731] Solaris Update for Apache 1.3 122912-17
14842| [855695] Solaris Update for Apache 1.3 122911-16
14843| [855645] Solaris Update for Apache 1.3 122912-16
14844| [855587] Solaris Update for kernel update and Apache 108529-29
14845| [855566] Solaris Update for Apache 116973-07
14846| [855531] Solaris Update for Apache 116974-07
14847| [855524] Solaris Update for Apache 2 120544-14
14848| [855494] Solaris Update for Apache 1.3 122911-15
14849| [855478] Solaris Update for Apache Security 114145-11
14850| [855472] Solaris Update for Apache Security 113146-12
14851| [855179] Solaris Update for Apache 1.3 122912-15
14852| [855147] Solaris Update for kernel update and Apache 108528-29
14853| [855077] Solaris Update for Apache 2 120543-14
14854| [850196] SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
14855| [850088] SuSE Update for apache2 SUSE-SA:2007:061
14856| [850009] SuSE Update for apache2,apache SUSE-SA:2008:021
14857| [841209] Ubuntu Update for apache2 USN-1627-1
14858| [840900] Ubuntu Update for apache2 USN-1368-1
14859| [840798] Ubuntu Update for apache2 USN-1259-1
14860| [840734] Ubuntu Update for apache2 USN-1199-1
14861| [840542] Ubuntu Update for apache2 vulnerabilities USN-1021-1
14862| [840504] Ubuntu Update for apache2 vulnerability USN-990-2
14863| [840399] Ubuntu Update for apache2 vulnerabilities USN-908-1
14864| [840304] Ubuntu Update for apache2 vulnerabilities USN-575-1
14865| [840118] Ubuntu Update for libapache2-mod-perl2 vulnerability USN-488-1
14866| [840092] Ubuntu Update for apache2 vulnerabilities USN-499-1
14867| [840039] Ubuntu Update for libapache2-mod-python vulnerability USN-430-1
14868| [835253] HP-UX Update for Apache Web Server HPSBUX02645
14869| [835247] HP-UX Update for Apache-based Web Server HPSBUX02612
14870| [835243] HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579
14871| [835236] HP-UX Update for Apache with PHP HPSBUX02543
14872| [835233] HP-UX Update for Apache-based Web Server HPSBUX02531
14873| [835224] HP-UX Update for Apache-based Web Server HPSBUX02465
14874| [835200] HP-UX Update for Apache Web Server Suite HPSBUX02431
14875| [835190] HP-UX Update for Apache Web Server Suite HPSBUX02401
14876| [835188] HP-UX Update for Apache HPSBUX02308
14877| [835181] HP-UX Update for Apache With PHP HPSBUX02332
14878| [835180] HP-UX Update for Apache with PHP HPSBUX02342
14879| [835172] HP-UX Update for Apache HPSBUX02365
14880| [835168] HP-UX Update for Apache HPSBUX02313
14881| [835148] HP-UX Update for Apache HPSBUX01064
14882| [835139] HP-UX Update for Apache with PHP HPSBUX01090
14883| [835131] HP-UX Update for Apache HPSBUX00256
14884| [835119] HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186
14885| [835104] HP-UX Update for Apache HPSBUX00224
14886| [835103] HP-UX Update for Apache mod_cgid HPSBUX00301
14887| [835101] HP-UX Update for Apache HPSBUX01232
14888| [835080] HP-UX Update for Apache HPSBUX02273
14889| [835078] HP-UX Update for ApacheStrong HPSBUX00255
14890| [835044] HP-UX Update for Apache HPSBUX01019
14891| [835040] HP-UX Update for Apache PHP HPSBUX00207
14892| [835025] HP-UX Update for Apache HPSBUX00197
14893| [835023] HP-UX Update for Apache HPSBUX01022
14894| [835022] HP-UX Update for Apache HPSBUX02292
14895| [835005] HP-UX Update for Apache HPSBUX02262
14896| [831759] Mandriva Update for apache-mod_security MDVSA-2012:182 (apache-mod_security)
14897| [831737] Mandriva Update for apache MDVSA-2012:154-1 (apache)
14898| [831534] Mandriva Update for apache MDVSA-2012:012 (apache)
14899| [831523] Mandriva Update for apache MDVSA-2012:003 (apache)
14900| [831491] Mandriva Update for apache MDVSA-2011:168 (apache)
14901| [831460] Mandriva Update for apache MDVSA-2011:144 (apache)
14902| [831449] Mandriva Update for apache MDVSA-2011:130 (apache)
14903| [831357] Mandriva Update for apache MDVSA-2011:057 (apache)
14904| [831132] Mandriva Update for apache MDVSA-2010:153 (apache)
14905| [831131] Mandriva Update for apache MDVSA-2010:152 (apache)
14906| [830989] Mandriva Update for apache-mod_auth_shadow MDVSA-2010:081 (apache-mod_auth_shadow)
14907| [830931] Mandriva Update for apache MDVSA-2010:057 (apache)
14908| [830926] Mandriva Update for apache MDVSA-2010:053 (apache)
14909| [830918] Mandriva Update for apache-mod_security MDVSA-2010:050 (apache-mod_security)
14910| [830799] Mandriva Update for apache-conf MDVSA-2009:300-2 (apache-conf)
14911| [830797] Mandriva Update for apache-conf MDVSA-2009:300-1 (apache-conf)
14912| [830791] Mandriva Update for apache-conf MDVA-2010:011 (apache-conf)
14913| [830652] Mandriva Update for apache MDVSA-2008:195 (apache)
14914| [830621] Mandriva Update for apache-conf MDVA-2008:129 (apache-conf)
14915| [830581] Mandriva Update for apache MDVSA-2008:016 (apache)
14916| [830294] Mandriva Update for apache MDKSA-2007:140 (apache)
14917| [830196] Mandriva Update for apache MDKSA-2007:235 (apache)
14918| [830112] Mandriva Update for apache MDKSA-2007:127 (apache)
14919| [830109] Mandriva Update for apache-mod_perl MDKSA-2007:083 (apache-mod_perl)
14920| [802425] Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
14921| [802423] Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
14922| [802422] Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
14923| [802415] Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
14924| [802385] Apache Tomcat Request Object Security Bypass Vulnerability (Win)
14925| [802384] Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)
14926| [802378] Apache Tomcat Hash Collision Denial Of Service Vulnerability
14927| [801942] Apache Archiva Multiple Vulnerabilities
14928| [801940] Apache Struts2 'XWork' Information Disclosure Vulnerability
14929| [801663] Apache Struts2/XWork Remote Command Execution Vulnerability
14930| [801521] Apache APR-util 'buckets/apr_brigade.c' Denial Of Service Vulnerability
14931| [801284] Apache Derby Information Disclosure Vulnerability
14932| [801203] Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
14933| [800837] Apache 'mod_deflate' Denial Of Service Vulnerability - July09
14934| [800827] Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
14935| [800680] Apache APR Version Detection
14936| [800679] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
14937| [800678] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
14938| [800677] Apache Roller Version Detection
14939| [800279] Apache mod_jk Module Version Detection
14940| [800278] Apache Struts Cross Site Scripting Vulnerability
14941| [800277] Apache Tomcat mod_jk Information Disclosure Vulnerability
14942| [800276] Apache Struts Version Detection
14943| [800271] Apache Struts Directory Traversal Vulnerability
14944| [800024] Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
14945| [103333] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
14946| [103293] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
14947| [103122] Apache Web Server ETag Header Information Disclosure Weakness
14948| [103074] Apache Continuum Cross Site Scripting Vulnerability
14949| [103073] Apache Continuum Detection
14950| [103053] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
14951| [101023] Apache Open For Business Weak Password security check
14952| [101020] Apache Open For Business HTML injection vulnerability
14953| [101019] Apache Open For Business service detection
14954| [100924] Apache Archiva Cross Site Request Forgery Vulnerability
14955| [100923] Apache Archiva Detection
14956| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
14957| [100814] Apache Axis2 Document Type Declaration Processing Security Vulnerability
14958| [100813] Apache Axis2 Detection
14959| [100797] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
14960| [100795] Apache Derby Detection
14961| [100762] Apache CouchDB Cross Site Request Forgery Vulnerability
14962| [100725] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
14963| [100613] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
14964| [100514] Apache Multiple Security Vulnerabilities
14965| [100211] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
14966| [100172] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
14967| [100171] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
14968| [100130] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
14969| [72626] Debian Security Advisory DSA 2579-1 (apache2)
14970| [72612] FreeBSD Ports: apache22
14971| [71551] Gentoo Security Advisory GLSA 201206-25 (apache)
14972| [71550] Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
14973| [71512] FreeBSD Ports: apache
14974| [71485] Debian Security Advisory DSA 2506-1 (libapache-mod-security)
14975| [71256] Debian Security Advisory DSA 2452-1 (apache2)
14976| [71238] Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
14977| [70737] FreeBSD Ports: apache
14978| [70724] Debian Security Advisory DSA 2405-1 (apache2)
14979| [70600] FreeBSD Ports: apache
14980| [70253] FreeBSD Ports: apache, apache-event, apache-itk, apache-peruser, apache-worker
14981| [70235] Debian Security Advisory DSA 2298-2 (apache2)
14982| [70233] Debian Security Advisory DSA 2298-1 (apache2)
14983| [69988] Debian Security Advisory DSA 2279-1 (libapache2-mod-authnz-external)
14984| [69338] Debian Security Advisory DSA 2202-1 (apache2)
14985| [67868] FreeBSD Ports: apache
14986| [66816] FreeBSD Ports: apache
14987| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
14988| [66414] Mandriva Security Advisory MDVSA-2009:323 (apache)
14989| [66106] SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)
14990| [66081] SLES11: Security update for Apache 2
14991| [66074] SLES10: Security update for Apache 2
14992| [66070] SLES9: Security update for Apache 2
14993| [65998] SLES10: Security update for apache2-mod_python
14994| [65893] SLES10: Security update for Apache 2
14995| [65888] SLES10: Security update for Apache 2
14996| [65575] SLES9: Security update for apache2,apache2-prefork,apache2-worker
14997| [65510] SLES9: Security update for Apache 2
14998| [65472] SLES9: Security update for Apache
14999| [65467] SLES9: Security update for Apache
15000| [65450] SLES9: Security update for apache2
15001| [65390] SLES9: Security update for Apache2
15002| [65363] SLES9: Security update for Apache2
15003| [65309] SLES9: Security update for Apache and mod_ssl
15004| [65296] SLES9: Security update for webdav apache module
15005| [65283] SLES9: Security update for Apache2
15006| [65249] SLES9: Security update for Apache 2
15007| [65230] SLES9: Security update for Apache 2
15008| [65228] SLES9: Security update for Apache 2
15009| [65212] SLES9: Security update for apache2-mod_python
15010| [65209] SLES9: Security update for apache2-worker
15011| [65207] SLES9: Security update for Apache 2
15012| [65168] SLES9: Security update for apache2-mod_python
15013| [65142] SLES9: Security update for Apache2
15014| [65136] SLES9: Security update for Apache 2
15015| [65132] SLES9: Security update for apache
15016| [65131] SLES9: Security update for Apache 2 oes/CORE
15017| [65113] SLES9: Security update for apache2
15018| [65072] SLES9: Security update for apache and mod_ssl
15019| [65017] SLES9: Security update for Apache 2
15020| [64950] Mandrake Security Advisory MDVSA-2009:240 (apache)
15021| [64783] FreeBSD Ports: apache
15022| [64774] Ubuntu USN-802-2 (apache2)
15023| [64653] Ubuntu USN-813-2 (apache2)
15024| [64559] Debian Security Advisory DSA 1834-2 (apache2)
15025| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
15026| [64527] Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)
15027| [64526] Mandrake Security Advisory MDVSA-2009:183 (apache-mod_security)
15028| [64500] Mandrake Security Advisory MDVSA-2009:168 (apache)
15029| [64443] Ubuntu USN-802-1 (apache2)
15030| [64426] Gentoo Security Advisory GLSA 200907-04 (apache)
15031| [64423] Debian Security Advisory DSA 1834-1 (apache2)
15032| [64391] Mandrake Security Advisory MDVSA-2009:149 (apache)
15033| [64377] Mandrake Security Advisory MDVSA-2009:124-1 (apache)
15034| [64251] Debian Security Advisory DSA 1816-1 (apache2)
15035| [64201] Ubuntu USN-787-1 (apache2)
15036| [64140] Mandrake Security Advisory MDVSA-2009:124 (apache)
15037| [64136] Mandrake Security Advisory MDVSA-2009:102 (apache)
15038| [63565] FreeBSD Ports: apache
15039| [63562] Ubuntu USN-731-1 (apache2)
15040| [61381] Gentoo Security Advisory GLSA 200807-06 (apache)
15041| [61185] FreeBSD Ports: apache
15042| [60582] Gentoo Security Advisory GLSA 200803-19 (apache)
15043| [60387] Slackware Advisory SSA:2008-045-02 apache
15044| [58826] FreeBSD Ports: apache-tomcat
15045| [58825] FreeBSD Ports: apache-tomcat
15046| [58804] FreeBSD Ports: apache
15047| [58745] Gentoo Security Advisory GLSA 200711-06 (apache)
15048| [58360] Debian Security Advisory DSA 1312-1 (libapache-mod-jk)
15049| [57851] Gentoo Security Advisory GLSA 200608-01 (apache)
15050| [57788] Debian Security Advisory DSA 1247-1 (libapache-mod-auth-kerb)
15051| [57335] Debian Security Advisory DSA 1167-1 (apache)
15052| [57201] Debian Security Advisory DSA 1131-1 (apache)
15053| [57200] Debian Security Advisory DSA 1132-1 (apache2)
15054| [57168] Slackware Advisory SSA:2006-209-01 Apache httpd
15055| [57145] FreeBSD Ports: apache
15056| [56731] Slackware Advisory SSA:2006-129-01 Apache httpd
15057| [56729] Slackware Advisory SSA:2006-130-01 Apache httpd redux
15058| [56246] Gentoo Security Advisory GLSA 200602-03 (Apache)
15059| [56212] Debian Security Advisory DSA 952-1 (libapache-auth-ldap)
15060| [56115] Debian Security Advisory DSA 935-1 (libapache2-mod-auth-pgsql)
15061| [56067] FreeBSD Ports: apache
15062| [55803] Slackware Advisory SSA:2005-310-04 apache
15063| [55519] Debian Security Advisory DSA 839-1 (apachetop)
15064| [55392] Gentoo Security Advisory GLSA 200509-12 (Apache)
15065| [55355] FreeBSD Ports: apache
15066| [55284] Debian Security Advisory DSA 807-1 (libapache-mod-ssl)
15067| [55261] Debian Security Advisory DSA 805-1 (apache2)
15068| [55259] Debian Security Advisory DSA 803-1 (apache)
15069| [55129] Gentoo Security Advisory GLSA 200508-15 (apache)
15070| [54739] Gentoo Security Advisory GLSA 200411-18 (apache)
15071| [54724] Gentoo Security Advisory GLSA 200411-03 (apache)
15072| [54712] Gentoo Security Advisory GLSA 200410-21 (apache)
15073| [54689] Gentoo Security Advisory GLSA 200409-33 (net=www/apache)
15074| [54677] Gentoo Security Advisory GLSA 200409-21 (apache)
15075| [54610] Gentoo Security Advisory GLSA 200407-03 (Apache)
15076| [54601] Gentoo Security Advisory GLSA 200406-16 (Apache)
15077| [54590] Gentoo Security Advisory GLSA 200406-05 (Apache)
15078| [54582] Gentoo Security Advisory GLSA 200405-22 (Apache)
15079| [54529] Gentoo Security Advisory GLSA 200403-04 (Apache)
15080| [54499] Gentoo Security Advisory GLSA 200310-04 (Apache)
15081| [54498] Gentoo Security Advisory GLSA 200310-03 (Apache)
15082| [54439] FreeBSD Ports: apache
15083| [53931] Slackware Advisory SSA:2004-133-01 apache
15084| [53903] Slackware Advisory SSA:2004-299-01 apache, mod_ssl, php
15085| [53902] Slackware Advisory SSA:2004-305-01 apache+mod_ssl
15086| [53878] Slackware Advisory SSA:2003-308-01 apache security update
15087| [53851] Debian Security Advisory DSA 135-1 (libapache-mod-ssl)
15088| [53849] Debian Security Advisory DSA 132-1 (apache-ssl)
15089| [53848] Debian Security Advisory DSA 131-1 (apache)
15090| [53784] Debian Security Advisory DSA 021-1 (apache)
15091| [53738] Debian Security Advisory DSA 195-1 (apache-perl)
15092| [53737] Debian Security Advisory DSA 188-1 (apache-ssl)
15093| [53735] Debian Security Advisory DSA 187-1 (apache)
15094| [53703] Debian Security Advisory DSA 532-1 (libapache-mod-ssl)
15095| [53577] Debian Security Advisory DSA 120-1 (libapache-mod-ssl, apache-ssl)
15096| [53568] Debian Security Advisory DSA 067-1 (apache,apache-ssl)
15097| [53519] Debian Security Advisory DSA 689-1 (libapache-mod-python)
15098| [53433] Debian Security Advisory DSA 181-1 (libapache-mod-ssl)
15099| [53282] Debian Security Advisory DSA 594-1 (apache)
15100| [53248] Debian Security Advisory DSA 558-1 (libapache-mod-dav)
15101| [53224] Debian Security Advisory DSA 532-2 (libapache-mod-ssl)
15102| [53215] Debian Security Advisory DSA 525-1 (apache)
15103| [53151] Debian Security Advisory DSA 452-1 (libapache-mod-python)
15104| [52529] FreeBSD Ports: apache+ssl
15105| [52501] FreeBSD Ports: apache
15106| [52461] FreeBSD Ports: apache
15107| [52390] FreeBSD Ports: apache
15108| [52389] FreeBSD Ports: apache
15109| [52388] FreeBSD Ports: apache
15110| [52383] FreeBSD Ports: apache
15111| [52339] FreeBSD Ports: apache+mod_ssl
15112| [52331] FreeBSD Ports: apache
15113| [52329] FreeBSD Ports: ru-apache+mod_ssl
15114| [52314] FreeBSD Ports: apache
15115| [52310] FreeBSD Ports: apache
15116| [15588] Detect Apache HTTPS
15117| [15555] Apache mod_proxy content-length buffer overflow
15118| [15554] Apache mod_include priviledge escalation
15119| [14771] Apache <= 1.3.33 htpasswd local overflow
15120| [14177] Apache mod_access rule bypass
15121| [13644] Apache mod_rootme Backdoor
15122| [12293] Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
15123| [12280] Apache Connection Blocking Denial of Service
15124| [12239] Apache Error Log Escape Sequence Injection
15125| [12123] Apache Tomcat source.jsp malformed request information disclosure
15126| [12085] Apache Tomcat servlet/JSP container default files
15127| [11438] Apache Tomcat Directory Listing and File disclosure
15128| [11204] Apache Tomcat Default Accounts
15129| [11092] Apache 2.0.39 Win32 directory traversal
15130| [11046] Apache Tomcat TroubleShooter Servlet Installed
15131| [11042] Apache Tomcat DOS Device Name XSS
15132| [11041] Apache Tomcat /servlet Cross Site Scripting
15133| [10938] Apache Remote Command Execution via .bat files
15134| [10839] PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability
15135| [10773] MacOS X Finder reveals contents of Apache Web files
15136| [10766] Apache UserDir Sensitive Information Disclosure
15137| [10756] MacOS X Finder reveals contents of Apache Web directories
15138| [10752] Apache Auth Module SQL Insertion Attack
15139| [10704] Apache Directory Listing
15140| [10678] Apache /server-info accessible
15141| [10677] Apache /server-status accessible
15142| [10440] Check for Apache Multiple / vulnerability
15143|
15144| SecurityTracker - https://www.securitytracker.com:
15145| [1028865] Apache Struts Bugs Permit Remote Code Execution and URL Redirection Attacks
15146| [1028864] Apache Struts Wildcard Matching and Expression Evaluation Bugs Let Remote Users Execute Arbitrary Code
15147| [1028824] Apache mod_dav_svn URI Processing Flaw Lets Remote Users Deny Service
15148| [1028823] Apache Unspecified Flaw in mod_session_dbd Has Unspecified Impact
15149| [1028724] (HP Issues Fix for HP-UX) Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
15150| [1028722] (Red Hat Issues Fix for JBoss) Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
15151| [1028693] (Red Hat Issues Fix) Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
15152| [1028622] Apache Struts 'includeParams' Bugs Permit Remote Command Execution and Cross-Site Scripting Attacks
15153| [1028621] Apache Subversion Bugs Let Remote Authenticated Users Execute Arbitrary Commands and Deny Service
15154| [1028540] Apache mod_rewrite Input Validation Flaw Lets Remote Users Execute Arbitrary Commands
15155| [1028534] Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
15156| [1028533] Apache Tomcat Lack of Chunked Transfer Encoding Extension Size Limit Lets Remote Users Deny Service
15157| [1028532] Apache Tomcat AsyncListeners Bug May Disclose Information from One Request to Another User
15158| [1028515] Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
15159| [1028457] Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information
15160| [1028287] Apache CXF WSS4JInInterceptor Grants Service Access to Remote Users
15161| [1028286] Apache CXF WS-Security UsernameToken Processing Flaw Lets Remote Users Bypass Authentication
15162| [1028252] Apache Commons FileUpload Unsafe Temporary File Lets Local Users Gain Elevated Privileges
15163| [1028207] Apache Input Validation Bugs Permit Cross-Site Scripting Attacks
15164| [1027836] Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
15165| [1027834] Apache Tomcat Bug Lets Remote Users Bypass Cross-Site Request Forgery Prevention Filter
15166| [1027833] Apache Tomcat Bug Lets Remote Users Bypass Security Constraints
15167| [1027729] Apache Tomcat Header Processing Bug Lets Remote Users Deny Service
15168| [1027728] Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
15169| [1027554] Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions
15170| [1027508] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
15171| [1027421] Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
15172| [1027096] Apache Commons Compress BZip2CompressorOutputStream() Sorting Algorithm Lets Remote or Local Users Deny Service
15173| [1026932] Apache LD_LIBRARY_PATH Processing Lets Local Users Gain Elevated Privileges
15174| [1026928] Apache OFBiz Unspecified Flaw Lets Remote Users Execute Arbitrary Code
15175| [1026927] Apache OFBiz Input Validation Flaws Permit Cross-Site Scripting Attacks
15176| [1026847] Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service
15177| [1026846] Apache Wicket Discloses Hidden Application Files to Remote Users
15178| [1026839] Apache Wicket Input Validation Flaw in 'wicket:pageMapName' Parameter Permits Cross-Site Scripting Attacks
15179| [1026616] Apache Bugs Let Remote Users Deny Service and Obtain Cookie Data
15180| [1026575] Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands
15181| [1026484] Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code
15182| [1026477] Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service
15183| [1026402] Apache Struts Conversion Error Lets Remote Users Inject Arbitrary Commands
15184| [1026353] Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access Internal Servers
15185| [1026295] Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges
15186| [1026267] Apache .htaccess File Integer Overflow Lets Local Users Execute Arbitrary Code
15187| [1026144] Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers
15188| [1026095] Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks
15189| [1026054] Apache mod_proxy_ajp HTTP Processing Error Lets Remote Users Deny Service
15190| [1025993] Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information
15191| [1025976] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
15192| [1025960] Apache httpd Byterange Filter Processing Error Lets Remote Users Deny Service
15193| [1025925] Apache Tomcat Commons Daemon jsvc Lets Local Users Gain Elevated Privileges
15194| [1025924] Apache Tomcat XML Validation Flaw Lets Applications Obtain Potentially Sensitive Information
15195| [1025788] Apache Tomcat Lets Malicious Applications Obtain Information and Deny Service
15196| [1025755] Apache Santuario Buffer Overflow Lets Remote Users Deny Service
15197| [1025712] Apache Tomcat Discloses Passwords to Local Users in Certain Cases
15198| [1025577] Apache Archiva Input Validation Hole Permits Cross-Site Scripting Attacks
15199| [1025576] Apache Archiva Request Validation Flaw Permits Cross-Site Request Forgery Attacks
15200| [1025527] Apache APR Library apr_fnmatch() Flaw Lets Remote Users Execute Arbitrary Code
15201| [1025303] Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users
15202| [1025215] Apache Tomcat May Ignore @ServletSecurity Annotation Protections
15203| [1025066] Apache Continuum Input Validation Flaw Permits Cross-Site Request Forgery Attacks
15204| [1025065] Apache Continuum Input Validation Hole Permits Cross-Site Scripting Attacks
15205| [1025027] Apache Tomcat maxHttpHeaderSize Parsing Error Lets Remote Users Deny Service
15206| [1025026] Apache Tomcat Manager Input Validation Hole Permits Cross-Site Scripting Attacks
15207| [1025025] Apache Tomcat Security Manager Lets Local Users Bypass File Permissions
15208| [1024764] Apache Tomcat Manager Input Validation Hole in 'sessionList.jsp' Permits Cross-Site Scripting Attacks
15209| [1024417] Apache Traffic Server Insufficient Randomization Lets Remote Users Poison the DNS Cache
15210| [1024332] Apache mod_cache and mod_dav Request Processing Flaw Lets Remote Users Deny Service
15211| [1024180] Apache Tomcat 'Transfer-Encoding' Header Processing Flaw Lets Remote Users Deny Service and Obtain Potentially Sensitive Information
15212| [1024096] Apache mod_proxy_http May Return Results for a Different Request
15213| [1023942] Apache mod_proxy_ajp Error Condition Lets Remote Users Deny Service
15214| [1023941] Apache ap_read_request() Memory Error May Let Remote Users Access Potentially Sensitive Information
15215| [1023778] Apache ActiveMQ Input Validation Flaw Permits Cross-Site Scripting Attacks
15216| [1023701] Apache mod_isapi Error Processing Flaw May Let Remote Users Deny Service
15217| [1023533] Apache mod_proxy Integer Overflow May Let Remote Users Execute Arbitrary Code
15218| [1022988] Apache Solaris Support Code Bug Lets Remote Users Deny Service
15219| [1022529] Apache mod_deflate Connection State Bug Lets Remote Users Deny Service
15220| [1022509] Apache mod_proxy stream_reqbody_cl() Infinite Loop Lets Remote Users Deny Service
15221| [1022296] Apache IncludesNoExec Options Restrictions Can Be Bypass By Local Users
15222| [1022264] Apache mod_proxy_ajp Bug May Disclose Another User's Response Data
15223| [1022001] Apache Tomcat mod_jk May Disclose Responses to the Wrong User
15224| [1021988] mod_perl Input Validation Flaw in Apache::Status and Apache2::Status Permits Cross-Site Scripting Attacks
15225| [1021350] NetWare Bug Lets Remote Users Access the ApacheAdmin Console
15226| [1020635] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
15227| [1020520] Oracle WebLogic Apache Connector Lets Remote Users Execute Arbitrary Code
15228| [1020267] Apache mod_proxy Interim Response Process Bug Lets Remote Users Deny Service
15229| [1019784] Apache-SSL Certificate Processing Bug May Let Remote Users View Portions of Kernel Memory
15230| [1019256] Apache mod_negotiation Input Validation Hole Permits Cross-Site Scripting Attacks
15231| [1019194] Apache Input Validation Hole in Mod_AutoIndex When the Character Set is Undefined May Permit Cross-Site Scripting Attacks
15232| [1019185] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
15233| [1019154] Apache Input Validation Hole in mod_status Permits Cross-Site Scripting Attacks
15234| [1019093] Apache Input Validation Hole in mod_imap Permits Cross-Site Scripting Attacks
15235| [1019030] Apache Input Validation Hole in Default HTTP 413 Error Page Permits Cross-Site Scripting Attacks
15236| [1018633] Apache mod_proxy Bug Lets Remote Users Deny Service
15237| [1018304] Apache HTTPD scoreboard Protection Flaw Lets Local Users Terminate Arbitrary Processes
15238| [1018303] Apache HTTPD mod_cache May Let Remote Users Deny Service
15239| [1018302] Apache mod_status Input Validation Hole Permits Cross-Site Scripting Attacks
15240| [1018269] Apache Tomcat Input Validation Hole in Processing Accept-Language Header Permits Cross-Site Scripting Attacks
15241| [1017904] Apache suEXEC Bugs May Let Local Users Gain Elevated Privileges
15242| [1017719] Apache Tomcat JK Web Server Connector Buffer Overflow in map_uri_to_worker() Lets Remote Users Execute Arbitrary Code
15243| [1017062] Apache mod_tcl Format String Bug in set_var() Function May Let Remote Users Execute Arbitrary Code
15244| [1016601] Apache mod_rewrite Off-by-one Error Lets Remote Users Execute Arbitrary Code
15245| [1016576] Apache Tomcat Discloses Directory Listings to Remote Users
15246| [1015447] Apache mod_ssl Null Pointer Dereference May Let Remote Users Deny Service
15247| [1015344] Apache mod_imap Input Validation Flaw in Referer Field Lets Remote Users Conduct Cross-Site Scripting Attacks
15248| [1015093] Apache Memory Leak in MPM 'worker.c' Code May Let Remote Users Deny Service
15249| [1014996] ApacheTop Unsafe Temporary File May Let Local Users Gain Elevated Privileges
15250| [1014833] Apache ssl_hook_Access() Function May Fail to Verify Client Certificates
15251| [1014826] Apache Memory Leak in 'byterange filter' Lets Remote Users Deny Service
15252| [1014575] Apache mod_ssl Off-by-one Buffer Overflow in Processing CRLs May Let Remote Users Deny Service
15253| [1014323] Apache Chunked Transfer-Encoding and Content-Length Processing Lets Remote Users Smuggle HTTP Requests
15254| [1013156] Apache mod_python Publisher Handler Discloses Information to Remote Users
15255| [1012829] Apache mod_auth_radius radcpy() Integer Overflow Lets Remote Users Deny Service in Certain Cases
15256| [1012416] Apache on Apple OS X Lets Remote Users Bypass Apache File Handlers and Directly Access Files
15257| [1012415] Apache on Apple HFS+ Filesystems May Disclose '.DS_Store' Files to Remote Users
15258| [1012414] Apache mod_digest_apple Lets Remote Users Replay Authentication Credentials
15259| [1012083] Apache Web Server Error in Processing Requests With Many Space Characters Lets Remote Users Deny Service
15260| [1011783] Apache mod_include Buffer Overflow Lets Local Users Execute Arbitrary Code
15261| [1011557] Apache mod_ssl SSLCipherSuite Directive Can By Bypassed in Certain Cases
15262| [1011385] Apache Satsify Directive Error May Let Remote Users Access Restricted Resources
15263| [1011340] Apache SSL Connection Abort State Error Lets Remote Users Deny Service
15264| [1011303] Apache ap_resolve_env() Buffer Overflow in Reading Configuration Files May Let Local Users Gain Elevated Privileges
15265| [1011299] Apache IPv6 Address Parsing Flaw May Let Remote Users Deny Service
15266| [1011248] Apache mod_dav LOCK Method Error May Let Remote Users Deny Service
15267| [1011213] Apache mod_ssl Can Be Crashed By Remote Users When Reverse Proxying SSL Connections
15268| [1010674] Apache Can Be Crashed By PHP Code Invoking Nested Remote Sockets
15269| [1010599] Apache httpd Header Line Memory Allocation Lets Remote Users Crash the Server
15270| [1010462] Apache mod_proxy Buffer Overflow May Let Remote Users Execute Arbitrary Code
15271| [1010322] Apache mod_ssl Stack Overflow in ssl_util_uuencode_binary() May Let Remote Users Execute Arbitrary Code
15272| [1010270] cPanel Apache mod_phpsuexec Options Let Local Users Gain Elevated Privileges
15273| [1009934] Apache Web Server Has Buffer Overflow in ebcdic2ascii() on Older Processor Architectures
15274| [1009516] Apache mod_survey HTML Report Format Lets Remote Users Conduct Cross-Site Scripting Attacks
15275| [1009509] Apache mod_disk_cache Stores Authentication Credentials on Disk
15276| [1009495] Apache Web Server Socket Starvation Flaw May Let Remote Users Deny Service
15277| [1009417] GroupWise WebAccess With Apache on NetWare Has Configuration Flaw That May Grant Web Access to Remote Users
15278| [1009338] Apache mod_access Parsing Flaw May Fail to Enforce Allow/Deny Rules
15279| [1009337] Apache mod_ssl Memory Leak Lets Remote Users Crash the Daemon
15280| [1009182] Apache for Cygwin '..%5C' Input Validation Flaw Discloses Files to Remote Users
15281| [1008973] PHP May Apply Incorrect php_admin_* Settings To Requests for Apache Virtual Hosts
15282| [1008967] Apache-SSL 'SSLFakeBasicAuth' Lets Remote Users Forge Client Certificates to Be Authenticated
15283| [1008920] Apache mod_digest May Validate Replayed Client Responses
15284| [1008828] Apache mod_python String Processing Bug Still Lets Remote Users Crash the Web Server
15285| [1008822] Apache mod_perl File Descriptor Leak May Let Local Users Hijack the http and https Services
15286| [1008675] mod_auth_shadow Apache Module Authenticates Expired Passwords
15287| [1008559] Apache mod_php File Descriptor Leak May Let Local Users Hijack the https Service
15288| [1008335] Apache mod_python String Processing Bug Lets Remote Users Crash the Web Server
15289| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
15290| [1008030] Apache mod_rewrite Contains a Buffer Overflow
15291| [1008029] Apache mod_alias Contains a Buffer Overflow
15292| [1008028] Apache mod_cgid May Disclose CGI Output to Another Client
15293| [1007995] Apache Cocoon Forms May Let Remote Users Execute Arbitrary Java Code on the System
15294| [1007993] Apache Cocoon 'view-source' Sample Script Discloses Files to Remote Users
15295| [1007823] Apache Web Server mod_cgi Error May Let Malicious CGI Scripts Crash the Web Service
15296| [1007664] Apache::Gallery Unsafe Temporary Files May Let Local Users Gain Apache Web Server Privileges
15297| [1007557] Apache Web Server Does Not Filter Terminal Escape Sequences From Log Files
15298| [1007230] Apache HTTP Server 'rotatelogs' Bug on Win32 and OS/2 May Cause the Logging to Stop
15299| [1007146] Apache HTTP Server FTP Proxy Bug May Cause Denial of Service Conditions
15300| [1007145] Apache 'accept()' Errors May Cause Denial of Service Conditions
15301| [1007144] Apache Web Server 'type-map' File Error Permits Local Denial of Service Attacks
15302| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
15303| [1006864] Apache Web Server Can Be Crashed By Remote Users Via mod_dav Flaws and Also Via Basic Authentication
15304| [1006709] Apache mod_survey Input Validation Flaw Lets Remote Users Fill Up Disk Space
15305| [1006614] Apache mod_ntlm Buffer Overflow and Format String Flaw Let Remote Users Execute Arbitary Code
15306| [1006591] Apache mod_access_referer Module Null Pointer Dereference May Faciliate Denial of Service Attacks
15307| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
15308| [1006021] Apache Tomcat Server URL Parsing Error May Disclose Otherwise Inaccessible Web Directory Listings and Files to Remote Users
15309| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
15310| [1005962] Apache Web Server Path Parsing Flaw May Allow Remote Users to Execute Code in Certain Configurations
15311| [1005848] Apache 'printenv' Script Input Validation Bugs in Older Versions May Let Remote Users Conduct Cross-Site Scripting Attacks
15312| [1005765] Apache mod_jk Module Processing Bug When Used With Tomcat May Disclose Information to Remote Users or Crash
15313| [1005548] Apache mod_php Module May Allow Local Users to Gain Control of the Web Port
15314| [1005499] Apache Web Server (2.0.42) May Disclose CGI Source Code to Remote Users When Used With WebDAV
15315| [1005410] Apache Tomcat Java Servlet Engine Can Be Crashed Via Multiple Requests for DOS Device Names
15316| [1005351] Apache Web Server (1.3.x) Shared Memory Scoreboard Bug Lets Certain Local Users Issue Signals With Root Privileges
15317| [1005331] Apache Web Server (2.x) SSI Server Signature Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
15318| [1005290] Apache Tomcat Java Server Default Servlet Returns JSP Source Code to Remote Users
15319| [1005285] Apache Web Server 'mod_dav' Has Null Pointer Bug That May Allow Remote Users to Cause Denial of Service Conditions
15320| [1005010] Apache Web Server (2.0) Has Unspecified Flaw That Allows Remote Users to Obtain Sensitive Data and Cause Denial of Service Conditions
15321| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
15322| [1004745] Apache Tomcat Java Server Allows Cross-Site Scripting Attacks
15323| [1004636] Apache mod_ssl 'Off-by-One' Bug May Let Local Users Crash the Web Server or Possibly Execute Arbitrary Code
15324| [1004602] Apache Tomcat Java Server for Windows Can Be Crashed By Remote Users Sending Malicious Requests to Hang All Available Working Threads
15325| [1004586] Apache Tomcat Java Server May Disclose the Installation Path to Remote Users
15326| [1004555] Apache Web Server Chunked Encoding Flaw May Let Remote Users Execute Arbitrary Code on the Server
15327| [1004209] Apache 'mod_python' Python Language Interpreter Bug in Publisher Handler May Allow Remote Users to Modify Files on the System
15328| [1003874] Apache Web Server for Windows Has Batch File Processing Hole That Lets Remote Users Execute Commands on the System
15329| [1003767] 'mod_frontpage' Module for Apache Web Server Has Buffer Overlow in 'fpexec.c' That Allows Remote Users to Execute Arbitrary Code on the System with Root Privileges
15330| [1003723] Apache-SSL for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
15331| [1003664] 'mod_ssl' Security Package for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
15332| [1003602] GNUJSP Java Server Pages Implementation Discloses Web Files and Source Code to Remote Users and Bypasses Apache Access Control Restrictions
15333| [1003465] PHP for Apache Web Server May Disclose Installation Path Information to Remote Users Making 'OPTIONS' Requests
15334| [1003451] Oracle Application Server PL/SQL Module for Apache Has Buffer Overflows That Allow Remote Users to Execute Arbitrary Code and Gain Access to the Server
15335| [1003131] Apache Web Server in Virtual Hosting Mode Can Be Crashed By a Local User Removing a Log Directory
15336| [1003104] PHP.EXE Windows CGI for Apache Web Server May Let Remote Users View Files on the Server Due to Configuration Error
15337| [1003008] Apache 'mod_bf' Module Lets Remote Users Execute Arbitrary Code
15338| [1002629] Apache suEXEC Wrapper Fails to Observe Minimum Group ID Security Settings in Certain Situations
15339| [1002542] Apache Web Server Virtual Hosting Split-Logfile Function Lets Remote Users Write Log Entries to Arbitrary Files on the System
15340| [1002400] Apache mod_gzip Module Has Buffer Overflow That Can Be Exploited By Local Users to Gain Elevated Privileges
15341| [1002303] Several 3rd Party Apache Authentication Modules Allow Remote Users to Execute Arbitrary Code to Gain Access to the System or Execute Stored Procedures to Obtain Arbitrary Database Information
15342| [1002188] Apache Web Server Discloses Internal IP Addresses to Remote Users in Certain Configurations
15343| [1001989] Apache Web Server May Disclose Directory Contents Even If an Index.html File is Present in the Directory
15344| [1001719] Apache Web Server on Mac OS X Client Fails to Enforce File and Directory Access Protections, Giving Remote Users Access to Restricted Pages
15345| [1001572] Apache Web Server on Microsoft Windows Platforms Allows Remote Users to Crash the Web Server
15346| [1001304] Apache Web Server for Windows Lets Remote Users Crash the Web Server Application
15347| [1001083] Apache Web Server May Display Directory Index Listings Even if Directory Listings Are Disabled
15348|
15349| OSVDB - http://www.osvdb.org:
15350| [96078] Apache CloudStack Infrastructure Menu Setup Network Multiple Field XSS
15351| [96077] Apache CloudStack Global Settings Multiple Field XSS
15352| [96076] Apache CloudStack Instances Menu Display Name Field XSS
15353| [96075] Apache CloudStack Instances Menu Add Instances Network Name Field XSS
15354| [96074] Apache CloudStack Instances Menu Add Instances Review Step Multiple Field XSS
15355| [96031] Apache HTTP Server suEXEC Symlink Arbitrary File Access
15356| [95888] Apache Archiva Single / Double Quote Character Handling XSS Weakness
15357| [95885] Apache Subversion mod_dav_svn Module Crafted HTTP Request Handling Remote DoS
15358| [95706] Apache OpenOffice.org (OOo) OOXML Document File XML Element Handling Memory Corruption
15359| [95704] Apache OpenOffice.org (OOo) DOC File PLCF Data Handling Memory Corruption
15360| [95603] Apache Continuum web/util/GenerateRecipentNotifier.java recipient Parameter XSS
15361| [95602] Apache Continuum web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml Multiple Parameter XSS
15362| [95601] Apache Continuum web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
15363| [95600] Apache Continuum web/action/ScheduleAction-saveSchedule-validation.xml Multiple Parameter XSS
15364| [95599] Apache Continuumweb/action/BuildDefinitionAction-saveBuildDefinition-validation.xml Multiple Parameter XSS
15365| [95598] Apache Continuum web/action/AddProjectAction-addProject-validation.xml Multiple Parameter XSS
15366| [95597] Apache Continuum web/action/ProjectEditAction-projectSave-validation.xml Multiple Parameter XSS
15367| [95596] Apache Continuum web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
15368| [95595] Apache Continuum web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml Multiple Parameter XSS
15369| [95594] Apache Continuum web/action/ProjectGroupAction.java Multiple Parameter XSS
15370| [95593] Apache Continuum web/action/AddProjectGroupAction.java Multiple Parameter XSS
15371| [95592] Apache Continuum web/action/AddProjectAction.java Multiple Parameter XSS
15372| [95523] Apache OFBiz Webtools Application View Log Screen Unspecified XSS
15373| [95522] Apache OFBiz Nested Expression Evaluation Arbitrary UEL Function Execution
15374| [95521] Apache HTTP Server mod_session_dbd Session Saving Unspecified Issue
15375| [95498] Apache HTTP Server mod_dav.c Crafted MERGE Request Remote DoS
15376| [95406] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Arbitrary Site Redirect
15377| [95405] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Remote Code Execution
15378| [95011] Apache CXF XML Parser SOAP Message Handling CPU Resource Exhaustion Remote DoS
15379| [94705] Apache Geronimo RMI Classloader Exposure Serialized Object Handling Remote Code Execution
15380| [94651] Apache Santuario (XML Security for C++) XML Signature CanonicalizationMethod Parameter Spoofing Weakness
15381| [94636] Apache Continuum workingCopy.action userDirectory Traversal Arbitrary File Access
15382| [94635] Apache Maven SCM SvnCommandlineUtils Process Listing Local Password Disclosure
15383| [94632] Apache Maven Wagon SSH (wagon-ssh) Host Verification Failure MitM Weakness
15384| [94625] Apache Santuario (XML Security for C++) XML Signature Reference Crafted XPointer Expression Handling Heap Buffer Overflow
15385| [94618] Apache Archiva /archiva/security/useredit.action username Parameter XSS
15386| [94617] Apache Archiva /archiva/security/roleedit.action name Parameter XSS
15387| [94616] Apache Archiva /archiva/security/userlist!show.action roleName Parameter XSS
15388| [94615] Apache Archiva /archiva/deleteArtifact!doDelete.action groupId Parameter XSS
15389| [94614] Apache Archiva /archiva/admin/addLegacyArtifactPath!commit.action legacyArtifactPath.path Parameter XSS
15390| [94613] Apache Archiva /archiva/admin/addRepository.action Multiple Parameter XSS
15391| [94612] Apache Archiva /archiva/admin/editAppearance.action Multiple Parameter XSS
15392| [94611] Apache Archiva /archiva/admin/addLegacyArtifactPath.action Multiple Parameter XSS
15393| [94610] Apache Archiva /archiva/admin/addNetworkProxy.action Multiple Parameter XSS
15394| [94403] Apache Santuario (XML Security for C++) InclusiveNamespace PrefixList Processing Heap Overflow
15395| [94402] Apache Santuario (XML Security for C++) HMAC-based XML Signature Processing DoS
15396| [94401] Apache Santuario (XML Security for C++) XPointer Evaluation Stack Overflow
15397| [94400] Apache Santuario (XML Security for C++) HMAC-Based XML Signature Reference Element Validation Spoofing Weakness
15398| [94279] Apache Qpid CA Certificate Validation Bypass
15399| [94275] Apache Solr JettySolrRunner.java Can Not Find Error Message XSS
15400| [94233] Apache OpenJPA Object Deserialization Arbitrary Executable Creation
15401| [94042] Apache Axis JAX-WS Java Unspecified Exposure
15402| [93969] Apache Struts OGNL Expression Handling Double Evaluation Error Remote Command Execution
15403| [93796] Apache Subversion Filename Handling FSFS Repository Corruption Remote DoS
15404| [93795] Apache Subversion svnserve Server Aborted Connection Message Handling Remote DoS
15405| [93794] Apache Subversion contrib/hook-scripts/check-mime-type.pl svnlook Hyphenated argv Argument Handling Remote DoS
15406| [93793] Apache Subversion contrib/hook-scripts/svn-keyword-check.pl Filename Handling Remote Command Execution
15407| [93646] Apache Struts Crafted Parameter Arbitrary OGNL Code Execution
15408| [93645] Apache Struts URL / Anchor Tag includeParams Attribute Remote Command Execution
15409| [93636] Apache Pig Multiple Physical Operator Memory Exhaustion Remote Remote DoS
15410| [93635] Apache Wink DTD (Document Type Definition) Expansion Data Parsing Information Disclosure
15411| [93605] RT Apache::Session::File Session Replay Reuse Information Disclosure
15412| [93599] Apache Derby SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY Boot Password Manipulation Re-encryption Failure Password Corruption
15413| [93555] Apache Commons Codec Invalid Base32 String Information Tunneling Weakness
15414| [93554] Apache HBase bulkLoadHFiles() Method ACL Bypass
15415| [93543] JBoss Enterprise Application Platform org.apache.catalina.connector.Response.encodeURL() Method MitM jsessionid Disclosure
15416| [93542] Apache ManifoldCF (Connectors Framework) org.apache.manifoldcf.crawler.ExportConfiguration Class Configuration Export Password Disclosure
15417| [93541] Apache Solr json.wrf Callback XSS
15418| [93524] Apache Hadoop GetSecurityDescriptorControl() Function Absolute Security Descriptor Handling NULL Descriptor Weakness
15419| [93521] Apache jUDDI Security API Token Session Persistence Weakness
15420| [93520] Apache CloudStack Default SSL Key Weakness
15421| [93519] Apache Shindig /ifr Cross-site Arbitrary Gadget Invocation
15422| [93518] Apache Solr /admin/analysis.jsp name Parameter XSS
15423| [93517] Apache CloudStack setup-cloud-management /etc/sudoers Modification Local Privilege Escalation
15424| [93516] Apache CXF UsernameTokenInterceptor Nonce Caching Replay Weakness
15425| [93515] Apache HBase table.jsp name Parameter XSS
15426| [93514] Apache CloudStack Management Server Unauthenticated Remote JMX Connection Default Setting Weakness
15427| [93463] Apache Struts EL / OGNL Interpretation Unspecified Remote Code Execution
15428| [93462] Apache CXF WS-SecurityPolicy AlgorithmSuite Arbitrary Ciphertext Decryption Weakness
15429| [93401] Apache Hadoop core-site.xml Permission Weakness Local Alfredo Secret Disclosure
15430| [93400] Apache Hadoop Map/Reduce Job Log Directory Symlink Arbitrary File Mode Manipulation
15431| [93397] Apache Wicket Referrer HTTP Header Session ID Disclosure
15432| [93366] Apache HTTP Server modules/mappers/mod_rewrite.c do_rewritelog() Function Log File Terminal Escape Sequence Filtering Remote Command Execution
15433| [93254] Apache Tomcat AsyncListener Method Cross-session Information Disclosure
15434| [93253] Apache Tomcat Chunked Transfer Encoding Data Saturation Remote DoS
15435| [93252] Apache Tomcat FORM Authenticator Session Fixation
15436| [93172] Apache Camel camel/endpoints/ Endpoint XSS
15437| [93171] Apache Sling HtmlResponse Error Message XSS
15438| [93170] Apache Directory DelegatingAuthenticator MitM Spoofing Weakness
15439| [93169] Apache Wave AuthenticationServlet.java Session Fixation Weakness
15440| [93168] Apache Click ErrorReport.java id Parameter XSS
15441| [93167] Apache ActiveMQ JMSXUserId Spoofing Weakness
15442| [93166] Apache CXF Crafted Message Element Count Handling System Resource Exhaustion Remote DoS
15443| [93165] Apache CXF Crafted Message Element Level Handling System Resource Exhaustion Remote DoS
15444| [93164] Apache Harmony DatagramSocket Class connect Method CheckAccept() IP Blacklist Bypass
15445| [93163] Apache Hadoop Map/Reduce Daemon Symlink Arbitrary File Overwrite
15446| [93162] Apache VelocityStruts struts/ErrorsTool.getMsgs Error Message XSS
15447| [93161] Apache CouchDB Rewriter VM Atom Table Memory Exhaustion Remote DoS
15448| [93158] Apache Wicket BookmarkablePageLink Feature XSS CSRF
15449| [93157] Apache Struts UrlHelper.java s:url includeParams Functionality XSS
15450| [93156] Apache Tapestry Calendar Component datefield.js datefield Parameter XSS
15451| [93155] Apache Struts fielderror.ftl fielderror Parameter Error Message XSS
15452| [93154] Apache JSPWiki Edit.jsp createPages WikiPermission Bypass
15453| [93153] Apache PDFBox PDFXrefStreamParser Missing Element Handling PDF Parsing DoS
15454| [93152] Apache Hadoop HttpServer.java Multiple Function XSS
15455| [93151] Apache Shiro Search Filter userName Parameter LDAP Code Injection Weakness
15456| [93150] Apache Harmony java.net.SocketPermission Class boolean equals Function checkConnect() Weakness Host Name Retrieval
15457| [93149] Apache Harmony java.security.Provider Class void load Function checkSecurityAccess() Weakness
15458| [93148] Apache Harmony java.security.ProtectionDomain Class java.lang.String.toString() Function checkPermission() Weakness
15459| [93147] Apache Harmony java.net.URLConnection openConnection Function checkConnect Weakness Proxy Connection Permission Bypass
15460| [93146] Apache Harmony java.net.ServerSocket Class void implAccept Function checkAccept() Weakness SerSocket Subclass Creation
15461| [93145] Apache Qpid JMS Client Detached Session Frame Handling NULL Pointer Dereference Remote DoS
15462| [93144] Apache Solr Admin Command Execution CSRF
15463| [93009] Apache VCL XMLRPC API Unspecified Function Remote Privilege Escalation
15464| [93008] Apache VCL Web GUI Unspecified Remote Privilege Escalation
15465| [92997] Apache Commons Codec org.apache.commons.codec.net.URLCodec Fields Missing 'final' Thread-safety Unspecified Issue
15466| [92976] Apache ActiveMQ scheduled.jsp crontab Command XSS
15467| [92947] Apache Commons Codec org.apache.commons.codec.language.Soundex.US_ENGLISH_MAPPING Missing MS_PKGPROTECT Field Manipulation Unspecified Issue
15468| [92749] Apache CloudStack Predictable Hash Virtual Machine Console Console Access URL Generation
15469| [92748] Apache CloudStack VM Console Access Restriction Bypass
15470| [92709] Apache ActiveMQ Web Console Unauthenticated Remote Access
15471| [92708] Apache ActiveMQ Sample Web Application Broker Resource Consumption Remote DoS
15472| [92707] Apache ActiveMQ webapp/websocket/chat.js Subscribe Message XSS
15473| [92706] Apache ActiveMQ Debug Log Rendering XSS
15474| [92705] Apache ActiveMQ PortfolioPublishServlet.java refresh Parameter XSS
15475| [92270] Apache Tomcat Unspecified CSRF
15476| [92094] Apache Subversion mod_dav_svn Module Nonexistent URL Lock Request Handling NULL Pointer Dereference Remote DoS
15477| [92093] Apache Subversion mod_dav_svn Module Activity URL PROPFIND Request Handling NULL Pointer Dereference Remote DoS
15478| [92092] Apache Subversion mod_dav_svn Module Log REPORT Request Handling NULL Pointer Dereference Remote DoS
15479| [92091] Apache Subversion mod_dav_svn Module Node Property Handling Resource Exhaustion Remote DoS
15480| [92090] Apache Subversion mod_dav_svn Module Activity URL Lock Request Handling NULL Pointer Dereference Remote DoS
15481| [91774] Apache Commons Codec Unspecified Non-private Field Manipulation Weakness
15482| [91628] mod_ruid2 for Apache HTTP Server fchdir() Inherited File Descriptor chroot Restriction Bypass
15483| [91328] Apache Wicket $up$ Traversal Arbitrary File Access
15484| [91295] Apple Mac OS X Apache Unicode Character URI Handling Authentication Bypass
15485| [91235] Apache Rave /app/api/rpc/users/get User Object Hashed Password Remote Disclosure
15486| [91185] Munin Default Apache Configuration Permission Weakness Remote Information Disclosure
15487| [91173] Apache Wicket WebApplicationPath Constructor Bypass /WEB-INF/ Directory File Access
15488| [91172] Apache Wicket PackageResourceGuard File Extension Filter Bypass
15489| [91025] Apache Qpid qpid::framing::Buffer Class Multiple Method Out-of-bounds Access Remote DoS
15490| [91024] Apache Qpid federation_tag Attribute Handling Federated Interbroker Link Access Restriction Bypass
15491| [91023] Apache Qpid AMQP Type Decoder Exposure Array Size Value Handling Memory Consumption Remote DoS
15492| [91022] Apache Qpid qpid/cpp/include/qpid/framing/Buffer.h qpid::framing::Buffer::checkAvailable() Function Integer Overflow
15493| [90986] Apache Jena ARQ INSERT DATA Request Handling Overflow
15494| [90907] Apache Subversion mod_dav_svn / libsvn_fs svn_fs_file_length() Function MKACTIVITY / PROPFIND Option Request Handling Remote DoS
15495| [90906] Apache Commons FileUpload /tmp Storage Symlink Arbitrary File Overwrite
15496| [90864] Apache Batik 1xx Redirect Script Origin Restriction Bypass
15497| [90858] Apache Ant Malformed TAR File Handling Infinite Loop DoS
15498| [90852] Apache HTTP Server for Debian apachectl /var/lock Permission Weakness Symlink Directory Permission Manipulation
15499| [90804] Apache Commons CLI Path Subversion Local Privilege Escalation
15500| [90802] Apache Avro Recursive Schema Handling Infinite Recursion DoS
15501| [90592] Apache Batik ApplicationSecurityEnforcer.java Multiple Method Security Restriction Bypass
15502| [90591] Apache Batik XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
15503| [90565] Apache Tomcat Log Directory Permission Weakness Local Information Disclosure
15504| [90564] Apache Maven / Maven Wagon SSL Certificate Validation MitM Spoofing Weakness
15505| [90557] Apache HTTP Server mod_proxy_balancer balancer-manager Interface Multiple Parameter XSS
15506| [90556] Apache HTTP Server Multiple Module Multiple Parameter XSS
15507| [90276] Apache Axis2 axis2.xml Plaintext Password Local Disclosure
15508| [90249] Apache Axiom ClassLoader XMLInputFactory / XMLOutputFactory Construction Unspecified Issue
15509| [90235] Apache Commons HttpClient Certificate Wildcard Matching Weakness
15510| [90079] Apache CXF WSS4JInInterceptor URIMappingInterceptor WS-Security SOAP Service Access Restriction Bypass
15511| [90078] Apache CXF WS-SecurityPolicy Enabled Plaintext UsernameTokens Handling Authentication Bypass
15512| [89453] Apache Open For Business Project (OFBiz) Screenlet.title Widget Attribute XSS
15513| [89452] Apache Open For Business Project (OFBiz) Image.alt Widget Attribute XSS
15514| [89294] Apache CouchDB Futon UI Browser-based Test Suite Query Parameter XSS
15515| [89293] Apache CouchDB Unspecified Traversal Arbitrary File Access
15516| [89275] Apache HTTP Server mod_proxy_ajp Module Expensive Request Parsing Remote DoS
15517| [89267] Apache CouchDB JSONP Callback Handling Unspecified XSS
15518| [89146] Apache CloudStack Master Server log4j.conf SSH Private Key / Plaintext Password Disclosure
15519| [88603] Apache OpenOffice.org (OOo) Unspecified Information Disclosure
15520| [88602] Apache OpenOffice.org (OOo) Unspecified Manifest-processing Issue
15521| [88601] Apache OpenOffice.org (OOo) Unspecified PowerPoint File Handling Issue
15522| [88285] Apache Tomcat Partial HTTP Request Saturation Remote DoS
15523| [88095] Apache Tomcat NIO Connector Terminated Connection Infinte Loop DoS
15524| [88094] Apache Tomcat FORM Authentication Crafted j_security_check Request Security Constraint Bypass
15525| [88093] Apache Tomcat Null Session Requst CSRF Prevention Filter Bypass
15526| [88043] IBM Tivoli Netcool/Reporter Apache CGI Unspecified Remote Command Execution
15527| [87580] Apache Tomcat DIGEST Authentication Session State Caching Authentication Bypass Weakness
15528| [87579] Apache Tomcat DIGEST Authentication Stale Nonce Verification Authentication Bypass Weakness
15529| [87477] Apache Tomcat Project Woodstock Service Error Page UTF-7 XSS Weakness
15530| [87227] Apache Tomcat InternalNioInputBuffer.java parseHeaders() Function Request Header Size Parsing Remote DoS
15531| [87223] Apache Tomcat DIGEST Authentication replay-countermeasure Functionality cnonce / cn Verification Authentication Bypass Weakness
15532| [87160] Apache Commons HttpClient X.509 Certificate Domain Name Matching MiTM Weakness
15533| [87159] Apache CXF X.509 Certificate Domain Name Matching MiTM Weakness
15534| [87150] Apache Axis / Axis2 X.509 Certificate Domain Name Matching MiTM Weakness
15535| [86902] Apache HTTP Server 3xx Redirect Internal IP Address Remote Disclosure
15536| [86901] Apache Tomcat Error Message Path Disclosure
15537| [86684] Apache CloudStack Unauthorized Arbitrary API Call Invocation
15538| [86556] Apache Open For Business Project (OFBiz) Unspecified Issue
15539| [86503] Visual Tools VS home/apache/DiskManager/cron/init_diskmgr Local Command Execution
15540| [86401] Apache ActiveMQ ResourceHandler Traversal Arbitrary File Access
15541| [86225] Apache Axis2 XML Signature Wrapping (XSW) Authentication Bypass
15542| [86206] Apache Axis2 Crafted SAML Assertion Signature Exclusion Attack Authentication Bypass
15543| [85722] Apache CXF SOAP Request Parsing Access Restriction Bypass
15544| [85704] Apache Qpid Incoming Client Connection Saturation Remote DoS
15545| [85474] Eucalyptus Apache Santuario (XML Security for Java) Library XML Signature Transform Handling DoS
15546| [85430] Apache mod_pagespeed Module Unspecified XSS
15547| [85429] Apache mod_pagespeed Module Hostname Verification Cross-host Resource Disclosure
15548| [85249] Apache Wicket Unspecified XSS
15549| [85236] Apache Hadoop conf/hadoop-env.sh Temporary File Symlink Arbitrary File Manipulation
15550| [85090] Apache HTTP Server mod_proxy_ajp.c mod_proxy_ajp Module Proxy Functionality Cross-client Information Disclosure
15551| [85089] Apache HTTP Server mod_proxy_http.c mod_proxy_http Module Cross-client Information Disclosure
15552| [85062] Apache Solr Autocomplete Module for Drupal Autocomplete Results XSS
15553| [85010] Apache Struts Token Handling Mechanism Token Name Configuration Parameter CSRF Weakness
15554| [85009] Apache Struts Request Parameter OGNL Expression Parsing Remote DoS
15555| [84911] libapache2-mod-rpaf X-Forward-For HTTP Header Parsing Remote DoS
15556| [84823] Apache HTTP Server Multiple Module Back End Server Error Handling HTTP Request Parsing Remote Information Disclosure
15557| [84818] Apache HTTP Server mod_negotiation Module mod_negotiation.c make_variant_list Function XSS
15558| [84562] Apache Qpid Broker Authentication Mechanism AMQP Client Shadow Connection NullAuthenticator Request Parsing Authentication Bypass
15559| [84458] Apache Libcloud SSL Certificate Validation MitM Spoofing Weakness
15560| [84279] PHP on Apache php_default_post_reader POST Request Handling Overflow DoS
15561| [84278] PHP w/ Apache PDO::ATTR_DEFAULT_FETCH_MODE / PDO::FETCH_CLASS DoS
15562| [84231] Apache Hadoop DataNodes Client BlockTokens Arbitrary Block Access
15563| [83943] Oracle Solaris Cluster Apache Tomcat Agent Subcomponent Unspecified Local Privilege Escalation
15564| [83939] Oracle Solaris Apache HTTP Server Subcomponent Unspecified Remote Information Disclosure
15565| [83685] svnauthcheck Apache HTTP Configuration File Permission Revocation Weakness
15566| [83682] Apache Sling POST Servlet @CopyFrom Operation HTTP Request Parsing Infinite Loop Remote DoS
15567| [83339] Apache Roller Blogger Roll Unspecified XSS
15568| [83270] Apache Roller Unspecified Admin Action CSRF
15569| [82782] Apache CXF WS-SecurityPolicy 1.1 SupportingToken Policy Bypass
15570| [82781] Apache CXF WS-SecurityPolicy Supporting Token Children Specification Token Signing Verification Weakness
15571| [82611] cPanel Apache Piped Log Configuration Log Message Formatting Traversal Arbitrary File Creation
15572| [82436] MapServer for Windows Bundled Apache / PHP Configuration Local File Inclusion
15573| [82215] PHP sapi/cgi/cgi_main.c apache_request_headers Function HTTP Header Handling Remote Overflow
15574| [82161] Apache Commons Compress bzip2 File Compression BZip2CompressorOutputStream Class File Handling Remote DoS
15575| [81965] Apache Batik Squiggle SVG Browser JAR File Arbitrary Code Execution
15576| [81790] Apache POI src/org/apache/poi/hwpf/model/UnhandledDataStructure.java UnhandledDataStructure() constructor Length Attribute CDF / CFBF File Handling Remote DoS
15577| [81660] Apache Qpid Credential Checking Cluster Authentication Bypass
15578| [81511] Apache for Debian /usr/share/doc HTTP Request Parsing Local Script Execution
15579| [81359] Apache HTTP Server LD_LIBRARY_PATH Variable Local Privilege Escalation
15580| [81349] Apache Open For Business Project (OFBiz) Webslinger Component Unspecified XSS
15581| [81348] Apache Open For Business Project (OFBiz) Content IDs / Map-Keys Unspecified XSS
15582| [81347] Apache Open For Business Project (OFBiz) Parameter Arrays Unspecified XSS
15583| [81346] Apache Open For Business Project (OFBiz) checkoutProcess.js getServerError() Function Unspecified XSS
15584| [81196] Apache Open For Business Project (OFBiz) FlexibleStringExpander Nested Script String Parsing Remote Code Execution
15585| [80981] Apache Hadoop Kerberos/MapReduce Security Feature User Impersonation Weakness
15586| [80571] Apache Traffic Server Host HTTP Header Parsing Remote Overflow
15587| [80547] Apache Struts XSLTResult.java File Upload Arbitrary Command Execution
15588| [80360] AskApache Password Protector Plugin for WordPress Error Page $_SERVER Superglobal XSS
15589| [80349] Apache HTTP Server mod_fcgid Module fcgid_spawn_ctl.c FcgidMaxProcessesPerClass Virtual Host Directive HTTP Request Parsing Remote DoS
15590| [80301] Apache Wicket /resources/ Absolute Path Arbitrary File Access
15591| [80300] Apache Wicket wicket:pageMapName Parameter XSS
15592| [79478] Apache Solr Extension for TYPO3 Unspecified XSS
15593| [79002] Apache MyFaces javax.faces.resource In Parameter Traversal Arbitrary File Access
15594| [78994] Apache Struts struts-examples/upload/upload-submit.do name Parameter XSS
15595| [78993] Apache Struts struts-cookbook/processDyna.do message Parameter XSS
15596| [78992] Apache Struts struts-cookbook/processSimple.do message Parameter XSS
15597| [78991] Apache Struts struts2-rest-showcase/orders clientName Parameter XSS
15598| [78990] Apache Struts struts2-showcase/person/editPerson.action Multiple Parameter XSS
15599| [78932] Apache APR Hash Collision Form Parameter Parsing Remote DoS
15600| [78903] Apache CXF SOAP Request Parsing WS-Security UsernameToken Policy Bypass
15601| [78600] Apache Tomcat HTTP DIGEST Authentication DigestAuthenticator.java Catalina Weakness Security Bypass
15602| [78599] Apache Tomcat HTTP DIGEST Authentication Realm Value Parsing Security Bypass
15603| [78598] Apache Tomcat HTTP DIGEST Authentication qop Value Parsing Security Bypass
15604| [78573] Apache Tomcat Parameter Saturation CPU Consumption Remote DoS
15605| [78556] Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Disclosure
15606| [78555] Apache HTTP Server Threaded MPM %{cookiename}C Log Format String Cookie Handling Remote DoS
15607| [78501] Apache Struts ParameterInterceptor Class OGNL Expression Parsing Remote Command Execution
15608| [78331] Apache Tomcat Request Object Recycling Information Disclosure
15609| [78293] Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass
15610| [78277] Apache Struts ExceptionDelegator Component Parameter Parsing Remote Code Execution
15611| [78276] Apache Struts DebuggingInterceptor Component Developer Mode Unspecified Remote Command Execution
15612| [78113] Apache Tomcat Hash Collision Form Parameter Parsing Remote DoS
15613| [78112] Apache Geronimo Hash Collision Form Parameter Parsing Remote DoS
15614| [78109] Apache Struts ParameterInterceptor Traversal Arbitrary File Overwrite
15615| [78108] Apache Struts CookieInterceptor Cookie Name Handling Remote Command Execution
15616| [77593] Apache Struts Conversion Error OGNL Expression Injection
15617| [77496] Apache ActiveMQ Failover Mechanism Openwire Request Parsing Remote DoS
15618| [77444] Apache HTTP Server mod_proxy Mdule Web Request HTTP/0.9 Protocol URL Parsing Proxy Remote Security Bypass
15619| [77374] Apache MyFaces Java Bean includeViewParameters Parsing EL Expression Security Weakness
15620| [77310] Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (2011-4317)
15621| [77234] Apache HTTP Server on cygwin Encoded Traversal Arbitrary File Access
15622| [77012] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Memory Consumption DoS
15623| [76944] Apache Tomcat Manager Application Servlets Access Restriction Bypass
15624| [76744] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Overflow
15625| [76189] Apache Tomcat HTTP DIGEST Authentication Weakness
15626| [76079] Apache HTTP Server mod_proxy Mdule Web Request URL Parsing Proxy Remote Security Bypass (2011-3368)
15627| [76072] Apache JServ jserv.conf jserv-status Handler jserv/ URI Request Parsing Local Information Disclosure
15628| [75807] Apache HTTP Server Incomplete Header Connection Saturation Remote DoS
15629| [75647] Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remote DoS
15630| [75376] Apache Libcloud SSL Certificate Validation MitM Server Spoofing Weakness
15631| [74853] Domain Technologie Control /etc/apache2/apache2.conf File Permissions Weakness dtcdaemons User Password Disclosure
15632| [74818] Apache Tomcat AJP Message Injection Authentication Bypass
15633| [74725] Apache Wicket Multi Window Support Unspecified XSS
15634| [74721] Apache HTTP Server ByteRange Filter Memory Exhaustion Remote DoS
15635| [74541] Apache Commons Daemon Jsvc Permissions Weakness Arbitrary File Access
15636| [74535] Apache Tomcat XML Parser Cross-application Multiple File Manipulation
15637| [74447] Apache Struts XWork Nonexistent Method s:submit Element Internal Java Class Remote Path Disclosure
15638| [74262] Apache HTTP Server Multi-Processing Module itk.c Configuration Merger mpm-itk root UID / GID Remote Privilege Escalation
15639| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
15640| [73920] Oracle Secure Backup /apache/htdocts/php/common.php username Parameter Remote Code Execution
15641| [73798] Apache Tomcat sendfile Request Start / Endpoint Parsing Local DoS
15642| [73797] Apache Tomcat sendfile Request Attribute Validation Weakness Local Access Restriction Bypass
15643| [73776] Apache Tomcat HTTP BIO Connector HTTP Pipelining Cross-user Remote Response Access
15644| [73644] Apache XML Security Signature Key Parsing Overflow DoS
15645| [73600] Apache Struts javatemplates Plugin Component Handlers .action URI Multiple Parameter XSS
15646| [73462] Apache Rampart/C util/rampart_timestamp_token.c rampart_timestamp_token_validate Function Expired Token Remote Access Restriction Bypass
15647| [73429] Apache Tomcat JMX MemoryUserDatabase Local Password Disclosure
15648| [73384] Apache HTTP Server mod_rewrite PCRE Resource Exhaustion DoS
15649| [73383] Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop Remote DoS
15650| [73378] IBM WebSphere Application Server (WAS) JavaServer Pages org.apache.jasper.runtime.JspWriterImpl.response JSP Page Application Restart Remote DoS
15651| [73247] Apache Subversion mod_dav_svn File Permission Weakness Information Disclosure
15652| [73246] Apache Subversion mod_dav_svn Path-based Access Control Rule Handling Remote DoS
15653| [73245] Apache Subversion mod_dav_svn Baselined Resource Request Handling Remote DoS
15654| [73154] Apache Archiva Multiple Unspecified CSRF
15655| [73153] Apache Archiva /archiva/admin/deleteNetworkProxy!confirm.action proxyid Parameter XSS
15656| [72407] Apache Tomcat @ServletSecurity Initial Load Annotation Security Constraint Bypass Information Disclosure
15657| [72238] Apache Struts Action / Method Names <
15658| [71647] Apache HttpComponents HttpClient Proxy-Authorization Credentials Remote Disclosure
15659| [71558] Apache Tomcat SecurityManager ServletContext Attribute Traversal Arbitrary File Manipulation
15660| [71557] Apache Tomcat HTML Manager Multiple XSS
15661| [71075] Apache Archiva User Management Page XSS
15662| [71027] Apache Tomcat @ServletSecurity Annotation Security Constraint Bypass Information Disclosure
15663| [70925] Apache Continuum Project Pages Unspecified XSS (2011-0533)
15664| [70924] Apache Continuum Multiple Admin Function CSRF
15665| [70809] Apache Tomcat NIO HTTP Connector Request Line Processing DoS
15666| [70734] Apache CouchDB Request / Cookie Handling Unspecified XSS
15667| [70585] Oracle Fusion Middleware Oracle HTTP Server Apache Plugin Unspecified Remote Issue
15668| [70333] Apache Subversion rev_hunt.c blame Command Multiple Memory Leak Remote DoS
15669| [70332] Apache Subversion Apache HTTP Server mod_dav_svn repos.c walk FunctionSVNParentPath Collection Remote DoS
15670| [69659] Apache Archiva Admin Authentication Weakness Privilege Escalation
15671| [69520] Apache Archiva Administrator Credential Manipulation CSRF
15672| [69512] Apache Tomcat Set-Cookie Header HTTPOnly Flag Session Hijacking Weakness
15673| [69456] Apache Tomcat Manager manager/html/sessions Multiple Parameter XSS
15674| [69275] Apache mod_fcgid Module fcgid_bucket.c fcgid_header_bucket_read() Function Remote Overflow
15675| [69067] Apache Shiro URI Path Security Traversal Information Disclosure
15676| [68815] Apache MyFaces shared/util/StateUtils.java View State MAC Weakness Cryptographic Padding Remote View State Modification
15677| [68670] Apache Qpid C++ Broker Component broker/SessionAdapter.cpp SessionAdapter::ExchangeHandlerImpl::checkAlternate Function Exchange Alternate Remote DoS
15678| [68669] Apache Qpid cluster/Cluster.cpp Cluster::deliveredEvent Function Invalid AMQP Data Remote DoS
15679| [68662] Apache Axis2 dswsbobje.war Module Admin Account Default Password
15680| [68531] Apache Qpid qpidd sys/ssl/SslSocket.cpp Incomplete SSL Handshake Remote DoS
15681| [68327] Apache APR-util buckets/apr_brigade.c apr_brigade_split_line() Function Memory Consumption DoS
15682| [68314] Apache XML-RPC SAX Parser External Entity Information Disclosure
15683| [67964] Apache Traffic Server Transaction ID / Source Port Randomization Weakness DNS Cache Poisoning
15684| [67846] SUSE Lifecycle Management Server on SUSE Linux Enterprise apache2-slms Parameter Quoting CSRF
15685| [67294] Apache CXF XML SOAP Message Crafted Document Type Declaration Remote DoS
15686| [67240] Apache CouchDB Installation Page Direct Request Arbitrary JavaScript Code Execution CSRF
15687| [67205] Apache Derby BUILTIN Authentication Password Hash Generation Algorithm SHA-1 Transformation Password Substitution
15688| [66745] Apache HTTP Server Multiple Modules Pathless Request Remote DoS
15689| [66319] Apache Tomcat Crafted Transfer-Encoding Header Handling Buffer Recycling Remote DoS
15690| [66280] Apache Struts XWork ParameterInterceptor Server-Side Object Remote Code Execution
15691| [66226] Apache Axis2 Admin Interface Cookie Session Fixation
15692| [65697] Apache Axis2 / Java SOAP Message DTD Rejection Weakness Arbitrary File Access
15693| [65654] Apache HTTP Server mod_proxy_http mod_proxy_http.c Timeout Detection Weakness HTTP Request Response Disclosure
15694| [65429] Apache MyFaces Unencrypted ViewState Serialized View Object Manipulation Arbitrary Expression Language (EL) Statement Execution
15695| [65054] Apache ActiveMQ Jetty Error Handler XSS
15696| [64844] Apache Axis2/Java axis2/axis2-admin/engagingglobally modules Parameter XSS
15697| [64522] Apache Open For Business Project (OFBiz) ecommerce/control/contactus Multiple Parameter XSS
15698| [64521] Apache Open For Business Project (OFBiz) Web Tools Section entityName Parameter XSS
15699| [64520] Apache Open For Business Project (OFBiz) ecommerce/control/ViewBlogArticle contentId Parameter XSS
15700| [64519] Apache Open For Business Project (OFBiz) Control Servlet URI XSS
15701| [64518] Apache Open For Business Project (OFBiz) Show Portal Page Section start Parameter XSS
15702| [64517] Apache Open For Business Project (OFBiz) View Profile Section partyId Parameter XSS
15703| [64516] Apache Open For Business Project (OFBiz) Export Product Listing Section productStoreId Parameter XSS
15704| [64307] Apache Tomcat Web Application Manager/Host Manager CSRF
15705| [64056] mod_auth_shadow for Apache HTTP Server wait() Function Authentication Bypass
15706| [64023] Apache Tomcat WWW-Authenticate Header Local Host Information Disclosure
15707| [64020] Apache ActiveMQ Jetty ResourceHandler Crafted Request JSP File Source Disclosure
15708| [63895] Apache HTTP Server mod_headers Unspecified Issue
15709| [63368] Apache ActiveMQ createDestination.action JMSDestination Parameter CSRF
15710| [63367] Apache ActiveMQ createDestination.action JMSDestination Parameter XSS
15711| [63350] Apache CouchDB Hash Verification Algorithm Predictable Execution Time Weakness
15712| [63140] Apache Thrift Service Malformed Data Remote DoS
15713| [62676] Apache HTTP Server mod_proxy_ajp Module Crafted Request Remote DoS
15714| [62675] Apache HTTP Server Multi-Processing Module (MPM) Subrequest Header Handling Cross-thread Information Disclosure
15715| [62674] Apache HTTP Server mod_isapi Module Unloading Crafted Request Remote DoS
15716| [62231] Apache HTTP Server Logging Format Weakness Crafted DNS Response IP Address Spoofing
15717| [62230] Apache HTTP Server Crafted DNS Response Inverse Lookup Log Corruption XSS
15718| [62054] Apache Tomcat WAR Filename Traversal Work-directory File Deletion
15719| [62053] Apache Tomcat Autodeployment Process appBase File HTTP Request Authentication Bypass
15720| [62052] Apache Tomcat WAR File Traversal Arbitrary File Overwrite
15721| [62009] Apache HTTP Server src/modules/proxy/proxy_util.c mod_proxy ap_proxy_send_fb() Function Overflow
15722| [61379] Apache River Outrigger Entry Storage Saturation Memory Exhaustion DoS
15723| [61378] Apache Hadoop Map/Reduce JobTracker Memory Consumption DoS
15724| [61377] Apache Commons Modeler Multiple Mutable Static Fields Weakness
15725| [61376] Apache Rampart wsse:security Tag Signature Value Checking Weakness
15726| [60687] Apache C++ Standard Library (STDCXX) strxfrm() Function Overflow
15727| [60680] Apache Hadoop JobHistory Job Name Manipulation Weakness
15728| [60679] Apache ODE DeploymentWebService OMElement zipPart CRLF Injection
15729| [60678] Apache Roller Comment Email Notification Manipulation DoS
15730| [60677] Apache CouchDB Unspecified Document Handling Remote DoS
15731| [60428] Sun Java Plug-in org.apache.crimson.tree.XmlDocument Class reateXmlDocument Method Floppy Drive Access Bypass
15732| [60413] mod_throttle for Apache Shared Memory File Manipulation Local Privilege Escalation
15733| [60412] Sun Java Plug-in org.apache.xalan.processor.XSLProcessorVersion Class Unsigned Applet Variable Sharing Privilege Escalation
15734| [60396] Apache HTTP Server on OpenBSD Multipart MIME Boundary Remote Information Disclosure
15735| [60395] Apache HTTP Server on OpenBSD ETag HTTP Header Remote Information Disclosure
15736| [60232] PHP on Apache php.exe Direct Request Remote DoS
15737| [60176] Apache Tomcat Windows Installer Admin Default Password
15738| [60016] Apache HTTP Server on HP Secure OS for Linux HTTP Request Handling Unspecified Issue
15739| [59979] Apache HTTP Server on Apple Mac OS X HTTP TRACE Method Unspecified Client XSS
15740| [59969] Apache HTTP Server mod_ssl SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
15741| [59944] Apache Hadoop jobhistory.jsp XSS
15742| [59374] Apache Solr Search Extension for TYPO3 Unspecified XSS
15743| [59022] Apache Shindig ConcatProxyServlet HTTP Header Response Splitting
15744| [59021] Apache Cocoon X-Cocoon-Version Header Remote Information Disclosure
15745| [59020] Apache Tapestry HTTPS Session Cookie Secure Flag Weakness
15746| [59019] Apache mod_python Cookie Salting Weakness
15747| [59018] Apache Harmony Error Message Handling Overflow
15748| [59013] Apache Derby SYSCS_EXPORT_TABLE Arbitrary File Overwrite
15749| [59012] Apache Derby Driver Auto-loading Non-deterministic Startup Weakness
15750| [59011] Apache JSPWiki Page Attachment Change Note Function XSS
15751| [59010] Apache Solr get-file.jsp XSS
15752| [59009] Apache Solr action.jsp XSS
15753| [59008] Apache Solr analysis.jsp XSS
15754| [59007] Apache Solr schema.jsp Multiple Parameter XSS
15755| [59006] Apache Beehive select / checkbox Tag XSS
15756| [59005] Apache Beehive jpfScopeID Global Parameter XSS
15757| [59004] Apache Beehive Error Message XSS
15758| [59003] Apache HttpClient POST Request Handling Memory Consumption DoS
15759| [59002] Apache Jetspeed default-page.psml URI XSS
15760| [59001] Apache Axis2 xsd Parameter Traversal Arbitrary File Disclosure
15761| [59000] Apache CXF Unsigned Message Policy Bypass
15762| [58999] Apache WSS4J CallbackHandler Plaintext Password Validation Weakness
15763| [58998] Apache OpenJPA persistence.xml Cleartext Password Local Disclosure
15764| [58997] Apache OpenEJB openejb.xml Cleartext Password Local Disclosure
15765| [58996] Apache Hadoop Map/Reduce LinuxTaskController File Group Ownership Weakness
15766| [58995] Apache Hadoop Map/Reduce Task Ownership Weakness
15767| [58994] Apache Hadoop Map/Reduce DistributedCache Localized File Permission Weakness
15768| [58993] Apache Hadoop browseBlock.jsp XSS
15769| [58991] Apache Hadoop browseDirectory.jsp XSS
15770| [58990] Apache Hadoop Map/Reduce HTTP TaskTrackers User Data Remote Disclosure
15771| [58989] Apache Hadoop Sqoop Process Listing Local Cleartext Password Disclosure
15772| [58988] Apache Hadoop Chukwa HICC Portal Unspecified XSS
15773| [58987] Apache Hadoop Map/Reduce TaskTracker User File Permission Weakness
15774| [58986] Apache Qpid Encrypted Message Handling Remote Overflow DoS
15775| [58985] Apache Qpid Process Listing Local Cleartext Password Disclosure
15776| [58984] Apache Jackrabbit Content Repository (JCR) Default Account Privilege Access Weakness
15777| [58983] Apache Jackrabbit Content Repository (JCR) NamespaceRegistry API Registration Method Race Condition
15778| [58982] Apache Synapse Proxy Service Security Policy Mismatch Weakness
15779| [58981] Apache Geronimo TomcatGeronimoRealm Security Context Persistence Weakness
15780| [58980] Apache Geronimo LDAP Realm Configuration Restart Reversion Weakness
15781| [58979] Apache MyFaces Tomahawk ExtensionsPhaseListener HTML Injection Information Disclosure
15782| [58978] Apache MyFaces Trinidad LocaleInfoScriptlet XSS
15783| [58977] Apache Open For Business Project (OFBiz) Multiple Default Accounts
15784| [58976] Apache Open For Business Project (OFBiz) URI passThru Parameter XSS
15785| [58975] Apache Open For Business Project (OFBiz) PARTYMGR_CREATE/UPDATE Permission Arbitrary User Password Modification
15786| [58974] Apache Sling /apps Script User Session Management Access Weakness
15787| [58973] Apache Tuscany Crafted SOAP Request Access Restriction Bypass
15788| [58931] Apache Geronimo Cookie Parameters Validation Weakness
15789| [58930] Apache Xalan-C++ XPath Handling Remote DoS
15790| [58879] Apache Portable Runtime (APR-util) poll/unix/port.c Event Port Backend Pollset Feature Remote DoS
15791| [58837] Apache Commons Net FTPSClient CipherSuites / Protocols Mutable Object Unspecified Data Security Issue
15792| [58813] Apache MyFaces Trinidad tr:table / HTML Comment Handling DoS
15793| [58812] Apache Open For Business Project (OFBiz) JSESSIONID Session Hijacking Weakness
15794| [58811] Apache Open For Business Project (OFBiz) /catalog/control/EditProductConfigItem configItemId Parameter XSS
15795| [58810] Apache Open For Business Project (OFBiz) /catalog/control/EditProdCatalo prodCatalogId Parameter XSS
15796| [58809] Apache Open For Business Project (OFBiz) /partymgr/control/viewprofile partyId Parameter XSS
15797| [58808] Apache Open For Business Project (OFBiz) /catalog/control/createProduct internalName Parameter XSS
15798| [58807] Apache Open For Business Project (OFBiz) Multiple Unspecified CSRF
15799| [58806] Apache FtpServer MINA Logging Filter Cleartext Credential Local Disclosure
15800| [58805] Apache Derby Unauthenticated Database / Admin Access
15801| [58804] Apache Wicket Header Contribution Unspecified Issue
15802| [58803] Apache Wicket Session Fixation
15803| [58802] Apache Directory Server (ApacheDS) userPassword Attribute Search Password Disclosure
15804| [58801] Apache ActiveMQ Stomp Client Credential Validation Bypass
15805| [58800] Apache Tapestry (context)/servicestatus Internal Service Information Disclosure
15806| [58799] Apache Tapestry Logging Cleartext Password Disclosure
15807| [58798] Apache Jetspeed pipeline Parameter pipeline-map Policy Bypass
15808| [58797] Apache Jetspeed Password Policy Multiple Weaknesses
15809| [58796] Apache Jetspeed Unsalted Password Storage Weakness
15810| [58795] Apache Rampart Crafted SOAP Header Authentication Bypass
15811| [58794] Apache Roller Admin Protocol (RAP) Malformed Header Authentication Bypass
15812| [58793] Apache Hadoop Map/Reduce mapred.system.dir Permission Weakness Job Manipulation
15813| [58792] Apache Shindig gadgets.rpc iframe RPC Call Validation Weakness
15814| [58791] Apache Synapse synapse.properties Cleartext Credential Local Disclosure
15815| [58790] Apache WSS4J SOAP Message UsernameToken Remote Password Disclosure
15816| [58789] Apache WSS4J SOAP Header Malformed UsernameToken Authentication Bypass
15817| [58776] Apache JSPWiki PreviewContent.jsp Edited Text XSS
15818| [58775] Apache JSPWiki preview.jsp action Parameter XSS
15819| [58774] Apache JSPWiki Edit.jsp Multiple Parameter XSS
15820| [58773] Apache JSPWiki Accept-Language Header Multiple Script language Parameter XSS
15821| [58772] Apache JSPWiki EditorManager.java editor Parameter XSS
15822| [58771] Apache JSPWiki GroupContent.jsp Multiple Parameter XSS
15823| [58770] Apache JSPWiki Group.jsp group Parameter XSS
15824| [58769] Apache JSPWiki Database Connection Termination DoS Weakness
15825| [58768] Apache JSPWiki Attachment Servlet nextpage Parameter Arbitrary Site Redirect
15826| [58766] Apache JSPWiki /admin/SecurityConfig.jsp Direct Request Information Disclosure
15827| [58765] Apache JSPWiki Spam Filter UniqueID RNG Weakness
15828| [58764] Apache JSPWiki Edit.jsp Multiple Parameter XSS
15829| [58763] Apache JSPWiki Include Tag Multiple Script XSS
15830| [58762] Apache JSPWiki Multiple .java Tags pageContext Parameter XSS
15831| [58761] Apache JSPWiki Wiki.jsp skin Parameter XSS
15832| [58760] Apache Commons VFS Exception Error Message Cleartext Credential Disclosure
15833| [58759] Apache Jackrabbit Content Repository (JCR) UUID System.currentTimeMillis() RNG Weakness
15834| [58758] Apache River GrantPermission Policy Manipulation Privilege Escalation
15835| [58757] Apache WS-Commons Java2 StaXUtils Multiple Unspecified Minor Issues
15836| [58756] Apache WSS4J WSHandler Client Certificate Signature Validation Weakness
15837| [58755] Apache Harmony DRLVM Non-public Class Member Access
15838| [58754] Apache Harmony File.createTempFile() Temporary File Creation Prediction Weakness
15839| [58751] Apache Geronimo GeronimoIdentityResolver Subject Handling Multiple Issues
15840| [58750] Apache MyFaces Trinidad Generated HTML Information Disclosure
15841| [58749] Apache MyFaces Trinidad Database Access Error Message Information Disclosure
15842| [58748] Apache MyFaces Trinidad Image Resource Loader Traversal Arbitrary Image Access
15843| [58747] Apache MyFaces Trinidad Error Message User Entered Data Disclosure Weakness
15844| [58746] Apache Axis2 JAX-WS Java2 WSDL4J Unspecified Issue
15845| [58744] Apache Wicket Crafted File Upload Disk Space Exhaustion DoS
15846| [58743] Apache Wicket wicket.util.crypt.SunJceCrypt Encryption Reversion Weakness
15847| [58742] Apache Rampart PolicyBasedValiadtor HttpsToken Endpoint Connection Weakness
15848| [58741] Apache Rampart WSSecSignature / WSSecEncryptedKey KeyIdentifierType Validation Weakness
15849| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
15850| [58739] Apache Open For Business Project (OFBiz) Unsalted Password Storage Weakness
15851| [58738] Apache Open For Business Project (OFBiz) orderId Parameter Arbitrary Order Access
15852| [58737] Apache mod_python w/ mod_python.publisher index.py Underscore Prefixed Variable Disclosure
15853| [58735] Apache Open For Business Project (OFBiz) /ecommerce/control/keywordsearch SEARCH_STRING Parameter XSS
15854| [58734] Apache Torque Log File Cleartext Credential Local Disclosure
15855| [58733] Apache Axis2 doGet Implementation Authentication Bypass Service State Manipulation
15856| [58732] Apache MyFaces UIInput.validate() Null Value Validation Bypass Weakness
15857| [58731] Apache MyFaces /faces/* Prefix Mapping Authentication Bypass
15858| [58725] Apache Tapestry Basic String ACL Bypass Weakness
15859| [58724] Apache Roller Logout Functionality Failure Session Persistence
15860| [58723] Apache Roller User Profile / Admin Page Cleartext Password Disclosure
15861| [58722] Apache Derby Connection URL Encryption Method Reversion Weakness
15862| [58721] Apache Geronimo on Tomcat Security-constraint Resource ACL Bypass
15863| [58720] Apache Geronimo Explicit Servlet Mapping Access Bypass Weakness
15864| [58719] Apache Geronimo Keystore Unprivileged Service Disable DoS
15865| [58718] Apache Geronimo Deployment Plans Remote Password Disclosure
15866| [58717] Apache Jetspeed Portlet Application Edit Access Restriction Bypass
15867| [58716] Apache Jetspeed PSML Management Cached Constraint Authentication Weakness
15868| [58707] Apache WSS4J Crafted PasswordDigest Request Authentication Bypass
15869| [58706] Apache HttpClient Pre-emptive Authorization Remote Credential Disclosure
15870| [58705] Apache Directory Server (ApacheDS) User Passwords Cleartext Disclosure
15871| [58704] Apache Directory Server (ApacheDS) Non-existent User LDAP Bind Remote DoS
15872| [58703] Apache Geronimo Debug Console Unauthenticated Remote Information Disclosure
15873| [58702] Apache Directory Server (ApacheDS) Persistent LDAP Anonymous Bind Weakness
15874| [58701] Apache Jetspeed User Admin Portlet Unpassworded Account Creation Weakness
15875| [58700] Apache MyFaces /faces/* Path Handling Remote Overflow DoS
15876| [58699] Apache MyFaces Disable Property Client Side Manipulation Privilege Escalation
15877| [58698] Apache Roller Remember Me Functionality Cleartext Password Disclosure
15878| [58697] Apache XalanJ2 org.apache.xalan.xsltc.runtime.CallFunction Class Unspecified Issue
15879| [58696] Apache Tapestry Encoded Traversal Arbitrary File Access
15880| [58695] Apache Jetspeed Unauthenticated PSML Tags / Admin Folder Access
15881| [58694] Apache Geronimo Deploy Tool Process List Local Credential Disclosure
15882| [58693] Apache Derby service.properties File Encryption Key Information Disclosure
15883| [58692] Apache Geronimo Default Security Realm Login Brute Force Weakness
15884| [58689] Apache Roller Retrieve Last 5 Post Feature Unauthorized Blog Post Manipulation
15885| [58688] Apache Xalan-Java (XalanJ2) Static Variables Multiple Unspecified Issues
15886| [58687] Apache Axis Invalid wsdl Request XSS
15887| [58686] Apache Cocoon Temporary File Creation Unspecified Race Condition
15888| [58685] Apache Velocity Template Designer Privileged Code Execution
15889| [58684] Apache Jetspeed controls.Customize Action Security Check Bypass
15890| [58675] Apache Open For Business Project (OFBiz) eCommerce/ordermgr Multiple Field XSS
15891| [58674] Apache Open For Business Project (OFBiz) ecommerce/control/login Multiple Field XSS
15892| [58673] Apache Open For Business Project (OFBiz) ecommerce/control/viewprofile Multiple Field XSS
15893| [58672] Apache Open For Business Project (OFBiz) POS Input Panel Cleartext Password Disclosure
15894| [58671] Apache Axis2 JMS Signed Message Crafted WS-Security Header Security Bypass
15895| [58670] Apache Jetspeed JetspeedTool.getPortletFromRegistry Portlet Security Validation Failure
15896| [58669] Apache Jetspeed LDAP Cleartext Passwords Disclosure
15897| [58668] Apache Axis External Entity (XXE) Data Parsing Privilege Escalation
15898| [58667] Apache Roller Database Cleartext Passwords Disclosure
15899| [58666] Apache Xerces-C++ UTF-8 Transcoder Overlong Code Handling Unspecified Issue
15900| [58665] Apache Jetspeed Turbine: Cross-user Privileged Action Execution
15901| [58664] Apache Jetspeed EditAccount.vm Password Modification Weakness
15902| [58663] Apache Jetspeed Role Parameter Arbitrary Portlet Disclosure
15903| [58662] Apache Axis JWS Page Generated .class File Direct Request Information Disclosure
15904| [58661] Apache Jetspeed user-form.vm Password Reset Cleartext Disclosure
15905| [58660] Apache WSS4J checkReceiverResults Function Crafted SOAP Request Authentication Bypass
15906| [58658] Apache Rampart Crafted SOAP Request Security Verification Bypass
15907| [57882] Apache HTTP Server mod_proxy_ftp Authorization HTTP Header Arbitrary FTP Command Injection
15908| [57851] Apache HTTP Server mod_proxy_ftp EPSV Command NULL Dereference Remote DoS
15909| [56984] Apache Xerces2 Java Malformed XML Input DoS
15910| [56903] Apache ODE (Orchestration Director Engine) Process Deployment Web Service Traversal Arbitrary File Manipulation
15911| [56859] Apache Xerces-C++ Multiple Sub-project XML Nested DTD Structures Parsing Recursion Error DoS
15912| [56766] Apache Portable Runtime (APR-util) memory/unix/apr_pools.c Relocatable Memory Block Aligning Overflow
15913| [56765] Apache Portable Runtime (APR-util) misc/apr_rmm.c Multiple Function Overflows
15914| [56517] Apache HTTP Server File Descriptor Leak Arbitrary Local File Append
15915| [56443] PTK Unspecified Apache Sub-process Arbitrary Command Execution
15916| [56414] Apache Tiles Duplicate Expression Language (EL) Expression Evaluation XSS
15917| [55814] mod_NTLM for Apache HTTP Server ap_log_rerror() Function Remote Format String
15918| [55813] mod_NTLM for Apache HTTP Server log() Function Remote Overflow
15919| [55782] Apache HTTP Server mod_deflate Module Aborted Connection DoS
15920| [55553] Apache HTTP Server mod_proxy Module mod_proxy_http.c stream_reqbody_cl Function CPU Consumption DoS
15921| [55059] Apache APR-util strmatch/apr_strmatch.c apr_strmatch_precompile Function Crafted Input Remote DoS
15922| [55058] Apache APR-util apr_brigade_vprintf Function Crafted Input Off-by-one Remote DoS
15923| [55057] Apache APR-util xml/apr_xml.c apr_xml_* Interface Expat XML Parser Crafted XML Document Remote DoS
15924| [55056] Apache Tomcat Cross-application TLD File Manipulation
15925| [55055] Apache Tomcat Illegal URL Encoded Password Request Username Enumeration
15926| [55054] Apache Tomcat Java AJP Connector mod_jk Load Balancing Worker Malformed Header Remote DoS
15927| [55053] Apache Tomcat Crafted Request Security Restraint Bypass Arbitrary Content Access
15928| [54733] Apache HTTP Server AllowOverride Directive .htaccess Options Bypass
15929| [54713] razorCMS Security Manager apache User Account Unspecified File Permission Weakness Issue
15930| [54589] Apache Jserv Nonexistent JSP Request XSS
15931| [54122] Apache Struts s:a / s:url Tag href Element XSS
15932| [54093] Apache ActiveMQ Web Console JMS Message XSS
15933| [53932] Apache Geronimo Multiple Admin Function CSRF
15934| [53931] Apache Geronimo /console/portal/Server/Monitoring Multiple Parameter XSS
15935| [53930] Apache Geronimo /console/portal/ URI XSS
15936| [53929] Apache Geronimo on Windows Security/Keystores Portlet Traversal Arbitrary File Upload
15937| [53928] Apache Geronimo on Windows Embedded DB/DB Manager Portlet Traversal Arbitrary File Upload
15938| [53927] Apache Geronimo on Windows Services/Repository Portlet Traversal Arbitrary File Upload
15939| [53921] Apache HTTP Server mod_proxy_ajp Cross Thread/Session Information Disclosure
15940| [53766] Oracle BEA WebLogic Server Plug-ins for Apache Certificate Handling Remote Overflow
15941| [53574] PHP on Apache .htaccess mbstring.func_overload Setting Cross Hosted Site Behavior Modification
15942| [53381] Apache Tomcat JK Connector Content-Length Header Cross-user Information Disclosure
15943| [53380] Apache Struts Unspecified XSS
15944| [53289] Apache mod_perl Apache::Status /perl-status Unspecified XSS
15945| [53186] Apache HTTP Server htpasswd Predictable Salt Weakness
15946| [52899] Apache Tomcat Examples Web Application Calendar Application jsp/cal/cal2.jsp time Parameter XSS
15947| [52407] Apache Tomcat doRead Method POST Content Information Disclosure
15948| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
15949| [51613] Apache HTTP Server Third-party Module Child Process File Descriptor Leak
15950| [51612] Apache HTTP Server Internal Redirect Handling Infinite Loop DoS
15951| [51468] Apache Jackrabbit Content Repository (JCR) swr.jsp q Parameter XSS
15952| [51467] Apache Jackrabbit Content Repository (JCR) search.jsp q Parameter XSS
15953| [51151] Apache Roller Search Function q Parameter XSS
15954| [50482] PHP with Apache php_value Order Unspecified Issue
15955| [50475] Novell NetWare ApacheAdmin Console Unauthenticated Access
15956| [49734] Apache Struts DefaultStaticContentLoader Class Traversal Arbitrary File Access
15957| [49733] Apache Struts FilterDispatcher Class Traversal Arbitrary File Access
15958| [49283] Oracle BEA WebLogic Server Plugins for Apache Remote Transfer-Encoding Overflow
15959| [49062] Apache Tomcat Cross-thread Concurrent Request Variable Overwrite Information Disclosure
15960| [48847] ModSecurity (mod_security) Transformation Caching Unspecified Apache DoS
15961| [48788] Apache Xerces-C++ XML Schema maxOccurs Value XML File Handling DoS
15962| [47474] Apache HTTP Server mod_proxy_ftp Directory Component Wildcard Character XSS
15963| [47464] Apache Tomcat allowLinking / UTF-8 Traversal Arbitrary File Access
15964| [47463] Apache Tomcat RequestDispatcher Traversal Arbitrary File Access
15965| [47462] Apache Tomcat HttpServletResponse.sendError Method Message Argument XSS
15966| [47096] Oracle Weblogic Apache Connector POST Request Overflow
15967| [46382] Frontend Filemanager (air_filemanager) Extension for TYPO3 on Apache Unspecified Arbitrary Code Execution
15968| [46285] TYPO3 on Apache Crafted Filename Upload Arbitrary Command Execution
15969| [46085] Apache HTTP Server mod_proxy ap_proxy_http_process_response() Function Interim Response Forwarding Remote DoS
15970| [45905] Apache Tomcat Host Manager host-manager/html/add name Parameter XSS
15971| [45879] Ragnarok Online Control Panel on Apache Crafted Traversal Authentication Bypass
15972| [45742] Apache HTTP Server on Novell Unspecified Request Directive Internal IP Disclosure
15973| [45740] Apache Derby DropSchemaNode Bind Phase Arbitrary Scheme Statement Dropping
15974| [45599] Apache Derby Lock Table Statement Privilege Requirement Bypass Arbitrary Table Lock
15975| [45585] Apache Derby ACCSEC Command RDBNAM Parameter Cleartext Credential Disclosure
15976| [45584] Apache Derby DatabaseMetaData.getURL Function Cleartext Credential Disclosure
15977| [45420] Apache HTTP Server 403 Error Page UTF-7 Encoded XSS
15978| [44728] PHP Toolkit on Gentoo Linux Interpretation Conflict Apache HTTP Server Local DoS
15979| [44618] Oracle JSP Apache/Jserv Path Translation Traversal Arbitrary JSP File Execution
15980| [44159] Apache HTTP Server Remote Virtual Host Name Disclosure
15981| [43997] Apache-SSL ExpandCert() Function Certificate Handling Arbitrary Environment Variables Manipulation
15982| [43994] suPHP for Apache (mod_suphp) Directory Symlink Local Privilege Escalation
15983| [43993] suPHP for Apache (mod_suphp) Owner Mode Race Condition Symlink Local Privilege Escalation
15984| [43663] Apache HTTP Server Mixed Platform AddType Directive Crafted Request PHP Source Disclosure
15985| [43658] AuthCAS Module (AuthCAS.pm) for Apache HTTP Server SESSION_COOKIE_NAME SQL Injection
15986| [43452] Apache Tomcat HTTP Request Smuggling
15987| [43309] Apache Geronimo LoginModule Login Method Bypass
15988| [43290] Apache JSPWiki Entry Page Attachment Unrestricted File Upload
15989| [43259] Apache HTTP Server on Windows mod_proxy_balancer URL Handling Remote Memory Corruption
15990| [43224] Apache Geronimo on SuSE Linux init Script Symlink Unspecified File/Directory Access
15991| [43189] Apache mod_jk2 Host Header Multiple Fields Remote Overflow
15992| [42937] Apache HTTP Server mod_proxy_balancer balancer-manager Unspecified CSRF
15993| [42341] MOD_PLSQL for Apache Unspecified URL SQL Injection
15994| [42340] MOD_PLSQL for Apache CGI Environment Handling Unspecified Overflow
15995| [42214] Apache HTTP Server mod_proxy_ftp UTF-7 Encoded XSS
15996| [42091] Apache Maven Site Plugin Installation Permission Weakness
15997| [42089] Apache Maven .m2/settings.xml Cleartext Password Disclosure
15998| [42088] Apache Maven Defined Repo Process Listing Password Disclosure
15999| [42087] Apache Maven Site Plugin SSH Deployment Permission Setting Weakness
16000| [42036] Apache HTTP Server MS-DOS Device Request Host OS Disclosure
16001| [41891] BEA WebLogic Apache Beehive NetUI Page Flow Unspecified XSS
16002| [41436] Apache Tomcat Native APR Connector Duplicate Request Issue
16003| [41435] Apache Tomcat %5C Cookie Handling Session ID Disclosure
16004| [41434] Apache Tomcat Exception Handling Subsequent Request Information Disclosure
16005| [41400] LimeSurvey save.php Apache Log File PHP Code Injection
16006| [41029] Apache Tomcat Calendar Examples Application cal2.jsp Multiple Parameter CSRF
16007| [41019] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload XSS
16008| [41018] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload CRLF
16009| [40853] Apache Tomcat SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) JSESSIONIDSSO Cookie Security Weakness
16010| [40264] Apache HTTP Server mod_proxy_balancer balancer_handler Function bb Variable Remote DoS
16011| [40263] Apache HTTP Server mod_proxy_balancer balancer-manager Multiple Parameter XSS
16012| [40262] Apache HTTP Server mod_status refresh XSS
16013| [39833] Apache Tomcat JULI Logging Component catalina.policy Security Bypass
16014| [39251] Coppermine Photo Gallery on Apache Multiple File Extension Upload Arbitrary Code Execution
16015| [39166] Apache Tomcat on Windows caseSensitive Attribute Mixed Case Request JSP Source Disclosure
16016| [39134] Apache mod_imagemap Module Imagemap Unspecified XSS
16017| [39133] Apache mod_imap Module Imagemap File Unspecified XSS
16018| [39035] Apache Tomcat examples/servlet/CookieExample Multiple Parameter XSS
16019| [39003] Apache HTTP Server HTTP Method Header Request Entity Too Large XSS
16020| [39000] Apache Tomcat SendMailServlet sendmail.jsp mailfrom Parameter XSS
16021| [38939] Apache HTTP Server Prefork MPM Module Array Modification Local DoS
16022| [38673] Apache Jakarta Slide WebDAV SYSTEM Request Traversal Arbitrary File Access
16023| [38662] Apache Geronimo SQLLoginModule Nonexistent User Authentication Bypass
16024| [38661] Apache Geronimo MEJB Unspecified Authentication Bypass
16025| [38641] Apache HTTP Server mod_mem_cache recall_headers Function Information Disclosure
16026| [38640] Apache HTTP Server suexec Document Root Unauthorized Operations
16027| [38639] Apache HTTP Server suexec Multiple Symlink Privilege Escalation
16028| [38636] Apache HTTP Server mod_autoindex.c P Variable UTF-7 Charset XSS
16029| [38513] BEA WebLogic Server Proxy Plug-in for Apache Protocol Error Handling Remote DoS
16030| [38187] Apache Geronimo / Tomcat WebDAV XML SYSTEM Tag Arbitrary File Access
16031| [37079] Apache HTTP Server mod_cache cache_util.c Malformed Cache-Control Header DoS
16032| [37071] Apache Tomcat Cookie Handling Session ID Disclosure
16033| [37070] Apache Tomcat Cookie Handling Quote Delimiter Session ID Disclosure
16034| [37052] Apache HTTP Server mod_status mod_status.c Unspecified XSS
16035| [37051] Apache HTTP Server mod_proxy modules/proxy/proxy_util.c Crafted Header Remote DoS
16036| [37050] Apache HTTP Server Prefork MPM Module Crafted Code Sequence Local DoS
16037| [36417] Apache Tomcat Host Manager Servlet html/add Action aliases Parameter XSS
16038| [36377] Apache MyFaces Tomahawk JSF Application autoscroll Multiple Script XSS
16039| [36080] Apache Tomcat JSP Examples Crafted URI XSS
16040| [36079] Apache Tomcat Manager Uploaded Filename XSS
16041| [34888] Apache Tomcat Example Calendar Application cal2.jsp time Parameter XSS
16042| [34887] Apache Tomcat implicit-objects.jsp Crafted Header XSS
16043| [34885] Apache Tomcat on IIS Servlet Engine MS-DOS Device Request DoS
16044| [34884] Apache Tomcat on Windows Nonexistent Resource Request Path Disclosure
16045| [34883] Apache Tomcat Crafted JSP File Request Path Disclosure
16046| [34882] Apache Tomcat Default SSL Ciphersuite Configuration Weakness
16047| [34881] Apache Tomcat Malformed Accept-Language Header XSS
16048| [34880] Apache Tomcat HTTP/1.1 Connector NULL Byte Request JSP Source Disclosure
16049| [34879] Apache Tomcat examples/jsp2/jspx/textRotate.jspx XSS
16050| [34878] Apache Tomcat examples/jsp2/el/implicit-objects.jsp XSS
16051| [34877] Apache Tomcat JK Web Server Connector (mod_jk) Double Encoded Traversal Arbitrary File Access
16052| [34876] Apache HTTP Server ScriptAlias CGI Source Disclosure
16053| [34875] Apache Tomcat appdev/sample/web/hello.jsp Multiple Parameter XSS
16054| [34874] Apache Tomcat AJP Connector mod_jk ajp_process_callback Remote Memory Disclosure
16055| [34873] Apache Stats Variable Extraction _REQUEST Ssuperglobal Array Overwrite
16056| [34872] Apache HTTP Server suexec User/Group Combination Weakness Local Privilege Escalation
16057| [34769] Apache Tomcat w/ Proxy Module Double Encoded Traversal Arbitrary File Access
16058| [34541] mod_perl for Apache HTTP Server RegistryCooker.pm PATH_INFO Crafted URI Remote DoS
16059| [34540] mod_perl for Apache HTTP Server PerlRun.pm PATH_INFO Crafted URI Remote DoS
16060| [34398] Apache Tomcat mod_jk Invalid Chunked Encoded Body Information Disclosure
16061| [34154] Apache Axis Nonexistent Java Web Service Path Disclosure
16062| [33855] Apache Tomcat JK Web Server Connector mod_jk.so Long URI Worker Map Remote Overflow
16063| [33816] Apache HTTP Server on Debian Linux TTY Local Privilege Escalation
16064| [33456] Apache HTTP Server Crafted TCP Connection Range Header DoS
16065| [33346] Avaya Multiple Products Apache Tomcat Port Weakness
16066| [32979] Apache Java Mail Enterprise Server (JAMES) Phoenix/MX4J Interface Arbitrary User Creation
16067| [32978] Apache Java Mail Enterprise Server (JAMES) POP3Server Log File Plaintext Password Disclosure
16068| [32724] Apache mod_python _filter_read Freed Memory Disclosure
16069| [32723] Apache Tomcat semicolon Crafted Filename Request Forced Directory Listing
16070| [32396] Apache Open For Business Project (OFBiz) Ecommerce Component Forum Implementation Message Body XSS
16071| [32395] Apache Open For Business Project (OFBiz) Ecommerce Component Form Field Manipulation Privilege Escalation
16072| [30354] Linux Subversion libapache2-svn Search Path Subversion Local Privilege Escalation
16073| [29603] PHP ini_restore() Apache httpd.conf Options Bypass
16074| [29536] Apache Tcl mod_tcl set_var Function Remote Format String
16075| [28919] Apache Roller Weblogger Blog Comment Multiple Field XSS
16076| [28130] PHP with Apache Mixed Case Method Limit Directive Bypass
16077| [27913] Apache HTTP Server on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure
16078| [27588] Apache HTTP Server mod_rewrite LDAP Protocol URL Handling Overflow
16079| [27487] Apache HTTP Server Crafted Expect Header Cross Domain HTML Injection
16080| [26935] FCKeditor on Apache connector.php Crafted File Extension Arbitrary File Upload
16081| [26572] Apache Java Mail Enterprise Server (JAMES) MAIL Command Overflow DoS
16082| [25909] Drupal on Apache files Directory File Upload Arbitrary Code Execution
16083| [24825] Oracle ModPL/SQL for Apache Unspecified Remote HTTP Issue
16084| [24365] Apache Struts Multiple Function Error Message XSS
16085| [24364] Apache Struts getMultipartRequestHandler() Function Crafted Request DoS
16086| [24363] Apache Struts org.apache.struts.taglib.html.Constants.CANCEL Validation Bypass
16087| [24103] Pubcookie Apache mod_pubcookie Unspecified XSS
16088| [23906] Apache mod_python for Apache HTTP Server FileSession Privileged Local Command Execution
16089| [23905] Apache Log4net LocalSyslogAppender Format String Memory Corruption DoS
16090| [23198] Apache WSS4J Library SOAP Signature Verification Bypass
16091| [23124] Generic Apache Request Library (libapreq) apreq_parse_* Functions Remote DoS
16092| [22652] mod_php for Apache HTTP Server Crafted import_request_variables Function DoS
16093| [22475] PHP w/ Apache PDO::FETCH_CLASS __set() Function DoS
16094| [22473] PHP w/ Apache2 Crafted PDOStatement DoS
16095| [22459] Apache Geronimo Error Page XSS
16096| [22458] Apache Tomcat / Geronimo Sample Script cal2.jsp time Parameter XSS
16097| [22301] auth_ldap for Apache HTTP Server auth_ldap_log_reason() Function Remote Format String
16098| [22261] Apache HTTP Server mod_ssl ssl_hook_Access Error Handling DoS
16099| [22259] mod_auth_pgsql for Apache HTTP Server Log Function Format String
16100| [21736] Apache Java Mail Enterprise Server (JAMES) Spooler retrieve Function DoS
16101| [21705] Apache HTTP Server mod_imap Image Map Referer XSS
16102| [21021] Apache Struts Error Message XSS
16103| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
16104| [20491] PHP mod_php apache2handler SAPI Crafted .htaccess DoS
16105| [20462] Apache HTTP Server worker.c MPM Memory Exhaustion DoS
16106| [20439] Apache Tomcat Directory Listing Saturation DoS
16107| [20373] Apache Tomcat on HP Secure OS for Linux Unspecified Servlet Access Issue
16108| [20285] Apache HTTP Server Log File Control Character Injection
16109| [20242] Apache HTTP Server mod_usertrack Predictable Session ID Generation
16110| [20209] Brainf*ck Module (mod_bf) for Apache HTTP Server Local Overflow
16111| [20033] Apache Tomcat MS-DOS Device Request Error Message Path Disclosure
16112| [19883] apachetop atop.debug Symlink Arbitrary File Overwrite
16113| [19863] mod_auth_shadow for Apache HTTP Server require group Authentication Bypass
16114| [19855] Apache HTTP Server ErrorDocument Directive .htaccess Bypass
16115| [19821] Apache Tomcat Malformed Post Request Information Disclosure
16116| [19769] Apache HTTP Server Double-reverse DNS Lookup Spoofing
16117| [19188] Apache HTTP Server mod_ssl SSLVerifyClient Per-location Context Restriction Bypass
16118| [19137] Apache HTTP Server on Red Hat Linux Double Slash GET Request Forced Directory Listing
16119| [19136] Apache on Mandrake Linux Arbitrary Directory Forced Listing
16120| [18977] Apache HTTP Server Crafted HTTP Range Header DoS
16121| [18389] Ragnarok Online Control Panel Apache Authentication Bypass
16122| [18286] Apache HTTP Server mod_ssl ssl_callback_SSLVerify_CRL( ) Function Overflow
16123| [18233] Apache HTTP Server htdigest user Variable Overfow
16124| [17738] Apache HTTP Server HTTP Request Smuggling
16125| [16586] Apache HTTP Server Win32 GET Overflow DoS
16126| [15889] Apache HTTP Server mod_cgid Threaded MPM CGI Output Misdirection
16127| [14896] mod_dav for Apache HTTP Server Remote Null Dereference Child Process Termination
16128| [14879] Apache HTTP Server ap_log_rerror Function Error Message Path Disclosure
16129| [14770] Apache Tomcat AJP12 Protocol Malformed Packet Remote DoS
16130| [14597] Apache Tomcat IntegerOverflow.jsp Test JSP Script Path Disclosure
16131| [14596] Apache Tomcat pageSession.jsp Test JSP Script Path Disclosure
16132| [14595] Apache Tomcat pageLanguage.jsp Test JSP Script Path Disclosure
16133| [14594] Apache Tomcat pageIsThreadSafe.jsp Test JSP Script Path Disclosure
16134| [14593] Apache Tomcat pageIsErrorPage.jsp Test JSP Script Path Disclosure
16135| [14592] Apache Tomcat pageInvalid.jsp Test JSP Script Path Disclosure
16136| [14591] Apache Tomcat pageExtends.jsp Test JSP Script Path Disclosure
16137| [14590] Apache Tomcat pageDouble.jsp Test JSP Script Path Disclosure
16138| [14589] Apache Tomcat pageAutoFlush.jsp Test JSP Script Path Disclosure
16139| [14588] Apache Tomcat extends2.jsp Test JSP Script Path Disclosure
16140| [14587] Apache Tomcat extends1.jsp Test JSP Script Path Disclosure
16141| [14586] Apache Tomcat comments.jsp Test JSP Script Path Disclosure
16142| [14585] Apache Tomcat buffer4.jsp Test JSP Script Path Disclosure
16143| [14584] Apache Tomcat buffer3.jsp Test JSP Script Path Disclosure
16144| [14583] Apache Tomcat buffer2.jsp Test JSP Script Path Disclosure
16145| [14582] Apache Tomcat buffer1.jsp Test JSP Script Path Disclosure
16146| [14581] Apache Tomcat pageImport2.jsp Test JSP Script Path Disclosure
16147| [14580] Apache Tomcat pageInfo.jsp Test JSP Script Path Disclosure
16148| [14410] mod_frontpage for Apache HTTP Server fpexec Remote Overflow
16149| [14044] Apache Batik Squiggle Browser with Rhino Scripting Engine Unspecified File System Access
16150| [13737] mod_access_referer for Apache HTTP Server Malformed Referer DoS
16151| [13711] Apache mod_python publisher.py Traversal Arbitrary Object Information Disclosure
16152| [13640] mod_auth_any for Apache HTTP Server on Red Hat Linux Metacharacter Command Execution
16153| [13304] Apache Tomcat realPath.jsp Path Disclosure
16154| [13303] Apache Tomcat source.jsp Arbitrary Directory Listing
16155| [13087] Apache HTTP Server mod_log_forensic check_forensic Symlink Arbitrary File Creation / Overwrite
16156| [12849] mod_auth_radius for Apache HTTP Server radcpy() Function Overflow DoS
16157| [12848] Apache HTTP Server htdigest realm Variable Overflow
16158| [12721] Apache Tomcat examples/jsp2/el/functions.jsp XSS
16159| [12720] mod_dosevasive for Apache HTTP Server Symlink Arbitrary File Create/Overwrite
16160| [12558] Apache HTTP Server IPv6 FTP Proxy Socket Failure DoS
16161| [12557] Apache HTTP Server prefork MPM accept Error DoS
16162| [12233] Apache Tomcat MS-DOS Device Name Request DoS
16163| [12232] Apache Tomcat with JDK Arbitrary Directory/Source Disclosure
16164| [12231] Apache Tomcat web.xml Arbitrary File Access
16165| [12193] Apache HTTP Server on Mac OS X File Handler Bypass
16166| [12192] Apache HTTP Server on Mac OS X Unauthorized .ht and .DS_Store File Access
16167| [12178] Apache Jakarta Lucene results.jsp XSS
16168| [12176] mod_digest_apple for Apache HTTP Server on Mac OS X Authentication Replay
16169| [11391] Apache HTTP Server Header Parsing Space Saturation DoS
16170| [11003] Apache HTTP Server mod_include get_tag() Function Local Overflow
16171| [10976] mod_mylo for Apache HTTP Server mylo_log Logging Function HTTP GET Overflow
16172| [10637] Apache HTTP Server mod_ssl SSLCipherSuite Access Restriction Bypass
16173| [10546] Macromedia JRun4 mod_jrun Apache Module Remote Overflow
16174| [10471] Apache Xerces-C++ XML Parser DoS
16175| [10218] Apache HTTP Server Satisfy Directive Access Control Bypass
16176| [10068] Apache HTTP Server htpasswd Local Overflow
16177| [10049] mod_cplusplus For Apache HTTP Server Unspecified Overflow
16178| [9994] Apache HTTP Server apr-util IPV6 Parsing DoS
16179| [9991] Apache HTTP Server ap_resolve_env Environment Variable Local Overflow
16180| [9948] mod_dav for Apache HTTP Server LOCK Request DoS
16181| [9742] Apache HTTP Server mod_ssl char_buffer_read Function Reverse Proxy DoS
16182| [9718] Apache HTTP Server Win32 Single Dot Append Arbitrary File Access
16183| [9717] Apache HTTP Server mod_cookies Cookie Overflow
16184| [9716] Apache::Gallery Gallery.pm Inline::C Predictable Filename Code Execution
16185| [9715] Apache HTTP Server rotatelogs Control Characters Over Pipe DoS
16186| [9714] Apache Authentication Module Threaded MPM DoS
16187| [9713] Apache HTTP Server on OS2 filestat.c Device Name Request DoS
16188| [9712] Apache HTTP Server Multiple Linefeed Request Memory Consumption DoS
16189| [9711] Apache HTTP Server Access Log Terminal Escape Sequence Injection
16190| [9710] Apache HTTP Server on Windows Illegal Character Default Script Mapping Bypass
16191| [9709] Apache HTTP Server on Windows MS-DOS Device Name HTTP Post Code Execution
16192| [9708] Apache HTTP Server on Windows MS-DOS Device Name DoS
16193| [9707] Apache HTTP Server Duplicate MIME Header Saturation DoS
16194| [9706] Apache Web Server Multiple MIME Header Saturation Remote DoS
16195| [9705] Apache Tomcat Invoker/Default Servlet Source Disclosure
16196| [9702] Apache HTTP Server CGI/WebDAV HTTP POST Request Source Disclosure
16197| [9701] Apache HTTP Server for Windows Multiple Slash Forced Directory Listing
16198| [9700] Apache HTTP Server mod_autoindex Multiple Slash Request Forced Directory Listing
16199| [9699] Apache HTTP Server mod_dir Multiple Slash Request Forced Directory Listing
16200| [9698] Apache HTTP Server mod_negotiation Multiple Slash Request Forced Directory Listing
16201| [9697] Apache HTTP Server htdigest Local Symlink Arbitrary File Overwrite
16202| [9696] Apache HTTP Server htpasswd Local Symlink Arbitrary File Overwrite
16203| [9695] Apache Tomcat SnoopServlet Servlet Information Disclosure
16204| [9694] PHP3 on Apache HTTP Server Encoded Traversal Arbitrary File Access
16205| [9693] mod_auth_pgsql_sys for Apache HTTP Server User Name SQL Injection
16206| [9692] Apache HTTP Server mod_vhost_alias Mass Virtual Hosting Arbitrary File Access
16207| [9691] Apache HTTP Server mod_rewrite Mass Virtual Hosting Arbitrary File Access
16208| [9690] Apache HTTP Server mod_vhost_alias CGI Program Source Disclosure
16209| [9689] Trustix httpsd for Apache-SSL Permission Weakness Privilege Escalation
16210| [9688] Apache HTTP Server mod_proxy Malformed FTP Command DoS
16211| [9687] Apache::AuthenSmb smbval SMB Authentication Library Multiple Overflows
16212| [9686] Apache::AuthenSmb smbvalid SMB Authentication Library Multiple Overflows
16213| [9523] Apache HTTP Server mod_ssl Aborted Connection DoS
16214| [9459] Oracle PL/SQL (mod_plsql) Apache Module Help Page Request Remote Overflow
16215| [9208] Apache Tomcat .jsp Encoded Newline XSS
16216| [9204] Apache Tomcat ROOT Application XSS
16217| [9203] Apache Tomcat examples Application XSS
16218| [9068] Apache HTTP Server mod_userdir User Account Information Disclosure
16219| [8773] Apache Tomcat Catalina org.apache.catalina.servlets.DefaultServlet Source Code Disclosure
16220| [8772] Apache Tomcat Catalina org.apache.catalina.connector.http DoS
16221| [7943] Apache HTTP Server mod_ssl sslkeys File Disclosure
16222| [7942] Apache HTTP Server mod_ssl Default Pass Phrase
16223| [7941] Apache HTTP Server mod_ssl Encrypted Private Key File Descriptor Leak
16224| [7935] Apache HTTP Server mod_ssl ssl_gcache Race Conditions
16225| [7934] Apache HTTP Server mod_ssl SSLSessionCache File Content Disclosure
16226| [7933] Apache HTTP Server mod_ssl SSLMutex File Content Disclosure
16227| [7932] Apache HTTP Server mod_ssl mkcert.sh File Creation Permission Weakness
16228| [7931] Apache HTTP Server mod_ssl X.509 Client Certificate Authentication Bypass
16229| [7930] Apache HTTP Server mod_ssl ssl_expr_eval_func_file() Overflow
16230| [7929] Apache HTTP Server mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String
16231| [7611] Apache HTTP Server mod_alias Local Overflow
16232| [7394] Apache Tomcat mod_jk Invalid Transfer-Encoding Chunked Field DoS
16233| [7203] Apache Tomcat source.jsp Traversal Arbitrary File Access
16234| [7039] Apache HTTP Server on Mac OS X HFS+ File System Access Bypass
16235| [6882] Apache mod_python Malformed Query String Variant DoS
16236| [6839] Apache HTTP Server mod_proxy Content-Length Overflow
16237| [6630] Apache Tomcat Java Server Pages (JSP) Engine WPrinterJob() DoS
16238| [6472] Apache HTTP Server mod_ssl ssl_util_uuencode_binary Remote Overflow
16239| [5821] Apache HTTP Server Multiple / GET Remote Overflow DoS
16240| [5580] Apache Tomcat Servlet Malformed URL JSP Source Disclosure
16241| [5552] Apache HTTP Server split-logfile Arbitrary .log File Overwrite
16242| [5526] Apache Tomcat Long .JSP URI Path Disclosure
16243| [5278] Apache Tomcat web.xml Restriction Bypass
16244| [5051] Apache Tomcat Null Character DoS
16245| [4973] Apache Tomcat servlet Mapping XSS
16246| [4650] mod_gzip for Apache HTTP Server Debug Mode Printf Stack Overflow
16247| [4649] mod_gzip for Apache HTTP Server Debug Mode Format String Overflow
16248| [4648] mod_gzip for Apache HTTP Server Debug Mode Race Condition
16249| [4568] mod_survey For Apache ENV Tags SQL Injection
16250| [4553] Apache HTTP Server ApacheBench Overflow DoS
16251| [4552] Apache HTTP Server Shared Memory Scoreboard DoS
16252| [4446] Apache HTTP Server mod_disk_cache Stores Credentials
16253| [4383] Apache HTTP Server Socket Race Condition DoS
16254| [4382] Apache HTTP Server Log Entry Terminal Escape Sequence Injection
16255| [4340] Apache Portable Runtime (APR) apr_psprintf DoS
16256| [4232] Apache Cocoon DatabaseAuthenticatorAction SQL Injection
16257| [4231] Apache Cocoon Error Page Server Path Disclosure
16258| [4182] Apache HTTP Server mod_ssl Plain HTTP Request DoS
16259| [4181] Apache HTTP Server mod_access IP Address Netmask Rule Bypass
16260| [4075] Apache HTTP Sever on Windows .var File Request Path Disclosure
16261| [4037] Apache HTTP Server on Cygwin Encoded GET Request Arbitrary File Access
16262| [3877] Apache-SSL SSLVerifyClient SSLFakeBasicAuth Client Certificate Forgery
16263| [3819] Apache HTTP Server mod_digest Cross Realm Credential Replay
16264| [3322] mod_php for Apache HTTP Server Process Hijack
16265| [3215] mod_php for Apache HTTP Server File Descriptor Leakage
16266| [2885] Apache mod_python Malformed Query String DoS
16267| [2749] Apache Cocoon view-source Sample File Traversal Arbitrary File Access
16268| [2733] Apache HTTP Server mod_rewrite Local Overflow
16269| [2672] Apache HTTP Server mod_ssl SSLCipherSuite Ciphersuite Downgrade Weakness
16270| [2613] Apache HTTP Server mod_cgi stderr Output Handling Local DoS
16271| [2149] Apache::Gallery Privilege Escalation
16272| [2107] Apache HTTP Server mod_ssl Host: Header XSS
16273| [1926] Apache HTTP Server mod_rewrite Crafted URI Rule Bypass
16274| [1833] Apache HTTP Server Multiple Slash GET Request DoS
16275| [1577] Apache HTTP Server mod_rewrite RewriteRule Expansion Arbitrary File Access
16276| [872] Apache Tomcat Multiple Default Accounts
16277| [862] Apache HTTP Server SSI Error Page XSS
16278| [859] Apache HTTP Server Win32 Crafted Traversal Arbitrary File Access
16279| [849] Apache Tomcat TroubleShooter Servlet Information Disclosure
16280| [845] Apache Tomcat MSDOS Device XSS
16281| [844] Apache Tomcat Java Servlet Error Page XSS
16282| [842] Apache HTTP Server mod_ssl ssl_compat_directive Function Overflow
16283| [838] Apache HTTP Server Chunked Encoding Remote Overflow
16284| [827] PHP4 for Apache on Windows php.exe Malformed Request Path Disclosure
16285| [775] Apache mod_python Module Importing Privilege Function Execution
16286| [769] Apache HTTP Server Win32 DOS Batch File Arbitrary Command Execution
16287| [756] Apache HTTP Server mod_ssl i2d_SSL_SESSION Function SSL Client Certificate Overflow
16288| [701] Apache HTTP Server Win32 ScriptAlias php.exe Arbitrary File Access
16289| [674] Apache Tomcat Nonexistent File Error Message Path Disclosure
16290| [637] Apache HTTP Server UserDir Directive Username Enumeration
16291| [623] mod_auth_pgsql for Apache HTTP Server User Name SQL Injection
16292| [582] Apache HTTP Server Multiviews Feature Arbitrary Directory Listing
16293| [562] Apache HTTP Server mod_info /server-info Information Disclosure
16294| [561] Apache Web Servers mod_status /server-status Information Disclosure
16295| [417] Apache HTTP Server on SuSE Linux /doc/packages Remote Information Disclosure
16296| [410] mod_perl for Apache HTTP Server /perl/ Directory Listing
16297| [404] Apache HTTP Server on SuSE Linux WebDAV PROPFIND Arbitrary Directory Listing
16298| [402] Apache HTTP Server on SuSE Linux cgi-bin-sdb Request Script Source Disclosure
16299| [379] Apache ASP module Apache::ASP source.asp Example File Arbitrary File Creation
16300| [377] Apache Tomcat Snoop Servlet Remote Information Disclosure
16301| [376] Apache Tomcat contextAdmin Arbitrary File Access
16302| [342] Apache HTTP Server for Windows Multiple Forward Slash Directory Listing
16303| [222] Apache HTTP Server test-cgi Arbitrary File Access
16304| [143] Apache HTTP Server printenv.pl Multiple Method CGI XSS
16305| [48] Apache HTTP Server on Debian /usr/doc Directory Information Disclosure
16306|_
16307113/tcp closed ident
16308443/tcp open ssl/http Apache httpd
16309| vulscan: VulDB - https://vuldb.com:
16310| [141649] Apache OFBiz up to 16.11.05 Form Widget Freemarker Markup Code Execution
16311| [141648] Apache OFBiz up to 16.11.05 Application Stored cross site scripting
16312| [140386] Apache Commons Beanutils 1.9.2 BeanIntrospector unknown vulnerability
16313| [139708] Apache Ranger up to 1.2.0 Policy Import cross site scripting
16314| [139540] cPanel up to 60.0.24 Apache HTTP Server Key information disclosure
16315| [139386] Apache Tike up to 1.21 RecursiveParserWrapper Stack-based memory corruption
16316| [139385] Apache Tika 1.19/1.20/1.21 SAXParsers Hang denial of service
16317| [139384] Apache Tika up to 1.21 RecursiveParserWrapper ZIP File denial of service
16318| [139261] Apache Solr 8.2.0 DataImportHandler Parameter unknown vulnerability
16319| [139259] cPanel up to 68.0.26 WHM Apache Includes Editor information disclosure
16320| [139256] cPanel up to 68.0.26 WHM Apache Configuration Include Editor cross site scripting
16321| [139239] cPanel up to 70.0.22 Apache HTTP Server Log information disclosure
16322| [139141] Apache ActiveMQ Client up to 5.15.4 ActiveMQConnection.java ActiveMQConnection denial of service
16323| [139130] cPanel up to 73.x Apache HTTP Server Injection privilege escalation
16324| [138914] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 VM sql injection
16325| [138913] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Block Argument privilege escalation
16326| [138912] Venustech Apache VCL 2.1/2.2/2.3/2.4/2.5 Cookie sql injection
16327| [138816] Apache Storm up to 1.2.2 Logviewer Daemon Log information disclosure
16328| [138815] Apache Storm up to 1.2.2 UI Daemon Deserialization privilege escalation
16329| [138164] Oracle 2.7.0.1 Apache Log4j unknown vulnerability
16330| [138155] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Tomcat unknown vulnerability
16331| [138151] Oracle Transportation Management 6.3.7 Apache Tomcat unknown vulnerability
16332| [138149] Oracle Agile Engineering Data Management 6.2.0/6.2.1 Apache Commons FileUpload unknown vulnerability
16333| [138131] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Tomcat unknown vulnerability
16334| [138129] Oracle Retail Xstore Point of Service 7.0/7.1 Apache HTTP Server denial of service
16335| [138123] Oracle Retail Order Management System 5.0 Apache Struts 1 unknown vulnerability
16336| [138122] Oracle Retail Order Broker 5.2/15.0 Apache Tomcat unknown vulnerability
16337| [138121] Oracle Retail Order Broker 5.2/15.0 Apache CXF unknown vulnerability
16338| [138112] Oracle Retail Integration Bus 15.0/16.0 Apache Commons FileUpload unknown vulnerability
16339| [138111] Oracle MICROS Retail XBRi Loss Prevention 10.8.0/10.8.1/10.8.2/10.8.3 Apache Commons FileUpload unknown vulnerability
16340| [138103] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56/8.57 Apache WSS4J information disclosure
16341| [138053] Oracle JD Edwards EnterpriseOne Tools 9.2 Apache Log4j unknown vulnerability
16342| [138036] Oracle Insurance Rules Palette 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
16343| [138035] Oracle Insurance Policy Administration J2EE 10.0/10.1/10.2/11.0 Apache Commons FileUpload unknown vulnerability
16344| [138034] Oracle Insurance Calculation Engine 9.7/10.0/10.1/10.2 Apache Commons FileUpload unknown vulnerability
16345| [138028] Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
16346| [138020] Oracle BI Publisher 11.1.1.9.0 Apache Tomcat unknown vulnerability
16347| [138019] Oracle BI Publisher (formerly XML Publisher) 11.1.1.9.0 Apache Tomcat unknown vulnerability
16348| [138017] Oracle Outside In Technology 8.5.4 Apache Commons FileUpload unknown vulnerability
16349| [138013] Oracle Outside In Technology 8.5.4 Apache Tomcat unknown vulnerability
16350| [138012] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
16351| [138009] Oracle Outside In Technology 8.5.4 Apache HTTP Server unknown vulnerability
16352| [138008] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Struts 1 denial of service
16353| [138007] Oracle WebCenter Sites 12.2.1.3.0 Apache Tomcat denial of service
16354| [138006] Oracle Enterprise Repository 12.1.3.0.0 Apache CXF denial of service
16355| [138000] Oracle WebCenter Sites 12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
16356| [137999] Oracle WebLogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Apache Commons FileUpload unknown vulnerability
16357| [137995] Oracle Hospitality Simphony 18.2.1 Apache WSS4J information disclosure
16358| [137987] Oracle FLEXCUBE Universal Banking up to 12.0.3/12.4.0/14.2.0 Apache Log4j unknown vulnerability
16359| [137981] Oracle Insurance IFRS 17 Analyzer 8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
16360| [137980] Oracle Insurance Data Foundation 8.0.4/8.0.5/8.0.6/8.0.7 Apache Commons FileUpload unknown vulnerability
16361| [137979] Oracle 8.0.8 Apache Commons FileUpload unknown vulnerability
16362| [137973] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Batik unknown vulnerability
16363| [137970] Oracle Financial Services Profitability Management 8.0.4/8.0.5/8.0.6/8.0.7 Apache ActiveMQ unknown vulnerability
16364| [137967] Oracle up to 8.0.7 Apache httpd unknown vulnerability
16365| [137966] Oracle 8.0.7/8.0.8 Apache Groovy unknown vulnerability
16366| [137965] Oracle Financial Services Liquidity Risk Management 8.0.1/8.0.2/8.0.4/8.0.5/8.0.6 Apache Commons FileUpload unknown vulnerability
16367| [137964] Oracle 8.0.4/8.0.5/8.0.6/8.0.7 Apache Log4j unknown vulnerability
16368| [137933] Oracle Banking Platform up to 2.7.1 Apache Tika unknown vulnerability
16369| [137926] Oracle Enterprise Manager for Fusion Middleware 13.2/13.3 Apache Commons FileUpload information disclosure
16370| [137924] Oracle Enterprise Manager Base Platform 12.1.0.5.0/13.2.0.0.0/13.3.0.0.0 Apache Commons FileUpload unknown vulnerability
16371| [137914] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
16372| [137913] Oracle E-Business Suite up to 12.2.8 Apache ActiveMQ unknown vulnerability
16373| [137911] Oracle E-Business Suite up to 12.2.8 Apache HTTP Server unknown vulnerability
16374| [137910] Oracle E-Business Suite up to 12.2.8 Apache CXF information disclosure
16375| [137909] Oracle E-Business Suite up to 12.2.8 Apache Commons FileUpload unknown vulnerability
16376| [137905] Oracle Primavera Gateway 15.2/16.2/17.12/18.8 Apache Tika denial of service
16377| [137901] Oracle Primavera Unifier up to 18.8 Apache HTTP Server unknown vulnerability
16378| [137895] Oracle Instant Messaging Server 10.0.1.2.0 Apache Tika information disclosure
16379| [137894] Oracle EAGLE (Software) 46.5/46.6/46.7 Apache Tomcat information disclosure
16380| [137892] Oracle Online Mediation Controller 6.1 Apache Batik denial of service
16381| [137891] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Tomcat unknown vulnerability
16382| [137885] Oracle Diameter Signaling Router (DSR) 8.0/8.1/8.2 Apache cxf unknown vulnerability
16383| [137882] Oracle Unified 8.0.0.2.0 Apache Commons FileUpload unknown vulnerability
16384| [137881] Oracle Online Mediation Controller 6.1 Apache Commons FileUpload unknown vulnerability
16385| [137880] Oracle Interactive Session Recorder 6.0/6.1/6.2 Apache Log4j unknown vulnerability
16386| [137879] Oracle Convergence 3.0.2 Apache Commons FileUpload unknown vulnerability
16387| [137876] Oracle Application Session Controller 3.7.1/3.8.0 Apache Commons FileUpload unknown vulnerability
16388| [137829] Apache Roller 5.2.3 Math Comment Authenticator Reflected cross site scripting
16389| [137736] Apache Kafka 0.11.0.0/2.1.0 ACL Validation Request privilege escalation
16390| [136858] MakerBot Replicator 5G Printer Apache HTTP Server information disclosure
16391| [136849] Analogic Poste.io 2.1.6 on Apache RoundCube logs/ information disclosure
16392| [136822] Apache Tomcat up to 8.5.40/9.0.19 Incomplete Fix CVE-2019-0199 Resource Exhaustion denial of service
16393| [136808] Apache Geode up to 1.8.0 Secure Mode privilege escalation
16394| [136646] Apache Allura up to 1.10.x Dropdown Selector Stored cross site scripting
16395| [136374] Apache HTTP Server up to 2.4.38 Slash Regular Expression unknown vulnerability
16396| [136373] Apache HTTP Server 2.4.34/2.4.35/2.4.36/2.4.37/2.4.38 HTTP2 Request Crash denial of service
16397| [136372] Apache HTTP Server up to 2.4.38 HTTP2 Request unknown vulnerability
16398| [136370] Apache Fineract up to 1.2.x sql injection
16399| [136369] Apache Fineract up to 1.2.x sql injection
16400| [135731] Apache Hadoop up to 2.8.4/2.9.1/3.1.0 yarn privilege escalation
16401| [135664] Apache Tomcat up to 7.0.93/8.5.39/9.0.0.17 SSI printenv Command cross site scripting
16402| [135663] Apache Camel up to 2.23.x JSON-lib Library XML Data XML External Entity
16403| [135661] Apache Roller up to 5.2.1/5.2.0 XML-RPC Interface XML File Server-Side Request Forgery
16404| [135402] Apache Zookeeper up to 3.4.13/3.5.0-alpha to 3.5.4-beta getACL() information disclosure
16405| [135270] Apache JSPWiki up to 2.11.0.M3 Plugin Link cross site scripting
16406| [135269] Apache JSPWiki up to 2.11.0.M3 InterWiki Link cross site scripting
16407| [135268] Apache JSPWiki up to 2.11.0.M3 Attachment cross site scripting
16408| [134527] Apache Karaf up to 4.2.4 Config Service directory traversal
16409| [134416] Apache Sanselan 0.97-incubator Loop denial of service
16410| [134415] Apache Sanselan 0.97-incubator Hang denial of service
16411| [134291] Apache Axis up to 1.7.8 Server-Side Request Forgery
16412| [134290] Apache UIMA DUCC up to 2.2.2 cross site scripting
16413| [134248] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
16414| [134247] Apache Archiva up to 2.2.3 Artifact Upload directory traversal
16415| [134246] Apache Camel up to 2.19/2.21.3/2.22.2/2.23.0 directory traversal
16416| [134138] Apache Pluto 3.0.0/3.0.1 Chat Room Demo Portlet cross site scripting
16417| [133992] Apache Qpid Proton up to 0.27.0 Certificate Validation Man-in-the-Middle weak authentication
16418| [133977] Apache Zeppelin up to 0.7.x Stored cross site scripting
16419| [133976] Apache Zeppelin up to 0.7.x Cron Scheduler privilege escalation
16420| [133975] Apache Zeppelin up to 0.7.2 Session Fixation weak authentication
16421| [133444] Apache PDFbox 2.0.14 XML Parser XML External Entity
16422| [133573] Oracle FLEXCUBE Private Banking 2.0.0.0/2.2.0.1/12.0.1.0/12.0.3.0/12.1.0.0 Apache ActiveMQ unknown vulnerability
16423| [133407] Apache Tomcat up to 7.0.93/8.5.39/9.0.17 on Windows JRE Command Line Argument Code Execution
16424| [133315] Apache Airflow up to 1.10.2 HTTP Endpoint cross site request forgery
16425| [133314] Apache Airflow up to 1.10.2 Metadata Database cross site scripting
16426| [133290] Apache Tomcat up to 8.5.37/9.0.14 HTTP2 Stream Execution denial of service
16427| [133112] Apache HTTP Server up to 2.4.38 mod_auth_digest race condition privilege escalation
16428| [133111] Apache HTTP Server 2.4.37/2.4.38 mod_ssl Bypass privilege escalation
16429| [133092] Airsonic 10.2.1 org.apache.commons.lang.RandomStringUtils RecoverController.java java.util.Random weak authentication
16430| [132568] Apache JSPWiki up to 2.11.0.M2 URL User information disclosure
16431| [132567] Apache JSPWiki up to 2.11.0.M2 URL cross site scripting
16432| [132566] Apache ActiveMQ up to 5.15.8 MQTT Frame Memory denial of service
16433| [132565] Apache HBase up to 2.1.3 REST Server Request privilege escalation
16434| [132183] Apache Mesos up to pre-1.4.x Docker Image Code Execution
16435| [131988] Apache Karaf up to 4.2.2 kar Deployer directory traversal
16436| [131859] Apache Hadoop up to 2.9.1 privilege escalation
16437| [131479] Apache Solr up to 7.6 HTTP GET Request Server-Side Request Forgery
16438| [131446] Apache Solr up to 5.0.5/6.6.5 Config API HTTP POST Request Code Execution
16439| [131385] Apache Qpid Broker-J up to 6.x/7.0.6/7.1.0 AMQP Command Crash denial of service
16440| [131315] Apache Mesos up to pre-1.4.x Mesos Masters Rendering JSON Payload Recursion denial of service
16441| [131236] Apache Airflow up to 1.10.1 Metadata Database cross site scripting
16442| [130755] Apache JSPWiki up to 2.10.5 URL cross site scripting
16443| [130629] Apache Guacamole Cookie Flag weak encryption
16444| [130628] Apache Hadoop up to 3.0.0 HDFS information disclosure
16445| [130529] Apache Subversion 1.10.0/1.10.1/1.10.2/1.10.3/1.11.0 mod_dav_svn Directory Crash denial of service
16446| [130353] Apache Open Office up to 4.1.5 Document Loader String memory corruption
16447| [130341] Apache HTTP Server 2.4.37 mod_ssl Loop denial of service
16448| [130330] Apache HTTP Server up to 2.4.37 mod_session Expired privilege escalation
16449| [130329] Apache HTTP Server 2.4.37 mod_http2 Slowloris denial of service
16450| [130212] Apache Airflow up to 1.10.0 LDAP Auth Backend Certificate weak authentication
16451| [130123] Apache Airflow up to 1.8.2 information disclosure
16452| [130122] Apache Airflow up to 1.8.2 command injection cross site request forgery
16453| [130121] Apache Airflow up to 1.8.2 Webserver Object Code Execution
16454| [129717] Oracle Secure Global Desktop 5.4 Apache HTTP Server denial of service
16455| [129688] Oracle Tape Library ACSLS 8.4 Apache Log4j unknown vulnerability
16456| [129673] Oracle Retail Returns Management 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
16457| [129672] Oracle Retail Central Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
16458| [129671] Oracle Retail Back Office 13.3/13.4/14.0/14.1 Apache Commons Fileupload unknown vulnerability
16459| [129574] Oracle Outside In Technology 8.5.3/8.5.4 Apache Tomcat denial of service
16460| [129573] Oracle WebLogic Server 10.3.6.0 Apache HTTP Server denial of service
16461| [129563] Oracle Enterprise Repository 12.1.3.0.0 Apache Log4j unknown vulnerability
16462| [129555] Oracle Outside In Technology 8.5.3 Apache Batik denial of service
16463| [129551] Oracle Outside In Technology 8.5.3/8.5.4 Apache Commons FileUpload denial of service
16464| [129542] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
16465| [129538] Oracle SOA Suite 12.1.3.0.0/12.2.1.3.0 Apache Batik unknown vulnerability
16466| [129519] Oracle Enterprise Manager Ops Center 12.2.2/12.3.3 Apache ActiveMQ unknown vulnerability
16467| [129508] Oracle Applications Manager up to 12.2.8 Apache Derby unknown vulnerability
16468| [129507] Oracle Mobile Field Service up to 12.2.8 Apache Log4j unknown vulnerability
16469| [129505] Oracle Email Center up to 12.2.8 Apache Log4j unknown vulnerability
16470| [129504] Oracle CRM Technical Foundation up to 12.2.8 Apache Commons FileUpload unknown vulnerability
16471| [129499] Oracle Partner Management up to 12.2.8 Apache Log4j unknown vulnerability
16472| [129498] Oracle Marketing up to 12.2.8 Apache Commons FileUpload unknown vulnerability
16473| [129480] Oracle Communications WebRTC Session Controller up to 7.1 Apache Batik unknown vulnerability
16474| [129479] Oracle Communications Diameter Signaling Router up to 8.2 Apache Batik unknown vulnerability
16475| [129474] Oracle Communications Diameter Signaling Router up to 8.2 Apache HTTP Server information disclosure
16476| [129472] Oracle Communications WebRTC Session Controller up to 7.1 Apache Struts 1 unknown vulnerability
16477| [129470] Oracle Communications Converged Application Server up to 7.0.0.0 Apache Struts 1 unknown vulnerability
16478| [129463] Oracle Communications WebRTC Session Controller up to 7.1 Apache Log4j unknown vulnerability
16479| [129461] Oracle Communications Services Gatekeeper up to 6.1.0.3.x Apache Commons Collections Fileupload unknown vulnerability
16480| [129460] Oracle Communications Service Broker 6.0 Apache Log4j unknown vulnerability
16481| [129459] Oracle Communications Policy Management up to 12.4 Apache Struts 2 unknown vulnerability
16482| [129458] Oracle Communications Online Mediation Controller 6.1 Apache Log4j unknown vulnerability
16483| [129457] Oracle Communications Diameter Signaling Router up to 8.2 Apache Commons Fileupload unknown vulnerability
16484| [129456] Oracle Communications Converged Application Server 6.1 Apache Log4j unknown vulnerability
16485| [128714] Apache Thrift Java Client Library up to 0.11.0 SASL Negotiation org.apache.thrift.transport.TSaslTransport unknown vulnerability
16486| [128713] Apache Thrift Node.js Static Web Server up to 0.11.0 directory traversal
16487| [128709] Apache Karaf up to 4.1.6/4.2.1 Features Deployer XMLInputFactory XML External Entity
16488| [128575] Apache NetBeans 9.0 Proxy Auto-Config Code Execution
16489| [128369] Apache Tika 1.8-1.19.1 SQLite3Parser Loop sql injection
16490| [128111] Apache NiFi 1.8.0 Template Upload Man-in-the-Middle cross site request forgery
16491| [128110] Apache NiFi 1.8.0 Cluster Request privilege escalation
16492| [128109] Apache NiFi 1.8.0 Error Page message-page.jsp Request Header cross site scripting
16493| [128108] Apache NiFi up to 1.7.x X-Frame-Options Header privilege escalation
16494| [128102] Apache Oozie up to 5.0.0 Workflow XML Impersonation spoofing
16495| [127994] WordPress up to 5.0.0 on Apache httpd MIME Restriction cross site scripting
16496| [127981] Apache OFBiz 16.11.01/16.11.02/16.11.03/16.11.04 HTTP Engine httpService GET Request privilege escalation
16497| [127161] Apache Hadoop 2.7.4/2.7.5/2.7.6 Incomplete Fix CVE-2016-6811 privilege escalation
16498| [127040] Loadbalancer.org Enterprise VA MAX up to 8.3.2 Apache HTTP Server Log cross site scripting
16499| [127007] Apache Spark Request Code Execution
16500| [126791] Apache Hadoop up to 0.23.11/2.7.6/2.8.4/2.9.1/3.0.2 ZIP File unknown vulnerability
16501| [126767] Apache Qpid Proton-J Transport 0.3 Certificate Verification Man-in-the-Middle weak authentication
16502| [126896] Apache Commons FileUpload 1.3.3 on LDAP Manager DiskFileItem File privilege escalation
16503| [126574] Apache Hive up to 2.3.3/3.1.0 Query privilege escalation
16504| [126573] Apache Hive up to 2.3.3/3.1.0 HiveServer2 privilege escalation
16505| [126564] Apache Superset up to 0.22 Pickle Library load Code Execution
16506| [126488] Apache Syncope up to 2.0.10/2.1.1 BPMN Definition xxe privilege escalation
16507| [126487] Apache Syncope up to 2.0.10/2.1.1 cross site scripting
16508| [126346] Apache Tomcat Path privilege escalation
16509| [125922] Apache Impala up to 3.0.0 ALTER privilege escalation
16510| [125921] Apache Impala up to 3.0.0 Queue Injection privilege escalation
16511| [125647] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Install (Apache Tomcat) information disclosure
16512| [125617] Oracle Retail Returns Management 14.1 Apache Batik unknown vulnerability
16513| [125616] Oracle Retail Point-of-Service 13.4/14.0/14.1 Apache Batik unknown vulnerability
16514| [125614] Oracle Retail Central Office 14.1 Apache Batik unknown vulnerability
16515| [125613] Oracle Retail Back Office 13.3/13.4/14/14.1 Apache Batik unknown vulnerability
16516| [125599] Oracle Retail Open Commerce Platform 5.3.0/6.0.0/6.0.1 Apache Log4j unknown vulnerability
16517| [125569] Oracle PeopleSoft Enterprise PeopleTools 8.55/8.56 Apache HTTP Server information disclosure
16518| [125494] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat information disclosure
16519| [125447] Oracle Business Intelligence Enterprise Edition 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Batik unknown vulnerability
16520| [125428] Oracle Identity Management Suite 11.1.2.3.0/12.2.1.3.0 Apache Log4j unknown vulnerability
16521| [125427] Oracle Identity Analytics 11.1.1.5.8 Apache Log4j unknown vulnerability
16522| [125424] Oracle API Gateway 11.1.2.4.0 Apache Log4j unknown vulnerability
16523| [125423] Oracle BI Publisher 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Apache Log4j unknown vulnerability
16524| [125383] Oracle up to 10.2.0 Apache Trinidad unknown vulnerability
16525| [125379] Oracle up to 10.1.x Apache Struts 1 cross site scripting
16526| [125377] Oracle up to 10.2.0 Apache Commons Collections unknown vulnerability
16527| [125376] Oracle Communications Application Session Controller up to 3.7.0 Apache Commons Collections unknown vulnerability
16528| [125375] Oracle Communications User Data Repository up to 12.1.x Apache Xerces memory corruption
16529| [125248] Apache ActiveMQ up to 5.15.5 Web-based Administration Console queue.jsp Parameter cross site scripting
16530| [125133] Apache Tika up to 1.19 XML Parser reset() denial of service
16531| [124877] Apache PDFbox up to 2.0.11 PDF File denial of service
16532| [124876] Apache Ranger up to 1.1.x UnixAuthenticationService Stack-based memory corruption
16533| [124791] Apache Tomcat up to 7.0.90/8.5.33/9.0.11 URL Open Redirect
16534| [124787] Apache Pony Mail 0.7/0.8/0.9 Statistics Generator Timestamp Data information disclosure
16535| [124447] Apache HTTP Server up to 2.4.34 SETTINGS Frame denial of service
16536| [124346] Apache Mesos pre-1.4.2/1.5.0/1.5.1/1.6.0 on Executor HTTP API String Comparison validation JSON Web Token information disclosure
16537| [124286] Apache Tika up to 1.18 IptcAnpaParser Loop denial of service
16538| [124242] Apache Tika up to 0.18 C:/evil.bat" Directory unknown vulnerability
16539| [124241] Apache Tika up to 0.18 XML Parser Entity Expansion denial of service
16540| [124191] Apache Karaf up to 3.0.8/4.0.8/4.1.0 WebConsole .../gogo/ weak authentication
16541| [124190] Apache Karaf up to 4.1.x sshd privilege escalation
16542| [124152] Apache Camel Mail up to 2.22.0 Path directory traversal
16543| [124143] Apache SpamAssassin up to 3.4.1 PDFInfo Plugin Code Execution
16544| [124134] Apache SpamAssassin up to 3.4.1 Scan Engine HTML::Parser Email denial of service
16545| [124095] PHP up to 5.6.37/7.0.31/7.1.21/7.2.9 Apache2 sapi_apache2.c php_handler cross site scripting
16546| [124024] Apache Mesos 1.4.x/1.5.0 libprocess JSON Payload denial of service
16547| [123814] Apache ActiveMQ Client up to 5.15.5 TLS Hostname Verification Man-in-the-Middle weak authentication
16548| [123393] Apache Traffic Server up to 6.2.2/7.1.3 ESI Plugin Config privilege escalation
16549| [123392] Apache Traffic Server 6.2.2 TLS Handshake Segmentation Fault denial of service
16550| [123391] Apache Traffic Server up to 6.2.2/7.1.3 Range Request Performance denial of service
16551| [123390] Apache Traffic Server up to 6.2.2/7.1.3 Request HTTP Smuggling privilege escalation
16552| [123369] Apache Traffic Server up to 6.2.2/7.1.3 ACL remap.config Request denial of service
16553| [123197] Apache Sentry up to 2.0.0 privilege escalation
16554| [123145] Apache Struts up to 2.3.34/2.5.16 Namespace Code Execution
16555| [123144] Apache Cayenne up to 4.1.M1 CayenneModeler XML File File Transfer privilege escalation
16556| [122981] Apache Commons Compress 1.7 ZipArchiveInputStream ZIP Archive denial of service
16557| [122889] Apache HTTP Server up to 2.2.31/2.4.23 mod_userdir HTTP Response Splitting privilege escalation
16558| [122800] Apache Spark 1.3.0 REST API weak authentication
16559| [122642] Apache Airflow up to 1.8.x 404 Page Reflected cross site scripting
16560| [122568] Apache Tomcat up to 8.5.31/9.0.9 Connection Reuse weak authentication
16561| [122567] Apache Axis 1.0./1.1/1.2/1.3/1.4 cross site scripting
16562| [122556] Apache Tomcat up to 7.0.86/8.0.51/8.5.30/9.0.7 UTF-8 Decoder Loop denial of service
16563| [122531] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.9 WebSocket Client unknown vulnerability
16564| [122456] Apache Camel up to 2.20.3/2.21.0 XSD Validator XML External Entity
16565| [122455] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Revoked Certificate weak authentication
16566| [122454] Apache Tomcat Native up to 1.1.34/1.2.16 OSCP Responder Revoked Certificate weak authentication
16567| [122214] Apache Kafka up to 0.9.0.1/0.10.2.1/0.11.0.2/1.0.0 Broker Request Data Loss denial of service
16568| [122202] Apache Kafka up to 0.10.2.1/0.11.0.1 SASL Impersonation spoofing
16569| [122101] Docker Skeleton Runtime for Apache OpenWhisk Docker Action dockerskeleton:1.3.0 privilege escalation
16570| [122100] PHP Runtime for Apache OpenWhisk Docker Action action-php-v7.2:1.0.0 privilege escalation
16571| [122012] Apache Ignite up to 2.5 Serialization privilege escalation
16572| [121911] Apache Ambari up to 2.5.x/2.6.2 Log Message Credentials information disclosure
16573| [121910] Apache HTTP Server 2.4.33 mod_md HTTP Requests denial of service
16574| [121854] Oracle Tape Library ACSLS up to ACSLS 8.4.0-2 Apache Commons Collections unknown vulnerability
16575| [121752] Oracle Insurance Policy Administration 10.0/10.1/10.2/11.0 Apache Log4j unknown vulnerability
16576| [121370] Apache Spark up to 2.1.2/2.2.1/2.3.0 URL cross site scripting
16577| [121354] Apache CouchDB HTTP API Code Execution
16578| [121144] Apache LDAP API up to 1.0.1 SSL Filter information disclosure
16579| [121143] Apache Storm up to 0.10.2/1.0.6/1.1.2/1.2.1 Cluster privilege escalation
16580| [120436] Apache CXF Fediz up to 1.4.3 Application Plugin unknown vulnerability
16581| [120310] Apache PDFbox up to 1.8.14/2.0.10 AFMParser Loop denial of service
16582| [120168] Apache CXF weak authentication
16583| [120080] Apache Cassandra up to 3.11.1 JMX/RMI Interface RMI Request privilege escalation
16584| [120043] Apache HBase up to 1.2.6.0/1.3.2.0/1.4.4/2.0.0 Thrift 1 API Server weak authentication
16585| [119723] Apache Qpid Broker-J 7.0.0/7.0.1/7.0.2/7.0.3/7.0.4 AMQP Messages Crash denial of service
16586| [122569] Apache HTTP Server up to 2.4.33 HTTP2 Request denial of service
16587| [119486] Apache Geode up to 1.4.0 Security Manager Code Execution
16588| [119306] Apache MXNet Network Interface privilege escalation
16589| [118999] Apache Storm up to 1.0.6/1.1.2/1.2.1 Archive directory traversal
16590| [118996] Apache Storm up to 1.0.6/1.1.2/1.2.1 Daemon spoofing
16591| [118644] Apple macOS up to 10.13.5 apache_mod_php unknown vulnerability
16592| [118200] Apache Batik up to 1.9 Deserialization unknown vulnerability
16593| [118143] Apache NiFi activemq-client Library Deserialization denial of service
16594| [118142] Apache NiFi 1.6.0 SplitXML xxe privilege escalation
16595| [118051] Apache Zookeeper up to 3.4.9/3.5.3-beta weak authentication
16596| [117997] Apache ORC up to 1.4.3 ORC File Recursion denial of service
16597| [117825] Apache Tomcat up to 7.0.88/8.0.52/8.5.31/9.0.8 CORS Filter privilege escalation
16598| [117405] Apache Derby up to 10.14.1.0 Network Server Network Packet privilege escalation
16599| [117347] Apache Ambari up to 2.6.1 HTTP Request directory traversal
16600| [117265] LibreOffice/Apache Office Writer SMB Connection XML Document information disclosure
16601| [117143] Apache uimaj/uima-as/uimaFIT/uimaDUCC XML XXE information disclosure
16602| [117117] Apache Tika up to 1.17 ChmParser Loop denial of service
16603| [117116] Apache Tika up to 1.17 BPGParser Loop denial of service
16604| [117115] Apache Tika up to 1.17 tika-server command injection
16605| [116929] Apache Fineract getReportType Parameter privilege escalation
16606| [116928] Apache Fineract REST Endpoint Parameter privilege escalation
16607| [116927] Apache Fineract MakercheckersApiResource Parameter sql injection
16608| [116926] Apache Fineract REST Parameter privilege escalation
16609| [116574] Apache wicket-jquery-ui up to 6.29.0/7.10.1/8.0.0-M9.1 WYSIWYG Editor privilege escalation
16610| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
16611| [115931] Apache Solr up to 6.6.2/7.2.1 XML Data Parameter XML External Entity
16612| [115883] Apache Hive up to 2.3.2 privilege escalation
16613| [115882] Apache Hive up to 2.3.2 xpath_short information disclosure
16614| [115881] Apache DriverHive JDBC Driver up to 2.3.2 Escape Argument Bypass privilege escalation
16615| [115518] Apache Ignite 2.3 Deserialization privilege escalation
16616| [115260] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache cross site scripting
16617| [115259] EMC RSA Authentication Agent for Web up to 8.0.1 on IIS/Apache Cookie Stack-based memory corruption
16618| [115500] CA Workload Control Center up to r11.4 SP5 Apache MyFaces Component Code Execution
16619| [115121] Apache Struts REST Plugin up to 2.5.15 Xstream XML Data denial of service
16620| [115061] Apache HTTP Server up to 2.4.29 HTTP Digest Authentication Challenge HTTP Requests Replay privilege escalation
16621| [115060] Apache HTTP Server up to 2.4.29 mod_cache_socache Request Header Crash denial of service
16622| [115059] Apache HTTP Server up to 2.4.29 HTTP2 NULL Pointer Dereference denial of service
16623| [115058] Apache HTTP Server up to 2.4.29 HTTP Header Crash denial of service
16624| [115057] Apache HTTP Server up to 2.4.29 mod_session Variable Name Cache privilege escalation
16625| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
16626| [115038] Apache HTTP Server up to 2.0.65/2.2.34/2.4.29 mod_authnz_ldap Crash denial of service
16627| [114817] Apache Syncope up to 1.2.10/2.0.7 Search Parameter information disclosure
16628| [114816] Apache Syncope up to 1.2.10/2.0.7 XSLT Code Execution
16629| [114717] Apache Commons 1.11/1.12/1.13/1.14/1.15 ZIP Archive ZipFile/ZipArchiveInputStream denial of service
16630| [114661] Apache Allura up to 1.8.0 HTTP Response Splitting privilege escalation
16631| [114400] Apache Tomcat JK ISAPI Connector up to 1.2.42 IIS/ISAPI privilege escalation
16632| [114258] Apache HTTP Server up to 2.4.22 mod_cluster Segmentation Fault denial of service
16633| [114086] Apache ODE 1.3.3 ODE Process Deployment Web Service directory traversal
16634| [113955] Apache Xerces-C up to 3.2.0 XML Parser NULL Pointer Dereference denial of service
16635| [113945] Apache Tomcat up to 7.0.84/8.0.49/8.5.27/9.0.4 URL Pattern Empty String privilege escalation
16636| [113944] Apache OpenMeetings up to 3.x/4.0.1 CRUD Operation denial of service
16637| [113905] Apache Traffic Server up to 5.2.x/5.3.2/6.2.0/7.0.0 TLS Handshake Core Dump denial of service
16638| [113904] Apache Traffic Server up to 6.2.0 Host Header privilege escalation
16639| [113895] Apache Geode up to 1.3.x Code Execution
16640| [113894] Apache Geode up to 1.3.x TcpServer Code Execution
16641| [113888] Apache James Hupa WebMail 0.0.2 cross site scripting
16642| [113813] Apache Geode Cluster up to 1.3.x Secure Mode privilege escalation
16643| [113747] Apache Tomcat Servlets privilege escalation
16644| [113647] Apache Qpid up to 0.30 qpidd Broker AMQP Message Crash denial of service
16645| [113645] Apache VCL up to 2.1/2.2.1/2.3.1 Web GUI/XMLRPC API privilege escalation
16646| [113560] Apache jUDDI Console 3.0.0 Log Entries spoofing
16647| [113571] Apache Oozie up to 4.3.0/5.0.0-beta1 XML Data XML File privilege escalation
16648| [113569] Apache Karaf up to 4.0.7 LDAPLoginModule LDAP injection denial of service
16649| [113273] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
16650| [113198] Apache Qpid Dispatch Router 0.7.0/0.8.0 AMQP denial of service
16651| [113186] Apache JMeter 2.x/3.x Distributed Test Only privilege escalation
16652| [113145] Apache Thrift up to 0.9.3 Go Client Library privilege escalation
16653| [113106] Apache jUDDI up to 3.3.3 XML Data WADL2Java/WSDL2Java XML Document privilege escalation
16654| [113105] Apache Qpid Broker-J 7.0.0 AMQP Crash denial of service
16655| [112885] Apache Allura up to 1.8.0 File information disclosure
16656| [112856] Apache CloudStack up to 4.8.1.0/4.9.0.0 API weak authentication
16657| [112855] Apache CloudStack 4.1.0/4.1.1 API information disclosure
16658| [112678] Apache Tomcat up to 7.0.82/8.0.47/8.5.23/9.0.1 Bug Fix 61201 privilege escalation
16659| [112677] Apache Tomcat Native Connector up to 1.1.34/1.2.14 OCSP Checker Client weak authentication
16660| [112625] Apache POI up to 3.16 Loop denial of service
16661| [112448] Apache NiFi up to 1.3.x Deserialization privilege escalation
16662| [112396] Apache Hadoop 2.7.3/2.7.4 YARN NodeManager Credentials information disclosure
16663| [112339] Apache NiFi 1.5.0 Header privilege escalation
16664| [112330] Apache NiFi 1.5.0 Header HTTP Request privilege escalation
16665| [112314] NetGain Enterprise Manager 7.2.730 Build 1034 org.apache.jsp.u.jsp.tools.exec_jsp Servlet Parameter privilege escalation
16666| [112253] Apache Hadoop up to 0.23.x/2.7.4/2.8.2 MapReduce Job History Server Configuration File privilege escalation
16667| [112171] Oracle Secure Global Desktop 5.3 Apache Log4j privilege escalation
16668| [112164] Oracle Agile PLM 9.3.5/9.3.6 Apache Tomcat unknown vulnerability
16669| [112161] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Tomcat privilege escalation
16670| [112158] Oracle Autovue for Agile Product Lifecycle Management 21.0.0/21.0.1 Apache Log4j privilege escalation
16671| [112156] Oracle Agile PLM 9.3.3/9.3.4/9.3.5/9.3.6 Apache Log4j privilege escalation
16672| [112155] Oracle Agile Engineering Data Management 6.1.3/6.2.0/6.2.1 Apache Log4j privilege escalation
16673| [112137] Oracle MICROS Relate CRM Software 10.8.x/11.4.x/15.0.x, Apache Tomcat unknown vulnerability
16674| [112136] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat privilege escalation
16675| [112133] Oracle Retail Workforce Management 1.60.7/1.64.0 Apache Log4j privilege escalation
16676| [112129] Oracle Retail Assortment Planning 14.1.3/15.0.3/16.0.1 Apache Log4j privilege escalation
16677| [112114] Oracle 9.1 Apache Log4j privilege escalation
16678| [112113] Oracle 9.1 Apache Log4j privilege escalation
16679| [112045] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat privilege escalation
16680| [112038] Oracle Health Sciences Empirica Inspections 1.0.1.1 Apache Tomcat information disclosure
16681| [112019] Oracle Endeca Information Discovery Integrator 3.1.0/3.2.0 Apache Tomcat privilege escalation
16682| [112017] Oracle WebCenter Portal 11.1.1.9.0/12.2.1.2.0/12.2.1.3.0 Apache Struts 1 cross site scripting
16683| [112011] Oracle Identity Manager 11.1.2.3.0 Apache Commons Collections privilege escalation
16684| [111950] Oracle Database 12.2.0.1 Apache Tomcat information disclosure
16685| [111703] Apache Sling XSS Protection API 1.0.4 URL Encoding cross site scripting
16686| [111556] Apache Geode up to 1.2.x Secure Mode Parameter OQL privilege escalation
16687| [111555] Apache Geode up to 1.2.x Secure Mode OQL privilege escalation
16688| [111540] Apache Geode up to 1.2.x Secure Mode information disclosure
16689| [111519] Apache Sling JCR ContentLoader 2.1.4 xmlreader directory traversal
16690| [111338] Apache DeltaSpike-JSF 1.8.0 cross site scripting
16691| [111330] Apache OFBiz 16.11.01/16.11.02/16.11.03 BIRT Plugin cross site scripting
16692| [110789] Apache Sling up to 1.4.0 Authentication Service Credentials information disclosure
16693| [110785] Apache Drill up to 1.11.0 Query Page unknown vulnerability
16694| [110701] Apache Fineract Query Parameter sql injection
16695| [110484] Apache Synapse up to 3.0.0 Apache Commons Collections Serialized Object Code Injection privilege escalation
16696| [110426] Adobe Experience Manager 6.0/6.1/6.2/6.3 Apache Sling Servlets Post cross site scripting
16697| [110141] Apache Struts up to 2.5.14 REST Plugin denial of service
16698| [110140] Apache Qpid Broker-J up to 0.32 privilege escalation
16699| [110139] Apache Qpid Broker-J up to 6.1.4 AMQP Frame denial of service
16700| [110106] Apache CXF Fediz Spring cross site request forgery
16701| [109766] Apache OpenOffice up to 4.1.3 DOC File Parser WW8Fonts memory corruption
16702| [109750] Apache OpenOffice up to 4.1.3 DOC File Parser ImportOldFormatStyles memory corruption
16703| [109749] Apache OpenOffice up to 4.1.3 PPT File Parser PPTStyleSheet memory corruption
16704| [109606] October CMS Build 412 Apache Configuration File Upload privilege escalation
16705| [109419] Apache Camel up to 2.19.3/2.20.0 camel-castor Java Object Deserialization privilege escalation
16706| [109418] Apache Camel up to 2.19.3/2.20.0 camel-hessian Java Object Deserialization privilege escalation
16707| [109400] Apache CouchDB up to 1.6.x/2.1.0 Database Server Shell privilege escalation
16708| [109399] Apache CouchDB up to 1.6.x/2.1.0 JSON Parser Shell privilege escalation
16709| [109398] Apache CXF 3.1.14/3.2.1 JAX-WS/JAX-RS Attachment denial of service
16710| [108872] Apache Hive up to 2.1.1/2.2.0/2.3.0 Policy Enforcement privilege escalation
16711| [108939] Apple macOS up to 10.13.1 apache unknown vulnerability
16712| [108938] Apple macOS up to 10.13.1 apache denial of service
16713| [108937] Apple macOS up to 10.13.1 apache unknown vulnerability
16714| [108936] Apple macOS up to 10.13.1 apache unknown vulnerability
16715| [108935] Apple macOS up to 10.13.1 apache denial of service
16716| [108934] Apple macOS up to 10.13.1 apache unknown vulnerability
16717| [108933] Apple macOS up to 10.13.1 apache unknown vulnerability
16718| [108932] Apple macOS up to 10.13.1 apache unknown vulnerability
16719| [108931] Apple macOS up to 10.13.1 apache denial of service
16720| [108930] Apple macOS up to 10.13.1 apache unknown vulnerability
16721| [108929] Apple macOS up to 10.13.1 apache denial of service
16722| [108928] Apple macOS up to 10.13.1 apache unknown vulnerability
16723| [108797] Apache Struts up to 2.3.19 TextParseUtiltranslateVariables OGNL Expression privilege escalation
16724| [108795] Apache Traffic Server up to 5.3.0 HTTP2 set_dynamic_table_size memory corruption
16725| [108794] Apache WSS4J up to 1.6.16/2.0.1 Incomplete Fix Leak information disclosure
16726| [108793] Apache Qpid up to 0.30 qpidd Crash denial of service
16727| [108792] Apache Traffic Server up to 5.1.0 Access Restriction privilege escalation
16728| [108791] Apache Wicket up to 1.5.11/6.16.x/7.0.0-M2 Session information disclosure
16729| [108790] Apache Storm 0.9.0.1 Log Viewer directory traversal
16730| [108789] Apache Cordova In-App-Browser Standalone Plugin up to 0.3.1 on iOS CDVInAppBrowser privilege escalation
16731| [108788] Apache Cordova File-Transfer Standalone Plugin up to 0.4.1 on iOS ios/CDVFileTransfer.m spoofing
16732| [108787] Apache HttpClient up to 4.3.0 HttpClientBuilder.java unknown vulnerability
16733| [108786] Apache Wicket up to 1.4.21/1.5.9/6.3.x script Tag cross site scripting
16734| [108783] Apache Hadoop up to 0.23.3/1.0.3/2.0.1 Kerberos Security Feature Key weak encryption
16735| [108782] Apache Xerces2 XML Service denial of service
16736| [108781] Apache jUDDI up to 1.x happyjuddi.jsp Parameter cross site scripting
16737| [108780] Apache jUDDI up to 1.x Log File uddiget.jsp spoofing
16738| [108709] Apache Cordova Android up to 3.7.1/4.0.1 intent URL privilege escalation
16739| [108708] Apache ActiveMQ up to 5.10.0 XML Data XML External Entity
16740| [108707] Apache ActiveMQ up to 1.7.0 XML Data XML External Entity
16741| [108629] Apache OFBiz up to 10.04.01 privilege escalation
16742| [108543] Apache Derby 10.1.2.1/10.2.2.0/10.3.1.4/10.4.1.3 Export File privilege escalation
16743| [108312] Apache HTTP Server on RHEL IP Address Filter privilege escalation
16744| [108297] Apache NiFi up to 0.7.1/1.1.1 Proxy Chain Username Deserialization privilege escalation
16745| [108296] Apache NiFi up to 0.7.1/1.1.1 Cluster Request privilege escalation
16746| [108250] Oracle Secure Global Desktop 5.3 Apache HTTP Server memory corruption
16747| [108245] Oracle Transportation Management up to 6.3.7 Apache Tomcat unknown vulnerability
16748| [108244] Oracle Transportation Management 6.4.1/6.4.2 Apache Commons FileUpload denial of service
16749| [108243] Oracle Agile Engineering Data Management 6.1.3/6.2.0 Apache Commons Collections memory corruption
16750| [108222] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Batik denial of service
16751| [108219] Oracle MICROS Retail XBRi Loss Prevention up to 10.8.1 Apache Tomcat unknown vulnerability
16752| [108217] Oracle Retail Store Inventory Management 13.2.9/14.0.4/14.1.3/15.0.1/16.0.1 Apache Groovy unknown vulnerability
16753| [108216] Oracle Retail Convenience and Fuel POS Software 2.1.132 Apache Groovy unknown vulnerability
16754| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
16755| [108113] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Batik denial of service
16756| [108107] Oracle Hospitality Guest Access 4.2.0/4.2.1 Apache Tomcat unknown vulnerability
16757| [108102] Oracle Healthcare Master Person Index 4.x Apache Groovy unknown vulnerability
16758| [108085] Oracle Identity Manager 11.1.2.3.0 Apache Struts 1 memory corruption
16759| [108083] Oracle API Gateway 11.1.2.4.0 Apache Batik denial of service
16760| [108080] Oracle GlassFish Server 3.1.2 Apache Commons FileUpload denial of service
16761| [108066] Oracle Management Pack for GoldenGate 11.2.1.0.12 Apache Tomcat memory corruption
16762| [108062] Oracle BI Publisher 11.1.1.7.0/12.2.1.1.0/12.2.1.2.0 Apache ActiveMQ memory corruption
16763| [108060] Oracle Enterprise Manager Ops Center 12.2.2/12.3.2 Apache Groovy unknown vulnerability
16764| [108033] Oracle Primavera Unifier 9.13/9.14/10.x/15.x/16.x, Apache Groovy unknown vulnerability
16765| [108013] Oracle Communications WebRTC Session Controller 7.0/7.1/7.2 Apache Groovy unknown vulnerability
16766| [108011] Oracle Communications Services Gatekeeper 5.1/6.0 Apache Trinidad unknown vulnerability
16767| [107904] Apache Struts up to 2.3.28 Double OGNL Evaluation privilege escalation
16768| [107860] Apache Solr up to 7.0 Apache Lucene RunExecutableListener XML External Entity
16769| [107834] Apache Ranger up to 0.6.1 Change Password privilege escalation
16770| [107639] Apache NiFi 1.4.0 XML External Entity
16771| [107606] Apache ZooKeper up to 3.4.9/3.5.2 Command CPU Exhaustion denial of service
16772| [107597] Apache Roller up to 5.0.2 XML-RPC Protocol Support XML External Entity
16773| [107429] Apache Impala up to 2.9.x Kudu Table privilege escalation
16774| [107411] Apache Tomcat up to 7.0.81/8.0.46/8.5.22/9.0.0 JSP File File Upload privilege escalation
16775| [107385] Apache Geode up to 1.2.0 Secure Mode privilege escalation
16776| [107339] Apache OpenNLP up to 1.5.3/1.6.0/1.7.2/1.8.1 XML Data XML External Entity
16777| [107333] Apache Wicket up to 8.0.0-M1 CSRF Prevention HTTP Header privilege escalation
16778| [107323] Apache Wicket 1.5.10/6.13.0 Class Request information disclosure
16779| [107310] Apache Geode up to 1.2.0 Command Line Utility Query privilege escalation
16780| [107276] ArcSight ESM/ArcSight ESM Express up to 6.9.1c Patch 3/6.11.0 Apache Tomcat Version information disclosure
16781| [107266] Apache Tika up to 1.12 XML Parser XML External Entity
16782| [107262] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
16783| [107258] Apache Mesos up to 1.1.2/1.2.1/1.3.0/1.4.0-dev libprocess HTTP Request Crash denial of service
16784| [107197] Apache Xerces Jelly Parser XML File XML External Entity
16785| [107193] ZTE NR8950 Apache Commons Collections RMI Request Deserialization privilege escalation
16786| [107084] Apache Struts up to 2.3.19 cross site scripting
16787| [106877] Apache Struts up to 2.0.33/2.5.10 Freemarker Tag privilege escalation
16788| [106875] Apache Struts up to 2.5.5 URL Validator denial of service
16789| [106874] Apache Struts up to 2.3.30 Convention Plugin directory traversal
16790| [106847] Apache Tomcat up to 7.0.80 VirtualDirContext Source information disclosure
16791| [106846] Apache Tomcat up to 7.0.79 on Windows HTTP PUT Method Parameter File Upload privilege escalation
16792| [106777] Apache HTTP Server up to 2.2.34/2.4.27 Limit Directive ap_limit_section HTTP Request information disclosure
16793| [106739] puppetlabs-apache up to 1.11.0/2.0.x weak authentication
16794| [106720] Apache Wicket up to 1.5.12/6.18.x/7.0.0-M4 CryptoMapper privilege escalation
16795| [106586] Apache Brooklyn up to 0.9.x REST Server cross site scripting
16796| [106562] Apache Spark up to 2.1.1 Launcher API Deserialization privilege escalation
16797| [106559] Apache Brooklyn up to 0.9.x SnakeYAML YAML Data Java privilege escalation
16798| [106558] Apache Brooklyn up to 0.9.x REST Server cross site request forgery
16799| [106556] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
16800| [106555] Apache Traffic Server up to 5.3.1 HTTP2 unknown vulnerability
16801| [106171] Apache Directory LDAP API up to 1.0.0-M30 Timing unknown vulnerability
16802| [106167] Apache Struts up to 2.5.12 REST Plugin XML Data privilege escalation
16803| [106166] Apache Struts up to 2.3.33/2.5.12 REST Plugin denial of service
16804| [106165] Apache Struts up to 2.3.33/2.5.12 URLValidator Regex CPU Exhaustion denial of service
16805| [106115] Apache Hadoop up to 2.6.4/2.7.2 YARN NodeManager Password information disclosure
16806| [106012] Apache Solr up to 5.5.3/6.4.0 Replication directory traversal
16807| [105980] Apache Engine 16.11.01 Parameter Reflected unknown vulnerability
16808| [105962] Apache Atlas 0.6.0/0.7.0 Frame cross site scripting
16809| [105961] Apache Atlas 0.6.0/0.7.0 Stack Trace information disclosure
16810| [105960] Apache Atlas 0.6.0/0.7.0 Search Reflected cross site scripting
16811| [105959] Apache Atlas 0.6.0/0.7.0 edit Tag DOM cross site scripting
16812| [105958] Apache Atlas 0.6.0/0.7.0 edit Tag Stored cross site scripting
16813| [105957] Apache Atlas 0.6.0/0.7.0 Cookie privilege escalation
16814| [105905] Apache Atlas 0.6.0/0.7.0/0.7.1 /js privilege escalation
16815| [105878] Apache Struts up to 2.3.24.0 privilege escalation
16816| [105682] Apache2Triad 1.5.4 phpsftpd/users.php Parameter cross site scripting
16817| [105681] Apache2Triad 1.5.4 phpsftpd/users.php Request cross site request forgery
16818| [105680] Apache2Triad 1.5.4 Parameter Session Fixation weak authentication
16819| [105643] Apache Pony Mail up to 0.8b weak authentication
16820| [105288] Apache Sling up to 2.3.21 Sling.evalString() String cross site scripting
16821| [105219] Apache Tomcat up to 8.5.15/9.0.0.M21 HTTP2 Bypass directory traversal
16822| [105218] Apache Tomcat up to 7.0.78/8.0.44/8.5.15/9.0.0.M21 CORS Filter Cache Poisoning privilege escalation
16823| [105215] Apache CXF up to 3.0.12/3.1.9 OAuth2 Hawk/JOSE MAC Validation Timing unknown vulnerability
16824| [105206] Apache CXF up to 3.0.11/3.1.8 JAX-RS Module XML External Entity
16825| [105205] Apache CXF up to 3.0.11/3.1.8 HTTP Transport Module Parameter cross site scripting
16826| [105202] Apache Storm 1.0.0/1.0.1/1.0.2/1.0.3/1.1.0 Worker privilege escalation
16827| [104987] Apache Xerces-C++ XML Service CPU Exhaustion denial of service
16828| [104986] Apache CXF 2.4.5/2.5.1 WS-SP UsernameToken Policy SOAP Request weak authentication
16829| [104985] Apache MyFaces Core up to 2.1.4 EL Expression Parameter Injection information disclosure
16830| [104983] Apache Wink up to 1.1.1 XML Document xxe privilege escalation
16831| [104981] Apache Commons Email 1.0/1.1/1.2/1.3/1.4 Subject Linebreak SMTP privilege escalation
16832| [104591] MEDHOST Document Management System Apache Solr Default Credentials weak authentication
16833| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
16834| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
16835| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
16836| [103995] Oracle 8.3/8.4/15.1/15.2 Apache Trinidad unknown vulnerability
16837| [103993] Oracle Policy Automation up to 12.2.3 Apache Commons FileUplaod denial of service
16838| [103916] Oracle Banking Platform 2.3/2.4/2.4.1/2.5 Apache Commons FileUpload denial of service
16839| [103906] Oracle Communications BRM 11.2.0.0.0 Apache Commons Collections privilege escalation
16840| [103904] Oracle Communications BRM 11.2.0.0.0/11.3.0.0.0 Apache Groovy memory corruption
16841| [103866] Oracle Transportation Management 6.1/6.2 Apache Webserver unknown vulnerability
16842| [103816] Oracle BI Publisher 11.1.1.9.0/12.2.1.1.0/12.2.1.2.0 Apache Commons Fileupload denial of service
16843| [103797] Oracle Tuxedo System and Applications Monitor Apache Commons Collections privilege escalation
16844| [103792] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Commons Fileupload privilege escalation
16845| [103791] Oracle Endeca Server 7.6.0.0/7.6.1.0 Apache Commons Collections privilege escalation
16846| [103788] Oracle Enterprise Repository 11.1.1.7.0/12.1.3.0.0 Apache ActiveMQ memory corruption
16847| [103787] Oracle Enterprise Data Quality 8.1.13.0.0 Apache Groovy memory corruption
16848| [103763] Apache Sling up to 1.0.11 XSS Protection API XSS.getValidXML() Application XML External Entity
16849| [103762] Apache Sling up to 1.0.12 XSS Protection API XSSAPI.encodeForJSString() Script Tag cross site scripting
16850| [103693] Apache OpenMeetings 1.0.0 HTTP Method privilege escalation
16851| [103692] Apache OpenMeetings 1.0.0 Tomcat Error information disclosure
16852| [103691] Apache OpenMeetings 3.2.0 Parameter privilege escalation
16853| [103690] Apache OpenMeetings 1.0.0 sql injection
16854| [103689] Apache OpenMeetings 1.0.0 crossdomain.xml privilege escalation
16855| [103688] Apache OpenMeetings 1.0.0 weak encryption
16856| [103687] Apache OpenMeetings 1.0.0 cross site request forgery
16857| [103556] Apache Roller 5.1.0/5.1.1 Weblog Page Template VTL privilege escalation
16858| [103554] Apache OpenMeetings 1.0.0 Password Update unknown vulnerability
16859| [103553] Apache OpenMeetings 1.0.0 File Upload privilege escalation
16860| [103552] Apache OpenMeetings 3.2.0 Chat cross site scripting
16861| [103551] Apache OpenMeetings 3.1.0 XML unknown vulnerability
16862| [103521] Apache HTTP Server 2.4.26 HTTP2 Free memory corruption
16863| [103520] Apache HTTP Server up to 2.2.33/2.4.26 mod_auth_digest Authorization Header memory corruption
16864| [103519] Apache Struts up to 2.5.11/2.3.32 Spring AOP denial of service
16865| [103518] Apache Struts up to 2.5.11 URLValidator directory traversal
16866| [103492] Apache Spark up to 2.1.x Web UI Reflected cross site scripting
16867| [103401] Apache Struts 2.3.x Struts 1 Plugin ActionMessage privilege escalation
16868| [103399] Apache Traffic Control Traffic Router TCP Connection Slowloris denial of service
16869| [103387] Apache Impala up to 2.8.0 StatestoreSubscriber weak encryption
16870| [103386] Apache Impala up to 2.7.x/2.8.0 Kerberos weak authentication
16871| [103352] Apache Solr Node weak authentication
16872| [102897] Apache Ignite up to 2.0 Update Notifier information disclosure
16873| [102878] Code42 CrashPlan 5.4.x RMI Server org.apache.commons.ssl.rmi.DateRMI privilege escalation
16874| [102698] Apache HTTP Server up to 2.2.32/2.4.25 mod_mime Content-Type memory corruption
16875| [102697] Apache HTTP Server 2.2.24/2.2.32 HTTP Strict Parsing ap_find_token Request Header memory corruption
16876| [102690] Apache HTTP Server up to 2.2.32/2.4.25 mod_ssl ap_hook_process_connection() denial of service
16877| [102689] Apache HTTP Server up to 2.2.32/2.4.25 ap_get_basic_auth_pw weak authentication
16878| [102622] Apache Thrift up to 0.9.2 Client Libraries skip denial of service
16879| [102538] Apache Ranger up to 0.7.0 Authorizer unknown vulnerability
16880| [102537] Apache Ranger up to 0.7.0 Wildcard Character unknown vulnerability
16881| [102536] Apache Ranger up to 0.6 Stored cross site scripting
16882| [102535] Apache Ranger up to 0.6.2 Policy Engine unknown vulnerability
16883| [102255] Apache NiFi up to 0.7.3/1.2.x Response Header privilege escalation
16884| [102254] Apache NiFi up to 0.7.3/1.2.x UI cross site scripting
16885| [102070] Apache CXF Fediz up to 1.1.2/1.2.0 Application Plugin denial of service
16886| [102020] Apache Tomcat up to 9.0.0.M1 Java Servlet HTTP Method unknown vulnerability
16887| [101858] Apache Hive up to 1.2.1/2.0.0 Client weak authentication
16888| [101802] Apache KNOX up to 0.11.0 WebHDFS privilege escalation
16889| [101928] HPE Aruba ClearPass Apache Tomcat information disclosure
16890| [101524] Apache Archiva up to 1.x/2.2.1 REST Endpoint cross site request forgery
16891| [101513] Apache jUDDI 3.1./3.1.2/3.1.3/3.1.4 Logout Open Redirect
16892| [101430] Apache CXF Fediz up to 1.3.1 OIDC Service cross site request forgery
16893| [101429] Apache CXF Fediz up to 1.2.3/1.3.1 Plugins cross site request forgery
16894| [100619] Apache Hadoop up to 2.6.x HDFS Servlet unknown vulnerability
16895| [100618] Apache Hadoop up to 2.7.0 HDFS Web UI cross site scripting
16896| [100621] Adobe ColdFusion 10/11/2016 Apache BlazeDS Library Deserialization privilege escalation
16897| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
16898| [100191] Oracle Secure Global Desktop 4.71/5.2/5.3 Web Server (Apache HTTP Server) information disclosure
16899| [100162] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Commons Collections privilege escalation
16900| [100160] Oracle StorageTek Tape Analytics SW Tool up to 2.2.0 Apache Trinidad unknown vulnerability
16901| [99969] Oracle WebCenter Sites 11.1.1.8.0 Apache Tomcat memory corruption
16902| [99937] Apache Batik up to 1.8 privilege escalation
16903| [99936] Apache FOP up to 2.1 privilege escalation
16904| [99935] Apache CXF up to 3.0.12/3.1.10 STSClient Cache information disclosure
16905| [99934] Apache CXF up to 3.0.12/3.1.10 JAX-RS XML Security Streaming Client spoofing
16906| [99930] Apache Traffic Server up to 6.2.0 denial of service
16907| [99929] Apache Log4j up to 2.8.1 Socket Server Deserialization privilege escalation
16908| [99925] Apache Traffic Server 6.0.0/6.1.0/6.2.0 HPACK Bomb denial of service
16909| [99738] Ping Identity OpenID Connect Authentication Module up to 2.13 on Apache Mod_auth_openidc.c spoofing
16910| [117569] Apache Hadoop up to 2.7.3 privilege escalation
16911| [99591] Apache TomEE up to 1.7.3/7.0.0-M2 EjbObjectInputStream Serialized Object privilege escalation
16912| [99370] Apache Ignite up to 1.8 update-notifier Document XML External Entity
16913| [99299] Apache Geode up to 1.1.0 Pulse OQL Query privilege escalation
16914| [99572] Apache Tomcat up to 7.0.75/8.0.41/8.5.11/9.0.0.M17 Application Listener privilege escalation
16915| [99570] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP Connector Cache information disclosure
16916| [99569] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 HTTP/2 GOAWAY Frame Resource Exhaustion denial of service
16917| [99568] Apache Tomcat up to 6.0.52/7.0.76/8.0.42/8.5.12/9.0.0.M18 Pipelined Request information disclosure
16918| [99048] Apache Ambari up to 2.3.x REST API Shell Metacharacter privilege escalation
16919| [99014] Apache Camel Jackson/JacksonXML privilege escalation
16920| [98610] Apple macOS up to 10.12.3 apache_mod_php memory corruption
16921| [98609] Apple macOS up to 10.12.3 apache_mod_php denial of service
16922| [98608] Apple macOS up to 10.12.3 apache_mod_php memory corruption
16923| [98607] Apple macOS up to 10.12.3 apache_mod_php denial of service
16924| [98606] Apple macOS up to 10.12.3 apache_mod_php denial of service
16925| [98605] Apple macOS up to 10.12.3 Apache denial of service
16926| [98604] Apple macOS up to 10.12.3 Apache denial of service
16927| [98603] Apple macOS up to 10.12.3 Apache denial of service
16928| [98602] Apple macOS up to 10.12.3 Apache denial of service
16929| [98601] Apple macOS up to 10.12.3 Apache denial of service
16930| [98517] Apache POI up to 3.14 OOXML File XXE denial of service
16931| [98405] Apache Hadoop up to 0.23.10 privilege escalation
16932| [98199] Apache Camel Validation XML External Entity
16933| [97892] Apache Tomcat up to 9.0.0.M15 Reverse-Proxy Http11InputBuffer.java information disclosure
16934| [97617] Apache Camel camel-snakeyaml Deserialization privilege escalation
16935| [97602] Apache Camel camel-jackson/camel-jacksonxml CamelJacksonUnmarshalType privilege escalation
16936| [97732] Apache Struts up to 2.3.31/2.5.10 Jakarta Multipart Parser Content-Type privilege escalation
16937| [97466] mod_auth_openidc up to 2.1.5 on Apache weak authentication
16938| [97455] mod_auth_openidc up to 2.1.4 on Apache weak authentication
16939| [97081] Apache Tomcat HTTPS Request denial of service
16940| [97162] EMC OpenText Documentum D2 BeanShell/Apache Commons privilege escalation
16941| [96949] Hanwha Techwin Smart Security Manager up to 1.5 Redis/Apache Felix Gogo privilege escalation
16942| [96314] Apache Cordova up to 6.1.1 on Android weak authentication
16943| [95945] Apple macOS up to 10.12.2 apache_mod_php denial of service
16944| [95944] Apple macOS up to 10.12.2 apache_mod_php denial of service
16945| [95943] Apple macOS up to 10.12.2 apache_mod_php memory corruption
16946| [95666] Oracle FLEXCUBE Direct Banking 12.0.0/12.0.1/12.0.2/12.0.3 Apache Commons Collections privilege escalation
16947| [95455] Apache NiFi up to 1.0.0/1.1.0 Connection Details Dialogue cross site scripting
16948| [95311] Apache Storm UI Daemon privilege escalation
16949| [95291] ZoneMinder 1.30.0 Apache httpd privilege escalation
16950| [94800] Apache Wicket up to 1.5.16/6.24.x Deserialize DiskFileItem denial of service
16951| [94705] Apache Qpid Broker for Java up to 6.1.0 SCRAM-SHA-1/SCRAM-SHA-256 User information disclosure
16952| [94627] Apache HTTP Server up to 2.4.24 mod_auth_digest Crash denial of service
16953| [94626] Apache HTTP Server up to 2.4.24 mod_session_crypto Padding weak encryption
16954| [94625] Apache HTTP Server up to 2.4.24 Response Split privilege escalation
16955| [94540] Apache Tika 1.9 tika-server File information disclosure
16956| [94600] Apache ActiveMQ up to 5.14.1 Administration Console cross site scripting
16957| [94348] Apple macOS up to 10.12.1 apache_mod_php denial of service
16958| [94347] Apple macOS up to 10.12.1 apache_mod_php denial of service
16959| [94346] Apple macOS up to 10.12.1 apache_mod_php denial of service
16960| [94345] Apple macOS up to 10.12.1 apache_mod_php denial of service
16961| [94344] Apple macOS up to 10.12.1 apache_mod_php denial of service
16962| [94343] Apple macOS up to 10.12.1 apache_mod_php memory corruption
16963| [94342] Apple macOS up to 10.12.1 apache_mod_php memory corruption
16964| [94128] Apache Tomcat up to 9.0.0.M13 Error information disclosure
16965| [93958] Apache HTTP Server up to 2.4.23 mod_http2 h2_stream.c denial of service
16966| [93874] Apache Subversion up to 1.8.16/1.9.4 mod_dontdothat XXE denial of service
16967| [93855] Apache Hadoop up to 2.6.4/2.7.2 HDFS Service privilege escalation
16968| [93609] Apache OpenMeetings 3.1.0 RMI Registry privilege escalation
16969| [93555] Apache Tika 1.6-1.13 jmatio MATLAB File privilege escalation
16970| [93799] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
16971| [93798] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 JmxRemoteLifecycleListener privilege escalation
16972| [93797] Apache Tomcat up to 6.0.47/7.0.72/8.0.38/8.5.6/9.0.0.M11 HTTP Split privilege escalation
16973| [93796] Apache Tomcat up to 8.5.6/9.0.0.M11 HTTP/2 Header Parser denial of service
16974| [93532] Apache Commons Collections Library Java privilege escalation
16975| [93210] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 ResourceLinkFactory privilege escalation
16976| [93209] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Realm Authentication User information disclosure
16977| [93208] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 System Property Replacement information disclosure
16978| [93207] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Utility Method privilege escalation
16979| [93206] Apache Tomcat up to 6.0.45/7.0.70/8.0.36/8.5.4/9.0.0.M9 Configuration privilege escalation
16980| [93098] Apache Commons FileUpload privilege escalation
16981| [92987] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Commons Collection memory corruption
16982| [92986] Oracle Virtual Desktop Infrastructure up to 3.5.2 Apache Tomcat memory corruption
16983| [92982] Oracle Insurance IStream 4.3.2 Apache Commons Collections memory corruption
16984| [92981] Oracle Financial Services Lending and Leasing 14.1.0/14.2.0 Apache Commons Collections memory corruption
16985| [92979] Oracle up to 8.0.3 Apache Commons Collections memory corruption
16986| [92977] Oracle FLEXCUBE Universal Banking up to 12.2.0 Apache Commons Collections memory corruption
16987| [92976] Oracle FLEXCUBE Universal Banking 12.87.1/12.87.2 Apache Commons Collections memory corruption
16988| [92975] Oracle FLEXCUBE Private Banking up to 12.1.0 Apache Commons Collections memory corruption
16989| [92974] Oracle FLEXCUBE Investor Servicing 12.0.1 Apache Commons Collections memory corruption
16990| [92973] Oracle 12.0.0/12.1.0 Apache Commons Collections memory corruption
16991| [92972] Oracle FLEXCUBE Core Banking 11.5.0.0.0/11.6.0.0.0 Apache Commons Collections memory corruption
16992| [92962] Oracle Agile PLM 9.3.4/9.3.5 Apache Commons Collections memory corruption
16993| [92909] Oracle Agile PLM 9.3.4/9.3.5 Apache Tomcat unknown vulnerability
16994| [92786] Oracle Banking Digital Experience 15.1 Apache Commons Collections information disclosure
16995| [92549] Apache Tomcat on Red Hat privilege escalation
16996| [92509] Apache Tomcat JK ISAPI Connector up to 1.2.41 jk_uri_worker_map.c memory corruption
16997| [92314] Apache MyFaces Trinidad up to 1.0.13/1.2.15/2.0.1/2.1.1 CoreResponseStateManager memory corruption
16998| [92313] Apache Struts2 up to 2.3.28/2.5.0 Action Name Cleanup cross site request forgery
16999| [92299] Apache Derby up to 10.12.1.0 SqlXmlUtil XML External Entity
17000| [92217] Apache ActiveMQ Artemis up to 1.3.x Broker/REST GetObject privilege escalation
17001| [92174] Apache Ranger up to 0.6.0 Policy cross site scripting
17002| [91831] Apache Jackrabbit up to 2.13.2 HTTP Header cross site request forgery
17003| [91825] Apache Zookeeper up to 3.4.8/3.5.2 C CLI Shell memory corruption
17004| [91818] Apache CXF Fediz up to 1.2.2/1.3.0 Application Plugin privilege escalation
17005| [92056] Apple macOS up to 10.11 apache_mod_php memory corruption
17006| [92055] Apple macOS up to 10.11 apache_mod_php memory corruption
17007| [92054] Apple macOS up to 10.11 apache_mod_php denial of service
17008| [92053] Apple macOS up to 10.11 apache_mod_php denial of service
17009| [92052] Apple macOS up to 10.11 apache_mod_php denial of service
17010| [92051] Apple macOS up to 10.11 apache_mod_php memory corruption
17011| [92050] Apple macOS up to 10.11 apache_mod_php denial of service
17012| [92049] Apple macOS up to 10.11 apache_mod_php memory corruption
17013| [92048] Apple macOS up to 10.11 apache_mod_php denial of service
17014| [92047] Apple macOS up to 10.11 apache_mod_php memory corruption
17015| [92046] Apple macOS up to 10.11 apache_mod_php memory corruption
17016| [92045] Apple macOS up to 10.11 apache_mod_php memory corruption
17017| [92044] Apple macOS up to 10.11 apache_mod_php memory corruption
17018| [92043] Apple macOS up to 10.11 apache_mod_php denial of service
17019| [92042] Apple macOS up to 10.11 apache_mod_php memory corruption
17020| [92041] Apple macOS up to 10.11 apache_mod_php memory corruption
17021| [92040] Apple macOS up to 10.11 Apache Proxy privilege escalation
17022| [91785] Apache Shiro up to 1.3.1 Servlet Filter privilege escalation
17023| [90879] Apache OpenMeetings up to 3.1.1 SWF Panel cross site scripting
17024| [90878] Apache Sentry up to 1.6.x Blacklist Filter reflect/reflect2/java_method privilege escalation
17025| [90610] Apache POI up to 3.13 XLSX2CSV Example OpenXML Document XML External Entity
17026| [90584] Apache ActiveMQ up to 5.11.3/5.12.2/5.13/1 Administration Web Console privilege escalation
17027| [90385] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site scripting
17028| [90384] Apache Archiva up to 1.3.9 addProxyConnector_commit.action cross site request forgery
17029| [90383] Apache OpenOffice up to 4.1.2 Impress File memory corruption
17030| [89670] Apache Tomcat up to 8.5.4 CGI Servlet Environment Variable Open Redirect
17031| [89669] Apache HTTP Server up to 2.4.23 RFC 3875 Namespace Conflict Environment Variable Open Redirect
17032| [89726] Apple Mac OS X up to 10.11.5 apache_mod_php memory corruption
17033| [89484] Apache Qpid up to 0.13.0 on Windows Proton Library Certificate weak authentication
17034| [89473] HPE iMC PLAT/EAD/APM/iMC NTA/iMC BIMS/iMC UAM_TAM up to 7.2 Apache Commons Collections Library Command privilege escalation
17035| [90263] Apache Archiva Header denial of service
17036| [90262] Apache Archiva Deserialize privilege escalation
17037| [90261] Apache Archiva XML DTD Connection privilege escalation
17038| [88827] Apache Xerces-C++ up to 3.1.3 DTD Stack-Based memory corruption
17039| [88747] Apache HTTP Server 2.4.17/2.4.18 mod_http2 denial of service
17040| [88608] Apache Struts up to 2.3.28.1/2.5.0 URLValidator Null Value denial of service
17041| [88607] Apache Struts up to 2.3.28.1 REST Plugin Expression privilege escalation
17042| [88606] Apache Struts up to 2.3.28.1 Restriction privilege escalation
17043| [88605] Apache Struts up to 2.3.28.1 Restriction privilege escalation
17044| [88604] Apache Struts up to 2.3.28.1 Token Validator cross site request forgery
17045| [88603] Apache Commons FileUpload up to 1.3.1 MultipartStream denial of service
17046| [88602] Apache Struts up to 1.3.10 ActionServlet.java cross site scripting
17047| [88601] Apache Struts up to 1.3.10 Multithreading ActionServlet.java memory corruption
17048| [88600] Apache Struts up to 1.3.10 MultiPageValidator privilege escalation
17049| [89005] Apache Qpid AMQP JMS Client getObject privilege escalation
17050| [87888] Apache Ranger up to 0.5.2 Policy Admin Tool eventTime sql injection
17051| [87835] Apache CloudStack up to 4.5.2.0/4.6.2.0/4.7.1.0/4.8.0.0 SAML-based Authentication privilege escalation
17052| [87806] HPE Discovery and Dependency Mapping Inventory up to 9.32 update 3 Apache Commons Collections Library privilege escalation
17053| [87805] HPE Universal CMDB up to 10.21 Apache Commons Collections Library privilege escalation
17054| [87768] Apache Shiro up to 1.2.4 Cipher Key privilege escalation
17055| [87765] Apache James Server 2.3.2 Command privilege escalation
17056| [88667] Apache HTTP Server up to 2.4.20 mod_http2 Certificate weak authentication
17057| [87718] Apache Struts up to 2.3.24.1 OGNL Caching denial of service
17058| [87717] Apache Struts up to 2.3.28 REST Plugin privilege escalation
17059| [87706] Apache Qpid Java up to 6.0.2 AMQP privilege escalation
17060| [87703] Apache Qbid Java up to 6.0.2 PlainSaslServer.java denial of service
17061| [87702] Apache ActiveMQ up to 5.13.x Fileserver Web Application Upload privilege escalation
17062| [87700] Apache PDFbox up to 1.8.11/2.0.0 XML Parser PDF Document XML External Entity
17063| [87679] HP Release Control 9.13/9.20/9.21 Apache Commons Collections Library Java Object privilege escalation
17064| [87540] Apache Ambari up to 2.2.0 File Browser View information disclosure
17065| [87433] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
17066| [87432] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
17067| [87431] Apple Mac OS X up to 10.11.4 apache_mod_php Format String
17068| [87430] Apple Mac OS X up to 10.11.4 apache_mod_php denial of service
17069| [87429] Apple Mac OS X up to 10.11.4 apache_mod_php information disclosure
17070| [87428] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
17071| [87427] Apple Mac OS X up to 10.11.4 apache_mod_php memory corruption
17072| [87389] Apache Xerces C++ up to 3.1.3 XML Document DTDScanner.cpp memory corruption
17073| [87172] Adobe ColdFusion 11 Update 7/2016/up to 10 Update 18 Apache Commons Collections Library privilege escalation
17074| [87121] Apache Cordova iOS up to 3.x Plugin privilege escalation
17075| [87120] Apache Cordova iOS up to 3.x URL Whitelist privilege escalation
17076| [83806] HPE Network Node Manager i up to 10.01 Apache Commons Collections Library privilege escalation
17077| [83077] Apache Subversion up to 1.8.15/1.9.3 mod_authz_svn mod_authz_svn.c denial of service
17078| [83076] Apache Subversion up to 1.8.15/1.9.3 svnserve svnserve/cyrus_auth.c privilege escalation
17079| [82790] Apache Struts 2.0.0/2.3.24/2.3.28 Dynamic Method privilege escalation
17080| [82789] Apache Struts 2.0.0/2.3.24/2.3.28 XSLTResult privilege escalation
17081| [82725] HPE P9000 Command View up to 7.x/8.4.0 Apache Commons Collections Library privilege escalation
17082| [82444] Apache Camel up to 2.14.x/2.15.4/2.16.0 HTTP Request privilege escalation
17083| [82389] Apache Subversion up to 1.7.x/1.8.14/1.9.2 mod_dav_svn util.c memory corruption
17084| [82280] Apache Struts up to 1.7 JRE URLDecoder cross site scripting
17085| [82260] Apache OFBiz up to 12.04.05/13.07.02 Java Object privilege escalation
17086| [82259] Apache Qpid Proton up to 0.12.0 proton.reactor.Connector weak encryption
17087| [82250] Apache Ranger up to 0.5.0 Admin UI weak authentication
17088| [82214] Apache Wicket up to 1.5.14/6.21.x/7.1.x Input Element cross site scripting
17089| [82213] Apache Wicket up to 1.5.14/6.21.x/7.1.x ModalWindow Title getWindowOpenJavaScript cross site scripting
17090| [82212] Apache Ranger up to 0.5.0 Policy Admin Tool privilege escalation
17091| [82211] Apache OFBiz up to 12.04.06/13.07.02 ModelFormField.java DisplayEntityField.getDescription cross site scripting
17092| [82082] Apache JetSpeed up to 2.3.0 User Manager Service privilege escalation
17093| [82081] Apache OpenMeetings up to 3.1.0 SOAP API information disclosure
17094| [82080] Apache OpenMeetings up to 3.1.0 Event cross site scripting
17095| [82078] Apache OpenMeetings up to 3.1.0 Import/Export System Backup ZIP Archive directory traversal
17096| [82077] Apache OpenMeetings up to 3.1.0 Password Reset sendHashByUser privilege escalation
17097| [82076] Apache Ranger up to 0.5.1 privilege escalation
17098| [82075] Apache JetSpeed up to 2.3.0 Portal cross site scripting
17099| [82074] Apache JetSpeed up to 2.3.0 cross site scripting
17100| [82073] Apache JetSpeed up to 2.3.0 User Manager Service sql injection
17101| [82072] Apache JetSpeed up to 2.3.0 Portal Site Manager ZIP Archive directory traversal
17102| [82058] Apache LDAP Studio/Directory Studio up to 2.0.0-M9 CSV Export privilege escalation
17103| [82053] Apache Ranger up to 0.4.x Policy Admin Tool privilege escalation
17104| [82052] Apache Ranger up to 0.4.x Policy Admin Tool HTTP Request cross site scripting
17105| [81696] Apache ActiveMQ up to 5.13.1 HTTP Header privilege escalation
17106| [81695] Apache Xerces-C up to 3.1.2 internal/XMLReader.cpp memory corruption
17107| [81622] HPE Asset Manager 9.40/9.41/9.50 Apache Commons Collections Library Java Object privilege escalation
17108| [81406] HPE Service Manager up to 9.35 P3/9.41 P1 Apache Commons Collections Library Command privilege escalation
17109| [81405] HPE Operations Orchestration up to 10.50 Apache Commons Collections Library Command privilege escalation
17110| [81427] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
17111| [81426] Apple Mac OS X up to 10.11.3 apache_mod_php PNG File memory corruption
17112| [81372] Apache Struts up to 2.3.24.1 I18NInterceptor cross site scripting
17113| [81371] Apache Struts up to 2.3.24.1 Double OGNL Evaluation privilege escalation
17114| [81370] Apache Struts up to 2.3.24.1 Java URLDecoder cross site scripting
17115| [81084] Apache Tomcat 6.0/7.0/8.0/9.0 ServletContext directory traversal
17116| [81083] Apache Tomcat 7.0/8.0/9.0 Index Page cross site request forgery
17117| [81082] Apache Tomcat 7.0/8.0/9.0 ResourceLinkFactory.setGlobalContext privilege escalation
17118| [81081] Apache Tomcat 6.0/7.0/8.0/9.0 Error information disclosure
17119| [81080] Apache Tomcat 6.0/7.0/8.0/9.0 Session Persistence privilege escalation
17120| [81079] Apache Tomcat 6.0/7.0/8.0/9.0 StatusManagerServlet information disclosure
17121| [81078] Apache Tomcat 7.0/8.0/9.0 Session privilege escalation
17122| [80970] Apache Solr up to 5.3.0 Admin UI plugins.js cross site scripting
17123| [80969] Apache Solr up to 5.2 Schema schema-browser.js cross site scripting
17124| [80968] Apache Solr up to 5.0 analysis.js cross site scripting
17125| [80940] HP Continuous Delivery Automation 1.30 Apache Commons Collections Library privilege escalation
17126| [80823] Apache CloudStack up to 4.5.1 KVM Virtual Machine Migration privilege escalation
17127| [80822] Apache CloudStack up to 4.5.1 API Call information disclosure
17128| [80778] Apache Camel up to 2.15.4/2.16.0 camel-xstream privilege escalation
17129| [80750] HPE Operations Manager 8.x/9.0 on Windows Apache Commons Collections Library privilege escalation
17130| [80724] Apache Hive up to 1.2.1 Authorization Framework privilege escalation
17131| [80577] Oracle Secure Global Desktop 4.63/4.71/5.2 Apache HTTP Server denial of service
17132| [80165] Intel McAfee ePolicy Orchestrator up to 4.6.9/5.0.3/5.3.1 Apache Commons Collections Library privilege escalation
17133| [80116] Apache Subversion up to 1.9.2 svn Protocol libsvn_ra_svn/marshal.c read_string memory corruption
17134| [80115] Apache ActiveMQ up to 5.12.x Broker Service privilege escalation
17135| [80036] IBM Cognos Business Intelligence Apache Commons Collections Library InvokerTransformer privilege escalation
17136| [79873] VMware vCenter Operations/vRealize Orchestrator Apache Commons Collections Library Serialized Java Object privilege escalation
17137| [79840] Apache Cordova File Transfer Plugin up to 1.2.x on Android unknown vulnerability
17138| [79839] Apache TomEE Serialized Java Stream EjbObjectInputStream privilege escalation
17139| [79791] Cisco Products Apache Commons Collections Library privilege escalation
17140| [79539] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
17141| [79538] Apple Mac OS X up to 10.11.1 apache_mod_php memory corruption
17142| [79294] Apache Cordova-Android up to 3.6 BridgeSecret Random Generator weak encryption
17143| [79291] Apache Cordova-Android up to 4.0 Javascript Whitelist privilege escalation
17144| [79244] Apache CXF up to 2.7.17/3.0.7/3.1.2 SAML Web SSO Module SAML Response weak authentication
17145| [79243] Oracle WebLogic Server 10.3.6.0/12.1.2.0/12.1.3.0/12.2.1.0 WLS Security com.bea.core.apache.commons.collections.jar privilege escalation
17146| [78989] Apache Ambari up to 2.1.1 Open Redirect
17147| [78988] Apache Ambari up to 2.0.1/2.1.0 Password privilege escalation
17148| [78987] Apache Ambari up to 2.0.x cross site scripting
17149| [78986] Apache Ambari up to 2.0.x Proxy Endpoint api/v1/proxy privilege escalation
17150| [78780] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
17151| [78779] Apple Mac OS X up to 10.11.0 apache_mod_php denial of service
17152| [78778] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
17153| [78777] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
17154| [78776] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
17155| [78775] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
17156| [78774] Apple Mac OS X up to 10.11.0 apache_mod_php memory corruption
17157| [78297] Apache Commons Components HttpClient up to 4.3.5 HTTPS Timeout denial of service
17158| [77406] Apache Flex BlazeDS AMF Message XML External Entity
17159| [77429] Apache ActiveMQ up to 5.10.0 LDAPLoginModule privilege escalation
17160| [77399] Apache ActiveMQ up to 5.10.0 LDAPLoginModule weak authentication
17161| [77375] Apache Tapestry up to 5.3.5 Client-Side Object Storage privilege escalation
17162| [77331] Apache ActiveMQ up to 5.11.1 on Windows Fileserver Upload/Download directory traversal
17163| [77299] Apache Solr Real-Time Module up to 7.x-1.1 Index Content information disclosure
17164| [77247] Apache ActiveMQ up to 5.10 TransportConnection.java processControlCommand denial of service
17165| [77083] Apache Groovy up to 2.4.3 MethodClosure.java MethodClosure memory corruption
17166| [76953] Apache Subversion 1.7.0/1.8.0/1.8.10 svn_repos_trace_node_locations information disclosure
17167| [76952] Apache Subversion 1.7.0/1.8.0/1.8.10 mod_authz_svn anonymous/authenticated information disclosure
17168| [76567] Apache Struts 2.3.20 unknown vulnerability
17169| [76733] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 ap_some_auth_required unknown vulnerability
17170| [76732] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 Request apr_brigade_flatten privilege escalation
17171| [76731] Apache HTTP Server 2.4.12 ErrorDocument 400 Crash denial of service
17172| [75690] Apache Camel up to 2.13.3/2.14.1 XPathBuilder.java XML External Entity
17173| [75689] Apache Camel up to 2.13.3/2.14.1 XML Converter Setup XmlConverter.java SAXSource privilege escalation
17174| [75668] Apache Sling API/Sling Servlets Post up to 2.2.1 HtmlResponse cross site scripting
17175| [75601] Apache Jackrabbit up to 2.10.0 WebDAV Request XML External Entity
17176| [75420] Apache Tomcat up to 6.0.43/7.0.58/8.0.16 Security Manager privilege escalation
17177| [75145] Apache OpenOffice up to 4.1.1 HWP Filter Crash denial of service
17178| [75032] Apache Tomcat Connectors up to 1.2.40 mod_jk privilege escalation
17179| [75135] PHP 5.4/5.5 HTTP Request sapi_apache2.c apache2handler privilege escalation
17180| [74793] Apache Tomcat File Upload denial of service
17181| [74708] Apple MacOS X up to 10.10.2 Apache denial of service
17182| [74707] Apple MacOS X up to 10.10.2 Apache denial of service
17183| [74706] Apple MacOS X up to 10.10.2 Apache memory corruption
17184| [74705] Apple MacOS X up to 10.10.2 Apache denial of service
17185| [74704] Apple MacOS X up to 10.10.2 Apache denial of service
17186| [74703] Apple MacOS X up to 10.10.2 Apache denial of service
17187| [74702] Apple MacOS X up to 10.10.2 Apache denial of service
17188| [74701] Apple MacOS X up to 10.10.2 Apache cross site request forgery
17189| [74700] Apple MacOS X up to 10.10.2 Apache unknown vulnerability
17190| [74661] Apache Flex up to 4.14.0 asdoc index.html cross site scripting
17191| [74609] Apache Cassandra up to 1.2.19/2.0.13/2.1.3 JMX/RMI Interface privilege escalation
17192| [74469] Apache Xerces-C up to 7.0 internal/XMLReader.cpp denial of service
17193| [74468] Apache Batik up to 1.6 denial of service
17194| [74414] Apache Mod-gnutls up to 0.5.1 Authentication spoofing
17195| [74371] Apache Standard Taglibs up to 1.2.0 memory corruption
17196| [74367] Apache HTTP Server up to 2.4.12 mod_lua lua_request.c wsupgrade denial of service
17197| [74174] Apache WSS4J up to 2.0.0 privilege escalation
17198| [74172] Apache ActiveMQ up to 5.5.0 Administration Console cross site scripting
17199| [69092] Apache Tomcat up to 6.0.42/7.0.54/8.0.8 HTTP Request Smuggling privilege escalation
17200| [73831] Apache Qpid up to 0.30 Access Restriction unknown vulnerability
17201| [73731] Apache XML Security unknown vulnerability
17202| [68660] Oracle BI Publisher 10.1.3.4.2/11.1.1.7 Apache Tomcat cross site scripting
17203| [73659] Apache CloudStack up to 4.3.0 Stack-Based unknown vulnerability
17204| [73593] Apache Traffic Server up to 5.1.0 denial of service
17205| [73511] Apache POI up to 3.10 Deadlock denial of service
17206| [73510] Apache Solr up to 4.3.0 cross site scripting
17207| [68447] Apache Subversion up to 1.7.18/1.8.10 mod_dav_svn Crash denial of service
17208| [68446] Apache Subversion up to 1.7.18/1.8.10 REPORT Request Crash denial of service
17209| [73173] Apache CloudStack Stack-Based unknown vulnerability
17210| [68357] Apache Struts up to 2.3.16.3 Random Number Generator cross site request forgery
17211| [73106] Apache Hadoop up to 2.4.0 Symlink privilege escalation
17212| [68575] Apache HTTP Server up to 2.4.10 LuaAuthzProvider mod_lua.c privilege escalation
17213| [72890] Apache Qpid 0.30 unknown vulnerability
17214| [72887] Apache Hive 0.13.0 File Permission privilege escalation
17215| [72878] Apache Cordova 3.5.0 cross site request forgery
17216| [72877] Apache Cordova 3.5.0 cross site request forgery
17217| [72876] Apache Cordova 3.5.0 cross site request forgery
17218| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
17219| [68065] Apache CXF up to 3.0.1 JAX-RS SAML denial of service
17220| [68064] Apache CXF up to 3.0.0 SAML Token denial of service
17221| [67913] Oracle Retail Markdown Optimization 12.0/13.0/13.1/13.2/13.4 Apache commons-beanutils-1.8.0.jar memory corruption
17222| [67912] Oracle Retail Invoice Matching up to 14.0 Apache commons-beanutils-1.8.0.jar memory corruption
17223| [67911] Oracle Retail Clearance Optimization Engine 13.3/13.4/14.0 Apache commons-beanutils-1.8.0.jar memory corruption
17224| [67910] Oracle Retail Allocation up to 13.2 Apache commons-beanutils-1.8.0.jar memory corruption
17225| [71835] Apache Shiro 1.0.0/1.1.0/1.2.0/1.2.1/1.2.2 unknown vulnerability
17226| [71633] Apachefriends XAMPP 1.8.1 cross site scripting
17227| [71629] Apache Axis2/C spoofing
17228| [67633] Apple Mac OS X up to 10.9.4 apache_mod_php ext/standard/dns.c dns_get_record memory corruption
17229| [67631] Apple Mac OS X up to 10.9.4 apache_mod_php Symlink memory corruption
17230| [67630] Apple Mac OS X up to 10.9.4 apache_mod_php cdf_read_property_info denial of service
17231| [67629] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_count_chain denial of service
17232| [67628] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_check_stream_offset denial of service
17233| [67627] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c mconvert memory corruption
17234| [67626] Apple Mac OS X up to 10.9.4 apache_mod_php softmagic.c denial of service
17235| [67625] Apple Mac OS X up to 10.9.4 apache_mod_php Crash denial of service
17236| [67624] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_property_info denial of service
17237| [67623] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_unpack_summary_info denial of service
17238| [67622] Apple Mac OS X up to 10.9.4 apache_mod_php cdf.c cdf_read_short_sector denial of service
17239| [67620] Apple Mac OS X up to 10.9.4 apache_mod_php magic/Magdir/commands denial of service
17240| [67790] Apache HTTP Server mod_cache NULL Pointer Dereference denial of service
17241| [67522] Apache Tomcat up to 7.0.39 JSP Upload privilege escalation
17242| [70809] Apache POI up to 3.11 Crash denial of service
17243| [70808] Apache POI up to 3.10 unknown vulnerability
17244| [70806] Apache Commons-httpclient 4.2/4.2.1/4.2.2 spoofing
17245| [70749] Apache Axis up to 1.4 getCN spoofing
17246| [70701] Apache Traffic Server up to 3.3.5 denial of service
17247| [70700] Apache OFBiz up to 12.04.03 cross site scripting
17248| [67402] Apache OpenOffice 4.0.0/4.0.1/4.1.0 Calc privilege escalation
17249| [67401] Apache OpenOffice up to 4.1.0 OLE Object information disclosure
17250| [70661] Apache Subversion up to 1.6.17 denial of service
17251| [70660] Apache Subversion up to 1.6.17 spoofing
17252| [70659] Apache Subversion up to 1.6.17 spoofing
17253| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
17254| [67180] Apache HTTP Server up to 2.4.9 WinNT MPM Memory Leak denial of service
17255| [67185] Apache HTTP Server up to 2.4.9 mod_status Heap-Based memory corruption
17256| [67184] Apache HTTP Server 2.4.5/2.4.6 mod_cache NULL Pointer Dereference denial of service
17257| [67182] Apache HTTP Server up to 2.4.9 mod_deflate Memory Consumption denial of service
17258| [67181] Apache HTTP Server up to 2.4.9 mod_cgid denial of service
17259| [70338] Apache Syncope up to 1.1.7 unknown vulnerability
17260| [70295] Apache CXF up to 2.7.9 Cleartext information disclosure
17261| [70106] Apache Open For Business Project up to 10.04.0 getServerError cross site scripting
17262| [70105] Apache MyFaces up to 2.1.5 JavaServer Faces directory traversal
17263| [69846] Apache HBase up to 0.94.8 information disclosure
17264| [69783] Apache CouchDB up to 1.2.0 memory corruption
17265| [13383] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 XML Parser privilege escalation
17266| [13300] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi setuid privilege escalation
17267| [13299] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi Content-Type Header information disclosure
17268| [13164] Apache CXF up to 2.6.13/2.7.10 SOAP OutgoingChainInterceptor.java Invalid Content denial of service
17269| [13163] Apache CXF up to 2.6.13/2.7.10 SOAP HTML Content denial of service
17270| [13158] Apache Struts up to 2.3.16.2 ParametersInterceptor getClass privilege escalation
17271| [69515] Apache Struts up to 2.3.15.0 CookieInterceptor memory corruption
17272| [13086] Apache Struts up to 1.3.10 Class Loader privilege escalation
17273| [13067] Apache Struts up to 2.3.16.1 Class Loader privilege escalation
17274| [69431] Apache Archiva up to 1.3.6 cross site scripting
17275| [69385] Apache Syncope up to 1.1.6 unknown vulnerability
17276| [69338] Apache Xalan-Java up to 2.7.1 system-property unknown vulnerability
17277| [12742] Trustwave ModSecurity up to 2.7.5 Chunk Extension apache2/modsecurity.c modsecurity_tx_init privilege escalation
17278| [12741] Trustwave ModSecurity up to 2.7.6 Chunked HTTP Transfer apache2/modsecurity.c modsecurity_tx_init Trailing Header privilege escalation
17279| [13387] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Content-Length Header privilege escalation
17280| [13386] Apache Tomcat Security Manager up to 6.0.39/7.0.53/8.0.5 XSLT privilege escalation
17281| [13385] Apache Tomcat 8.0.0/8.0.1/8.0.3 AJP Request Zero Length denial of service
17282| [13384] Apache Tomcat up to 6.0.39/7.0.53/8.0.5 Chunked HTTP Request denial of service
17283| [12748] Apache CouchDB 1.5.0 UUIDS /_uuids denial of service
17284| [66739] Apache Camel up to 2.12.2 unknown vulnerability
17285| [66738] Apache Camel up to 2.12.2 unknown vulnerability
17286| [12667] Apache HTTP Server 2.4.7 mod_log_config.c log_cookie denial of service
17287| [66695] Apache CouchDB up to 1.2.0 cross site scripting
17288| [66694] Apache CouchDB up to 1.2.0 Partition partition2 directory traversal
17289| [66689] Apache HTTP Server up to 2.0.33 mod_dav dav_xml_get_cdata denial of service
17290| [12518] Apache Tomcat up to 6.0.38/7.0.49/8.0.0-RC9 HTTP Header denial of service
17291| [66498] Apache expressions up to 3.3.0 Whitelist unknown vulnerability
17292| [12781] Apache Struts up to 2.3.8 ParametersInterceptor getClass denial of service
17293| [12439] Apache Tomcat 6.0.33 XML XXE information disclosure
17294| [12438] Apache Tomcat 6.0.33/6.0.34/6.0.35/6.0.36/6.0.37 coyoteadapter.java disableURLRewriting privilege escalation
17295| [66356] Apache Wicket up to 6.8.0 information disclosure
17296| [12209] Apache Tomcat 7.0.0/7.0.50/8.0.0-RC1/8.0.1 Content-Type Header for Multi-Part Request Infinite Loop denial of service
17297| [66322] Apache ActiveMQ up to 5.8.0 cross site scripting
17298| [12291] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
17299| [66255] Apache Open For Business Project up to 10.04.3 cross site scripting
17300| [66200] Apache Hadoop up to 2.0.5 Security Feature information disclosure
17301| [66072] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
17302| [66068] Apache CloudStack up to 4.2.0 Stack-Based unknown vulnerability
17303| [11928] Oracle Secure Global Desktop up to 4.71 Apache Tomcat unknown vulnerability
17304| [11924] Oracle Secure Global Desktop up to 4.63 Apache Tomcat denial of service
17305| [11922] Oracle Secure Global Desktop up to 4.63 Apache Tomcat unknown vulnerability
17306| [66049] Apache XML Security for Java up to 1.4.6 Memory Consumption denial of service
17307| [12199] Apache Subversion up to 1.8.5 mod_dav_svn/repos.c get_resource denial of service
17308| [65946] askapache Firefox Adsense up to 3.0 askapache-firefox-adsense.php cross site request forgery
17309| [65668] Apache Solr 4.0.0 Updater denial of service
17310| [65665] Apache Solr up to 4.3.0 denial of service
17311| [65664] Apache Solr 3.6.0/3.6.1/3.6.2/4.0.0 Updater denial of service
17312| [65663] Apache Solr up to 4.5.1 ResourceLoader directory traversal
17313| [65658] Apache roller 4.0/4.0.1/5.0/5.0.1 unknown vulnerability
17314| [65657] Apache Roller 4.0/4.0.1/5.0/5.0.1 cross site scripting
17315| [11325] Apache Subversion 1.7.13 mod_dontdothat Bypass denial of service
17316| [11324] Apache Subversion up to 1.8.4 mod_dav_svn denial of service
17317| [11098] Apache Tomcat 5.5.25 HTTP Request cross site request forgery
17318| [65410] Apache Struts 2.3.15.3 cross site scripting
17319| [65386] Apache Solr up to 2.2.1 on TYPO3 cross site scripting
17320| [65385] Apache Solr up to 2.2.1 on TYPO3 unknown vulnerability
17321| [11044] Apache Struts 2.3.15.3 showConfig.action cross site scripting
17322| [11043] Apache Struts 2.3.15.3 actionNames.action cross site scripting
17323| [11018] cPanel WHM up to 11.40.0.11 Apache mod_userdir Tweak Interface privilege escalation
17324| [65342] Apache Sling 1.0.2/1.0.4/1.0.6/1.1.0/1.1.2 Auth Core cross site scripting
17325| [65340] Apache Shindig 2.5.0 information disclosure
17326| [65316] Apache Mod Fcgid up to 2.3.7 mod_fcgid fcgid_bucket.c fcgid_header_bucket_read memory corruption
17327| [65313] Apache Sling 2.2.0/2.3.0 AbstractCreateOperation.java deepGetOrCreateNode denial of service
17328| [10826] Apache Struts 2 File privilege escalation
17329| [65204] Apache Camel up to 2.10.1 unknown vulnerability
17330| [10460] Apache Struts 2.0.0/2.3.15.1 Action Mapping Mechanism Bypass privilege escalation
17331| [10459] Apache Struts 2.0.0/2.3.15 Dynamic Method Invocation unknown vulnerability
17332| [10160] Apache Subversion 1.8.0/1.8.1/1.8.2 svnwcsub.py handle_options race condition
17333| [10159] Apache Subversion up to 1.8.2 svnserve write_pid_file race condition
17334| [10158] Apache Subversion 1.8.0/1.8.1/1.8.2 daemonize.py daemon::daemonize race condition
17335| [10157] Apache Subversion up to 1.8.1 FSFS Repository Symlink privilege escalation
17336| [64808] Fail2ban up to 0.8.9 apache-auth.conf denial of service
17337| [64760] Best Practical RT up to 4.0.12 Apache::Session::File information disclosure
17338| [64722] Apache XML Security for C++ Heap-based memory corruption
17339| [64719] Apache XML Security for C++ Heap-based memory corruption
17340| [64718] Apache XML Security for C++ verify denial of service
17341| [64717] Apache XML Security for C++ getURIBaseTXFM memory corruption
17342| [64716] Apache XML Security for C++ spoofing
17343| [64701] Apache CXF up to 2.7.3 XML Parser Memory Consumption denial of service
17344| [64700] Apache CloudStack up to 4.1.0 Stack-Based cross site scripting
17345| [64667] Apache Open For Business Project up to 10.04.04 unknown vulnerability
17346| [64666] Apache Open For Business Project up to 10.04.04 cross site scripting
17347| [9891] Apache HTTP Server 2.2.22 suEXEC Feature .htaccess information disclosure
17348| [64509] Apache ActiveMQ up to 5.8.0 scheduled.jsp cross site scripting
17349| [9826] Apache Subversion up to 1.8.0 mod_dav_svn denial of service
17350| [9683] Apache HTTP Server 2.4.5 mod_session_dbd denial of service
17351| [64485] Apache Struts up to 2.2.3.0 privilege escalation
17352| [9568] Apache Struts up to 2.3.15 DefaultActionMapper cross site request forgery
17353| [9567] Apache Struts up to 2.3.15 DefaultActionMapper memory corruption
17354| [64467] Apache Geronimo 3.0 memory corruption
17355| [64466] Apache OpenJPA up to 2.2.1 Serialization memory corruption
17356| [64457] Apache Struts up to 2.2.3.0 cross site scripting
17357| [64326] Alejandro Garza Apachesolr Autocomplete up to 7.x-1.1 cross site scripting
17358| [9184] Apache Qpid up to 0.20 SSL misconfiguration
17359| [8935] Apache Subversion up to 1.7.9 FSFS Format Repository denial of service
17360| [8934] Apache Subversion up to 1.7.9 Svnserve Server denial of service
17361| [8933] Apache Subversion up to 1.6.21 check-mime-type.pl svnlook memory corruption
17362| [8932] Apache Subversion up to 1.6.21 svn-keyword-check.pl svnlook changed memory corruption
17363| [9022] Apache Struts up to 2.3.14.2 OGNL Expression memory corruption
17364| [8873] Apache Struts 2.3.14 privilege escalation
17365| [8872] Apache Struts 2.3.14 privilege escalation
17366| [8746] Apache HTTP Server Log File Terminal Escape Sequence Filtering mod_rewrite.c do_rewritelog privilege escalation
17367| [8666] Apache Tomcat up to 7.0.32 AsyncListener information disclosure
17368| [8665] Apache Tomcat up to 7.0.29 Chunked Transfer Encoding Extension Size denial of service
17369| [8664] Apache Tomcat up to 7.0.32 FORM Authentication weak authentication
17370| [64075] Apache Subversion up to 1.7.7 mod_dav_svn Crash denial of service
17371| [64074] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
17372| [64073] Apache Subversion up to 1.7.8 mod_dav_svn NULL Pointer Dereference denial of service
17373| [64072] Apache Subversion up to 1.7.7 mod_dav_svn NULL Pointer Dereference denial of service
17374| [64071] Apache Subversion up to 1.7.8 mod_dav_svn Memory Consumption denial of service
17375| [8768] Apache Struts up to 2.3.14 on Mac EL and OGNL Interpreter memory corruption
17376| [64006] Apache ActiveMQ up to 5.7.0 denial of service
17377| [64005] Apache ActiveMQ up to 5.7.0 Default Configuration denial of service
17378| [64004] Apache ActiveMQ up to 5.7.0 PortfolioPublishServlet.java cross site scripting
17379| [8427] Apache Tomcat Session Transaction weak authentication
17380| [63960] Apache Maven 3.0.4 Default Configuration spoofing
17381| [63751] Apache qpid up to 0.20 qpid::framing::Buffer denial of service
17382| [63750] Apache qpid up to 0.20 checkAvailable denial of service
17383| [63749] Apache Qpid up to 0.20 Memory Consumption denial of service
17384| [63748] Apache Qpid up to 0.20 Default Configuration denial of service
17385| [63747] Apache Rave up to 0.20 User Account information disclosure
17386| [7889] Apache Subversion up to 1.6.17 mod_dav_svn/svn_fs_file_length() denial of service
17387| [63646] Apache HTTP Server up to 2.2.23/2.4.3 mod_proxy_balancer.c balancer_handler cross site scripting
17388| [7688] Apache CXF up to 2.7.1 WSS4JInterceptor Bypass weak authentication
17389| [7687] Apache CXF up to 2.7.2 Token weak authentication
17390| [63334] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
17391| [63299] Apache CXF up to 2.6.0 WS-Security unknown vulnerability
17392| [7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting
17393| [7075] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector NioEndpoint.java denial of service
17394| [7074] Apache Tomcat up to 6.0.35/7.0.29 FORM Authentication RealmBase.java weak authentication
17395| [7073] Apache Tomcat up to 6.0.35/7.0.31 CSRF Prevention Filter cross site request forgery
17396| [63090] Apache Tomcat up to 4.1.24 denial of service
17397| [63089] Apache HTTP Server up to 2.2.13 mod_proxy_ajp denial of service
17398| [62933] Apache Tomcat up to 5.5.0 Access Restriction unknown vulnerability
17399| [62929] Apache Tomcat up to 6.0.35/7.0.27 NIO Connector Memory Consumption denial of service
17400| [62833] Apache CXF -/2.6.0 spoofing
17401| [62832] Apache Axis2 up to 1.6.2 spoofing
17402| [62831] Apache Axis up to 1.4 Java Message Service spoofing
17403| [62830] Apache Commons-httpclient 3.0 Payments spoofing
17404| [62826] Apache Libcloud up to 0.11.0 spoofing
17405| [62757] Apache Open For Business Project up to 10.04.0 unknown vulnerability
17406| [8830] Red Hat JBoss Enterprise Application Platform 6.0.1 org.apache.catalina.connector.Response.encodeURL information disclosure
17407| [62661] Apache Axis2 unknown vulnerability
17408| [62658] Apache Axis2 unknown vulnerability
17409| [62467] Apache Qpid up to 0.17 denial of service
17410| [62417] Apache CXF 2.4.7/2.4.8/2.5.3/2.5.4/2.6.1 spoofing
17411| [6301] Apache HTTP Server mod_pagespeed cross site scripting
17412| [6300] Apache HTTP Server mod_pagespeed Hostname information disclosure
17413| [6123] Apache Wicket up to 1.5.7 Ajax Link cross site scripting
17414| [62035] Apache Struts up to 2.3.4 denial of service
17415| [61916] Apache QPID 0.5/0.6/0.14/0.16 unknown vulnerability
17416| [6998] Apache Tomcat 5.5.35/6.0.35/7.0.28 DIGEST Authentication Session State Caching privilege escalation
17417| [6997] Apache Tomcat 5.5.35/6.0.35/7.0.28 HTTP Digest Authentication Implementation privilege escalation
17418| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
17419| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
17420| [61507] Apache POI up to 3.8 UnhandledDataStructure denial of service
17421| [6070] Apache Struts up to 2.3.4 Token Name Configuration Parameter privilege escalation
17422| [6069] Apache Struts up to 2.3.4 Request Parameter OGNL Expression denial of service
17423| [5764] Oracle Solaris 10 Apache HTTP Server information disclosure
17424| [5700] Oracle Secure Backup 10.3.0.3/10.4.0.1 Apache denial of service
17425| [61255] Apache Hadoop 2.0.0 Kerberos unknown vulnerability
17426| [61229] Apache Sling up to 2.1.1 denial of service
17427| [61152] Apache Commons-compress 1.0/1.1/1.2/1.3/1.4 denial of service
17428| [61094] Apache Roller up to 5.0 cross site scripting
17429| [61093] Apache Roller up to 5.0 cross site request forgery
17430| [61005] Apache OpenOffice 3.3/3.4 unknown vulnerability
17431| [9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service
17432| [5436] Apache OpenOffice 3.3/3.4 WPXContentListener.cpp _closeTableRow File memory corruption
17433| [5435] Apache OpenOffice 3.3/3.4 vclmi.dll File memory corruption
17434| [60730] PHP 5.4.0/5.4.1/5.4.2 apache_request_headers memory corruption
17435| [60708] Apache Qpid 0.12 unknown vulnerability
17436| [5032] Apache Hadoop up to 0.20.205.0/1.0.1/0.23.1 Kerberos/MapReduce Security Feature privilege escalation
17437| [4949] Apache Struts File Upload XSLTResult.java XSLT File privilege escalation
17438| [4955] Apache Traffic Server 3.0.3/3.1.2 HTTP Header Parser memory corruption
17439| [4882] Apache Wicket up to 1.5.4 directory traversal
17440| [4881] Apache Wicket up to 1.4.19 cross site scripting
17441| [4884] Apache HTTP Server up to 2.3.6 mod_fcgid fcgid_spawn_ctl.c FcgidMaxProcessesPerClass HTTP Requests denial of service
17442| [60352] Apache Struts up to 2.2.3 memory corruption
17443| [60153] Apache Portable Runtime up to 1.4.3 denial of service
17444| [4598] Apache Struts 1.3.10 upload-submit.do cross site scripting
17445| [4597] Apache Struts 1.3.10 processSimple.do cross site scripting
17446| [4596] Apache Struts 2.0.14/2.2.3 struts2-rest-showcase/orders cross site scripting
17447| [4595] Apache Struts 2.0.14/2.2.3 struts2-showcase/person/editPerson.action cross site scripting
17448| [4583] Apache HTTP Server up to 2.2.21 Threaded MPM denial of service
17449| [4582] Apache HTTP Server up to 2.2.21 protocol.c information disclosure
17450| [4571] Apache Struts up to 2.3.1.2 privilege escalation
17451| [4557] Apache Tomcat up to 7.0.21 Caching/Recycling information disclosure
17452| [59934] Apache Tomcat up to 6.0.9 DigestAuthenticator.java unknown vulnerability
17453| [59933] Apache Tomcat up to 6.0.9 Access Restriction unknown vulnerability
17454| [59932] Apache Tomcat up to 6.0.9 unknown vulnerability
17455| [59931] Apache Tomcat up to 6.0.9 Access Restriction information disclosure
17456| [59902] Apache Struts up to 2.2.3 Interfaces unknown vulnerability
17457| [4528] Apache Struts up to 2.2.3 DebuggingInterceptor privilege escalation
17458| [4527] Apache Struts up to 2.2.3 ExceptionDelegator cross site scripting
17459| [59888] Apache Tomcat up to 6.0.6 denial of service
17460| [59886] Apache ActiveMQ up to 5.5.1 Crash denial of service
17461| [4513] Apache Struts up to 2.3.1 ParameterInterceptor directory traversal
17462| [4512] Apache Struts up to 2.2.3 CookieInterceptor privilege escalation
17463| [59850] Apache Geronimo up to 2.2.1 denial of service
17464| [59825] Apache HTTP Server up to 2.1.7 mod_reqtimeout denial of service
17465| [59556] Apache HTTP Server up to 2.0.53 mod_proxy information disclosure
17466| [58467] Apache libcloud 0.2.0/0.3.0/0.3.1/0.4.0 Access Restriction spoofing
17467| [58413] Apache Tomcat up to 6.0.10 spoofing
17468| [58381] Apache Wicket up to 1.4.17 cross site scripting
17469| [58296] Apache Tomcat up to 7.0.19 unknown vulnerability
17470| [57888] Apache HttpClient 4.0/4.0.1/4.1 Authorization information disclosure
17471| [57587] Apache Subversion up to 1.6.16 mod_dav_svn information disclosure
17472| [57585] Apache Subversion up to 1.6.16 mod_dav_svn Memory Consumption denial of service
17473| [57584] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
17474| [57577] Apache Rampart-C 1.3.0 Access Restriction rampart_timestamp_token_validate privilege escalation
17475| [57568] Apache Archiva up to 1.3.4 cross site scripting
17476| [57567] Apache Archiva up to 1.3.4 cross site request forgery
17477| [57481] Apache Tomcat 7.0.12/7.0.13 Access Restriction unknown vulnerability
17478| [4355] Apache HTTP Server APR apr_fnmatch denial of service
17479| [57435] Apache Struts up to 2.2.1.1 FileHandler.java cross site scripting
17480| [57425] Apache Struts up to 2.2.1.1 cross site scripting
17481| [4352] Apache HTTP Server 2.2.x APR apr_fnmatch denial of service
17482| [57025] Apache Tomcat up to 7.0.11 information disclosure
17483| [57024] Apache Tomcat 7.0.11 Access Restriction information disclosure
17484| [56774] IBM WebSphere Application Server up to 7.0.0.14 org.apache.jasper.runtime.JspWriterImpl.response denial of service
17485| [56824] Apache Subversion up to 1.6.4 mod_dav_svn NULL Pointer Dereference denial of service
17486| [56832] Apache Tomcat up to 7.0.10 Access Restriction information disclosure
17487| [56830] Apache Tomcat up to 7.0.9 Access Restriction privilege escalation
17488| [12440] Apache Tomcat 6.0.33 Malicious Request cross site scripting
17489| [56512] Apache Continuum up to 1.4.0 cross site scripting
17490| [4285] Apache Tomcat 5.x JVM getLocale denial of service
17491| [4284] Apache Tomcat 5.x HTML Manager Infinite Loop cross site scripting
17492| [4283] Apache Tomcat 5.x ServletContect privilege escalation
17493| [56441] Apache Tomcat up to 7.0.6 denial of service
17494| [56300] Apache CouchDB up to 1.0.1 Web Administration Interface cross site scripting
17495| [55967] Apache Subversion up to 1.6.4 rev_hunt.c denial of service
17496| [55966] Apache Subversion up to 1.6.4 mod_dav_svn repos.c walk denial of service
17497| [55095] Apache Axis2 up to 1.6 Default Password memory corruption
17498| [55631] Apache Archiva up to 1.3.1 User Account cross site request forgery
17499| [55556] Apache Tomcat up to 6.0.29 Default Configuration information disclosure
17500| [55553] Apache Tomcat up to 7.0.4 sessionsList.jsp cross site scripting
17501| [55162] Apache MyFaces up to 2.0.0 Authentication Code unknown vulnerability
17502| [54881] Apache Subversion up to 1.6.12 mod_dav_svn authz.c privilege escalation
17503| [54879] Apache APR-util up to 0.9.14 mod_reqtimeout apr_brigade_split_line denial of service
17504| [54693] Apache Traffic Server DNS Cache unknown vulnerability
17505| [54416] Apache CouchDB up to 0.11.0 cross site request forgery
17506| [54394] Apache CXF up to 2.2.8 Memory Consumption denial of service
17507| [54261] Apache Tomcat jsp/cal/cal2.jsp cross site scripting
17508| [54166] Apache HTTP Server up to 2.2.12 mod_cache Crash denial of service
17509| [54385] Apache Struts up to 2.1.8.1 ParameterInterceptor unknown vulnerability
17510| [54012] Apache Tomcat up to 6.0.10 denial of service
17511| [53763] Apache Axis2 1.3/1.4/1.4.1/1.5/1.5.1 Memory Consumption denial of service
17512| [53368] Apache MyFaces 1.1.7/1.2.8 cross site scripting
17513| [53397] Apache axis2 1.4.1/1.5.1 Administration Console cross site scripting
17514| [52894] Apache Tomcat up to 6.0.7 information disclosure
17515| [52960] Apache ActiveMQ up to 5.4-snapshot information disclosure
17516| [52843] Apache HTTP Server mod_auth_shadow unknown vulnerability
17517| [52786] Apache Open For Business Project up to 09.04 cross site scripting
17518| [52587] Apache ActiveMQ up to 5.3.0 cross site request forgery
17519| [52586] Apache ActiveMQ up to 5.3.0 cross site scripting
17520| [52584] Apache CouchDB up to 0.10.1 information disclosure
17521| [51757] Apache HTTP Server 2.0.44 cross site scripting
17522| [51756] Apache HTTP Server 2.0.44 spoofing
17523| [51717] Apache HTTP Server up to 1.3.3 mod_proxy ap_proxy_send_fb memory corruption
17524| [51690] Apache Tomcat up to 6.0 directory traversal
17525| [51689] Apache Tomcat up to 6.0 information disclosure
17526| [51688] Apache Tomcat up to 6.0 directory traversal
17527| [50886] HP Operations Manager 8.10 on Windows File Upload org.apache.catalina.manager.HTMLManagerServlet memory corruption
17528| [50802] Apache Tomcat up to 3.3 Default Password weak authentication
17529| [50626] Apache Solr 1.0.0 cross site scripting
17530| [49857] Apache HTTP Server mod_proxy_ftp cross site scripting
17531| [49856] Apache HTTP Server 2.2.13 mod_proxy_ftp ap_proxy_ftp_handler denial of service
17532| [49348] Apache Xerces-C++ 2.7.0 Stack-Based denial of service
17533| [86789] Apache Portable Runtime memory/unix/apr_pools.c unknown vulnerability
17534| [49283] Apache APR-util up to 1.3.8 apr-util misc/apr_rmm.c apr_rmm_realloc memory corruption
17535| [48952] Apache HTTP Server up to 1.3.6 mod_deflate denial of service
17536| [48626] Apache Tomcat up to 4.1.23 Access Restriction directory traversal
17537| [48431] Apache Tomcat up to 4.1.23 j_security_check cross site scripting
17538| [48430] Apache Tomcat up to 4.1.23 mod_jk denial of service
17539| [47801] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site request forgery
17540| [47800] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console cross site scripting
17541| [47799] Apache Geronimo 2.1/2.1.1/2.1.2/2.1.3 Administration Console directory traversal
17542| [47648] Apache Tiles 2.1.0/2.1.1 cross site scripting
17543| [47640] Apache Struts 2.0.6/2.0.8/2.0.9/2.0.11/2.1 cross site scripting
17544| [47638] Apache Tomcat up to 4.1.23 mod_jk information disclosure
17545| [47636] Apache Struts 2.0.9 xip_client.html cross site scripting
17546| [47593] Apache Mod Perl 1 perl-status Apache::Status cross site scripting
17547| [47637] Apache Struts 1.0.2/1.1/1.2.4/1.2.7/1.2.8 cross site scripting
17548| [47239] Apache Struts up to 2.1.2 Beta struts directory traversal
17549| [47214] Apachefriends xampp 1.6.8 spoofing
17550| [47213] Apachefriends xampp 1.6.8 htaccess cross site request forgery
17551| [47162] Apachefriends XAMPP 1.4.4 weak authentication
17552| [47065] Apache Tomcat 4.1.23 cross site scripting
17553| [46834] Apache Tomcat up to 5.5.20 cross site scripting
17554| [46004] Apache Jackrabbit 1.4/1.5.0 search.jsp cross site scripting
17555| [49205] Apache Roller 2.3/3.0/3.1/4.0 Search cross site scripting
17556| [86625] Apache Struts directory traversal
17557| [44461] Apache Tomcat up to 5.5.0 information disclosure
17558| [44389] Apache Xerces-C++ XML Parser Memory Consumption denial of service
17559| [44352] Apache Friends XAMPP 1.6.8 adodb.php cross site scripting
17560| [43663] Apache Tomcat up to 6.0.16 directory traversal
17561| [43612] Apache Friends XAMPP 1.6.7 iart.php cross site scripting
17562| [43556] Apache HTTP Server up to 2.1.8 mod_proxy_ftp proxy_ftp.c cross site scripting
17563| [43516] Apache Tomcat up to 4.1.20 directory traversal
17564| [43509] Apache Tomcat up to 6.0.13 cross site scripting
17565| [42637] Apache Tomcat up to 6.0.16 cross site scripting
17566| [42325] Apache HTTP Server up to 2.1.8 Error Page cross site scripting
17567| [41838] Apache-SSL 1.3.34 1.57 expandcert privilege escalation
17568| [41091] Apache Software Foundation Mod Jk up to 2.0.1 mod_jk2 Stack-based memory corruption
17569| [40924] Apache Tomcat up to 6.0.15 information disclosure
17570| [40923] Apache Tomcat up to 6.0.15 unknown vulnerability
17571| [40922] Apache Tomcat up to 6.0 information disclosure
17572| [40710] Apache HTTP Server up to 2.0.61 mod_negotiation cross site scripting
17573| [40709] Apache HTTP Server up to 2.0.53 mod_negotiation cross site scripting
17574| [40656] Apache Tomcat 5.5.20 information disclosure
17575| [40503] Apache HTTP Server mod_proxy_ftp cross site scripting
17576| [40502] Apache HTTP Server up to 2.2.5 mod_proxy_balancer memory corruption
17577| [40501] Apache HTTP Server 2.2.6 mod_proxy_balancer cross site request forgery
17578| [40398] Apache HTTP Server up to 2.2 mod_proxy_balancer cross site scripting
17579| [40397] Apache HTTP Server up to 2.2 mod_proxy_balancer balancer_handler denial of service
17580| [40234] Apache Tomcat up to 6.0.15 directory traversal
17581| [40221] Apache HTTP Server 2.2.6 information disclosure
17582| [40027] David Castro Apache Authcas 0.4 sql injection
17583| [3495] Apache OpenOffice up to 2.3 Database Document Processor unknown vulnerability
17584| [3489] Apache HTTP Server 2.x HTTP Header cross site scripting
17585| [3414] Apache Tomcat WebDAV Stored privilege escalation
17586| [39489] Apache Jakarta Slide up to 2.1 directory traversal
17587| [39540] Apache Geronimo 2.0/2.0.1/2.0.2/2.1 unknown vulnerability
17588| [3310] Apache OpenOffice 1.1.3/2.0.4/2.2.1 TIFF Image Parser Heap-based memory corruption
17589| [38768] Apache HTTP Server up to 2.1.7 mod_autoindex.c cross site scripting
17590| [38952] Apache Geronimo 2.0.1/2.1 unknown vulnerability
17591| [38658] Apache Tomcat 4.1.31 cal2.jsp cross site request forgery
17592| [38524] Apache Geronimo 2.0 unknown vulnerability
17593| [3256] Apache Tomcat up to 6.0.13 cross site scripting
17594| [38331] Apache Tomcat 4.1.24 information disclosure
17595| [38330] Apache Tomcat 4.1.24 information disclosure
17596| [38185] Apache Tomcat 3.3/3.3.1/3.3.1a/3.3.2 Error Message CookieExample cross site scripting
17597| [37967] Apache Tomcat up to 4.1.36 Error Message sendmail.jsp cross site scripting
17598| [37647] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 Authorization unknown vulnerability
17599| [37646] Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1 unknown vulnerability
17600| [3141] Apache Tomcat up to 4.1.31 Accept-Language Header cross site scripting
17601| [3133] Apache Tomcat up to 6.0 HTTP cross site scripting
17602| [37292] Apache Tomcat up to 5.5.1 cross site scripting
17603| [3130] Apache OpenOffice 2.2.1 RTF Document Heap-based memory corruption
17604| [36981] Apache Tomcat JK Web Server Connector up to 1.2.22 mod_jk directory traversal
17605| [36892] Apache Tomcat up to 4.0.0 hello.jsp cross site scripting
17606| [37320] Apache MyFaces Tomahawk up to 1.1.4 cross site scripting
17607| [36697] Apache Tomcat up to 5.5.17 implicit-objects.jsp cross site scripting
17608| [36491] Apache Axis 1.0 Installation javaioFileNotFoundException information disclosure
17609| [36400] Apache Tomcat 5.5.15 mod_jk cross site scripting
17610| [36698] Apache Tomcat up to 4.0.0 cal2.jsp cross site scripting
17611| [36224] XAMPP Apache Distribution up to 1.6.0a adodb.php connect memory corruption
17612| [36225] XAMPP Apache Distribution 1.6.0a sql injection
17613| [2997] Apache httpd/Tomcat 5.5/6.0 directory traversal
17614| [35896] Apache Apache Test up to 1.29 mod_perl denial of service
17615| [35653] Avaya S8300 Cm 3.1.2 Apache Tomcat unknown vulnerability
17616| [35402] Apache Tomcat JK Web Server Connector 1.2.19 mod_jk.so map_uri_to_worker memory corruption
17617| [35067] Apache Stats up to 0.0.2 extract unknown vulnerability
17618| [35025] Apache Stats up to 0.0.3 extract unknown vulnerability
17619| [34252] Apache HTTP Server denial of service
17620| [2795] Apache OpenOffice 2.0.4 WMF/EMF File Heap-based memory corruption
17621| [33877] Apache Opentaps 0.9.3 cross site scripting
17622| [33876] Apache Open For Business Project unknown vulnerability
17623| [33875] Apache Open For Business Project cross site scripting
17624| [2703] Apache Jakarta Tomcat up to 5.x der_get_oid memory corruption
17625| [2611] Apache HTTP Server up to 1.0.1 set_var Format String
17626|
17627| MITRE CVE - https://cve.mitre.org:
17628| [CVE-2013-4156] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
17629| [CVE-2013-4131] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.
17630| [CVE-2013-3239] phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
17631| [CVE-2013-3060] The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
17632| [CVE-2013-2765] The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
17633| [CVE-2013-2251] Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
17634| [CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
17635| [CVE-2013-2248] Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.
17636| [CVE-2013-2189] Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
17637| [CVE-2013-2135] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice.
17638| [CVE-2013-2134] Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
17639| [CVE-2013-2115] Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.
17640| [CVE-2013-2071] java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes.
17641| [CVE-2013-2067] java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.
17642| [CVE-2013-1966] Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
17643| [CVE-2013-1965] Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.1, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
17644| [CVE-2013-1896] mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
17645| [CVE-2013-1884] The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
17646| [CVE-2013-1879] Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."
17647| [CVE-2013-1862] mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
17648| [CVE-2013-1849] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.
17649| [CVE-2013-1847] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
17650| [CVE-2013-1846] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.
17651| [CVE-2013-1845] The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
17652| [CVE-2013-1814] The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.
17653| [CVE-2013-1777] The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not property implement the RMI classloader, which allows remote attackers to execute arbitrary code by using the JMX connector to send a crafted serialized object.
17654| [CVE-2013-1768] The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
17655| [CVE-2013-1088] Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
17656| [CVE-2013-1048] The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.
17657| [CVE-2013-0966] The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.
17658| [CVE-2013-0942] Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
17659| [CVE-2013-0941] EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
17660| [CVE-2013-0253] The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.
17661| [CVE-2013-0248] The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
17662| [CVE-2013-0239] Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security header of a SOAP request containing a UsernameToken element that lacks a password child element.
17663| [CVE-2012-6573] Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving autocomplete results.
17664| [CVE-2012-6551] The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
17665| [CVE-2012-6092] Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.
17666| [CVE-2012-5887] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.
17667| [CVE-2012-5886] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.
17668| [CVE-2012-5885] The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.
17669| [CVE-2012-5786] The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
17670| [CVE-2012-5785] Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
17671| [CVE-2012-5784] Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
17672| [CVE-2012-5783] Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
17673| [CVE-2012-5633] The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request.
17674| [CVE-2012-5616] Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.
17675| [CVE-2012-5568] Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
17676| [CVE-2012-5351] Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
17677| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
17678| [CVE-2012-4557] The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
17679| [CVE-2012-4556] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.
17680| [CVE-2012-4555] The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.
17681| [CVE-2012-4534] org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.
17682| [CVE-2012-4528] The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
17683| [CVE-2012-4501] Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs.
17684| [CVE-2012-4460] The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash.
17685| [CVE-2012-4459] Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
17686| [CVE-2012-4458] The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
17687| [CVE-2012-4446] The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
17688| [CVE-2012-4431] org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
17689| [CVE-2012-4418] Apache Axis2 allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
17690| [CVE-2012-4387] Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.
17691| [CVE-2012-4386] The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks by setting the token name configuration parameter to a session attribute.
17692| [CVE-2012-4360] Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
17693| [CVE-2012-4063] The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors.
17694| [CVE-2012-4001] The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
17695| [CVE-2012-3908] Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow remote attackers to hijack the authentication of administrators, aka Bug ID CSCty46684.
17696| [CVE-2012-3546] org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.
17697| [CVE-2012-3544] Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
17698| [CVE-2012-3526] The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
17699| [CVE-2012-3513] munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.
17700| [CVE-2012-3506] Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.
17701| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
17702| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
17703| [CVE-2012-3467] Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication.
17704| [CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
17705| [CVE-2012-3446] Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
17706| [CVE-2012-3376] DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.
17707| [CVE-2012-3373] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.21 and 1.5.x before 1.5.8 allows remote attackers to inject arbitrary web script or HTML via vectors involving a %00 sequence in an Ajax link URL associated with a Wicket app.
17708| [CVE-2012-3126] Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent.
17709| [CVE-2012-3123] Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Server.
17710| [CVE-2012-2760] mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.
17711| [CVE-2012-2733] java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
17712| [CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
17713| [CVE-2012-2381] Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the blogger role.
17714| [CVE-2012-2380] Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality.
17715| [CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
17716| [CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.
17717| [CVE-2012-2329] Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.
17718| [CVE-2012-2145] Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
17719| [CVE-2012-2138] The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP request.
17720| [CVE-2012-2098] Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
17721| [CVE-2012-1574] The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
17722| [CVE-2012-1181] fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.
17723| [CVE-2012-1089] Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.
17724| [CVE-2012-1007] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do.
17725| [CVE-2012-1006] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to struts2-rest-showcase/orders.
17726| [CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
17727| [CVE-2012-0840] tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
17728| [CVE-2012-0838] Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
17729| [CVE-2012-0788] The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.
17730| [CVE-2012-0394] ** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself."
17731| [CVE-2012-0393] The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object.
17732| [CVE-2012-0392] The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
17733| [CVE-2012-0391] The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
17734| [CVE-2012-0256] Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.
17735| [CVE-2012-0216] The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.
17736| [CVE-2012-0213] The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.
17737| [CVE-2012-0053] protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
17738| [CVE-2012-0047] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter.
17739| [CVE-2012-0031] scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
17740| [CVE-2012-0022] Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
17741| [CVE-2012-0021] The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.
17742| [CVE-2011-5064] DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184.
17743| [CVE-2011-5063] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.
17744| [CVE-2011-5062] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.
17745| [CVE-2011-5057] Apache Struts 2.3.1.1 and earlier provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor."
17746| [CVE-2011-5034] Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.
17747| [CVE-2011-4905] Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
17748| [CVE-2011-4858] Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
17749| [CVE-2011-4668] IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
17750| [CVE-2011-4449] actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
17751| [CVE-2011-4415] The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.
17752| [CVE-2011-4317] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
17753| [CVE-2011-3639] The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
17754| [CVE-2011-3620] Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username.
17755| [CVE-2011-3607] Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
17756| [CVE-2011-3376] org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.
17757| [CVE-2011-3375] Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
17758| [CVE-2011-3368] The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
17759| [CVE-2011-3348] The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
17760| [CVE-2011-3192] The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
17761| [CVE-2011-3190] Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
17762| [CVE-2011-2729] native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
17763| [CVE-2011-2712] Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
17764| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
17765| [CVE-2011-2526] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.
17766| [CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
17767| [CVE-2011-2481] Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. NOTE: this vulnerability exists because of a CVE-2009-0783 regression.
17768| [CVE-2011-2329] The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than CVE-2011-0730.
17769| [CVE-2011-2204] Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
17770| [CVE-2011-2088] XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
17771| [CVE-2011-2087] Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
17772| [CVE-2011-1928] The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.
17773| [CVE-2011-1921] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
17774| [CVE-2011-1783] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.
17775| [CVE-2011-1772] Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
17776| [CVE-2011-1752] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
17777| [CVE-2011-1610] Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.
17778| [CVE-2011-1582] Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.
17779| [CVE-2011-1571] Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
17780| [CVE-2011-1570] Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
17781| [CVE-2011-1503] The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL.
17782| [CVE-2011-1502] Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
17783| [CVE-2011-1498] Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.
17784| [CVE-2011-1475] The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users."
17785| [CVE-2011-1419] Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088.
17786| [CVE-2011-1318] Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted.
17787| [CVE-2011-1184] The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
17788| [CVE-2011-1183] Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1088 and CVE-2011-1419.
17789| [CVE-2011-1176] The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
17790| [CVE-2011-1088] Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application.
17791| [CVE-2011-1077] Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
17792| [CVE-2011-1026] Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to hijack the authentication of administrators.
17793| [CVE-2011-0715] The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
17794| [CVE-2011-0534] Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
17795| [CVE-2011-0533] Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta
17796| [CVE-2011-0419] Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
17797| [CVE-2011-0013] Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
17798| [CVE-2010-4644] Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
17799| [CVE-2010-4539] The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
17800| [CVE-2010-4476] The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
17801| [CVE-2010-4455] Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 and 11.1.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Apache Plugin.
17802| [CVE-2010-4408] Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of the administrator's password at the time of modifying a user account, which makes it easier for context-dependent attackers to gain privileges by leveraging a (1) unattended workstation or (2) cross-site request forgery (CSRF) vulnerability, a related issue to CVE-2010-3449.
17803| [CVE-2010-4312] The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a session via script access to a cookie.
17804| [CVE-2010-4172] Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to sessionsList.jsp, or unspecified input to (3) sessionDetail.jsp or (4) java/org/apache/catalina/manager/JspHelper.java, related to use of untrusted web applications.
17805| [CVE-2010-3872] The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite."
17806| [CVE-2010-3863] Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI.
17807| [CVE-2010-3854] Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
17808| [CVE-2010-3718] Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.
17809| [CVE-2010-3449] Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1
17810| [CVE-2010-3315] authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
17811| [CVE-2010-3083] sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and other products, when SSL is enabled, allows remote attackers to cause a denial of service (daemon outage) by connecting to the SSL port but not participating in an SSL handshake.
17812| [CVE-2010-2952] Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response.
17813| [CVE-2010-2791] mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
17814| [CVE-2010-2375] Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
17815| [CVE-2010-2234] Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL.
17816| [CVE-2010-2227] Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
17817| [CVE-2010-2103] Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.
17818| [CVE-2010-2086] Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
17819| [CVE-2010-2076] Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
17820| [CVE-2010-2068] mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
17821| [CVE-2010-2057] shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack.
17822| [CVE-2010-1632] Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
17823| [CVE-2010-1623] Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
17824| [CVE-2010-1587] The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
17825| [CVE-2010-1452] The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
17826| [CVE-2010-1325] Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect.
17827| [CVE-2010-1244] Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
17828| [CVE-2010-1157] Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
17829| [CVE-2010-1151] Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials.
17830| [CVE-2010-0684] Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
17831| [CVE-2010-0434] The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
17832| [CVE-2010-0432] Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the productStoreId parameter to control/exportProductListing, (2) the partyId parameter to partymgr/control/viewprofile (aka partymgr/control/login), (3) the start parameter to myportal/control/showPortalPage, (4) an invalid URI beginning with /facility/control/ReceiveReturn (aka /crmsfa/control/ReceiveReturn or /cms/control/ReceiveReturn), (5) the contentId parameter (aka the entityName variable) to ecommerce/control/ViewBlogArticle, (6) the entityName parameter to webtools/control/FindGeneric, or the (7) subject or (8) content parameter to an unspecified component under ecommerce/control/contactus.
17833| [CVE-2010-0425] modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
17834| [CVE-2010-0408] The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
17835| [CVE-2010-0390] Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information.
17836| [CVE-2010-0219] Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
17837| [CVE-2010-0010] Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
17838| [CVE-2010-0009] Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
17839| [CVE-2009-5120] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.
17840| [CVE-2009-5119] The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack against encrypted session data.
17841| [CVE-2009-5006] The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange.
17842| [CVE-2009-5005] The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service (daemon crash and cluster outage) via invalid AMQP data.
17843| [CVE-2009-4355] Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.
17844| [CVE-2009-4269] The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
17845| [CVE-2009-3923] The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server.
17846| [CVE-2009-3890] Unrestricted file upload vulnerability in the wp_check_filetype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the mod_mime module in the Apache HTTP Server is enabled, allows remote authenticated users to execute arbitrary code by posting an attachment with a multiple-extension filename, and then accessing this attachment via a direct request to a wp-content/uploads/ pathname, as demonstrated by a .php.jpg filename.
17847| [CVE-2009-3843] HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
17848| [CVE-2009-3821] Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
17849| [CVE-2009-3555] The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
17850| [CVE-2009-3548] The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
17851| [CVE-2009-3250] The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. on Windows, or (3) .php/ on Linux, and then making a direct request to a certain pathname under storage/.
17852| [CVE-2009-3095] The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
17853| [CVE-2009-3094] The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
17854| [CVE-2009-2902] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
17855| [CVE-2009-2901] The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests.
17856| [CVE-2009-2823] The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
17857| [CVE-2009-2699] The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
17858| [CVE-2009-2696] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
17859| [CVE-2009-2693] Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
17860| [CVE-2009-2625] XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
17861| [CVE-2009-2412] Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR
17862| [CVE-2009-2299] The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
17863| [CVE-2009-1956] Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
17864| [CVE-2009-1955] The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
17865| [CVE-2009-1903] The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
17866| [CVE-2009-1891] The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
17867| [CVE-2009-1890] The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
17868| [CVE-2009-1885] Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
17869| [CVE-2009-1462] The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.
17870| [CVE-2009-1275] Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.
17871| [CVE-2009-1195] The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
17872| [CVE-2009-1191] mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
17873| [CVE-2009-1012] Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.
17874| [CVE-2009-0918] Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
17875| [CVE-2009-0796] Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
17876| [CVE-2009-0783] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.
17877| [CVE-2009-0781] Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
17878| [CVE-2009-0754] PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.
17879| [CVE-2009-0580] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.
17880| [CVE-2009-0486] Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery (CSRF) protection mechanisms and conduct unauthorized activities as other users.
17881| [CVE-2009-0039] Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
17882| [CVE-2009-0038] Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring
17883| [CVE-2009-0033] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
17884| [CVE-2009-0026] Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
17885| [CVE-2009-0023] The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
17886| [CVE-2008-6879] Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
17887| [CVE-2008-6755] ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
17888| [CVE-2008-6722] Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache.
17889| [CVE-2008-6682] Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
17890| [CVE-2008-6505] Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x.
17891| [CVE-2008-6504] ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
17892| [CVE-2008-5696] Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
17893| [CVE-2008-5676] Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching."
17894| [CVE-2008-5519] The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.
17895| [CVE-2008-5518] Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet)
17896| [CVE-2008-5515] Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.
17897| [CVE-2008-5457] Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
17898| [CVE-2008-4308] The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
17899| [CVE-2008-4008] Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter.
17900| [CVE-2008-3666] Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured
17901| [CVE-2008-3271] Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.
17902| [CVE-2008-3257] Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
17903| [CVE-2008-2939] Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI.
17904| [CVE-2008-2938] Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
17905| [CVE-2008-2742] Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled.
17906| [CVE-2008-2717] TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.
17907| [CVE-2008-2579] Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
17908| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
17909| [CVE-2008-2370] Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.
17910| [CVE-2008-2364] The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
17911| [CVE-2008-2168] Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
17912| [CVE-2008-2025] Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."
17913| [CVE-2008-1947] Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
17914| [CVE-2008-1734] Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.
17915| [CVE-2008-1678] Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
17916| [CVE-2008-1232] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.
17917| [CVE-2008-0869] Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
17918| [CVE-2008-0732] The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
17919| [CVE-2008-0555] The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.
17920| [CVE-2008-0457] Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
17921| [CVE-2008-0456] CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
17922| [CVE-2008-0455] Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.
17923| [CVE-2008-0128] The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
17924| [CVE-2008-0005] mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
17925| [CVE-2008-0002] Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.
17926| [CVE-2007-6750] The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
17927| [CVE-2007-6726] Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.
17928| [CVE-2007-6514] Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.
17929| [CVE-2007-6423] ** DISPUTED ** Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue.
17930| [CVE-2007-6422] The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
17931| [CVE-2007-6421] Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
17932| [CVE-2007-6420] Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.
17933| [CVE-2007-6388] Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
17934| [CVE-2007-6361] Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrated by a log file that records the titles of blog entries. NOTE: access to temp/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
17935| [CVE-2007-6342] SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the SESSION_COOKIE_NAME (session ID) in a cookie.
17936| [CVE-2007-6286] Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
17937| [CVE-2007-6258] Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.
17938| [CVE-2007-6231] Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the tm_includepath parameter to (1) Classes.inc.php, (2) statistic.inc.php, (3) status.inc.php, (4) status_top_x.inc.php, or (5) libchart-1.1/libchart.php in include/. NOTE: access to include/ is blocked by .htaccess in most deployments that use Apache HTTP Server.
17939| [CVE-2007-6203] Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918.
17940| [CVE-2007-5797] SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database.
17941| [CVE-2007-5731] Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461.
17942| [CVE-2007-5461] Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
17943| [CVE-2007-5342] The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.
17944| [CVE-2007-5333] Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
17945| [CVE-2007-5156] Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.
17946| [CVE-2007-5085] Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors.
17947| [CVE-2007-5000] Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
17948| [CVE-2007-4724] Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.
17949| [CVE-2007-4723] Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
17950| [CVE-2007-4641] Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting code into an Apache log file.
17951| [CVE-2007-4556] Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a "%{" sequence and ending with a "}" character.
17952| [CVE-2007-4548] The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginException for failed logins, which allows remote attackers to bypass authentication requirements, deploy arbitrary modules, and gain administrative access by sending a blank username and password with the command line deployer in the deployment module.
17953| [CVE-2007-4465] Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.
17954| [CVE-2007-3847] The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
17955| [CVE-2007-3571] The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
17956| [CVE-2007-3386] Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.
17957| [CVE-2007-3385] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.
17958| [CVE-2007-3384] Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages.
17959| [CVE-2007-3383] Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages.
17960| [CVE-2007-3382] Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.
17961| [CVE-2007-3304] Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
17962| [CVE-2007-3303] Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.
17963| [CVE-2007-3101] Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client.
17964| [CVE-2007-2450] Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
17965| [CVE-2007-2449] Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the '
17966| [CVE-2007-2353] Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message.
17967| [CVE-2007-2025] Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
17968| [CVE-2007-1863] cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
17969| [CVE-2007-1862] The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
17970| [CVE-2007-1860] mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450.
17971| [CVE-2007-1858] The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
17972| [CVE-2007-1842] Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019.
17973| [CVE-2007-1801] Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf_lang_default parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by inc/lang.php.
17974| [CVE-2007-1743] suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.
17975| [CVE-2007-1742] suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
17976| [CVE-2007-1741] Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
17977| [CVE-2007-1720] Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file.
17978| [CVE-2007-1636] Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header.
17979| [CVE-2007-1633] Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by bbcode_ref.php.
17980| [CVE-2007-1577] Directory traversal vulnerability in index.php in GeBlog 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tplname] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
17981| [CVE-2007-1539] Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.
17982| [CVE-2007-1524] Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the settings[skin] parameter, as demonstrated by injecting PHP code into an Apache HTTP Server log file, which can then be included via themes/default/.
17983| [CVE-2007-1491] Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties.
17984| [CVE-2007-1358] Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
17985| [CVE-2007-1349] PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
17986| [CVE-2007-0975] Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array.
17987| [CVE-2007-0930] Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function.
17988| [CVE-2007-0792] The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file.
17989| [CVE-2007-0774] Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine.
17990| [CVE-2007-0637] Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php.
17991| [CVE-2007-0451] Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage."
17992| [CVE-2007-0450] Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
17993| [CVE-2007-0419] The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service (server outage).
17994| [CVE-2007-0173] Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when register_globals is enabled and magic_quotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
17995| [CVE-2007-0098] Directory traversal vulnerability in language.php in VerliAdmin 0.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
17996| [CVE-2007-0086] ** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.
17997| [CVE-2006-7217] Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode.
17998| [CVE-2006-7216] Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
17999| [CVE-2006-7197] The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.
18000| [CVE-2006-7196] Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1.
18001| [CVE-2006-7195] Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values.
18002| [CVE-2006-7098] The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
18003| [CVE-2006-6869] Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
18004| [CVE-2006-6675] Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecifeid parameters in Welcome web-app.
18005| [CVE-2006-6613] Directory traversal vulnerability in language.php in phpAlbum 0.4.1 Beta 6 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files or obtain sensitive information via a .. (dot dot) in the pa_lang[include_file] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php.
18006| [CVE-2006-6589] Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project (OFBiz) and Opentaps 0.9.3 allows remote attackers to inject arbitrary web script or HTML via the SEARCH_STRING parameter, a different issue than CVE-2006-6587. NOTE: some of these details are obtained from third party information.
18007| [CVE-2006-6588] The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact.
18008| [CVE-2006-6587] Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
18009| [CVE-2006-6445] Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
18010| [CVE-2006-6071] TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLogin with sessions and "ErrorDocument 401" redirects to a valid wiki topic, does not properly handle failed login attempts, which allows remote attackers to read arbitrary content by cancelling out of a failed authentication with a valid username and invalid password.
18011| [CVE-2006-6047] Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
18012| [CVE-2006-5894] Directory traversal vulnerability in lang.php in Rama CMS 0.68 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by lang.php.
18013| [CVE-2006-5752] Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.
18014| [CVE-2006-5733] Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
18015| [CVE-2006-5263] Directory traversal vulnerability in templates/header.php3 in phpMyAgenda 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter, as demonstrated by a parameter value naming an Apache HTTP Server log file that apparently contains PHP code.
18016| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
18017| [CVE-2006-4636] Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code.
18018| [CVE-2006-4625] PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
18019| [CVE-2006-4558] DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.
18020| [CVE-2006-4191] Directory traversal vulnerability in memcp.php in XMB (Extreme Message Board) 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by header.php.
18021| [CVE-2006-4154] Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
18022| [CVE-2006-4110] Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
18023| [CVE-2006-4004] Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
18024| [CVE-2006-3918] http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
18025| [CVE-2006-3835] Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (
18026| [CVE-2006-3747] Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
18027| [CVE-2006-3362] Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.
18028| [CVE-2006-3102] Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.
18029| [CVE-2006-3070] write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php.
18030| [CVE-2006-2831] Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743.
18031| [CVE-2006-2806] The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
18032| [CVE-2006-2743] Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.
18033| [CVE-2006-2514] Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions.
18034| [CVE-2006-2330] PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata.
18035| [CVE-2006-1777] Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PHP sequences into an Apache error_log file, which is then included by doc/index.php.
18036| [CVE-2006-1564] Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory.
18037| [CVE-2006-1548] Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.
18038| [CVE-2006-1547] ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
18039| [CVE-2006-1546] Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.
18040| [CVE-2006-1393] Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors.
18041| [CVE-2006-1346] Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by index.php.
18042| [CVE-2006-1292] Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php.
18043| [CVE-2006-1243] Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included using install05.php.
18044| [CVE-2006-1095] Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
18045| [CVE-2006-1079] htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
18046| [CVE-2006-1078] Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included.
18047| [CVE-2006-0743] Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
18048| [CVE-2006-0254] Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.
18049| [CVE-2006-0150] Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username.
18050| [CVE-2006-0144] The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.
18051| [CVE-2006-0042] Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.
18052| [CVE-2005-4857] eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error".
18053| [CVE-2005-4849] Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter of the ACCSEC command and (b) the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information.
18054| [CVE-2005-4836] The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.
18055| [CVE-2005-4814] Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory.
18056| [CVE-2005-4703] Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto.
18057| [CVE-2005-3745] Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message.
18058| [CVE-2005-3630] Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.
18059| [CVE-2005-3510] Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
18060| [CVE-2005-3392] Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
18061| [CVE-2005-3357] mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
18062| [CVE-2005-3352] Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
18063| [CVE-2005-3319] The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
18064| [CVE-2005-3164] The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages.
18065| [CVE-2005-2970] Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
18066| [CVE-2005-2963] The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.
18067| [CVE-2005-2728] The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
18068| [CVE-2005-2660] apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug.
18069| [CVE-2005-2088] The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
18070| [CVE-2005-1754] ** DISPUTED ** JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
18071| [CVE-2005-1753] ** DISPUTED ** ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products."
18072| [CVE-2005-1344] Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
18073| [CVE-2005-1268] Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
18074| [CVE-2005-1266] Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
18075| [CVE-2005-0808] Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
18076| [CVE-2005-0182] The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack.
18077| [CVE-2005-0108] Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument.
18078| [CVE-2004-2734] webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
18079| [CVE-2004-2680] mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
18080| [CVE-2004-2650] Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.
18081| [CVE-2004-2343] ** DISPUTED ** Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict external web access, and a local user already has the privileges to perform the same operations without using ErrorDocument.
18082| [CVE-2004-2336] Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server.
18083| [CVE-2004-2115] Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request.
18084| [CVE-2004-1834] mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information.
18085| [CVE-2004-1765] Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.
18086| [CVE-2004-1545] UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.
18087| [CVE-2004-1438] The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.
18088| [CVE-2004-1405] MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
18089| [CVE-2004-1404] Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
18090| [CVE-2004-1387] The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
18091| [CVE-2004-1084] Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
18092| [CVE-2004-1083] Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization.
18093| [CVE-2004-1082] mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
18094| [CVE-2004-0942] Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
18095| [CVE-2004-0940] Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
18096| [CVE-2004-0885] The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
18097| [CVE-2004-0811] Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
18098| [CVE-2004-0809] The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
18099| [CVE-2004-0786] The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
18100| [CVE-2004-0751] The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).
18101| [CVE-2004-0748] mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.
18102| [CVE-2004-0747] Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
18103| [CVE-2004-0700] Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function.
18104| [CVE-2004-0646] Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields.
18105| [CVE-2004-0529] The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
18106| [CVE-2004-0493] The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
18107| [CVE-2004-0492] Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
18108| [CVE-2004-0490] cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
18109| [CVE-2004-0488] Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
18110| [CVE-2004-0263] PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
18111| [CVE-2004-0174] Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."
18112| [CVE-2004-0173] Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences.
18113| [CVE-2004-0113] Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
18114| [CVE-2004-0009] Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user.
18115| [CVE-2003-1581] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
18116| [CVE-2003-1580] The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
18117| [CVE-2003-1573] The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages."
18118| [CVE-2003-1521] Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
18119| [CVE-2003-1516] The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
18120| [CVE-2003-1502] mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges.
18121| [CVE-2003-1418] Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child proccess IDs (PID).
18122| [CVE-2003-1307] ** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP."
18123| [CVE-2003-1172] Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.
18124| [CVE-2003-1171] Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data.
18125| [CVE-2003-1138] The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
18126| [CVE-2003-1054] mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.
18127| [CVE-2003-0993] mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
18128| [CVE-2003-0987] mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
18129| [CVE-2003-0866] The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
18130| [CVE-2003-0844] mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
18131| [CVE-2003-0843] Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header.
18132| [CVE-2003-0789] mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
18133| [CVE-2003-0771] Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.
18134| [CVE-2003-0658] Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
18135| [CVE-2003-0542] Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
18136| [CVE-2003-0460] The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.
18137| [CVE-2003-0254] Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
18138| [CVE-2003-0253] The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
18139| [CVE-2003-0249] ** DISPUTED ** PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report."
18140| [CVE-2003-0245] Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
18141| [CVE-2003-0192] Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.
18142| [CVE-2003-0189] The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.
18143| [CVE-2003-0134] Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.
18144| [CVE-2003-0132] A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
18145| [CVE-2003-0083] Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.
18146| [CVE-2003-0020] Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
18147| [CVE-2003-0017] Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.
18148| [CVE-2003-0016] Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
18149| [CVE-2002-2310] ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.
18150| [CVE-2002-2309] php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
18151| [CVE-2002-2272] Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
18152| [CVE-2002-2103] Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
18153| [CVE-2002-2029] PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
18154| [CVE-2002-2012] Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.
18155| [CVE-2002-2009] Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
18156| [CVE-2002-2008] Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
18157| [CVE-2002-2007] The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.
18158| [CVE-2002-2006] The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
18159| [CVE-2002-1895] The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN.
18160| [CVE-2002-1850] mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.
18161| [CVE-2002-1793] HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.
18162| [CVE-2002-1658] Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.
18163| [CVE-2002-1635] The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin.
18164| [CVE-2002-1593] mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
18165| [CVE-2002-1592] The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.
18166| [CVE-2002-1567] Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.
18167| [CVE-2002-1394] Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
18168| [CVE-2002-1233] A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
18169| [CVE-2002-1157] Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840.
18170| [CVE-2002-1156] Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled.
18171| [CVE-2002-1148] The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
18172| [CVE-2002-0935] Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
18173| [CVE-2002-0843] Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
18174| [CVE-2002-0840] Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.
18175| [CVE-2002-0839] The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
18176| [CVE-2002-0682] Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
18177| [CVE-2002-0661] Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
18178| [CVE-2002-0658] OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
18179| [CVE-2002-0654] Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs when a script (child process) cannot be invoked.
18180| [CVE-2002-0653] Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
18181| [CVE-2002-0513] The PHP administration script in popper_mod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator.
18182| [CVE-2002-0493] Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
18183| [CVE-2002-0392] Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
18184| [CVE-2002-0259] InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.
18185| [CVE-2002-0249] PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
18186| [CVE-2002-0240] PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
18187| [CVE-2002-0082] The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.
18188| [CVE-2002-0061] Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
18189| [CVE-2001-1556] The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.
18190| [CVE-2001-1534] mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.
18191| [CVE-2001-1510] Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
18192| [CVE-2001-1449] The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
18193| [CVE-2001-1385] The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
18194| [CVE-2001-1342] Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
18195| [CVE-2001-1217] Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
18196| [CVE-2001-1216] Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page.
18197| [CVE-2001-1072] Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.
18198| [CVE-2001-1013] Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
18199| [CVE-2001-0925] The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
18200| [CVE-2001-0829] A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
18201| [CVE-2001-0766] Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
18202| [CVE-2001-0731] Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
18203| [CVE-2001-0730] split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
18204| [CVE-2001-0729] Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
18205| [CVE-2001-0590] Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
18206| [CVE-2001-0131] htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
18207| [CVE-2001-0108] PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
18208| [CVE-2001-0042] PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.
18209| [CVE-2000-1247] The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI.
18210| [CVE-2000-1210] Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
18211| [CVE-2000-1206] Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files.
18212| [CVE-2000-1205] Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant.
18213| [CVE-2000-1204] Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.
18214| [CVE-2000-1168] IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
18215| [CVE-2000-1016] The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
18216| [CVE-2000-0913] mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
18217| [CVE-2000-0883] The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
18218| [CVE-2000-0869] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary diretories via the PROPFIND HTTP request method.
18219| [CVE-2000-0868] The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
18220| [CVE-2000-0791] Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.
18221| [CVE-2000-0760] The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
18222| [CVE-2000-0759] Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
18223| [CVE-2000-0628] The source.asp example script in the Apache ASP module Apache::ASP 1.93 and earlier allows remote attackers to modify files.
18224| [CVE-2000-0505] The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
18225| [CVE-1999-1412] A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
18226| [CVE-1999-1293] mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
18227| [CVE-1999-1237] Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
18228| [CVE-1999-1199] Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
18229| [CVE-1999-1053] guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
18230| [CVE-1999-0926] Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
18231| [CVE-1999-0678] A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
18232| [CVE-1999-0448] IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
18233| [CVE-1999-0289] The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
18234| [CVE-1999-0236] ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
18235| [CVE-1999-0107] Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
18236| [CVE-1999-0071] Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
18237|
18238| SecurityFocus - https://www.securityfocus.com/bid/:
18239| [104554] Apache HBase CVE-2018-8025 Security Bypass Vulnerability
18240| [104465] Apache Geode CVE-2017-15695 Remote Code Execution Vulnerability
18241| [104418] Apache Storm CVE-2018-8008 Arbitrary File Write Vulnerability
18242| [104399] Apache Storm CVE-2018-1332 User Impersonation Vulnerability
18243| [104348] Apache UIMA CVE-2017-15691 XML External Entity Injection Vulnerability
18244| [104313] Apache NiFi XML External Entity Injection and Denial of Service Vulnerability
18245| [104259] Apache Geode CVE-2017-12622 Authorization Bypass Vulnerability
18246| [104257] Apache Sling XSS Protection API CVE-2017-15717 Cross Site Scripting Vulnerability
18247| [104253] Apache ZooKeeper CVE-2018-8012 Security Bypass Vulnerability
18248| [104252] Apache Batik CVE-2018-8013 Information Disclosure Vulnerability
18249| [104239] Apache Solr CVE-2018-8010 XML External Entity Multiple Information Disclosure Vulnerabilities
18250| [104215] Apache ORC CVE-2018-8015 Denial of Service Vulnerability
18251| [104203] Apache Tomcat CVE-2018-8014 Security Bypass Vulnerability
18252| [104161] Apache Ambari CVE-2018-8003 Directory Traversal Vulnerability
18253| [104140] Apache Derby CVE-2018-1313 Security Bypass Vulnerability
18254| [104135] Apache Tika CVE-2018-1338 Denial of Service Vulnerability
18255| [104008] Apache Fineract CVE-2018-1291 SQL Injection Vulnerability
18256| [104007] Apache Fineract CVE-2018-1292 SQL Injection Vulnerability
18257| [104005] Apache Fineract CVE-2018-1289 SQL Injection Vulnerability
18258| [104001] Apache Tika CVE-2018-1335 Remote Command Injection Vulnerability
18259| [103975] Apache Fineract CVE-2018-1290 SQL Injection Vulnerability
18260| [103974] Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
18261| [103772] Apache Traffic Server CVE-2017-7671 Denial of Service Vulnerability
18262| [103770] Apache Traffic Server CVE-2017-5660 Security Bypass Vulnerability
18263| [103751] Apache Hive CVE-2018-1282 SQL Injection Vulnerability
18264| [103750] Apache Hive CVE-2018-1284 Security Bypass Vulnerability
18265| [103692] Apache Ignite CVE-2018-1295 Arbitrary Code Execution Vulnerability
18266| [103528] Apache HTTP Server CVE-2018-1302 Denial of Service Vulnerability
18267| [103525] Apache HTTP Server CVE-2017-15715 Remote Security Bypass Vulnerability
18268| [103524] Apache HTTP Server CVE-2018-1312 Remote Security Bypass Vulnerability
18269| [103522] Apache HTTP Server CVE-2018-1303 Denial of Service Vulnerability
18270| [103520] Apache HTTP Server CVE-2018-1283 Remote Security Vulnerability
18271| [103516] Apache Struts CVE-2018-1327 Denial of Service Vulnerability
18272| [103515] Apache HTTP Server CVE-2018-1301 Denial of Service Vulnerability
18273| [103512] Apache HTTP Server CVE-2017-15710 Denial of Service Vulnerability
18274| [103508] Apache Syncope CVE-2018-1321 Multiple Remote Code Execution Vulnerabilities
18275| [103507] Apache Syncope CVE-2018-1322 Multiple Information Disclosure Vulnerabilities
18276| [103490] Apache Commons Compress CVE-2018-1324 Multiple Denial Of Service Vulnerabilities
18277| [103434] APACHE Allura CVE-2018-1319 HTTP Response Splitting Vulnerability
18278| [103389] Apache Tomcat JK Connector CVE-2018-1323 Directory Traversal Vulnerability
18279| [103222] Apache CloudStack CVE-2013-4317 Information Disclosure Vulnerability
18280| [103219] Apache Xerces-C CVE-2017-12627 Null Pointer Dereference Denial of Service Vulnerability
18281| [103206] Apache Geode CVE-2017-15693 Remote Code Execution Vulnerability
18282| [103205] Apache Geode CVE-2017-15692 Remote Code Execution Vulnerability
18283| [103170] Apache Tomcat CVE-2018-1304 Security Bypass Vulnerability
18284| [103144] Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
18285| [103102] Apache Oozie CVE-2017-15712 Information Disclosure Vulnerability
18286| [103098] Apache Karaf CVE-2016-8750 LDAP Injection Vulnerability
18287| [103069] Apache Tomcat CVE-2017-15706 Remote Security Weakness
18288| [103068] Apache JMeter CVE-2018-1287 Security Bypass Vulnerability
18289| [103067] Apache Qpid Dispatch Router 'router_core/connections.c' Denial of Service Vulnerability
18290| [103036] Apache CouchDB CVE-2017-12636 Remote Code Execution Vulnerability
18291| [103025] Apache Thrift CVE-2016-5397 Remote Command Injection Vulnerability
18292| [102879] Apache POI CVE-2017-12626 Multiple Denial of Service Vulnerabilities
18293| [102842] Apache NiFi CVE-2017-12632 Host Header Injection Vulnerability
18294| [102815] Apache NiFi CVE-2017-15697 Multiple Cross Site Scripting Vulnerabilities
18295| [102488] Apache Geode CVE-2017-9795 Remote Code Execution Vulnerability
18296| [102229] Apache Sling CVE-2017-15700 Information Disclosure Vulnerability
18297| [102226] Apache Drill CVE-2017-12630 Cross Site Scripting Vulnerability
18298| [102154] Multiple Apache Products CVE-2017-15708 Remote Code Execution Vulnerability
18299| [102127] Apache CXF Fediz CVE-2017-12631 Multiple Cross Site Request Forgery Vulnerabilities
18300| [102041] Apache Qpid Broker-J CVE-2017-15701 Denial of Service Vulnerability
18301| [102040] Apache Qpid Broker CVE-2017-15702 Security Weakness
18302| [102021] Apache Struts CVE-2017-15707 Denial of Service Vulnerability
18303| [101980] EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability
18304| [101876] Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
18305| [101874] Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
18306| [101872] Apache Karaf CVE-2014-0219 Local Denial of Service Vulnerability
18307| [101868] Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
18308| [101859] Apache CXF CVE-2017-12624 Denial of Service Vulnerability
18309| [101844] Apache Sling Servlets Post CVE-2017-11296 Cross Site Scripting Vulnerability
18310| [101686] Apache Hive CVE-2017-12625 Information Disclosure Vulnerability
18311| [101644] Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
18312| [101631] Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
18313| [101630] Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
18314| [101625] Apache jUDDI CVE-2009-1197 Security Bypass Vulnerability
18315| [101623] Apache jUDDI CVE-2009-1198 Cross Site Scripting Vulnerability
18316| [101620] Apache Subversion 'libsvn_fs_fs/fs_fs.c' Denial of Service Vulnerability
18317| [101585] Apache OpenOffice Multiple Remote Code Execution Vulnerabilities
18318| [101577] Apache Wicket CVE-2016-6806 Cross Site Request Forgery Vulnerability
18319| [101575] Apache Wicket CVE-2014-0043 Information Disclosure Vulnerability
18320| [101570] Apache Geode CVE-2017-9797 Information Disclosure Vulnerability
18321| [101562] Apache Derby CVE-2010-2232 Arbitrary File Overwrite Vulnerability
18322| [101560] Apache Portable Runtime Utility CVE-2017-12613 Multiple Information Disclosure Vulnerabilities
18323| [101558] Apache Portable Runtime Utility Local Out-of-Bounds Read Denial of Service Vulnerability
18324| [101532] Apache James CVE-2017-12628 Arbitrary Command Execution Vulnerability
18325| [101516] Apache HTTP Server CVE-2017-12171 Security Bypass Vulnerability
18326| [101261] Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities
18327| [101230] Apache Roller CVE-2014-0030 XML External Entity Injection Vulnerability
18328| [101173] Apache IMPALA CVE-2017-9792 Information Disclosure Vulnerability
18329| [101052] Apache Commons Jelly CVE-2017-12621 Security Bypass Vulnerability
18330| [101027] Apache Mesos CVE-2017-7687 Denial of Service Vulnerability
18331| [101023] Apache Mesos CVE-2017-9790 Denial of Service Vulnerability
18332| [100954] Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
18333| [100946] Apache Wicket CVE-2014-7808 Cross Site Request Forgery Vulnerability
18334| [100901] Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
18335| [100897] Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
18336| [100880] Apache Directory LDAP API CVE-2015-3250 Unspecified Information Disclosure Vulnerability
18337| [100872] Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
18338| [100870] Apache Solr CVE-2017-9803 Remote Privilege Escalation Vulnerability
18339| [100859] puppetlabs-apache CVE-2017-2299 Information Disclosure Vulnerability
18340| [100829] Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability
18341| [100823] Apache Spark CVE-2017-12612 Deserialization Remote Code Execution Vulnerability
18342| [100612] Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
18343| [100611] Apache Struts CVE-2017-9793 Denial of Service Vulnerability
18344| [100609] Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
18345| [100587] Apache Atlas CVE-2017-3155 Cross Frame Scripting Vulnerability
18346| [100581] Apache Atlas CVE-2017-3154 Information Disclosure Vulnerability
18347| [100578] Apache Atlas CVE-2017-3153 Cross Site Scripting Vulnerability
18348| [100577] Apache Atlas CVE-2017-3152 Cross Site Scripting Vulnerability
18349| [100547] Apache Atlas CVE-2017-3151 HTML Injection Vulnerability
18350| [100536] Apache Atlas CVE-2017-3150 Cross Site Scripting Vulnerability
18351| [100449] Apache Pony Mail CVE-2016-4460 Authentication Bypass Vulnerability
18352| [100447] Apache2Triad Multiple Security Vulnerabilities
18353| [100284] Apache Sling Servlets Post CVE-2017-9802 Cross Site Scripting Vulnerability
18354| [100280] Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
18355| [100259] Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
18356| [100256] Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
18357| [100235] Apache Storm CVE-2017-9799 Remote Code Execution Vulnerability
18358| [100082] Apache Commons Email CVE-2017-9801 SMTP Header Injection Vulnerability
18359| [99873] Apache Sling XSS Protection API CVE-2016-6798 XML External Entity Injection Vulnerability
18360| [99870] Apache Sling API CVE-2016-5394 Cross Site Scripting Vulnerability
18361| [99603] Apache Spark CVE-2017-7678 Cross Site Scripting Vulnerability
18362| [99592] Apache OpenMeetings CVE-2017-7685 Security Bypass Vulnerability
18363| [99587] Apache OpenMeetings CVE-2017-7673 Security Bypass Vulnerability
18364| [99586] Apache OpenMeetings CVE-2017-7688 Security Bypass Vulnerability
18365| [99584] Apache OpenMeetings CVE-2017-7684 Denial of Service Vulnerability
18366| [99577] Apache OpenMeetings CVE-2017-7663 Cross Site Scripting Vulnerability
18367| [99576] Apache OpenMeetings CVE-2017-7664 XML External Entity Injection Vulnerability
18368| [99569] Apache HTTP Server CVE-2017-9788 Memory Corruption Vulnerability
18369| [99568] Apache HTTP Server CVE-2017-9789 Denial of Service Vulnerability
18370| [99563] Apache Struts CVE-2017-7672 Denial of Service Vulnerability
18371| [99562] Apache Struts Spring AOP Functionality Denial of Service Vulnerability
18372| [99509] Apache Impala CVE-2017-5652 Information Disclosure Vulnerability
18373| [99508] Apache IMPALA CVE-2017-5640 Authentication Bypass Vulnerability
18374| [99486] Apache Traffic Control CVE-2017-7670 Denial of Service Vulnerability
18375| [99485] Apache Solr CVE-2017-7660 Security Bypass Vulnerability
18376| [99484] Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability
18377| [99292] Apache Ignite CVE-2017-7686 Information Disclosure Vulnerability
18378| [99170] Apache HTTP Server CVE-2017-7679 Buffer Overflow Vulnerability
18379| [99137] Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
18380| [99135] Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability
18381| [99134] Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability
18382| [99132] Apache HTTP Server CVE-2017-7659 Denial of Service Vulnerability
18383| [99112] Apache Thrift CVE-2015-3254 Denial of Service Vulnerability
18384| [99067] Apache Ranger CVE-2016-8751 HTML Injection Vulnerability
18385| [99018] Apache NiFi CVE-2017-7667 Cross Frame Scripting Vulnerability
18386| [99009] Apache NiFi CVE-2017-7665 Cross Site Scripting Vulnerability
18387| [98961] Apache Ranger CVE-2017-7677 Security Bypass Vulnerability
18388| [98958] Apache Ranger CVE-2017-7676 Security Bypass Vulnerability
18389| [98888] Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
18390| [98814] Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability
18391| [98795] Apache Hadoop CVE-2017-7669 Remote Privilege Escalation Vulnerability
18392| [98739] Apache Knox CVE-2017-5646 User Impersonation Vulnerability
18393| [98669] Apache Hive CVE-2016-3083 Security Bypass Vulnerability
18394| [98646] Apache Atlas CVE-2016-8752 Information Disclosure Vulnerability
18395| [98570] Apache Archiva CVE-2017-5657 Multiple Cross-Site Request Forgery Vulnerabilities
18396| [98489] Apache CXF Fediz CVE-2017-7661 Multiple Cross Site Request Forgery Vulnerabilities
18397| [98485] Apache CXF Fediz CVE-2017-7662 Cross Site Request Forgery Vulnerability
18398| [98466] Apache Ambari CVE-2017-5655 Insecure Temporary File Handling Vulnerability
18399| [98365] Apache Cordova For Android CVE-2016-6799 Information Disclosure Vulnerability
18400| [98025] Apache Hadoop CVE-2017-3161 Cross Site Scripting Vulnerability
18401| [98017] Apache Hadoop CVE-2017-3162 Input Validation Vulnerability
18402| [97971] Apache CXF CVE-2017-5656 Information Disclosure Vulnerability
18403| [97968] Apache CXF CVE-2017-5653 Spoofing Vulnerability
18404| [97967] Apache ActiveMQ CVE-2015-7559 Denial of Service Vulnerability
18405| [97949] Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
18406| [97948] Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
18407| [97947] Apache FOP CVE-2017-5661 XML External Entity Information Disclosure Vulnerability
18408| [97945] Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
18409| [97702] Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
18410| [97582] Apache CXF CVE-2016-6812 Cross Site Scripting Vulnerability
18411| [97579] Apache CXF JAX-RS CVE-2016-8739 XML External Entity Injection Vulnerability
18412| [97544] Apache Tomcat CVE-2017-5651 Information Disclosure Vulnerability
18413| [97531] Apache Tomcat CVE-2017-5650 Denial of Service Vulnerability
18414| [97530] Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
18415| [97509] Apache Ignite CVE-2016-6805 Information Disclosure and XML External Entity Injection Vulnerabilities
18416| [97383] Apache Flex BlazeDS CVE-2017-5641 Remote Code Execution Vulnerability
18417| [97378] Apache Geode CVE-2017-5649 Information Disclosure Vulnerability
18418| [97229] Apache Ambari CVE-2016-4976 Local Information Disclosure Vulnerability
18419| [97226] Apache Camel CVE-2017-5643 Server Side Request Forgery Security Bypass Vulnerability
18420| [97184] Apache Ambari CVE-2016-6807 Remote Command Execution Vulnerability
18421| [97179] Apache Camel CVE-2016-8749 Java Deserialization Multiple Remote Code Execution Vulnerabilities
18422| [96983] Apache POI CVE-2017-5644 Denial Of Service Vulnerability
18423| [96895] Apache Tomcat CVE-2016-8747 Information Disclosure Vulnerability
18424| [96731] Apache NiFi CVE-2017-5636 Remote Code Injection Vulnerability
18425| [96730] Apache NiFi CVE-2017-5635 Security Bypass Vulnerability
18426| [96729] Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
18427| [96540] IBM Development Package for Apache Spark CVE-2016-4970 Denial of Service Vulnerability
18428| [96398] Apache CXF CVE-2017-3156 Information Disclosure Vulnerability
18429| [96321] Apache Camel CVE-2017-3159 Remote Code Execution Vulnerability
18430| [96293] Apache Tomcat 'http11/AbstractInputBuffer.java' Denial of Service Vulnerability
18431| [96228] Apache Brooklyn Cross Site Request Forgery and Multiple Cross Site Scripting Vulnerabilities
18432| [95998] Apache Ranger CVE-2016-8746 Security Bypass Vulnerability
18433| [95929] Apache Groovy CVE-2016-6497 Information Disclosure Vulnerability
18434| [95838] Apache Cordova For Android CVE-2017-3160 Man in the Middle Security Bypass Vulnerability
18435| [95675] Apache Struts Remote Code Execution Vulnerability
18436| [95621] Apache NiFi CVE-2106-8748 Cross Site Scripting Vulnerability
18437| [95429] Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
18438| [95335] Apache Hadoop CVE-2016-3086 Information Disclosure Vulnerability
18439| [95168] Apache Wicket CVE-2016-6793 Denial of Service Vulnerability
18440| [95136] Apache Qpid Broker for Java CVE-2016-8741 Remote Information Disclosure Vulnerability
18441| [95078] Apache HTTP Server CVE-2016-0736 Remote Security Vulnerability
18442| [95077] Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability
18443| [95076] Apache HTTP Server CVE-2016-2161 Denial of Service Vulnerability
18444| [95020] Apache Tika CVE-2015-3271 Remote Information Disclosure Vulnerability
18445| [94950] Apache Hadoop CVE-2016-5001 Local Information Disclosure Vulnerability
18446| [94882] Apache ActiveMQ CVE-2016-6810 HTML Injection Vulnerability
18447| [94828] Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
18448| [94766] Apache CouchDB CVE-2016-8742 Local Privilege Escalation Vulnerability
18449| [94657] Apache Struts CVE-2016-8738 Denial of Service Vulnerability
18450| [94650] Apache HTTP Server CVE-2016-8740 Denial of Service Vulnerability
18451| [94588] Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
18452| [94513] Apache Karaf CVE-2016-8648 Remote Code Execution Vulnerability
18453| [94463] Apache Tomcat CVE-2016-8735 Remote Code Execution Vulnerability
18454| [94462] Apache Tomcat CVE-2016-6817 Denial of Service Vulnerability
18455| [94461] Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability
18456| [94418] Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability
18457| [94247] Apache Tika CVE-2016-6809 Remote Code Execution Vulnerability
18458| [94221] Apache Ranger CVE-2016-6815 Local Privilege Escalation Vulnerability
18459| [94145] Apache OpenMeetings CVE-2016-8736 Remote Code Execution Vulnerability
18460| [93945] Apache CloudStack CVE-2016-6813 Authorization Bypass Vulnerability
18461| [93944] Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
18462| [93943] Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
18463| [93942] Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
18464| [93940] Apache Tomcat CVE-2016-6797 Security Bypass Vulnerability
18465| [93939] Apache Tomcat CVE-2016-0762 Information Disclosure Vulnerability
18466| [93774] Apache OpenOffice CVE-2016-6804 DLL Loading Remote Code Execution Vulnerability
18467| [93773] Apache Struts CVE-2016-6795 Directory Traversal Vulnerability
18468| [93478] Apache Tomcat CVE-2016-6325 Local Privilege Escalation Vulnerability
18469| [93472] Apache Tomcat CVE-2016-5425 Insecure File Permissions Vulnerability
18470| [93429] Apache Tomcat JK Connector CVE-2016-6808 Remote Buffer Overflow Vulnerability
18471| [93263] Apache Tomcat CVE-2016-1240 Local Privilege Escalation Vulnerability
18472| [93236] Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
18473| [93142] Apache ActiveMQ Artemis CVE-2016-4978 Remote Code Execution Vulnerability
18474| [93132] Apache Derby CVE-2015-1832 XML External Entity Information Disclosure Vulnerability
18475| [93044] Apache Zookeeper CVE-2016-5017 Buffer Overflow Vulnerability
18476| [92966] Apache Jackrabbit CVE-2016-6801 Cross-Site Request Forgery Vulnerability
18477| [92947] Apache Shiro CVE-2016-6802 Remote Security Bypass Vulnerability
18478| [92905] Apache CXF Fediz CVE-2016-4464 Security Bypass Vulnerability
18479| [92577] Apache Ranger CVE-2016-5395 HTML Injection Vulnerability
18480| [92331] Apache HTTP Server CVE-2016-1546 Remote Denial of Service Vulnerability
18481| [92328] Apache Hive CVE-2016-0760 Multiple Remote Code Execution Vulnerabilities
18482| [92320] Apache APR-util and httpd CVE-2016-6312 Denial of Service Vulnerability
18483| [92100] Apache POI CVE-2016-5000 XML External Entity Injection Vulnerability
18484| [92079] Apache OpenOffice CVE-2016-1513 Remote Code Execution Vulnerability
18485| [91818] Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
18486| [91816] Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
18487| [91788] Apache Qpid Proton CVE-2016-4467 Certificate Verification Security Bypass Vulnerability
18488| [91738] Apache XML-RPC CVE-2016-5003 Remote Code Execution Vulnerability
18489| [91736] Apache XML-RPC Multiple Security Vulnerabilities
18490| [91707] Apache Archiva CVE-2016-5005 HTML Injection Vulnerability
18491| [91703] Apache Archiva CVE-2016-4469 Multiple Cross-Site Request Forgery Vulnerabilities
18492| [91566] Apache HTTP Server CVE-2016-4979 Authentication Bypass Vulnerability
18493| [91537] Apache QPID CVE-2016-4974 Deserialization Security Bypass Vulnerability
18494| [91501] Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
18495| [91453] Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
18496| [91284] Apache Struts CVE-2016-4431 Security Bypass Vulnerability
18497| [91282] Apache Struts CVE-2016-4433 Security Bypass Vulnerability
18498| [91281] Apache Struts CVE-2016-4430 Cross-Site Request Forgery Vulnerability
18499| [91280] Apache Struts CVE-2016-4436 Security Bypass Vulnerability
18500| [91278] Apache Struts CVE-2016-4465 Denial of Service Vulnerability
18501| [91277] Apache Struts Incomplete Fix Remote Code Execution Vulnerability
18502| [91275] Apache Struts CVE-2016-4438 Remote Code Execution Vulnerability
18503| [91217] Apache Continuum 'saveInstallation.action' Command Execution Vulnerability
18504| [91141] Apache CloudStack CVE-2016-3085 Authentication Bypass Vulnerability
18505| [91068] Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
18506| [91067] Apache Struts CVE-2016-1182 Security Bypass Vulnerability
18507| [91024] Apache Shiro CVE-2016-4437 Information Disclosure Vulnerability
18508| [90988] Apache Ranger CVE-2016-2174 SQL Injection Vulnerability
18509| [90961] Apache Struts CVE-2016-3093 Denial of Service Vulnerability
18510| [90960] Apache Struts CVE-2016-3087 Remote Code Execution Vulnerability
18511| [90921] Apache Qpid CVE-2016-4432 Authentication Bypass Vulnerability
18512| [90920] Apache Qpid CVE-2016-3094 Denial of Service Vulnerability
18513| [90902] Apache PDFBox CVE-2016-2175 XML External Entity Injection Vulnerability
18514| [90897] Apache Tika CVE-2016-4434 XML External Entity Injection Vulnerability
18515| [90827] Apache ActiveMQ CVE-2016-3088 Multiple Arbitrary File Upload Vulnerabilities
18516| [90755] Apache Ambari CVE-2016-0707 Multiple Local Information Disclosure Vulnerabilities
18517| [90482] Apache CVE-2004-1387 Local Security Vulnerability
18518| [89762] Apache CVE-2001-1556 Remote Security Vulnerability
18519| [89417] Apache Subversion CVE-2016-2167 Authentication Bypass Vulnerability
18520| [89326] RETIRED: Apache Subversion CVE-2016-2167 Security Bypass Vulnerability
18521| [89320] Apache Subversion CVE-2016-2168 Remote Denial of Service Vulnerability
18522| [88826] Apache Struts CVE-2016-3082 Remote Code Execution Vulnerability
18523| [88797] Apache Cordova For iOS CVE-2015-5208 Arbitrary Code Execution Vulnerability
18524| [88764] Apache Cordova iOS CVE-2015-5207 Multiple Security Bypass Vulnerabilities
18525| [88701] Apache CVE-2001-1449 Remote Security Vulnerability
18526| [88635] Apache CVE-2000-1204 Remote Security Vulnerability
18527| [88590] Apache WWW server CVE-1999-1199 Denial-Of-Service Vulnerability
18528| [88496] Apache CVE-2000-1206 Remote Security Vulnerability
18529| [87828] Apache CVE-1999-1237 Remote Security Vulnerability
18530| [87784] Apache CVE-1999-1293 Denial-Of-Service Vulnerability
18531| [87327] Apache Struts CVE-2016-3081 Remote Code Execution Vulnerability
18532| [86622] Apache Stats CVE-2007-0975 Remote Security Vulnerability
18533| [86399] Apache CVE-2007-1743 Local Security Vulnerability
18534| [86397] Apache CVE-2007-1742 Local Security Vulnerability
18535| [86311] Apache Struts CVE-2016-4003 Cross Site Scripting Vulnerability
18536| [86174] Apache Wicket CVE-2015-5347 Cross Site Scripting Vulnerability
18537| [85971] Apache OFBiz CVE-2016-2170 Java Deserialization Remote Code Execution Vulnerability
18538| [85967] Apache OFBiz CVE-2015-3268 HTML Injection Vulnerability
18539| [85759] Apache Jetspeed CVE-2016-2171 Unauthorized Access Vulnerability
18540| [85758] Apache Jetspeed CVE-2016-0712 Cross Site Scripting Vulnerability
18541| [85756] Apache Jetspeed CVE-2016-0710 Multiple SQL Injection Vulnerabilities
18542| [85755] Apache Jetspeed CVE-2016-0711 Mulitple HTML Injection Vulnerabilities
18543| [85754] Apache Jetspeed CVE-2016-0709 Directory Traversal Vulnerability
18544| [85730] Apache Subversion CVE-2015-5343 Integer Overflow Vulnerability
18545| [85691] Apache Ranger CVE-2016-0735 Security Bypass Vulnerability
18546| [85578] Apache ActiveMQ CVE-2010-1244 Cross-Site Request Forgery Vulnerability
18547| [85554] Apache OpenMeetings CVE-2016-2164 Multiple Information Disclosure Vulnerabilities
18548| [85553] Apache OpenMeetings CVE-2016-0783 Information Disclosure Vulnerability
18549| [85552] Apache OpenMeetings CVE-2016-2163 HTML Injection Vulnerability
18550| [85550] Apache OpenMeetings CVE-2016-0784 Directory Traversal Vulnerability
18551| [85386] Apache Hadoop CVE-2015-7430 Local Privilege Escalation Vulnerability
18552| [85377] Apache Qpid Proton Python API CVE-2016-2166 Man in the Middle Security Bypass Vulnerability
18553| [85205] Apache Solr CVE-2015-8796 Cross Site Scripting Vulnerability
18554| [85203] Apache Solr CVE-2015-8795 Mulitple HTML Injection Vulnerabilities
18555| [85163] Apache Geronimo CVE-2008-0732 Local Security Vulnerability
18556| [85131] Apache Struts 'TextParseUtil.translateVariables()' Method Remote Code Execution Vulnerability
18557| [85070] Apache Struts CVE-2016-2162 Cross Site Scripting Vulnerability
18558| [85066] Apache Struts CVE-2016-0785 Remote Code Execution Vulnerability
18559| [84422] Apache TomEE CVE-2016-0779 Unspecified Security Vulnerability
18560| [84321] Apache ActiveMQ CVE-2016-0734 Clickjacking Vulnerability
18561| [84316] Apache ActiveMQ CVE-2016-0782 Multiple Cross Site Scripting Vulnerabilities
18562| [83910] Apache Wicket CVE-2015-7520 Cross Site Scripting Vulnerability
18563| [83423] Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
18564| [83330] Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
18565| [83329] Apache Tomcat CVE-2015-5174 Directory Traversal Vulnerability
18566| [83328] Apache Tomcat CVE-2015-5345 Directory Traversal Vulnerability
18567| [83327] Apache Tomcat Security Manager CVE-2016-0714 Remote Code Execution Vulnerability
18568| [83326] Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
18569| [83324] Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability
18570| [83323] Apache Tomcat CVE-2015-5346 Session Fixation Vulnerability
18571| [83259] Apache Hadoop CVE-2015-1776 Information Disclosure Vulnerability
18572| [83243] Apache Solr CVE-2015-8797 Cross Site Scripting Vulnerability
18573| [83119] Apache Sling CVE-2016-0956 Information Disclosure Vulnerability
18574| [83002] Apache CVE-2000-1205 Cross-Site Scripting Vulnerability
18575| [82871] Apache Ranger Authentication Bypass and Security Bypass Vulnerabilities
18576| [82800] Apache CloudStack CVE-2015-3251 Information Disclosure Vulnerability
18577| [82798] Apache CloudStack CVE-2015-3252 Authentication Bypass Vulnerability
18578| [82732] Apache Gallery CVE-2003-0771 Local Security Vulnerability
18579| [82676] Apache CVE-2003-1581 Cross-Site Scripting Vulnerability
18580| [82550] Apache Struts CVE-2015-5209 Security Bypass Vulnerability
18581| [82300] Apache Subversion CVE-2015-5259 Integer Overflow Vulnerability
18582| [82260] Apache Camel CVE-2015-5344 Remote Code Execution Vulnerability
18583| [82234] Apache Hive CVE-2015-7521 Security Bypass Vulnerability
18584| [82082] Apache CVE-1999-0289 Remote Security Vulnerability
18585| [81821] Apache Distribution for Solaris CVE-2007-2080 SQL-Injection Vulnerability
18586| [80696] Apache Camel CVE-2015-5348 Information Disclosure Vulnerability
18587| [80525] Apache CVE-2003-1580 Remote Security Vulnerability
18588| [80354] Drupal Apache Solr Search Module Access Bypass Vulnerability
18589| [80193] Apache CVE-1999-0107 Denial-Of-Service Vulnerability
18590| [79812] Apache Directory Studio CVE-2015-5349 Command Injection Vulnerability
18591| [79744] Apache HBase CVE-2015-1836 Unauthorized Access Vulnerability
18592| [79204] Apache TomEE 'EjbObjectInputStream' Remote Code Execution Vulnerability
18593| [77679] Apache Cordova For Android CVE-2015-8320 Weak Randomization Security Bypass Vulnerability
18594| [77677] Apache Cordova For Android CVE-2015-5256 Security Bypass Vulnerability
18595| [77591] Apache CXF SAML SSO Processing CVE-2015-5253 Security Bypass Vulnerability
18596| [77521] Apache Commons Collections 'InvokerTransformer.java' Remote Code Execution Vulnerability
18597| [77110] Apache HttpComponents HttpClient CVE-2015-5262 Denial of Service Vulnerability
18598| [77086] Apache Ambari CVE-2015-1775 Server Side Request Forgery Security Bypass Vulnerability
18599| [77085] Apache Ambari CVE-2015-3270 Remote Privilege Escalation Vulnerability
18600| [77082] Apache Ambari 'targetURI' Parameter Open Redirection Vulnerability
18601| [77059] Apache Ambari CVE-2015-3186 Cross Site Scripting Vulnerability
18602| [76933] Apache James Server Unspecified Command Execution Vulnerability
18603| [76832] Apache cordova-plugin-file-transfer CVE-2015-5204 HTTP Header Injection Vulnerability
18604| [76625] Apache Struts CVE-2015-5169 Cross Site Scripting Vulnerability
18605| [76624] Apache Struts CVE-2015-2992 Cross Site Scripting Vulnerability
18606| [76522] Apache Tapestry CVE-2014-1972 Security Bypass Vulnerability
18607| [76486] Apache CXF Fediz CVE-2015-5175 Denial of Service Vulnerability
18608| [76452] Apache ActiveMQ CVE-2015-1830 Directory Traversal Vulnerability
18609| [76446] Apache Subversion 'libsvn_fs_fs/tree.c' Denial of Service Vulnerability
18610| [76274] Apache Subversion CVE-2015-3184 Information Disclosure Vulnerability
18611| [76273] Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
18612| [76272] Apache ActiveMQ CVE-2014-3576 Denial of Service Vulnerability
18613| [76221] Apache Ranger CVE-2015-0266 Access Bypass Vulnerability
18614| [76208] Apache Ranger CVE-2015-0265 JavaScript Code Injection Vulnerability
18615| [76025] Apache ActiveMQ Artemis CVE-2015-3208 XML External Entity Information Disclosure Vulnerability
18616| [75965] Apache HTTP Server CVE-2015-3185 Security Bypass Vulnerability
18617| [75964] Apache HTTP Server CVE-2015-0253 Remote Denial of Service Vulnerability
18618| [75963] Apache HTTP Server CVE-2015-3183 Security Vulnerability
18619| [75940] Apache Struts CVE-2015-1831 Security Bypass Vulnerability
18620| [75919] Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
18621| [75338] Apache Storm CVE-2015-3188 Remote Code Execution Vulnerability
18622| [75275] Drupal Apache Solr Real-Time Module Access Bypass Vulnerability
18623| [74866] Apache Cordova For Android CVE-2015-1835 Security Bypass Vulnerability
18624| [74839] Apache Sling API and Sling Servlets CVE-2015-2944 Cross Site Scripting Vulnerability
18625| [74761] Apache Jackrabbit CVE-2015-1833 XML External Entity Information Disclosure Vulnerability
18626| [74686] Apache Ambari '/var/lib/ambari-server/ambari-env.sh' Local Privilege Escalation Vulnerability
18627| [74665] Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
18628| [74475] Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
18629| [74423] Apache Struts CVE-2015-0899 Security Bypass Vulnerability
18630| [74338] Apache OpenOffice HWP Filter Memory Corruption Vulnerability
18631| [74265] Apache Tomcat 'mod_jk' CVE-2014-8111 Information Disclosure Vulnerability
18632| [74260] Apache Subversion CVE-2015-0248 Multiple Denial of Service Vulnerabilities
18633| [74259] Apache Subversion 'deadprops.c' Security Bypass Vulnerability
18634| [74204] PHP 'sapi/apache2handler/sapi_apache2.c' Remote Code Execution Vulnerability
18635| [74158] Apache HTTP Server 'protocol.c' Remote Denial of Service Vulnerability
18636| [73954] Apache Flex 'asdoc/templates/index.html' Cross Site Scripting Vulnerability
18637| [73851] Apache2 CVE-2012-0216 Cross-Site Scripting Vulnerability
18638| [73478] Apache Cassandra CVE-2015-0225 Remote Code Execution Vulnerability
18639| [73041] Apache HTTP Server 'mod_lua' Module Denial of Service Vulnerability
18640| [73040] Apache HTTP Server 'mod_lua.c' Local Access Bypass Vulnerability
18641| [72809] Apache Standard Taglibs CVE-2015-0254 XML External Entity Injection Vulnerability
18642| [72717] Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
18643| [72557] Apache WSS4J CVE-2015-0227 Security Bypass Vulnerability
18644| [72553] Apache WSS4J CVE-2015-0226 Information Disclosure Vulnerability
18645| [72513] Apache ActiveMQ CVE-2014-3612 LDAP Authentication Bypass Vulnerability
18646| [72511] Apache ActiveMQ CVE-2014-8110 Multiple Cross Site Scripting Vulnerabilities
18647| [72510] Apache ActiveMQ CVE-2014-3600 XML External Entity Injection Vulnerability
18648| [72508] Apache ActiveMQ Apollo CVE-2014-3579 XML External Entity Injection Vulnerability
18649| [72319] Apache Qpid CVE-2015-0223 Security Bypass Vulnerability
18650| [72317] Apache Qpid CVE-2015-0224 Incomplete Fix Multiple Denial of Service Vulnerabilities
18651| [72115] Apache Santuario 'XML Signature Verification' Security Bypass Vulnerability
18652| [72053] Apache HTTP Server 'mod_remoteip.c' IP Address Spoofing Vulnerability
18653| [72030] Apache Qpid CVE-2015-0203 Multiple Denial of Service Vulnerabilities
18654| [71879] Apache Traffic Server 'HttpTransact.cc' Denial of Service Vulnerability
18655| [71726] Apache Subversion CVE-2014-3580 Remote Denial of Service Vulnerability
18656| [71725] Apache Subversion CVE-2014-8108 Remote Denial of Service Vulnerability
18657| [71657] Apache HTTP Server 'mod_proxy_fcgi' Module Denial of Service Vulnerability
18658| [71656] Apache HTTP Server 'mod_cache' Module Denial of Service Vulnerability
18659| [71548] Apache Struts CVE-2014-7809 Security Bypass Vulnerability
18660| [71466] Apache Hadoop CVE-2014-3627 Information Disclosure Vulnerability
18661| [71353] Apache HTTP Server 'LuaAuthzProvider' Authorization Bypass Vulnerability
18662| [71004] Apache Qpid CVE-2014-3629 XML External Entity Injection Vulnerability
18663| [70970] Apache Traffic Server Cross Site Scripting Vulnerability
18664| [70738] Apache CXF CVE-2014-3584 Denial of Service Vulnerability
18665| [70736] Apache CXF SAML SubjectConfirmation Security Bypass Vulnerability
18666| [69728] Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
18667| [69648] Apache POI CVE-2014-3574 Denial Of Service Vulnerability
18668| [69647] Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
18669| [69351] Apache OpenOffice Calc CVE-2014-3524 Command Injection Vulnerability
18670| [69295] Apache Axis Incomplete Fix CVE-2014-3596 SSL Certificate Validation Security Bypass Vulnerability
18671| [69286] Apache OFBiz CVE-2014-0232 Multiple Cross Site Scripting Vulnerabilities
18672| [69258] Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
18673| [69257] Apache HttpComponents Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
18674| [69248] Apache HTTP Server CVE-2013-4352 Remote Denial of Service Vulnerability
18675| [69237] Apache Subversion CVE-2014-3522 SSL Certificate Validation Information Disclosure Vulnerability
18676| [69173] Apache Traffic Server CVE-2014-3525 Unspecified Security Vulnerability
18677| [69046] Apache Cordova For Android CVE-2014-3502 Information Disclosure Vulnerability
18678| [69041] Apache Cordova For Android CVE-2014-3501 Security Bypass Vulnerability
18679| [69038] Apache Cordova For Android CVE-2014-3500 Security Bypass Vulnerability
18680| [68995] Apache Subversion CVE-2014-3528 Insecure Authentication Weakness
18681| [68966] Apache Subversion 'irkerbridge.py' Local Privilege Escalation Vulnerability
18682| [68965] Apache Subversion 'svnwcsub.py' Local Privilege Escalation Vulnerability
18683| [68863] Apache HTTP Server 'mod_cache' Module Remote Denial of Service Vulnerability
18684| [68747] Apache HTTP Server CVE-2014-3523 Remote Denial of Service Vulnerability
18685| [68745] Apache HTTP Server CVE-2014-0118 Remote Denial of Service Vulnerability
18686| [68742] Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
18687| [68740] Apache HTTP Server CVE-2014-0117 Remote Denial of Service Vulnerability
18688| [68678] Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
18689| [68445] Apache CXF UsernameToken Information Disclosure Vulnerability
18690| [68441] Apache CXF SAML Tokens Validation Security Bypass Vulnerability
18691| [68431] Apache Syncope CVE-2014-3503 Insecure Password Generation Weakness
18692| [68229] Apache Harmony PRNG Entropy Weakness
18693| [68111] Apache 'mod_wsgi' Module Privilege Escalation Vulnerability
18694| [68072] Apache Tomcat CVE-2014-0186 Remote Denial of Service Vulnerability
18695| [68039] Apache Hive CVE-2014-0228 Security Bypass Vulnerability
18696| [67673] Apache Tomcat CVE-2014-0095 AJP Request Remote Denial Of Service Vulnerability
18697| [67671] Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
18698| [67669] Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
18699| [67668] Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
18700| [67667] Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
18701| [67534] Apache 'mod_wsgi' Module CVE-2014-0242 Information Disclosure Vulnerability
18702| [67532] Apache 'mod_wsgi' Module Local Privilege Escalation Vulnerability
18703| [67530] Apache Solr Search Template Cross Site Scripting Vulnerability
18704| [67236] Apache CXF CVE-2014-0109 Remote Denial of Service Vulnerability
18705| [67232] Apache CXF CVE-2014-0110 Denial of Service Vulnerability
18706| [67121] Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
18707| [67081] Apache Struts 'getClass()' Method Security Bypass Vulnerability
18708| [67064] Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
18709| [67013] Apache Zookeeper CVE-2014-0085 Local Information Disclosure Vulnerability
18710| [66998] Apache Archiva CVE-2013-2187 Unspecified Cross Site Scripting Vulnerability
18711| [66991] Apache Archiva CVE-2013-2187 HTML Injection Vulnerability
18712| [66927] Apache Syncope CVE-2014-0111 Remote Code Execution Vulnerability
18713| [66474] Apache CouchDB Universally Unique IDentifier (UUID) Remote Denial of Service Vulnerability
18714| [66397] Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
18715| [66303] Apache HTTP Server Multiple Denial of Service Vulnerabilities
18716| [66041] RETIRED: Apache Struts CVE-2014-0094 Classloader Manipulation Security Bypass Vulnerability
18717| [65999] Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
18718| [65967] Apache Cordova File-Transfer Unspecified Security Vulnerability
18719| [65959] Apache Cordova InAppBrowser Remote Privilege Escalation Vulnerability
18720| [65935] Apache Shiro 'login.jsp' Authentication Bypass Vulnerability
18721| [65902] Apache Camel CVE-2014-0003 Remote Code Execution Vulnerability
18722| [65901] Apache Camel CVE-2014-0002 XML External Entity Information Disclosure Vulnerability
18723| [65773] Apache Tomcat CVE-2013-4286 Security Bypass Vulnerability
18724| [65769] Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability
18725| [65768] Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
18726| [65767] Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
18727| [65615] Apache ActiveMQ 'refresh' Parameter Cross Site Scripting Vulnerability
18728| [65434] Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
18729| [65431] Apache Wicket CVE-2013-2055 Information Disclosure Vulnerability
18730| [65400] Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
18731| [64782] Apache CloudStack Virtual Router Component Security Bypass Vulnerability
18732| [64780] Apache CloudStack Unauthorized Access Vulnerability
18733| [64617] Apache Libcloud Digital Ocean API Local Information Disclosure Vulnerability
18734| [64437] Apache Santuario XML Security For JAVA XML Signature Denial of Service Vulnerability
18735| [64427] Apache Solr Multiple XML External Entity Injection Vulnerabilities
18736| [64009] Apache Solr CVE-2013-6408 XML External Entity Injection Vulnerability
18737| [64008] Apache Solr CVE-2013-6407 XML External Entity Injection Vulnerability
18738| [63981] Apache Subversion 'mod_dav_svn' Module Denial of Service Vulnerability
18739| [63966] Apache Subversion CVE-2013-4505 Security Bypass Vulnerability
18740| [63963] Apache Roller CVE-2013-4171 Cross Site Scripting Vulnerability
18741| [63935] Apache Solr 'SolrResourceLoader' Directory Traversal Vulnerability
18742| [63928] Apache Roller CVE-2013-4212 OGNL Expression Injection Remote Code Execution Vulnerability
18743| [63515] Apache Tomcat Manager Component CVE-2013-6357 Cross Site Request Forgery Vulnerability
18744| [63403] Apache Struts Multiple Cross Site Scripting Vulnerabilities
18745| [63400] Apache 'mod_pagespeed' Module Unspecified Cross Site Scripting Vulnerability
18746| [63260] Apache Shindig CVE-2013-4295 XML External Entity Information Disclosure Vulnerability
18747| [63241] Apache Sling 'AbstractAuthenticationFormServlet' Open Redirection Vulnerability
18748| [63174] Apache Commons FileUpload 'DiskFileItem' Class Null Byte Arbitrary File Write Vulnerability
18749| [62939] Apache 'mod_fcgid' Module CVE-2013-4365 Heap Buffer Overflow Vulnerability
18750| [62903] Apache Sling 'deepGetOrCreateNode()' Function Denial Of Service Vulnerability
18751| [62706] Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
18752| [62677] Apache 'mod_accounting' Module CVE-2013-5697 SQL Injection Vulnerability
18753| [62674] TYPO3 Apache Solr Unspecified Cross Site Scripting and PHP Code Execution Vulnerabilities
18754| [62587] Apache Struts CVE-2013-4316 Remote Code Execution Vulnerability
18755| [62584] Apache Struts CVE-2013-4310 Security Bypass Vulnerability
18756| [62266] Apache Subversion CVE-2013-4277 Insecure Temporary File Creation Vulnerability
18757| [61984] Apache Hadoop RPC Authentication CVE-2013-2192 Man in the Middle Security Bypass Vulnerability
18758| [61981] Apache HBase RPC Authentication Man In The Middle Security Bypass Vulnerability
18759| [61638] Apache CloudStack CVE-2013-2136 Multiple Cross Site Scripting Vulnerabilities
18760| [61454] Apache Subversion CVE-2013-4131 Denial Of Service Vulnerability
18761| [61379] Apache HTTP Server CVE-2013-2249 Unspecified Remote Security Vulnerability
18762| [61370] Apache OFBiz CVE-2013-2317 'View Log' Cross Site Scripting Vulnerability
18763| [61369] Apache OFBiz Nested Expression Remote Code Execution Vulnerability
18764| [61196] Apache Struts CVE-2013-2248 Multiple Open Redirection Vulnerabilities
18765| [61189] Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
18766| [61129] Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
18767| [61030] Apache CXF CVE-2013-2160 Multiple Remote Denial of Service Vulnerabilities
18768| [60875] Apache Geronimo RMI Classloader Security Bypass Vulnerability
18769| [60846] Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
18770| [60817] Apache Santuario XML Security for C++ CVE-2013-2210 Heap Buffer Overflow Vulnerability
18771| [60800] Apache Qpid Python Client SSL Certificate Verification Information Disclosure Vulnerability
18772| [60599] Apache Santuario XML Security for C++ CVE-2013-2156 Remote Heap Buffer Overflow Vulnerability
18773| [60595] Apache Santuario XML Security for C++ XML Signature CVE-2013-2155 Denial of Service Vulnerability
18774| [60594] Apache Santuario XML Security for C++ CVE-2013-2154 Stack Buffer Overflow Vulnerability
18775| [60592] Apache Santuario XML Security for C++ XML Signature CVE-2013-2153 Security Bypass Vulnerability
18776| [60534] Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
18777| [60346] Apache Struts CVE-2013-2134 OGNL Expression Injection Vulnerability
18778| [60345] Apache Struts CVE-2013-2135 OGNL Expression Injection Vulnerability
18779| [60267] Apache Subversion CVE-2013-1968 Remote Denial of Service Vulnerability
18780| [60265] Apache Subversion CVE-2013-2088 Command Injection Vulnerability
18781| [60264] Apache Subversion CVE-2013-2112 Remote Denial of Service Vulnerability
18782| [60187] Apache Tomcat DIGEST Authentication CVE-2013-2051 Incomplete Fix Security Weakness
18783| [60186] Apache Tomcat CVE-2013-1976 Insecure Temporary File Handling Vulnerability
18784| [60167] Apache Struts 'includeParams' CVE-2013-2115 Incomplete Fix Security Bypass Vulnerability
18785| [60166] Apache Struts 'includeParams' CVE-2013-1966 Security Bypass Vulnerability
18786| [60082] Apache Struts 'ParameterInterceptor' Class OGNL CVE-2013-1965 Security Bypass Vulnerability
18787| [59826] Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
18788| [59799] Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
18789| [59798] Apache Tomcat CVE-2013-2071 Information Disclosure Vulnerability
18790| [59797] Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
18791| [59670] Apache VCL Multiple Input Validation Vulnerabilities
18792| [59464] Apache CloudStack CVE-2013-2758 Hash Information Disclosure Vulnerability
18793| [59463] Apache CloudStack CVE-2013-2756 Authentication Bypass Vulnerability
18794| [59402] Apache ActiveMQ CVE-2013-3060 Information Disclosure and Denial of Service Vulnerability
18795| [59401] Apache ActiveMQ CVE-2012-6551 Denial of Service Vulnerability
18796| [59400] Apache ActiveMQ CVE-2012-6092 Multiple Cross Site Scripting Vulnerabilities
18797| [58898] Apache Subversion CVE-2013-1884 Remote Denial of Service Vulnerability
18798| [58897] Apache Subversion 'mod_dav_svn/lock.c' Remote Denial of Service Vulnerability
18799| [58895] Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability
18800| [58455] Apache Rave User RPC API CVE-2013-1814 Information Disclosure Vulnerability
18801| [58379] Apache Qpid CVE-2012-4446 Authentication Bypass Vulnerability
18802| [58378] Apache Qpid CVE-2012-4460 Denial of Service Vulnerability
18803| [58376] Apache Qpid CVE-2012-4458 Denial of Service Vulnerability
18804| [58337] Apache Qpid CVE-2012-4459 Denial of Service Vulnerability
18805| [58326] Apache Commons FileUpload CVE-2013-0248 Insecure Temporary File Creation Vulnerability
18806| [58325] Debian Apache HTTP Server CVE-2013-1048 Symlink Attack Local Privilege Escalation Vulnerability
18807| [58323] Apache Subversion 'svn_fs_file_length()' Remote Denial of Service Vulnerability
18808| [58165] Apache HTTP Server Multiple Cross Site Scripting Vulnerabilities
18809| [58136] Apache Maven CVE-2013-0253 SSL Certificate Validation Security Bypass Vulnerability
18810| [58124] Apache Tomcat 'log/logdir' Directory Insecure File Permissions Vulnerability
18811| [58073] Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
18812| [57876] Apache CXF WS-SecurityPolicy Authentication Bypass Vulnerability
18813| [57874] Apache CXF CVE-2012-5633 Security Bypass Vulnerability
18814| [57463] Apache OFBiz CVE-2013-0177 Multiple Cross Site Scripting Vulnerabilities
18815| [57425] Apache CXF CVE-2012-5786 SSL Certificate Validation Security Bypass Vulnerability
18816| [57321] Apache CouchDB CVE-2012-5650 Cross Site Scripting Vulnerability
18817| [57314] Apache CouchDB CVE-2012-5649 Remote Code Execution Vulnerability
18818| [57267] Apache Axis2/C SSL Certificate Validation Security Bypass Vulnerability
18819| [57259] Apache CloudStack CVE-2012-5616 Local Information Disclosure Vulnerability
18820| [56814] Apache Tomcat CVE-2012-4431 Cross-Site Request Forgery Vulnerability
18821| [56813] Apache Tomcat CVE-2012-4534 Denial of Service Vulnerability
18822| [56812] Apache Tomcat CVE-2012-3546 Security Bypass Vulnerability
18823| [56753] Apache Apache HTTP Server 'mod_proxy_ajp Module Denial Of Service Vulnerability
18824| [56686] Apache Tomcat CVE-2012-5568 Denial of Service Vulnerability
18825| [56408] Apache Axis and Axis2/Java SSL Certificate Validation Security Bypass Vulnerability
18826| [56403] Apache Tomcat DIGEST Authentication Multiple Security Weaknesses
18827| [56402] Apache Tomcat CVE-2012-2733 Denial of Service Vulnerability
18828| [56171] Apache OFBiz CVE-2012-3506 Unspecified Security Vulnerability
18829| [55876] Apache CloudStack CVE-2012-4501 Security Bypass Vulnerability
18830| [55628] Apache CXF SOAP Action Spoofing Security Bypass Vulnerability
18831| [55608] Apache Qpid (qpidd) Denial of Service Vulnerability
18832| [55536] Apache 'mod_pagespeed' Module Cross Site Scripting and Security Bypass Vulnerabilities
18833| [55508] Apache Axis2 XML Signature Wrapping Security Vulnerability
18834| [55445] Apache Wicket CVE-2012-3373 Cross Site Scripting Vulnerability
18835| [55346] Apache Struts Cross Site Request Forgery and Denial of Service Vulnerabilities
18836| [55290] Drupal Apache Solr Autocomplete Module Cross Site Scripting Vulnerability
18837| [55165] Apache Struts2 Skill Name Remote Code Execution Vulnerability
18838| [55154] Apache 'mod-rpaf' Module Denial of Service Vulnerability
18839| [55131] Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
18840| [54954] Apache QPID NullAuthenticator Authentication Bypass Vulnerability
18841| [54798] Apache Libcloud Man In The Middle Vulnerability
18842| [54358] Apache Hadoop CVE-2012-3376 Information Disclosure Vulnerability
18843| [54341] Apache Sling CVE-2012-2138 Denial Of Service Vulnerability
18844| [54268] Apache Hadoop Symlink Attack Local Privilege Escalation Vulnerability
18845| [54189] Apache Roller Cross Site Request Forgery Vulnerability
18846| [54187] Apache Roller CVE-2012-2381 Cross Site Scripting Vulnerability
18847| [53880] Apache CXF Child Policies Security Bypass Vulnerability
18848| [53877] Apache CXF Elements Validation Security Bypass Vulnerability
18849| [53676] Apache Commons Compress and Apache Ant CVE-2012-2098 Denial Of Service Vulnerability
18850| [53487] Apache POI CVE-2012-0213 Denial Of Service Vulnerability
18851| [53455] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability
18852| [53305] Apache Qpid CVE-2011-3620 Unauthorized Access Security Bypass Vulnerability
18853| [53046] Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
18854| [53025] Apache OFBiz Unspecified Remote Code Execution Vulnerability
18855| [53023] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
18856| [52939] Apache Hadoop CVE-2012-1574 Unspecified User Impersonation Vulnerability
18857| [52702] Apache Struts2 'XSLTResult.java' Remote Arbitrary File Upload Vulnerability
18858| [52696] Apache Traffic Server HTTP Host Header Handling Heap Based Buffer Overflow Vulnerability
18859| [52680] Apache Wicket 'pageMapName' Parameter Cross Site Scripting Vulnerability
18860| [52679] Apache Wicket Hidden Files Information Disclosure Vulnerability
18861| [52565] Apache 'mod_fcgid' Module Denial Of Service Vulnerability
18862| [52146] TYPO3 Apache Solr Extension Unspecified Cross Site Scripting Vulnerability
18863| [51939] Apache MyFaces 'ln' Parameter Information Disclosure Vulnerability
18864| [51917] Apache APR Hash Collision Denial Of Service Vulnerability
18865| [51902] Apache Struts Multiple HTML Injection Vulnerabilities
18866| [51900] Apache Struts CVE-2012-1007 Multiple Cross Site Scripting Vulnerabilities
18867| [51886] Apache CXF UsernameToken Policy Validation Security Bypass Vulnerability
18868| [51869] Apache HTTP Server CVE-2011-3639 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
18869| [51706] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
18870| [51705] Apache HTTP Server CVE-2012-0021 mod_log_config Denial Of Service Vulnerability
18871| [51628] Apache Struts 'ParameterInterceptor' Class OGNL (CVE-2011-3923) Security Bypass Vulnerability
18872| [51447] Apache Tomcat Parameter Handling Denial of Service Vulnerability
18873| [51442] Apache Tomcat Request Object Security Bypass Vulnerability
18874| [51407] Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
18875| [51257] Apache Struts Remote Command Execution and Arbitrary File Overwrite Vulnerabilities
18876| [51238] Apache Geronimo Hash Collision Denial Of Service Vulnerability
18877| [51200] Apache Tomcat Hash Collision Denial Of Service Vulnerability
18878| [50940] Apache Struts Session Tampering Security Bypass Vulnerability
18879| [50912] RETIRED: Apache MyFaces CVE-2011-4343 Information Disclosure Vulnerability
18880| [50904] Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
18881| [50848] Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability
18882| [50802] Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
18883| [50639] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
18884| [50603] Apache Tomcat Manager Application Security Bypass Vulnerability
18885| [50494] Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
18886| [49957] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
18887| [49762] Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses
18888| [49728] Apache Struts Conversion Error OGNL Expression Evaluation Vulnerability
18889| [49616] Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability
18890| [49470] Apache Tomcat CVE-2007-6286 Duplicate Request Processing Security Vulnerability
18891| [49353] Apache Tomcat AJP Protocol Security Bypass Vulnerability
18892| [49303] Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
18893| [49290] Apache Wicket Cross Site Scripting Vulnerability
18894| [49147] Apache Tomcat CVE-2011-2481 Information Disclosure Vulnerability
18895| [49143] Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
18896| [48667] Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
18897| [48653] Apache 'mod_authnz_external' Module SQL Injection Vulnerability
18898| [48611] Apache XML Security for C++ Signature Key Parsing Denial of Service Vulnerability
18899| [48456] Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
18900| [48015] Apache Archiva Multiple Cross Site Request Forgery Vulnerabilities
18901| [48011] Apache Archiva Multiple Cross Site Scripting and HTML Injection Vulnerabilities
18902| [47929] Apache APR 'apr_fnmatch.c' Denial of Service Vulnerability
18903| [47890] Apache Struts 'javatemplates' Plugin Multiple Cross Site Scripting Vulnerabilities
18904| [47886] Apache Tomcat SecurityConstraints Security Bypass Vulnerability
18905| [47820] Apache APR 'apr_fnmatch()' Denial of Service Vulnerability
18906| [47784] Apache Struts XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability
18907| [47199] Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
18908| [47196] Apache Tomcat Login Constraints Security Bypass Vulnerability
18909| [46974] Apache HttpComponents 'HttpClient' Information Disclosure Vulnerability
18910| [46953] Apache MPM-ITK Module Security Weakness
18911| [46734] Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
18912| [46685] Apache Tomcat '@ServletSecurity' Annotations Security Bypass Vulnerability
18913| [46311] Apache Continuum and Archiva Cross Site Scripting Vulnerability
18914| [46177] Apache Tomcat SecurityManager Security Bypass Vulnerability
18915| [46174] Apache Tomcat HTML Manager Interface HTML Injection Vulnerability
18916| [46166] Apache Tomcat JVM Denial of Service Vulnerability
18917| [46164] Apache Tomcat NIO Connector Denial of Service Vulnerability
18918| [46066] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
18919| [45655] Apache Subversion Server Component Multiple Remote Denial Of Service Vulnerabilities
18920| [45123] Awstats Apache Tomcat Configuration File Remote Arbitrary Command Execution Vulnerability
18921| [45095] Apache Archiva Cross Site Request Forgery Vulnerability
18922| [45015] Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
18923| [44900] Apache 'mod_fcgid' Module Unspecified Stack Buffer Overflow Vulnerability
18924| [44616] Apache Shiro Directory Traversal Vulnerability
18925| [44355] Apache MyFaces Encrypted View State Oracle Padding Security Vulnerability
18926| [44068] Apache::AuthenHook Local Information Disclosure Vulnerability
18927| [43862] Apache QPID SSL Connection Denial of Service Vulnerability
18928| [43673] Apache APR-util 'apr_brigade_split_line()' Denial of Service Vulnerability
18929| [43637] Apache XML-RPC SAX Parser Information Disclosure Vulnerability
18930| [43111] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
18931| [42637] Apache Derby 'BUILTIN' Authentication Insecure Password Hashing Vulnerability
18932| [42501] Apache CouchDB Cross Site Request Forgery Vulnerability
18933| [42492] Apache CXF XML DTD Processing Security Vulnerability
18934| [42121] Apache SLMS Insufficient Quoting Cross Site Request Forgery Vulnerability
18935| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
18936| [41963] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
18937| [41544] Apache Tomcat 'Transfer-Encoding' Information Disclosure and Denial Of Service Vulnerabilities
18938| [41076] Apache Axis2 '/axis2/axis2-admin' Session Fixation Vulnerability
18939| [40976] Apache Axis2 Document Type Declaration Processing Security Vulnerability
18940| [40827] Apache 'mod_proxy_http' Timeout Handling Information Disclosure Vulnerability
18941| [40343] Apache Axis2 'xsd' Parameter Directory Traversal Vulnerability
18942| [40327] Apache Axis2 'engagingglobally' Cross-Site Scripting Vulnerability
18943| [39771] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
18944| [39636] Apache ActiveMQ Source Code Information Disclosure Vulnerability
18945| [39635] Apache Tomcat Authentication Header Realm Name Information Disclosure Vulnerability
18946| [39538] Apache mod_auth_shadow Race Condition Security Bypass Vulnerability
18947| [39489] Apache OFBiz Multiple Cross Site Scripting and HTML Injection Vulnerabilities
18948| [39119] Apache ActiveMQ 'createDestination.action' HTML Injection Vulnerability
18949| [38580] Apache Subrequest Handling Information Disclosure Vulnerability
18950| [38494] Apache 'mod_isapi' Memory Corruption Vulnerability
18951| [38491] Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
18952| [37966] Apache 1.3 mod_proxy HTTP Chunked Encoding Integer Overflow Vulnerability
18953| [37945] Apache Tomcat Host Working Directory WAR File Directory Traversal Vulnerability
18954| [37944] Apache Tomcat WAR File Directory Traversal Vulnerability
18955| [37942] Apache Tomcat Directory Host Appbase Authentication Bypass Vulnerability
18956| [37149] Apache Tomcat 404 Error Page Cross Site Scripting Vulnerability
18957| [37027] RETIRED: Apache APR 'apr_uri_parse_hostinfo' Off By One Remote Code Execution Vulnerability
18958| [36990] Apache HTTP TRACE Cross Site Scripting Vulnerability
18959| [36954] Apache Tomcat Windows Installer Insecure Password Vulnerability
18960| [36889] TYPO3 Apache Solr Search Extension Unspecified Cross Site Scripting Vulnerability
18961| [36596] Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability
18962| [36260] Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
18963| [36254] Apache mod_proxy_ftp Remote Command Injection Vulnerability
18964| [35949] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
18965| [35840] Apache HTTP Server HTTP-Basic Authentication Bypass Vulnerability
18966| [35623] Apache 'mod_deflate' Remote Denial Of Service Vulnerability
18967| [35565] Apache 'mod_proxy' Remote Denial Of Service Vulnerability
18968| [35416] Apache Tomcat XML Parser Information Disclosure Vulnerability
18969| [35263] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
18970| [35253] Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
18971| [35251] Apache APR-util 'apr_brigade_vprintf' Off By One Vulnerability
18972| [35221] Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
18973| [35196] Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
18974| [35193] Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
18975| [35115] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
18976| [34686] Apache Struts Multiple Cross Site Scripting Vulnerabilities
18977| [34663] Apache 'mod_proxy_ajp' Information Disclosure Vulnerability
18978| [34657] Apache Tiles Cross Site Scripting And Information Disclosure Vulnerabilities
18979| [34562] Apache Geronimo Application Server Multiple Remote Vulnerabilities
18980| [34552] Apache ActiveMQ Web Console Multiple Unspecified HTML Injection Vulnerabilities
18981| [34412] Apache Tomcat mod_jk Content Length Information Disclosure Vulnerability
18982| [34399] Apache Struts Unspecified Cross Site Scripting Vulnerability
18983| [34383] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
18984| [33913] Apache Tomcat POST Data Information Disclosure Vulnerability
18985| [33360] Apache Jackrabbit 'q' Parameter Multiple Cross Site Scripting Vulnerabilities
18986| [33110] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
18987| [32657] Novell NetWare ApacheAdmin Security Bypass Vulnerability
18988| [31805] Apache HTTP Server OS Fingerprinting Unspecified Security Vulnerability
18989| [31761] Oracle WebLogic Server Apache Connector Stack Based Buffer Overflow Vulnerability
18990| [31698] Apache Tomcat 'RemoteFilterValve' Security Bypass Vulnerability
18991| [31165] Kolab Groupware Server Apache Log File User Password Information Disclosure Vulnerability
18992| [30560] Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
18993| [30496] Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting Vulnerability
18994| [30494] Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
18995| [29653] Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
18996| [29502] Apache Tomcat Host Manager Cross Site Scripting Vulnerability
18997| [28576] Apache-SSL Environment Variable Information Disclosure and Privilege Escalation Vulnerability
18998| [28484] Apache Tomcat Requests Containing MS-DOS Device Names Information Disclosure Vulnerability
18999| [28483] Apache Tomcat 'allowLinking' Accepts NULL Byte in URI Information Disclosure Vulnerability
19000| [28482] Apache Tomcat SSL Anonymous Cipher Configuration Information Disclosure Vulnerability
19001| [28481] Apache Tomcat Cross-Site Scripting Vulnerability
19002| [28477] Apache Tomcat AJP Connector Information Disclosure Vulnerability
19003| [27752] Apache mod_jk2 Host Header Multiple Stack Based Buffer Overflow Vulnerabilities
19004| [27706] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
19005| [27703] Apache Tomcat Parameter Processing Remote Information Disclosure Vulnerability
19006| [27409] Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
19007| [27365] Apache Tomcat SingleSignOn Remote Information Disclosure Vulnerability
19008| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
19009| [27236] Apache 'mod_proxy_balancer' Multiple Vulnerabilities
19010| [27234] Apache 'mod_proxy_ftp' Undefined Charset UTF-7 Cross-Site Scripting Vulnerability
19011| [27006] Apache Tomcat JULI Logging Component Default Security Policy Vulnerability
19012| [26939] Apache HTTP Server Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
19013| [26838] Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
19014| [26762] Apache::AuthCAS Cookie SQL Injection Vulnerability
19015| [26663] Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
19016| [26287] Apache Geronimo SQLLoginModule Authentication Bypass Vulnerability
19017| [26070] Apache Tomcat WebDav Remote Information Disclosure Vulnerability
19018| [25804] Apache Geronimo Management EJB Security Bypass Vulnerability
19019| [25653] Apache Mod_AutoIndex.C Undefined Charset Cross-Site Scripting Vulnerability
19020| [25531] Apache Tomcat Cal2.JSP Cross-Site Scripting Vulnerability
19021| [25489] Apache HTTP Server Mod_Proxy Denial of Service Vulnerability
19022| [25316] Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities
19023| [25314] Apache Tomcat Host Manager Servlet Cross Site Scripting Vulnerability
19024| [25174] Apache Tomcat Error Message Reporting Cross Site Scripting Vulnerability
19025| [24999] Apache Tomcat SendMailServlet Cross-Site Scripting Vulnerability
19026| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
19027| [24649] Apache HTTP Server Mod_Cache Denial of Service Vulnerability
19028| [24645] Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
19029| [24553] Apache Mod_Mem_Cache Information Disclosure Vulnerability
19030| [24524] Apache Tomcat Accept-Language Cross Site Scripting Vulnerability
19031| [24480] Apache MyFaces Tomahawk JSF Framework Autoscroll Parameter Cross Site Scripting Vulnerability
19032| [24476] Apache Tomcat JSP Example Web Applications Cross Site Scripting Vulnerability
19033| [24475] Apache Tomcat Manager and Host Manager Upload Script Cross-Site Scripting Vulnerability
19034| [24215] Apache HTTP Server Worker Process Multiple Denial of Service Vulnerabilities
19035| [24147] Apache Tomcat JK Connector Double Encoding Security Bypass Vulnerability
19036| [24058] Apache Tomcat Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
19037| [23687] Apache AXIS Non-Existent WSDL Path Information Disclosure Vulnerability
19038| [23438] Apache HTTPD suEXEC Local Multiple Privilege Escalation Weaknesses
19039| [22960] Apache HTTP Server Tomcat Directory Traversal Vulnerability
19040| [22849] Apache mod_python Output Filter Mode Information Disclosure Vulnerability
19041| [22791] Apache Tomcat Mod_JK.SO Arbitrary Code Execution Vulnerability
19042| [22732] Debian Apache Root Shell Local Privilege Escalation Vulnerabilities
19043| [22388] Apache Stats Extract Function Multiple Input Validation Vulnerabilities
19044| [21865] Apache And Microsoft IIS Range Denial of Service Vulnerability
19045| [21214] Apache Mod_Auth_Kerb Off-By-One Denial of Service Vulnerability
19046| [20527] Apache Mod_TCL Remote Format String Vulnerability
19047| [19661] Apache HTTP Server Arbitrary HTTP Request Headers Security Weakness
19048| [19447] Apache CGI Script Source Code Information Disclosure Vulnerability
19049| [19204] Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability
19050| [19106] Apache Tomcat Information Disclosure Vulnerability
19051| [18138] Apache James SMTP Denial Of Service Vulnerability
19052| [17342] Apache Struts Multiple Remote Vulnerabilities
19053| [17095] Apache Log4Net Denial Of Service Vulnerability
19054| [16916] Apache mod_python FileSession Code Execution Vulnerability
19055| [16710] Apache Libapreq2 Quadratic Behavior Denial of Service Vulnerability
19056| [16260] Apache Geronimo Multiple Input Validation Vulnerabilities
19057| [16153] Apache mod_auth_pgsql Multiple Format String Vulnerabilities
19058| [16152] Apache Mod_SSL Custom Error Document Remote Denial Of Service Vulnerability
19059| [15834] Apache 'mod_imap' Referer Cross-Site Scripting Vulnerability
19060| [15765] Apache James Spooler Memory Leak Denial Of Service Vulnerability
19061| [15762] Apache MPM Worker.C Denial Of Service Vulnerability
19062| [15512] Apache Struts Error Response Cross-Site Scripting Vulnerability
19063| [15413] PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
19064| [15325] Apache Tomcat Simultaneous Directory Listing Denial Of Service Vulnerability
19065| [15224] Apache Mod_Auth_Shadow Authentication Bypass Vulnerability
19066| [15177] PHP Apache 2 Local Denial of Service Vulnerability
19067| [14982] ApacheTop Insecure Temporary File Creation Vulnerability
19068| [14721] Apache Mod_SSL SSLVerifyClient Restriction Bypass Vulnerability
19069| [14660] Apache CGI Byterange Request Denial of Service Vulnerability
19070| [14366] Apache mod_ssl CRL Handling Off-By-One Buffer Overflow Vulnerability
19071| [14106] Apache HTTP Request Smuggling Vulnerability
19072| [13778] Apache HTPasswd Password Command Line Argument Buffer Overflow Vulnerability
19073| [13777] Apache HTPasswd User Command Line Argument Buffer Overflow Vulnerability
19074| [13756] Apache Tomcat Java Security Manager Bypass Vulnerability
19075| [13537] Apache HTDigest Realm Command Line Argument Buffer Overflow Vulnerability
19076| [12877] Apache mod_ssl ssl_io_filter_cleanup Remote Denial Of Service Vulnerability
19077| [12795] Apache Tomcat Remote Malformed Request Denial Of Service Vulnerability
19078| [12619] Apache Software Foundation Batik Squiggle Browser Access Validation Vulnerability
19079| [12519] Apache mod_python Module Publisher Handler Information Disclosure Vulnerability
19080| [12308] Apache Utilities Insecure Temporary File Creation Vulnerability
19081| [12217] Apache mod_auth_radius Malformed RADIUS Server Reply Integer Overflow Vulnerability
19082| [12181] Mod_DOSEvasive Apache Module Local Insecure Temporary File Creation Vulnerability
19083| [11803] Apache Jakarta Results.JSP Remote Cross-Site Scripting Vulnerability
19084| [11471] Apache mod_include Local Buffer Overflow Vulnerability
19085| [11360] Apache mod_ssl SSLCipherSuite Restriction Bypass Vulnerability
19086| [11239] Apache Satisfy Directive Access Control Bypass Vulnerability
19087| [11187] Apache Web Server Remote IPv6 Buffer Overflow Vulnerability
19088| [11185] Apache Mod_DAV LOCK Denial Of Service Vulnerability
19089| [11182] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
19090| [11154] Apache mod_ssl Remote Denial of Service Vulnerability
19091| [11094] Apache mod_ssl Denial Of Service Vulnerability
19092| [10789] Apache mod_userdir Module Information Disclosure Vulnerability
19093| [10736] Apache 'mod_ssl' Log Function Format String Vulnerability
19094| [10619] Apache ap_escape_html Memory Allocation Denial Of Service Vulnerability
19095| [10508] Apache Mod_Proxy Remote Negative Content-Length Buffer Overflow Vulnerability
19096| [10478] ClueCentral Apache Suexec Patch Security Weakness
19097| [10355] Apache 'mod_ssl' 'ssl_util_uuencode_binary()' Stack Buffer Overflow Vulnerability
19098| [10212] Apache mod_auth Malformed Password Potential Memory Corruption Vulnerability
19099| [9933] Apache mod_disk_cache Module Client Authentication Credential Storage Weakness
19100| [9930] Apache Error and Access Logs Escape Sequence Injection Vulnerability
19101| [9921] Apache Connection Blocking Denial Of Service Vulnerability
19102| [9885] Apache Mod_Security Module SecFilterScanPost Off-By-One Buffer Overflow Vulnerability
19103| [9874] Apache HTAccess LIMIT Directive Bypass Configuration Error Weakness
19104| [9829] Apache Mod_Access Access Control Rule Bypass Vulnerability
19105| [9826] Apache Mod_SSL HTTP Request Remote Denial Of Service Vulnerability
19106| [9733] Apache Cygwin Directory Traversal Vulnerability
19107| [9599] Apache mod_php Global Variables Information Disclosure Weakness
19108| [9590] Apache-SSL Client Certificate Forging Vulnerability
19109| [9571] Apache mod_digest Client-Supplied Nonce Verification Vulnerability
19110| [9471] Apache mod_perl Module File Descriptor Leakage Vulnerability
19111| [9404] Mod-Auth-Shadow Apache Module Expired User Credential Weakness
19112| [9302] Apache mod_php Module File Descriptor Leakage Vulnerability
19113| [9129] Apache mod_python Module Malformed Query Denial of Service Vulnerability
19114| [8926] Apache Web Server mod_cgid Module CGI Data Redirection Vulnerability
19115| [8919] Apache Mod_Security Module Heap Corruption Vulnerability
19116| [8911] Apache Web Server Multiple Module Local Buffer Overflow Vulnerability
19117| [8898] Red Hat Apache Directory Index Default Configuration Error
19118| [8883] Apache Cocoon Directory Traversal Vulnerability
19119| [8824] Apache Tomcat Non-HTTP Request Denial Of Service Vulnerability
19120| [8822] Apache Mod_Throttle Module Local Shared Memory Corruption Vulnerability
19121| [8725] Apache2 MOD_CGI STDERR Denial Of Service Vulnerability
19122| [8707] Apache htpasswd Password Entropy Weakness
19123| [8561] Apache::Gallery Insecure Local File Storage Privilege Escalation Vulnerability
19124| [8287] Mod_Mylo Apache Module REQSTR Buffer Overflow Vulnerability
19125| [8226] Apache HTTP Server Multiple Vulnerabilities
19126| [8138] Apache Web Server Type-Map Recursive Loop Denial Of Service Vulnerability
19127| [8137] Apache Web Server Prefork MPM Denial Of Service Vulnerability
19128| [8136] Macromedia Apache Web Server Encoded Space Source Disclosure Vulnerability
19129| [8135] Apache Web Server FTP Proxy IPV6 Denial Of Service Vulnerability
19130| [8134] Apache Web Server SSLCipherSuite Weak CipherSuite Renegotiation Weakness
19131| [7768] Apache Tomcat Insecure Directory Permissions Vulnerability
19132| [7725] Apache Basic Authentication Module Valid User Login Denial Of Service Vulnerability
19133| [7723] Apache APR_PSPrintf Memory Corruption Vulnerability
19134| [7448] Apache Mod_Auth_Any Remote Command Execution Vulnerability
19135| [7375] Apache Mod_Access_Referer NULL Pointer Dereference Denial of Service Vulnerability
19136| [7332] Apache Web Server OS2 Filestat Denial Of Service Vulnerability
19137| [7255] Apache Web Server File Descriptor Leakage Vulnerability
19138| [7254] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
19139| [6943] Apache Web Server MIME Boundary Information Disclosure Vulnerability
19140| [6939] Apache Web Server ETag Header Information Disclosure Weakness
19141| [6722] Apache Tomcat Web.XML File Contents Disclosure Vulnerability
19142| [6721] Apache Tomcat Null Byte Directory/File Disclosure Vulnerability
19143| [6720] Apache Tomcat Example Web Application Cross Site Scripting Vulnerability
19144| [6662] Apache Web Server MS-DOS Device Name Denial Of Service Vulnerability
19145| [6661] Apache Web Server Default Script Mapping Bypass Vulnerability
19146| [6660] Apache Web Server Illegal Character HTTP Request File Disclosure Vulnerability
19147| [6659] Apache Web Server MS-DOS Device Name Arbitrary Code Execution Vulnerability
19148| [6562] Apache Tomcat Invoker Servlet File Disclosure Vulnerability
19149| [6320] Apache/Tomcat Mod_JK Chunked Encoding Denial Of Service Vulnerability
19150| [6117] Apache mod_php File Descriptor Leakage Vulnerability
19151| [6065] Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability
19152| [5996] Apache AB.C Web Benchmarking Buffer Overflow Vulnerability
19153| [5995] Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability
19154| [5993] Multiple Apache HTDigest Buffer Overflow Vulnerabilities
19155| [5992] Apache HTDigest Insecure Temporary File Vulnerability
19156| [5991] Apache HTDigest Arbitrary Command Execution Vulnerability
19157| [5990] Apache HTPasswd Insecure Temporary File Vulnerability
19158| [5981] Multiple Apache HTDigest and HTPassWD Component Vulnerabilites
19159| [5884] Apache Web Server Scoreboard Memory Segment Overwriting SIGUSR1 Sending Vulnerability
19160| [5847] Apache Server Side Include Cross Site Scripting Vulnerability
19161| [5838] Apache Tomcat 3.2 Directory Disclosure Vulnerability
19162| [5816] Apache 2 mod_dav Denial Of Service Vulnerability
19163| [5791] HP VirtualVault Apache mod_ssl Denial Of Service Vulnerability
19164| [5787] Apache Oversized STDERR Buffer Denial Of Service Vulnerability
19165| [5786] Apache Tomcat DefaultServlet File Disclosure Vulnerability
19166| [5542] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
19167| [5486] Apache 2.0 CGI Path Disclosure Vulnerability
19168| [5485] Apache 2.0 Path Disclosure Vulnerability
19169| [5434] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
19170| [5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability
19171| [5194] Apache Tomcat DOS Device Name Cross Site Scripting Vulnerability
19172| [5193] Apache Tomcat Servlet Mapping Cross Site Scripting Vulnerability
19173| [5067] Apache Tomcat Null Character Malformed Request Denial Of Service Vulnerability
19174| [5054] Apache Tomcat Web Root Path Disclosure Vulnerability
19175| [5033] Apache Chunked-Encoding Memory Corruption Vulnerability
19176| [4995] Apache Tomcat JSP Engine Denial of Service Vulnerability
19177| [4878] Apache Tomcat RealPath.JSP Malformed Request Information Disclosure Vulnerability
19178| [4877] Apache Tomcat Example Files Web Root Path Disclosure Vulnerability
19179| [4876] Apache Tomcat Source.JSP Malformed Request Information Disclosure Vulnerability
19180| [4575] Apache Tomcat Servlet Path Disclosure Vulnerability
19181| [4557] Apache Tomcat System Path Information Disclosure Vulnerability
19182| [4437] Apache Error Message Cross-Site Scripting Vulnerability
19183| [4431] Apache PrintEnv/Test_CGI Script Injection Vulnerability
19184| [4358] Apache Double-Reverse Lookup Log Entry Spoofing Vulnerability
19185| [4335] Apache Win32 Batch File Remote Command Execution Vulnerability
19186| [4292] Oracle 9iAS Apache PL/SQL Module Web Administration Access Vulnerability
19187| [4189] Apache mod_ssl/Apache-SSL Buffer Overflow Vulnerability
19188| [4057] Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability
19189| [4056] Apache 2 for Windows php.exe Path Disclosure Vulnerability
19190| [4037] Oracle 9iAS Apache PL/SQL Module Denial of Service Vulnerability
19191| [4032] Oracle 9iAS Apache PL/SQL Module Multiple Buffer Overflows Vulnerability
19192| [3796] Apache HTTP Request Unexpected Behavior Vulnerability
19193| [3790] Apache Non-Existent Log Directory Denial Of Service Vulnerability
19194| [3786] Apache Win32 PHP.EXE Remote File Disclosure Vulnerability
19195| [3727] Oracle 9I Application Server PL/SQL Apache Module Directory Traversal Vulnerability
19196| [3726] Oracle 9I Application Server PL/SQL Apache Module Buffer Overflow Vulnerability
19197| [3596] Apache Split-Logfile File Append Vulnerability
19198| [3521] Apache mod_usertrack Predictable ID Generation Vulnerability
19199| [3335] Red Hat Linux Apache Remote Username Enumeration Vulnerability
19200| [3316] MacOS X Client Apache Directory Contents Disclosure Vulnerability
19201| [3256] Apache mod_auth_oracle Remote SQL Query Manipulation Vulnerability
19202| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
19203| [3254] Apache AuthPG Remote SQL Query Manipulation Vulnerability
19204| [3253] Apache mod_auth_pgsql_sys Remote SQL Query Manipulation Vulnerability
19205| [3251] Apache mod_auth_pgsql Remote SQL Query Manipulation Vulnerability
19206| [3176] Apache Mod ReWrite Rules Bypassing Image Linking Vulnerability
19207| [3169] Apache Server Address Disclosure Vulnerability
19208| [3009] Apache Possible Directory Index Disclosure Vulnerability
19209| [2982] Apache Tomcat Cross-Site Scripting Vulnerability
19210| [2852] MacOS X Client Apache File Protection Bypass Vulnerability
19211| [2740] Apache Web Server HTTP Request Denial of Service Vulnerability
19212| [2518] Apache Tomcat 3.0 Directory Traversal Vulnerability
19213| [2503] Apache Artificially Long Slash Path Directory Listing Vulnerability
19214| [2300] NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability
19215| [2216] Apache Web Server DoS Vulnerability
19216| [2182] Apache /tmp File Race Vulnerability
19217| [2171] Oracle Apache+WebDB Documented Backdoor Vulnerability
19218| [2060] Apache Web Server with Php 3 File Disclosure Vulnerability
19219| [1821] Apache mod_cookies Buffer Overflow Vulnerability
19220| [1728] Apache Rewrite Module Arbitrary File Disclosure Vulnerability
19221| [1658] SuSE Apache CGI Source Code Viewing Vulnerability
19222| [1656] SuSE Apache WebDAV Directory Listings Vulnerability
19223| [1575] Trustix Apache-SSL RPM Permissions Vulnerability
19224| [1548] Apache Jakarta-Tomcat /admin Context Vulnerability
19225| [1532] Apache Tomcat Snoop Servlet Information Disclosure Vulnerability
19226| [1531] Apache Tomcat 3.1 Path Revealing Vulnerability
19227| [1457] Apache::ASP source.asp Example Script Vulnerability
19228| [1284] Apache HTTP Server (win32) Root Directory Access Vulnerability
19229| [1083] Cobalt Raq Apache .htaccess Disclosure Vulnerability
19230|
19231| IBM X-Force - https://exchange.xforce.ibmcloud.com:
19232| [86258] Apache CloudStack text fields cross-site scripting
19233| [85983] Apache Subversion mod_dav_svn module denial of service
19234| [85875] Apache OFBiz UEL code execution
19235| [85874] Apache OFBiz Webtools View Log screen cross-site scripting
19236| [85871] Apache HTTP Server mod_session_dbd unspecified
19237| [85756] Apache Struts OGNL expression command execution
19238| [85755] Apache Struts DefaultActionMapper class open redirect
19239| [85586] Apache ActiveMQ CVE-2013-1879 cross-site scripting
19240| [85574] Apache HTTP Server mod_dav denial of service
19241| [85573] Apache Struts Showcase App OGNL code execution
19242| [85496] Apache CXF denial of service
19243| [85423] Apache Geronimo RMI classloader code execution
19244| [85326] Apache Santuario XML Security for C++ buffer overflow
19245| [85323] Apache Santuario XML Security for Java spoofing
19246| [85319] Apache Qpid Python client SSL spoofing
19247| [85019] Apache Santuario XML Security for C++ CVE-2013-2156 buffer overflow
19248| [85018] Apache Santuario XML Security for C++ CVE-2013-2155 denial of service
19249| [85017] Apache Santuario XML Security for C++ CVE-2013-2154 buffer overflow
19250| [85016] Apache Santuario XML Security for C++ CVE-2013-2153 spoofing
19251| [84952] Apache Tomcat CVE-2012-3544 denial of service
19252| [84763] Apache Struts CVE-2013-2135 security bypass
19253| [84762] Apache Struts CVE-2013-2134 security bypass
19254| [84719] Apache Subversion CVE-2013-2088 command execution
19255| [84718] Apache Subversion CVE-2013-2112 denial of service
19256| [84717] Apache Subversion CVE-2013-1968 denial of service
19257| [84577] Apache Tomcat security bypass
19258| [84576] Apache Tomcat symlink
19259| [84543] Apache Struts CVE-2013-2115 security bypass
19260| [84542] Apache Struts CVE-2013-1966 security bypass
19261| [84154] Apache Tomcat session hijacking
19262| [84144] Apache Tomcat denial of service
19263| [84143] Apache Tomcat information disclosure
19264| [84111] Apache HTTP Server command execution
19265| [84043] Apache Virtual Computing Lab cross-site scripting
19266| [84042] Apache Virtual Computing Lab cross-site scripting
19267| [83782] Apache CloudStack information disclosure
19268| [83781] Apache CloudStack security bypass
19269| [83720] Apache ActiveMQ cross-site scripting
19270| [83719] Apache ActiveMQ denial of service
19271| [83718] Apache ActiveMQ denial of service
19272| [83263] Apache Subversion denial of service
19273| [83262] Apache Subversion denial of service
19274| [83261] Apache Subversion denial of service
19275| [83259] Apache Subversion denial of service
19276| [83035] Apache mod_ruid2 security bypass
19277| [82852] Apache Qpid federation_tag security bypass
19278| [82851] Apache Qpid qpid::framing::Buffer denial of service
19279| [82758] Apache Rave User RPC API information disclosure
19280| [82663] Apache Subversion svn_fs_file_length() denial of service
19281| [82642] Apache Qpid qpid::framing::Buffer::checkAvailable() denial of service
19282| [82641] Apache Qpid AMQP denial of service
19283| [82626] Apache HTTP Server on Debian GNU/Linux Debian apache2ctl symlink
19284| [82618] Apache Commons FileUpload symlink
19285| [82360] Apache HTTP Server manager interface cross-site scripting
19286| [82359] Apache HTTP Server hostnames cross-site scripting
19287| [82338] Apache Tomcat log/logdir information disclosure
19288| [82328] Apache Maven and Apache Maven Wagon SSL spoofing
19289| [82268] Apache OpenJPA deserialization command execution
19290| [81981] Apache CXF UsernameTokens security bypass
19291| [81980] Apache CXF WS-Security security bypass
19292| [81398] Apache OFBiz cross-site scripting
19293| [81240] Apache CouchDB directory traversal
19294| [81226] Apache CouchDB JSONP code execution
19295| [81225] Apache CouchDB Futon user interface cross-site scripting
19296| [81211] Apache Axis2/C SSL spoofing
19297| [81167] Apache CloudStack DeployVM information disclosure
19298| [81166] Apache CloudStack AddHost API information disclosure
19299| [81165] Apache CloudStack createSSHKeyPair API information disclosure
19300| [80518] Apache Tomcat cross-site request forgery security bypass
19301| [80517] Apache Tomcat FormAuthenticator security bypass
19302| [80516] Apache Tomcat NIO denial of service
19303| [80408] Apache Tomcat replay-countermeasure security bypass
19304| [80407] Apache Tomcat HTTP Digest Access Authentication security bypass
19305| [80317] Apache Tomcat slowloris denial of service
19306| [79984] Apache Commons HttpClient SSL spoofing
19307| [79983] Apache CXF SSL spoofing
19308| [79830] Apache Axis2/Java SSL spoofing
19309| [79829] Apache Axis SSL spoofing
19310| [79809] Apache Tomcat DIGEST security bypass
19311| [79806] Apache Tomcat parseHeaders() denial of service
19312| [79540] Apache OFBiz unspecified
19313| [79487] Apache Axis2 SAML security bypass
19314| [79212] Apache Cloudstack code execution
19315| [78734] Apache CXF SOAP Action security bypass
19316| [78730] Apache Qpid broker denial of service
19317| [78617] Eucalyptus Apache Santuario (XML Security for Java) denial of service
19318| [78563] Apache mod_pagespeed module unspecified cross-site scripting
19319| [78562] Apache mod_pagespeed module security bypass
19320| [78454] Apache Axis2 security bypass
19321| [78452] Websense Web Security and Web Filter Apache Tomcat information disclosure
19322| [78451] Websense Web Security and Web Filter Apache Tomcat cross-site scripting
19323| [78321] Apache Wicket unspecified cross-site scripting
19324| [78183] Apache Struts parameters denial of service
19325| [78182] Apache Struts cross-site request forgery
19326| [78153] Apache Solr Autocomplete module for Drupal autocomplete results cross-site scripting
19327| [77987] mod_rpaf module for Apache denial of service
19328| [77958] Apache Struts skill name code execution
19329| [77914] Apache HTTP Server mod_negotiation module cross-site scripting
19330| [77913] Apache HTTP Server mod_proxy_ajp information disclosure
19331| [77568] Apache Qpid broker security bypass
19332| [77421] Apache Libcloud spoofing
19333| [77059] Oracle Solaris Cluster Apache Tomcat Agent unspecified
19334| [77046] Oracle Solaris Apache HTTP Server information disclosure
19335| [76837] Apache Hadoop information disclosure
19336| [76802] Apache Sling CopyFrom denial of service
19337| [76692] Apache Hadoop symlink
19338| [76535] Apache Roller console cross-site request forgery
19339| [76534] Apache Roller weblog cross-site scripting
19340| [76152] Apache CXF elements security bypass
19341| [76151] Apache CXF child policies security bypass
19342| [75983] MapServer for Windows Apache file include
19343| [75857] Apache Commons Compress and Apache Ant bzip2 denial of service
19344| [75558] Apache POI denial of service
19345| [75545] PHP apache_request_headers() buffer overflow
19346| [75302] Apache Qpid SASL security bypass
19347| [75211] Debian GNU/Linux apache 2 cross-site scripting
19348| [74901] Apache HTTP Server LD_LIBRARY_PATH privilege escalation
19349| [74871] Apache OFBiz FlexibleStringExpander code execution
19350| [74870] Apache OFBiz multiple cross-site scripting
19351| [74750] Apache Hadoop unspecified spoofing
19352| [74319] Apache Struts XSLTResult.java file upload
19353| [74313] Apache Traffic Server header buffer overflow
19354| [74276] Apache Wicket directory traversal
19355| [74273] Apache Wicket unspecified cross-site scripting
19356| [74181] Apache HTTP Server mod_fcgid module denial of service
19357| [73690] Apache Struts OGNL code execution
19358| [73432] Apache Solr extension for TYPO3 unspecified cross-site scripting
19359| [73100] Apache MyFaces in directory traversal
19360| [73096] Apache APR hash denial of service
19361| [73052] Apache Struts name cross-site scripting
19362| [73030] Apache CXF UsernameToken security bypass
19363| [72888] Apache Struts lastName cross-site scripting
19364| [72758] Apache HTTP Server httpOnly information disclosure
19365| [72757] Apache HTTP Server MPM denial of service
19366| [72585] Apache Struts ParameterInterceptor security bypass
19367| [72438] Apache Tomcat Digest security bypass
19368| [72437] Apache Tomcat Digest security bypass
19369| [72436] Apache Tomcat DIGEST security bypass
19370| [72425] Apache Tomcat parameter denial of service
19371| [72422] Apache Tomcat request object information disclosure
19372| [72377] Apache HTTP Server scoreboard security bypass
19373| [72345] Apache HTTP Server HTTP request denial of service
19374| [72229] Apache Struts ExceptionDelegator command execution
19375| [72089] Apache Struts ParameterInterceptor directory traversal
19376| [72088] Apache Struts CookieInterceptor command execution
19377| [72047] Apache Geronimo hash denial of service
19378| [72016] Apache Tomcat hash denial of service
19379| [71711] Apache Struts OGNL expression code execution
19380| [71654] Apache Struts interfaces security bypass
19381| [71620] Apache ActiveMQ failover denial of service
19382| [71617] Apache HTTP Server mod_proxy module information disclosure
19383| [71508] Apache MyFaces EL security bypass
19384| [71445] Apache HTTP Server mod_proxy security bypass
19385| [71203] Apache Tomcat servlets privilege escalation
19386| [71181] Apache HTTP Server ap_pregsub() denial of service
19387| [71093] Apache HTTP Server ap_pregsub() buffer overflow
19388| [70336] Apache HTTP Server mod_proxy information disclosure
19389| [69804] Apache HTTP Server mod_proxy_ajp denial of service
19390| [69472] Apache Tomcat AJP security bypass
19391| [69396] Apache HTTP Server ByteRange filter denial of service
19392| [69394] Apache Wicket multi window support cross-site scripting
19393| [69176] Apache Tomcat XML information disclosure
19394| [69161] Apache Tomcat jsvc information disclosure
19395| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
19396| [68541] Apache Tomcat sendfile information disclosure
19397| [68420] Apache XML Security denial of service
19398| [68238] Apache Tomcat JMX information disclosure
19399| [67860] Apache Rampart/C rampart_timestamp_token_validate security bypass
19400| [67804] Apache Subversion control rules information disclosure
19401| [67803] Apache Subversion control rules denial of service
19402| [67802] Apache Subversion baselined denial of service
19403| [67672] Apache Archiva multiple cross-site scripting
19404| [67671] Apache Archiva multiple cross-site request forgery
19405| [67564] Apache APR apr_fnmatch() denial of service
19406| [67532] IBM WebSphere Application Server org.apache.jasper.runtime.JspWriterImpl.response denial of service
19407| [67515] Apache Tomcat annotations security bypass
19408| [67480] Apache Struts s:submit information disclosure
19409| [67414] Apache APR apr_fnmatch() denial of service
19410| [67356] Apache Struts javatemplates cross-site scripting
19411| [67354] Apache Struts Xwork cross-site scripting
19412| [66676] Apache Tomcat HTTP BIO information disclosure
19413| [66675] Apache Tomcat web.xml security bypass
19414| [66640] Apache HttpComponents HttpClient Proxy-Authorization information disclosure
19415| [66241] Apache HttpComponents information disclosure
19416| [66154] Apache Tomcat ServletSecurity security bypass
19417| [65971] Apache Tomcat ServletSecurity security bypass
19418| [65876] Apache Subversion mod_dav_svn denial of service
19419| [65343] Apache Continuum unspecified cross-site scripting
19420| [65162] Apache Tomcat NIO connector denial of service
19421| [65161] Apache Tomcat javax.servlet.ServletRequest.getLocale() denial of service
19422| [65160] Apache Tomcat HTML Manager interface cross-site scripting
19423| [65159] Apache Tomcat ServletContect security bypass
19424| [65050] Apache CouchDB web-based administration UI cross-site scripting
19425| [64773] Oracle HTTP Server Apache Plugin unauthorized access
19426| [64473] Apache Subversion blame -g denial of service
19427| [64472] Apache Subversion walk() denial of service
19428| [64407] Apache Axis2 CVE-2010-0219 code execution
19429| [63926] Apache Archiva password privilege escalation
19430| [63785] Apache CouchDB LD_LIBRARY_PATH privilege escalation
19431| [63493] Apache Archiva credentials cross-site request forgery
19432| [63477] Apache Tomcat HttpOnly session hijacking
19433| [63422] Apache Tomcat sessionsList.jsp cross-site scripting
19434| [63303] Apache mod_fcgid module fcgid_header_bucket_read() buffer overflow
19435| [62959] Apache Shiro filters security bypass
19436| [62790] Apache Perl cgi module denial of service
19437| [62576] Apache Qpid exchange denial of service
19438| [62575] Apache Qpid AMQP denial of service
19439| [62354] Apache Qpid SSL denial of service
19440| [62235] Apache APR-util apr_brigade_split_line() denial of service
19441| [62181] Apache XML-RPC SAX Parser information disclosure
19442| [61721] Apache Traffic Server cache poisoning
19443| [61202] Apache Derby BUILTIN authentication functionality information disclosure
19444| [61186] Apache CouchDB Futon cross-site request forgery
19445| [61169] Apache CXF DTD denial of service
19446| [61070] Apache Jackrabbit search.jsp SQL injection
19447| [61006] Apache SLMS Quoting cross-site request forgery
19448| [60962] Apache Tomcat time cross-site scripting
19449| [60883] Apache mod_proxy_http information disclosure
19450| [60671] Apache HTTP Server mod_cache and mod_dav denial of service
19451| [60264] Apache Tomcat Transfer-Encoding denial of service
19452| [59746] Apache Axis2 axis2/axis2-admin page session hijacking
19453| [59588] Apache Axis2/Java XML DTD (Document Type Declaration) data denial of service
19454| [59413] Apache mod_proxy_http timeout information disclosure
19455| [59058] Apache MyFaces unencrypted view state cross-site scripting
19456| [58827] Apache Axis2 xsd file include
19457| [58790] Apache Axis2 modules cross-site scripting
19458| [58299] Apache ActiveMQ queueBrowse cross-site scripting
19459| [58169] Apache Tomcat Web Application Manager / Host Manager cross-site request forgery
19460| [58056] Apache ActiveMQ .jsp source code disclosure
19461| [58055] Apache Tomcat realm name information disclosure
19462| [58046] Apache HTTP Server mod_auth_shadow security bypass
19463| [57841] Apache Open For Business Project (OFBiz) subject cross-site scripting
19464| [57840] Apache Open For Business Project (OFBiz) multiple parameters cross-site scripting
19465| [57429] Apache CouchDB algorithms information disclosure
19466| [57398] Apache ActiveMQ Web console cross-site request forgery
19467| [57397] Apache ActiveMQ createDestination.action cross-site scripting
19468| [56653] Apache HTTP Server DNS spoofing
19469| [56652] Apache HTTP Server DNS cross-site scripting
19470| [56625] Apache HTTP Server request header information disclosure
19471| [56624] Apache HTTP Server mod_isapi orphaned callback pointer code execution
19472| [56623] Apache HTTP Server mod_proxy_ajp denial of service
19473| [55941] mod_proxy module for Apache ap_proxy_send_fb() buffer overflow
19474| [55857] Apache Tomcat WAR files directory traversal
19475| [55856] Apache Tomcat autoDeploy attribute security bypass
19476| [55855] Apache Tomcat WAR directory traversal
19477| [55210] Intuit component for Joomla! Apache information disclosure
19478| [54533] Apache Tomcat 404 error page cross-site scripting
19479| [54182] Apache Tomcat admin default password
19480| [53878] Apache Solr Search (solr) extension for TYPO3 unspecified cross-site scripting
19481| [53666] Apache HTTP Server Solaris pollset support denial of service
19482| [53650] Apache HTTP Server HTTP basic-auth module security bypass
19483| [53124] mod_proxy_ftp module for Apache HTTP header security bypass
19484| [53041] mod_proxy_ftp module for Apache denial of service
19485| [52540] Apache Portable Runtime and Apache Portable Utility library multiple buffer overflow
19486| [51953] Apache Tomcat Path Disclosure
19487| [51952] Apache Tomcat Path Traversal
19488| [51951] Apache stronghold-status Information Disclosure
19489| [51950] Apache stronghold-info Information Disclosure
19490| [51949] Apache PHP Source Code Disclosure
19491| [51948] Apache Multiviews Attack
19492| [51946] Apache JServ Environment Status Information Disclosure
19493| [51945] Apache error_log Information Disclosure
19494| [51944] Apache Default Installation Page Pattern Found
19495| [51943] Apache AXIS XML Parser echoheaders.jws Sample Web Service Denial of Service
19496| [51942] Apache AXIS XML External Entity File Retrieval
19497| [51941] Apache AXIS Sample Servlet Information Leak
19498| [51940] Apache access_log Information Disclosure
19499| [51626] Apache mod_deflate denial of service
19500| [51532] mod_proxy module for the Apache HTTP Server stream_reqbody_cl denial of service
19501| [51365] Apache Tomcat RequestDispatcher security bypass
19502| [51273] Apache HTTP Server Incomplete Request denial of service
19503| [51195] Apache Tomcat XML information disclosure
19504| [50994] Apache APR-util xml/apr_xml.c denial of service
19505| [50993] Apache APR-util apr_brigade_vprintf denial of service
19506| [50964] Apache APR-util apr_strmatch_precompile() denial of service
19507| [50930] Apache Tomcat j_security_check information disclosure
19508| [50928] Apache Tomcat AJP denial of service
19509| [50884] Apache HTTP Server XML ENTITY denial of service
19510| [50808] Apache HTTP Server AllowOverride privilege escalation
19511| [50108] Apache Struts s:a tag and s:url tag cross-site scripting
19512| [50059] Apache mod_proxy_ajp information disclosure
19513| [49951] Apache Tiles Expression Language (EL) expressions cross-site scripting
19514| [49925] Apache Geronimo Web Administrative Console cross-site request forgery
19515| [49924] Apache Geronimo console/portal/Server/Monitoring cross-site scripting
19516| [49921] Apache ActiveMQ Web interface cross-site scripting
19517| [49898] Apache Geronimo Services/Repository directory traversal
19518| [49725] Apache Tomcat mod_jk module information disclosure
19519| [49715] Apache mod_perl Apache::Status and Apache2::Status modules cross-site scripting
19520| [49712] Apache Struts unspecified cross-site scripting
19521| [49213] Apache Tomcat cal2.jsp cross-site scripting
19522| [48934] Apache Tomcat POST doRead method information disclosure
19523| [48211] Apache Tomcat header HTTP request smuggling
19524| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
19525| [48110] Apache Jackrabbit search.jsp and swr.jsp cross-site scripting
19526| [47709] Apache Roller "
19527| [47104] Novell Netware ApacheAdmin console security bypass
19528| [47086] Apache HTTP Server OS fingerprinting unspecified
19529| [46329] Apache Struts FilterDispatcher and DefaultStaticContentLoader class directory traversal
19530| [45791] Apache Tomcat RemoteFilterValve security bypass
19531| [44435] Oracle WebLogic Apache Connector buffer overflow
19532| [44411] Apache Tomcat allowLinking UTF-8 directory traversal
19533| [44223] Apache HTTP Server mod_proxy_ftp cross-site scripting
19534| [44156] Apache Tomcat RequestDispatcher directory traversal
19535| [44155] Apache Tomcat HttpServletResponse.sendError() cross-site scripting
19536| [43885] Oracle WebLogic Server Apache Connector buffer overflow
19537| [42987] Apache HTTP Server mod_proxy module denial of service
19538| [42915] Apache Tomcat JSP files path disclosure
19539| [42914] Apache Tomcat MS-DOS path disclosure
19540| [42892] Apache Tomcat unspecified unauthorized access
19541| [42816] Apache Tomcat Host Manager cross-site scripting
19542| [42303] Apache 403 error cross-site scripting
19543| [41618] Apache-SSL ExpandCert() authentication bypass
19544| [40761] Apache Derby RDBNAM parameter and DatabaseMetaData.getURL information disclosure
19545| [40736] Apache Tomcat HTTP/1.1 connector information disclosure
19546| [40614] Apache mod_jk2 HTTP Host header buffer overflow
19547| [40562] Apache Geronimo init information disclosure
19548| [40478] Novell Web Manager webadmin-apache.conf security bypass
19549| [40411] Apache Tomcat exception handling information disclosure
19550| [40409] Apache Tomcat native (APR based) connector weak security
19551| [40403] Apache Tomcat quotes and %5C cookie information disclosure
19552| [40388] Sun Java Plug-In org.apache.crimson.tree.XmlDocument security bypass
19553| [39893] Apache HTTP Server mod_negotiation HTTP response splitting
19554| [39867] Apache HTTP Server mod_negotiation cross-site scripting
19555| [39804] Apache Tomcat SingleSignOn information disclosure
19556| [39615] Apache HTTP Server mod_proxy_ftp.c UTF-7 cross-site scripting
19557| [39612] Apache HTTP Server mod_proxy_balancer buffer overflow
19558| [39608] Apache HTTP Server balancer manager cross-site request forgery
19559| [39476] Apache mod_proxy_balancer balancer_handler function denial of service
19560| [39474] Apache HTTP Server mod_proxy_balancer cross-site scripting
19561| [39472] Apache HTTP Server mod_status cross-site scripting
19562| [39201] Apache Tomcat JULI logging weak security
19563| [39158] Apache HTTP Server Windows SMB shares information disclosure
19564| [39001] Apache HTTP Server mod_imap and mod_imagemap module cross-site scripting
19565| [38951] Apache::AuthCAS Perl module cookie SQL injection
19566| [38800] Apache HTTP Server 413 error page cross-site scripting
19567| [38211] Apache Geronimo SQLLoginModule authentication bypass
19568| [37243] Apache Tomcat WebDAV directory traversal
19569| [37178] RHSA update for Apache HTTP Server mod_status module cross-site scripting not installed
19570| [37177] RHSA update for Apache HTTP Server Apache child process denial of service not installed
19571| [37119] RHSA update for Apache mod_auth_kerb off-by-one buffer overflow not installed
19572| [37100] RHSA update for Apache and IBM HTTP Server Expect header cross-site scripting not installed
19573| [36782] Apache Geronimo MEJB unauthorized access
19574| [36586] Apache HTTP Server UTF-7 cross-site scripting
19575| [36468] Apache Geronimo LoginModule security bypass
19576| [36467] Apache Tomcat functions.jsp cross-site scripting
19577| [36402] Apache Tomcat calendar cross-site request forgery
19578| [36354] Apache HTTP Server mod_proxy module denial of service
19579| [36352] Apache HTTP Server ap_proxy_date_canon() denial of service
19580| [36336] Apache Derby lock table privilege escalation
19581| [36335] Apache Derby schema privilege escalation
19582| [36006] Apache Tomcat "
19583| [36001] Apache Tomcat Host Manager Servlet alias cross-site scripting
19584| [35999] Apache Tomcat \"
19585| [35795] Apache Tomcat CookieExample cross-site scripting
19586| [35536] Apache Tomcat SendMailServlet example cross-site scripting
19587| [35384] Apache HTTP Server mod_cache module denial of service
19588| [35097] Apache HTTP Server mod_status module cross-site scripting
19589| [35095] Apache HTTP Server Prefork MPM module denial of service
19590| [34984] Apache HTTP Server recall_headers information disclosure
19591| [34966] Apache HTTP Server MPM content spoofing
19592| [34965] Apache HTTP Server MPM information disclosure
19593| [34963] Apache HTTP Server MPM multiple denial of service
19594| [34872] Apache MyFaces Tomahawk autoscroll parameter cross-site scripting
19595| [34869] Apache Tomcat JSP example Web application cross-site scripting
19596| [34868] Apache Tomcat Manager and Host Manager cross-site scripting
19597| [34496] Apache Tomcat JK Connector security bypass
19598| [34377] Apache Tomcat hello.jsp cross-site scripting
19599| [34212] Apache Tomcat SSL configuration security bypass
19600| [34210] Apache Tomcat Accept-Language cross-site scripting
19601| [34209] Apache Tomcat calendar application cross-site scripting
19602| [34207] Apache Tomcat implicit-objects.jsp cross-site scripting
19603| [34167] Apache Axis WSDL file path disclosure
19604| [34068] Apache Tomcat AJP connector information disclosure
19605| [33584] Apache HTTP Server suEXEC privilege escalation
19606| [32988] Apache Tomcat proxy module directory traversal
19607| [32794] Apache Tomcat JK Web Server Connector map_uri_to_worker() buffer overflow
19608| [32708] Debian Apache tty privilege escalation
19609| [32441] ApacheStats extract() PHP call unspecified
19610| [32128] Apache Tomcat default account
19611| [31680] Apache Tomcat RequestParamExample cross-site scripting
19612| [31649] Apache Tomcat Sample Servlet TroubleShooter detected
19613| [31557] BEA WebLogic Server and WebLogic Express Apache proxy plug-in denial of service
19614| [31236] Apache HTTP Server htpasswd.c strcpy buffer overflow
19615| [30456] Apache mod_auth_kerb off-by-one buffer overflow
19616| [29550] Apache mod_tcl set_var() format string
19617| [28620] Apache and IBM HTTP Server Expect header cross-site scripting
19618| [28357] Apache HTTP Server mod_alias script source information disclosure
19619| [28063] Apache mod_rewrite off-by-one buffer overflow
19620| [27902] Apache Tomcat URL information disclosure
19621| [26786] Apache James SMTP server denial of service
19622| [25680] libapache2 /tmp/svn file upload
19623| [25614] Apache Struts lookupMap cross-site scripting
19624| [25613] Apache Struts ActionForm denial of service
19625| [25612] Apache Struts isCancelled() security bypass
19626| [24965] Apache mod_python FileSession command execution
19627| [24716] Apache James spooler memory leak denial of service
19628| [24159] Apache Geronimo Web-Access-Log Viewer cross-site scripting
19629| [24158] Apache Geronimo jsp-examples cross-site scripting
19630| [24030] Apache auth_ldap module multiple format strings
19631| [24008] Apache mod_ssl custom error message denial of service
19632| [24003] Apache mod_auth_pgsql module multiple syslog format strings
19633| [23612] Apache mod_imap referer field cross-site scripting
19634| [23173] Apache Struts error message cross-site scripting
19635| [22942] Apache Tomcat directory listing denial of service
19636| [22858] Apache Multi-Processing Module code allows denial of service
19637| [22602] RHSA-2005:582 updates for Apache httpd not installed
19638| [22520] Apache mod-auth-shadow "
19639| [22466] ApacheTop symlink
19640| [22109] Apache HTTP Server ssl_engine_kernel client certificate validation
19641| [22006] Apache HTTP Server byte-range filter denial of service
19642| [21567] Apache mod_ssl off-by-one buffer overflow
19643| [21195] Apache HTTP Server header HTTP request smuggling
19644| [20383] Apache HTTP Server htdigest buffer overflow
19645| [19681] Apache Tomcat AJP12 request denial of service
19646| [18993] Apache HTTP server check_forensic symlink attack
19647| [18790] Apache Tomcat Manager cross-site scripting
19648| [18349] Apache HTTP server Apple HFS+ filesystem obtain information
19649| [18348] Apache HTTP server Apple HFS+ filesystem .DS_Store and .ht file disclosure
19650| [18347] Apache HTTP server Apple Mac OS X Server mod_digest_apple module could allow an attacker to replay responses
19651| [17961] Apache Web server ServerTokens has not been set
19652| [17930] Apache HTTP Server HTTP GET request denial of service
19653| [17785] Apache mod_include module buffer overflow
19654| [17671] Apache HTTP Server SSLCipherSuite bypass restrictions
19655| [17473] Apache HTTP Server Satisfy directive allows access to resources
19656| [17413] Apache htpasswd buffer overflow
19657| [17384] Apache HTTP Server environment variable configuration file buffer overflow
19658| [17382] Apache HTTP Server IPv6 apr_util denial of service
19659| [17366] Apache HTTP Server mod_dav module LOCK denial of service
19660| [17273] Apache HTTP Server speculative mode denial of service
19661| [17200] Apache HTTP Server mod_ssl denial of service
19662| [16890] Apache HTTP Server server-info request has been detected
19663| [16889] Apache HTTP Server server-status request has been detected
19664| [16705] Apache mod_ssl format string attack
19665| [16524] Apache HTTP Server ap_get_mime_headers_core denial of service
19666| [16387] Apache HTTP Server mod_proxy Content-Length buffer overflow
19667| [16230] Apache HTTP Server PHP denial of service
19668| [16214] Apache mod_ssl ssl_util_uuencode_binary buffer overflow
19669| [15958] Apache HTTP Server authentication modules memory corruption
19670| [15547] Apache HTTP Server mod_disk_cache local information disclosure
19671| [15540] Apache HTTP Server socket starvation denial of service
19672| [15467] Novell GroupWise WebAccess using Apache Web server allows viewing of files on the server
19673| [15422] Apache HTTP Server mod_access information disclosure
19674| [15419] Apache HTTP Server mod_ssl plain HTTP request denial of service
19675| [15293] Apache for Cygwin "
19676| [15065] Apache-SSL has a default password
19677| [15041] Apache HTTP Server mod_digest module could allow an attacker to replay responses
19678| [15015] Apache httpd server httpd.conf could allow a local user to bypass restrictions
19679| [14751] Apache Mod_python output filter information disclosure
19680| [14125] Apache HTTP Server mod_userdir module information disclosure
19681| [14075] Apache HTTP Server mod_php file descriptor leak
19682| [13703] Apache HTTP Server account
19683| [13689] Apache HTTP Server configuration allows symlinks
19684| [13688] Apache HTTP Server configuration allows SSI
19685| [13687] Apache HTTP Server Server: header value
19686| [13685] Apache HTTP Server ServerTokens value
19687| [13684] Apache HTTP Server ServerSignature value
19688| [13672] Apache HTTP Server config allows directory autoindexing
19689| [13671] Apache HTTP Server default content
19690| [13670] Apache HTTP Server config file directive references outside content root
19691| [13668] Apache HTTP Server httpd not running in chroot environment
19692| [13666] Apache HTTP Server CGI directory contains possible command interpreter or compiler
19693| [13664] Apache HTTP Server config file contains ScriptAlias entry
19694| [13663] Apache HTTP Server CGI support modules loaded
19695| [13661] Apache HTTP Server config file contains AddHandler entry
19696| [13660] Apache HTTP Server 500 error page not CGI script
19697| [13659] Apache HTTP Server 413 error page not CGI script
19698| [13658] Apache HTTP Server 403 error page not CGI script
19699| [13657] Apache HTTP Server 401 error page not CGI script
19700| [13552] Apache HTTP Server mod_cgid module information disclosure
19701| [13550] Apache GET request directory traversal
19702| [13516] Apache Cocoon XMLForm and JXForm could allow execution of code
19703| [13499] Apache Cocoon directory traversal allows downloading of boot.ini file
19704| [13429] Apache Tomcat non-HTTP request denial of service
19705| [13400] Apache HTTP server mod_alias and mod_rewrite buffer overflow
19706| [13295] Apache weak password encryption
19707| [13254] Apache Tomcat .jsp cross-site scripting
19708| [13125] Apache::Gallery Inline::C could allow arbitrary code execution
19709| [13086] Apache Jakarta Tomcat mod_jk format string allows remote access
19710| [12681] Apache HTTP Server mod_proxy could allow mail relaying
19711| [12662] Apache HTTP Server rotatelogs denial of service
19712| [12554] Apache Tomcat stores password in plain text
19713| [12553] Apache HTTP Server redirects and subrequests denial of service
19714| [12552] Apache HTTP Server FTP proxy server denial of service
19715| [12551] Apache HTTP Server prefork MPM denial of service
19716| [12550] Apache HTTP Server weaker than expected encryption
19717| [12549] Apache HTTP Server type-map file denial of service
19718| [12206] Apache Tomcat /opt/tomcat directory insecure permissions
19719| [12102] Apache Jakarta Tomcat MS-DOS device name request denial of service
19720| [12091] Apache HTTP Server apr_password_validate denial of service
19721| [12090] Apache HTTP Server apr_psprintf code execution
19722| [11804] Apache HTTP Server mod_access_referer denial of service
19723| [11750] Apache HTTP Server could leak sensitive file descriptors
19724| [11730] Apache HTTP Server error log and access log terminal escape sequence injection
19725| [11703] Apache long slash path allows directory listing
19726| [11695] Apache HTTP Server LF (Line Feed) denial of service
19727| [11694] Apache HTTP Server filestat.c denial of service
19728| [11438] Apache HTTP Server MIME message boundaries information disclosure
19729| [11412] Apache HTTP Server error log terminal escape sequence injection
19730| [11196] Apache Tomcat examples and ROOT Web applications cross-site scripting
19731| [11195] Apache Tomcat web.xml could be used to read files
19732| [11194] Apache Tomcat URL appended with a null character could list directories
19733| [11139] Apache HTTP Server mass virtual hosting with mod_rewrite or mod_vhost_alias could allow an attacker to obtain files
19734| [11126] Apache HTTP Server illegal character file disclosure
19735| [11125] Apache HTTP Server DOS device name HTTP POST code execution
19736| [11124] Apache HTTP Server DOS device name denial of service
19737| [11088] Apache HTTP Server mod_vhost_alias CGI source disclosure
19738| [10938] Apache HTTP Server printenv test CGI cross-site scripting
19739| [10771] Apache Tomcat mod_jk module multiple HTTP GET request buffer overflow
19740| [10575] Apache mod_php module could allow an attacker to take over the httpd process
19741| [10499] Apache HTTP Server WebDAV HTTP POST view source
19742| [10457] Apache HTTP Server mod_ssl "
19743| [10415] Apache HTTP Server htdigest insecure system() call could allow command execution
19744| [10414] Apache HTTP Server htdigest multiple buffer overflows
19745| [10413] Apache HTTP Server htdigest temporary file race condition
19746| [10412] Apache HTTP Server htpasswd temporary file race condition
19747| [10376] Apache Tomcat invoker servlet used in conjunction with the default servlet reveals source code
19748| [10348] Apache Tomcat HTTP GET request DOS device reference could cause a denial of service
19749| [10281] Apache HTTP Server ab.c ApacheBench long response buffer overflow
19750| [10280] Apache HTTP Server shared memory scorecard overwrite
19751| [10263] Apache Tomcat mod_jk or mod_jserv connector directory disclosure
19752| [10241] Apache HTTP Server Host: header cross-site scripting
19753| [10230] Slapper worm variants A, B, and C target OpenSSL/Apache systems
19754| [10208] Apache HTTP Server mod_dav denial of service
19755| [10206] HP VVOS Apache mod_ssl denial of service
19756| [10200] Apache HTTP Server stderr denial of service
19757| [10175] Apache Tomcat org.apache.catalina.servlets.DefaultServlet reveals source code
19758| [10169] Slapper worm variant (Slapper.C) targets OpenSSL/Apache systems
19759| [10154] Slapper worm variant (Slapper.B) targets OpenSSL/Apache systems
19760| [10098] Slapper worm targets OpenSSL/Apache systems
19761| [9876] Apache HTTP Server cgi/cgid request could disclose the path to a requested script
19762| [9875] Apache HTTP Server .var file request could disclose installation path
19763| [9863] Apache Tomcat web.xml file could allow a remote attacker to bypass restrictions
19764| [9808] Apache HTTP Server non-Unix version URL encoded directory traversal
19765| [9623] Apache HTTP Server ap_log_rerror() path disclosure
19766| [9520] Apache Tomcat /servlet/ mapping cross-site scripting
19767| [9415] Apache HTTP Server mod_ssl .htaccess off-by-one buffer overflow
19768| [9396] Apache Tomcat null character to threads denial of service
19769| [9394] Apache Tomcat HTTP request for LPT9 reveals Web root path
19770| [9249] Apache HTTP Server chunked encoding heap buffer overflow
19771| [9208] Apache Tomcat sample file requests could reveal directory listing and path to Web root directory
19772| [8932] Apache Tomcat example class information disclosure
19773| [8633] Apache HTTP Server with mod_rewrite could allow an attacker to bypass directives
19774| [8629] Apache HTTP Server double-reverse DNS lookup spoofing
19775| [8589] Apache HTTP Server for Windows DOS batch file remote command execution
19776| [8457] Oracle9i Application Server Apache PL/SQL HTTP Location header buffer overflow
19777| [8455] Oracle9i Application Server default installation could allow an attacker to access certain Apache Services
19778| [8400] Apache HTTP Server mod_frontpage buffer overflows
19779| [8326] Apache HTTP Server multiple MIME headers (sioux) denial of service
19780| [8308] Apache "
19781| [8275] Apache HTTP Server with Multiviews enabled could disclose directory contents
19782| [8119] Apache and PHP OPTIONS request reveals "
19783| [8054] Apache is running on the system
19784| [8029] Mandrake Linux default Apache configuration could allow an attacker to browse files and directories
19785| [8027] Mandrake Linux default Apache configuration has remote management interface enabled
19786| [8026] Mandrake Linux Apache sample programs could disclose sensitive information about the server
19787| [7836] Apache HTTP Server log directory denial of service
19788| [7815] Apache for Windows "
19789| [7810] Apache HTTP request could result in unexpected behavior
19790| [7599] Apache Tomcat reveals installation path
19791| [7494] Apache "
19792| [7419] Apache Web Server could allow remote attackers to overwrite .log files
19793| [7363] Apache Web Server hidden HTTP requests
19794| [7249] Apache mod_proxy denial of service
19795| [7129] Linux with Apache Web server could allow an attacker to determine if a specified username exists
19796| [7103] Apple Mac OS X used with Apache Web server could disclose directory contents
19797| [7059] Apache "
19798| [7057] Apache "
19799| [7056] Apache "
19800| [7055] Apache "
19801| [7054] Apache "
19802| [6997] Apache Jakarta Tomcat error message may reveal information
19803| [6971] Apache Jakarta Tomcat may reveal JSP source code with missing HTTP protocol specification
19804| [6970] Apache crafted HTTP request could reveal the internal IP address
19805| [6921] Apache long slash path allows directory listing
19806| [6687] Apple Mac OS X used with Apache Web server could allow arbitrary file disclosure
19807| [6527] Apache Web Server for Windows and OS2 denial of service
19808| [6316] Apache Jakarta Tomcat may reveal JSP source code
19809| [6305] Apache Jakarta Tomcat directory traversal
19810| [5926] Linux Apache symbolic link
19811| [5659] Apache Web server discloses files when used with php script
19812| [5310] Apache mod_rewrite allows attacker to view arbitrary files
19813| [5204] Apache WebDAV directory listings
19814| [5197] Apache Web server reveals CGI script source code
19815| [5160] Apache Jakarta Tomcat default installation
19816| [5099] Trustix Secure Linux installs Apache with world writable access
19817| [4968] Apache Jakarta Tomcat snoop servlet gives out information which could be used in attack
19818| [4967] Apache Jakarta Tomcat 404 error reveals the pathname of the requested file
19819| [4931] Apache source.asp example file allows users to write to files
19820| [4575] IBM HTTP Server running Apache allows users to directory listing and file retrieval
19821| [4205] Apache Jakarta Tomcat delivers file contents
19822| [2084] Apache on Debian by default serves the /usr/doc directory
19823| [1630] MessageMedia UnityMail and Apache Web server MIME header flood denial of service
19824| [697] Apache HTTP server beck exploit
19825| [331] Apache cookies buffer overflow
19826|
19827| Exploit-DB - https://www.exploit-db.com:
19828| [31130] Apache Tomcat <= 6.0.15 Cookie Quote Handling Remote Information Disclosure Vulnerability
19829| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
19830| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
19831| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
19832| [30563] Apache Tomcat <= 5.5.15 Cal2.JSP Cross-Site Scripting Vulnerability
19833| [30496] Apache Tomcat <= 6.0.13 Cookie Handling Quote Delimiter Session ID Disclosure
19834| [30495] Apache Tomcat <= 6.0.13 Host Manager Servlet Cross Site Scripting Vulnerability
19835| [30191] Apache MyFaces Tomahawk JSF Framework 1.1.5 Autoscroll Parameter Cross Site Scripting Vulnerability
19836| [30189] Apache Tomcat <= 6.0.13 JSP Example Web Applications Cross Site Scripting Vulnerability
19837| [30052] Apache Tomcat 6.0.10 Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities
19838| [29930] Apache AXIS 1.0 Non-Existent WSDL Path Information Disclosure Vulnerability
19839| [29859] Apache Roller OGNL Injection
19840| [29739] Apache HTTP Server Tomcat 5.x/6.0.x Directory Traversal Vulnerability
19841| [29435] Apache Tomcat 5.5.25 - CSRF Vulnerabilities
19842| [29316] Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner) (2)
19843| [29290] Apache / PHP 5.x Remote Code Execution Exploit
19844| [28713] Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE
19845| [28424] Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
19846| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
19847| [28254] Apache Tomcat 5 Information Disclosure Vulnerability
19848| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
19849| [27397] Apache suEXEC Privilege Elevation / Information Disclosure
19850| [27135] Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
19851| [27096] Apache Geronimo 1.0 Error Page XSS
19852| [27095] Apache Tomcat / Geronimo 1.0 Sample Script cal2.jsp time Parameter XSS
19853| [26710] Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 - Denial of Service
19854| [26542] Apache Struts 1.2.7 Error Response Cross-Site Scripting Vulnerability
19855| [25986] Plesk Apache Zeroday Remote Exploit
19856| [25980] Apache Struts includeParams Remote Code Execution
19857| [25625] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (2)
19858| [25624] Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (1)
19859| [24874] Apache Struts ParametersInterceptor Remote Code Execution
19860| [24744] Apache Rave 0.11 - 0.20 - User Information Disclosure
19861| [24694] Apache 1.3.x mod_include Local Buffer Overflow Vulnerability
19862| [24590] Apache 2.0.x mod_ssl Remote Denial of Service Vulnerability
19863| [23751] Apache Cygwin 1.3.x/2.0.x Directory Traversal Vulnerability
19864| [23581] Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability
19865| [23482] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)
19866| [23481] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (1)
19867| [23296] Red Hat Apache 2.0.40 Directory Index Default Configuration Error
19868| [23282] apache cocoon 2.14/2.2 - Directory Traversal vulnerability
19869| [23245] Apache Tomcat 4.0.x Non-HTTP Request Denial of Service Vulnerability
19870| [23119] Apache::Gallery 0.4/0.5/0.6 Insecure Local File Storage Privilege Escalation Vulnerability
19871| [22505] Apache Mod_Access_Referer 1.0.2 NULL Pointer Dereference Denial of Service Vulnerability
19872| [22205] Apache Tomcat 3.x Null Byte Directory/File Disclosure Vulnerability
19873| [22191] Apache Web Server 2.0.x MS-DOS Device Name Denial of Service Vulnerability
19874| [22068] Apache 1.3.x,Tomcat 4.0.x/4.1.x Mod_JK Chunked Encoding Denial of Service Vulnerability
19875| [21885] Apache 1.3/2.0.x Server Side Include Cross Site Scripting Vulnerability
19876| [21882] Apache Tomcat 3.2 Directory Disclosure Vulnerability
19877| [21854] Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service Vulnerability
19878| [21853] Apache Tomcat 3/4 DefaultServlet File Disclosure Vulnerability
19879| [21734] Apache Tomcat 4.1 JSP Request Cross Site Scripting Vulnerability
19880| [21719] Apache 2.0 Path Disclosure Vulnerability
19881| [21697] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
19882| [21605] Apache Tomcat 4.0.3 DoS Device Name Cross Site Scripting Vulnerability
19883| [21604] Apache Tomcat 4.0.3 Servlet Mapping Cross Site Scripting Vulnerability
19884| [21560] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (2)
19885| [21559] Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (1)
19886| [21534] Apache Tomcat 3/4 JSP Engine Denial of Service Vulnerability
19887| [21492] Apache Tomcat 3.2.3/3.2.4 RealPath.JSP Malformed Request Information Disclosure
19888| [21491] Apache Tomcat 3.2.3/3.2.4 Example Files Web Root Path Disclosure
19889| [21490] Apache Tomcat 3.2.3/3.2.4 Source.JSP Malformed Request Information Disclosure
19890| [21412] Apache Tomcat 4.0/4.1 Servlet Path Disclosure Vulnerability
19891| [21350] Apache Win32 1.3.x/2.0.x Batch File Remote Command Execution Vulnerability
19892| [21204] Apache 1.3.20 Win32 PHP.EXE Remote File Disclosure Vulnerability
19893| [21112] Red Hat Linux 7.0 Apache Remote Username Enumeration Vulnerability
19894| [21067] Apache 1.0/1.2/1.3 Server Address Disclosure Vulnerability
19895| [21002] Apache 1.3 Possible Directory Index Disclosure Vulnerability
19896| [20911] Apache 1.3.14 Mac File Protection Bypass Vulnerability
19897| [20716] apache tomcat 3.0 - Directory Traversal vulnerability
19898| [20695] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (4)
19899| [20694] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (3)
19900| [20693] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (2)
19901| [20692] Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (1)
19902| [20595] NCSA 1.3/1.4.x/1.5,Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability
19903| [20558] Apache 1.2 Web Server DoS Vulnerability
19904| [20466] Apache 1.3 Web Server with Php 3 File Disclosure Vulnerability
19905| [20435] Apache 0.8.x/1.0.x,NCSA httpd 1.x test-cgi Directory Listing Vulnerability
19906| [20272] Apache 1.2.5/1.3.1,UnityMail 2.0 MIME Header DoS Vulnerability
19907| [20210] Apache 1.3.12 WebDAV Directory Listings Vulnerability
19908| [20131] Apache Tomcat 3.1 Path Revealing Vulnerability
19909| [19975] Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 Root Directory Access Vulnerability
19910| [19828] Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure Vulnerability
19911| [19536] Apache <= 1.1,NCSA httpd <= 1.5.2,Netscape Server 1.12/1.1/2.0 a nph-test-cgi Vulnerability
19912| [19231] PHP apache_request_headers Function Buffer Overflow
19913| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
19914| [18897] Oracle Weblogic Apache Connector POST Request Buffer Overflow
19915| [18619] Apache Tomcat Remote Exploit (PUT Request) and Account Scanner
19916| [18452] Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities
19917| [18442] Apache httpOnly Cookie Disclosure
19918| [18329] Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities
19919| [18221] Apache HTTP Server Denial of Service
19920| [17969] Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
19921| [17696] Apache httpd Remote Denial of Service (memory exhaustion)
19922| [17691] Apache Struts < 2.2.0 - Remote Command Execution
19923| [16798] Apache mod_jk 1.2.20 Buffer Overflow
19924| [16782] Apache Win32 Chunked Encoding
19925| [16752] Apache module mod_rewrite LDAP protocol Buffer Overflow
19926| [16317] Apache Tomcat Manager Application Deployer Authenticated Code Execution
19927| [15710] Apache Archiva 1.0 - 1.3.1 CSRF Vulnerability
19928| [15319] Apache 2.2 (Windows) Local Denial of Service
19929| [14617] Apache JackRabbit 2.0.0 webapp XPath Injection
19930| [14489] Apache Tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
19931| [12721] Apache Axis2 1.4.1 - Local File Inclusion Vulnerability
19932| [12689] Authenticated Cross-Site Scripting Vulnerability (XSS) within Apache Axis2 administration console
19933| [12343] Apache Tomcat 5.5.0 to 5.5.29 & 6.0.0 to 6.0.26 - Information Disclosure Vulnerability
19934| [12330] Apache OFBiz - Multiple XSS
19935| [12264] Apache OFBiz - FULLADMIN Creator PoC Payload
19936| [12263] Apache OFBiz - SQL Remote Execution PoC Payload
19937| [11662] Apache Spamassassin Milter Plugin Remote Root Command Execution
19938| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
19939| [10811] Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability
19940| [10292] Apache Tomcat 3.2.1 - 404 Error Page Cross Site Scripting Vulnerability
19941| [9995] Apache Tomcat Form Authentication Username Enumeration Weakness
19942| [9994] Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
19943| [9993] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
19944| [8842] Apache mod_dav / svn Remote Denial of Service Exploit
19945| [8458] Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities
19946| [7264] Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win)
19947| [6229] apache tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
19948| [6100] Apache mod_jk 1.2.19 Remote Buffer Overflow Exploit (win32)
19949| [6089] Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit
19950| [5386] Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit
19951| [5330] Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)
19952| [4552] Apache Tomcat (webdav) Remote File Disclosure Exploit (ssl support)
19953| [4530] Apache Tomcat (webdav) Remote File Disclosure Exploit
19954| [4162] Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)
19955| [4093] Apache mod_jk 1.2.19/1.2.20 Remote Buffer Overflow Exploit
19956| [3996] Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)
19957| [3680] Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32)
19958| [3384] Ubuntu/Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit
19959| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
19960| [2061] Apache Tomcat < 5.5.17 Remote Directory Listing Vulnerability
19961| [1056] Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
19962| [855] Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
19963| [764] Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)
19964| [587] Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
19965| [466] htpasswd Apache 1.3.31 - Local Exploit
19966| [371] Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)
19967| [360] Apache HTTPd Arbitrary Long HTTP Headers DoS
19968| [132] Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit
19969| [126] Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
19970| [67] Apache 1.3.x mod_mylo Remote Code Execution Exploit
19971| [38] Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
19972| [34] Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
19973| [11] Apache <= 2.0.44 Linux Remote Denial of Service Exploit
19974| [9] Apache HTTP Server 2.x Memory Leak Exploit
19975|
19976| OpenVAS (Nessus) - http://www.openvas.org:
19977| [902924] Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
19978| [902837] PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability (Windows)
19979| [902830] Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
19980| [902664] Apache Traffic Server HTTP Host Header Denial of Service Vulnerability
19981| [901203] Apache httpd Web Server Range Header Denial of Service Vulnerability
19982| [901110] Apache ActiveMQ Source Code Information Disclosure Vulnerability
19983| [901105] Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
19984| [900842] Apache 'mod_proxy_ftp' Module Command Injection Vulnerability (Linux)
19985| [900841] Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)
19986| [900573] Apache APR-Utils XML Parser Denial of Service Vulnerability
19987| [900572] Apache APR-Utils Multiple Denial of Service Vulnerabilities
19988| [900571] Apache APR-Utils Version Detection
19989| [900499] Apache mod_proxy_ajp Information Disclosure Vulnerability
19990| [900496] Apache Tiles Multiple XSS Vulnerability
19991| [900493] Apache Tiles Version Detection
19992| [900107] Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
19993| [900021] Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
19994| [880086] CentOS Update for apache CESA-2008:0004-01 centos2 i386
19995| [870175] RedHat Update for apache RHSA-2008:0004-01
19996| [864591] Fedora Update for apache-poi FEDORA-2012-10835
19997| [864383] Fedora Update for apache-commons-compress FEDORA-2012-8428
19998| [864280] Fedora Update for apache-commons-compress FEDORA-2012-8465
19999| [864250] Fedora Update for apache-poi FEDORA-2012-7683
20000| [864249] Fedora Update for apache-poi FEDORA-2012-7686
20001| [863993] Fedora Update for apache-commons-daemon FEDORA-2011-10880
20002| [863466] Fedora Update for apache-commons-daemon FEDORA-2011-10936
20003| [855821] Solaris Update for Apache 1.3 122912-19
20004| [855812] Solaris Update for Apache 1.3 122911-19
20005| [855737] Solaris Update for Apache 1.3 122911-17
20006| [855731] Solaris Update for Apache 1.3 122912-17
20007| [855695] Solaris Update for Apache 1.3 122911-16
20008| [855645] Solaris Update for Apache 1.3 122912-16
20009| [855587] Solaris Update for kernel update and Apache 108529-29
20010| [855566] Solaris Update for Apache 116973-07
20011| [855531] Solaris Update for Apache 116974-07
20012| [855524] Solaris Update for Apache 2 120544-14
20013| [855494] Solaris Update for Apache 1.3 122911-15
20014| [855478] Solaris Update for Apache Security 114145-11
20015| [855472] Solaris Update for Apache Security 113146-12
20016| [855179] Solaris Update for Apache 1.3 122912-15
20017| [855147] Solaris Update for kernel update and Apache 108528-29
20018| [855077] Solaris Update for Apache 2 120543-14
20019| [850196] SuSE Update for apache2 openSUSE-SU-2012:0314-1 (apache2)
20020| [850088] SuSE Update for apache2 SUSE-SA:2007:061
20021| [850009] SuSE Update for apache2,apache SUSE-SA:2008:021
20022| [841209] Ubuntu Update for apache2 USN-1627-1
20023| [840900] Ubuntu Update for apache2 USN-1368-1
20024| [840798] Ubuntu Update for apache2 USN-1259-1
20025| [840734] Ubuntu Update for apache2 USN-1199-1
20026| [840542] Ubuntu Update for apache2 vulnerabilities USN-1021-1
20027| [840504] Ubuntu Update for apache2 vulnerability USN-990-2
20028| [840399] Ubuntu Update for apache2 vulnerabilities USN-908-1
20029| [840304] Ubuntu Update for apache2 vulnerabilities USN-575-1
20030| [840118] Ubuntu Update for libapache2-mod-perl2 vulnerability USN-488-1
20031| [840092] Ubuntu Update for apache2 vulnerabilities USN-499-1
20032| [840039] Ubuntu Update for libapache2-mod-python vulnerability USN-430-1
20033| [835253] HP-UX Update for Apache Web Server HPSBUX02645
20034| [835247] HP-UX Update for Apache-based Web Server HPSBUX02612
20035| [835243] HP-UX Update for Apache Running Tomcat Servlet Engine HPSBUX02579
20036| [835236] HP-UX Update for Apache with PHP HPSBUX02543
20037| [835233] HP-UX Update for Apache-based Web Server HPSBUX02531
20038| [835224] HP-UX Update for Apache-based Web Server HPSBUX02465
20039| [835200] HP-UX Update for Apache Web Server Suite HPSBUX02431
20040| [835190] HP-UX Update for Apache Web Server Suite HPSBUX02401
20041| [835188] HP-UX Update for Apache HPSBUX02308
20042| [835181] HP-UX Update for Apache With PHP HPSBUX02332
20043| [835180] HP-UX Update for Apache with PHP HPSBUX02342
20044| [835172] HP-UX Update for Apache HPSBUX02365
20045| [835168] HP-UX Update for Apache HPSBUX02313
20046| [835148] HP-UX Update for Apache HPSBUX01064
20047| [835139] HP-UX Update for Apache with PHP HPSBUX01090
20048| [835131] HP-UX Update for Apache HPSBUX00256
20049| [835119] HP-UX Update for Apache Remote Execution of Arbitrary Code HPSBUX02186
20050| [835104] HP-UX Update for Apache HPSBUX00224
20051| [835103] HP-UX Update for Apache mod_cgid HPSBUX00301
20052| [835101] HP-UX Update for Apache HPSBUX01232
20053| [835080] HP-UX Update for Apache HPSBUX02273
20054| [835078] HP-UX Update for ApacheStrong HPSBUX00255
20055| [835044] HP-UX Update for Apache HPSBUX01019
20056| [835040] HP-UX Update for Apache PHP HPSBUX00207
20057| [835025] HP-UX Update for Apache HPSBUX00197
20058| [835023] HP-UX Update for Apache HPSBUX01022
20059| [835022] HP-UX Update for Apache HPSBUX02292
20060| [835005] HP-UX Update for Apache HPSBUX02262
20061| [831759] Mandriva Update for apache-mod_security MDVSA-2012:182 (apache-mod_security)
20062| [831737] Mandriva Update for apache MDVSA-2012:154-1 (apache)
20063| [831534] Mandriva Update for apache MDVSA-2012:012 (apache)
20064| [831523] Mandriva Update for apache MDVSA-2012:003 (apache)
20065| [831491] Mandriva Update for apache MDVSA-2011:168 (apache)
20066| [831460] Mandriva Update for apache MDVSA-2011:144 (apache)
20067| [831449] Mandriva Update for apache MDVSA-2011:130 (apache)
20068| [831357] Mandriva Update for apache MDVSA-2011:057 (apache)
20069| [831132] Mandriva Update for apache MDVSA-2010:153 (apache)
20070| [831131] Mandriva Update for apache MDVSA-2010:152 (apache)
20071| [830989] Mandriva Update for apache-mod_auth_shadow MDVSA-2010:081 (apache-mod_auth_shadow)
20072| [830931] Mandriva Update for apache MDVSA-2010:057 (apache)
20073| [830926] Mandriva Update for apache MDVSA-2010:053 (apache)
20074| [830918] Mandriva Update for apache-mod_security MDVSA-2010:050 (apache-mod_security)
20075| [830799] Mandriva Update for apache-conf MDVSA-2009:300-2 (apache-conf)
20076| [830797] Mandriva Update for apache-conf MDVSA-2009:300-1 (apache-conf)
20077| [830791] Mandriva Update for apache-conf MDVA-2010:011 (apache-conf)
20078| [830652] Mandriva Update for apache MDVSA-2008:195 (apache)
20079| [830621] Mandriva Update for apache-conf MDVA-2008:129 (apache-conf)
20080| [830581] Mandriva Update for apache MDVSA-2008:016 (apache)
20081| [830294] Mandriva Update for apache MDKSA-2007:140 (apache)
20082| [830196] Mandriva Update for apache MDKSA-2007:235 (apache)
20083| [830112] Mandriva Update for apache MDKSA-2007:127 (apache)
20084| [830109] Mandriva Update for apache-mod_perl MDKSA-2007:083 (apache-mod_perl)
20085| [802425] Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
20086| [802423] Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
20087| [802422] Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
20088| [802415] Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
20089| [802385] Apache Tomcat Request Object Security Bypass Vulnerability (Win)
20090| [802384] Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)
20091| [802378] Apache Tomcat Hash Collision Denial Of Service Vulnerability
20092| [801942] Apache Archiva Multiple Vulnerabilities
20093| [801940] Apache Struts2 'XWork' Information Disclosure Vulnerability
20094| [801663] Apache Struts2/XWork Remote Command Execution Vulnerability
20095| [801521] Apache APR-util 'buckets/apr_brigade.c' Denial Of Service Vulnerability
20096| [801284] Apache Derby Information Disclosure Vulnerability
20097| [801203] Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
20098| [800837] Apache 'mod_deflate' Denial Of Service Vulnerability - July09
20099| [800827] Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
20100| [800680] Apache APR Version Detection
20101| [800679] Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
20102| [800678] Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
20103| [800677] Apache Roller Version Detection
20104| [800279] Apache mod_jk Module Version Detection
20105| [800278] Apache Struts Cross Site Scripting Vulnerability
20106| [800277] Apache Tomcat mod_jk Information Disclosure Vulnerability
20107| [800276] Apache Struts Version Detection
20108| [800271] Apache Struts Directory Traversal Vulnerability
20109| [800024] Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
20110| [103333] Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
20111| [103293] Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
20112| [103122] Apache Web Server ETag Header Information Disclosure Weakness
20113| [103074] Apache Continuum Cross Site Scripting Vulnerability
20114| [103073] Apache Continuum Detection
20115| [103053] Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
20116| [101023] Apache Open For Business Weak Password security check
20117| [101020] Apache Open For Business HTML injection vulnerability
20118| [101019] Apache Open For Business service detection
20119| [100924] Apache Archiva Cross Site Request Forgery Vulnerability
20120| [100923] Apache Archiva Detection
20121| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
20122| [100814] Apache Axis2 Document Type Declaration Processing Security Vulnerability
20123| [100813] Apache Axis2 Detection
20124| [100797] Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
20125| [100795] Apache Derby Detection
20126| [100762] Apache CouchDB Cross Site Request Forgery Vulnerability
20127| [100725] Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
20128| [100613] Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
20129| [100514] Apache Multiple Security Vulnerabilities
20130| [100211] Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
20131| [100172] Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
20132| [100171] Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
20133| [100130] Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
20134| [72626] Debian Security Advisory DSA 2579-1 (apache2)
20135| [72612] FreeBSD Ports: apache22
20136| [71551] Gentoo Security Advisory GLSA 201206-25 (apache)
20137| [71550] Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
20138| [71512] FreeBSD Ports: apache
20139| [71485] Debian Security Advisory DSA 2506-1 (libapache-mod-security)
20140| [71256] Debian Security Advisory DSA 2452-1 (apache2)
20141| [71238] Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
20142| [70737] FreeBSD Ports: apache
20143| [70724] Debian Security Advisory DSA 2405-1 (apache2)
20144| [70600] FreeBSD Ports: apache
20145| [70253] FreeBSD Ports: apache, apache-event, apache-itk, apache-peruser, apache-worker
20146| [70235] Debian Security Advisory DSA 2298-2 (apache2)
20147| [70233] Debian Security Advisory DSA 2298-1 (apache2)
20148| [69988] Debian Security Advisory DSA 2279-1 (libapache2-mod-authnz-external)
20149| [69338] Debian Security Advisory DSA 2202-1 (apache2)
20150| [67868] FreeBSD Ports: apache
20151| [66816] FreeBSD Ports: apache
20152| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
20153| [66414] Mandriva Security Advisory MDVSA-2009:323 (apache)
20154| [66106] SuSE Security Advisory SUSE-SA:2009:050 (apache2,libapr1)
20155| [66081] SLES11: Security update for Apache 2
20156| [66074] SLES10: Security update for Apache 2
20157| [66070] SLES9: Security update for Apache 2
20158| [65998] SLES10: Security update for apache2-mod_python
20159| [65893] SLES10: Security update for Apache 2
20160| [65888] SLES10: Security update for Apache 2
20161| [65575] SLES9: Security update for apache2,apache2-prefork,apache2-worker
20162| [65510] SLES9: Security update for Apache 2
20163| [65472] SLES9: Security update for Apache
20164| [65467] SLES9: Security update for Apache
20165| [65450] SLES9: Security update for apache2
20166| [65390] SLES9: Security update for Apache2
20167| [65363] SLES9: Security update for Apache2
20168| [65309] SLES9: Security update for Apache and mod_ssl
20169| [65296] SLES9: Security update for webdav apache module
20170| [65283] SLES9: Security update for Apache2
20171| [65249] SLES9: Security update for Apache 2
20172| [65230] SLES9: Security update for Apache 2
20173| [65228] SLES9: Security update for Apache 2
20174| [65212] SLES9: Security update for apache2-mod_python
20175| [65209] SLES9: Security update for apache2-worker
20176| [65207] SLES9: Security update for Apache 2
20177| [65168] SLES9: Security update for apache2-mod_python
20178| [65142] SLES9: Security update for Apache2
20179| [65136] SLES9: Security update for Apache 2
20180| [65132] SLES9: Security update for apache
20181| [65131] SLES9: Security update for Apache 2 oes/CORE
20182| [65113] SLES9: Security update for apache2
20183| [65072] SLES9: Security update for apache and mod_ssl
20184| [65017] SLES9: Security update for Apache 2
20185| [64950] Mandrake Security Advisory MDVSA-2009:240 (apache)
20186| [64783] FreeBSD Ports: apache
20187| [64774] Ubuntu USN-802-2 (apache2)
20188| [64653] Ubuntu USN-813-2 (apache2)
20189| [64559] Debian Security Advisory DSA 1834-2 (apache2)
20190| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
20191| [64527] Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)
20192| [64526] Mandrake Security Advisory MDVSA-2009:183 (apache-mod_security)
20193| [64500] Mandrake Security Advisory MDVSA-2009:168 (apache)
20194| [64443] Ubuntu USN-802-1 (apache2)
20195| [64426] Gentoo Security Advisory GLSA 200907-04 (apache)
20196| [64423] Debian Security Advisory DSA 1834-1 (apache2)
20197| [64391] Mandrake Security Advisory MDVSA-2009:149 (apache)
20198| [64377] Mandrake Security Advisory MDVSA-2009:124-1 (apache)
20199| [64251] Debian Security Advisory DSA 1816-1 (apache2)
20200| [64201] Ubuntu USN-787-1 (apache2)
20201| [64140] Mandrake Security Advisory MDVSA-2009:124 (apache)
20202| [64136] Mandrake Security Advisory MDVSA-2009:102 (apache)
20203| [63565] FreeBSD Ports: apache
20204| [63562] Ubuntu USN-731-1 (apache2)
20205| [61381] Gentoo Security Advisory GLSA 200807-06 (apache)
20206| [61185] FreeBSD Ports: apache
20207| [60582] Gentoo Security Advisory GLSA 200803-19 (apache)
20208| [60387] Slackware Advisory SSA:2008-045-02 apache
20209| [58826] FreeBSD Ports: apache-tomcat
20210| [58825] FreeBSD Ports: apache-tomcat
20211| [58804] FreeBSD Ports: apache
20212| [58745] Gentoo Security Advisory GLSA 200711-06 (apache)
20213| [58360] Debian Security Advisory DSA 1312-1 (libapache-mod-jk)
20214| [57851] Gentoo Security Advisory GLSA 200608-01 (apache)
20215| [57788] Debian Security Advisory DSA 1247-1 (libapache-mod-auth-kerb)
20216| [57335] Debian Security Advisory DSA 1167-1 (apache)
20217| [57201] Debian Security Advisory DSA 1131-1 (apache)
20218| [57200] Debian Security Advisory DSA 1132-1 (apache2)
20219| [57168] Slackware Advisory SSA:2006-209-01 Apache httpd
20220| [57145] FreeBSD Ports: apache
20221| [56731] Slackware Advisory SSA:2006-129-01 Apache httpd
20222| [56729] Slackware Advisory SSA:2006-130-01 Apache httpd redux
20223| [56246] Gentoo Security Advisory GLSA 200602-03 (Apache)
20224| [56212] Debian Security Advisory DSA 952-1 (libapache-auth-ldap)
20225| [56115] Debian Security Advisory DSA 935-1 (libapache2-mod-auth-pgsql)
20226| [56067] FreeBSD Ports: apache
20227| [55803] Slackware Advisory SSA:2005-310-04 apache
20228| [55519] Debian Security Advisory DSA 839-1 (apachetop)
20229| [55392] Gentoo Security Advisory GLSA 200509-12 (Apache)
20230| [55355] FreeBSD Ports: apache
20231| [55284] Debian Security Advisory DSA 807-1 (libapache-mod-ssl)
20232| [55261] Debian Security Advisory DSA 805-1 (apache2)
20233| [55259] Debian Security Advisory DSA 803-1 (apache)
20234| [55129] Gentoo Security Advisory GLSA 200508-15 (apache)
20235| [54739] Gentoo Security Advisory GLSA 200411-18 (apache)
20236| [54724] Gentoo Security Advisory GLSA 200411-03 (apache)
20237| [54712] Gentoo Security Advisory GLSA 200410-21 (apache)
20238| [54689] Gentoo Security Advisory GLSA 200409-33 (net=www/apache)
20239| [54677] Gentoo Security Advisory GLSA 200409-21 (apache)
20240| [54610] Gentoo Security Advisory GLSA 200407-03 (Apache)
20241| [54601] Gentoo Security Advisory GLSA 200406-16 (Apache)
20242| [54590] Gentoo Security Advisory GLSA 200406-05 (Apache)
20243| [54582] Gentoo Security Advisory GLSA 200405-22 (Apache)
20244| [54529] Gentoo Security Advisory GLSA 200403-04 (Apache)
20245| [54499] Gentoo Security Advisory GLSA 200310-04 (Apache)
20246| [54498] Gentoo Security Advisory GLSA 200310-03 (Apache)
20247| [54439] FreeBSD Ports: apache
20248| [53931] Slackware Advisory SSA:2004-133-01 apache
20249| [53903] Slackware Advisory SSA:2004-299-01 apache, mod_ssl, php
20250| [53902] Slackware Advisory SSA:2004-305-01 apache+mod_ssl
20251| [53878] Slackware Advisory SSA:2003-308-01 apache security update
20252| [53851] Debian Security Advisory DSA 135-1 (libapache-mod-ssl)
20253| [53849] Debian Security Advisory DSA 132-1 (apache-ssl)
20254| [53848] Debian Security Advisory DSA 131-1 (apache)
20255| [53784] Debian Security Advisory DSA 021-1 (apache)
20256| [53738] Debian Security Advisory DSA 195-1 (apache-perl)
20257| [53737] Debian Security Advisory DSA 188-1 (apache-ssl)
20258| [53735] Debian Security Advisory DSA 187-1 (apache)
20259| [53703] Debian Security Advisory DSA 532-1 (libapache-mod-ssl)
20260| [53577] Debian Security Advisory DSA 120-1 (libapache-mod-ssl, apache-ssl)
20261| [53568] Debian Security Advisory DSA 067-1 (apache,apache-ssl)
20262| [53519] Debian Security Advisory DSA 689-1 (libapache-mod-python)
20263| [53433] Debian Security Advisory DSA 181-1 (libapache-mod-ssl)
20264| [53282] Debian Security Advisory DSA 594-1 (apache)
20265| [53248] Debian Security Advisory DSA 558-1 (libapache-mod-dav)
20266| [53224] Debian Security Advisory DSA 532-2 (libapache-mod-ssl)
20267| [53215] Debian Security Advisory DSA 525-1 (apache)
20268| [53151] Debian Security Advisory DSA 452-1 (libapache-mod-python)
20269| [52529] FreeBSD Ports: apache+ssl
20270| [52501] FreeBSD Ports: apache
20271| [52461] FreeBSD Ports: apache
20272| [52390] FreeBSD Ports: apache
20273| [52389] FreeBSD Ports: apache
20274| [52388] FreeBSD Ports: apache
20275| [52383] FreeBSD Ports: apache
20276| [52339] FreeBSD Ports: apache+mod_ssl
20277| [52331] FreeBSD Ports: apache
20278| [52329] FreeBSD Ports: ru-apache+mod_ssl
20279| [52314] FreeBSD Ports: apache
20280| [52310] FreeBSD Ports: apache
20281| [15588] Detect Apache HTTPS
20282| [15555] Apache mod_proxy content-length buffer overflow
20283| [15554] Apache mod_include priviledge escalation
20284| [14771] Apache <= 1.3.33 htpasswd local overflow
20285| [14177] Apache mod_access rule bypass
20286| [13644] Apache mod_rootme Backdoor
20287| [12293] Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
20288| [12280] Apache Connection Blocking Denial of Service
20289| [12239] Apache Error Log Escape Sequence Injection
20290| [12123] Apache Tomcat source.jsp malformed request information disclosure
20291| [12085] Apache Tomcat servlet/JSP container default files
20292| [11438] Apache Tomcat Directory Listing and File disclosure
20293| [11204] Apache Tomcat Default Accounts
20294| [11092] Apache 2.0.39 Win32 directory traversal
20295| [11046] Apache Tomcat TroubleShooter Servlet Installed
20296| [11042] Apache Tomcat DOS Device Name XSS
20297| [11041] Apache Tomcat /servlet Cross Site Scripting
20298| [10938] Apache Remote Command Execution via .bat files
20299| [10839] PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability
20300| [10773] MacOS X Finder reveals contents of Apache Web files
20301| [10766] Apache UserDir Sensitive Information Disclosure
20302| [10756] MacOS X Finder reveals contents of Apache Web directories
20303| [10752] Apache Auth Module SQL Insertion Attack
20304| [10704] Apache Directory Listing
20305| [10678] Apache /server-info accessible
20306| [10677] Apache /server-status accessible
20307| [10440] Check for Apache Multiple / vulnerability
20308|
20309| SecurityTracker - https://www.securitytracker.com:
20310| [1028865] Apache Struts Bugs Permit Remote Code Execution and URL Redirection Attacks
20311| [1028864] Apache Struts Wildcard Matching and Expression Evaluation Bugs Let Remote Users Execute Arbitrary Code
20312| [1028824] Apache mod_dav_svn URI Processing Flaw Lets Remote Users Deny Service
20313| [1028823] Apache Unspecified Flaw in mod_session_dbd Has Unspecified Impact
20314| [1028724] (HP Issues Fix for HP-UX) Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
20315| [1028722] (Red Hat Issues Fix for JBoss) Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
20316| [1028693] (Red Hat Issues Fix) Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
20317| [1028622] Apache Struts 'includeParams' Bugs Permit Remote Command Execution and Cross-Site Scripting Attacks
20318| [1028621] Apache Subversion Bugs Let Remote Authenticated Users Execute Arbitrary Commands and Deny Service
20319| [1028540] Apache mod_rewrite Input Validation Flaw Lets Remote Users Execute Arbitrary Commands
20320| [1028534] Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
20321| [1028533] Apache Tomcat Lack of Chunked Transfer Encoding Extension Size Limit Lets Remote Users Deny Service
20322| [1028532] Apache Tomcat AsyncListeners Bug May Disclose Information from One Request to Another User
20323| [1028515] Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
20324| [1028457] Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information
20325| [1028287] Apache CXF WSS4JInInterceptor Grants Service Access to Remote Users
20326| [1028286] Apache CXF WS-Security UsernameToken Processing Flaw Lets Remote Users Bypass Authentication
20327| [1028252] Apache Commons FileUpload Unsafe Temporary File Lets Local Users Gain Elevated Privileges
20328| [1028207] Apache Input Validation Bugs Permit Cross-Site Scripting Attacks
20329| [1027836] Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
20330| [1027834] Apache Tomcat Bug Lets Remote Users Bypass Cross-Site Request Forgery Prevention Filter
20331| [1027833] Apache Tomcat Bug Lets Remote Users Bypass Security Constraints
20332| [1027729] Apache Tomcat Header Processing Bug Lets Remote Users Deny Service
20333| [1027728] Apache Tomcat Lets Remote Users Conduct DIGEST Authentication Replay Attacks
20334| [1027554] Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions
20335| [1027508] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
20336| [1027421] Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
20337| [1027096] Apache Commons Compress BZip2CompressorOutputStream() Sorting Algorithm Lets Remote or Local Users Deny Service
20338| [1026932] Apache LD_LIBRARY_PATH Processing Lets Local Users Gain Elevated Privileges
20339| [1026928] Apache OFBiz Unspecified Flaw Lets Remote Users Execute Arbitrary Code
20340| [1026927] Apache OFBiz Input Validation Flaws Permit Cross-Site Scripting Attacks
20341| [1026847] Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service
20342| [1026846] Apache Wicket Discloses Hidden Application Files to Remote Users
20343| [1026839] Apache Wicket Input Validation Flaw in 'wicket:pageMapName' Parameter Permits Cross-Site Scripting Attacks
20344| [1026616] Apache Bugs Let Remote Users Deny Service and Obtain Cookie Data
20345| [1026575] Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands
20346| [1026484] Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code
20347| [1026477] Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service
20348| [1026402] Apache Struts Conversion Error Lets Remote Users Inject Arbitrary Commands
20349| [1026353] Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access Internal Servers
20350| [1026295] Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges
20351| [1026267] Apache .htaccess File Integer Overflow Lets Local Users Execute Arbitrary Code
20352| [1026144] Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers
20353| [1026095] Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks
20354| [1026054] Apache mod_proxy_ajp HTTP Processing Error Lets Remote Users Deny Service
20355| [1025993] Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information
20356| [1025976] Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks
20357| [1025960] Apache httpd Byterange Filter Processing Error Lets Remote Users Deny Service
20358| [1025925] Apache Tomcat Commons Daemon jsvc Lets Local Users Gain Elevated Privileges
20359| [1025924] Apache Tomcat XML Validation Flaw Lets Applications Obtain Potentially Sensitive Information
20360| [1025788] Apache Tomcat Lets Malicious Applications Obtain Information and Deny Service
20361| [1025755] Apache Santuario Buffer Overflow Lets Remote Users Deny Service
20362| [1025712] Apache Tomcat Discloses Passwords to Local Users in Certain Cases
20363| [1025577] Apache Archiva Input Validation Hole Permits Cross-Site Scripting Attacks
20364| [1025576] Apache Archiva Request Validation Flaw Permits Cross-Site Request Forgery Attacks
20365| [1025527] Apache APR Library apr_fnmatch() Flaw Lets Remote Users Execute Arbitrary Code
20366| [1025303] Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users
20367| [1025215] Apache Tomcat May Ignore @ServletSecurity Annotation Protections
20368| [1025066] Apache Continuum Input Validation Flaw Permits Cross-Site Request Forgery Attacks
20369| [1025065] Apache Continuum Input Validation Hole Permits Cross-Site Scripting Attacks
20370| [1025027] Apache Tomcat maxHttpHeaderSize Parsing Error Lets Remote Users Deny Service
20371| [1025026] Apache Tomcat Manager Input Validation Hole Permits Cross-Site Scripting Attacks
20372| [1025025] Apache Tomcat Security Manager Lets Local Users Bypass File Permissions
20373| [1024764] Apache Tomcat Manager Input Validation Hole in 'sessionList.jsp' Permits Cross-Site Scripting Attacks
20374| [1024417] Apache Traffic Server Insufficient Randomization Lets Remote Users Poison the DNS Cache
20375| [1024332] Apache mod_cache and mod_dav Request Processing Flaw Lets Remote Users Deny Service
20376| [1024180] Apache Tomcat 'Transfer-Encoding' Header Processing Flaw Lets Remote Users Deny Service and Obtain Potentially Sensitive Information
20377| [1024096] Apache mod_proxy_http May Return Results for a Different Request
20378| [1023942] Apache mod_proxy_ajp Error Condition Lets Remote Users Deny Service
20379| [1023941] Apache ap_read_request() Memory Error May Let Remote Users Access Potentially Sensitive Information
20380| [1023778] Apache ActiveMQ Input Validation Flaw Permits Cross-Site Scripting Attacks
20381| [1023701] Apache mod_isapi Error Processing Flaw May Let Remote Users Deny Service
20382| [1023533] Apache mod_proxy Integer Overflow May Let Remote Users Execute Arbitrary Code
20383| [1022988] Apache Solaris Support Code Bug Lets Remote Users Deny Service
20384| [1022529] Apache mod_deflate Connection State Bug Lets Remote Users Deny Service
20385| [1022509] Apache mod_proxy stream_reqbody_cl() Infinite Loop Lets Remote Users Deny Service
20386| [1022296] Apache IncludesNoExec Options Restrictions Can Be Bypass By Local Users
20387| [1022264] Apache mod_proxy_ajp Bug May Disclose Another User's Response Data
20388| [1022001] Apache Tomcat mod_jk May Disclose Responses to the Wrong User
20389| [1021988] mod_perl Input Validation Flaw in Apache::Status and Apache2::Status Permits Cross-Site Scripting Attacks
20390| [1021350] NetWare Bug Lets Remote Users Access the ApacheAdmin Console
20391| [1020635] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
20392| [1020520] Oracle WebLogic Apache Connector Lets Remote Users Execute Arbitrary Code
20393| [1020267] Apache mod_proxy Interim Response Process Bug Lets Remote Users Deny Service
20394| [1019784] Apache-SSL Certificate Processing Bug May Let Remote Users View Portions of Kernel Memory
20395| [1019256] Apache mod_negotiation Input Validation Hole Permits Cross-Site Scripting Attacks
20396| [1019194] Apache Input Validation Hole in Mod_AutoIndex When the Character Set is Undefined May Permit Cross-Site Scripting Attacks
20397| [1019185] Apache Input Validation Hole in mod_proxy_ftp Permits Cross-Site Scripting Attacks
20398| [1019154] Apache Input Validation Hole in mod_status Permits Cross-Site Scripting Attacks
20399| [1019093] Apache Input Validation Hole in mod_imap Permits Cross-Site Scripting Attacks
20400| [1019030] Apache Input Validation Hole in Default HTTP 413 Error Page Permits Cross-Site Scripting Attacks
20401| [1018633] Apache mod_proxy Bug Lets Remote Users Deny Service
20402| [1018304] Apache HTTPD scoreboard Protection Flaw Lets Local Users Terminate Arbitrary Processes
20403| [1018303] Apache HTTPD mod_cache May Let Remote Users Deny Service
20404| [1018302] Apache mod_status Input Validation Hole Permits Cross-Site Scripting Attacks
20405| [1018269] Apache Tomcat Input Validation Hole in Processing Accept-Language Header Permits Cross-Site Scripting Attacks
20406| [1017904] Apache suEXEC Bugs May Let Local Users Gain Elevated Privileges
20407| [1017719] Apache Tomcat JK Web Server Connector Buffer Overflow in map_uri_to_worker() Lets Remote Users Execute Arbitrary Code
20408| [1017062] Apache mod_tcl Format String Bug in set_var() Function May Let Remote Users Execute Arbitrary Code
20409| [1016601] Apache mod_rewrite Off-by-one Error Lets Remote Users Execute Arbitrary Code
20410| [1016576] Apache Tomcat Discloses Directory Listings to Remote Users
20411| [1015447] Apache mod_ssl Null Pointer Dereference May Let Remote Users Deny Service
20412| [1015344] Apache mod_imap Input Validation Flaw in Referer Field Lets Remote Users Conduct Cross-Site Scripting Attacks
20413| [1015093] Apache Memory Leak in MPM 'worker.c' Code May Let Remote Users Deny Service
20414| [1014996] ApacheTop Unsafe Temporary File May Let Local Users Gain Elevated Privileges
20415| [1014833] Apache ssl_hook_Access() Function May Fail to Verify Client Certificates
20416| [1014826] Apache Memory Leak in 'byterange filter' Lets Remote Users Deny Service
20417| [1014575] Apache mod_ssl Off-by-one Buffer Overflow in Processing CRLs May Let Remote Users Deny Service
20418| [1014323] Apache Chunked Transfer-Encoding and Content-Length Processing Lets Remote Users Smuggle HTTP Requests
20419| [1013156] Apache mod_python Publisher Handler Discloses Information to Remote Users
20420| [1012829] Apache mod_auth_radius radcpy() Integer Overflow Lets Remote Users Deny Service in Certain Cases
20421| [1012416] Apache on Apple OS X Lets Remote Users Bypass Apache File Handlers and Directly Access Files
20422| [1012415] Apache on Apple HFS+ Filesystems May Disclose '.DS_Store' Files to Remote Users
20423| [1012414] Apache mod_digest_apple Lets Remote Users Replay Authentication Credentials
20424| [1012083] Apache Web Server Error in Processing Requests With Many Space Characters Lets Remote Users Deny Service
20425| [1011783] Apache mod_include Buffer Overflow Lets Local Users Execute Arbitrary Code
20426| [1011557] Apache mod_ssl SSLCipherSuite Directive Can By Bypassed in Certain Cases
20427| [1011385] Apache Satsify Directive Error May Let Remote Users Access Restricted Resources
20428| [1011340] Apache SSL Connection Abort State Error Lets Remote Users Deny Service
20429| [1011303] Apache ap_resolve_env() Buffer Overflow in Reading Configuration Files May Let Local Users Gain Elevated Privileges
20430| [1011299] Apache IPv6 Address Parsing Flaw May Let Remote Users Deny Service
20431| [1011248] Apache mod_dav LOCK Method Error May Let Remote Users Deny Service
20432| [1011213] Apache mod_ssl Can Be Crashed By Remote Users When Reverse Proxying SSL Connections
20433| [1010674] Apache Can Be Crashed By PHP Code Invoking Nested Remote Sockets
20434| [1010599] Apache httpd Header Line Memory Allocation Lets Remote Users Crash the Server
20435| [1010462] Apache mod_proxy Buffer Overflow May Let Remote Users Execute Arbitrary Code
20436| [1010322] Apache mod_ssl Stack Overflow in ssl_util_uuencode_binary() May Let Remote Users Execute Arbitrary Code
20437| [1010270] cPanel Apache mod_phpsuexec Options Let Local Users Gain Elevated Privileges
20438| [1009934] Apache Web Server Has Buffer Overflow in ebcdic2ascii() on Older Processor Architectures
20439| [1009516] Apache mod_survey HTML Report Format Lets Remote Users Conduct Cross-Site Scripting Attacks
20440| [1009509] Apache mod_disk_cache Stores Authentication Credentials on Disk
20441| [1009495] Apache Web Server Socket Starvation Flaw May Let Remote Users Deny Service
20442| [1009417] GroupWise WebAccess With Apache on NetWare Has Configuration Flaw That May Grant Web Access to Remote Users
20443| [1009338] Apache mod_access Parsing Flaw May Fail to Enforce Allow/Deny Rules
20444| [1009337] Apache mod_ssl Memory Leak Lets Remote Users Crash the Daemon
20445| [1009182] Apache for Cygwin '..%5C' Input Validation Flaw Discloses Files to Remote Users
20446| [1008973] PHP May Apply Incorrect php_admin_* Settings To Requests for Apache Virtual Hosts
20447| [1008967] Apache-SSL 'SSLFakeBasicAuth' Lets Remote Users Forge Client Certificates to Be Authenticated
20448| [1008920] Apache mod_digest May Validate Replayed Client Responses
20449| [1008828] Apache mod_python String Processing Bug Still Lets Remote Users Crash the Web Server
20450| [1008822] Apache mod_perl File Descriptor Leak May Let Local Users Hijack the http and https Services
20451| [1008675] mod_auth_shadow Apache Module Authenticates Expired Passwords
20452| [1008559] Apache mod_php File Descriptor Leak May Let Local Users Hijack the https Service
20453| [1008335] Apache mod_python String Processing Bug Lets Remote Users Crash the Web Server
20454| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
20455| [1008030] Apache mod_rewrite Contains a Buffer Overflow
20456| [1008029] Apache mod_alias Contains a Buffer Overflow
20457| [1008028] Apache mod_cgid May Disclose CGI Output to Another Client
20458| [1007995] Apache Cocoon Forms May Let Remote Users Execute Arbitrary Java Code on the System
20459| [1007993] Apache Cocoon 'view-source' Sample Script Discloses Files to Remote Users
20460| [1007823] Apache Web Server mod_cgi Error May Let Malicious CGI Scripts Crash the Web Service
20461| [1007664] Apache::Gallery Unsafe Temporary Files May Let Local Users Gain Apache Web Server Privileges
20462| [1007557] Apache Web Server Does Not Filter Terminal Escape Sequences From Log Files
20463| [1007230] Apache HTTP Server 'rotatelogs' Bug on Win32 and OS/2 May Cause the Logging to Stop
20464| [1007146] Apache HTTP Server FTP Proxy Bug May Cause Denial of Service Conditions
20465| [1007145] Apache 'accept()' Errors May Cause Denial of Service Conditions
20466| [1007144] Apache Web Server 'type-map' File Error Permits Local Denial of Service Attacks
20467| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
20468| [1006864] Apache Web Server Can Be Crashed By Remote Users Via mod_dav Flaws and Also Via Basic Authentication
20469| [1006709] Apache mod_survey Input Validation Flaw Lets Remote Users Fill Up Disk Space
20470| [1006614] Apache mod_ntlm Buffer Overflow and Format String Flaw Let Remote Users Execute Arbitary Code
20471| [1006591] Apache mod_access_referer Module Null Pointer Dereference May Faciliate Denial of Service Attacks
20472| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
20473| [1006021] Apache Tomcat Server URL Parsing Error May Disclose Otherwise Inaccessible Web Directory Listings and Files to Remote Users
20474| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
20475| [1005962] Apache Web Server Path Parsing Flaw May Allow Remote Users to Execute Code in Certain Configurations
20476| [1005848] Apache 'printenv' Script Input Validation Bugs in Older Versions May Let Remote Users Conduct Cross-Site Scripting Attacks
20477| [1005765] Apache mod_jk Module Processing Bug When Used With Tomcat May Disclose Information to Remote Users or Crash
20478| [1005548] Apache mod_php Module May Allow Local Users to Gain Control of the Web Port
20479| [1005499] Apache Web Server (2.0.42) May Disclose CGI Source Code to Remote Users When Used With WebDAV
20480| [1005410] Apache Tomcat Java Servlet Engine Can Be Crashed Via Multiple Requests for DOS Device Names
20481| [1005351] Apache Web Server (1.3.x) Shared Memory Scoreboard Bug Lets Certain Local Users Issue Signals With Root Privileges
20482| [1005331] Apache Web Server (2.x) SSI Server Signature Filtering Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
20483| [1005290] Apache Tomcat Java Server Default Servlet Returns JSP Source Code to Remote Users
20484| [1005285] Apache Web Server 'mod_dav' Has Null Pointer Bug That May Allow Remote Users to Cause Denial of Service Conditions
20485| [1005010] Apache Web Server (2.0) Has Unspecified Flaw That Allows Remote Users to Obtain Sensitive Data and Cause Denial of Service Conditions
20486| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
20487| [1004745] Apache Tomcat Java Server Allows Cross-Site Scripting Attacks
20488| [1004636] Apache mod_ssl 'Off-by-One' Bug May Let Local Users Crash the Web Server or Possibly Execute Arbitrary Code
20489| [1004602] Apache Tomcat Java Server for Windows Can Be Crashed By Remote Users Sending Malicious Requests to Hang All Available Working Threads
20490| [1004586] Apache Tomcat Java Server May Disclose the Installation Path to Remote Users
20491| [1004555] Apache Web Server Chunked Encoding Flaw May Let Remote Users Execute Arbitrary Code on the Server
20492| [1004209] Apache 'mod_python' Python Language Interpreter Bug in Publisher Handler May Allow Remote Users to Modify Files on the System
20493| [1003874] Apache Web Server for Windows Has Batch File Processing Hole That Lets Remote Users Execute Commands on the System
20494| [1003767] 'mod_frontpage' Module for Apache Web Server Has Buffer Overlow in 'fpexec.c' That Allows Remote Users to Execute Arbitrary Code on the System with Root Privileges
20495| [1003723] Apache-SSL for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
20496| [1003664] 'mod_ssl' Security Package for Apache Web Server Has Buffer Overflow That Can Be Triggered By Remote Users
20497| [1003602] GNUJSP Java Server Pages Implementation Discloses Web Files and Source Code to Remote Users and Bypasses Apache Access Control Restrictions
20498| [1003465] PHP for Apache Web Server May Disclose Installation Path Information to Remote Users Making 'OPTIONS' Requests
20499| [1003451] Oracle Application Server PL/SQL Module for Apache Has Buffer Overflows That Allow Remote Users to Execute Arbitrary Code and Gain Access to the Server
20500| [1003131] Apache Web Server in Virtual Hosting Mode Can Be Crashed By a Local User Removing a Log Directory
20501| [1003104] PHP.EXE Windows CGI for Apache Web Server May Let Remote Users View Files on the Server Due to Configuration Error
20502| [1003008] Apache 'mod_bf' Module Lets Remote Users Execute Arbitrary Code
20503| [1002629] Apache suEXEC Wrapper Fails to Observe Minimum Group ID Security Settings in Certain Situations
20504| [1002542] Apache Web Server Virtual Hosting Split-Logfile Function Lets Remote Users Write Log Entries to Arbitrary Files on the System
20505| [1002400] Apache mod_gzip Module Has Buffer Overflow That Can Be Exploited By Local Users to Gain Elevated Privileges
20506| [1002303] Several 3rd Party Apache Authentication Modules Allow Remote Users to Execute Arbitrary Code to Gain Access to the System or Execute Stored Procedures to Obtain Arbitrary Database Information
20507| [1002188] Apache Web Server Discloses Internal IP Addresses to Remote Users in Certain Configurations
20508| [1001989] Apache Web Server May Disclose Directory Contents Even If an Index.html File is Present in the Directory
20509| [1001719] Apache Web Server on Mac OS X Client Fails to Enforce File and Directory Access Protections, Giving Remote Users Access to Restricted Pages
20510| [1001572] Apache Web Server on Microsoft Windows Platforms Allows Remote Users to Crash the Web Server
20511| [1001304] Apache Web Server for Windows Lets Remote Users Crash the Web Server Application
20512| [1001083] Apache Web Server May Display Directory Index Listings Even if Directory Listings Are Disabled
20513|
20514| OSVDB - http://www.osvdb.org:
20515| [96078] Apache CloudStack Infrastructure Menu Setup Network Multiple Field XSS
20516| [96077] Apache CloudStack Global Settings Multiple Field XSS
20517| [96076] Apache CloudStack Instances Menu Display Name Field XSS
20518| [96075] Apache CloudStack Instances Menu Add Instances Network Name Field XSS
20519| [96074] Apache CloudStack Instances Menu Add Instances Review Step Multiple Field XSS
20520| [96031] Apache HTTP Server suEXEC Symlink Arbitrary File Access
20521| [95888] Apache Archiva Single / Double Quote Character Handling XSS Weakness
20522| [95885] Apache Subversion mod_dav_svn Module Crafted HTTP Request Handling Remote DoS
20523| [95706] Apache OpenOffice.org (OOo) OOXML Document File XML Element Handling Memory Corruption
20524| [95704] Apache OpenOffice.org (OOo) DOC File PLCF Data Handling Memory Corruption
20525| [95603] Apache Continuum web/util/GenerateRecipentNotifier.java recipient Parameter XSS
20526| [95602] Apache Continuum web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml Multiple Parameter XSS
20527| [95601] Apache Continuum web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
20528| [95600] Apache Continuum web/action/ScheduleAction-saveSchedule-validation.xml Multiple Parameter XSS
20529| [95599] Apache Continuumweb/action/BuildDefinitionAction-saveBuildDefinition-validation.xml Multiple Parameter XSS
20530| [95598] Apache Continuum web/action/AddProjectAction-addProject-validation.xml Multiple Parameter XSS
20531| [95597] Apache Continuum web/action/ProjectEditAction-projectSave-validation.xml Multiple Parameter XSS
20532| [95596] Apache Continuum web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml Multiple Parameter XSS
20533| [95595] Apache Continuum web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml Multiple Parameter XSS
20534| [95594] Apache Continuum web/action/ProjectGroupAction.java Multiple Parameter XSS
20535| [95593] Apache Continuum web/action/AddProjectGroupAction.java Multiple Parameter XSS
20536| [95592] Apache Continuum web/action/AddProjectAction.java Multiple Parameter XSS
20537| [95523] Apache OFBiz Webtools Application View Log Screen Unspecified XSS
20538| [95522] Apache OFBiz Nested Expression Evaluation Arbitrary UEL Function Execution
20539| [95521] Apache HTTP Server mod_session_dbd Session Saving Unspecified Issue
20540| [95498] Apache HTTP Server mod_dav.c Crafted MERGE Request Remote DoS
20541| [95406] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Arbitrary Site Redirect
20542| [95405] Apache Struts DefaultActionMapper Multiple Prefixing Parameters Remote Code Execution
20543| [95011] Apache CXF XML Parser SOAP Message Handling CPU Resource Exhaustion Remote DoS
20544| [94705] Apache Geronimo RMI Classloader Exposure Serialized Object Handling Remote Code Execution
20545| [94651] Apache Santuario (XML Security for C++) XML Signature CanonicalizationMethod Parameter Spoofing Weakness
20546| [94636] Apache Continuum workingCopy.action userDirectory Traversal Arbitrary File Access
20547| [94635] Apache Maven SCM SvnCommandlineUtils Process Listing Local Password Disclosure
20548| [94632] Apache Maven Wagon SSH (wagon-ssh) Host Verification Failure MitM Weakness
20549| [94625] Apache Santuario (XML Security for C++) XML Signature Reference Crafted XPointer Expression Handling Heap Buffer Overflow
20550| [94618] Apache Archiva /archiva/security/useredit.action username Parameter XSS
20551| [94617] Apache Archiva /archiva/security/roleedit.action name Parameter XSS
20552| [94616] Apache Archiva /archiva/security/userlist!show.action roleName Parameter XSS
20553| [94615] Apache Archiva /archiva/deleteArtifact!doDelete.action groupId Parameter XSS
20554| [94614] Apache Archiva /archiva/admin/addLegacyArtifactPath!commit.action legacyArtifactPath.path Parameter XSS
20555| [94613] Apache Archiva /archiva/admin/addRepository.action Multiple Parameter XSS
20556| [94612] Apache Archiva /archiva/admin/editAppearance.action Multiple Parameter XSS
20557| [94611] Apache Archiva /archiva/admin/addLegacyArtifactPath.action Multiple Parameter XSS
20558| [94610] Apache Archiva /archiva/admin/addNetworkProxy.action Multiple Parameter XSS
20559| [94403] Apache Santuario (XML Security for C++) InclusiveNamespace PrefixList Processing Heap Overflow
20560| [94402] Apache Santuario (XML Security for C++) HMAC-based XML Signature Processing DoS
20561| [94401] Apache Santuario (XML Security for C++) XPointer Evaluation Stack Overflow
20562| [94400] Apache Santuario (XML Security for C++) HMAC-Based XML Signature Reference Element Validation Spoofing Weakness
20563| [94279] Apache Qpid CA Certificate Validation Bypass
20564| [94275] Apache Solr JettySolrRunner.java Can Not Find Error Message XSS
20565| [94233] Apache OpenJPA Object Deserialization Arbitrary Executable Creation
20566| [94042] Apache Axis JAX-WS Java Unspecified Exposure
20567| [93969] Apache Struts OGNL Expression Handling Double Evaluation Error Remote Command Execution
20568| [93796] Apache Subversion Filename Handling FSFS Repository Corruption Remote DoS
20569| [93795] Apache Subversion svnserve Server Aborted Connection Message Handling Remote DoS
20570| [93794] Apache Subversion contrib/hook-scripts/check-mime-type.pl svnlook Hyphenated argv Argument Handling Remote DoS
20571| [93793] Apache Subversion contrib/hook-scripts/svn-keyword-check.pl Filename Handling Remote Command Execution
20572| [93646] Apache Struts Crafted Parameter Arbitrary OGNL Code Execution
20573| [93645] Apache Struts URL / Anchor Tag includeParams Attribute Remote Command Execution
20574| [93636] Apache Pig Multiple Physical Operator Memory Exhaustion Remote Remote DoS
20575| [93635] Apache Wink DTD (Document Type Definition) Expansion Data Parsing Information Disclosure
20576| [93605] RT Apache::Session::File Session Replay Reuse Information Disclosure
20577| [93599] Apache Derby SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY Boot Password Manipulation Re-encryption Failure Password Corruption
20578| [93555] Apache Commons Codec Invalid Base32 String Information Tunneling Weakness
20579| [93554] Apache HBase bulkLoadHFiles() Method ACL Bypass
20580| [93543] JBoss Enterprise Application Platform org.apache.catalina.connector.Response.encodeURL() Method MitM jsessionid Disclosure
20581| [93542] Apache ManifoldCF (Connectors Framework) org.apache.manifoldcf.crawler.ExportConfiguration Class Configuration Export Password Disclosure
20582| [93541] Apache Solr json.wrf Callback XSS
20583| [93524] Apache Hadoop GetSecurityDescriptorControl() Function Absolute Security Descriptor Handling NULL Descriptor Weakness
20584| [93521] Apache jUDDI Security API Token Session Persistence Weakness
20585| [93520] Apache CloudStack Default SSL Key Weakness
20586| [93519] Apache Shindig /ifr Cross-site Arbitrary Gadget Invocation
20587| [93518] Apache Solr /admin/analysis.jsp name Parameter XSS
20588| [93517] Apache CloudStack setup-cloud-management /etc/sudoers Modification Local Privilege Escalation
20589| [93516] Apache CXF UsernameTokenInterceptor Nonce Caching Replay Weakness
20590| [93515] Apache HBase table.jsp name Parameter XSS
20591| [93514] Apache CloudStack Management Server Unauthenticated Remote JMX Connection Default Setting Weakness
20592| [93463] Apache Struts EL / OGNL Interpretation Unspecified Remote Code Execution
20593| [93462] Apache CXF WS-SecurityPolicy AlgorithmSuite Arbitrary Ciphertext Decryption Weakness
20594| [93401] Apache Hadoop core-site.xml Permission Weakness Local Alfredo Secret Disclosure
20595| [93400] Apache Hadoop Map/Reduce Job Log Directory Symlink Arbitrary File Mode Manipulation
20596| [93397] Apache Wicket Referrer HTTP Header Session ID Disclosure
20597| [93366] Apache HTTP Server modules/mappers/mod_rewrite.c do_rewritelog() Function Log File Terminal Escape Sequence Filtering Remote Command Execution
20598| [93254] Apache Tomcat AsyncListener Method Cross-session Information Disclosure
20599| [93253] Apache Tomcat Chunked Transfer Encoding Data Saturation Remote DoS
20600| [93252] Apache Tomcat FORM Authenticator Session Fixation
20601| [93172] Apache Camel camel/endpoints/ Endpoint XSS
20602| [93171] Apache Sling HtmlResponse Error Message XSS
20603| [93170] Apache Directory DelegatingAuthenticator MitM Spoofing Weakness
20604| [93169] Apache Wave AuthenticationServlet.java Session Fixation Weakness
20605| [93168] Apache Click ErrorReport.java id Parameter XSS
20606| [93167] Apache ActiveMQ JMSXUserId Spoofing Weakness
20607| [93166] Apache CXF Crafted Message Element Count Handling System Resource Exhaustion Remote DoS
20608| [93165] Apache CXF Crafted Message Element Level Handling System Resource Exhaustion Remote DoS
20609| [93164] Apache Harmony DatagramSocket Class connect Method CheckAccept() IP Blacklist Bypass
20610| [93163] Apache Hadoop Map/Reduce Daemon Symlink Arbitrary File Overwrite
20611| [93162] Apache VelocityStruts struts/ErrorsTool.getMsgs Error Message XSS
20612| [93161] Apache CouchDB Rewriter VM Atom Table Memory Exhaustion Remote DoS
20613| [93158] Apache Wicket BookmarkablePageLink Feature XSS CSRF
20614| [93157] Apache Struts UrlHelper.java s:url includeParams Functionality XSS
20615| [93156] Apache Tapestry Calendar Component datefield.js datefield Parameter XSS
20616| [93155] Apache Struts fielderror.ftl fielderror Parameter Error Message XSS
20617| [93154] Apache JSPWiki Edit.jsp createPages WikiPermission Bypass
20618| [93153] Apache PDFBox PDFXrefStreamParser Missing Element Handling PDF Parsing DoS
20619| [93152] Apache Hadoop HttpServer.java Multiple Function XSS
20620| [93151] Apache Shiro Search Filter userName Parameter LDAP Code Injection Weakness
20621| [93150] Apache Harmony java.net.SocketPermission Class boolean equals Function checkConnect() Weakness Host Name Retrieval
20622| [93149] Apache Harmony java.security.Provider Class void load Function checkSecurityAccess() Weakness
20623| [93148] Apache Harmony java.security.ProtectionDomain Class java.lang.String.toString() Function checkPermission() Weakness
20624| [93147] Apache Harmony java.net.URLConnection openConnection Function checkConnect Weakness Proxy Connection Permission Bypass
20625| [93146] Apache Harmony java.net.ServerSocket Class void implAccept Function checkAccept() Weakness SerSocket Subclass Creation
20626| [93145] Apache Qpid JMS Client Detached Session Frame Handling NULL Pointer Dereference Remote DoS
20627| [93144] Apache Solr Admin Command Execution CSRF
20628| [93009] Apache VCL XMLRPC API Unspecified Function Remote Privilege Escalation
20629| [93008] Apache VCL Web GUI Unspecified Remote Privilege Escalation
20630| [92997] Apache Commons Codec org.apache.commons.codec.net.URLCodec Fields Missing 'final' Thread-safety Unspecified Issue
20631| [92976] Apache ActiveMQ scheduled.jsp crontab Command XSS
20632| [92947] Apache Commons Codec org.apache.commons.codec.language.Soundex.US_ENGLISH_MAPPING Missing MS_PKGPROTECT Field Manipulation Unspecified Issue
20633| [92749] Apache CloudStack Predictable Hash Virtual Machine Console Console Access URL Generation
20634| [92748] Apache CloudStack VM Console Access Restriction Bypass
20635| [92709] Apache ActiveMQ Web Console Unauthenticated Remote Access
20636| [92708] Apache ActiveMQ Sample Web Application Broker Resource Consumption Remote DoS
20637| [92707] Apache ActiveMQ webapp/websocket/chat.js Subscribe Message XSS
20638| [92706] Apache ActiveMQ Debug Log Rendering XSS
20639| [92705] Apache ActiveMQ PortfolioPublishServlet.java refresh Parameter XSS
20640| [92270] Apache Tomcat Unspecified CSRF
20641| [92094] Apache Subversion mod_dav_svn Module Nonexistent URL Lock Request Handling NULL Pointer Dereference Remote DoS
20642| [92093] Apache Subversion mod_dav_svn Module Activity URL PROPFIND Request Handling NULL Pointer Dereference Remote DoS
20643| [92092] Apache Subversion mod_dav_svn Module Log REPORT Request Handling NULL Pointer Dereference Remote DoS
20644| [92091] Apache Subversion mod_dav_svn Module Node Property Handling Resource Exhaustion Remote DoS
20645| [92090] Apache Subversion mod_dav_svn Module Activity URL Lock Request Handling NULL Pointer Dereference Remote DoS
20646| [91774] Apache Commons Codec Unspecified Non-private Field Manipulation Weakness
20647| [91628] mod_ruid2 for Apache HTTP Server fchdir() Inherited File Descriptor chroot Restriction Bypass
20648| [91328] Apache Wicket $up$ Traversal Arbitrary File Access
20649| [91295] Apple Mac OS X Apache Unicode Character URI Handling Authentication Bypass
20650| [91235] Apache Rave /app/api/rpc/users/get User Object Hashed Password Remote Disclosure
20651| [91185] Munin Default Apache Configuration Permission Weakness Remote Information Disclosure
20652| [91173] Apache Wicket WebApplicationPath Constructor Bypass /WEB-INF/ Directory File Access
20653| [91172] Apache Wicket PackageResourceGuard File Extension Filter Bypass
20654| [91025] Apache Qpid qpid::framing::Buffer Class Multiple Method Out-of-bounds Access Remote DoS
20655| [91024] Apache Qpid federation_tag Attribute Handling Federated Interbroker Link Access Restriction Bypass
20656| [91023] Apache Qpid AMQP Type Decoder Exposure Array Size Value Handling Memory Consumption Remote DoS
20657| [91022] Apache Qpid qpid/cpp/include/qpid/framing/Buffer.h qpid::framing::Buffer::checkAvailable() Function Integer Overflow
20658| [90986] Apache Jena ARQ INSERT DATA Request Handling Overflow
20659| [90907] Apache Subversion mod_dav_svn / libsvn_fs svn_fs_file_length() Function MKACTIVITY / PROPFIND Option Request Handling Remote DoS
20660| [90906] Apache Commons FileUpload /tmp Storage Symlink Arbitrary File Overwrite
20661| [90864] Apache Batik 1xx Redirect Script Origin Restriction Bypass
20662| [90858] Apache Ant Malformed TAR File Handling Infinite Loop DoS
20663| [90852] Apache HTTP Server for Debian apachectl /var/lock Permission Weakness Symlink Directory Permission Manipulation
20664| [90804] Apache Commons CLI Path Subversion Local Privilege Escalation
20665| [90802] Apache Avro Recursive Schema Handling Infinite Recursion DoS
20666| [90592] Apache Batik ApplicationSecurityEnforcer.java Multiple Method Security Restriction Bypass
20667| [90591] Apache Batik XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
20668| [90565] Apache Tomcat Log Directory Permission Weakness Local Information Disclosure
20669| [90564] Apache Maven / Maven Wagon SSL Certificate Validation MitM Spoofing Weakness
20670| [90557] Apache HTTP Server mod_proxy_balancer balancer-manager Interface Multiple Parameter XSS
20671| [90556] Apache HTTP Server Multiple Module Multiple Parameter XSS
20672| [90276] Apache Axis2 axis2.xml Plaintext Password Local Disclosure
20673| [90249] Apache Axiom ClassLoader XMLInputFactory / XMLOutputFactory Construction Unspecified Issue
20674| [90235] Apache Commons HttpClient Certificate Wildcard Matching Weakness
20675| [90079] Apache CXF WSS4JInInterceptor URIMappingInterceptor WS-Security SOAP Service Access Restriction Bypass
20676| [90078] Apache CXF WS-SecurityPolicy Enabled Plaintext UsernameTokens Handling Authentication Bypass
20677| [89453] Apache Open For Business Project (OFBiz) Screenlet.title Widget Attribute XSS
20678| [89452] Apache Open For Business Project (OFBiz) Image.alt Widget Attribute XSS
20679| [89294] Apache CouchDB Futon UI Browser-based Test Suite Query Parameter XSS
20680| [89293] Apache CouchDB Unspecified Traversal Arbitrary File Access
20681| [89275] Apache HTTP Server mod_proxy_ajp Module Expensive Request Parsing Remote DoS
20682| [89267] Apache CouchDB JSONP Callback Handling Unspecified XSS
20683| [89146] Apache CloudStack Master Server log4j.conf SSH Private Key / Plaintext Password Disclosure
20684| [88603] Apache OpenOffice.org (OOo) Unspecified Information Disclosure
20685| [88602] Apache OpenOffice.org (OOo) Unspecified Manifest-processing Issue
20686| [88601] Apache OpenOffice.org (OOo) Unspecified PowerPoint File Handling Issue
20687| [88285] Apache Tomcat Partial HTTP Request Saturation Remote DoS
20688| [88095] Apache Tomcat NIO Connector Terminated Connection Infinte Loop DoS
20689| [88094] Apache Tomcat FORM Authentication Crafted j_security_check Request Security Constraint Bypass
20690| [88093] Apache Tomcat Null Session Requst CSRF Prevention Filter Bypass
20691| [88043] IBM Tivoli Netcool/Reporter Apache CGI Unspecified Remote Command Execution
20692| [87580] Apache Tomcat DIGEST Authentication Session State Caching Authentication Bypass Weakness
20693| [87579] Apache Tomcat DIGEST Authentication Stale Nonce Verification Authentication Bypass Weakness
20694| [87477] Apache Tomcat Project Woodstock Service Error Page UTF-7 XSS Weakness
20695| [87227] Apache Tomcat InternalNioInputBuffer.java parseHeaders() Function Request Header Size Parsing Remote DoS
20696| [87223] Apache Tomcat DIGEST Authentication replay-countermeasure Functionality cnonce / cn Verification Authentication Bypass Weakness
20697| [87160] Apache Commons HttpClient X.509 Certificate Domain Name Matching MiTM Weakness
20698| [87159] Apache CXF X.509 Certificate Domain Name Matching MiTM Weakness
20699| [87150] Apache Axis / Axis2 X.509 Certificate Domain Name Matching MiTM Weakness
20700| [86902] Apache HTTP Server 3xx Redirect Internal IP Address Remote Disclosure
20701| [86901] Apache Tomcat Error Message Path Disclosure
20702| [86684] Apache CloudStack Unauthorized Arbitrary API Call Invocation
20703| [86556] Apache Open For Business Project (OFBiz) Unspecified Issue
20704| [86503] Visual Tools VS home/apache/DiskManager/cron/init_diskmgr Local Command Execution
20705| [86401] Apache ActiveMQ ResourceHandler Traversal Arbitrary File Access
20706| [86225] Apache Axis2 XML Signature Wrapping (XSW) Authentication Bypass
20707| [86206] Apache Axis2 Crafted SAML Assertion Signature Exclusion Attack Authentication Bypass
20708| [85722] Apache CXF SOAP Request Parsing Access Restriction Bypass
20709| [85704] Apache Qpid Incoming Client Connection Saturation Remote DoS
20710| [85474] Eucalyptus Apache Santuario (XML Security for Java) Library XML Signature Transform Handling DoS
20711| [85430] Apache mod_pagespeed Module Unspecified XSS
20712| [85429] Apache mod_pagespeed Module Hostname Verification Cross-host Resource Disclosure
20713| [85249] Apache Wicket Unspecified XSS
20714| [85236] Apache Hadoop conf/hadoop-env.sh Temporary File Symlink Arbitrary File Manipulation
20715| [85090] Apache HTTP Server mod_proxy_ajp.c mod_proxy_ajp Module Proxy Functionality Cross-client Information Disclosure
20716| [85089] Apache HTTP Server mod_proxy_http.c mod_proxy_http Module Cross-client Information Disclosure
20717| [85062] Apache Solr Autocomplete Module for Drupal Autocomplete Results XSS
20718| [85010] Apache Struts Token Handling Mechanism Token Name Configuration Parameter CSRF Weakness
20719| [85009] Apache Struts Request Parameter OGNL Expression Parsing Remote DoS
20720| [84911] libapache2-mod-rpaf X-Forward-For HTTP Header Parsing Remote DoS
20721| [84823] Apache HTTP Server Multiple Module Back End Server Error Handling HTTP Request Parsing Remote Information Disclosure
20722| [84818] Apache HTTP Server mod_negotiation Module mod_negotiation.c make_variant_list Function XSS
20723| [84562] Apache Qpid Broker Authentication Mechanism AMQP Client Shadow Connection NullAuthenticator Request Parsing Authentication Bypass
20724| [84458] Apache Libcloud SSL Certificate Validation MitM Spoofing Weakness
20725| [84279] PHP on Apache php_default_post_reader POST Request Handling Overflow DoS
20726| [84278] PHP w/ Apache PDO::ATTR_DEFAULT_FETCH_MODE / PDO::FETCH_CLASS DoS
20727| [84231] Apache Hadoop DataNodes Client BlockTokens Arbitrary Block Access
20728| [83943] Oracle Solaris Cluster Apache Tomcat Agent Subcomponent Unspecified Local Privilege Escalation
20729| [83939] Oracle Solaris Apache HTTP Server Subcomponent Unspecified Remote Information Disclosure
20730| [83685] svnauthcheck Apache HTTP Configuration File Permission Revocation Weakness
20731| [83682] Apache Sling POST Servlet @CopyFrom Operation HTTP Request Parsing Infinite Loop Remote DoS
20732| [83339] Apache Roller Blogger Roll Unspecified XSS
20733| [83270] Apache Roller Unspecified Admin Action CSRF
20734| [82782] Apache CXF WS-SecurityPolicy 1.1 SupportingToken Policy Bypass
20735| [82781] Apache CXF WS-SecurityPolicy Supporting Token Children Specification Token Signing Verification Weakness
20736| [82611] cPanel Apache Piped Log Configuration Log Message Formatting Traversal Arbitrary File Creation
20737| [82436] MapServer for Windows Bundled Apache / PHP Configuration Local File Inclusion
20738| [82215] PHP sapi/cgi/cgi_main.c apache_request_headers Function HTTP Header Handling Remote Overflow
20739| [82161] Apache Commons Compress bzip2 File Compression BZip2CompressorOutputStream Class File Handling Remote DoS
20740| [81965] Apache Batik Squiggle SVG Browser JAR File Arbitrary Code Execution
20741| [81790] Apache POI src/org/apache/poi/hwpf/model/UnhandledDataStructure.java UnhandledDataStructure() constructor Length Attribute CDF / CFBF File Handling Remote DoS
20742| [81660] Apache Qpid Credential Checking Cluster Authentication Bypass
20743| [81511] Apache for Debian /usr/share/doc HTTP Request Parsing Local Script Execution
20744| [81359] Apache HTTP Server LD_LIBRARY_PATH Variable Local Privilege Escalation
20745| [81349] Apache Open For Business Project (OFBiz) Webslinger Component Unspecified XSS
20746| [81348] Apache Open For Business Project (OFBiz) Content IDs / Map-Keys Unspecified XSS
20747| [81347] Apache Open For Business Project (OFBiz) Parameter Arrays Unspecified XSS
20748| [81346] Apache Open For Business Project (OFBiz) checkoutProcess.js getServerError() Function Unspecified XSS
20749| [81196] Apache Open For Business Project (OFBiz) FlexibleStringExpander Nested Script String Parsing Remote Code Execution
20750| [80981] Apache Hadoop Kerberos/MapReduce Security Feature User Impersonation Weakness
20751| [80571] Apache Traffic Server Host HTTP Header Parsing Remote Overflow
20752| [80547] Apache Struts XSLTResult.java File Upload Arbitrary Command Execution
20753| [80360] AskApache Password Protector Plugin for WordPress Error Page $_SERVER Superglobal XSS
20754| [80349] Apache HTTP Server mod_fcgid Module fcgid_spawn_ctl.c FcgidMaxProcessesPerClass Virtual Host Directive HTTP Request Parsing Remote DoS
20755| [80301] Apache Wicket /resources/ Absolute Path Arbitrary File Access
20756| [80300] Apache Wicket wicket:pageMapName Parameter XSS
20757| [79478] Apache Solr Extension for TYPO3 Unspecified XSS
20758| [79002] Apache MyFaces javax.faces.resource In Parameter Traversal Arbitrary File Access
20759| [78994] Apache Struts struts-examples/upload/upload-submit.do name Parameter XSS
20760| [78993] Apache Struts struts-cookbook/processDyna.do message Parameter XSS
20761| [78992] Apache Struts struts-cookbook/processSimple.do message Parameter XSS
20762| [78991] Apache Struts struts2-rest-showcase/orders clientName Parameter XSS
20763| [78990] Apache Struts struts2-showcase/person/editPerson.action Multiple Parameter XSS
20764| [78932] Apache APR Hash Collision Form Parameter Parsing Remote DoS
20765| [78903] Apache CXF SOAP Request Parsing WS-Security UsernameToken Policy Bypass
20766| [78600] Apache Tomcat HTTP DIGEST Authentication DigestAuthenticator.java Catalina Weakness Security Bypass
20767| [78599] Apache Tomcat HTTP DIGEST Authentication Realm Value Parsing Security Bypass
20768| [78598] Apache Tomcat HTTP DIGEST Authentication qop Value Parsing Security Bypass
20769| [78573] Apache Tomcat Parameter Saturation CPU Consumption Remote DoS
20770| [78556] Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Disclosure
20771| [78555] Apache HTTP Server Threaded MPM %{cookiename}C Log Format String Cookie Handling Remote DoS
20772| [78501] Apache Struts ParameterInterceptor Class OGNL Expression Parsing Remote Command Execution
20773| [78331] Apache Tomcat Request Object Recycling Information Disclosure
20774| [78293] Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass
20775| [78277] Apache Struts ExceptionDelegator Component Parameter Parsing Remote Code Execution
20776| [78276] Apache Struts DebuggingInterceptor Component Developer Mode Unspecified Remote Command Execution
20777| [78113] Apache Tomcat Hash Collision Form Parameter Parsing Remote DoS
20778| [78112] Apache Geronimo Hash Collision Form Parameter Parsing Remote DoS
20779| [78109] Apache Struts ParameterInterceptor Traversal Arbitrary File Overwrite
20780| [78108] Apache Struts CookieInterceptor Cookie Name Handling Remote Command Execution
20781| [77593] Apache Struts Conversion Error OGNL Expression Injection
20782| [77496] Apache ActiveMQ Failover Mechanism Openwire Request Parsing Remote DoS
20783| [77444] Apache HTTP Server mod_proxy Mdule Web Request HTTP/0.9 Protocol URL Parsing Proxy Remote Security Bypass
20784| [77374] Apache MyFaces Java Bean includeViewParameters Parsing EL Expression Security Weakness
20785| [77310] Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (2011-4317)
20786| [77234] Apache HTTP Server on cygwin Encoded Traversal Arbitrary File Access
20787| [77012] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Memory Consumption DoS
20788| [76944] Apache Tomcat Manager Application Servlets Access Restriction Bypass
20789| [76744] Apache HTTP Server server/utils.c ap_pregsub() Function htaccess File Handling Local Overflow
20790| [76189] Apache Tomcat HTTP DIGEST Authentication Weakness
20791| [76079] Apache HTTP Server mod_proxy Mdule Web Request URL Parsing Proxy Remote Security Bypass (2011-3368)
20792| [76072] Apache JServ jserv.conf jserv-status Handler jserv/ URI Request Parsing Local Information Disclosure
20793| [75807] Apache HTTP Server Incomplete Header Connection Saturation Remote DoS
20794| [75647] Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remote DoS
20795| [75376] Apache Libcloud SSL Certificate Validation MitM Server Spoofing Weakness
20796| [74853] Domain Technologie Control /etc/apache2/apache2.conf File Permissions Weakness dtcdaemons User Password Disclosure
20797| [74818] Apache Tomcat AJP Message Injection Authentication Bypass
20798| [74725] Apache Wicket Multi Window Support Unspecified XSS
20799| [74721] Apache HTTP Server ByteRange Filter Memory Exhaustion Remote DoS
20800| [74541] Apache Commons Daemon Jsvc Permissions Weakness Arbitrary File Access
20801| [74535] Apache Tomcat XML Parser Cross-application Multiple File Manipulation
20802| [74447] Apache Struts XWork Nonexistent Method s:submit Element Internal Java Class Remote Path Disclosure
20803| [74262] Apache HTTP Server Multi-Processing Module itk.c Configuration Merger mpm-itk root UID / GID Remote Privilege Escalation
20804| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
20805| [73920] Oracle Secure Backup /apache/htdocts/php/common.php username Parameter Remote Code Execution
20806| [73798] Apache Tomcat sendfile Request Start / Endpoint Parsing Local DoS
20807| [73797] Apache Tomcat sendfile Request Attribute Validation Weakness Local Access Restriction Bypass
20808| [73776] Apache Tomcat HTTP BIO Connector HTTP Pipelining Cross-user Remote Response Access
20809| [73644] Apache XML Security Signature Key Parsing Overflow DoS
20810| [73600] Apache Struts javatemplates Plugin Component Handlers .action URI Multiple Parameter XSS
20811| [73462] Apache Rampart/C util/rampart_timestamp_token.c rampart_timestamp_token_validate Function Expired Token Remote Access Restriction Bypass
20812| [73429] Apache Tomcat JMX MemoryUserDatabase Local Password Disclosure
20813| [73384] Apache HTTP Server mod_rewrite PCRE Resource Exhaustion DoS
20814| [73383] Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop Remote DoS
20815| [73378] IBM WebSphere Application Server (WAS) JavaServer Pages org.apache.jasper.runtime.JspWriterImpl.response JSP Page Application Restart Remote DoS
20816| [73247] Apache Subversion mod_dav_svn File Permission Weakness Information Disclosure
20817| [73246] Apache Subversion mod_dav_svn Path-based Access Control Rule Handling Remote DoS
20818| [73245] Apache Subversion mod_dav_svn Baselined Resource Request Handling Remote DoS
20819| [73154] Apache Archiva Multiple Unspecified CSRF
20820| [73153] Apache Archiva /archiva/admin/deleteNetworkProxy!confirm.action proxyid Parameter XSS
20821| [72407] Apache Tomcat @ServletSecurity Initial Load Annotation Security Constraint Bypass Information Disclosure
20822| [72238] Apache Struts Action / Method Names <
20823| [71647] Apache HttpComponents HttpClient Proxy-Authorization Credentials Remote Disclosure
20824| [71558] Apache Tomcat SecurityManager ServletContext Attribute Traversal Arbitrary File Manipulation
20825| [71557] Apache Tomcat HTML Manager Multiple XSS
20826| [71075] Apache Archiva User Management Page XSS
20827| [71027] Apache Tomcat @ServletSecurity Annotation Security Constraint Bypass Information Disclosure
20828| [70925] Apache Continuum Project Pages Unspecified XSS (2011-0533)
20829| [70924] Apache Continuum Multiple Admin Function CSRF
20830| [70809] Apache Tomcat NIO HTTP Connector Request Line Processing DoS
20831| [70734] Apache CouchDB Request / Cookie Handling Unspecified XSS
20832| [70585] Oracle Fusion Middleware Oracle HTTP Server Apache Plugin Unspecified Remote Issue
20833| [70333] Apache Subversion rev_hunt.c blame Command Multiple Memory Leak Remote DoS
20834| [70332] Apache Subversion Apache HTTP Server mod_dav_svn repos.c walk FunctionSVNParentPath Collection Remote DoS
20835| [69659] Apache Archiva Admin Authentication Weakness Privilege Escalation
20836| [69520] Apache Archiva Administrator Credential Manipulation CSRF
20837| [69512] Apache Tomcat Set-Cookie Header HTTPOnly Flag Session Hijacking Weakness
20838| [69456] Apache Tomcat Manager manager/html/sessions Multiple Parameter XSS
20839| [69275] Apache mod_fcgid Module fcgid_bucket.c fcgid_header_bucket_read() Function Remote Overflow
20840| [69067] Apache Shiro URI Path Security Traversal Information Disclosure
20841| [68815] Apache MyFaces shared/util/StateUtils.java View State MAC Weakness Cryptographic Padding Remote View State Modification
20842| [68670] Apache Qpid C++ Broker Component broker/SessionAdapter.cpp SessionAdapter::ExchangeHandlerImpl::checkAlternate Function Exchange Alternate Remote DoS
20843| [68669] Apache Qpid cluster/Cluster.cpp Cluster::deliveredEvent Function Invalid AMQP Data Remote DoS
20844| [68662] Apache Axis2 dswsbobje.war Module Admin Account Default Password
20845| [68531] Apache Qpid qpidd sys/ssl/SslSocket.cpp Incomplete SSL Handshake Remote DoS
20846| [68327] Apache APR-util buckets/apr_brigade.c apr_brigade_split_line() Function Memory Consumption DoS
20847| [68314] Apache XML-RPC SAX Parser External Entity Information Disclosure
20848| [67964] Apache Traffic Server Transaction ID / Source Port Randomization Weakness DNS Cache Poisoning
20849| [67846] SUSE Lifecycle Management Server on SUSE Linux Enterprise apache2-slms Parameter Quoting CSRF
20850| [67294] Apache CXF XML SOAP Message Crafted Document Type Declaration Remote DoS
20851| [67240] Apache CouchDB Installation Page Direct Request Arbitrary JavaScript Code Execution CSRF
20852| [67205] Apache Derby BUILTIN Authentication Password Hash Generation Algorithm SHA-1 Transformation Password Substitution
20853| [66745] Apache HTTP Server Multiple Modules Pathless Request Remote DoS
20854| [66319] Apache Tomcat Crafted Transfer-Encoding Header Handling Buffer Recycling Remote DoS
20855| [66280] Apache Struts XWork ParameterInterceptor Server-Side Object Remote Code Execution
20856| [66226] Apache Axis2 Admin Interface Cookie Session Fixation
20857| [65697] Apache Axis2 / Java SOAP Message DTD Rejection Weakness Arbitrary File Access
20858| [65654] Apache HTTP Server mod_proxy_http mod_proxy_http.c Timeout Detection Weakness HTTP Request Response Disclosure
20859| [65429] Apache MyFaces Unencrypted ViewState Serialized View Object Manipulation Arbitrary Expression Language (EL) Statement Execution
20860| [65054] Apache ActiveMQ Jetty Error Handler XSS
20861| [64844] Apache Axis2/Java axis2/axis2-admin/engagingglobally modules Parameter XSS
20862| [64522] Apache Open For Business Project (OFBiz) ecommerce/control/contactus Multiple Parameter XSS
20863| [64521] Apache Open For Business Project (OFBiz) Web Tools Section entityName Parameter XSS
20864| [64520] Apache Open For Business Project (OFBiz) ecommerce/control/ViewBlogArticle contentId Parameter XSS
20865| [64519] Apache Open For Business Project (OFBiz) Control Servlet URI XSS
20866| [64518] Apache Open For Business Project (OFBiz) Show Portal Page Section start Parameter XSS
20867| [64517] Apache Open For Business Project (OFBiz) View Profile Section partyId Parameter XSS
20868| [64516] Apache Open For Business Project (OFBiz) Export Product Listing Section productStoreId Parameter XSS
20869| [64307] Apache Tomcat Web Application Manager/Host Manager CSRF
20870| [64056] mod_auth_shadow for Apache HTTP Server wait() Function Authentication Bypass
20871| [64023] Apache Tomcat WWW-Authenticate Header Local Host Information Disclosure
20872| [64020] Apache ActiveMQ Jetty ResourceHandler Crafted Request JSP File Source Disclosure
20873| [63895] Apache HTTP Server mod_headers Unspecified Issue
20874| [63368] Apache ActiveMQ createDestination.action JMSDestination Parameter CSRF
20875| [63367] Apache ActiveMQ createDestination.action JMSDestination Parameter XSS
20876| [63350] Apache CouchDB Hash Verification Algorithm Predictable Execution Time Weakness
20877| [63140] Apache Thrift Service Malformed Data Remote DoS
20878| [62676] Apache HTTP Server mod_proxy_ajp Module Crafted Request Remote DoS
20879| [62675] Apache HTTP Server Multi-Processing Module (MPM) Subrequest Header Handling Cross-thread Information Disclosure
20880| [62674] Apache HTTP Server mod_isapi Module Unloading Crafted Request Remote DoS
20881| [62231] Apache HTTP Server Logging Format Weakness Crafted DNS Response IP Address Spoofing
20882| [62230] Apache HTTP Server Crafted DNS Response Inverse Lookup Log Corruption XSS
20883| [62054] Apache Tomcat WAR Filename Traversal Work-directory File Deletion
20884| [62053] Apache Tomcat Autodeployment Process appBase File HTTP Request Authentication Bypass
20885| [62052] Apache Tomcat WAR File Traversal Arbitrary File Overwrite
20886| [62009] Apache HTTP Server src/modules/proxy/proxy_util.c mod_proxy ap_proxy_send_fb() Function Overflow
20887| [61379] Apache River Outrigger Entry Storage Saturation Memory Exhaustion DoS
20888| [61378] Apache Hadoop Map/Reduce JobTracker Memory Consumption DoS
20889| [61377] Apache Commons Modeler Multiple Mutable Static Fields Weakness
20890| [61376] Apache Rampart wsse:security Tag Signature Value Checking Weakness
20891| [60687] Apache C++ Standard Library (STDCXX) strxfrm() Function Overflow
20892| [60680] Apache Hadoop JobHistory Job Name Manipulation Weakness
20893| [60679] Apache ODE DeploymentWebService OMElement zipPart CRLF Injection
20894| [60678] Apache Roller Comment Email Notification Manipulation DoS
20895| [60677] Apache CouchDB Unspecified Document Handling Remote DoS
20896| [60428] Sun Java Plug-in org.apache.crimson.tree.XmlDocument Class reateXmlDocument Method Floppy Drive Access Bypass
20897| [60413] mod_throttle for Apache Shared Memory File Manipulation Local Privilege Escalation
20898| [60412] Sun Java Plug-in org.apache.xalan.processor.XSLProcessorVersion Class Unsigned Applet Variable Sharing Privilege Escalation
20899| [60396] Apache HTTP Server on OpenBSD Multipart MIME Boundary Remote Information Disclosure
20900| [60395] Apache HTTP Server on OpenBSD ETag HTTP Header Remote Information Disclosure
20901| [60232] PHP on Apache php.exe Direct Request Remote DoS
20902| [60176] Apache Tomcat Windows Installer Admin Default Password
20903| [60016] Apache HTTP Server on HP Secure OS for Linux HTTP Request Handling Unspecified Issue
20904| [59979] Apache HTTP Server on Apple Mac OS X HTTP TRACE Method Unspecified Client XSS
20905| [59969] Apache HTTP Server mod_ssl SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
20906| [59944] Apache Hadoop jobhistory.jsp XSS
20907| [59374] Apache Solr Search Extension for TYPO3 Unspecified XSS
20908| [59022] Apache Shindig ConcatProxyServlet HTTP Header Response Splitting
20909| [59021] Apache Cocoon X-Cocoon-Version Header Remote Information Disclosure
20910| [59020] Apache Tapestry HTTPS Session Cookie Secure Flag Weakness
20911| [59019] Apache mod_python Cookie Salting Weakness
20912| [59018] Apache Harmony Error Message Handling Overflow
20913| [59013] Apache Derby SYSCS_EXPORT_TABLE Arbitrary File Overwrite
20914| [59012] Apache Derby Driver Auto-loading Non-deterministic Startup Weakness
20915| [59011] Apache JSPWiki Page Attachment Change Note Function XSS
20916| [59010] Apache Solr get-file.jsp XSS
20917| [59009] Apache Solr action.jsp XSS
20918| [59008] Apache Solr analysis.jsp XSS
20919| [59007] Apache Solr schema.jsp Multiple Parameter XSS
20920| [59006] Apache Beehive select / checkbox Tag XSS
20921| [59005] Apache Beehive jpfScopeID Global Parameter XSS
20922| [59004] Apache Beehive Error Message XSS
20923| [59003] Apache HttpClient POST Request Handling Memory Consumption DoS
20924| [59002] Apache Jetspeed default-page.psml URI XSS
20925| [59001] Apache Axis2 xsd Parameter Traversal Arbitrary File Disclosure
20926| [59000] Apache CXF Unsigned Message Policy Bypass
20927| [58999] Apache WSS4J CallbackHandler Plaintext Password Validation Weakness
20928| [58998] Apache OpenJPA persistence.xml Cleartext Password Local Disclosure
20929| [58997] Apache OpenEJB openejb.xml Cleartext Password Local Disclosure
20930| [58996] Apache Hadoop Map/Reduce LinuxTaskController File Group Ownership Weakness
20931| [58995] Apache Hadoop Map/Reduce Task Ownership Weakness
20932| [58994] Apache Hadoop Map/Reduce DistributedCache Localized File Permission Weakness
20933| [58993] Apache Hadoop browseBlock.jsp XSS
20934| [58991] Apache Hadoop browseDirectory.jsp XSS
20935| [58990] Apache Hadoop Map/Reduce HTTP TaskTrackers User Data Remote Disclosure
20936| [58989] Apache Hadoop Sqoop Process Listing Local Cleartext Password Disclosure
20937| [58988] Apache Hadoop Chukwa HICC Portal Unspecified XSS
20938| [58987] Apache Hadoop Map/Reduce TaskTracker User File Permission Weakness
20939| [58986] Apache Qpid Encrypted Message Handling Remote Overflow DoS
20940| [58985] Apache Qpid Process Listing Local Cleartext Password Disclosure
20941| [58984] Apache Jackrabbit Content Repository (JCR) Default Account Privilege Access Weakness
20942| [58983] Apache Jackrabbit Content Repository (JCR) NamespaceRegistry API Registration Method Race Condition
20943| [58982] Apache Synapse Proxy Service Security Policy Mismatch Weakness
20944| [58981] Apache Geronimo TomcatGeronimoRealm Security Context Persistence Weakness
20945| [58980] Apache Geronimo LDAP Realm Configuration Restart Reversion Weakness
20946| [58979] Apache MyFaces Tomahawk ExtensionsPhaseListener HTML Injection Information Disclosure
20947| [58978] Apache MyFaces Trinidad LocaleInfoScriptlet XSS
20948| [58977] Apache Open For Business Project (OFBiz) Multiple Default Accounts
20949| [58976] Apache Open For Business Project (OFBiz) URI passThru Parameter XSS
20950| [58975] Apache Open For Business Project (OFBiz) PARTYMGR_CREATE/UPDATE Permission Arbitrary User Password Modification
20951| [58974] Apache Sling /apps Script User Session Management Access Weakness
20952| [58973] Apache Tuscany Crafted SOAP Request Access Restriction Bypass
20953| [58931] Apache Geronimo Cookie Parameters Validation Weakness
20954| [58930] Apache Xalan-C++ XPath Handling Remote DoS
20955| [58879] Apache Portable Runtime (APR-util) poll/unix/port.c Event Port Backend Pollset Feature Remote DoS
20956| [58837] Apache Commons Net FTPSClient CipherSuites / Protocols Mutable Object Unspecified Data Security Issue
20957| [58813] Apache MyFaces Trinidad tr:table / HTML Comment Handling DoS
20958| [58812] Apache Open For Business Project (OFBiz) JSESSIONID Session Hijacking Weakness
20959| [58811] Apache Open For Business Project (OFBiz) /catalog/control/EditProductConfigItem configItemId Parameter XSS
20960| [58810] Apache Open For Business Project (OFBiz) /catalog/control/EditProdCatalo prodCatalogId Parameter XSS
20961| [58809] Apache Open For Business Project (OFBiz) /partymgr/control/viewprofile partyId Parameter XSS
20962| [58808] Apache Open For Business Project (OFBiz) /catalog/control/createProduct internalName Parameter XSS
20963| [58807] Apache Open For Business Project (OFBiz) Multiple Unspecified CSRF
20964| [58806] Apache FtpServer MINA Logging Filter Cleartext Credential Local Disclosure
20965| [58805] Apache Derby Unauthenticated Database / Admin Access
20966| [58804] Apache Wicket Header Contribution Unspecified Issue
20967| [58803] Apache Wicket Session Fixation
20968| [58802] Apache Directory Server (ApacheDS) userPassword Attribute Search Password Disclosure
20969| [58801] Apache ActiveMQ Stomp Client Credential Validation Bypass
20970| [58800] Apache Tapestry (context)/servicestatus Internal Service Information Disclosure
20971| [58799] Apache Tapestry Logging Cleartext Password Disclosure
20972| [58798] Apache Jetspeed pipeline Parameter pipeline-map Policy Bypass
20973| [58797] Apache Jetspeed Password Policy Multiple Weaknesses
20974| [58796] Apache Jetspeed Unsalted Password Storage Weakness
20975| [58795] Apache Rampart Crafted SOAP Header Authentication Bypass
20976| [58794] Apache Roller Admin Protocol (RAP) Malformed Header Authentication Bypass
20977| [58793] Apache Hadoop Map/Reduce mapred.system.dir Permission Weakness Job Manipulation
20978| [58792] Apache Shindig gadgets.rpc iframe RPC Call Validation Weakness
20979| [58791] Apache Synapse synapse.properties Cleartext Credential Local Disclosure
20980| [58790] Apache WSS4J SOAP Message UsernameToken Remote Password Disclosure
20981| [58789] Apache WSS4J SOAP Header Malformed UsernameToken Authentication Bypass
20982| [58776] Apache JSPWiki PreviewContent.jsp Edited Text XSS
20983| [58775] Apache JSPWiki preview.jsp action Parameter XSS
20984| [58774] Apache JSPWiki Edit.jsp Multiple Parameter XSS
20985| [58773] Apache JSPWiki Accept-Language Header Multiple Script language Parameter XSS
20986| [58772] Apache JSPWiki EditorManager.java editor Parameter XSS
20987| [58771] Apache JSPWiki GroupContent.jsp Multiple Parameter XSS
20988| [58770] Apache JSPWiki Group.jsp group Parameter XSS
20989| [58769] Apache JSPWiki Database Connection Termination DoS Weakness
20990| [58768] Apache JSPWiki Attachment Servlet nextpage Parameter Arbitrary Site Redirect
20991| [58766] Apache JSPWiki /admin/SecurityConfig.jsp Direct Request Information Disclosure
20992| [58765] Apache JSPWiki Spam Filter UniqueID RNG Weakness
20993| [58764] Apache JSPWiki Edit.jsp Multiple Parameter XSS
20994| [58763] Apache JSPWiki Include Tag Multiple Script XSS
20995| [58762] Apache JSPWiki Multiple .java Tags pageContext Parameter XSS
20996| [58761] Apache JSPWiki Wiki.jsp skin Parameter XSS
20997| [58760] Apache Commons VFS Exception Error Message Cleartext Credential Disclosure
20998| [58759] Apache Jackrabbit Content Repository (JCR) UUID System.currentTimeMillis() RNG Weakness
20999| [58758] Apache River GrantPermission Policy Manipulation Privilege Escalation
21000| [58757] Apache WS-Commons Java2 StaXUtils Multiple Unspecified Minor Issues
21001| [58756] Apache WSS4J WSHandler Client Certificate Signature Validation Weakness
21002| [58755] Apache Harmony DRLVM Non-public Class Member Access
21003| [58754] Apache Harmony File.createTempFile() Temporary File Creation Prediction Weakness
21004| [58751] Apache Geronimo GeronimoIdentityResolver Subject Handling Multiple Issues
21005| [58750] Apache MyFaces Trinidad Generated HTML Information Disclosure
21006| [58749] Apache MyFaces Trinidad Database Access Error Message Information Disclosure
21007| [58748] Apache MyFaces Trinidad Image Resource Loader Traversal Arbitrary Image Access
21008| [58747] Apache MyFaces Trinidad Error Message User Entered Data Disclosure Weakness
21009| [58746] Apache Axis2 JAX-WS Java2 WSDL4J Unspecified Issue
21010| [58744] Apache Wicket Crafted File Upload Disk Space Exhaustion DoS
21011| [58743] Apache Wicket wicket.util.crypt.SunJceCrypt Encryption Reversion Weakness
21012| [58742] Apache Rampart PolicyBasedValiadtor HttpsToken Endpoint Connection Weakness
21013| [58741] Apache Rampart WSSecSignature / WSSecEncryptedKey KeyIdentifierType Validation Weakness
21014| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
21015| [58739] Apache Open For Business Project (OFBiz) Unsalted Password Storage Weakness
21016| [58738] Apache Open For Business Project (OFBiz) orderId Parameter Arbitrary Order Access
21017| [58737] Apache mod_python w/ mod_python.publisher index.py Underscore Prefixed Variable Disclosure
21018| [58735] Apache Open For Business Project (OFBiz) /ecommerce/control/keywordsearch SEARCH_STRING Parameter XSS
21019| [58734] Apache Torque Log File Cleartext Credential Local Disclosure
21020| [58733] Apache Axis2 doGet Implementation Authentication Bypass Service State Manipulation
21021| [58732] Apache MyFaces UIInput.validate() Null Value Validation Bypass Weakness
21022| [58731] Apache MyFaces /faces/* Prefix Mapping Authentication Bypass
21023| [58725] Apache Tapestry Basic String ACL Bypass Weakness
21024| [58724] Apache Roller Logout Functionality Failure Session Persistence
21025| [58723] Apache Roller User Profile / Admin Page Cleartext Password Disclosure
21026| [58722] Apache Derby Connection URL Encryption Method Reversion Weakness
21027| [58721] Apache Geronimo on Tomcat Security-constraint Resource ACL Bypass
21028| [58720] Apache Geronimo Explicit Servlet Mapping Access Bypass Weakness
21029| [58719] Apache Geronimo Keystore Unprivileged Service Disable DoS
21030| [58718] Apache Geronimo Deployment Plans Remote Password Disclosure
21031| [58717] Apache Jetspeed Portlet Application Edit Access Restriction Bypass
21032| [58716] Apache Jetspeed PSML Management Cached Constraint Authentication Weakness
21033| [58707] Apache WSS4J Crafted PasswordDigest Request Authentication Bypass
21034| [58706] Apache HttpClient Pre-emptive Authorization Remote Credential Disclosure
21035| [58705] Apache Directory Server (ApacheDS) User Passwords Cleartext Disclosure
21036| [58704] Apache Directory Server (ApacheDS) Non-existent User LDAP Bind Remote DoS
21037| [58703] Apache Geronimo Debug Console Unauthenticated Remote Information Disclosure
21038| [58702] Apache Directory Server (ApacheDS) Persistent LDAP Anonymous Bind Weakness
21039| [58701] Apache Jetspeed User Admin Portlet Unpassworded Account Creation Weakness
21040| [58700] Apache MyFaces /faces/* Path Handling Remote Overflow DoS
21041| [58699] Apache MyFaces Disable Property Client Side Manipulation Privilege Escalation
21042| [58698] Apache Roller Remember Me Functionality Cleartext Password Disclosure
21043| [58697] Apache XalanJ2 org.apache.xalan.xsltc.runtime.CallFunction Class Unspecified Issue
21044| [58696] Apache Tapestry Encoded Traversal Arbitrary File Access
21045| [58695] Apache Jetspeed Unauthenticated PSML Tags / Admin Folder Access
21046| [58694] Apache Geronimo Deploy Tool Process List Local Credential Disclosure
21047| [58693] Apache Derby service.properties File Encryption Key Information Disclosure
21048| [58692] Apache Geronimo Default Security Realm Login Brute Force Weakness
21049| [58689] Apache Roller Retrieve Last 5 Post Feature Unauthorized Blog Post Manipulation
21050| [58688] Apache Xalan-Java (XalanJ2) Static Variables Multiple Unspecified Issues
21051| [58687] Apache Axis Invalid wsdl Request XSS
21052| [58686] Apache Cocoon Temporary File Creation Unspecified Race Condition
21053| [58685] Apache Velocity Template Designer Privileged Code Execution
21054| [58684] Apache Jetspeed controls.Customize Action Security Check Bypass
21055| [58675] Apache Open For Business Project (OFBiz) eCommerce/ordermgr Multiple Field XSS
21056| [58674] Apache Open For Business Project (OFBiz) ecommerce/control/login Multiple Field XSS
21057| [58673] Apache Open For Business Project (OFBiz) ecommerce/control/viewprofile Multiple Field XSS
21058| [58672] Apache Open For Business Project (OFBiz) POS Input Panel Cleartext Password Disclosure
21059| [58671] Apache Axis2 JMS Signed Message Crafted WS-Security Header Security Bypass
21060| [58670] Apache Jetspeed JetspeedTool.getPortletFromRegistry Portlet Security Validation Failure
21061| [58669] Apache Jetspeed LDAP Cleartext Passwords Disclosure
21062| [58668] Apache Axis External Entity (XXE) Data Parsing Privilege Escalation
21063| [58667] Apache Roller Database Cleartext Passwords Disclosure
21064| [58666] Apache Xerces-C++ UTF-8 Transcoder Overlong Code Handling Unspecified Issue
21065| [58665] Apache Jetspeed Turbine: Cross-user Privileged Action Execution
21066| [58664] Apache Jetspeed EditAccount.vm Password Modification Weakness
21067| [58663] Apache Jetspeed Role Parameter Arbitrary Portlet Disclosure
21068| [58662] Apache Axis JWS Page Generated .class File Direct Request Information Disclosure
21069| [58661] Apache Jetspeed user-form.vm Password Reset Cleartext Disclosure
21070| [58660] Apache WSS4J checkReceiverResults Function Crafted SOAP Request Authentication Bypass
21071| [58658] Apache Rampart Crafted SOAP Request Security Verification Bypass
21072| [57882] Apache HTTP Server mod_proxy_ftp Authorization HTTP Header Arbitrary FTP Command Injection
21073| [57851] Apache HTTP Server mod_proxy_ftp EPSV Command NULL Dereference Remote DoS
21074| [56984] Apache Xerces2 Java Malformed XML Input DoS
21075| [56903] Apache ODE (Orchestration Director Engine) Process Deployment Web Service Traversal Arbitrary File Manipulation
21076| [56859] Apache Xerces-C++ Multiple Sub-project XML Nested DTD Structures Parsing Recursion Error DoS
21077| [56766] Apache Portable Runtime (APR-util) memory/unix/apr_pools.c Relocatable Memory Block Aligning Overflow
21078| [56765] Apache Portable Runtime (APR-util) misc/apr_rmm.c Multiple Function Overflows
21079| [56517] Apache HTTP Server File Descriptor Leak Arbitrary Local File Append
21080| [56443] PTK Unspecified Apache Sub-process Arbitrary Command Execution
21081| [56414] Apache Tiles Duplicate Expression Language (EL) Expression Evaluation XSS
21082| [55814] mod_NTLM for Apache HTTP Server ap_log_rerror() Function Remote Format String
21083| [55813] mod_NTLM for Apache HTTP Server log() Function Remote Overflow
21084| [55782] Apache HTTP Server mod_deflate Module Aborted Connection DoS
21085| [55553] Apache HTTP Server mod_proxy Module mod_proxy_http.c stream_reqbody_cl Function CPU Consumption DoS
21086| [55059] Apache APR-util strmatch/apr_strmatch.c apr_strmatch_precompile Function Crafted Input Remote DoS
21087| [55058] Apache APR-util apr_brigade_vprintf Function Crafted Input Off-by-one Remote DoS
21088| [55057] Apache APR-util xml/apr_xml.c apr_xml_* Interface Expat XML Parser Crafted XML Document Remote DoS
21089| [55056] Apache Tomcat Cross-application TLD File Manipulation
21090| [55055] Apache Tomcat Illegal URL Encoded Password Request Username Enumeration
21091| [55054] Apache Tomcat Java AJP Connector mod_jk Load Balancing Worker Malformed Header Remote DoS
21092| [55053] Apache Tomcat Crafted Request Security Restraint Bypass Arbitrary Content Access
21093| [54733] Apache HTTP Server AllowOverride Directive .htaccess Options Bypass
21094| [54713] razorCMS Security Manager apache User Account Unspecified File Permission Weakness Issue
21095| [54589] Apache Jserv Nonexistent JSP Request XSS
21096| [54122] Apache Struts s:a / s:url Tag href Element XSS
21097| [54093] Apache ActiveMQ Web Console JMS Message XSS
21098| [53932] Apache Geronimo Multiple Admin Function CSRF
21099| [53931] Apache Geronimo /console/portal/Server/Monitoring Multiple Parameter XSS
21100| [53930] Apache Geronimo /console/portal/ URI XSS
21101| [53929] Apache Geronimo on Windows Security/Keystores Portlet Traversal Arbitrary File Upload
21102| [53928] Apache Geronimo on Windows Embedded DB/DB Manager Portlet Traversal Arbitrary File Upload
21103| [53927] Apache Geronimo on Windows Services/Repository Portlet Traversal Arbitrary File Upload
21104| [53921] Apache HTTP Server mod_proxy_ajp Cross Thread/Session Information Disclosure
21105| [53766] Oracle BEA WebLogic Server Plug-ins for Apache Certificate Handling Remote Overflow
21106| [53574] PHP on Apache .htaccess mbstring.func_overload Setting Cross Hosted Site Behavior Modification
21107| [53381] Apache Tomcat JK Connector Content-Length Header Cross-user Information Disclosure
21108| [53380] Apache Struts Unspecified XSS
21109| [53289] Apache mod_perl Apache::Status /perl-status Unspecified XSS
21110| [53186] Apache HTTP Server htpasswd Predictable Salt Weakness
21111| [52899] Apache Tomcat Examples Web Application Calendar Application jsp/cal/cal2.jsp time Parameter XSS
21112| [52407] Apache Tomcat doRead Method POST Content Information Disclosure
21113| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
21114| [51613] Apache HTTP Server Third-party Module Child Process File Descriptor Leak
21115| [51612] Apache HTTP Server Internal Redirect Handling Infinite Loop DoS
21116| [51468] Apache Jackrabbit Content Repository (JCR) swr.jsp q Parameter XSS
21117| [51467] Apache Jackrabbit Content Repository (JCR) search.jsp q Parameter XSS
21118| [51151] Apache Roller Search Function q Parameter XSS
21119| [50482] PHP with Apache php_value Order Unspecified Issue
21120| [50475] Novell NetWare ApacheAdmin Console Unauthenticated Access
21121| [49734] Apache Struts DefaultStaticContentLoader Class Traversal Arbitrary File Access
21122| [49733] Apache Struts FilterDispatcher Class Traversal Arbitrary File Access
21123| [49283] Oracle BEA WebLogic Server Plugins for Apache Remote Transfer-Encoding Overflow
21124| [49062] Apache Tomcat Cross-thread Concurrent Request Variable Overwrite Information Disclosure
21125| [48847] ModSecurity (mod_security) Transformation Caching Unspecified Apache DoS
21126| [48788] Apache Xerces-C++ XML Schema maxOccurs Value XML File Handling DoS
21127| [47474] Apache HTTP Server mod_proxy_ftp Directory Component Wildcard Character XSS
21128| [47464] Apache Tomcat allowLinking / UTF-8 Traversal Arbitrary File Access
21129| [47463] Apache Tomcat RequestDispatcher Traversal Arbitrary File Access
21130| [47462] Apache Tomcat HttpServletResponse.sendError Method Message Argument XSS
21131| [47096] Oracle Weblogic Apache Connector POST Request Overflow
21132| [46382] Frontend Filemanager (air_filemanager) Extension for TYPO3 on Apache Unspecified Arbitrary Code Execution
21133| [46285] TYPO3 on Apache Crafted Filename Upload Arbitrary Command Execution
21134| [46085] Apache HTTP Server mod_proxy ap_proxy_http_process_response() Function Interim Response Forwarding Remote DoS
21135| [45905] Apache Tomcat Host Manager host-manager/html/add name Parameter XSS
21136| [45879] Ragnarok Online Control Panel on Apache Crafted Traversal Authentication Bypass
21137| [45742] Apache HTTP Server on Novell Unspecified Request Directive Internal IP Disclosure
21138| [45740] Apache Derby DropSchemaNode Bind Phase Arbitrary Scheme Statement Dropping
21139| [45599] Apache Derby Lock Table Statement Privilege Requirement Bypass Arbitrary Table Lock
21140| [45585] Apache Derby ACCSEC Command RDBNAM Parameter Cleartext Credential Disclosure
21141| [45584] Apache Derby DatabaseMetaData.getURL Function Cleartext Credential Disclosure
21142| [45420] Apache HTTP Server 403 Error Page UTF-7 Encoded XSS
21143| [44728] PHP Toolkit on Gentoo Linux Interpretation Conflict Apache HTTP Server Local DoS
21144| [44618] Oracle JSP Apache/Jserv Path Translation Traversal Arbitrary JSP File Execution
21145| [44159] Apache HTTP Server Remote Virtual Host Name Disclosure
21146| [43997] Apache-SSL ExpandCert() Function Certificate Handling Arbitrary Environment Variables Manipulation
21147| [43994] suPHP for Apache (mod_suphp) Directory Symlink Local Privilege Escalation
21148| [43993] suPHP for Apache (mod_suphp) Owner Mode Race Condition Symlink Local Privilege Escalation
21149| [43663] Apache HTTP Server Mixed Platform AddType Directive Crafted Request PHP Source Disclosure
21150| [43658] AuthCAS Module (AuthCAS.pm) for Apache HTTP Server SESSION_COOKIE_NAME SQL Injection
21151| [43452] Apache Tomcat HTTP Request Smuggling
21152| [43309] Apache Geronimo LoginModule Login Method Bypass
21153| [43290] Apache JSPWiki Entry Page Attachment Unrestricted File Upload
21154| [43259] Apache HTTP Server on Windows mod_proxy_balancer URL Handling Remote Memory Corruption
21155| [43224] Apache Geronimo on SuSE Linux init Script Symlink Unspecified File/Directory Access
21156| [43189] Apache mod_jk2 Host Header Multiple Fields Remote Overflow
21157| [42937] Apache HTTP Server mod_proxy_balancer balancer-manager Unspecified CSRF
21158| [42341] MOD_PLSQL for Apache Unspecified URL SQL Injection
21159| [42340] MOD_PLSQL for Apache CGI Environment Handling Unspecified Overflow
21160| [42214] Apache HTTP Server mod_proxy_ftp UTF-7 Encoded XSS
21161| [42091] Apache Maven Site Plugin Installation Permission Weakness
21162| [42089] Apache Maven .m2/settings.xml Cleartext Password Disclosure
21163| [42088] Apache Maven Defined Repo Process Listing Password Disclosure
21164| [42087] Apache Maven Site Plugin SSH Deployment Permission Setting Weakness
21165| [42036] Apache HTTP Server MS-DOS Device Request Host OS Disclosure
21166| [41891] BEA WebLogic Apache Beehive NetUI Page Flow Unspecified XSS
21167| [41436] Apache Tomcat Native APR Connector Duplicate Request Issue
21168| [41435] Apache Tomcat %5C Cookie Handling Session ID Disclosure
21169| [41434] Apache Tomcat Exception Handling Subsequent Request Information Disclosure
21170| [41400] LimeSurvey save.php Apache Log File PHP Code Injection
21171| [41029] Apache Tomcat Calendar Examples Application cal2.jsp Multiple Parameter CSRF
21172| [41019] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload XSS
21173| [41018] Apache HTTP Server mod_negotiation Module Multi-Line Filename Upload CRLF
21174| [40853] Apache Tomcat SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) JSESSIONIDSSO Cookie Security Weakness
21175| [40264] Apache HTTP Server mod_proxy_balancer balancer_handler Function bb Variable Remote DoS
21176| [40263] Apache HTTP Server mod_proxy_balancer balancer-manager Multiple Parameter XSS
21177| [40262] Apache HTTP Server mod_status refresh XSS
21178| [39833] Apache Tomcat JULI Logging Component catalina.policy Security Bypass
21179| [39251] Coppermine Photo Gallery on Apache Multiple File Extension Upload Arbitrary Code Execution
21180| [39166] Apache Tomcat on Windows caseSensitive Attribute Mixed Case Request JSP Source Disclosure
21181| [39134] Apache mod_imagemap Module Imagemap Unspecified XSS
21182| [39133] Apache mod_imap Module Imagemap File Unspecified XSS
21183| [39035] Apache Tomcat examples/servlet/CookieExample Multiple Parameter XSS
21184| [39003] Apache HTTP Server HTTP Method Header Request Entity Too Large XSS
21185| [39000] Apache Tomcat SendMailServlet sendmail.jsp mailfrom Parameter XSS
21186| [38939] Apache HTTP Server Prefork MPM Module Array Modification Local DoS
21187| [38673] Apache Jakarta Slide WebDAV SYSTEM Request Traversal Arbitrary File Access
21188| [38662] Apache Geronimo SQLLoginModule Nonexistent User Authentication Bypass
21189| [38661] Apache Geronimo MEJB Unspecified Authentication Bypass
21190| [38641] Apache HTTP Server mod_mem_cache recall_headers Function Information Disclosure
21191| [38640] Apache HTTP Server suexec Document Root Unauthorized Operations
21192| [38639] Apache HTTP Server suexec Multiple Symlink Privilege Escalation
21193| [38636] Apache HTTP Server mod_autoindex.c P Variable UTF-7 Charset XSS
21194| [38513] BEA WebLogic Server Proxy Plug-in for Apache Protocol Error Handling Remote DoS
21195| [38187] Apache Geronimo / Tomcat WebDAV XML SYSTEM Tag Arbitrary File Access
21196| [37079] Apache HTTP Server mod_cache cache_util.c Malformed Cache-Control Header DoS
21197| [37071] Apache Tomcat Cookie Handling Session ID Disclosure
21198| [37070] Apache Tomcat Cookie Handling Quote Delimiter Session ID Disclosure
21199| [37052] Apache HTTP Server mod_status mod_status.c Unspecified XSS
21200| [37051] Apache HTTP Server mod_proxy modules/proxy/proxy_util.c Crafted Header Remote DoS
21201| [37050] Apache HTTP Server Prefork MPM Module Crafted Code Sequence Local DoS
21202| [36417] Apache Tomcat Host Manager Servlet html/add Action aliases Parameter XSS
21203| [36377] Apache MyFaces Tomahawk JSF Application autoscroll Multiple Script XSS
21204| [36080] Apache Tomcat JSP Examples Crafted URI XSS
21205| [36079] Apache Tomcat Manager Uploaded Filename XSS
21206| [34888] Apache Tomcat Example Calendar Application cal2.jsp time Parameter XSS
21207| [34887] Apache Tomcat implicit-objects.jsp Crafted Header XSS
21208| [34885] Apache Tomcat on IIS Servlet Engine MS-DOS Device Request DoS
21209| [34884] Apache Tomcat on Windows Nonexistent Resource Request Path Disclosure
21210| [34883] Apache Tomcat Crafted JSP File Request Path Disclosure
21211| [34882] Apache Tomcat Default SSL Ciphersuite Configuration Weakness
21212| [34881] Apache Tomcat Malformed Accept-Language Header XSS
21213| [34880] Apache Tomcat HTTP/1.1 Connector NULL Byte Request JSP Source Disclosure
21214| [34879] Apache Tomcat examples/jsp2/jspx/textRotate.jspx XSS
21215| [34878] Apache Tomcat examples/jsp2/el/implicit-objects.jsp XSS
21216| [34877] Apache Tomcat JK Web Server Connector (mod_jk) Double Encoded Traversal Arbitrary File Access
21217| [34876] Apache HTTP Server ScriptAlias CGI Source Disclosure
21218| [34875] Apache Tomcat appdev/sample/web/hello.jsp Multiple Parameter XSS
21219| [34874] Apache Tomcat AJP Connector mod_jk ajp_process_callback Remote Memory Disclosure
21220| [34873] Apache Stats Variable Extraction _REQUEST Ssuperglobal Array Overwrite
21221| [34872] Apache HTTP Server suexec User/Group Combination Weakness Local Privilege Escalation
21222| [34769] Apache Tomcat w/ Proxy Module Double Encoded Traversal Arbitrary File Access
21223| [34541] mod_perl for Apache HTTP Server RegistryCooker.pm PATH_INFO Crafted URI Remote DoS
21224| [34540] mod_perl for Apache HTTP Server PerlRun.pm PATH_INFO Crafted URI Remote DoS
21225| [34398] Apache Tomcat mod_jk Invalid Chunked Encoded Body Information Disclosure
21226| [34154] Apache Axis Nonexistent Java Web Service Path Disclosure
21227| [33855] Apache Tomcat JK Web Server Connector mod_jk.so Long URI Worker Map Remote Overflow
21228| [33816] Apache HTTP Server on Debian Linux TTY Local Privilege Escalation
21229| [33456] Apache HTTP Server Crafted TCP Connection Range Header DoS
21230| [33346] Avaya Multiple Products Apache Tomcat Port Weakness
21231| [32979] Apache Java Mail Enterprise Server (JAMES) Phoenix/MX4J Interface Arbitrary User Creation
21232| [32978] Apache Java Mail Enterprise Server (JAMES) POP3Server Log File Plaintext Password Disclosure
21233| [32724] Apache mod_python _filter_read Freed Memory Disclosure
21234| [32723] Apache Tomcat semicolon Crafted Filename Request Forced Directory Listing
21235| [32396] Apache Open For Business Project (OFBiz) Ecommerce Component Forum Implementation Message Body XSS
21236| [32395] Apache Open For Business Project (OFBiz) Ecommerce Component Form Field Manipulation Privilege Escalation
21237| [30354] Linux Subversion libapache2-svn Search Path Subversion Local Privilege Escalation
21238| [29603] PHP ini_restore() Apache httpd.conf Options Bypass
21239| [29536] Apache Tcl mod_tcl set_var Function Remote Format String
21240| [28919] Apache Roller Weblogger Blog Comment Multiple Field XSS
21241| [28130] PHP with Apache Mixed Case Method Limit Directive Bypass
21242| [27913] Apache HTTP Server on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure
21243| [27588] Apache HTTP Server mod_rewrite LDAP Protocol URL Handling Overflow
21244| [27487] Apache HTTP Server Crafted Expect Header Cross Domain HTML Injection
21245| [26935] FCKeditor on Apache connector.php Crafted File Extension Arbitrary File Upload
21246| [26572] Apache Java Mail Enterprise Server (JAMES) MAIL Command Overflow DoS
21247| [25909] Drupal on Apache files Directory File Upload Arbitrary Code Execution
21248| [24825] Oracle ModPL/SQL for Apache Unspecified Remote HTTP Issue
21249| [24365] Apache Struts Multiple Function Error Message XSS
21250| [24364] Apache Struts getMultipartRequestHandler() Function Crafted Request DoS
21251| [24363] Apache Struts org.apache.struts.taglib.html.Constants.CANCEL Validation Bypass
21252| [24103] Pubcookie Apache mod_pubcookie Unspecified XSS
21253| [23906] Apache mod_python for Apache HTTP Server FileSession Privileged Local Command Execution
21254| [23905] Apache Log4net LocalSyslogAppender Format String Memory Corruption DoS
21255| [23198] Apache WSS4J Library SOAP Signature Verification Bypass
21256| [23124] Generic Apache Request Library (libapreq) apreq_parse_* Functions Remote DoS
21257| [22652] mod_php for Apache HTTP Server Crafted import_request_variables Function DoS
21258| [22475] PHP w/ Apache PDO::FETCH_CLASS __set() Function DoS
21259| [22473] PHP w/ Apache2 Crafted PDOStatement DoS
21260| [22459] Apache Geronimo Error Page XSS
21261| [22458] Apache Tomcat / Geronimo Sample Script cal2.jsp time Parameter XSS
21262| [22301] auth_ldap for Apache HTTP Server auth_ldap_log_reason() Function Remote Format String
21263| [22261] Apache HTTP Server mod_ssl ssl_hook_Access Error Handling DoS
21264| [22259] mod_auth_pgsql for Apache HTTP Server Log Function Format String
21265| [21736] Apache Java Mail Enterprise Server (JAMES) Spooler retrieve Function DoS
21266| [21705] Apache HTTP Server mod_imap Image Map Referer XSS
21267| [21021] Apache Struts Error Message XSS
21268| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
21269| [20491] PHP mod_php apache2handler SAPI Crafted .htaccess DoS
21270| [20462] Apache HTTP Server worker.c MPM Memory Exhaustion DoS
21271| [20439] Apache Tomcat Directory Listing Saturation DoS
21272| [20373] Apache Tomcat on HP Secure OS for Linux Unspecified Servlet Access Issue
21273| [20285] Apache HTTP Server Log File Control Character Injection
21274| [20242] Apache HTTP Server mod_usertrack Predictable Session ID Generation
21275| [20209] Brainf*ck Module (mod_bf) for Apache HTTP Server Local Overflow
21276| [20033] Apache Tomcat MS-DOS Device Request Error Message Path Disclosure
21277| [19883] apachetop atop.debug Symlink Arbitrary File Overwrite
21278| [19863] mod_auth_shadow for Apache HTTP Server require group Authentication Bypass
21279| [19855] Apache HTTP Server ErrorDocument Directive .htaccess Bypass
21280| [19821] Apache Tomcat Malformed Post Request Information Disclosure
21281| [19769] Apache HTTP Server Double-reverse DNS Lookup Spoofing
21282| [19188] Apache HTTP Server mod_ssl SSLVerifyClient Per-location Context Restriction Bypass
21283| [19137] Apache HTTP Server on Red Hat Linux Double Slash GET Request Forced Directory Listing
21284| [19136] Apache on Mandrake Linux Arbitrary Directory Forced Listing
21285| [18977] Apache HTTP Server Crafted HTTP Range Header DoS
21286| [18389] Ragnarok Online Control Panel Apache Authentication Bypass
21287| [18286] Apache HTTP Server mod_ssl ssl_callback_SSLVerify_CRL( ) Function Overflow
21288| [18233] Apache HTTP Server htdigest user Variable Overfow
21289| [17738] Apache HTTP Server HTTP Request Smuggling
21290| [16586] Apache HTTP Server Win32 GET Overflow DoS
21291| [15889] Apache HTTP Server mod_cgid Threaded MPM CGI Output Misdirection
21292| [14896] mod_dav for Apache HTTP Server Remote Null Dereference Child Process Termination
21293| [14879] Apache HTTP Server ap_log_rerror Function Error Message Path Disclosure
21294| [14770] Apache Tomcat AJP12 Protocol Malformed Packet Remote DoS
21295| [14597] Apache Tomcat IntegerOverflow.jsp Test JSP Script Path Disclosure
21296| [14596] Apache Tomcat pageSession.jsp Test JSP Script Path Disclosure
21297| [14595] Apache Tomcat pageLanguage.jsp Test JSP Script Path Disclosure
21298| [14594] Apache Tomcat pageIsThreadSafe.jsp Test JSP Script Path Disclosure
21299| [14593] Apache Tomcat pageIsErrorPage.jsp Test JSP Script Path Disclosure
21300| [14592] Apache Tomcat pageInvalid.jsp Test JSP Script Path Disclosure
21301| [14591] Apache Tomcat pageExtends.jsp Test JSP Script Path Disclosure
21302| [14590] Apache Tomcat pageDouble.jsp Test JSP Script Path Disclosure
21303| [14589] Apache Tomcat pageAutoFlush.jsp Test JSP Script Path Disclosure
21304| [14588] Apache Tomcat extends2.jsp Test JSP Script Path Disclosure
21305| [14587] Apache Tomcat extends1.jsp Test JSP Script Path Disclosure
21306| [14586] Apache Tomcat comments.jsp Test JSP Script Path Disclosure
21307| [14585] Apache Tomcat buffer4.jsp Test JSP Script Path Disclosure
21308| [14584] Apache Tomcat buffer3.jsp Test JSP Script Path Disclosure
21309| [14583] Apache Tomcat buffer2.jsp Test JSP Script Path Disclosure
21310| [14582] Apache Tomcat buffer1.jsp Test JSP Script Path Disclosure
21311| [14581] Apache Tomcat pageImport2.jsp Test JSP Script Path Disclosure
21312| [14580] Apache Tomcat pageInfo.jsp Test JSP Script Path Disclosure
21313| [14410] mod_frontpage for Apache HTTP Server fpexec Remote Overflow
21314| [14044] Apache Batik Squiggle Browser with Rhino Scripting Engine Unspecified File System Access
21315| [13737] mod_access_referer for Apache HTTP Server Malformed Referer DoS
21316| [13711] Apache mod_python publisher.py Traversal Arbitrary Object Information Disclosure
21317| [13640] mod_auth_any for Apache HTTP Server on Red Hat Linux Metacharacter Command Execution
21318| [13304] Apache Tomcat realPath.jsp Path Disclosure
21319| [13303] Apache Tomcat source.jsp Arbitrary Directory Listing
21320| [13087] Apache HTTP Server mod_log_forensic check_forensic Symlink Arbitrary File Creation / Overwrite
21321| [12849] mod_auth_radius for Apache HTTP Server radcpy() Function Overflow DoS
21322| [12848] Apache HTTP Server htdigest realm Variable Overflow
21323| [12721] Apache Tomcat examples/jsp2/el/functions.jsp XSS
21324| [12720] mod_dosevasive for Apache HTTP Server Symlink Arbitrary File Create/Overwrite
21325| [12558] Apache HTTP Server IPv6 FTP Proxy Socket Failure DoS
21326| [12557] Apache HTTP Server prefork MPM accept Error DoS
21327| [12233] Apache Tomcat MS-DOS Device Name Request DoS
21328| [12232] Apache Tomcat with JDK Arbitrary Directory/Source Disclosure
21329| [12231] Apache Tomcat web.xml Arbitrary File Access
21330| [12193] Apache HTTP Server on Mac OS X File Handler Bypass
21331| [12192] Apache HTTP Server on Mac OS X Unauthorized .ht and .DS_Store File Access
21332| [12178] Apache Jakarta Lucene results.jsp XSS
21333| [12176] mod_digest_apple for Apache HTTP Server on Mac OS X Authentication Replay
21334| [11391] Apache HTTP Server Header Parsing Space Saturation DoS
21335| [11003] Apache HTTP Server mod_include get_tag() Function Local Overflow
21336| [10976] mod_mylo for Apache HTTP Server mylo_log Logging Function HTTP GET Overflow
21337| [10637] Apache HTTP Server mod_ssl SSLCipherSuite Access Restriction Bypass
21338| [10546] Macromedia JRun4 mod_jrun Apache Module Remote Overflow
21339| [10471] Apache Xerces-C++ XML Parser DoS
21340| [10218] Apache HTTP Server Satisfy Directive Access Control Bypass
21341| [10068] Apache HTTP Server htpasswd Local Overflow
21342| [10049] mod_cplusplus For Apache HTTP Server Unspecified Overflow
21343| [9994] Apache HTTP Server apr-util IPV6 Parsing DoS
21344| [9991] Apache HTTP Server ap_resolve_env Environment Variable Local Overflow
21345| [9948] mod_dav for Apache HTTP Server LOCK Request DoS
21346| [9742] Apache HTTP Server mod_ssl char_buffer_read Function Reverse Proxy DoS
21347| [9718] Apache HTTP Server Win32 Single Dot Append Arbitrary File Access
21348| [9717] Apache HTTP Server mod_cookies Cookie Overflow
21349| [9716] Apache::Gallery Gallery.pm Inline::C Predictable Filename Code Execution
21350| [9715] Apache HTTP Server rotatelogs Control Characters Over Pipe DoS
21351| [9714] Apache Authentication Module Threaded MPM DoS
21352| [9713] Apache HTTP Server on OS2 filestat.c Device Name Request DoS
21353| [9712] Apache HTTP Server Multiple Linefeed Request Memory Consumption DoS
21354| [9711] Apache HTTP Server Access Log Terminal Escape Sequence Injection
21355| [9710] Apache HTTP Server on Windows Illegal Character Default Script Mapping Bypass
21356| [9709] Apache HTTP Server on Windows MS-DOS Device Name HTTP Post Code Execution
21357| [9708] Apache HTTP Server on Windows MS-DOS Device Name DoS
21358| [9707] Apache HTTP Server Duplicate MIME Header Saturation DoS
21359| [9706] Apache Web Server Multiple MIME Header Saturation Remote DoS
21360| [9705] Apache Tomcat Invoker/Default Servlet Source Disclosure
21361| [9702] Apache HTTP Server CGI/WebDAV HTTP POST Request Source Disclosure
21362| [9701] Apache HTTP Server for Windows Multiple Slash Forced Directory Listing
21363| [9700] Apache HTTP Server mod_autoindex Multiple Slash Request Forced Directory Listing
21364| [9699] Apache HTTP Server mod_dir Multiple Slash Request Forced Directory Listing
21365| [9698] Apache HTTP Server mod_negotiation Multiple Slash Request Forced Directory Listing
21366| [9697] Apache HTTP Server htdigest Local Symlink Arbitrary File Overwrite
21367| [9696] Apache HTTP Server htpasswd Local Symlink Arbitrary File Overwrite
21368| [9695] Apache Tomcat SnoopServlet Servlet Information Disclosure
21369| [9694] PHP3 on Apache HTTP Server Encoded Traversal Arbitrary File Access
21370| [9693] mod_auth_pgsql_sys for Apache HTTP Server User Name SQL Injection
21371| [9692] Apache HTTP Server mod_vhost_alias Mass Virtual Hosting Arbitrary File Access
21372| [9691] Apache HTTP Server mod_rewrite Mass Virtual Hosting Arbitrary File Access
21373| [9690] Apache HTTP Server mod_vhost_alias CGI Program Source Disclosure
21374| [9689] Trustix httpsd for Apache-SSL Permission Weakness Privilege Escalation
21375| [9688] Apache HTTP Server mod_proxy Malformed FTP Command DoS
21376| [9687] Apache::AuthenSmb smbval SMB Authentication Library Multiple Overflows
21377| [9686] Apache::AuthenSmb smbvalid SMB Authentication Library Multiple Overflows
21378| [9523] Apache HTTP Server mod_ssl Aborted Connection DoS
21379| [9459] Oracle PL/SQL (mod_plsql) Apache Module Help Page Request Remote Overflow
21380| [9208] Apache Tomcat .jsp Encoded Newline XSS
21381| [9204] Apache Tomcat ROOT Application XSS
21382| [9203] Apache Tomcat examples Application XSS
21383| [9068] Apache HTTP Server mod_userdir User Account Information Disclosure
21384| [8773] Apache Tomcat Catalina org.apache.catalina.servlets.DefaultServlet Source Code Disclosure
21385| [8772] Apache Tomcat Catalina org.apache.catalina.connector.http DoS
21386| [7943] Apache HTTP Server mod_ssl sslkeys File Disclosure
21387| [7942] Apache HTTP Server mod_ssl Default Pass Phrase
21388| [7941] Apache HTTP Server mod_ssl Encrypted Private Key File Descriptor Leak
21389| [7935] Apache HTTP Server mod_ssl ssl_gcache Race Conditions
21390| [7934] Apache HTTP Server mod_ssl SSLSessionCache File Content Disclosure
21391| [7933] Apache HTTP Server mod_ssl SSLMutex File Content Disclosure
21392| [7932] Apache HTTP Server mod_ssl mkcert.sh File Creation Permission Weakness
21393| [7931] Apache HTTP Server mod_ssl X.509 Client Certificate Authentication Bypass
21394| [7930] Apache HTTP Server mod_ssl ssl_expr_eval_func_file() Overflow
21395| [7929] Apache HTTP Server mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String
21396| [7611] Apache HTTP Server mod_alias Local Overflow
21397| [7394] Apache Tomcat mod_jk Invalid Transfer-Encoding Chunked Field DoS
21398| [7203] Apache Tomcat source.jsp Traversal Arbitrary File Access
21399| [7039] Apache HTTP Server on Mac OS X HFS+ File System Access Bypass
21400| [6882] Apache mod_python Malformed Query String Variant DoS
21401| [6839] Apache HTTP Server mod_proxy Content-Length Overflow
21402| [6630] Apache Tomcat Java Server Pages (JSP) Engine WPrinterJob() DoS
21403| [6472] Apache HTTP Server mod_ssl ssl_util_uuencode_binary Remote Overflow
21404| [5821] Apache HTTP Server Multiple / GET Remote Overflow DoS
21405| [5580] Apache Tomcat Servlet Malformed URL JSP Source Disclosure
21406| [5552] Apache HTTP Server split-logfile Arbitrary .log File Overwrite
21407| [5526] Apache Tomcat Long .JSP URI Path Disclosure
21408| [5278] Apache Tomcat web.xml Restriction Bypass
21409| [5051] Apache Tomcat Null Character DoS
21410| [4973] Apache Tomcat servlet Mapping XSS
21411| [4650] mod_gzip for Apache HTTP Server Debug Mode Printf Stack Overflow
21412| [4649] mod_gzip for Apache HTTP Server Debug Mode Format String Overflow
21413| [4648] mod_gzip for Apache HTTP Server Debug Mode Race Condition
21414| [4568] mod_survey For Apache ENV Tags SQL Injection
21415| [4553] Apache HTTP Server ApacheBench Overflow DoS
21416| [4552] Apache HTTP Server Shared Memory Scoreboard DoS
21417| [4446] Apache HTTP Server mod_disk_cache Stores Credentials
21418| [4383] Apache HTTP Server Socket Race Condition DoS
21419| [4382] Apache HTTP Server Log Entry Terminal Escape Sequence Injection
21420| [4340] Apache Portable Runtime (APR) apr_psprintf DoS
21421| [4232] Apache Cocoon DatabaseAuthenticatorAction SQL Injection
21422| [4231] Apache Cocoon Error Page Server Path Disclosure
21423| [4182] Apache HTTP Server mod_ssl Plain HTTP Request DoS
21424| [4181] Apache HTTP Server mod_access IP Address Netmask Rule Bypass
21425| [4075] Apache HTTP Sever on Windows .var File Request Path Disclosure
21426| [4037] Apache HTTP Server on Cygwin Encoded GET Request Arbitrary File Access
21427| [3877] Apache-SSL SSLVerifyClient SSLFakeBasicAuth Client Certificate Forgery
21428| [3819] Apache HTTP Server mod_digest Cross Realm Credential Replay
21429| [3322] mod_php for Apache HTTP Server Process Hijack
21430| [3215] mod_php for Apache HTTP Server File Descriptor Leakage
21431| [2885] Apache mod_python Malformed Query String DoS
21432| [2749] Apache Cocoon view-source Sample File Traversal Arbitrary File Access
21433| [2733] Apache HTTP Server mod_rewrite Local Overflow
21434| [2672] Apache HTTP Server mod_ssl SSLCipherSuite Ciphersuite Downgrade Weakness
21435| [2613] Apache HTTP Server mod_cgi stderr Output Handling Local DoS
21436| [2149] Apache::Gallery Privilege Escalation
21437| [2107] Apache HTTP Server mod_ssl Host: Header XSS
21438| [1926] Apache HTTP Server mod_rewrite Crafted URI Rule Bypass
21439| [1833] Apache HTTP Server Multiple Slash GET Request DoS
21440| [1577] Apache HTTP Server mod_rewrite RewriteRule Expansion Arbitrary File Access
21441| [872] Apache Tomcat Multiple Default Accounts
21442| [862] Apache HTTP Server SSI Error Page XSS
21443| [859] Apache HTTP Server Win32 Crafted Traversal Arbitrary File Access
21444| [849] Apache Tomcat TroubleShooter Servlet Information Disclosure
21445| [845] Apache Tomcat MSDOS Device XSS
21446| [844] Apache Tomcat Java Servlet Error Page XSS
21447| [842] Apache HTTP Server mod_ssl ssl_compat_directive Function Overflow
21448| [838] Apache HTTP Server Chunked Encoding Remote Overflow
21449| [827] PHP4 for Apache on Windows php.exe Malformed Request Path Disclosure
21450| [775] Apache mod_python Module Importing Privilege Function Execution
21451| [769] Apache HTTP Server Win32 DOS Batch File Arbitrary Command Execution
21452| [756] Apache HTTP Server mod_ssl i2d_SSL_SESSION Function SSL Client Certificate Overflow
21453| [701] Apache HTTP Server Win32 ScriptAlias php.exe Arbitrary File Access
21454| [674] Apache Tomcat Nonexistent File Error Message Path Disclosure
21455| [637] Apache HTTP Server UserDir Directive Username Enumeration
21456| [623] mod_auth_pgsql for Apache HTTP Server User Name SQL Injection
21457| [582] Apache HTTP Server Multiviews Feature Arbitrary Directory Listing
21458| [562] Apache HTTP Server mod_info /server-info Information Disclosure
21459| [561] Apache Web Servers mod_status /server-status Information Disclosure
21460| [417] Apache HTTP Server on SuSE Linux /doc/packages Remote Information Disclosure
21461| [410] mod_perl for Apache HTTP Server /perl/ Directory Listing
21462| [404] Apache HTTP Server on SuSE Linux WebDAV PROPFIND Arbitrary Directory Listing
21463| [402] Apache HTTP Server on SuSE Linux cgi-bin-sdb Request Script Source Disclosure
21464| [379] Apache ASP module Apache::ASP source.asp Example File Arbitrary File Creation
21465| [377] Apache Tomcat Snoop Servlet Remote Information Disclosure
21466| [376] Apache Tomcat contextAdmin Arbitrary File Access
21467| [342] Apache HTTP Server for Windows Multiple Forward Slash Directory Listing
21468| [222] Apache HTTP Server test-cgi Arbitrary File Access
21469| [143] Apache HTTP Server printenv.pl Multiple Method CGI XSS
21470| [48] Apache HTTP Server on Debian /usr/doc Directory Information Disclosure
21471|_
214728008/tcp open http
21473| fingerprint-strings:
21474| FourOhFourRequest:
21475| HTTP/1.1 302 Found
21476| Location: https://:8010/nice%20ports%2C/Tri%6Eity.txt%2ebak
21477| Connection: close
21478| X-Frame-Options: SAMEORIGIN
21479| X-XSS-Protection: 1; mode=block
21480| X-Content-Type-Options: nosniff
21481| Content-Security-Policy: frame-ancestors
21482| GenericLines, HTTPOptions, RTSPRequest, SIPOptions:
21483| HTTP/1.1 302 Found
21484| Location: https://:8010
21485| Connection: close
21486| X-Frame-Options: SAMEORIGIN
21487| X-XSS-Protection: 1; mode=block
21488| X-Content-Type-Options: nosniff
21489| Content-Security-Policy: frame-ancestors
21490| GetRequest:
21491| HTTP/1.1 302 Found
21492| Location: https://:8010/
21493| Connection: close
21494| X-Frame-Options: SAMEORIGIN
21495| X-XSS-Protection: 1; mode=block
21496| X-Content-Type-Options: nosniff
21497|_ Content-Security-Policy: frame-ancestors
21498|_https-redirect: ERROR: Script execution failed (use -d to debug)
214991 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
21500SF-Port8008-TCP:V=7.80%I=7%D=3/19%Time=5E734D98%P=x86_64-pc-linux-gnu%r(Ge
21501SF:tRequest,CC,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20https://:8010/\r
21502SF:\nConnection:\x20close\r\nX-Frame-Options:\x20SAMEORIGIN\r\nX-XSS-Prote
21503SF:ction:\x201;\x20mode=block\r\nX-Content-Type-Options:\x20nosniff\r\nCon
21504SF:tent-Security-Policy:\x20frame-ancestors\r\n\r\n")%r(FourOhFourRequest,
21505SF:EF,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20https://:8010/nice%20port
21506SF:s%2C/Tri%6Eity\.txt%2ebak\r\nConnection:\x20close\r\nX-Frame-Options:\x
21507SF:20SAMEORIGIN\r\nX-XSS-Protection:\x201;\x20mode=block\r\nX-Content-Type
21508SF:-Options:\x20nosniff\r\nContent-Security-Policy:\x20frame-ancestors\r\n
21509SF:\r\n")%r(GenericLines,CB,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20htt
21510SF:ps://:8010\r\nConnection:\x20close\r\nX-Frame-Options:\x20SAMEORIGIN\r\
21511SF:nX-XSS-Protection:\x201;\x20mode=block\r\nX-Content-Type-Options:\x20no
21512SF:sniff\r\nContent-Security-Policy:\x20frame-ancestors\r\n\r\n")%r(HTTPOp
21513SF:tions,CB,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20https://:8010\r\nCo
21514SF:nnection:\x20close\r\nX-Frame-Options:\x20SAMEORIGIN\r\nX-XSS-Protectio
21515SF:n:\x201;\x20mode=block\r\nX-Content-Type-Options:\x20nosniff\r\nContent
21516SF:-Security-Policy:\x20frame-ancestors\r\n\r\n")%r(RTSPRequest,CB,"HTTP/1
21517SF:\.1\x20302\x20Found\r\nLocation:\x20https://:8010\r\nConnection:\x20clo
21518SF:se\r\nX-Frame-Options:\x20SAMEORIGIN\r\nX-XSS-Protection:\x201;\x20mode
21519SF:=block\r\nX-Content-Type-Options:\x20nosniff\r\nContent-Security-Policy
21520SF::\x20frame-ancestors\r\n\r\n")%r(SIPOptions,CB,"HTTP/1\.1\x20302\x20Fou
21521SF:nd\r\nLocation:\x20https://:8010\r\nConnection:\x20close\r\nX-Frame-Opt
21522SF:ions:\x20SAMEORIGIN\r\nX-XSS-Protection:\x201;\x20mode=block\r\nX-Conte
21523SF:nt-Type-Options:\x20nosniff\r\nContent-Security-Policy:\x20frame-ancest
21524SF:ors\r\n\r\n");
21525Service Info: Host: localhost.localdomain
21526##################################################################################################################################
21527 Anonymous JTSEC #OpChili Full Recon #71